On 4/29/22 07:30, Sean Christopherson wrote:
> On Fri, Apr 29, 2022, Dave Hansen wrote:
...
>> A *good* way (although not foolproof) is to launch a TDX VM early
>> in boot before memory gets fragmented or consumed. You might even
>> want to recommend this in the documentation.
>
> What about providing a kernel param to tell the kernel to do the
> allocation during boot?
I think that's where we'll end up eventually. But, I also want to defer
that discussion until after we have something merged.
Right now, allocating the PAMTs precisely requires running the TDX
module. Running the TDX module requires VMXON. VMXON is only done by
KVM. KVM isn't necessarily there during boot. So, it's hard to do
precisely today without a bunch of mucking with VMX.
But, it would be really easy to do something less precise like:
tdx_reserve_ratio=255
...
u8 *pamt_reserve[MAX_NR_NODES]
for_each_online_node(n) {
pamt_pages = (node_spanned_pages(n)/tdx_reserve_ratio) /
PAGE_SIZE;
pamt_reserve[n] = alloc_bootmem([pamt_pages);
}
Then have the TDX code use pamt_reserve[] instead of allocating more
memory when it is needed later.
That will work just fine as long as you know up front how much metadata
TDX needs. If the metadata requirements change in an updated TDX
module, the command-line will need to be updated to regain the
guarantee. But, it can still fall back to the best-effort code that is
in the series today.
In other words, I think we want what is in the series today no matter
what, and we'll want it forever. That's why it's the *one* way of doing
things now. I entirely agree that there will be TDX users that want a
stronger guarantee.
You can arm-wrestle the distro folks who hate adding command-line tweaks
when the time comes. ;)
