Received: by 10.223.148.5 with SMTP id 5csp6684644wrq; Wed, 17 Jan 2018 17:30:09 -0800 (PST) X-Google-Smtp-Source: ACJfBovap8WQ1eY3XyhLbSXsYGjMfEHx7+n0nqByKka0HGIxjR/J0iJRnk0hr7pMPF8nCvNlAAXE X-Received: by 10.98.160.25 with SMTP id r25mr24942545pfe.218.1516239009268; Wed, 17 Jan 2018 17:30:09 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1516239009; cv=none; d=google.com; s=arc-20160816; b=m5vUGzaRyP5bXJRm3vcsiXsB25Y3W3d269oIhRswCSU2VE9F/oeqJSzSNlShxk/ytE 4oZDDiwUsSCoz7N67Jh8QL4cT0hyAIIKx34X+XYFaECVS4rj6r3Hvi4MzJ/cQ9VOiZfj 1FyklQUFq1OGqaA0MsmiMDtIlIDjRkCHnWQf2pfYRgEtF9LG1AqfXk6TBs33ohftBEAN rFazbURc6TJLFhYNFKmuZWcS2cm7Lw9wxvI6x0xroHH251pDX3/VAn/eTuLmDnDaTy0w 6oHAZyy7cVLF7aU/XG3q765CIeYOX+JJyJOuN6RW+I+GKivTgMCJQuNJ8WVHbBclf0Ye wszQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:user-agent:in-reply-to :content-disposition:mime-version:references:message-id:subject:cc :to:from:date:arc-authentication-results; bh=ADEhf7UKCpQrtv9uPGVW95z2lsIbM39G8p4mqEFKR6Q=; b=A7hQu0Qadky9kpA/8ZiO0xCRHh9slvAWC+MOmP1KCgdLDwHMwnXDdkaAbqXc2DwtvJ F7ZrWpKxGcYavtAChLECFEOAmhkjQdXH/cI8bEWIAxefj1O/Sg3SNV+DB1dowlZeJtRM 8xFRrWTV4sFviKTXUI1lEUQMcVui2hKiuMON20t4g8W5FO9Atb7+pYyla8etyMnpyfhe s5Q9O/yLdWx9tlKQ1j/eHNADfvkeRTUbyv8jG7yizaOywCQZRbOdttOPRwdzhjz1Kd4N 82ZNH3+Pe+ChrA8XIYlukUl28K/DnrrQSqDgOygDC5DTv8PXbAJ7qYcQKCHDbyGTMrOg Bn2w== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=redhat.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id b14si4776883pge.297.2018.01.17.17.29.55; Wed, 17 Jan 2018 17:30:09 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=redhat.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1752980AbeARB2O (ORCPT + 99 others); Wed, 17 Jan 2018 20:28:14 -0500 Received: from mx1.redhat.com ([209.132.183.28]:54118 "EHLO mx1.redhat.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1750816AbeARB2M (ORCPT ); Wed, 17 Jan 2018 20:28:12 -0500 Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.phx2.redhat.com [10.5.11.16]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 6BB2543A31; Thu, 18 Jan 2018 01:28:07 +0000 (UTC) Received: from dhcp-128-65.nay.redhat.com (ovpn-12-91.pek2.redhat.com [10.72.12.91]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 01A5A177CF; Thu, 18 Jan 2018 01:27:59 +0000 (UTC) Date: Thu, 18 Jan 2018 09:27:55 +0800 From: Dave Young To: Tom Lendacky Cc: x86@kernel.org, linux-kernel@vger.kernel.org, Juergen Gross , Tony Luck , Arjan van de Ven , Yu Chen , Baoquan He , Linus Torvalds , Ingo Molnar , kexec@lists.infradead.org, Rui Zhang , ebiederm@redhat.com, Borislav Petkov , "H. Peter Anvin" , Thomas Gleixner , Boris Ostrovsky , Dan Williams Subject: Re: [PATCH] x86/mm: Rework wbinvd, hlt operation in stop_this_cpu() Message-ID: <20180118012755.GA1517@dhcp-128-65.nay.redhat.com> References: <20180117234141.21184.44067.stgit@tlendack-t1.amdoffice.net> <2a4c4e77-b27f-1537-515c-5ac7644c4768@amd.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <2a4c4e77-b27f-1537-515c-5ac7644c4768@amd.com> User-Agent: Mutt/1.9.1 (2017-09-22) X-Scanned-By: MIMEDefang 2.79 on 10.5.11.16 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.30]); Thu, 18 Jan 2018 01:28:07 +0000 (UTC) Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On 01/17/18 at 05:47pm, Tom Lendacky wrote: > On 1/17/2018 5:41 PM, Tom Lendacky wrote: > > Some issues have been reported with the for loop in stop_this_cpu() that > > issues the 'wbinvd; hlt' sequence. Reverting this sequence to halt() > > has been shown to resolve the issue. > > > > However, the wbinvd is needed when running with SME. The reason for the > > wbinvd is to prevent cache flush races between encrypted and non-encrypted > > entries that have the same physical address. This can occur when > > kexec'ing from memory encryption active to inactive or vice-versa. The > > important thing is to not have outside of kernel text memory references > > (such as stack usage), so the usage of the native_*() functions is needed > > since these expand as inline asm sequences. So instead of reverting the > > change, rework the sequence. > > > > Move the wbinvd instruction outside of the for loop as native_wbinvd() > > and make its execution conditional on X86_FEATURE_SME. In the for loop, > > change the asm 'wbinvd; hlt' sequence back to a halt sequence but use > > the native_halt() call. > > > > Cc: # 4.14.x > > Fixes: bba4ed011a52 ("x86/mm, kexec: Allow kexec to be used with SME") > > Reported-by: Dave Young > > Dave, > > Can you test this and see if it resolves your issue? It works for me, thank you for the patch! Tested-by: Dave Young > > Thanks, > Tom > > > Signed-off-by: Tom Lendacky > > --- > > arch/x86/kernel/process.c | 25 +++++++++++++++---------- > > 1 file changed, 15 insertions(+), 10 deletions(-) > > > > diff --git a/arch/x86/kernel/process.c b/arch/x86/kernel/process.c > > index 63711fe..03408b9 100644 > > --- a/arch/x86/kernel/process.c > > +++ b/arch/x86/kernel/process.c > > @@ -379,19 +379,24 @@ void stop_this_cpu(void *dummy) > > disable_local_APIC(); > > mcheck_cpu_clear(this_cpu_ptr(&cpu_info)); > > > > + /* > > + * Use wbinvd on processors that support SME. This provides support > > + * for performing a successful kexec when going from SME inactive > > + * to SME active (or vice-versa). The cache must be cleared so that > > + * if there are entries with the same physical address, both with and > > + * without the encryption bit, they don't race each other when flushed > > + * and potentially end up with the wrong entry being committed to > > + * memory. > > + */ > > + if (boot_cpu_has(X86_FEATURE_SME)) > > + native_wbinvd(); > > for (;;) { > > /* > > - * Use wbinvd followed by hlt to stop the processor. This > > - * provides support for kexec on a processor that supports > > - * SME. With kexec, going from SME inactive to SME active > > - * requires clearing cache entries so that addresses without > > - * the encryption bit set don't corrupt the same physical > > - * address that has the encryption bit set when caches are > > - * flushed. To achieve this a wbinvd is performed followed by > > - * a hlt. Even if the processor is not in the kexec/SME > > - * scenario this only adds a wbinvd to a halting processor. > > + * Use native_halt() so that memory contents don't change > > + * (stack usage and variables) after possibly issuing the > > + * native_wbinvd() above. > > */ > > - asm volatile("wbinvd; hlt" : : : "memory"); > > + native_halt(); > > } > > } > > > >