Re: [PATCH v2 2/5] x86/kexec: do unconditional WBINVD in relocate_kernel()
From: Borislav Petkov
Date: Tue Mar 19 2024 - 11:41:56 EST
On Tue, Mar 19, 2024 at 01:48:45AM +0000, Kai Huang wrote:
> Both SME and TDX can leave caches in incoherent state due to memory
> encryption. During kexec, the caches must be flushed before jumping to
> the second kernel to avoid silent memory corruption to the second kernel.
>
> During kexec, the WBINVD in stop_this_cpu() flushes caches for all
> remote cpus when they are being stopped. For SME, the WBINVD in
> relocate_kernel() flushes the cache for the last running cpu (which is
> executing the kexec).
>
> Similarly, for TDX after stopping all remote cpus with cache flushed, to
> support kexec, the kernel needs to flush cache for the last running cpu.
>
> Make the WBINVD in the relocate_kernel() unconditional to cover both SME
> and TDX.
>
> Signed-off-by: Kai Huang <kai.huang@xxxxxxxxx>
> Suggested-by: Borislav Petkov <bp@xxxxxxxxx>
Well, I suggested what you have in patch 1 but not this.
You can't just slap tags willy nilly to patches.
--
Regards/Gruss,
Boris.
https://people.kernel.org/tglx/notes-about-netiquette