On Thu, Mar 10, 2022 at 12:26:15PM +0100, Joerg Roedel wrote:
From: Joerg Roedel jroedel@suse.de
The io specific memcpy/memset functions use string mmio accesses to do their work. Under SEV the hypervisor can't emulate these instructions, because they read/write directly from/to encrypted memory.
KVM will inject a page fault exception into the guest when it is asked to emulate string mmio instructions for an SEV guest:
BUG: unable to handle page fault for address: ffffc90000065068 #PF: supervisor read access in kernel mode #PF: error_code(0x0000) - not-present page PGD 8000100000067 P4D 8000100000067 PUD 80001000fb067 PMD 80001000fc067 PTE 80000000fed40173 Oops: 0000 [#1] PREEMPT SMP NOPTI CPU: 0 PID: 1 Comm: swapper/0 Not tainted 5.17.0-rc7 #3
As string mmio for an SEV guest can not be supported by the hypervisor, unroll the instructions for CC_ATTR_GUEST_UNROLL_STRING_IO enabled kernels.
What I'm missing in this description is why wasn't it a problem until now?
You mentioned something about libvirt adding TPMs and that causing this but I'm still unclear as to why exactly this is causing the issue. I'm guessing SEV guests didn't do string IO but libvirt adding a TPM is somehow causing them to use them now...
@@ -56,9 +55,8 @@ void memcpy_toio(volatile void __iomem *to, const void *from, size_t n) } rep_movs((void *)to, (const void *) from, n); } -EXPORT_SYMBOL(memcpy_toio); -void memset_io(volatile void __iomem *a, int b, size_t c) +static void string_memset_io(volatile void __iomem *a, int b, size_t c)
You can simply remove that wrapper and use memset() at the callsite.
Thx.