Re: [PATCH v2 2/5] x86/kexec: do unconditional WBINVD in relocate_kernel()

From: Huang, Kai
Date: Mon Apr 01 2024 - 05:14:05 EST

Next message: Chao Gao: "Re: [PATCH v19 103/130] KVM: TDX: Handle EXIT_REASON_OTHER_SMI with MSMI"
Previous message: Binbin Wu: "Re: [PATCH v19 062/130] KVM: x86/tdp_mmu: Support TDX private mapping for TDP MMU"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

> > > > > >
>
> >
> > Anyway, the current TDX guest doesn't handle #VE due to WBINVD, so I think for
> > simplicity we just don't do WBINVD in stop_this_cpu() and relocate_kernel() for
> > both TDX and SNP/SEV-ES guests.
> >
> > As mentioned in my earlier reply, we can achieve this by skipping WBINVD when
> > the CC_ATTR_GUEST_MEM_ENCRYPT is true:
> >
> > if (!cc_platform_has(CC_ATTR_GUEST_MEM_ENCRYPT))
> > native_wbinvd();
> >
> > (This skips WBINVD for plain SEV guest too, but this exactly is the current
> > behaviour of the upstream code, so I don't see any problem.)
> >
> > Alternatively, we can have a dedicated CPU feature flag such as
> > X86_FEATURE_NO_WBINVD,
> >
> > if (!boot_cpu_has(X86_FEATURE_NO_WBINVD))
> > native_wbinvd();
> >
> > Or, we can just change to our mindset to "do unconditional WBINVD, but not in
> > virtualized environment":
> >
> > if (!boot_cpu_has(X86_FEATURE_HYPERVISOR))
> > native_wbinvd();
>
> ACPI_FLUSH_CPU_CACHE() uses cpu_feature_enabled(X86_FEATURE_HYPERVISOR)
> check.
>
>

Thanks for pointing out this. Yeah I think skipping WBINVD in virtualized
environment makes sense. Will use this way.

Next message: Chao Gao: "Re: [PATCH v19 103/130] KVM: TDX: Handle EXIT_REASON_OTHER_SMI with MSMI"
Previous message: Binbin Wu: "Re: [PATCH v19 062/130] KVM: x86/tdp_mmu: Support TDX private mapping for TDP MMU"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]