Received: by 2002:a05:6a10:206:0:0:0:0 with SMTP id 6csp5143788pxj;
        Wed, 9 Jun 2021 10:06:30 -0700 (PDT)
X-Google-Smtp-Source: ABdhPJzR+9d7drQCj6AOzyP+UfrKXs1CqEjUawBLWS8NTrE2+5Op9S6KLZ7sr9m4pvghPvqZ9bcn
X-Received: by 2002:a05:6402:3134:: with SMTP id dd20mr425896edb.59.1623258390438;
        Wed, 09 Jun 2021 10:06:30 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1623258390; cv=none;
        d=google.com; s=arc-20160816;
        b=nuXAXNSnLotDSYts5YwOq+xRjamIrEAbjpavzWbJKnWeVCSWpU2M+2pB7sCH9IdgC/
         SHg3uzW3qGA/D8q6qZTahzjnb8Q1cPuTs+pwgYcMDkr2c7GIv70MwHc11UgV/yWREX2R
         RKhA4jSCzDwlt6QOrOkespW23cAEKKkd8+c3GBBIA86bTAocbz+8R0lU+dVuzuygO+OI
         B/6NgTm90s/njvBLmTXriKpMz/PqQTtoSs26Woe+2AW6+QHfbHzaNMmHxyKTk0c2BVAt
         Nl5/SM+vE2DuXyMvz8fp4ddjzdyJVr92HlXyQEtOUs0r27x6ytM9nxyU8z56hUrSQ5yG
         VX+A==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:subject:cc:to:from:date:references:in-reply-to
         :message-id:mime-version:user-agent:dkim-signature;
        bh=LrC2zG04Y0cNRw/3lLOEC1YjaRuyW+VbgCFNMFua/Co=;
        b=wHvb9KCYifTogfSL/VdH9M9KniLZ7cZOBvWwgdx/b/MOyV+k4JGR6UGPlXQak35l8C
         lieqhDCA9uLr0sKO2apGQ/E5gu2ktRWMRuJ1Ef33MIpjtptdB3j+Sf3Ql8FXkajz+Obw
         Oop+VagJoaAs/iE7Y0b6OZWr4CbYbm5EXzLcxpa0V647Nu1JjeLcMU3b2WK/pUWj2A8A
         QQxm7pxvmIMY81sLPwU/JjoeEL73lLzpy+HW3ijn1PHJo4/d6WGoYnlA4JHnSm971H4I
         6oHqF/N0BYcQ/nxpSXZjTYbc6q+UdX5y3wtpnzCmX4lCLLj6mUeGFBwmfzAF7QDfJ3PD
         dn8A==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@kernel.org header.s=k20201202 header.b="Xk/WXvlk";
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18])
        by mx.google.com with ESMTP id ms23si277200ejc.115.2021.06.09.10.06.06;
        Wed, 09 Jun 2021 10:06:30 -0700 (PDT)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@kernel.org header.s=k20201202 header.b="Xk/WXvlk";
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S231739AbhFIEeo (ORCPT <rfc822;luscent@gmail.com> + 99 others);
        Wed, 9 Jun 2021 00:34:44 -0400
Received: from mail.kernel.org ([198.145.29.99]:34474 "EHLO mail.kernel.org"
        rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
        id S231335AbhFIEeo (ORCPT <rfc822;linux-kernel@vger.kernel.org>);
        Wed, 9 Jun 2021 00:34:44 -0400
Received: by mail.kernel.org (Postfix) with ESMTPSA id 45B92601FC;
        Wed,  9 Jun 2021 04:32:49 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org;
        s=k20201202; t=1623213170;
        bh=3rKw8QxVud/J4p90Q24ac10Rx4sDcDuGfcCxqPfKYEs=;
        h=In-Reply-To:References:Date:From:To:Cc:Subject:From;
        b=Xk/WXvlkITidp31TMlOHd9tXMBNRTZ+7e1YvG26nYaL2TXu5QRPZkRkeyJyOaUTRT
         aqln//sX1g9/1kweXY+B53fmBlUCVFcN/wNiydPIxri+QTkM+d0zDL9omPqNGW1zjq
         X9khxHScmrH/q8SjwfCKtamBLnST8SyIu8mx4sSPsB4KzqfIKViSvWOQxOPDWnX01u
         8iqwlhEFVudzbakGeE/9Mal5/96YNbFTGmgDezCfGgjuR+1tEYPjVB7sCsBJnxMiRD
         icqWQIpfYydHvj9sZ8lMcPHvOVQSLpa4ZXdlE+0iO4vpuvm+GPBLxorZGtw/4MNn3Z
         1RsO77kbYAbQA==
Received: from compute2.internal (compute2.nyi.internal [10.202.2.42])
        by mailauth.nyi.internal (Postfix) with ESMTP id 3F7D127C005A;
        Wed,  9 Jun 2021 00:32:48 -0400 (EDT)
Received: from imap21 ([10.202.2.71])
  by compute2.internal (MEProxy); Wed, 09 Jun 2021 00:32:48 -0400
X-ME-Sender: <xms:b0TAYPv4SG84HwM684zeA8w1l782raHZTnmWzutfg7Ivcb2IqSeUHw>
    <xme:b0TAYAehHWuoAYNs-vX-XSBGOXz1nWqXCRlR91ODShHY8m8uhjr9lUy1S5KSanLmY
    VU23saS5kPHjZZWeK4>
X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgeduledrfedutddgjeeiucetufdoteggodetrfdotf
    fvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdfqfgfvpdfurfetoffkrfgpnffqhgen
    uceurghilhhouhhtmecufedttdenucesvcftvggtihhpihgvnhhtshculddquddttddmne
    cujfgurhepofgfggfkjghffffhvffutgesthdtredtreerjeenucfhrhhomhepfdetnhgu
    hicunfhuthhomhhirhhskhhifdcuoehluhhtoheskhgvrhhnvghlrdhorhhgqeenucggtf
    frrghtthgvrhhnpeegjefghfdtledvfeegfeelvedtgfevkeeugfekffdvveeffeetieeh
    ueetveekfeenucevlhhushhtvghrufhiiigvpedtnecurfgrrhgrmhepmhgrihhlfhhroh
    hmpegrnhguhidomhgvshhmthhprghuthhhphgvrhhsohhnrghlihhthidqudduiedukeeh
    ieefvddqvdeifeduieeitdekqdhluhhtoheppehkvghrnhgvlhdrohhrgheslhhinhhugi
    drlhhuthhordhush
X-ME-Proxy: <xmx:b0TAYCwyHrYO5mXqMUl5cUbp9DQOudffzoVHOGm1SzqIti6tQp3lYA>
    <xmx:b0TAYONQYlmkznquzzo__Uwb4b5pCr-1AamiFThP_h0drSfF-mzIJA>
    <xmx:b0TAYP8mEAsoAubevCe3A0BkgRbxyEf_OcxU6oXizp_LxTucCAnioA>
    <xmx:cETAYLT9re2wtAmvOP3JpDXUExduCLXEWgcTmy6C1dO8Hj3OE4dO9f_XFrXWNdkh>
Received: by mailuser.nyi.internal (Postfix, from userid 501)
        id 4512E51C0060; Wed,  9 Jun 2021 00:32:47 -0400 (EDT)
X-Mailer: MessagingEngine.com Webmail Interface
User-Agent: Cyrus-JMAP/3.5.0-alpha0-519-g27a961944e-fm-20210531.001-g27a96194
Mime-Version: 1.0
Message-Id: <e9b2aab2-4a6f-4739-a939-c448414e6af2@www.fastmail.com>
In-Reply-To: <4e5ac34f-28cb-def6-0b87-e560fa42e5e5@linux.intel.com>
References: <CAPcyv4iAgXnMmg+Z1cqrgeQUcuQgXZ1WCtAaNmeHuLT_5QArUw@mail.gmail.com>
 <20210609011030.751451-1-sathyanarayanan.kuppuswamy@linux.intel.com>
 <CAPcyv4gLeKPfYOx1kmg-mO1_mNd+XGqVO-CbqX+2d52GZ+DSFw@mail.gmail.com>
 <23418f34-7c03-7477-6fbf-1b36b4718cb9@kernel.org>
 <4e5ac34f-28cb-def6-0b87-e560fa42e5e5@linux.intel.com>
Date:   Tue, 08 Jun 2021 21:32:26 -0700
From:   "Andy Lutomirski" <luto@kernel.org>
To:     "Andi Kleen" <ak@linux.intel.com>,
        "Williams, Dan J" <dan.j.williams@intel.com>,
        "Sathyanarayanan Kuppuswamy" 
        <sathyanarayanan.kuppuswamy@linux.intel.com>
Cc:     "Peter Zijlstra (Intel)" <peterz@infradead.org>,
        "Dave Hansen" <dave.hansen@intel.com>,
        "Tony Luck" <tony.luck@intel.com>,
        "Kirill Shutemov" <kirill.shutemov@linux.intel.com>,
        "Kuppuswamy Sathyanarayanan" <knsathya@kernel.org>,
        "Raj Ashok" <ashok.raj@intel.com>,
        "Sean Christopherson" <seanjc@google.com>,
        "Linux Kernel Mailing List" <linux-kernel@vger.kernel.org>
Subject: =?UTF-8?Q?Re:_[RFC_v2-fix-v4_1/1]_x86/tdx:_Skip_WBINVD_instruction_for_T?=
 =?UTF-8?Q?DX_guest?=
Content-Type: text/plain
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On Tue, Jun 8, 2021, at 9:25 PM, Andi Kleen wrote:
> 
> > I like this description, but shouldn't the logic be:
> >
> > if (!CPUID has hypervisor bit set)
> >    wbinvd();
> >
> > As far as I know, most hypervisors will turn WBINVD into a noop and,
> > even if they don't, it seems to be that something must be really quite
> > wrong for a guest to need to WBINVD for ACPI purposes.
> 
> KVM only turns it into a noop if there is no VT-d, because with VT-d you 
> might need it to turn mappings into uncached and vice versa.

Wow, I found the kvm_arch_register_noncoherent_dma() stuff.  That's horrifying.  What's it for?  Are there actually guests that use devices exposed by VFIO that expect WBINVD to work?  That's a giant DoS hole.

> 
> But yes the change would make sense for reboot. BTW I suspect for the 
> reboot path it isn't really needed anywhere modern, so it might actually 
> be ok to completely disable it. But that's some risk, so doing it only 
> for hypervisor is reasonable.

I agree.