Re: [PATCH v3 6/6] KVM: TDX: Explicitly do WBINVD upon reboot notifier
From: Huang, Kai
Date: Thu Jun 26 2025 - 21:01:29 EST
> > --- a/arch/x86/include/asm/tdx.h
> > +++ b/arch/x86/include/asm/tdx.h
> > @@ -221,6 +221,8 @@ u64 tdh_mem_page_remove(struct tdx_td *td, u64 gpa, u64 level, u64 *ext_err1, u6
> > u64 tdh_phymem_cache_wb(bool resume);
> > u64 tdh_phymem_page_wbinvd_tdr(struct tdx_td *td);
> > u64 tdh_phymem_page_wbinvd_hkid(u64 hkid, struct page *page);
> > +
>
> Nit: There is a new line here, but not below. I guess it's ok.
I will remove.
[...]
> > + if (enable_tdx)
> > + /*
> > + * Ignore the return value. @tdx_reboot_nb is used to flush
> > + * cache for all CPUs upon rebooting to avoid having to do
> > + * WBINVD in kexec while the kexec-ing CPU stops all remote
> > + * CPUs. Failure to register isn't fatal, because if KVM
> > + * doesn't flush cache explicitly upon rebooting the kexec
> > + * will do it anyway.
> > + */
> > + register_reboot_notifier(&tdx_reboot_nb);
> > +
>
> The comment should be inside a {}.
Will do.
>
> > return r;
> >
> > success_disable_tdx:
> > diff --git a/arch/x86/virt/vmx/tdx/tdx.c b/arch/x86/virt/vmx/tdx/tdx.c
> > index c7a9a087ccaf..73425e9bee39 100644
> > --- a/arch/x86/virt/vmx/tdx/tdx.c
> > +++ b/arch/x86/virt/vmx/tdx/tdx.c
> > @@ -1870,3 +1870,12 @@ u64 tdh_phymem_page_wbinvd_hkid(u64 hkid, struct page *page)
> > return seamcall(TDH_PHYMEM_PAGE_WBINVD, &args);
> > }
> > EXPORT_SYMBOL_GPL(tdh_phymem_page_wbinvd_hkid);
> > +
> > +void tdx_cpu_flush_cache(void)
> > +{
> > + lockdep_assert_preemption_disabled();
> > +
> > + wbinvd();
> > + this_cpu_write(cache_state_incoherent, false);
> > +}
> > +EXPORT_SYMBOL_GPL(tdx_cpu_flush_cache);
>
> Does this need to be here? Why not in KVM?
Otherwise the 'cache_state_incoherent' variable needs to be exported. It's
good to hide the details in TDX core code too.