From: Dave Hansen <dave.hansen@intel.com>
To: Kai Huang <kai.huang@intel.com>,
linux-kernel@vger.kernel.org, kvm@vger.kernel.org
Cc: x86@kernel.org, kirill.shutemov@linux.intel.com,
peterz@infradead.org, tony.luck@intel.com, tglx@linutronix.de,
bp@alien8.de, mingo@redhat.com, hpa@zytor.com, seanjc@google.com,
pbonzini@redhat.com, rafael@kernel.org, david@redhat.com,
dan.j.williams@intel.com, len.brown@intel.com,
ak@linux.intel.com, isaku.yamahata@intel.com,
ying.huang@intel.com, chao.gao@intel.com,
sathyanarayanan.kuppuswamy@linux.intel.com, nik.borisov@suse.com,
bagasdotme@gmail.com, sagis@google.com, imammedo@redhat.com
Subject: Re: [PATCH v15 22/23] x86/mce: Improve error log of kernel space TDX #MC due to erratum
Date: Fri, 1 Dec 2023 12:35:53 -0800 [thread overview]
Message-ID: <b3b265f9-48fa-4574-a925-cbdaaa44a689@intel.com> (raw)
In-Reply-To: <9e80873fac878aa5d697cbcd4d456d01e1009d1f.1699527082.git.kai.huang@intel.com>
On 11/9/23 03:55, Kai Huang wrote:
> +static bool is_pamt_page(unsigned long phys)
> +{
> + struct tdmr_info_list *tdmr_list = &tdx_tdmr_list;
> + int i;
> +
> + /*
> + * This function is called from #MC handler, and theoretically
> + * it could run in parallel with the TDX module initialization
> + * on other logical cpus. But it's not OK to hold mutex here
> + * so just blindly check module status to make sure PAMTs/TDMRs
> + * are stable to access.
> + *
> + * This may return inaccurate result in rare cases, e.g., when
> + * #MC happens on a PAMT page during module initialization, but
> + * this is fine as #MC handler doesn't need a 100% accurate
> + * result.
> + */
It doesn't need perfect accuracy. But how do we know it's not going to
go, for instance, chase a bad pointer?
> + if (tdx_module_status != TDX_MODULE_INITIALIZED)
> + return false;
As an example, what prevents this CPU from observing
tdx_module_status==TDX_MODULE_INITIALIZED while the PAMT structure is
being assembled?
> + for (i = 0; i < tdmr_list->nr_consumed_tdmrs; i++) {
> + unsigned long base, size;
> +
> + tdmr_get_pamt(tdmr_entry(tdmr_list, i), &base, &size);
> +
> + if (phys >= base && phys < (base + size))
> + return true;
> + }
> +
> + return false;
> +}
> +
> +/*
> + * Return whether the memory page at the given physical address is TDX
> + * private memory or not. Called from #MC handler do_machine_check().
> + *
> + * Note this function may not return an accurate result in rare cases.
> + * This is fine as the #MC handler doesn't need a 100% accurate result,
> + * because it cannot distinguish #MC between software bug and real
> + * hardware error anyway.
> + */
> +bool tdx_is_private_mem(unsigned long phys)
> +{
> + struct tdx_module_args args = {
> + .rcx = phys & PAGE_MASK,
> + };
> + u64 sret;
> +
> + if (!platform_tdx_enabled())
> + return false;
> +
> + /* Get page type from the TDX module */
> + sret = __seamcall_ret(TDH_PHYMEM_PAGE_RDMD, &args);
> + /*
> + * Handle the case that CPU isn't in VMX operation.
> + *
> + * KVM guarantees no VM is running (thus no TDX guest)
> + * when there's any online CPU isn't in VMX operation.
> + * This means there will be no TDX guest private memory
> + * and Secure-EPT pages. However the TDX module may have
> + * been initialized and the memory page could be PAMT.
> + */
> + if (sret == TDX_SEAMCALL_UD)
> + return is_pamt_page(phys);
Either this is comment is wonky or the module initialization is buggy.
config_global_keyid() goes and does SEAMCALLs on all CPUs. There are
zero checks or special handling in there for whether the CPU has done
VMXON. So, by the time we've started initializing the TDX module
(including the PAMT), all online CPUs must be able to do SEAMCALLs. Right?
So how can we have a working PAMT here when this CPU can't do SEAMCALLs?
I don't think we should even bother with this complexity. I think we
can just fix the whole thing by saying that unless you can make a
non-init SEAMCALL, we just assume the memory can't be private.
The transition to being able to make non-init SEAMCALLs is also #MC safe
*and* it's at a point when the tdmr_list is stable.
Can anyone shoot any holes in that? :)
next prev parent reply other threads:[~2023-12-01 20:35 UTC|newest]
Thread overview: 70+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-11-09 11:55 [PATCH v15 00/23] TDX host kernel support Kai Huang
2023-11-09 11:55 ` [PATCH v15 01/23] x86/virt/tdx: Detect TDX during kernel boot Kai Huang
2023-11-09 11:55 ` [PATCH v15 02/23] x86/tdx: Define TDX supported page sizes as macros Kai Huang
2023-11-09 11:55 ` [PATCH v15 03/23] x86/virt/tdx: Make INTEL_TDX_HOST depend on X86_X2APIC Kai Huang
2023-11-09 11:55 ` [PATCH v15 04/23] x86/cpu: Detect TDX partial write machine check erratum Kai Huang
2023-11-09 11:55 ` [PATCH v15 05/23] x86/virt/tdx: Handle SEAMCALL no entropy error in common code Kai Huang
2023-11-09 16:38 ` Dave Hansen
2023-11-14 19:24 ` Isaku Yamahata
2023-11-15 10:41 ` Huang, Kai
2023-11-15 19:26 ` Isaku Yamahata
2023-11-09 11:55 ` [PATCH v15 06/23] x86/virt/tdx: Add SEAMCALL error printing for module initialization Kai Huang
2023-11-09 11:55 ` [PATCH v15 07/23] x86/virt/tdx: Add skeleton to enable TDX on demand Kai Huang
2023-11-09 11:55 ` [PATCH v15 08/23] x86/virt/tdx: Use all system memory when initializing TDX module as TDX memory Kai Huang
2024-12-05 7:57 ` Mike Rapoport
2024-12-05 9:06 ` Nikolay Borisov
2024-12-05 12:25 ` Huang, Kai
2024-12-05 16:30 ` Mike Rapoport
2023-11-09 11:55 ` [PATCH v15 09/23] x86/virt/tdx: Get module global metadata for module initialization Kai Huang
2023-11-09 23:29 ` Dave Hansen
2023-11-10 2:23 ` Huang, Kai
2023-11-15 19:35 ` Isaku Yamahata
2023-11-16 3:19 ` Huang, Kai
2023-11-09 11:55 ` [PATCH v15 10/23] x86/virt/tdx: Add placeholder to construct TDMRs to cover all TDX memory regions Kai Huang
2023-11-09 11:55 ` [PATCH v15 11/23] x86/virt/tdx: Fill out " Kai Huang
2023-11-09 11:55 ` [PATCH v15 12/23] x86/virt/tdx: Allocate and set up PAMTs for TDMRs Kai Huang
2023-11-09 11:55 ` [PATCH v15 13/23] x86/virt/tdx: Designate reserved areas for all TDMRs Kai Huang
2023-11-09 11:55 ` [PATCH v15 14/23] x86/virt/tdx: Configure TDX module with the TDMRs and global KeyID Kai Huang
2023-11-09 11:55 ` [PATCH v15 15/23] x86/virt/tdx: Configure global KeyID on all packages Kai Huang
2023-11-09 11:55 ` [PATCH v15 16/23] x86/virt/tdx: Initialize all TDMRs Kai Huang
2023-11-09 11:55 ` [PATCH v15 17/23] x86/kexec: Flush cache of TDX private memory Kai Huang
2023-11-27 18:13 ` Dave Hansen
2023-11-27 19:33 ` Huang, Kai
2023-11-27 20:02 ` Huang, Kai
2023-11-27 20:05 ` Dave Hansen
2023-11-27 20:52 ` Huang, Kai
2023-11-27 21:06 ` Dave Hansen
2023-11-27 22:09 ` Huang, Kai
2023-11-09 11:55 ` [PATCH v15 18/23] x86/virt/tdx: Keep TDMRs when module initialization is successful Kai Huang
2023-11-09 11:55 ` [PATCH v15 19/23] x86/virt/tdx: Improve readability of module initialization error handling Kai Huang
2023-11-09 11:55 ` [PATCH v15 20/23] x86/kexec(): Reset TDX private memory on platforms with TDX erratum Kai Huang
2023-11-09 11:55 ` [PATCH v15 21/23] x86/virt/tdx: Handle TDX interaction with ACPI S3 and deeper states Kai Huang
2023-11-30 17:20 ` Dave Hansen
2023-11-09 11:55 ` [PATCH v15 22/23] x86/mce: Improve error log of kernel space TDX #MC due to erratum Kai Huang
2023-11-30 18:01 ` Tony Luck
2023-12-01 20:35 ` Dave Hansen [this message]
2023-12-03 11:44 ` Huang, Kai
2023-12-04 17:07 ` Dave Hansen
2023-12-04 21:00 ` Huang, Kai
2023-12-04 22:04 ` Dave Hansen
2023-12-04 23:24 ` Huang, Kai
2023-12-04 23:39 ` Dave Hansen
2023-12-04 23:56 ` Huang, Kai
2023-12-05 2:04 ` Sean Christopherson
2023-12-05 16:36 ` Dave Hansen
2023-12-05 16:53 ` Sean Christopherson
2023-12-05 16:36 ` Luck, Tony
2023-12-05 16:57 ` Sean Christopherson
2023-12-04 23:41 ` Huang, Kai
2023-12-05 14:25 ` Borislav Petkov
2023-12-05 19:41 ` Huang, Kai
2023-12-05 19:56 ` Borislav Petkov
2023-12-05 20:08 ` Huang, Kai
2023-12-05 20:29 ` Borislav Petkov
2023-12-05 20:33 ` Huang, Kai
2023-12-05 20:41 ` Borislav Petkov
2023-12-05 20:49 ` Dave Hansen
2023-12-05 20:58 ` Huang, Kai
2023-11-09 11:56 ` [PATCH v15 23/23] Documentation/x86: Add documentation for TDX host support Kai Huang
2023-11-13 8:40 ` [PATCH v15 00/23] TDX host kernel support Nikolay Borisov
2023-11-13 9:11 ` Huang, Kai
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=b3b265f9-48fa-4574-a925-cbdaaa44a689@intel.com \
--to=dave.hansen@intel.com \
--cc=ak@linux.intel.com \
--cc=bagasdotme@gmail.com \
--cc=bp@alien8.de \
--cc=chao.gao@intel.com \
--cc=dan.j.williams@intel.com \
--cc=david@redhat.com \
--cc=hpa@zytor.com \
--cc=imammedo@redhat.com \
--cc=isaku.yamahata@intel.com \
--cc=kai.huang@intel.com \
--cc=kirill.shutemov@linux.intel.com \
--cc=kvm@vger.kernel.org \
--cc=len.brown@intel.com \
--cc=linux-kernel@vger.kernel.org \
--cc=mingo@redhat.com \
--cc=nik.borisov@suse.com \
--cc=pbonzini@redhat.com \
--cc=peterz@infradead.org \
--cc=rafael@kernel.org \
--cc=sagis@google.com \
--cc=sathyanarayanan.kuppuswamy@linux.intel.com \
--cc=seanjc@google.com \
--cc=tglx@linutronix.de \
--cc=tony.luck@intel.com \
--cc=x86@kernel.org \
--cc=ying.huang@intel.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox