Re: [PATCH v15 22/23] x86/mce: Improve error log of kernel space TDX #MC due to erratum

From: Dave Hansen
Date: Mon Dec 04 2023 - 17:05:02 EST

Next message: Chuck Lever: "Re: [PATCH] NFSv4, NFSD: move enum nfs_cb_opnum4 to include/linux/nfs4.h"
Previous message: Yury Norov: "Re: [PATCH 0/4] lib/group_cpus: rework grp_spread_init_one() and make it O(1)"
In reply to: Huang, Kai: "Re: [PATCH v15 22/23] x86/mce: Improve error log of kernel space TDX #MC due to erratum"
Next in thread: Huang, Kai: "Re: [PATCH v15 22/23] x86/mce: Improve error log of kernel space TDX #MC due to erratum"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 12/4/23 13:00, Huang, Kai wrote:
>> tl;dr: I think even looking a #MC on the PAMT after the kvm module is
>> removed is a fool's errand.
> Sorry I wasn't clear enough. KVM actually turns off VMX when it destroys the
> last VM, so the KVM module doesn't need to be removed to turn off VMX. I used
> "KVM can be unloaded" as an example to explain the PAMT can be working when VMX
> is off.

Can't we just fix this by having KVM do an "extra" hardware_enable_all()
before initializing the TDX module? It's not wrong to say that TDX is a
KVM user. If KVm wants 'kvm_usage_count' to go back to 0, it can shut
down the TDX module. Then there's no PAMT to worry about.

The shutdown would be something like:

1. TDX module shutdown
2. Deallocate/Convert PAMT
3. vmxoff

Then, no SEAMCALL failure because of vmxoff can cause a PAMT-induced #MC
to be missed.

Next message: Chuck Lever: "Re: [PATCH] NFSv4, NFSD: move enum nfs_cb_opnum4 to include/linux/nfs4.h"
Previous message: Yury Norov: "Re: [PATCH 0/4] lib/group_cpus: rework grp_spread_init_one() and make it O(1)"
In reply to: Huang, Kai: "Re: [PATCH v15 22/23] x86/mce: Improve error log of kernel space TDX #MC due to erratum"
Next in thread: Huang, Kai: "Re: [PATCH v15 22/23] x86/mce: Improve error log of kernel space TDX #MC due to erratum"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]