From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from mga18.intel.com (mga18.intel.com [134.134.136.126])
 by mx.groups.io with SMTP id smtpd.web08.4678.1630480990690366452
 for <devel@edk2.groups.io>;
 Wed, 01 Sep 2021 00:23:10 -0700
Authentication-Results: mx.groups.io;
 dkim=pass header.i=@intel.onmicrosoft.com header.s=selector2-intel-onmicrosoft-com header.b=NmhVtYTb;
 spf=pass (domain: intel.com, ip: 134.134.136.126, mailfrom: jiaqi.gao@intel.com)
X-IronPort-AV: E=McAfee;i="6200,9189,10093"; a="205790373"
X-IronPort-AV: E=Sophos;i="5.84,368,1620716400"; 
   d="scan'208";a="205790373"
Received: from fmsmga006.fm.intel.com ([10.253.24.20])
  by orsmga106.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 01 Sep 2021 00:23:09 -0700
X-ExtLoop1: 1
X-IronPort-AV: E=Sophos;i="5.84,368,1620716400"; 
   d="scan'208";a="688164219"
Received: from fmsmsx606.amr.corp.intel.com ([10.18.126.86])
  by fmsmga006.fm.intel.com with ESMTP; 01 Sep 2021 00:23:09 -0700
Received: from fmsmsx612.amr.corp.intel.com (10.18.126.92) by
 fmsmsx606.amr.corp.intel.com (10.18.126.86) with Microsoft SMTP Server
 (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
 15.1.2242.12; Wed, 1 Sep 2021 00:23:08 -0700
Received: from FMSEDG603.ED.cps.intel.com (10.1.192.133) by
 fmsmsx612.amr.corp.intel.com (10.18.126.92) with Microsoft SMTP Server
 (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
 15.1.2242.10 via Frontend Transport; Wed, 1 Sep 2021 00:23:08 -0700
Received: from NAM10-BN7-obe.outbound.protection.outlook.com (104.47.70.103)
 by edgegateway.intel.com (192.55.55.68) with Microsoft SMTP Server
 (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
 15.1.2242.10; Wed, 1 Sep 2021 00:23:08 -0700
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none;
 b=Rknt7WABEmaoiuKtnMIE19fnD8c3yxDkkT//TvzZHASRgRxkJnaB94wDdE3pRY6mKAQEowllCl3ReJTwAH8dHGOJbSHr3jTX0sbShoYPQHClIZCbWQNZJfEcZJ4TQVldD2iDjLY6pSlosKkbA1cqtJ0DMn/6HDt9/HcJSPl2Q92BbKIGzGoQSRzHgio5yB64jWcJTroTnGnqspAAPpvR7Qd6GnafwOG995ja/CLNFX9jx4ZI8LpzJOcc5h3QpAk/5abFqtmIWMb2lsoBeInvjpAQxV0kUiYRw7Ho3rWbE5nik0C4CyauFZFNm9aR6YFHxtWRztSC9EyifaYqK5lZ3Q==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;
 s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version;
 bh=1F71YU5/2ubf02D9E2IcxazHQ0BtQw3yvFCulz+6IbI=;
 b=DbcpsHHR8/eGZfOhhoeuRe5XNrGLJUbcudJrLYWHa79iAciQJMDYUjUCrHI+iuCoY87m8jHe2cqRvbYJGit431rxRsrgE6qmNsLaHxUQ8hEAws44EXyCC18H/KKVNYCaMkoSWfoSZobTQ+qUbSE1wTGdKFrE3pd+lBSpo/u0cz4o7JpCd4MVpylmMHC1xe4h9CdYIRZye02SAMtRlF2IFyvQQjCX3C8w1yOVNvjBkvkNrB4n4xlKC4R9IMKqhX4UpCPWtvlysTQwhMlEhqxAzsarfXnTVGn7ol23NNdx7buyWUOCiyBFMZ7feRCl4mQrsEg5029HhKR8ZckD15/Vvw==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass
 smtp.mailfrom=intel.com; dmarc=pass action=none header.from=intel.com;
 dkim=pass header.d=intel.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=intel.onmicrosoft.com;
 s=selector2-intel-onmicrosoft-com;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
 bh=1F71YU5/2ubf02D9E2IcxazHQ0BtQw3yvFCulz+6IbI=;
 b=NmhVtYTb20EhMClTgSGTQPmaM6FYa1RZGqBs641ke2fuFVhn3jPE8inpl67nioyuqHQ2eKNbkqoKYrsC6MF4GAstqrLlSaSaU6zmhfVaxMos9ynV+DR3RleSuagfJEsCYyq9DThkdtGMQhnPyEi9VbzaCIexoJDjITS8SdcG6pU=
Received: from BN9PR11MB5484.namprd11.prod.outlook.com (2603:10b6:408:105::16)
 by BN7PR11MB2610.namprd11.prod.outlook.com (2603:10b6:406:ab::31) with
 Microsoft SMTP Server (version=TLS1_2,
 cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4478.17; Wed, 1 Sep
 2021 07:23:04 +0000
Received: from BN9PR11MB5484.namprd11.prod.outlook.com
 ([fe80::f954:8df:981f:5b77]) by BN9PR11MB5484.namprd11.prod.outlook.com
 ([fe80::f954:8df:981f:5b77%5]) with mapi id 15.20.4457.024; Wed, 1 Sep 2021
 07:23:04 +0000
From: "Gao, Jiaqi" <jiaqi.gao@intel.com>
To: "devel@edk2.groups.io" <devel@edk2.groups.io>, "kraxel@redhat.com"
	<kraxel@redhat.com>
CC: "Wang, Jian J" <jian.j.wang@intel.com>, "Wu, Hao A" <hao.a.wu@intel.com>,
	"Bi, Dandan" <dandan.bi@intel.com>, "gaoliming@byosoft.com.cn"
	<gaoliming@byosoft.com.cn>, "Ni, Ray" <ray.ni@intel.com>, "Kinney, Michael D"
	<michael.d.kinney@intel.com>, "Yao, Jiewen" <jiewen.yao@intel.com>, "Zimmer,
 Vincent" <vincent.zimmer@intel.com>, "Justen, Jordan L"
	<jordan.l.justen@intel.com>, "Xu, Min M" <min.m.xu@intel.com>
Subject: Re: [edk2-devel] [RFC] Design review for Lazy Page Accept in TDVF
Thread-Topic: [edk2-devel] [RFC] Design review for Lazy Page Accept in TDVF
Thread-Index: AdedbiDItZYG7+qFSi+EURejkaV4ogAwMmuAADJg3rA=
Date: Wed, 1 Sep 2021 07:23:04 +0000
Message-ID: <BN9PR11MB5484CCC25DA5D9C83170E0A1F2CD9@BN9PR11MB5484.namprd11.prod.outlook.com>
References: <BN9PR11MB5484D7B4F68DFBDF53AD2454F2CB9@BN9PR11MB5484.namprd11.prod.outlook.com>
 <20210831061037.7imk7cip2wh6q3vm@sirius.home.kraxel.org>
In-Reply-To: <20210831061037.7imk7cip2wh6q3vm@sirius.home.kraxel.org>
Accept-Language: en-US
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
dlp-product: dlpe-windows
dlp-version: 11.5.1.3
dlp-reaction: no-action
authentication-results: edk2.groups.io; dkim=none (message not signed)
 header.d=none;edk2.groups.io; dmarc=none action=none header.from=intel.com;
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 005ffc79-e2ea-421f-4d24-08d96d19569e
x-ms-traffictypediagnostic: BN7PR11MB2610:
x-ld-processed: 46c98d88-e344-4ed4-8496-4ed7712e255d,ExtAddr
x-ms-exchange-transport-forked: True
x-microsoft-antispam-prvs: <BN7PR11MB261001CADEA9BA0BE547BA51F2CD9@BN7PR11MB2610.namprd11.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:6430;
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: ToJNZAC9THxIGMJ7EIqx43rm1csNQxiqUaELqnYJLgIl3A4HhVeaVqLMh1XIixdqKxAELhvNbF0vfo1rDDvcwnLsVcqOVWmLgIOPtZUmACghSZYHagj3Zg7S7ipqTYZYF8H6M8fdkIk9v6z7Z3+xaN/rWJtjA9PsnMjoZAEke6A+pjFDfDRy1XBaL5aIr2pR8KbfE0gHuYrY2+v2Sa1IS/QBjV8klEUuhvdywkRrT0+0jkqr5zZBTyKHyAvpW0up5tuRsAd+WEzUSXVMPD0XnOHOkuxr8UiBsJMSem2FRdM9U/KuoHlb8FtK1QmvorZQ0iQV2i1zqEohVNchgtx3B8MomjhTLbA5v/lCEGRYwmtY/ygqaV9GxibHFo+RWxSjBEss3WA6OftzRWnvsyXkiy7B8HUb907eg6XGADd1kIUgFyghyi+s10GEn6jjssetyZLoYvQVlasugKdYqUA23b5o8IG3ciaFWiZ9twDDq7Zg7zevgoqsdMk7d61Ybae3mVJ9rcaSyUuR9dIUYeb+piaMOYXWNrBPkKuYHPwA3t4VjRHT6/QfFxyHYzdLUc7Ts9Ku615SOjvCMV60ZOLpcHZ9nuTKhv7P9zf5ouuZYm/VlVKGtZKPlyk8iBqRz1zq2kznaObhm9w4Rbrftwhfo0PhBqyT2Gvpd0HaIT7kYFFYNjElQkppTvPXx37sGYVg0xhPGKaYNeiEeTJjUYi8cQ==
x-forefront-antispam-report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:BN9PR11MB5484.namprd11.prod.outlook.com;PTR:;CAT:NONE;SFS:(4636009)(396003)(39860400002)(346002)(366004)(376002)(136003)(55016002)(7696005)(86362001)(33656002)(6506007)(53546011)(52536014)(5660300002)(4326008)(76116006)(9686003)(66476007)(54906003)(110136005)(26005)(66446008)(316002)(186003)(64756008)(66946007)(478600001)(107886003)(66556008)(38100700002)(8676002)(83380400001)(71200400001)(8936002)(38070700005)(122000001)(2906002);DIR:OUT;SFP:1102;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: =?us-ascii?Q?Q3mXbsQkkldioQA/eu+aXIr/945AGQKFUQ8XN0A3DoJbgrxy8R3yE8bxnUUj?=
 =?us-ascii?Q?AFC2AqnfQTyiPBQW+jdlmg027EWtldlSYxp3U92ajsZPf+kqtqDnUHl5uiO4?=
 =?us-ascii?Q?jB/KbNfle9DnAcnbemHUpPpmEoB9fmB+UwC5ORZgvqzTaaENExNCUVBpoG0T?=
 =?us-ascii?Q?OQxvhj8+mqRwTklddxi48YRruGh1f0tjsK8acOx7/I0/e5DChvrwLsLc9DnW?=
 =?us-ascii?Q?y4u+r/xNhhASQl/2ugs/TsJi3UtBFJQGsvmcpuwPcBEXWLTGTi6N0Uw5y1CG?=
 =?us-ascii?Q?peSbM2U3lebhRp9CqNKD7IVjEaoCjxYq4+Y9Vx5crUZ/2cWC2li9ndtofAOm?=
 =?us-ascii?Q?CNEfUKXDSF5cpAK3NqWT7xP1RYl4G8G6wkjzLBqJsenaCR+rKwIHE9+e0j0v?=
 =?us-ascii?Q?2aCaxqIDHKggnryGzxVZJ4VUbHyDPqEvSQCSRT4hCyuKGQmfz/ksrjb0Iux3?=
 =?us-ascii?Q?GFNN6QCperZPXG7TBfLwLhufZMbAMaAokujPYOw3QXghQz64DY/lb6DSRgO9?=
 =?us-ascii?Q?jYshRM1Gf7JvlhlaIw9+2xxD6lfdIHGR5YrJYKR8QT/ff8MwqUI8nb+sCUuB?=
 =?us-ascii?Q?Gq774dgWsGVvs6iiAoi3nhMIs4aXzn/uHBNhjvsdP/Q/398x9tKlhSOPt9rZ?=
 =?us-ascii?Q?knVySwkq50ljqlMposebdhYKr2u3zi7qr1NuTclB854ByVzT171cC7HyNUB6?=
 =?us-ascii?Q?FpmvBrIlrWTg35oJKyFJh7SMIzusgQvpKHCDShpKPdWsTYlQ1CIi577kxG7D?=
 =?us-ascii?Q?JTvDSnEZjK0muyA42nEsgTvPcmyEny7MZ+jb0BJa+2SCxemXLB74g2OYCbQX?=
 =?us-ascii?Q?q+p6QXLWOzUKZNHPNlASYDQa40SKSldz+YqUuRTP8D4Vhm2vOIG43U474La7?=
 =?us-ascii?Q?C+itqat+Kxaeqs59BlQYOMYp/2kFKW7qf+WvH57qAgzw8QY1IkYsDwj+oauL?=
 =?us-ascii?Q?uDHtqju4CpTj4FG36j0upNk4VtqZgnQEt1jlhnHhCXKuBeTcJiPn3N6mS1RK?=
 =?us-ascii?Q?Eia8IACojZBIJUdSJ5ygD3sVknRmMBypmuVaN8+6iu+UklqJqpK/bFc90tmU?=
 =?us-ascii?Q?wmQR97XoIZrRMTfidxsnpt9VThteamKOyCT+PgqeoR+rwWC7tVrtRQk2ERL0?=
 =?us-ascii?Q?g5SEdu/UoKHrk0ok4vwCPtMNCvPbuDdhvYWQ+I2Fozvp6pqJUJE2LQP2NZoJ?=
 =?us-ascii?Q?IQCDAEJh0NwbIKUSXS9CcVAMI1WpoZs6BmA3sHSWhhQ+nKm8Juc67x7XejRv?=
 =?us-ascii?Q?/QhhiqXUN6g9Kh3gRuRyBEkcWeP8OqHtv4IOJy9fWd4roeCiNQEmpViSahlk?=
 =?us-ascii?Q?umBzYNoB1AiMwESdC8B3xSa5?=
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: BN9PR11MB5484.namprd11.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 005ffc79-e2ea-421f-4d24-08d96d19569e
X-MS-Exchange-CrossTenant-originalarrivaltime: 01 Sep 2021 07:23:04.2778
 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 46c98d88-e344-4ed4-8496-4ed7712e255d
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: MMVQuhtDOYByDbSalLdmPaJB1plZz12QeHntyje1HeMFuh240tw1unfDzAOxB9lcPXAzPjj507VLOvyLdurvSA==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BN7PR11MB2610
Return-Path: jiaqi.gao@intel.com
X-OriginatorOrg: intel.com
Content-Language: en-US
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable


On Tuesday, August 31, 2021 2:11 PM, Gerd Hoffmann wrote:
> > Motivation: Intel TDX provides memory encryption and integrity
> > multi-tenancy for hardware protection. A TD-guest uses TDCALL to
> > accept shared memory as private. However, accept whole system memory
> > may take a long time which will have an adverse impact on the boot
> > time performance.
>=20
> Which order of magnitude do we talk about?
> How long would it take to accept 2G of memory (all memory below 4g on
> qemu q35) ?

Here is some data using different guest configurations, it will take less t=
ime with more cpu cores.
For 2048MB memory it takes about 4 ~ 1.5 seconds using 1 ~ 4 cores guest to=
 accept all.
For 4096MB memory it takes about 8 ~ 3 seconds using 1 ~ 4 cores guest.

> > We propose three options to address this issue:
>=20
> >   1.  Modifying the memory allocation (MdeModulePkg/Core/Dxe/Mem)
> logic to accept memory when OUT_OF_RESOURCE occurs.
> >   2.  Changing the process flow of QEMU direct boot and GRUB to accept
> memory when loading the image fails and returns OUT_OF_RESOURCE.
> >   3.  Adding AcceptMemory() as a boot service interface to simplify the
> implementation of option 2.
> > Underlying implementation of accepting memory is provided by a protocol
> which can be installed by architecture-specific drivers such as TdxDxe.
>=20
> (1) Looks best to me.  From a design point of view it is a very reasonabl=
e
> thing for the core memory manager to also manage the
> accepted/unaccepted state of memory.  It avoids duplicating the "oom -> t=
ry
> AcceptMemoryRessource()" logic in bootloaders and will also cover other
> oom situations.
>=20
> take care,
>   Gerd
>=20