lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <acbcfc16-6ccc-4aa8-8975-b33caf36b65f@redhat.com>
Date: Tue, 19 Aug 2025 12:31:28 +0200
From: Paolo Bonzini <pbonzini@...hat.com>
To: "Huang, Kai" <kai.huang@...el.com>, "seanjc@...gle.com"
 <seanjc@...gle.com>
Cc: "kvm@...r.kernel.org" <kvm@...r.kernel.org>,
 "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
 "ashish.kalra@....com" <ashish.kalra@....com>,
 "Hansen, Dave" <dave.hansen@...el.com>,
 "thomas.lendacky@....com" <thomas.lendacky@....com>,
 "kas@...nel.org" <kas@...nel.org>,
 "Chatre, Reinette" <reinette.chatre@...el.com>,
 "dwmw@...zon.co.uk" <dwmw@...zon.co.uk>, "mingo@...hat.com"
 <mingo@...hat.com>, "Yamahata, Isaku" <isaku.yamahata@...el.com>,
 "nik.borisov@...e.com" <nik.borisov@...e.com>,
 "tglx@...utronix.de" <tglx@...utronix.de>, "hpa@...or.com" <hpa@...or.com>,
 "peterz@...radead.org" <peterz@...radead.org>,
 "sagis@...gle.com" <sagis@...gle.com>, "Chen, Farrah"
 <farrah.chen@...el.com>, "Edgecombe, Rick P" <rick.p.edgecombe@...el.com>,
 "bp@...en8.de" <bp@...en8.de>,
 "binbin.wu@...ux.intel.com" <binbin.wu@...ux.intel.com>,
 "Gao, Chao" <chao.gao@...el.com>, "Williams, Dan J"
 <dan.j.williams@...el.com>, "x86@...nel.org" <x86@...nel.org>
Subject: Re: [PATCH v6 7/7] KVM: TDX: Explicitly do WBINVD when no more TDX
 SEAMCALLs

On 8/15/25 02:00, Huang, Kai wrote:
> On Thu, 2025-08-14 at 16:22 -0700, Sean Christopherson wrote:
>> On Thu, Aug 14, 2025, Kai Huang wrote:
>>> On Thu, 2025-08-14 at 11:00 -0700, Sean Christopherson wrote:
>>>> Reducing the number of lines of code is not always a simplification.  IMO, not
>>>> checking CONFIG_KEXEC adds "complexity" because anyone that reads the comment
>>>> (and/or the massive changelog) will be left wondering why there's a bunch of
>>>> documentation that talks about kexec, but no hint of kexec considerations in the
>>>> code.
> 
> One minor thing is I think we should use IS_ENABLED(CONFIG_KEXEC_CORE)
> instead.  Besides the CONFIG_KEXEC, there is another CONFIG_KEXEC_FILE,
> and both of them select CONFIG_KEXEC_CORE.

Agreed on needing CONFIG_KEXEC_CORE if you did test it, however:

1) The big comment, explaining how this is done for kexec, makes it 
clear that this is what the WBINVD is needed for.  I don't think you'd 
be left wondering why there's no hint of kexec in the comment.

2) ... but anyway, KVM is the wrong place to do the test.  If anything, 
since we need a v7 to change the unnecessary stub, you could move that 
stub under #ifndef CONFIG_KEXEC_CORE and rename the function to 
tdx_cpu_flush_cache_for_kexec().

Paolo

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ