On 7/29/2021 10:09 PM, Dave Hansen wrote:
On 7/29/21 6:01 AM, Tianyu Lan wrote:
On 7/29/2021 1:06 AM, Dave Hansen wrote:
On 7/28/21 7:52 AM, Tianyu Lan wrote:
@@ -1986,7 +1988,9 @@ static int __set_memory_enc_dec(unsigned long
addr, int numpages, bool enc)
int ret;
/* Nothing to do if memory encryption is not active */
- if (!mem_encrypt_active())
+ if (hv_is_isolation_supported())
+ return hv_set_mem_enc(addr, numpages, enc);
+ else if (!mem_encrypt_active())
return 0;
One more thing. If you're going to be patching generic code, please
start using feature checks that can get optimized away at runtime.
hv_is_isolation_supported() doesn't look like the world's cheapest
check. It can't be inlined and costs at least a function call.
Yes, you are right. How about adding a static branch key for the check
of isolation VM? This may reduce the check cost.
I don't think you need a static key.
There are basically three choices:
1. Use an existing X86_FEATURE bit. I think there's already one for
when you are running under a hypervisor. It's not super precise,
but it's better than what you have.
2. Define a new X86_FEATURE bit for when you are running under
Hyper-V.
3. Define a new X86_FEATURE bit specifically for Hyper-V isolation VM
support. This particular feature might be a little uncommon to
deserve its own bit.
I'd probably just do #2.
There is x86_hyper_type to identify hypervisor type and we may check
this variable after checking X86_FEATURE_HYPERVISOR.
static inline bool hv_is_isolation_supported(void)
{
if (!cpu_feature_enabled(X86_FEATURE_HYPERVISOR))
return 0;
if (x86_hyper_type != X86_HYPER_MS_HYPERV)
return 0;
// out of line function call:
return __hv_is_isolation_supported();
}