From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mga09.intel.com (mga09.intel.com [134.134.136.24]) by mx.groups.io with SMTP id smtpd.web12.2247.1630629123008551438 for ; Thu, 02 Sep 2021 17:32:03 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@intel.onmicrosoft.com header.s=selector2-intel-onmicrosoft-com header.b=WDZnxOWb; spf=pass (domain: intel.com, ip: 134.134.136.24, mailfrom: jiewen.yao@intel.com) X-IronPort-AV: E=McAfee;i="6200,9189,10095"; a="219295317" X-IronPort-AV: E=Sophos;i="5.85,263,1624345200"; d="scan'208";a="219295317" Received: from fmsmga007.fm.intel.com ([10.253.24.52]) by orsmga102.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 02 Sep 2021 17:32:02 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.85,263,1624345200"; d="scan'208";a="461955022" Received: from orsmsx605.amr.corp.intel.com ([10.22.229.18]) by fmsmga007.fm.intel.com with ESMTP; 02 Sep 2021 17:32:00 -0700 Received: from orsmsx604.amr.corp.intel.com (10.22.229.17) by ORSMSX605.amr.corp.intel.com (10.22.229.18) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2242.12; Thu, 2 Sep 2021 17:32:00 -0700 Received: from orsedg603.ED.cps.intel.com (10.7.248.4) by orsmsx604.amr.corp.intel.com (10.22.229.17) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2242.12 via Frontend Transport; Thu, 2 Sep 2021 17:32:00 -0700 Received: from NAM11-BN8-obe.outbound.protection.outlook.com (104.47.58.170) by edgegateway.intel.com (134.134.137.100) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.1.2242.10; Thu, 2 Sep 2021 17:31:59 -0700 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=ewU1WYlQ6oTAc2mFzgszD+S1si4N69YrYrkMc0JbaQlRE6EJG2L5qaaKuEYytqzSr87TgLVOW/cNh2bn/xs32SUevZQ+KnVyzjZLiLs+JtdfFH8/z6Fomtds7t39X9iKWBC+9w6qxkQ4ET0/Lzvv5Lw4rK/+cAk4rZHiEEjCDlwd3BOWW7/UqLmm/Dxew/ECjPQoBhg8bcpvGkuwD4I+CIIxSsaRboAt4OE4tEQT1m56IDrRq9ofidE6fkg9gH3/HZ5z811s3ogJSsumaaWsWAX8Vjd7BLBkAv87yNwAHiRft6zM0cQT5KdE22QL9RyvTHESsV38fUG+HD9fOIUvSw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=NteX+fBEPoZUmEVU0Bm0NTTNXCv+SV6QlwFjVwAnCKc=; b=cgWp4i96X1EJSG/KRqa2ZKS1yXov1RYZPKm5HPQIB6bS75lqfLgoZPdeplc5fWH7K6bsVL9nRgEUgxlCGEsmEpRaBRDSrJhiQf7gymYAWTCy54zz5ZwJ3c6h+rFC0auUzSne9XCQgVYzHW/mGgeIEoPq/io4DJlwQ4mqb2pcuRwoFFkTvrSFZYLXq3COVBFXIvI3emQCT4bLe0JLrM/JWcGPm1AjifXSM5KRenclm0jTXWiDUZwE9Zwj9x5hLAdaEp/RWIYNCtAmCOfDxPLSwWKrc3j0/WmXDZYykjqxOUj4FSQB15Y4OsAqP1abo6mBAaFMHgGwaBo2FlBNLWXALg== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=intel.com; dmarc=pass action=none header.from=intel.com; dkim=pass header.d=intel.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=intel.onmicrosoft.com; s=selector2-intel-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=NteX+fBEPoZUmEVU0Bm0NTTNXCv+SV6QlwFjVwAnCKc=; b=WDZnxOWbWpRzxgapOqaq5BAD5O95hJF+r6mdjHq1reNKrR1euK/rAxFz/W5hqgU56BrH5LGQwGYBIa5OtQ0oJ920Iiz2uG0wLf14en9XMccoCVGc3IcBDGS7qihLPva7402RRjwZ0ygCefcFmQhi1mYIt6dq1GwWTxmHBmNk6B4= Received: from PH0PR11MB4885.namprd11.prod.outlook.com (2603:10b6:510:35::14) by PH0PR11MB4807.namprd11.prod.outlook.com (2603:10b6:510:3a::6) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4478.20; Fri, 3 Sep 2021 00:31:57 +0000 Received: from PH0PR11MB4885.namprd11.prod.outlook.com ([fe80::754e:42e9:16cd:1306]) by PH0PR11MB4885.namprd11.prod.outlook.com ([fe80::754e:42e9:16cd:1306%5]) with mapi id 15.20.4478.022; Fri, 3 Sep 2021 00:31:57 +0000 From: "Yao, Jiewen" To: "Gao, Jiaqi" , "devel@edk2.groups.io" , "kraxel@redhat.com" CC: "Wang, Jian J" , "Wu, Hao A" , "Bi, Dandan" , "gaoliming@byosoft.com.cn" , "Ni, Ray" , "Kinney, Michael D" , "Zimmer, Vincent" , "Justen, Jordan L" , "Xu, Min M" Subject: Re: [edk2-devel] [RFC] Design review for Lazy Page Accept in TDVF Thread-Topic: [edk2-devel] [RFC] Design review for Lazy Page Accept in TDVF Thread-Index: AdedbiDItZYG7+qFSi+EURejkaV4ogAwMmuAADJg3rAAWAqlYA== Date: Fri, 3 Sep 2021 00:31:57 +0000 Message-ID: References: <20210831061037.7imk7cip2wh6q3vm@sirius.home.kraxel.org> In-Reply-To: Accept-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: dlp-version: 11.5.1.3 dlp-product: dlpe-windows dlp-reaction: no-action authentication-results: intel.com; dkim=none (message not signed) header.d=none;intel.com; dmarc=none action=none header.from=intel.com; x-ms-publictraffictype: Email x-ms-office365-filtering-correlation-id: 49ec4f4e-f992-43d9-5a6a-08d96e723cdf x-ms-traffictypediagnostic: PH0PR11MB4807: x-ld-processed: 46c98d88-e344-4ed4-8496-4ed7712e255d,ExtAddr x-ms-exchange-transport-forked: True x-microsoft-antispam-prvs: x-ms-oob-tlc-oobclassifiers: OLM:9508; x-ms-exchange-senderadcheck: 1 x-ms-exchange-antispam-relay: 0 x-microsoft-antispam: BCL:0; x-microsoft-antispam-message-info: bC6pejEcpOkJX820+Y2HiF8XGstpPBOdKLqmmDSBKy7i4rV6+AHV0bsX52BB2i1z3uKMTEpDReTEf1qnMeAQT0O9vSzkkFfRsD2Uz6gM8ZLLpxet0s/bnX1ZVSZ5Dahd1a/TXItrCMddaavyibNc1v3AC1dZREfnqH11LQ1/TcPBUX2W15CDdnyrE9Cz48R8nJsCZn5QLHVZ83rZj9J+6myZ3lRc3mTU9S8eqh8KMo1WpBKcrWJJm85hi21n7IA7Sq/zEyfzCmuBun7lOMv1ieBM0Ve+a/fH5hT/Ya31OAN9+QH29poVK0UyISwkzzrdYFMZNDxvClAFsLdzHDa74sabduKSuF6GDDLKPa/KAUx5awC6zQ75q4dyl6hTgVyjb79ENaAfyS0jq3Nk3piLvsbLt0wyOrPlEpBla9YWOV1ulKYS/anLGkchCgKPh+4pIjqHmpH+KjDTyC0SuKf3VxS+f2/m9TTMs8IeC4mQ1UK4Wo5TtINdb61d69tneOm88l5HZ4cm3r+YETLSFslp9lUF88qSrLqYPiWnXDgw/GH9d2xOkQSuvbQSyXshrRxaBg2kFys0wxuxggRw8HAjoCF6o+++2D+PsESvmEnTl95ywjtqijTMyf5GuGftfmAdVQF17v5vRodqnDKm+m+zkxasExjoW92s8kML38TZx4h6gXLXB+5XJ5c/P2hhXVY3MQ50nWAQRPq4FSO+GXFv0on7AWnmIuGZb2XsTY3Nm32yxwgYxvLEGiWRZXK5FXOBHzwHKlnHt5cFTVx0UiQY0B3ULo2BJe1+X0QOlTekpao= x-forefront-antispam-report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:PH0PR11MB4885.namprd11.prod.outlook.com;PTR:;CAT:NONE;SFS:(4636009)(136003)(39860400002)(376002)(366004)(396003)(346002)(53546011)(6506007)(38070700005)(76116006)(55016002)(33656002)(7696005)(122000001)(9686003)(66476007)(66446008)(2906002)(107886003)(66946007)(66556008)(64756008)(38100700002)(71200400001)(966005)(8676002)(8936002)(4326008)(26005)(478600001)(86362001)(52536014)(316002)(54906003)(110136005)(83380400001)(5660300002)(186003);DIR:OUT;SFP:1102; x-ms-exchange-antispam-messagedata-chunkcount: 1 x-ms-exchange-antispam-messagedata-0: =?us-ascii?Q?dSwdTNbXiQPhL2UXONaD+XgZCOiVFkep8T0ekU5Q8oHOMrZUs47LonLM+XYX?= =?us-ascii?Q?w+gYxCXsT+9bHL79Ne9fb3Jem3fyQGHD1agOjGPje37TjRVlx3SRQeFwgayN?= =?us-ascii?Q?X+38Q6zy1bZXkkeNAnmx0CJbKQRa6bIxnRhjYezM+WtEWfxs5FOq3VHVHNNR?= =?us-ascii?Q?oZx2D7HMjJCdXdDr0CscuKMPP6cMqGrYWuhrTAq8o52PvAaUmjHWXZ55oQ6I?= =?us-ascii?Q?OYJ4MRvIwBToBPB9JfUXgOEvnGUtyN5qmYBJgticM6GHTl456I9cjB6e6zNK?= =?us-ascii?Q?PxL3nIPcr0ewhB7xNpX+s4mJUmsb61REpb2nF8ah741AsrQsqBfg/y8N8BKr?= =?us-ascii?Q?pH6NrbUzH7OXe75dtUtqmsMSdo3gKCjzKn0ARzhWPm3kAGHhnFqgU2waxEKh?= =?us-ascii?Q?bkBr2B6DYVZ79leC0xy3l8RjZilsT/+o+l8G240OGNwoAbZEPIOSF4a32cms?= =?us-ascii?Q?gqsnrUmNzvykhO8HGw3uujTXt1t68IBBB/swwSeLvm5ydJwumR9xYtlzRlEB?= =?us-ascii?Q?bcB8R7W79i+Nv82VvL8DWAWJiRZcaDKivIfJoVn9Ags/bMvm3GqP4+5yWeXC?= =?us-ascii?Q?3A07GIe8vnhYqGSSujVfIfMm//xQgSPrZlNvPDJrZLsKJbGCRHtkOM8x0qtk?= =?us-ascii?Q?BJn/bjsd3Pu6KhBq62HHUhdv/Nb/8Lj5ZWSmtrnGgwGEA0ArMJPpCvRozFdx?= =?us-ascii?Q?fDQGtYFfhnYap9hhwzorIhcU+XV2JFsRYbwGLUIzE5Mc0kVpU2lN/7+8xIu/?= =?us-ascii?Q?8vx8imMSbEfg7OmZU5dQ55fo5ahgJFAotrsMP99beo/X4SRltPqxO9zQxdo0?= =?us-ascii?Q?hxSQQFr50nJFJ2piKNE/8EiARj6TG98HvZIe+EMvtTv8Eez3XpjoU5qjj9n2?= =?us-ascii?Q?icMhHr14lgsecSFsb3DcmnER55smpFMnHvCxXoxGxRW8L0GcRPHSsv1gQesr?= =?us-ascii?Q?FqBuO4RYU6WCMJWKNYSOwYNtU7ZBPlfMlFakRBevbbOMd7nIlVXgvSN2CN9f?= =?us-ascii?Q?MLuReUm/U9h3P5NkiKKqu6e+Mgp7ouS1LcNHiyeDRnP2E+OkHCu+vudO26dO?= =?us-ascii?Q?WTa8R8+PQ6ktTBtA6CuaJ+PBLI5BnfudPa6NkAni0HUEnZpGpJF3dPE1ApVk?= =?us-ascii?Q?tLE4OU5deDVtl89R5loS0dB23FvN82ehZ7bUbaAUp0aFNZemKHhIRjxtEc45?= =?us-ascii?Q?TVRAkkmDjUxWwnhKLduuKRNoWMGxDAalhOiPRXonwZpvqDmxK47XzihqaWdd?= =?us-ascii?Q?Nxc0Sx3K73xTmv0KJAHaCTUOWPvUYM4jJ7+qtS2dG9Epr3ka96yvSGgv0apY?= =?us-ascii?Q?BVugm9j9bleZ4CO27pHovj7E?= MIME-Version: 1.0 X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-AuthSource: PH0PR11MB4885.namprd11.prod.outlook.com X-MS-Exchange-CrossTenant-Network-Message-Id: 49ec4f4e-f992-43d9-5a6a-08d96e723cdf X-MS-Exchange-CrossTenant-originalarrivaltime: 03 Sep 2021 00:31:57.4610 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 46c98d88-e344-4ed4-8496-4ed7712e255d X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: VEqbLLmw2+LcW713AWHg1Yaobis1phf6Cw3pcz08VchjLs3JDH34+OEg3mNsiSs5RQhrW7AoagnqsACq2VFB2Q== X-MS-Exchange-Transport-CrossTenantHeadersStamped: PH0PR11MB4807 Return-Path: jiewen.yao@intel.com X-OriginatorOrg: intel.com Content-Language: en-US Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Hi It is good idea to have a protocol to abstract TDX and SEV. I think we need clearly document what service can be used in EFI_ACCEPT_MEM= ORY. For example, can we use memory allocation service, GCD service, or MP servi= ce? In https://github.com/mxu9/edk2/pull/9/commits, I do not find the producer = of EFI_ACCEPT_MEMORY, would you please give me some hint? Couple of dependency issue: If EFI_ACCEPT_MEMORY cannot use MP service, then there might be performance= concern. If it uses MP service, then we need ensure MP service is installed earlier = and before memory accept request. I think we need a way to ensure there is enough memory *before* the protoco= l is installed, right? Also, would you please clarify how to fix below comment? // // Fix me! CoreAddMemorySpace() should not be called in the allocation pr= ocess // because it will allocate memory for GCD map entry. // Thank you Yao Jiewen > -----Original Message----- > From: Gao, Jiaqi > Sent: Wednesday, September 1, 2021 3:23 PM > To: devel@edk2.groups.io; kraxel@redhat.com > Cc: Wang, Jian J ; Wu, Hao A ; > Bi, Dandan ; gaoliming@byosoft.com.cn; Ni, Ray > ; Kinney, Michael D ; Yao, > Jiewen ; Zimmer, Vincent = ; > Justen, Jordan L ; Xu, Min M > Subject: RE: [edk2-devel] [RFC] Design review for Lazy Page Accept in TDV= F >=20 >=20 > On Tuesday, August 31, 2021 2:11 PM, Gerd Hoffmann wrote: > > > Motivation: Intel TDX provides memory encryption and integrity > > > multi-tenancy for hardware protection. A TD-guest uses TDCALL to > > > accept shared memory as private. However, accept whole system memory > > > may take a long time which will have an adverse impact on the boot > > > time performance. > > > > Which order of magnitude do we talk about? > > How long would it take to accept 2G of memory (all memory below 4g on > > qemu q35) ? >=20 > Here is some data using different guest configurations, it will take less= time with > more cpu cores. > For 2048MB memory it takes about 4 ~ 1.5 seconds using 1 ~ 4 cores guest = to > accept all. > For 4096MB memory it takes about 8 ~ 3 seconds using 1 ~ 4 cores guest. >=20 > > > We propose three options to address this issue: > > > > > 1. Modifying the memory allocation (MdeModulePkg/Core/Dxe/Mem) > > logic to accept memory when OUT_OF_RESOURCE occurs. > > > 2. Changing the process flow of QEMU direct boot and GRUB to accep= t > > memory when loading the image fails and returns OUT_OF_RESOURCE. > > > 3. Adding AcceptMemory() as a boot service interface to simplify t= he > > implementation of option 2. > > > Underlying implementation of accepting memory is provided by a protoc= ol > > which can be installed by architecture-specific drivers such as TdxDxe. > > > > (1) Looks best to me. From a design point of view it is a very reasona= ble > > thing for the core memory manager to also manage the > > accepted/unaccepted state of memory. It avoids duplicating the "oom ->= try > > AcceptMemoryRessource()" logic in bootloaders and will also cover other > > oom situations. > > > > take care, > > Gerd > >