Re: [PATCH v2 45/58] i386/tdx: Limit the range size for MapGPA

qemu-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH v2 45/58] i386/tdx: Limit the range size for MapGPA

From:	Isaku Yamahata
Subject:	Re: [PATCH v2 45/58] i386/tdx: Limit the range size for MapGPA
Date:	Mon, 21 Aug 2023 15:30:38 -0700

On Fri, Aug 18, 2023 at 05:50:28AM -0400,
Xiaoyao Li <xiaoyao.li@intel.com> wrote:

> From: Isaku Yamahata <isaku.yamahata@intel.com>
> 
> If the range for TDG.VP.VMCALL<MapGPA> is too large, process the limited
> size and return retry error.  It's bad for VMM to take too long time,
> e.g. second order, with blocking vcpu execution.  It results in too many
> missing timer interrupts.

This patch requires the guest side patch. [1]
Unless with large guest memory, it's unlikely to hit the limit with KVM/qemu,
though.

[1] https://lore.kernel.org/all/20230811021246.821-1-decui@microsoft.com/

> 
> Signed-off-by: Isaku Yamahata <isaku.yamahata@intel.com>
> Signed-off-by: Xiaoyao Li <xiaoyao.li@intel.com>
> ---
>  target/i386/kvm/tdx.c | 19 ++++++++++++++++++-
>  1 file changed, 18 insertions(+), 1 deletion(-)
> 
> diff --git a/target/i386/kvm/tdx.c b/target/i386/kvm/tdx.c
> index 0c43c1f7759f..ced55be506d1 100644
> --- a/target/i386/kvm/tdx.c
> +++ b/target/i386/kvm/tdx.c
> @@ -994,12 +994,16 @@ static hwaddr tdx_shared_bit(X86CPU *cpu)
>      return (cpu->phys_bits > 48) ? BIT_ULL(51) : BIT_ULL(47);
>  }
>  
> +/* 64MB at most in one call. What value is appropriate? */
> +#define TDX_MAP_GPA_MAX_LEN     (64 * 1024 * 1024)
> +
>  static void tdx_handle_map_gpa(X86CPU *cpu, struct kvm_tdx_vmcall *vmcall)
>  {
>      hwaddr shared_bit = tdx_shared_bit(cpu);
>      hwaddr gpa = vmcall->in_r12 & ~shared_bit;
>      bool private = !(vmcall->in_r12 & shared_bit);
>      hwaddr size = vmcall->in_r13;
> +    bool retry = false;
>      int ret = 0;
>  
>      vmcall->status_code = TDG_VP_VMCALL_INVALID_OPERAND;
> @@ -1018,12 +1022,25 @@ static void tdx_handle_map_gpa(X86CPU *cpu, struct 
> kvm_tdx_vmcall *vmcall)
>          return;
>      }
>  
> +    if (size > TDX_MAP_GPA_MAX_LEN) {
> +        retry = true;
> +        size = TDX_MAP_GPA_MAX_LEN;
> +    }
> +
>      if (size > 0) {
>          ret = kvm_convert_memory(gpa, size, private);
>      }
>  
>      if (!ret) {
> -        vmcall->status_code = TDG_VP_VMCALL_SUCCESS;
> +        if (retry) {
> +            vmcall->status_code = TDG_VP_VMCALL_RETRY;
> +            vmcall->out_r11 = gpa + size;
> +            if (!private) {
> +                vmcall->out_r11 |= shared_bit;
> +            }
> +        } else {
> +            vmcall->status_code = TDG_VP_VMCALL_SUCCESS;
> +        }
>      }
>  }
>  
> -- 
> 2.34.1
> 
> 

-- 
Isaku Yamahata <isaku.yamahata@linux.intel.com>

[Prev in Thread]

Current Thread

[Next in Thread]

[PATCH v2 41/58] i386/tdx: handle TDG.VP.VMCALL<GetQuote>, (continued)
- [PATCH v2 41/58] i386/tdx: handle TDG.VP.VMCALL<GetQuote>, Xiaoyao Li, 2023/08/18
  - Re: [PATCH v2 41/58] i386/tdx: handle TDG.VP.VMCALL<GetQuote>, Markus Armbruster, 2023/08/22
    - Re: [PATCH v2 41/58] i386/tdx: handle TDG.VP.VMCALL<GetQuote>, Daniel P . Berrangé, 2023/08/22
- [PATCH v2 51/58] i386/tdx: LMCE is not supported for TDX, Xiaoyao Li, 2023/08/18
- [PATCH v2 53/58] hw/i386: add option to forcibly report edge trigger in acpi tables, Xiaoyao Li, 2023/08/18
- [PATCH v2 56/58] i386/tdx: Skip kvm_put_apicbase() for TDs, Xiaoyao Li, 2023/08/18
- [PATCH v2 58/58] docs: Add TDX documentation, Xiaoyao Li, 2023/08/18
- [PATCH v2 57/58] i386/tdx: Don't get/put guest state for TDX VMs, Xiaoyao Li, 2023/08/18
- [PATCH v2 40/58] i386/tdx: handle TDG.VP.VMCALL<SetupEventNotifyInterrupt>, Xiaoyao Li, 2023/08/18
- [PATCH v2 45/58] i386/tdx: Limit the range size for MapGPA, Xiaoyao Li, 2023/08/18
  - Re: [PATCH v2 45/58] i386/tdx: Limit the range size for MapGPA, Isaku Yamahata <=
- [PATCH v2 50/58] i386/tdx: Don't allow system reset for TDX VMs, Xiaoyao Li, 2023/08/18
- [PATCH v2 38/58] i386/tdx: Call KVM_TDX_INIT_VCPU to initialize TDX vcpu, Xiaoyao Li, 2023/08/18
- [PATCH v2 48/58] i386/tdx: Disable SMM for TDX VMs, Xiaoyao Li, 2023/08/18
- [PATCH v2 52/58] hw/i386: add eoi_intercept_unsupported member to X86MachineState, Xiaoyao Li, 2023/08/18
- [PATCH v2 55/58] i386/tdx: Only configure MSR_IA32_UCODE_REV in kvm_init_msrs() for TDs, Xiaoyao Li, 2023/08/18
- [PATCH v2 42/58] i386/tdx: register the fd read callback with the main loop to read the quote data, Xiaoyao Li, 2023/08/18
  - Re: [PATCH v2 42/58] i386/tdx: register the fd read callback with the main loop to read the quote data, Chenyi Qiang, 2023/08/24
- [PATCH v2 54/58] i386/tdx: Don't synchronize guest tsc for TDs, Xiaoyao Li, 2023/08/18
- Message not available
  - Re: [PATCH v2 36/58] memory: Introduce memory_region_init_ram_gmem(), Daniel P . Berrangé, 2023/08/21
- Message not available
  - Re: [PATCH v2 43/58] i386/tdx: setup a timer for the qio channel, Chenyi Qiang, 2023/08/24

Prev by Date: Re: [PATCH v6 00/12] Add VIRTIO sound card
Next by Date: virtio queue numbering and optional queues
Previous by thread: [PATCH v2 45/58] i386/tdx: Limit the range size for MapGPA
Next by thread: [PATCH v2 50/58] i386/tdx: Don't allow system reset for TDX VMs
Index(es):
- Date
- Thread