From: "Kalra, Ashish" <ashish.kalra@amd.com>
To: Borislav Petkov <bp@alien8.de>,
seanjc@google.com, pbonzini@redhat.com,
dave.hansen@linux.intel.com, tglx@linutronix.de,
mingo@redhat.com, x86@kernel.org
Cc: hpa@zytor.com, peterz@infradead.org,
linux-kernel@vger.kernel.org, kvm@vger.kernel.org,
thomas.lendacky@amd.com, michael.roth@amd.com,
kexec@lists.infradead.org, linux-coco@lists.linux.dev
Subject: Re: [PATCH] x86/sev: Fix host kdump support for SNP
Date: Thu, 29 Aug 2024 09:30:54 -0500 [thread overview]
Message-ID: <3f887fb7-e30e-41f4-8ac1-bd245e707ccc@amd.com> (raw)
In-Reply-To: <87475131-856C-44DC-A27A-84648294F094@alien8.de>
Hello Boris,
On 8/29/2024 3:34 AM, Borislav Petkov wrote:
> On August 27, 2024 10:38:04 PM GMT+02:00, Ashish Kalra <Ashish.Kalra@amd.com> wrote:
>> From: Ashish Kalra <ashish.kalra@amd.com>
>>
>> With active SNP VMs, SNP_SHUTDOWN_EX invoked during panic notifiers causes
>> crashkernel boot failure with the following signature:
> Why would SNP_SHUTDOWN be allowed *at all* if there are active SNP guests and there's potential to lose guest data in the process?!
If SNP_SHUTDOWN is not done, then crashkernel panics during boot as the crashdump attached to the fix/patch here shows, so essentially if SNP_DECOMMISSION followed by SNP_SHUTDOWN is not done then we can't boot crashkernel in case of any active SNP guests (which i will believe is an important requirement for cloud providers).
Additionally, in case of SNP_DECOMMISSION, the firmware marks the ASID of the guest as not runnable and then transitions the SNP guest context page into a Firmware page (so that is one RMP table change) and for SNP_SHUTDOWN_EX, the firmware transitions all pages associated with the IOMMU to the Reclaim state (which then the HV marks as hypervisor pages), these IOMMU pages are the event log, PPR log, and completion wait buffers of the IOMMU.
Aside from the IOMMU pages mentioned above, the firmware will not automatically reclaim or modify any other pages in the RMP table and also does not reset the RMP table.
So essentially all host memory (and guest data) will still be available and saved by crashkernel.
Thanks, Ashish
next prev parent reply other threads:[~2024-08-29 14:31 UTC|newest]
Thread overview: 12+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-08-27 20:38 [PATCH] x86/sev: Fix host kdump support for SNP Ashish Kalra
2024-08-29 8:34 ` Borislav Petkov
2024-08-29 14:30 ` Kalra, Ashish [this message]
2024-08-29 14:40 ` Borislav Petkov
2024-08-29 14:50 ` Sean Christopherson
2024-08-29 15:04 ` Borislav Petkov
2024-08-29 15:16 ` Kalra, Ashish
2024-08-30 21:08 ` Kalra, Ashish
2024-09-03 16:54 ` Borislav Petkov
2024-08-29 15:50 ` kernel test robot
2024-08-31 7:35 ` kernel test robot
2024-09-02 15:05 ` Paolo Bonzini
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=3f887fb7-e30e-41f4-8ac1-bd245e707ccc@amd.com \
--to=ashish.kalra@amd.com \
--cc=bp@alien8.de \
--cc=dave.hansen@linux.intel.com \
--cc=hpa@zytor.com \
--cc=kexec@lists.infradead.org \
--cc=kvm@vger.kernel.org \
--cc=linux-coco@lists.linux.dev \
--cc=linux-kernel@vger.kernel.org \
--cc=michael.roth@amd.com \
--cc=mingo@redhat.com \
--cc=pbonzini@redhat.com \
--cc=peterz@infradead.org \
--cc=seanjc@google.com \
--cc=tglx@linutronix.de \
--cc=thomas.lendacky@amd.com \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox