The GHCB specification recommends that SNP guest requests should be
rate limited. Add a command to permit the VMM to set the rate limit
on a per-VM scale.
The AMD-SP is a global resource that must be shared across VMs, so
its time should be multiplexed across VMs fairly. It is the
responsibility of the VMM to ensure all SEV-SNP VMs have a rate limit
set such that the collective set of VMs on the machine have a rate of
access that does not exceed the device's capacity.
The sev-guest device already respects the SNP_GUEST_VMM_ERR_BUSY
result code, so utilize that result to cause the guest to retry after
waiting momentarily.
Changes since v3:
* Rebased on master, changed module parameter to mem_enc_ioctl
command. Changed commit descriptions. Much time has passed.
Changes since v2:
* Rebased on v7, changed "we" wording to passive voice.
Changes since v1:
* Added missing Ccs to patches.
Dionna Glaze (2):
kvm: sev: Add SEV-SNP guest request throttling
kvm: sev: If ccp is busy, report busy to guest
.../virt/kvm/x86/amd-memory-encryption.rst | 23 ++++++++++++
arch/x86/include/uapi/asm/kvm.h | 7 ++++
arch/x86/kvm/svm/sev.c | 36 +++++++++++++++++++
arch/x86/kvm/svm/svm.h | 2 ++
4 files changed, 68 insertions(+)
--
2.49.0.1045.g170613ef41-goog
