Provide "nosnp" boot option via "sev=nosnp" kernel command line to
prevent SEV-SNP[1] capable host kernel from enabling SEV-SNP and
initializing Reverse Map Table (RMP) [1].

On providing sev=nosnp via kernel command line:
cat /sys/module/kvm_amd/parameters/sev_snp should be "N".

This patchset is based on tip/master.

Reference:
[1] https://www.amd.com/content/dam/amd/en/documents/processor-tech-docs/programmer-references/24593.pdf

Changelog:
=========
v4->v5:
  * Move __read_mostly attribute to place where sev_cfg is declared (Tom)

v3->v4:
  * Remove an irrelevant header (Boris)
  * Rebase on latest tip/master
  * Link: https://lore.kernel.org/all/20240922033626.29038-1-papaluri@amd.com/

Pavan Kumar Paluri (2):
  x86, KVM:SVM: Move sev specific parsing into arch/x86/virt/svm
  x86 KVM:SVM: Provide "nosnp" boot option for sev kernel command line

 .../arch/x86/x86_64/boot-options.rst          |  3 ++
 arch/x86/coco/sev/core.c                      | 44 -------------------
 arch/x86/include/asm/sev-common.h             | 29 ++++++++++++
 arch/x86/virt/svm/Makefile                    |  1 +
 arch/x86/virt/svm/cmdline.c                   | 39 ++++++++++++++++
 5 files changed, 72 insertions(+), 44 deletions(-)
 create mode 100644 arch/x86/virt/svm/cmdline.c


base-commit: d1b8f40d000887720e0c123c382d75e7fbb75cb6
-- 
2.34.1

On 9/30/24 16:11, Pavan Kumar Paluri wrote:
> Provide "nosnp" boot option via "sev=nosnp" kernel command line to
> prevent SEV-SNP[1] capable host kernel from enabling SEV-SNP and
> initializing Reverse Map Table (RMP) [1].
> 
> On providing sev=nosnp via kernel command line:
> cat /sys/module/kvm_amd/parameters/sev_snp should be "N".

I don't see any mention in the changelog, cover letter or Documentation/
about why someone would want to do this.

I assume it's because of performance (walking the RMP table is non-zero
cost).

The BIOS allocates the RMP table, right?  So this option presumably gets
the performance back, but not the memory.  That's probably also worth
mentioning ... somewhere.

Hello Dave,

On 9/30/2024 6:25 PM, Dave Hansen wrote:
> On 9/30/24 16:11, Pavan Kumar Paluri wrote:
>> Provide "nosnp" boot option via "sev=nosnp" kernel command line to
>> prevent SEV-SNP[1] capable host kernel from enabling SEV-SNP and
>> initializing Reverse Map Table (RMP) [1].
>>
>> On providing sev=nosnp via kernel command line:
>> cat /sys/module/kvm_amd/parameters/sev_snp should be "N".
> 
> I don't see any mention in the changelog, cover letter or Documentation/
> about why someone would want to do this.
> 
> I assume it's because of performance (walking the RMP table is non-zero
> cost).
> 
> The BIOS allocates the RMP table, right?  So this option presumably gets
> the performance back, but not the memory.  That's probably also worth
> mentioning ... somewhere.

Yes, that is correct. RMP is BIOS-allocated, so there is a performance
gain but not memory.

Besides, having a 'nosnp' command line option would benefit customers to
be able to set the BIOS option to allocate RMP, but not actually enable
it just yet. This way, they can avoid overhead incurred from RMP checks,
for when they do not want to run SEV-SNP guests.

I will include this information in the cover-letter.

Thanks,
Pavan

On 9/30/24 17:09, Paluri, PavanKumar wrote:
> I will include this information in the cover-letter.

... and the documentation for the command-line, please

On 9/30/2024 7:14 PM, Dave Hansen wrote:
> On 9/30/24 17:09, Paluri, PavanKumar wrote:
>> I will include this information in the cover-letter.
> 
> ... and the documentation for the command-line, please

Sure.

Thanks,
Pavan