From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <SRS0=eNaS=NY=kvack.org=owner-linux-mm@kernel.org>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
X-Spam-Level: 
X-Spam-Status: No, score=-13.3 required=3.0 tests=BAYES_00,DKIMWL_WL_MED,
	DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS,
	MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS,USER_IN_DEF_DKIM_WL autolearn=no
	autolearn_force=no version=3.4.0
Received: from mail.kernel.org (mail.kernel.org [198.145.29.99])
	by smtp.lore.kernel.org (Postfix) with ESMTP id 2E9EBC433F5
	for <linux-mm@archiver.kernel.org>; Thu,  2 Sep 2021 18:57:23 +0000 (UTC)
Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17])
	by mail.kernel.org (Postfix) with ESMTP id 9FD06610FB
	for <linux-mm@archiver.kernel.org>; Thu,  2 Sep 2021 18:57:22 +0000 (UTC)
DMARC-Filter: OpenDMARC Filter v1.4.1 mail.kernel.org 9FD06610FB
Authentication-Results: mail.kernel.org; dmarc=fail (p=reject dis=none) header.from=google.com
Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=kvack.org
Received: by kanga.kvack.org (Postfix)
	id 219C86B0071; Thu,  2 Sep 2021 14:57:22 -0400 (EDT)
Received: by kanga.kvack.org (Postfix, from userid 40)
	id 1C8E86B0072; Thu,  2 Sep 2021 14:57:22 -0400 (EDT)
X-Delivered-To: int-list-linux-mm@kvack.org
Received: by kanga.kvack.org (Postfix, from userid 63042)
	id 091296B0073; Thu,  2 Sep 2021 14:57:22 -0400 (EDT)
X-Delivered-To: linux-mm@kvack.org
Received: from forelay.hostedemail.com (smtprelay0215.hostedemail.com [216.40.44.215])
	by kanga.kvack.org (Postfix) with ESMTP id EAA726B0071
	for <linux-mm@kvack.org>; Thu,  2 Sep 2021 14:57:21 -0400 (EDT)
Received: from smtpin33.hostedemail.com (10.5.19.251.rfc1918.com [10.5.19.251])
	by forelay02.hostedemail.com (Postfix) with ESMTP id A7D072BFAD
	for <linux-mm@kvack.org>; Thu,  2 Sep 2021 18:57:21 +0000 (UTC)
X-FDA: 78543541482.33.BF53A31
Received: from mail-pj1-f49.google.com (mail-pj1-f49.google.com [209.85.216.49])
	by imf04.hostedemail.com (Postfix) with ESMTP id 60A4E50000A4
	for <linux-mm@kvack.org>; Thu,  2 Sep 2021 18:57:21 +0000 (UTC)
Received: by mail-pj1-f49.google.com with SMTP id u11-20020a17090adb4b00b00181668a56d6so2183975pjx.5
        for <linux-mm@kvack.org>; Thu, 02 Sep 2021 11:57:21 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=google.com; s=20161025;
        h=date:from:to:cc:subject:message-id:references:mime-version
         :content-disposition:in-reply-to;
        bh=AkmWZUegUhZEVUOACKSTOdlhb7SyRMPHYAHvTBr+eB4=;
        b=TnMNc8uOhY/OYYSg2N6xNC1fGTSR8kviK5K5YEINI0m2O8Z89Wzzv4DeGq+ml4O59E
         u83UPU0GGnBufLgYxSkuLGTn3UTtmtPT9K0vIwbunw3Tc8gAM0PKAX2ULUTDINl0qlJy
         NZDpV7k62Jvgq2wD02XKQRzQvv1P5Am+ACZFpcNxPyA3/KAbxPfgWlzxpUUQAlxNstAj
         uE4c1fjB7NGrzdIdCxfjd9wC/etG/JJxsfLgC8HtDSJ52ZTGSsCL3l6prPfcaSvO4cmd
         le0FM7CWdX2LcaUGSnom+tHFWyq2gValn0fvbZ+Qzl+rjvDJDCVv7dDaJw71C/kiRwYh
         7dNQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:date:from:to:cc:subject:message-id:references
         :mime-version:content-disposition:in-reply-to;
        bh=AkmWZUegUhZEVUOACKSTOdlhb7SyRMPHYAHvTBr+eB4=;
        b=AdiwYVfG9Sh1JQGEO+++fKgCPA6F5jeuHszDpnK4xkhGh6l0l9TmUb0iVcjdRzOep2
         CIuVh02BL45hZiEDPzmOxzKd4awcMhDJMD4PoG9iBqUW70q/6rRgJWJv9k8OYXQ2n30S
         KAqt9d/vFE2Q5tSJf1eflst8g6wd40XwEf0msv7XwhWZKX0DcHAzpYpj1JtGu6WHcq/L
         qFdrywN5nvrtdPsolMVacTj8Qk5aLbiwiElHeM0nH68GrfVJx1qTIydcpEMrrBYVMNaI
         VHAcltytc7h/EZh7klrB6K83BOeeHy/I56A3XZ8usJsYJum0AG7GNmwG9TSsLQtPBFdK
         5syA==
X-Gm-Message-State: AOAM530hiU9HmPrZHIt99oJBLzCBwnd7mQDf7U4HAbyMs/e3YHbq4Ze8
	jXpFBe9hhaz3SVhCKlq0tv7zjA==
X-Google-Smtp-Source: ABdhPJzXIt7ZCXNKLguQN7iCvVvLI+EDT/Q0Dj1HLvNPmMNjO2x3c5nxy/MGerUjagXqZcuhjRVKDQ==
X-Received: by 2002:a17:903:1207:b0:138:e2f9:6c98 with SMTP id l7-20020a170903120700b00138e2f96c98mr4153452plh.11.1630609040137;
        Thu, 02 Sep 2021 11:57:20 -0700 (PDT)
Received: from google.com (157.214.185.35.bc.googleusercontent.com. [35.185.214.157])
        by smtp.gmail.com with ESMTPSA id y14sm3063120pfp.84.2021.09.02.11.57.19
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Thu, 02 Sep 2021 11:57:19 -0700 (PDT)
Date: Thu, 2 Sep 2021 18:57:15 +0000
From: Sean Christopherson <seanjc@google.com>
To: Andy Lutomirski <luto@kernel.org>
Cc: Joerg Roedel <jroedel@suse.de>, Yu Zhang <yu.c.zhang@linux.intel.com>,
	David Hildenbrand <david@redhat.com>,
	Paolo Bonzini <pbonzini@redhat.com>,
	Vitaly Kuznetsov <vkuznets@redhat.com>,
	Wanpeng Li <wanpengli@tencent.com>,
	Jim Mattson <jmattson@google.com>, Joerg Roedel <joro@8bytes.org>,
	kvm list <kvm@vger.kernel.org>,
	Linux Kernel Mailing List <linux-kernel@vger.kernel.org>,
	Borislav Petkov <bp@alien8.de>,
	Andrew Morton <akpm@linux-foundation.org>,
	Andi Kleen <ak@linux.intel.com>,
	David Rientjes <rientjes@google.com>,
	Vlastimil Babka <vbabka@suse.cz>,
	Tom Lendacky <thomas.lendacky@amd.com>,
	Thomas Gleixner <tglx@linutronix.de>,
	"Peter Zijlstra (Intel)" <peterz@infradead.org>,
	Ingo Molnar <mingo@redhat.com>,
	Varad Gautam <varad.gautam@suse.com>,
	Dario Faggioli <dfaggioli@suse.com>,
	the arch/x86 maintainers <x86@kernel.org>, linux-mm@kvack.org,
	linux-coco@lists.linux.dev,
	"Kirill A. Shutemov" <kirill.shutemov@linux.intel.com>,
	"Kirill A . Shutemov" <kirill@shutemov.name>,
	Sathyanarayanan Kuppuswamy <sathyanarayanan.kuppuswamy@linux.intel.com>,
	Dave Hansen <dave.hansen@intel.com>
Subject: Re: [RFC] KVM: mm: fd-based approach for supporting KVM guest
 private memory
Message-ID: <YTEei9RBDHnRfe/B@google.com>
References: <20210824005248.200037-1-seanjc@google.com>
 <307d385a-a263-276f-28eb-4bc8dd287e32@redhat.com>
 <20210827023150.jotwvom7mlsawjh4@linux.intel.com>
 <8f3630ff-bd6d-4d57-8c67-6637ea2c9560@www.fastmail.com>
 <20210901102437.g5wrgezmrjqn3mvy@linux.intel.com>
 <f37a61ba-b7ef-c789-5763-f7f237ae41cc@kernel.org>
 <YTCZAjdci5yx+n6l@suse.de>
 <b10b09b0-d5ea-b72a-106a-4e1b0df4dc66@kernel.org>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <b10b09b0-d5ea-b72a-106a-4e1b0df4dc66@kernel.org>
Authentication-Results: imf04.hostedemail.com;
	dkim=pass header.d=google.com header.s=20161025 header.b=TnMNc8uO;
	spf=pass (imf04.hostedemail.com: domain of seanjc@google.com designates 209.85.216.49 as permitted sender) smtp.mailfrom=seanjc@google.com;
	dmarc=pass (policy=reject) header.from=google.com
X-Stat-Signature: p58ik75fhqh7kx9k6h3y98sywejmx1ub
X-Rspamd-Queue-Id: 60A4E50000A4
X-Rspamd-Server: rspam04
X-HE-Tag: 1630609041-42049
X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4
Sender: owner-linux-mm@kvack.org
Precedence: bulk
X-Loop: owner-majordomo@kvack.org
List-ID: <linux-mm.kvack.org>

On Thu, Sep 02, 2021, Andy Lutomirski wrote:
> On 9/2/21 2:27 AM, Joerg Roedel wrote:
> > On Wed, Sep 01, 2021 at 09:07:59AM -0700, Andy Lutomirski wrote:
> >> In principle, you could actually initialize a TDX guest with all of its
> >> memory shared and all of it mapped in the host IOMMU.
> > 
> > Not sure how this works in TDX, but in SEV code fetches are always
> > treated as encrypted. So this approach would not work with SEV, not to
> > speak about attestation, which will not work with this approach either
> > :)
> > 
> 
> Oof.

TDX is kinda similar.  _All_ accesses are private if paging is disabled because
the shared bit is either bit 48 or bit 51 in the GPA, i.e. can't be reached if
paging is disabled.  The vCPU is hardcoded to start in unpaged protected mode,
so at least some amount of guest memory needs to be private.

I also could've sworn code fetches from shared memory would #VE, but I can't find
anything in the specs that confirm that.  I may be conflating TDX with SGX's #GP
on a code fetch outside of ELRANGE...