Hi,
On 6/20/23 12:23 PM, Dexuan Cui wrote:
>> From: Sathyanarayanan Kuppuswamy
>> Sent: Tuesday, June 20, 2023 11:31 AM
>>> ...
>>> -static bool tdx_enc_status_changed(unsigned long vaddr, int numpages,
>> bool enc)
>>> +static bool tdx_map_gpa(phys_addr_t start, phys_addr_t end, bool enc)
>>> {
>>> - phys_addr_t start = __pa(vaddr);
>>> - phys_addr_t end = __pa(vaddr + numpages * PAGE_SIZE);
>>> + const int max_retries_per_page = 3;
>>
>> Add some details about why you chose 3? Maybe you can also use macro for it.
>
> It's a small number recommended by Kirill:
> https://lwn.net/ml/linux-kernel/20221208194800.n27ak4xj6pmyny46@xxxxxxxxxxxxxxxxx/
>
> The spec doesn't define a max retry count. Normally I guess a max retry count
> of 2 should be enough, at least for Hyper-V according to my testing.
>
> Maybe we can add a comment like this:
>
> /* Retrying the hypercall a second time should succeed; use 3 just in case. */
>
> Does this look good to all?
Looks fine to me.
>
>>> + struct tdx_hypercall_args args;
>>> + u64 map_fail_paddr, ret;
>>> + int retry_count = 0;
>>>
>>> if (!enc) {
>>> /* Set the shared (decrypted) bits: */
>>> @@ -718,12 +720,49 @@ static bool tdx_enc_status_changed(unsigned long
>> vaddr, int numpages, bool enc)
>>> end |= cc_mkdec(0);
>>> }
>>>
>>> - /*
>>> - * Notify the VMM about page mapping conversion. More info about ABI
>>> - * can be found in TDX Guest-Host-Communication Interface (GHCI),
>>> - * section "TDG.VP.VMCALL<MapGPA>"
>>> - */
>>> - if (_tdx_hypercall(TDVMCALL_MAP_GPA, start, end - start, 0, 0))
>>> + while (retry_count < max_retries_per_page) {
>>> + memset(&args, 0, sizeof(args));
>>> + args.r10 = TDX_HYPERCALL_STANDARD;
>>> + args.r11 = TDVMCALL_MAP_GPA;
>>> + args.r12 = start;
>>> + args.r13 = end - start;
>>> +
>>> + ret = __tdx_hypercall_ret(&args);
>>> + if (ret != TDVMCALL_STATUS_RETRY)
>>> + return !ret;
>>> + /*
>>> + * The guest must retry the operation for the pages in the
>>> + * region starting at the GPA specified in R11. R11 comes
>>> + * from the untrusted VMM. Sanity check it.
>>> + */
>>> + map_fail_paddr = args.r11;
>>
>> Do you really need map_fail_paddr? Why not directly use args.r11?
>>
>>> + if (map_fail_paddr < start || map_fail_paddr >= end)
>>> + return false;
>
> Originally, I used r11.
>
> Dave says " 'r11' needs a real, logical name":
> https://lwn.net/ml/linux-kernel/6bb65614-d420-49d3-312f-316dc8ca4cc4@xxxxxxxxx/
Got it.
Reviewed-by: Kuppuswamy Sathyanarayanan <sathyanarayanan.kuppuswamy@xxxxxxxxxxxxxxx>
--
Sathyanarayanan Kuppuswamy
Linux Kernel Developer
