[PATCH v13 4/4] virt: sev-guest: self-throttle guest request retries

From: Dionna Glaze
Date: Tue Jan 24 2023 - 16:16:09 EST

Next message: pr-tracker-bot: "Re: [GIT PULL] fourth v6.2-rc request for nfsd"
Previous message: Dionna Glaze: "[PATCH v13 3/4] x86/sev: Change snp_guest_issue_request's fw_err"
In reply to: Dionna Glaze: "[PATCH v13 3/4] x86/sev: Change snp_guest_issue_request's fw_err"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

When throttled, the driver will reschedule itself and then try
again after sleeping half its ratelimit time to avoid a big wait queue.
The ioctl may block indefinitely, but that has always been the case
when deferring these requests to the host.

Cc: Tom Lendacky <Thomas.Lendacky@xxxxxxx>
Cc: Peter Gonda <pgonda@xxxxxxxxxx>
Cc: Borislav Petkov <Borislav.Petkov@xxxxxxx>
Cc: Tom Lendacky <thomas.lendacky@xxxxxxx>
Cc: Liam Merwick <liam.merwick@xxxxxxxxxx>
Cc: Yang Yingliang <yangyingliang@xxxxxxxxxx>
Cc: Haowen Bai <baihaowen@xxxxxxxxx>

Signed-off-by: Dionna Glaze <dionnaglaze@xxxxxxxxxx>
---
drivers/virt/coco/sev-guest/sev-guest.c | 22 ++++++++++++++++++++++
1 file changed, 22 insertions(+)

diff --git a/drivers/virt/coco/sev-guest/sev-guest.c b/drivers/virt/coco/sev-guest/sev-guest.c
index e82f080aa679..af0645f40e95 100644
--- a/drivers/virt/coco/sev-guest/sev-guest.c
+++ b/drivers/virt/coco/sev-guest/sev-guest.c
@@ -14,6 +14,7 @@
#include <linux/io.h>
#include <linux/platform_device.h>
#include <linux/miscdevice.h>
+#include <linux/ratelimit.h>
#include <linux/set_memory.h>
#include <linux/fs.h>
#include <crypto/aead.h>
@@ -48,12 +49,22 @@ struct snp_guest_dev {
struct snp_req_data input;
u32 *os_area_msg_seqno;
u8 *vmpck;
+
+ struct ratelimit_state rs;
};

static u32 vmpck_id;
module_param(vmpck_id, uint, 0444);
MODULE_PARM_DESC(vmpck_id, "The VMPCK ID to use when communicating with the PSP.");

+static int rate_s = 1;
+module_param(rate_s, int, 0444);
+MODULE_PARM_DESC(rate_s, "The rate limit interval in seconds to limit requests to.");
+
+static int rate_burst = 2;
+module_param(rate_burst, int, 0444);
+MODULE_PARM_DESC(rate_burst, "The rate limit burst amount to limit requests to.");
+
/* Mutex to serialize the shared buffer access and command handling. */
static DEFINE_MUTEX(snp_cmd_mutex);

@@ -339,6 +350,15 @@ static int handle_guest_request(struct snp_guest_dev *snp_dev, u64 exit_code,
return rc;

retry:
+ /*
+ * Rate limit commands internally since the host can also throttle, and
+ * the guest shouldn't create a tight request spin that could end up
+ * getting this VM throttled more heavily.
+ */
+ if (!__ratelimit(&snp_dev->rs)) {
+ schedule_timeout_interruptible((rate_s * HZ) / 2);
+ goto retry;
+ }
/*
* Call firmware to process the request. In this function the encrypted
* message enters shared memory with the host. So after this call the
@@ -760,6 +780,8 @@ static int __init sev_guest_probe(struct platform_device *pdev)
if (ret)
goto e_free_cert_data;

+ ratelimit_state_init(&snp_dev->rs, rate_s * HZ, rate_burst);
+
dev_info(dev, "Initialized SEV guest driver (using vmpck_id %d)\n", vmpck_id);
return 0;

--
2.39.1.405.gd4c25cc71f-goog

Next message: pr-tracker-bot: "Re: [GIT PULL] fourth v6.2-rc request for nfsd"
Previous message: Dionna Glaze: "[PATCH v13 3/4] x86/sev: Change snp_guest_issue_request's fw_err"
In reply to: Dionna Glaze: "[PATCH v13 3/4] x86/sev: Change snp_guest_issue_request's fw_err"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]