git.kernel.dk Git - linux-block.git/commit

author	Dexuan Cui <decui@microsoft.com>
	Fri, 11 Aug 2023 02:12:45 +0000 (19:12 -0700)
committer	Dave Hansen <dave.hansen@linux.intel.com>
	Mon, 11 Sep 2023 23:19:33 +0000 (16:19 -0700)
commit	019b383d1132e4051de0d2e43254454b86538cf4
tree	59cb291696ed2672a506d4e4a2fc2243ea54feb6	tree \| snapshot
parent	0bb80ecc33a8fb5a682236443c1e740d5c917d1d	commit \| diff

x86/tdx: Retry partially-completed page conversion hypercalls

TDX guest memory is private by default and the VMM may not access it.
However, in cases where the guest needs to share data with the VMM,
the guest and the VMM can coordinate to make memory shared between
them.

The guest side of this protocol includes the "MapGPA" hypercall.  This
call takes a guest physical address range.  The hypercall spec (aka.
the GHCI) says that the MapGPA call is allowed to return partial
progress in mapping this range and indicate that fact with a special
error code.  A guest that sees such partial progress is expected to
retry the operation for the portion of the address range that was not
completed.

Hyper-V does this partial completion dance when set_memory_decrypted()
is called to "decrypt" swiotlb bounce buffers that can be up to 1GB
in size.  It is evidently the only VMM that does this, which is why
nobody noticed this until now.

[ dhansen: rewrite changelog ]

Signed-off-by: Dexuan Cui <decui@microsoft.com>
Signed-off-by: Dave Hansen <dave.hansen@linux.intel.com>
Reviewed-by: Michael Kelley <mikelley@microsoft.com>
Reviewed-by: Kuppuswamy Sathyanarayanan <sathyanarayanan.kuppuswamy@linux.intel.com>
Acked-by: Kirill A. Shutemov <kirill.shutemov@linux.intel.com>
Link: https://lore.kernel.org/all/20230811021246.821-2-decui%40microsoft.com

arch/x86/coco/tdx/tdx.c		diff \| blob \| blame \| history
arch/x86/include/asm/shared/tdx.h		diff \| blob \| blame \| history