Re: [RFC v2-fix-v4 1/1] x86/tdx: Skip WBINVD instruction for TDX guest

From: Andi Kleen
Date: Wed Jun 09 2021 - 00:27:52 EST



here is no resume path.

Host is free to go into S3 independent of any guest state.

Actually my understanding is that none of the systems which support TDX support S3. S3 has been deprecated for a long time.


A hostile
host is free to do just enough cache management so that it can resume
from S3 while arranging for TDX guest dirty data to be lost. Does a
TDX guest go fatal if the cache loses power?

That would be a machine check, and yes it would be fatal.

-Andi