From: Dave Hansen <dave.hansen@intel.com>
To: Chao Gao <chao.gao@intel.com>, Adrian Hunter <adrian.hunter@intel.com>
Cc: Dave Hansen <dave.hansen@linux.intel.com>,
pbonzini@redhat.com, seanjc@google.com, vannapurve@google.com,
Tony Luck <tony.luck@intel.com>, Borislav Petkov <bp@alien8.de>,
Thomas Gleixner <tglx@linutronix.de>,
Ingo Molnar <mingo@redhat.com>,
x86@kernel.org, H Peter Anvin <hpa@zytor.com>,
linux-kernel@vger.kernel.org, kvm@vger.kernel.org,
rick.p.edgecombe@intel.com, kirill.shutemov@linux.intel.com,
kai.huang@intel.com, reinette.chatre@intel.com,
xiaoyao.li@intel.com, tony.lindgren@linux.intel.com,
binbin.wu@linux.intel.com, isaku.yamahata@intel.com,
yan.y.zhao@intel.com
Subject: Re: [PATCH V2 2/2] x86/tdx: Skip clearing reclaimed pages unless X86_BUG_TDX_PW_MCE is present
Date: Sun, 6 Jul 2025 21:23:05 -0700 [thread overview]
Message-ID: <ca275d32-c9fd-4f60-9cf4-cd88efc77d78@intel.com> (raw)
In-Reply-To: <aGs7/C0W58nEUVNk@intel.com>
On 7/6/25 20:16, Chao Gao wrote:
> Even on a CPU w/ SEAM_NR and w/o X86_BUG_TDX_PW_MCE, is there still a risk of
> poisoned memory being returned to the host kernel? Since only poison
> consumption causes #MCE, if a poisoned page is never consumed in SEAM non-root
> mode, there will be no #MCE, and the mentioned commit won't mark the page as
> poisoned.
>
> A reclaimed poisoned page could be reused and potentially cause a kernel panic.
> While WBINVD could help, we believe it's not worth it as it will slow down the
> vast majority of cases. Is my understanding correct?
How is this any different from any other kind of hardware poison?
Why should this specific kind of freeing (TDX private memory being freed
back to the host) operation be different from any other kind of free?
next prev parent reply other threads:[~2025-07-07 4:21 UTC|newest]
Thread overview: 21+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-07-03 15:37 [PATCH V2 0/2] x86/tdx: Skip clearing reclaimed pages unless X86_BUG_TDX_PW_MCE is present Adrian Hunter
2025-07-03 15:37 ` [PATCH V2 1/2] x86/tdx: Eliminate duplicate code in tdx_clear_page() Adrian Hunter
2025-07-03 16:34 ` Kirill A. Shutemov
2025-07-04 6:44 ` Binbin Wu
2025-07-04 15:33 ` Xiaoyao Li
2025-07-07 2:08 ` Huang, Kai
2025-07-07 17:31 ` Edgecombe, Rick P
2025-07-03 15:37 ` [PATCH V2 2/2] x86/tdx: Skip clearing reclaimed pages unless X86_BUG_TDX_PW_MCE is present Adrian Hunter
2025-07-03 16:44 ` Kirill A. Shutemov
2025-07-03 17:06 ` Vishal Annapurve
2025-07-04 5:37 ` Adrian Hunter
2025-07-07 23:31 ` Vishal Annapurve
2025-07-04 1:32 ` Xiaoyao Li
2025-07-04 6:44 ` Binbin Wu
2025-07-07 2:09 ` Huang, Kai
2025-07-07 3:16 ` Chao Gao
2025-07-07 4:23 ` Dave Hansen [this message]
2025-07-07 7:15 ` Chao Gao
2025-07-07 11:39 ` Huang, Kai
2025-07-07 14:32 ` Dave Hansen
2025-07-07 18:15 ` Edgecombe, Rick P
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=ca275d32-c9fd-4f60-9cf4-cd88efc77d78@intel.com \
--to=dave.hansen@intel.com \
--cc=adrian.hunter@intel.com \
--cc=binbin.wu@linux.intel.com \
--cc=bp@alien8.de \
--cc=chao.gao@intel.com \
--cc=dave.hansen@linux.intel.com \
--cc=hpa@zytor.com \
--cc=isaku.yamahata@intel.com \
--cc=kai.huang@intel.com \
--cc=kirill.shutemov@linux.intel.com \
--cc=kvm@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=mingo@redhat.com \
--cc=pbonzini@redhat.com \
--cc=reinette.chatre@intel.com \
--cc=rick.p.edgecombe@intel.com \
--cc=seanjc@google.com \
--cc=tglx@linutronix.de \
--cc=tony.lindgren@linux.intel.com \
--cc=tony.luck@intel.com \
--cc=vannapurve@google.com \
--cc=x86@kernel.org \
--cc=xiaoyao.li@intel.com \
--cc=yan.y.zhao@intel.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.