[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <c5a08366-ddc2-a26f-fffa-c2b0ac4e45b4@intel.com>
Date: Tue, 10 Jan 2023 16:30:46 -0800
From: Dave Hansen <dave.hansen@...el.com>
To: "Huang, Kai" <kai.huang@...el.com>,
"kvm@...r.kernel.org" <kvm@...r.kernel.org>,
"linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>
Cc: "Luck, Tony" <tony.luck@...el.com>,
"bagasdotme@...il.com" <bagasdotme@...il.com>,
"ak@...ux.intel.com" <ak@...ux.intel.com>,
"Wysocki, Rafael J" <rafael.j.wysocki@...el.com>,
"kirill.shutemov@...ux.intel.com" <kirill.shutemov@...ux.intel.com>,
"Christopherson,, Sean" <seanjc@...gle.com>,
"Chatre, Reinette" <reinette.chatre@...el.com>,
"pbonzini@...hat.com" <pbonzini@...hat.com>,
"linux-mm@...ck.org" <linux-mm@...ck.org>,
"Yamahata, Isaku" <isaku.yamahata@...el.com>,
"tglx@...utronix.de" <tglx@...utronix.de>,
"Shahar, Sagi" <sagis@...gle.com>,
"imammedo@...hat.com" <imammedo@...hat.com>,
"Gao, Chao" <chao.gao@...el.com>,
"Brown, Len" <len.brown@...el.com>,
"peterz@...radead.org" <peterz@...radead.org>,
"sathyanarayanan.kuppuswamy@...ux.intel.com"
<sathyanarayanan.kuppuswamy@...ux.intel.com>,
"Huang, Ying" <ying.huang@...el.com>,
"Williams, Dan J" <dan.j.williams@...el.com>
Subject: Re: [PATCH v8 15/16] x86/virt/tdx: Flush cache in kexec() when TDX is
enabled
On 1/10/23 16:13, Huang, Kai wrote:
> On Tue, 2023-01-10 at 07:27 -0800, Dave Hansen wrote:
...
>> Think about it this way: kexec() is modifying persistent (across kexec)
>> state to get the system ready for the new kernel. The caches are
>> persistent state. Devices have persistent state. Memory state persists
>> across kexec(). The memory integrity metadata persists.
>>
>> What persistent state does a conversion to KeyID-0 affect? It resets
>> the integrity metadata and the memory contents.
>>
>> Kexec leaves memory contents in place and doesn't zero them, so memory
>> contents don't matter. The integrity metadata also doesn't matter
>> because the memory will be used as KeyID-0 and that KeyID doesn't read
>> the integrity metadata.
>
> Right. So I guess we just need to call out the new kernel will use memory as
> KeyID-0?
Not even that.
Say the new kernel wanted to use the memory as KeyID-3. What would it
do? It would *ASSUME* that the memory *WASN'T* KeyID-3. It would
convert it to KeyID-3. That conversion would work from *any* KeyID.
So:
KeyID-0: OK, because it has no integrity enforcement
KeyID-1: OK, new kernel will convert the page
KeyID-2: OK, new kernel will convert the page
...
KeyID-$MAX: OK, new kernel will convert the page
So, "OK" everywhere. Nothing to do... anywhere.
Either I'm totally missing how this works, or you're desperately trying
to make this more complicated than it is.
Powered by blists - more mailing lists