Re: [Part1 PATCH v6 16/17] X86/KVM: Decrypt shared per-cpu variables when SEV is active

[Brijesh Singh]

On 10/17/17 8:35 AM, Borislav Petkov wrote:
...

>> The second call is for UP cases. The kvm_smp_prepapre_boot_cpu() is
>> called only when CONFIG_SMP is enabled. Am I missing something ?
> Yes, you are.
>
> kvm_guest_init() gets called unconditionally from setup_arch(). But then
> you said kvm_guest_init() is called before setup_per_cpu_areas() so why
> do you need that call there at all? percpu areas are not ready yet, what
> makes them ready in the UP case?


I believe in the case of UP, the setup_per_cpu_areas() does not do
anything special for the static per-cpu variables hence its fine to
access them. If we look at kvm_guest_init() then it directly jumps to
kvm_guest_cpu_init() in UP case. But in the case of CONFIG_SMP the
kvm_guest_cpu_init() is called from the kvm_smp_prepare_boot_cpu().


> IOW, this sev_map_percpu_data() needs to happen only once, during boot.
> So call it only once by finding the right spot and not by adding a
> second call for the UP case.
>
> AFAICT, it looks the easiest if you put it in kvm_guest_cpu_init() and
> do something like:
>
> 	if (smp_processor_id() == boot_cpu_data.cpu_index)
> 		sev_map_percpu_data();
>
> ...
>

OK, this goes back to your initial feedback during RFC v3 where I tried
to do similar thing. But since sev_map_percpu_data() uses __init
functions hence we need to mark the kvm_guest_cpu_init() as __ref but
you didn't like the idea and asked me to call the sev_map_percpu_data
from kvm_smp_prepare_boot_cpu() which is already __init.


Â