Joerg Roedel
2020-Jun-23 11:43 UTC
Should SEV-ES #VC use IST? (Re: [PATCH] Allow RDTSC and RDTSCP from userspace)
On Tue, Jun 23, 2020 at 01:14:43PM +0200, Peter Zijlstra wrote:> On Tue, Jun 23, 2020 at 01:11:07PM +0200, Joerg Roedel wrote:> > The v3 patchset implements an unconditional shift of the #VC IST entry > > in the NMI handler, before it can trigger a #VC exception. > > Going by that other thread -- where you said that any memory access can > trigger a #VC, there just isn't such a guarantee.As I wrote in the other mail, this can only happen when SNP gets enabled (which is follow-on work to this) and is handled by a stack recursion check in the #VC handler. The reason I mentioned the #VC-anywhere case is to make it more clear why #VC needs an IST handler. Regards, Joerg
Peter Zijlstra
2020-Jun-23 11:50 UTC
Should SEV-ES #VC use IST? (Re: [PATCH] Allow RDTSC and RDTSCP from userspace)
On Tue, Jun 23, 2020 at 01:43:24PM +0200, Joerg Roedel wrote:> On Tue, Jun 23, 2020 at 01:14:43PM +0200, Peter Zijlstra wrote: > > On Tue, Jun 23, 2020 at 01:11:07PM +0200, Joerg Roedel wrote: > > > > The v3 patchset implements an unconditional shift of the #VC IST entry > > > in the NMI handler, before it can trigger a #VC exception. > > > > Going by that other thread -- where you said that any memory access can > > trigger a #VC, there just isn't such a guarantee. > > As I wrote in the other mail, this can only happen when SNP gets enabled > (which is follow-on work to this) and is handled by a stack recursion > check in the #VC handler. > > The reason I mentioned the #VC-anywhere case is to make it more clear > why #VC needs an IST handler.If SNP is the sole reason #VC needs to be IST, then I'd strongly urge you to only make it IST if/when you try and make SNP happen, not before.
Joerg Roedel
2020-Jun-23 12:12 UTC
Should SEV-ES #VC use IST? (Re: [PATCH] Allow RDTSC and RDTSCP from userspace)
On Tue, Jun 23, 2020 at 01:50:14PM +0200, Peter Zijlstra wrote:> If SNP is the sole reason #VC needs to be IST, then I'd strongly urge > you to only make it IST if/when you try and make SNP happen, not before.It is not the only reason, when ES guests gain debug register support then #VC also needs to be IST, because #DB can be promoted into #VC then, and as #DB is IST for a reason, #VC needs to be too. Besides that, I am not a fan of delegating problems I already see coming to future-Joerg and future-Peter, but if at all possible deal with them now and be safe later. Regards, Joerg