On Fri, Feb 04, 2022 at 11:12:04AM -0600, Tom Lendacky wrote: > https://elixir.bootlin.com/linux/latest/source/arch/x86/kernel/process.c#L761 For those who won't open a browser just to see what he means :), that's this snippet: void stop_this_cpu(void *dummy): /* * Use wbinvd on processors that support SME. This provides support * for performing a successful kexec when going from SME inactive * to SME active (or vice-versa). The cache must be cleared so that * if there are entries with the same physical address, both with and * without the encryption bit, they don't race each other when flushed * and potentially end up with the wrong entry being committed to * memory. */ if (boot_cpu_has(X86_FEATURE_SME)) native_wbinvd(); Well, we do clear our *representation* of CPUID flags for other features - see output of $ git grep -E "(setup_)?clear_cpu_cap" for examples. We do that for SME even: early_detect_mem_encrypt(). Which means, since this needs to be "processors that support SME", this line should change to: /* ... test the CPUID bit directly because the machine might've cleared * X86_FEATURE_SME due to cmdline options. */ if (cpuid_eax(0x8000001f) & BIT(0)) native_wbinvd(); I'd say... -- Regards/Gruss, Boris. https://people.kernel.org/tglx/notes-about-netiquette
