Re: [PATCH v4 4/4] x86/kvm: use __decrypted attribute in shared variables

[Brijesh Singh]

Hi Sean,


On 09/04/2018 05:32 PM, Sean Christopherson wrote:

...

> >   
> >   	/* Use the static page for the first CPUs, allocate otherwise */
> > -	if (cpu < HVC_BOOT_ARRAY_SIZE)
> > +	if (cpu < HVC_BOOT_ARRAY_SIZE) {
> >   		p = &hv_clock_boot[cpu];
> > -	else
> > -		p = kzalloc(sizeof(*p), GFP_KERNEL);
> > +	} else {
> > +		int rc;
> > +		unsigned int sz = sizeof(*p);
> > +
> > +		if (sev_active())
> > +			sz = PAGE_ALIGN(sz);
>
> Hmm, again we're wasting a fairly sizable amount of memory since each
> CPU is doing a separate 4k allocation.  What if we defined an auxilary
> array in __decrypted to be used for cpus > HVC_BOOT_ARRAY_SIZE when
> SEV is active?  struct pvclock_vsyscall_time_info is 32 bytes so we
> could handle the max of 8192 CPUs with 256kb of data (252kb if you
> subtract the pre-existing 4k page), i.e. the SEV case wouldn't need
> additional memory beyond the 2mb page that's reserved for __decrypted.
> The non-SEV case could do free_kernel_image_pages() on the unused
> array (which would need to be page sized) so it wouldn't waste memory.


Sure, we could use unused memory range from .data..decrypted section
for cpu > HVC_BOOT_ARRAY_SIZE when SEV is active. I will rework the
patch.

-Brijesh