From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 3241AC433FE for ; Fri, 29 Apr 2022 21:10:28 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 7CE9C6B0071; Fri, 29 Apr 2022 17:10:28 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 757976B0072; Fri, 29 Apr 2022 17:10:28 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 5D1BF6B0073; Fri, 29 Apr 2022 17:10:28 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (relay.hostedemail.com [64.99.140.27]) by kanga.kvack.org (Postfix) with ESMTP id 47BE46B0071 for ; Fri, 29 Apr 2022 17:10:28 -0400 (EDT) Received: from smtpin01.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay11.hostedemail.com (Postfix) with ESMTP id 1B8DD80A71 for ; Fri, 29 Apr 2022 21:10:28 +0000 (UTC) X-FDA: 79411160136.01.3E1AC4C Received: from mga02.intel.com (mga02.intel.com [134.134.136.20]) by imf29.hostedemail.com (Postfix) with ESMTP id AB63212007A for ; Fri, 29 Apr 2022 21:10:23 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1651266627; x=1682802627; h=message-id:date:mime-version:subject:to:cc:references: from:in-reply-to:content-transfer-encoding; bh=pK14W6ipopqDuVXPvk85e/aqlv8QVgXEXadb5wGU3cs=; b=DaMNZp2b3lQjRHpKE6g2eozJrRsuNTWyLkmoo/2x4yT6PRIpfz2bi1ay L58GKpQXEdPSyHvIAOckFi7mHmxnlxVS0PLAi4PTNVsBNknmabRR12V2L 50426HeP7c2j7sKDzIvez3Esj+w8GCtJ5XL726PP9C3I8u4j1hCKvpHYA X+F0HEbphlsw0FoFnYORyBaQR46AxoZEWGivkH2StuUizdxkawvMbQxyf ZEND3VDmldgyIOvneBSZCmvAAcZzxCTcOp99rtsPFq0PvPxSU6b6KI5ki jLXBS7fy2mRyLEcPsiV8Qovey8ne332WzPpBjXVQTgaxAqpd6oyyllxwH g==; X-IronPort-AV: E=McAfee;i="6400,9594,10332"; a="254165412" X-IronPort-AV: E=Sophos;i="5.91,186,1647327600"; d="scan'208";a="254165412" Received: from orsmga008.jf.intel.com ([10.7.209.65]) by orsmga101.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 29 Apr 2022 14:10:25 -0700 X-IronPort-AV: E=Sophos;i="5.91,186,1647327600"; d="scan'208";a="582400427" Received: from jinggu-mobl1.amr.corp.intel.com (HELO [10.212.30.227]) ([10.212.30.227]) by orsmga008-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 29 Apr 2022 14:10:24 -0700 Message-ID: <2bf733e7-49f3-12de-bf9d-73b23286754d@intel.com> Date: Fri, 29 Apr 2022 14:10:41 -0700 MIME-Version: 1.0 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:91.0) Gecko/20100101 Thunderbird/91.7.0 Subject: Re: [RFC] Expose a memory poison detector ioctl to user space. Content-Language: en-US To: Jue Wang Cc: Erdem Aktas , almasrymina@google.com, dave.hansen@linux.intel.com, gthelen@google.com, jiaqiyan@google.com, linux-mm@kvack.org, naoya.horiguchi@nec.com, seanjc@google.com, tony.luck@intel.com References: <20220428161551.722296-1-erdemaktas@google.com> <6f99684f-172c-ccf2-0be3-9aca85451079@intel.com> From: Dave Hansen In-Reply-To: Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit X-Stat-Signature: yt68qzfu4gwhy4w7d8u3a8bfozs4dgy4 Authentication-Results: imf29.hostedemail.com; dkim=pass header.d=intel.com header.s=Intel header.b=DaMNZp2b; spf=none (imf29.hostedemail.com: domain of dave.hansen@intel.com has no SPF policy when checking 134.134.136.20) smtp.mailfrom=dave.hansen@intel.com; dmarc=pass (policy=none) header.from=intel.com X-Rspam-User: X-Rspamd-Server: rspam01 X-Rspamd-Queue-Id: AB63212007A X-HE-Tag: 1651266623-168241 X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: On 4/29/22 12:46, Jue Wang wrote: > Per seanjc@google.com: > TDX doesn't support #MC exception injection, but IRQ "injection" via > posted interrupts is supported. Accesses to machine check MSRs will > #VE, i.e. can be emulated by KVM, so CMCI should work fine for TDX > guests. > > Proactively scanning for memory error should benefit TDX guests > preventing potential host shutdowns. It also need to know to avoid unaccepted memory in TDX guests at *least*. > It seems the current proposed design can cover TDX & SEV-SNP if the > direct mapping to guest private memory is preserved? I wouldn't go that far. The unaccepted TDX guest memory thing is just the obvious one at the moment. There are a whole ton of other guest ballooning mechanisms out there and I'm not sure that all of them are happy to let you touch ballooned-away memory. But, the bigger issue is that those cases had not even been considered. It means that there is a *LOT* of homework needed to seek out and cover all the other weird cases. I also think the proposed ABI -- exposing physical addresses to userspace as a part of the design -- is an utter non-starter.