Received: by 2002:a05:6a10:206:0:0:0:0 with SMTP id 6csp4496167pxj; Tue, 8 Jun 2021 16:06:59 -0700 (PDT) X-Google-Smtp-Source: ABdhPJxSkfgl+pRekW8DI0+w4pp8cQU9BOXHI5binCCc0NVQ7pBOElSP5aKAROYGKHdQ1m7pyXG9 X-Received: by 2002:a50:8e18:: with SMTP id 24mr28103382edw.275.1623193619596; Tue, 08 Jun 2021 16:06:59 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1623193619; cv=none; d=google.com; s=arc-20160816; b=ib6VQ3Hvc6ZNKcwK9e3ax56UI7zh00PAWezjUch4h/AJGMbMENX1JQXl61B3S2RHxo scw8fD8WKuqeuDAZSYG1k4xLhf2IEHL4SLU9HL9ZUAxrDEMrdLHtZuGWa7E2dyY2D53X sB9guFKMFtEaGx1RqFQeJ2fHouP6hMcGNM2Yu86bXRml1+p1cs802R3cqfUaXu5x9aS/ BfH1rEsmkunT1yXc0EYqtss9OLKm8TF+h349vWXpvznovfK2kN4emeoojJp4q+pdS0OX FpdXJlVM/giN1gARjm9IYEC5bkTbNpk4a1v+kHvA04zPEW+t5EIMjriD9OvikYnGdgCD VYjg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-language:content-transfer-encoding :in-reply-to:mime-version:user-agent:date:message-id:from:references :cc:to:subject:ironport-sdr:ironport-sdr; bh=smSyl+CjGmnn3dil97RPZfvVlF+p4zCIx+uiomB3KuA=; b=q2NUfwao3J7vgh2IuVYjEHZnW079gITB2CePDpKeJtwCOG2QlT35rl6ujS9E3u+eqT wDhQ2NqvjmFObF5mlZKthqbx/flEwPe8jeXNjd94cnP5V0FcZ2afcTjItmRswF9XEcNi 9f+aicw7bH0+InQmmusOtWheb7rZ3dFSrmS1r6ZkfZbZ0FdwLzJw8Mlgntay7Ly7Ox3J CmTpBR85G49q2GmE8OffMNe16cYKNWoRLAKSRHmgh7hcoixRQwB7m6FZJHSA815Pv3A0 kys3RjrAYpJY+uUn9GgYTQwrjhI52v0prkQxAdrDrv7/GeLSeh060wdeFqGPffB04NPi e8/g== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id c14si973913edr.15.2021.06.08.16.06.36; Tue, 08 Jun 2021 16:06:59 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230250AbhFHXGN (ORCPT + 99 others); Tue, 8 Jun 2021 19:06:13 -0400 Received: from mga03.intel.com ([134.134.136.65]:27960 "EHLO mga03.intel.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S234272AbhFHXGM (ORCPT ); Tue, 8 Jun 2021 19:06:12 -0400 IronPort-SDR: JpGLqXTU1Gfl/T5OT6Tgq+iaZ6J4OlIm3JC9cY8WiqfhfOtjReWrVvwFBWSG0BnWHy2+IhrUFl nnHxiwVTjB7w== X-IronPort-AV: E=McAfee;i="6200,9189,10009"; a="204987143" X-IronPort-AV: E=Sophos;i="5.83,259,1616482800"; d="scan'208";a="204987143" Received: from orsmga004.jf.intel.com ([10.7.209.38]) by orsmga103.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 08 Jun 2021 16:04:15 -0700 IronPort-SDR: y+jf4MsneXEhz5dOtrIJYmxCrdYwxLGl+5p/59UCktIZN50v2nXozynnc5d34SJmtDv5VNpmd8 GrIOn/OVA7aA== X-IronPort-AV: E=Sophos;i="5.83,259,1616482800"; d="scan'208";a="551775952" Received: from akleen-mobl1.amr.corp.intel.com (HELO [10.209.24.11]) ([10.209.24.11]) by orsmga004-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 08 Jun 2021 16:04:15 -0700 Subject: Re: [RFC v2-fix-v3 1/1] x86/tdx: Skip WBINVD instruction for TDX guest To: Dave Hansen , "Kuppuswamy, Sathyanarayanan" , Peter Zijlstra , Andy Lutomirski , Tony Luck , Dan Williams Cc: Kirill Shutemov , Kuppuswamy Sathyanarayanan , Raj Ashok , Sean Christopherson , linux-kernel@vger.kernel.org References: <20210608213527.739474-1-sathyanarayanan.kuppuswamy@linux.intel.com> From: Andi Kleen Message-ID: Date: Tue, 8 Jun 2021 16:04:14 -0700 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:78.0) Gecko/20100101 Thunderbird/78.10.2 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 8bit Content-Language: en-US Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org \ > A kernel driver using WBINVD will "sigfault"? I'm not sure what that > means. How does the kernel "sigfault"? It panics. Please, you know exactly what Sathya meant because you've read the code. > > Here's what I want to see: a list of all of the unique call sites for > WBINVD in the kernel. I want a written down methodology for how the > list of call sites was generated. I want to see an item-by-item list of > why those call sites are unreachable with the TDX guest code. It might > be because they've been patched in this patch, or the driver has been > disabled, or because the TDX architecture spec would somehow prohibit > the situation where it might be needed. But, there needs to be a list, > and you have to show your work. If you refer to code from this series > as helping to prevent WBINVD, then it has to be earlier in this series, > not in some other series and not later in this series. Sorry this is ridiculous. We're not in a make-work project here. We're about practical engineering  not make out life artificially complicated. If that is what is required then the change requests to NOT ignore but patch every site were just not practical. > > Just eyeballing it, there are ~50 places in the kernel that need auditing. > > Right now, we mostly have indiscriminate hand-waving about this not > being a problem. It's a hard NAK from me on this patch until this audit > is in place. Okay then we just go back to ignore like the rest of the KVM world. That's what we had originally and it it's fine because it's exactly what KVM does, which is all we want. It was the sane thing to do and it's still the sane thing to do because it has been always done this way. -And