Re: [RFCv2 06/13] x86/realmode: Share trampoline area if KVM memory protection enabled
From: Dave Hansen <hidden>
Date: 2021-04-19 16:49:21
Also in:
kvm, lkml
From: Dave Hansen <hidden>
Date: 2021-04-19 16:49:21
Also in:
kvm, lkml
On 4/16/21 8:40 AM, Kirill A. Shutemov wrote:
/* - * If SME is active, the trampoline area will need to be in - * decrypted memory in order to bring up other processors + * If SME or KVM memory protection is active, the trampoline area will + * need to be in decrypted memory in order to bring up other processors * successfully. This is not needed for SEV. */ - if (sme_active()) + if (sme_active() || kvm_mem_protected()) set_memory_decrypted((unsigned long)base, size >> PAGE_SHIFT);
Could you take a look at all the places you've added these: if (foo() || kvm_mem_protected()) bar(); spots and see if some refactoring is in order? I suspect that some thought about what the high-level commonalities are, plus some thoughtful helper function names would go a long way to making this whole thing understandable. set_memory_decrypted() as a name needs to go. It almost needs to be something like: set_memory_sharing() or something. The "sharing" would be between the kernel and devices (for SME), or the guest kernel and host kernel for protected memory.