Re: [PATCH v5 07/18] s390x: protvirt: Inhibit balloon when switching to protected mode

[David Hildenbrand]

On 26.02.20 16:30, Janosch Frank wrote:
> On 2/26/20 4:16 PM, David Hildenbrand wrote:
>> On 26.02.20 16:06, Christian Borntraeger wrote:
>>>
>>>
>>> On 26.02.20 15:59, David Hildenbrand wrote:
>>>> On 26.02.20 13:20, Janosch Frank wrote:
>>>>> Ballooning in protected VMs can only be done when the guest shares the
>>>>> pages it gives to the host. Hence, until we have a solution for this
>>>>> in the guest kernel, we inhibit ballooning when switching into
>>>>> protected mode and reverse that once we move out of it.
>>>>
>>>> I don't understand what you mean here, sorry. zapping a page will mean
>>>> that a fresh one will be faulted in when accessed. And AFAIK, that means
>>>> it will be encrypted again when needed.
>>>>
>>>> Is that more like the UV will detect this as an integrity issue and
>>>> crash the VM?
>>>
>>> yes, the UV will detect a fresh page as an integrity issue.
>>> Only if the page was defined to be shared by the guest, we would avoid the
>>> integrity check.
>>>
>>
>> Please make that clearer in the patch description. With that
>>
>> Reviewed-by: David Hildenbrand <address@hidden>
>>
> 
> How about:
> s390x: protvirt: Inhibit balloon when switching to protected mode
> 
> Ballooning in protected VMs can only be done when the guest shares the
> pages it gives to the host. If pages are not shared, the integrity
> checks will fail once those pages have been altered and are given back
> to the guest.
> 
> Hence, until we have a solution for this in the guest kernel, we
> inhibit ballooning when switching into protected mode and reverse that
> once we move out of it.
> 

Yep, sounds good!

-- 
Thanks,

David / dhildenb