Received: by 2002:a05:6a10:206:0:0:0:0 with SMTP id 6csp5198895pxj; Wed, 9 Jun 2021 11:27:36 -0700 (PDT) X-Google-Smtp-Source: ABdhPJxZQ+zYwfXsMcZA+5RUzYLc0sUBvb3JJok6sUDnuQ7rcLEOWZSHaj23HrykZQOdAdBWyWbg X-Received: by 2002:a50:a413:: with SMTP id u19mr710204edb.251.1623263256635; Wed, 09 Jun 2021 11:27:36 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1623263256; cv=none; d=google.com; s=arc-20160816; b=jpIuE25LKfSJCGiPdqbQilNzIMHWnPRIfGOEPW6SOl96Fy5Y3q2HSUAw5Q/0+Wu45l kVKNJCdUFQiOPSVOdm6fchi097k4gVvAEtbt3JZAUMLNbCsIKttrIcYwWntp3gh6uexA mwhX+tS9UitBeYdvSeRamEwTBtAE5DaWVp4SFEOF6EdDEgtN4brqE3Q+MeCalx24RHr+ TEgsdLAyWLPfyad4Wnkw1I6j5xvR+IBolxO7zb4Zcgqp3DI0yQskY6RwajB0+CH7HhSv JwhH/n5pxecMwETpHKCHZhYa8vNvX25hnMMumJUeFlEc9yeSBdQxuaJcmp93DOdxLOqq 7B0g== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:content-language :in-reply-to:mime-version:user-agent:date:message-id:from:references :cc:to:subject:ironport-sdr:ironport-sdr; bh=OyT1fFPUNapB0pjJkMQ3soZn0d40DAHybEXRpeQwqbY=; b=PwCHPqkgveU3CxyaYygeCUBcTzkC8/PiVPMOA+cE3R+aXBMqdEqkrRYz4cVyq30CV3 CBCdlYXQHUdDHxXEMqcWDFyfCeUWqBHuHRtjfi5vZjhCioEce1ylP2zFEKDGEdlTfZS6 H27fuvCX4X21zFxRYT0v2q5J75sXDSMHuWdNBXSjBc2BOkH3dq3xXAyIt86Oz3b1oXRl W1IQB4hvxRv2aAQw/RP/B+k7Vp0tzj0xduSBtoDxChn/wIC+W4hsuMuD+1gDEGt5WC0e o1hHiPYskMFsZ4ZO6aPhLfO4Mef/Labh6QTL8VkXj+lVTn7owqzE3a5aTrf6qTsafAao n+lA== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id eb13si357303edb.312.2021.06.09.11.27.13; Wed, 09 Jun 2021 11:27:36 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229957AbhFIS0i (ORCPT + 99 others); Wed, 9 Jun 2021 14:26:38 -0400 Received: from mga18.intel.com ([134.134.136.126]:5409 "EHLO mga18.intel.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229536AbhFIS0h (ORCPT ); Wed, 9 Jun 2021 14:26:37 -0400 IronPort-SDR: BQPObcTQ1veR7s2ct4h2H+DWJ7D9cofV+LP3yKX0Z9qSIu9OX1GCHzfWksi2BiPWRpBjW+ZjMF L+Eygq6MHnkw== X-IronPort-AV: E=McAfee;i="6200,9189,10010"; a="192451371" X-IronPort-AV: E=Sophos;i="5.83,261,1616482800"; d="scan'208";a="192451371" Received: from orsmga003.jf.intel.com ([10.7.209.27]) by orsmga106.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 09 Jun 2021 11:24:41 -0700 IronPort-SDR: PE4eEItNyeuEV/cqnhmmDF53gAgoQBEtYZMbX+QcIcsjCv66N0FLFYYqHoRMluLdUNq5oqEZy+ YLQRt8N2Pz1w== X-IronPort-AV: E=Sophos;i="5.83,261,1616482800"; d="scan'208";a="402530751" Received: from davidhok-mobl3.amr.corp.intel.com (HELO skuppusw-mobl5.amr.corp.intel.com) ([10.209.9.9]) by orsmga003-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 09 Jun 2021 11:24:41 -0700 Subject: Re: [RFC v2-fix-v4 1/1] x86/tdx: Skip WBINVD instruction for TDX guest To: Dan Williams Cc: Andy Lutomirski , Andi Kleen , Peter Zijlstra , Dave Hansen , Tony Luck , Kirill Shutemov , Kuppuswamy Sathyanarayanan , Raj Ashok , Sean Christopherson , Linux Kernel Mailing List References: <20210609011030.751451-1-sathyanarayanan.kuppuswamy@linux.intel.com> <682f0239-8da0-3702-0f14-99b6244af499@linux.intel.com> <59484871-8ef1-b7c3-fb29-b143bd53f074@linux.intel.com> From: "Kuppuswamy, Sathyanarayanan" Message-ID: <973add45-9fd2-7abc-3a97-96a26c263ea0@linux.intel.com> Date: Wed, 9 Jun 2021 11:24:39 -0700 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101 Thunderbird/78.8.1 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=utf-8; format=flowed Content-Language: en-US Content-Transfer-Encoding: 8bit Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On 6/9/21 10:31 AM, Dan Williams wrote: >> If you want to apply this fix for all hypervisors (using boot_cpu_has >> (X86_FEATURE_HYPERVISOR) check), then we don't need any TDX specific >> reference in commit log right? It can be generalized for all VM guests. >> >> agree? > No, because there is a note needed about the integrity implications in > the TDX case that makes it distinct from typical hypervisor enabling. Generalized the commit log (but left the TDX related info). Final version will look like below. x86: Skip WBINVD instruction for VM guest VM guests that supports ACPI, use standard ACPI mechanisms to signal sleep state entry (including reboot) to the host. The ACPI specification mandates WBINVD on any sleep state entry with the expectation that the platform is only responsible for maintaining the state of memory over sleep states, not preserving dirty data in any CPU caches. ACPI cache flushing requirements pre-date the advent of virtualization. Given guest sleep state entry does not affect any host power rails it is not required to flush caches. The host is responsible for maintaining cache state over its own bare metal sleep state transitions that power-off the cache. A TDX guest, unlike a typical guest, will machine check if the CPU cache is powered off. --- a/arch/x86/include/asm/acenv.h +++ b/arch/x86/include/asm/acenv.h @@ -10,10 +10,15 @@ #define _ASM_X86_ACENV_H #include +#include /* Asm macros */ -#define ACPI_FLUSH_CPU_CACHE() wbinvd() +#define ACPI_FLUSH_CPU_CACHE() \ +do { \ + if (!boot_cpu_has(X86_FEATURE_HYPERVISOR)) \ + wbinvd(); \ +} while (0) int __acpi_acquire_global_lock(unsigned int *lock); int __acpi_release_global_lock(unsigned int *lock); -- Sathyanarayanan Kuppuswamy Linux Kernel Developer