From: sashiko-bot@kernel.org
To: "Ashish Kalra" <Ashish.Kalra@amd.com>
Cc: kvm@vger.kernel.org
Subject: Re: [PATCH v10 6/6] KVM: SEV: Perform RMP optimizations on SNP guest shutdown
Date: Tue, 30 Jun 2026 18:24:19 +0000 [thread overview]
Message-ID: <20260630182421.8C1481F000E9@smtp.kernel.org> (raw)
In-Reply-To: <3a5df8dec32da5c31998bcfa775ca92c80cbc1eb.1782841284.git.ashish.kalra@amd.com>
Thank you for your contribution! Sashiko AI review found 1 potential issue(s) to consider:
- [High] Indefinite deferral of RMP optimizations via mod_delayed_work timer reset.
--
commit 5a78324bed688cb2c4b58d363233a323513bd9b4
Author: Ashish Kalra <ashish.kalra@amd.com>
KVM: SEV: Perform RMP optimizations on SNP guest shutdown
This commit performs RMP optimizations on memory freed by terminating SNP
guests. The scan is deferred so that a single optimization pass can batch
memory from multiple guests terminating in a short period of time.
> diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c
> index 4272293478766..c574849b15878 100644
> --- a/arch/x86/kvm/svm/sev.c
> +++ b/arch/x86/kvm/svm/sev.c
[ ... ]
> @@ -2992,6 +2992,16 @@ void sev_vm_destroy(struct kvm *kvm)
> */
> if (snp_decommission_context(kvm))
> return;
> +
> + /*
> + * Perform RMP optimizations on memory freed by terminating
> + * guests. The scan is deferred, so it normally runs after
> + * sev_gmem_invalidate() has converted this guest's pages back to
> + * shared, and picks them up then. A very large guest whose
> + * conversion has not finished by then is picked up by a later
> + * teardown's scan.
> + */
> + snp_rmpopt_all_physmem();
[Severity: High]
Can an unprivileged user indefinitely defer the RMP optimizations by
repeatedly creating and destroying minimal SNP VMs?
Looking at snp_rmpopt_all_physmem(), it uses mod_delayed_work(), which
cancels any pending timer and pushes the execution timeout back on every
call.
If VMs are destroyed at a frequency higher than the timeout,
the background optimization task might be starved and never execute,
leading to degraded memory access performance.
Would using queue_delayed_work() instead prevent this starvation by
ensuring the timer is not pushed back if the work is already queued?
> } else {
> sev_unbind_asid(kvm, sev->handle);
> }
--
Sashiko AI review · https://sashiko.dev/#/patchset/cover.1782841284.git.ashish.kalra@amd.com?part=6
prev parent reply other threads:[~2026-06-30 18:24 UTC|newest]
Thread overview: 14+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-06-30 18:08 [PATCH v10 0/6] Add RMPOPT support Ashish Kalra
2026-06-30 18:09 ` [PATCH v10 1/6] x86/cpufeatures: Add X86_FEATURE_RMPOPT feature flag Ashish Kalra
2026-06-30 18:10 ` [PATCH v10 2/6] x86/sev: Initialize RMPOPT configuration MSRs Ashish Kalra
2026-06-30 18:11 ` [PATCH v10 3/6] x86/sev: Disable CPU hotplug while SNP is active Ashish Kalra
2026-06-30 18:32 ` sashiko-bot
2026-07-01 9:40 ` Jethro Beekman
2026-07-01 16:39 ` K Prateek Nayak
2026-07-01 21:08 ` Kalra, Ashish
2026-07-01 21:25 ` Kalra, Ashish
2026-06-30 18:11 ` [PATCH v10 4/6] x86/sev: Add support to perform RMP optimizations asynchronously Ashish Kalra
2026-06-30 18:28 ` sashiko-bot
2026-06-30 18:11 ` [PATCH v10 5/6] x86/sev: Add interface to re-enable RMP optimizations Ashish Kalra
2026-06-30 18:12 ` [PATCH v10 6/6] KVM: SEV: Perform RMP optimizations on SNP guest shutdown Ashish Kalra
2026-06-30 18:24 ` sashiko-bot [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20260630182421.8C1481F000E9@smtp.kernel.org \
--to=sashiko-bot@kernel.org \
--cc=Ashish.Kalra@amd.com \
--cc=kvm@vger.kernel.org \
--cc=sashiko-reviews@lists.linux.dev \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.