RE: [PATCH v5 00/12] AMD broadcast TLB invalidation

[Michael Kelley]

From: Dave Hansen <dave.hansen@xxxxxxxxx> Sent: Tuesday, January 21, 2025 9:15 AM
> 
> On 1/16/25 10:14, Michael Kelley wrote:
> > So CoCo VMs may still use the paravirtualization that makes
> > hypercalls to do TLB flushes. It's future work to *always* use
> > INVLPGB (if available) in a CoCo VM.
> 
> How would this actually work, though?
> 
> One of the reasons that we have the whole TLB_NR_DYN_ASIDS mechanism is
> that picking a PCID to shove in CR3 is an entirely CPU local operation.
> The PCID is in a CPU-local namespace and nobody else cares what it is.
> 
> Rik obviously now has a system-wide set of IDs which are globally
> visible and globally valid. But his mechanism is also a bit choosy so
> that the global resource management doesn't get to be a choke point.
> 
> But if we move to INVLPGB-only, we're all of a sudden *forced* to do
> some kind of wide global resource management, even for single-threaded
> processes. Rik doesn't have a scheme for that in the current set.
> 
> So I think this would be a whole separate conversation from this series.

Yes, I agree completely.

The topic initially came up when I was wondering whether INVLPGB is
ever enabled in a VM, in which case Rik's patch set would be active in
the VM.  I was somewhat surprised to find that INVLPGB *is* enabled
in Azure CoCo VMs. But that turned out to be for the entirely different
use case of avoiding a dependency on the untrusted hypervisor to do
TLB flushes.

The thread perhaps went a bit too far afield from Rik's patch set, but
there's value in having some discussion about the CoCo use case.

Michael