[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [RFC PATCH 00/13] Add support for Mirror VM.
|
From: |
Paolo Bonzini |
|
Subject: |
Re: [RFC PATCH 00/13] Add support for Mirror VM. |
|
Date: |
Wed, 18 Aug 2021 01:20:31 +0200 |
On Tue, Aug 17, 2021 at 10:51 PM Tobin Feldman-Fitzthum
<tobin@linux.ibm.com> wrote:
> This is essentially what we do in our prototype, although we have an
> even simpler approach. We have a 1:1 mapping that maps an address to
> itself with the cbit set. During Migration QEMU asks the migration
> handler to import/export encrypted pages and provides the GPA for said
> page. Since the migration handler only exports/imports encrypted pages,
> we can have the cbit set for every page in our mapping. We can still use
> OVMF functions with these mappings because they are on encrypted pages.
> The MH does need to use a few shared pages (to communicate with QEMU,
> for instance), so we have another mapping without the cbit that is at a
> large offset.
>
> I think this is basically equivalent to what you suggest. As you point
> out above, this approach does require that any page that will be
> exported/imported by the MH is mapped in the guest. Is this a bad
> assumption?
It should work well enough in the common case; and with SNP it looks
like it is a necessary assumption anyway. *shrug*
It would be a bit ugly because QEMU has to constantly convert
ram_addr_t's to guest physical addresses and back. But that's not a
performance problem.
The only important bit is that the encryption status bitmap be indexed
by ram_addr_t. This lets QEMU detect the problem of a ram_addr_t that
is marked encrypted but is not currently mapped, and abort migration.
> The Migration Handler in OVMF is not a contiguous region of memory. The
> MH uses OVMF helper functions that are allocated in various regions of
> runtime memory. I guess I can see how separating the memory of the MH
> and the guest OS could be positive. On the other hand, since the MH is
> in OVMF, it is fundamentally designed to coexist with the guest OS.
IIRC runtime services are not SMP-safe, so the migration helper cannot
coexist with the guest OS without extra care. I checked quickly and
CryptoPkg/Library/BaseCryptLib/SysCall/RuntimeMemAllocation.c does not
use any lock, so it would be bad if both OS-invoked runtime services
and the MH invoked the CryptoPkg malloc at the same time.
Paolo
- Re: [RFC PATCH 00/13] Add support for Mirror VM., (continued)
- Re: [RFC PATCH 00/13] Add support for Mirror VM., Paolo Bonzini, 2021/08/17
- Re: [RFC PATCH 00/13] Add support for Mirror VM., Tobin Feldman-Fitzthum, 2021/08/17
- Re: [RFC PATCH 00/13] Add support for Mirror VM., Steve Rutherford, 2021/08/17
- Re: [RFC PATCH 00/13] Add support for Mirror VM., Tobin Feldman-Fitzthum, 2021/08/18
- Re: [RFC PATCH 00/13] Add support for Mirror VM., Dr. David Alan Gilbert, 2021/08/18
- Re: [RFC PATCH 00/13] Add support for Mirror VM., Tobin Feldman-Fitzthum, 2021/08/18
- Re: [RFC PATCH 00/13] Add support for Mirror VM., Dr. David Alan Gilbert, 2021/08/19
- Re: [RFC PATCH 00/13] Add support for Mirror VM., James Bottomley, 2021/08/19
- Re: [RFC PATCH 00/13] Add support for Mirror VM., Tobin Feldman-Fitzthum, 2021/08/19
- Re: [RFC PATCH 00/13] Add support for Mirror VM.,
Paolo Bonzini <=
- Re: [RFC PATCH 00/13] Add support for Mirror VM., Steve Rutherford, 2021/08/17
- Re: [RFC PATCH 00/13] Add support for Mirror VM., Paolo Bonzini, 2021/08/17
- Re: [RFC PATCH 00/13] Add support for Mirror VM., James Bottomley, 2021/08/17
- Re: [RFC PATCH 00/13] Add support for Mirror VM., Steve Rutherford, 2021/08/17
- Re: [RFC PATCH 00/13] Add support for Mirror VM., James Bottomley, 2021/08/17
- Re: [RFC PATCH 00/13] Add support for Mirror VM., Ashish Kalra, 2021/08/18
- Re: [RFC PATCH 00/13] Add support for Mirror VM., Ashish Kalra, 2021/08/18
Re: [RFC PATCH 00/13] Add support for Mirror VM., Tobin Feldman-Fitzthum, 2021/08/16