Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20;
MIME-Version: 1.0
References: <20220224155630.52734-1-kirill.shutemov@linux.intel.com>
 <20220224155630.52734-30-kirill.shutemov@linux.intel.com> <20220227220526.3rrmy3u7j2xpelcn@treble>
In-Reply-To: <20220227220526.3rrmy3u7j2xpelcn@treble>
From:   Dan Williams <dan.j.williams@intel.com>
Date:   Sun, 27 Feb 2022 17:34:45 -0800
Message-ID: <CAPcyv4jqHQDhpSE24-Y6amC9Y-z4vVnXy6Lvo1j2hdCvzPACvQ@mail.gmail.com>
Subject: Re: [PATCHv4 29/30] ACPICA: Avoid cache flush on TDX guest
To:     Josh Poimboeuf <jpoimboe@redhat.com>
Cc:     "Kirill A. Shutemov" <kirill.shutemov@linux.intel.com>,
        Thomas Gleixner <tglx@linutronix.de>,
        Ingo Molnar <mingo@redhat.com>, Borislav Petkov <bp@alien8.de>,
        Dave Hansen <dave.hansen@intel.com>,
        Andy Lutomirski <luto@kernel.org>,
        Peter Zijlstra <peterz@infradead.org>,
        Kuppuswamy Sathyanarayanan 
        <sathyanarayanan.kuppuswamy@linux.intel.com>,
        Andrea Arcangeli <aarcange@redhat.com>,
        Andi Kleen <ak@linux.intel.com>,
        David Hildenbrand <david@redhat.com>,
        "H. Peter Anvin" <hpa@zytor.com>, Juergen Gross <jgross@suse.com>,
        Jim Mattson <jmattson@google.com>,
        Joerg Roedel <joro@8bytes.org>,
        Kuppuswamy Sathyanarayanan <knsathya@kernel.org>,
        Paolo Bonzini <pbonzini@redhat.com>, sdeep@vmware.com,
        Sean Christopherson <seanjc@google.com>,
        "Luck, Tony" <tony.luck@intel.com>,
        Vitaly Kuznetsov <vkuznets@redhat.com>,
        Wanpeng Li <wanpengli@tencent.com>,
        Tom Lendacky <thomas.lendacky@amd.com>,
        Brijesh Singh <brijesh.singh@amd.com>, X86 ML <x86@kernel.org>,
        Linux Kernel Mailing List <linux-kernel@vger.kernel.org>
Content-Type: text/plain; charset="UTF-8"
Precedence: bulk

On Sun, Feb 27, 2022 at 2:05 PM Josh Poimboeuf <jpoimboe@redhat.com> wrote:
>
> On Thu, Feb 24, 2022 at 06:56:29PM +0300, Kirill A. Shutemov wrote:
> > +/*
> > + * ACPI_FLUSH_CPU_CACHE() flushes caches on entering sleep states.
> > + * It is required to prevent data loss.
> > + *
> > + * While running inside TDX guest, the kernel can bypass cache flushing.
> > + * Changing sleep state in a virtual machine doesn't affect the host system
> > + * sleep state and cannot lead to data loss.
> > + *
> > + * TODO: Is it safe to generalize this from TDX guests to all guest kernels?
> > + */
> > +#define ACPI_FLUSH_CPU_CACHE()                                       \
> > +do {                                                         \
> > +     if (!cpu_feature_enabled(X86_FEATURE_TDX_GUEST))        \
> > +             wbinvd();                                       \
> > +} while (0)
>
> If it's safe, why not do it for all VMs?  Is there something specific
> about TDX which makes this more obviously known to be safe than for
> regular VMs?
>
> The patch description and the above comment make it sound like "we're
> not really sure this is safe, so we'll just use TDX as a testing ground
> for the idea." Which doesn't really inspire a lot of confidence in the
> stability of TD sleep states.

Agree, why is this marked as "TODO"? The cache flushes associated with
ACPI sleep states are to flush cache before bare metal power loss to
CPU caches and bare metal transition of DDR in self-refresh mode. If a
cache flush is required it is the responsibility of the hypervisor.
Either it is safe for all guests or it is unsafe for all guests, not
TD specific.