Received: by 2002:a05:6a10:9848:0:0:0:0 with SMTP id x8csp193453pxf; Wed, 31 Mar 2021 21:26:27 -0700 (PDT) X-Google-Smtp-Source: ABdhPJw77l/KRuOjLrcPrhMzV27tMAX5hgCEtrJic2cVHwDullICA/C+adTUdlwFkARnoVq4N7NV X-Received: by 2002:a17:906:688:: with SMTP id u8mr6916062ejb.38.1617251186828; Wed, 31 Mar 2021 21:26:26 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1617251186; cv=none; d=google.com; s=arc-20160816; b=Hs2o93/C7GcOSn0DAdMW8fc7OkO/AmPuvQ2qW/DDtU0RI4UBmOkkFb2xklTXOm/rPq 4J6sHN5rY+OMpdj6rS7wqzZFXzty2SmBOtu3rUKQFXtoMQLeg/tNyJGDRsAf9V3xLZOe 03hdOOkG0syb/XxKNMvYrtmZKxqmZXqLEkpn2NttuZoXa/ZwvA26B0v86cEkxECjHoQe obkVM2BENo+3u9y0FX1p92hiLsNresIrQ0MdZ9cUGf85PICXu6biq1MFskCeAhp6Ybt6 g6l5tKxRkT4/MhEiakHygUBJwu3CunGffmyp1FcMI4MrdyP7Jhh4DOA19+H05F9MJQPc toug== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:in-reply-to:content-disposition:mime-version :references:message-id:subject:cc:to:from:date:ironport-sdr :ironport-sdr; bh=Mw6pHulSPpataXTZW6Y+hCawvGRxsZngPX5+xWdhdY0=; b=x0L2nlfwyzb+j1euuYo344ViTD9lvxbHqSM2hG0Q+nsGiTVLZ3OBoWf1couK8d6GOy 0XShB5hxbbRsRezn/r0+fbDi6IYWRjfRaAIIJiPjncCkRyFR97t3aGrITjDdCsubyhXT xtqCp5XiYTsNs0PMTVmVySyp4DpHNevooR/6DHsk6qEy6GIfWnvHhEx+AmSNg+018TJg EIl04YcVwIM0p4o1kwr7C3phOsasA9UFg1e+IDYiRVnuvc0ZP1ZryEUjw7p3ptvGq3J2 ddTBbNPGZh3En2zjxKlGfXtJ1zQMsv0ecHdAER4QdBlSCz0Oy+omAXSDpfoGVXHtkPd0 AEFQ== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id b5si3281325edw.429.2021.03.31.21.26.02; Wed, 31 Mar 2021 21:26:26 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229480AbhDAEZF (ORCPT + 99 others); Thu, 1 Apr 2021 00:25:05 -0400 Received: from mga05.intel.com ([192.55.52.43]:14565 "EHLO mga05.intel.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229459AbhDAEYj (ORCPT ); Thu, 1 Apr 2021 00:24:39 -0400 IronPort-SDR: Be5rAwfZzng45LHYaeKZmViLYFkxWv+tm3lzh0C5gZTis3f986tMwXpRasdzsuJP4GxTJ0AW2Q q2/erPYDG71w== X-IronPort-AV: E=McAfee;i="6000,8403,9940"; a="277335108" X-IronPort-AV: E=Sophos;i="5.81,295,1610438400"; d="scan'208";a="277335108" Received: from fmsmga004.fm.intel.com ([10.253.24.48]) by fmsmga105.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 31 Mar 2021 21:24:38 -0700 IronPort-SDR: TSo3nltnwRKujxL/XTvtnwrikFqTHFy42I2GykZpMQSBoqvSwAL/DhlNsBVvc0VzrzCVBSU5uw MmlwARbBX6sg== X-IronPort-AV: E=Sophos;i="5.81,295,1610438400"; d="scan'208";a="439061545" Received: from tassilo.jf.intel.com ([10.54.74.11]) by fmsmga004-auth.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 31 Mar 2021 21:24:37 -0700 Date: Wed, 31 Mar 2021 21:24:36 -0700 From: Andi Kleen To: Dave Hansen Cc: "Kuppuswamy, Sathyanarayanan" , Sean Christopherson , Peter Zijlstra , Andy Lutomirski , Kirill Shutemov , Kuppuswamy Sathyanarayanan , Dan Williams , Raj Ashok , linux-kernel@vger.kernel.org Subject: Re: [PATCH v4 1/1] x86/tdx: Handle MWAIT, MONITOR and WBINVD Message-ID: <20210401042436.GJ1285835@tassilo.jf.intel.com> References: <2FE32855-EA5D-44E4-AACC-25E9B1476547@amacapital.net> <5d961c25-3dee-4a5d-4bba-a97d157a5a49@intel.com> <20210401032827.GI1285835@tassilo.jf.intel.com> <92688a68-f4b8-9518-424b-7d967c4c728a@intel.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <92688a68-f4b8-9518-424b-7d967c4c728a@intel.com> Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Wed, Mar 31, 2021 at 08:46:18PM -0700, Dave Hansen wrote: > On 3/31/21 8:28 PM, Andi Kleen wrote: > >> The hardware (and VMMs and SEAM) have ways of telling the guest kernel > >> what is supported: CPUID. If it screws up, and the guest gets an > >> unexpected #VE, so be it. > > The main reason for disabling stuff is actually that we don't need > > to harden it. All these things are potential attack paths. > > Wait, MWAIT is an attack path? If it were an attack path, wouldn't it No MWAIT is not, but lots of other things that can be controlled by the host are. And that will be a motivation to disable things. > >> We don't have all kinds of crazy handling in the kernel's #UD handler > >> just in case a CPU mis-enumerates a feature and we get a #UD. We have > >> to trust the underlying hardware to be sane. If it isn't, we die a > >> horrible death as fast as possible. Why should TDX be any different? > > That's what the original patch did -- no unnecessary checks -- but reviewers > > keep asking for the extra checks, so Sathya added more. We have the not > > unusual problem here that reviewers don't agree among themselves. > > Getting consensus is a pain in the neck, eh? Tt seems more like a circular argument currently. > > It's too bad all the reviewers in the community aren't like all of the > engineers at big companies where everyone always agrees. :) I would propose to go back to the original patch without all the extra checks. I think that's what you're arguing too. IIRC the person who originally requested extra checks was Andy, if he's ok with that too we can do it, so that you guys can finally move on to the other patches that actually do more than just trivial things. -Andi