On 11/15/21 12:44 PM, Sean Christopherson wrote:
On Mon, Nov 15, 2021, Brijesh Singh wrote:
On 11/12/21 2:37 PM, Sean Christopherson wrote:
This is the direction KVM TDX support is headed, though it's obviously still a WIP.
Just curious, in this approach, how do you propose handling the host
kexec/kdump? If a kexec/kdump occurs while the VM is still active, the new
kernel will encounter the #PF (RMP violation) because some pages are still
marked 'private' in the RMP table.
There are two basic options: a) eagerly purge the RMP or b) lazily fixup the RMP
on #PF. Either approach can be made to work. I'm not opposed to fixing up the RMP
on #PF in the kexec/kdump case, I'm opposed to blindly updating the RMP on _all_
RMP #PFs, i.e. the kernel should modify the RMP if and only if it knows that doing
so is correct. E.g. a naive lazy-fixup solution would be to track which pages have
been sanitized and adjust the RMP on #PF to a page that hasn't yet been sanitized.
Yap, I think option #a will require the current kernel to iterate
through the entire memory and make it shared before booting the kexec
kernel. It may bring another ask to track the guest private/shared on
the host to minimize the iterations.
thanks