On Mon, Aug 23, 2021 at 07:50:22AM -0700, Dave Hansen wrote: > It *has* to be done in KVM, IMNHO. > > The core kernel really doesn't know much about SEV. It *really* doesn't > know when its memory is being exposed to a virtualization architecture > that doesn't know how to split TLBs like every single one before it. > > This essentially *must* be done at the time that the KVM code realizes > that it's being asked to shove a non-splittable page mapping into the > SEV hardware structures. > > The only other alternative is raising a signal from the fault handler > when the page can't be split. That's a *LOT* nastier because it's so > much later in the process. > > It's either that, or figure out a way to split hugetlbfs (and DAX) > mappings in a failsafe way. Yes, I agree with that. KVM needs a check to disallow HugeTLB pages in SEV-SNP guests, at least as a temporary workaround. When HugeTLBfs mappings can be split into smaller pages the check can be removed. Regards, Joerg
