Re: [PATCH v2 3/3] x86/boot: Implement early memory acceptance for SEV-SNP

[Kirill A. Shutemov]

On Mon, Apr 07, 2025 at 07:45:59PM +0200, Ard Biesheuvel wrote:
> On Mon, 7 Apr 2025 at 19:33, Kirill A. Shutemov <kirill@xxxxxxxxxxxxx> wrote:
> >
> > On Mon, Apr 07, 2025 at 07:21:17PM +0200, Ard Biesheuvel wrote:
> > > On Mon, 7 Apr 2025 at 18:44, Ingo Molnar <mingo@xxxxxxxxxx> wrote:
> > > >
> > > >
> > > > * Kirill A. Shutemov <kirill.shutemov@xxxxxxxxxxxxxxx> wrote:
> > > >
> > > > > On Fri, Apr 04, 2025 at 08:07:03AM -0700, Dionna Amalie Glaze wrote:
> > > > > > If the GHCB is available, we should always prefer it.
> > > > >
> > > > > I believe we should consider the cost of code duplication in this
> > > > > situation.
> > > > >
> > > > > If the non-early version is only used in the kexec path, it will not be
> > > > > tested as frequently and could be more easily broken. I think it would be
> > > > > acceptable for kexec to be slightly slower if it results in more
> > > > > maintainable code.
> > > >
> > > > Absolutely so.
> > > >
> > >
> > > It would be nice if someone could quantify 'slightly slower' - I am
> > > leaning to the same conclusion but I have no clue what the actual
> > > performance impact is.
> >
> > If we can survive the performance of the initial boot, we can live with it
> > for kexec.
> >
> 
> The initial boot does not occur via the decompressor, but via the EFI
> stub, where memory acceptance is handled by the firmware (as it
> should).

I wounder what protocol BIOS uses.

> Given that the traditional decompressor carves out an allocation from
> the raw E820 map without using any of the higher level APIs, it has to
> accept the memory itself if it is marked as unaccepted in the table.
> 
> Perhaps the decompressor should try to avoid unaccepted memory?

It limits KASLR. I would rather wait more on kexec.

-- 
  Kiryl Shutsemau / Kirill A. Shutemov