Re: [PATCH v4 05/12] x86/mm: add INVLPGB support code

From: Dave Hansen
Date: Tue Jan 14 2025 - 11:42:20 EST

Next message: Dmitry V. Levin: "Re: [PATCH v2 2/7] mips: fix mips_get_syscall_arg() for O32 and N32"
Previous message: Anup Patel: "Re: [PATCH] riscv: Add initial Xen guest support for RISC-V"
In reply to: Tom Lendacky: "Re: [PATCH v4 05/12] x86/mm: add INVLPGB support code"
Next in thread: Jann Horn: "Re: [PATCH v4 05/12] x86/mm: add INVLPGB support code"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 1/14/25 08:30, Tom Lendacky wrote:
>> Let me remove it again, now that we seem to have a
>> consensus that a panic is preferable to a wrong
>> TLB flush.
> I believe the instruction will #GP if any of the ECX[30:16] reserved
> bits are non-zero (although the APM doesn't document that), in addition
> to ECX[15:0] being greater than allowed. But what if 0x80000000 is
> passed in. That would set ECX[31] with a zero count field, which is
> valid for the instruction, but the input is obviously bogus.
>
> I think the safest thing to do is make the extra_count parameter an
> unsigned int and check if it is greater than invlpgb_count_max. Not sure
> what to actually do at that point, though... panic()? WARN() with full
> TLB flush?

How about we give 'extra_count' a type that can't bleed over into the
stride bits:

static inline void __invlpgb(unsigned long asid, unsigned long pcid,
unsigned long addr, u16 extra_count,
bool pmd_stride, u8 flags)

plus a check on CPUID 8000_0008h EDX[15:0] to make sure it's not 0xffff.

Next message: Dmitry V. Levin: "Re: [PATCH v2 2/7] mips: fix mips_get_syscall_arg() for O32 and N32"
Previous message: Anup Patel: "Re: [PATCH] riscv: Add initial Xen guest support for RISC-V"
In reply to: Tom Lendacky: "Re: [PATCH v4 05/12] x86/mm: add INVLPGB support code"
Next in thread: Jann Horn: "Re: [PATCH v4 05/12] x86/mm: add INVLPGB support code"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]