From nobody Sat Feb 7 21:53:00 2026 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 29E8BEB64D8 for ; Tue, 20 Jun 2023 15:49:14 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232405AbjFTPtM (ORCPT ); Tue, 20 Jun 2023 11:49:12 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:37728 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232273AbjFTPtH (ORCPT ); Tue, 20 Jun 2023 11:49:07 -0400 Received: from DM6FTOPR00CU001.outbound.protection.outlook.com (mail-centralusazon11020024.outbound.protection.outlook.com [52.101.61.24]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id B9EB4E6E; Tue, 20 Jun 2023 08:49:05 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=Cex+Vgk+ISpA8upn//2vk3TN9wUkCyxmAQAaXH1tl4u+E8hhZ/pf39YDGjeN0LZ2O8edATYksiYhtqup1Lg91zItMPKburYebOWjTkDZRqQrjYOptm4+lesJzg4yDew625UknjnIdH5pTwgFnc2kox7y/yATByI1OItMjrX1zANbXcbIXv75IcZIInLuWqkQlr8SFvHK9imzwaw05O9YwbvNxgfe8zLORm9TprGeaf4fT0eG89YYjtkMf92su3HHeCf04Z3r3nEontwVhLITHzRMyQZe0neZCVTEflYcrwCJsTgZqlbxR19uZHGjgJfQoI5hxhzSrsDp5ShrxMw7eA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=OVr+XxLW7TIxPbTF/rIR4CSsiOeMRaOvbCn2pLWSnPA=; b=gxLWtxfwWl2dIjRLdr3NnVMdPgU4uXVSpuYlAS/uuJXV3Qc9st9FEivl0Gw/a0XPe0bagzbZzVRLu8vH72IpeoIMyzIxogBRNGPDo/tyAeLZttXSs/4zyXe7HGFhOMCTN0+SwK5nRt5T9zp7aEA4BqkiVCvP82ZGSuW0RxZeHquhI/B/HsEXYtOG8tbRWRclTV71Eo/wfmoMn8V/YIuuQGxtTefSIWbXIPvHCCWwJH4GKXvdu5RdEfpSbTQ6jGC1TA76A81v0HpEPVI8a8ZO4H4AVhya1pnklBio+E0s0eHNiHbl8GP25VBVuCw+0glaz89NIfX4mx1Vf7O3TP0IdA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=microsoft.com; dmarc=pass action=none header.from=microsoft.com; dkim=pass header.d=microsoft.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=OVr+XxLW7TIxPbTF/rIR4CSsiOeMRaOvbCn2pLWSnPA=; b=ClLusvVbCmMqUkdv1EnCTbNPw80SiaYoUlQOzUOUBUwsKO9sSqQqO2vKwVVeZmVMQd+z1J2usm9FeJbmbzRTPvqswQo3uK+zPN8QyMMO7/UTJN1EIgMLx8U8WV3w868CoJeJ9wykqntJ6S+nloYrEOY1qw5Sp35Cdzxi4gBO5ag= Authentication-Results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=microsoft.com; Received: from BL0PR2101MB1092.namprd21.prod.outlook.com (2603:10b6:207:30::23) by DM4PR21MB3585.namprd21.prod.outlook.com (2603:10b6:8:a3::21) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6544.4; Tue, 20 Jun 2023 15:49:01 +0000 Received: from BL0PR2101MB1092.namprd21.prod.outlook.com ([fe80::e673:bfeb:d3c1:7682]) by BL0PR2101MB1092.namprd21.prod.outlook.com ([fe80::e673:bfeb:d3c1:7682%3]) with mapi id 15.20.6544.006; Tue, 20 Jun 2023 15:49:01 +0000 From: Dexuan Cui To: ak@linux.intel.com, arnd@arndb.de, bp@alien8.de, brijesh.singh@amd.com, dan.j.williams@intel.com, dave.hansen@intel.com, dave.hansen@linux.intel.com, haiyangz@microsoft.com, hpa@zytor.com, jane.chu@oracle.com, kirill.shutemov@linux.intel.com, kys@microsoft.com, linux-arch@vger.kernel.org, linux-hyperv@vger.kernel.org, luto@kernel.org, mingo@redhat.com, peterz@infradead.org, rostedt@goodmis.org, sathyanarayanan.kuppuswamy@linux.intel.com, seanjc@google.com, tglx@linutronix.de, tony.luck@intel.com, wei.liu@kernel.org, x86@kernel.org, mikelley@microsoft.com Cc: linux-kernel@vger.kernel.org, Tianyu.Lan@microsoft.com, rick.p.edgecombe@intel.com, Dexuan Cui Subject: [PATCH v8 1/2] x86/tdx: Retry TDVMCALL_MAP_GPA() when needed Date: Tue, 20 Jun 2023 08:48:29 -0700 Message-Id: <20230620154830.25442-2-decui@microsoft.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20230620154830.25442-1-decui@microsoft.com> References: <20230620154830.25442-1-decui@microsoft.com> X-ClientProxiedBy: MW2PR16CA0023.namprd16.prod.outlook.com (2603:10b6:907::36) To BL0PR2101MB1092.namprd21.prod.outlook.com (2603:10b6:207:30::23) MIME-Version: 1.0 X-MS-Exchange-MessageSentRepresentingType: 1 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: BL0PR2101MB1092:EE_|DM4PR21MB3585:EE_ X-MS-Office365-Filtering-Correlation-Id: ae9a5705-9ac0-4220-e21d-08db71a5ddd7 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: GpxsfDt7YsxjzbVnnFgq70/4hhpImJ18CH44SwG4COQaHMfaEtJV7/cFxTjai1H9EsVqHdxNby10Y+r6Wyx74A9h+wqEihRMRlbv2rnYzb91tAr+Dhv6ff+uw697dWb43jsg/o+w2HUYebajrNbe+geEnWncYYuTcQUbjp1xSlIorFd1gqWlWAABWDK29aKKb9T2pIGoPCQ9IONB4OO/zQbZJhiZI0MZIh4WtXD7vE4oPP8g3qDgjPd9qrFaMy9i+o1s0Mbf+klvlPfdhiZgsDeXD5RHuwqnj5u77etnAwKE9ZwuXlDxeflO31zA/qC87e2rOxXlK5no2KUVlvhLJIJ61cdR1PYGpuQVL8CgAhUDE8VRrlejC5QE8RhGU7vFBAkJ6s52P5YNqH0vNee8bglpk0YN5giVC1aN8S2sP2FfSZnhhPLvqMmVwy4jJB66vaWIJxXmM/VbV3YYGcPJOhDXmlL+M4eKpZ7ZVLM9odeAPRNwDXgv9X7vdxXvpJHAh337FDK1/7ig/QmszRhUILyNSrmxNyWXV6ALOsUe3Wc7JneszCylmb0V01WhEKBNq30KwUy8GuFaXCn59J+Isv9B6EtvIFIMtcS9kSKiLw8o7LROg3l27OEb2eJQY4TtnrQEKS92NKRbnpjKPjGLDA== X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:BL0PR2101MB1092.namprd21.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230028)(4636009)(346002)(136003)(366004)(376002)(39860400002)(396003)(451199021)(52116002)(186003)(478600001)(966005)(6486002)(6666004)(86362001)(1076003)(6506007)(6512007)(107886003)(10290500003)(2616005)(38100700002)(316002)(82960400001)(82950400001)(83380400001)(66556008)(6636002)(66476007)(4326008)(66946007)(921005)(8676002)(8936002)(7416002)(5660300002)(2906002)(41300700001)(36756003);DIR:OUT;SFP:1102; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: =?us-ascii?Q?dgNClseu66F3LlmewTDjjQUAxkgLBDoS+JX2rra+1owPerdd1G/78Mhf+k29?= =?us-ascii?Q?ilMH36gQZmeFhKNefwtLQJD/1FguRQNJRaIFCpDvvR/HKXReGElkkNgoUEK2?= =?us-ascii?Q?rJiuKzy7Mqhzxj5ftuJviXozv8jl0orIFl1s5uD0lKaEvS+CZCW+q/eJydJo?= =?us-ascii?Q?wnszl2W+41Ehk/pqsZPXH6FCMVie7QJuWT17Y0AkFkoq+97pH4r4yA2/joIJ?= =?us-ascii?Q?52Kopa02rf/B3uLkpku7DtkUIIwoFUefLLwsr1L9NwP7SbFwn/QOR9CUf8xU?= =?us-ascii?Q?K18XFIXBkyJ7RFo0LS+JW8VrWMXXYMgCW9aWrpWt/g1LZ/E9M2TiiEfg8wnM?= =?us-ascii?Q?wFrmIOARQ6pXezCFc4JHhKJJ6dW6DrmJMvLPz2r6vJl4HJFJikvDg+rMG7IC?= =?us-ascii?Q?S0SR0DQ/ugSdO4m36Qb6PFbFwD7OGgaw+kao6RJ83G68ds+/ZVe0/lEK4NSj?= =?us-ascii?Q?u/mnPNvLE2u7UBSiI3RdR2vjGo+B4s5C311ezOJZSBR82imEJ728X2cnaEsL?= =?us-ascii?Q?q5p70B+cgUKH6sgUDJdBZL0eW5JJYD41frR900Hhu9BPGiCNk+y5PRMnqvmq?= =?us-ascii?Q?IHYnnpZ+k62rDucc4kr3oevoBv19kXbRDnUrPbA/5XkAZ92hSuQ4WbrEB589?= =?us-ascii?Q?xGzZeSeN/nhnxPHzD5fe+4NE5izDk+FPgYb9zNR6J2CiThTh7glhAuAUe0d9?= =?us-ascii?Q?oUbtzlx5+gZ3mVI2kxWUr0qbLAxya9NDy2WJ16WwUIj/xt363XQTn/ZG8yNu?= =?us-ascii?Q?zrOsqjBnbXXxbTN7CKFd49B/EofVw/QgKbn2JZQN0/v3/WKiVRNxTGIdfDF+?= =?us-ascii?Q?l81IDDM032hn9BaeOtZUiVDUbVOj/ojnGrmP1Ymny8fgh8mSVJN4i7XaqyaQ?= =?us-ascii?Q?dyC2oLs9jfCaSlYPZu3NrAE4IM6YqCf6cvUlpvPwvwvb4lI18NQ5ZkXmBm03?= =?us-ascii?Q?nufb/Fz9Q3clXXeYOBWk9hP6jgWGar3sAT9r5DjN6foId5NJjjKeMrGZnB5W?= =?us-ascii?Q?Rw4hlinRBpI8beToABcimBY4TcSyrzsRKakLV33Mi1uaVz8qNtFPgy2BOs54?= =?us-ascii?Q?NaAbVa9rqrChXvfspeqiUvcDtHLIJ9BMpRd+s19j+7D4ZqJvQMLpB4ssUN6N?= =?us-ascii?Q?zPHhIXq6NOdHvHuP3Wcl8F0Bk5C5JOSjMCzrVW1O/ZuvYBpRuCyOkG+9Vq+t?= =?us-ascii?Q?J6gNenxnjlH7gISjGbWL8noYfVL+W79YICZ3TELTvPqG+2h46ZzjJbjjSx3f?= =?us-ascii?Q?mvD/35tkmR+e4m9v1T4IJoqlnL0nokeipQ4KqXWlmLmE0RF3rSqk8J79EzCQ?= =?us-ascii?Q?VmvT5z95eCVzPjPFS05yV7mPe3UI8TQNV0EownPX6fiUn05X3iUt1Fmt4onH?= =?us-ascii?Q?BjxW7HxncK/OB7zTQhZNQ3X6dAO5Wjj2UfFF7j/KfZZXaBu9kpilhkTN4qU7?= =?us-ascii?Q?hPc5WwM1L8kOHAAJYkVGqI3W2D5m1FgOszf/WKqKv9rJNprP8A+69GL+qcca?= =?us-ascii?Q?iqtT1fBhoxahMcf3cojH/sJMSXlmIHc+zHrnb20Fmn+NgBYrN6vqLZiZobDw?= =?us-ascii?Q?Xs0CuwZ48jPleEoqjR5spMe/Sy0OhrcjawQgDWiF09hniSSNBMqpj9oe/7yZ?= =?us-ascii?Q?BEfGEbO9vD1RYcJkcoASmGNcKGgWXVMaQQQY3ODQBFKU?= X-OriginatorOrg: microsoft.com X-MS-Exchange-CrossTenant-Network-Message-Id: ae9a5705-9ac0-4220-e21d-08db71a5ddd7 X-MS-Exchange-CrossTenant-AuthSource: BL0PR2101MB1092.namprd21.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 20 Jun 2023 15:49:00.9898 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 72f988bf-86f1-41af-91ab-2d7cd011db47 X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: 82V3TPlc8r3FmtG3qiuRclx3NxoxqrOEP252VfA+ZKzJan2EJwlxnSIWkmdxYHp7TApK4zmZ0n2SXzL9AU8uOg== X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM4PR21MB3585 Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" GHCI spec for TDX 1.0 says that the MapGPA call may fail with the R10 error code =3D TDG.VP.VMCALL_RETRY (1), and the guest must retry this operation for the pages in the region starting at the GPA specified in R11. When a fully enlightened TDX guest runs on Hyper-V, Hyper-V can return the retry error when set_memory_decrypted() is called to decrypt up to 1GB of swiotlb bounce buffers. Acked-by: Kirill A. Shutemov Reviewed-by: Michael Kelley Signed-off-by: Dexuan Cui Reviewed-by: Kuppuswamy Sathyanarayanan --- arch/x86/coco/tdx/tdx.c | 63 +++++++++++++++++++++++++------ arch/x86/include/asm/shared/tdx.h | 2 + 2 files changed, 53 insertions(+), 12 deletions(-) Changes in v2: Used __tdx_hypercall() directly in tdx_map_gpa(). Added a max_retry_cnt of 1000. Renamed a few variables, e.g., r11 -> map_fail_paddr. Changes in v3: Changed max_retry_cnt from 1000 to 3. Changes in v4: __tdx_hypercall(&args, TDX_HCALL_HAS_OUTPUT) -> __tdx_hypercall_ret() Added Kirill's Acked-by. Changes in v5: Added Michael's Reviewed-by. Changes in v6: None. Changes in v7: Addressed Dave's comments: see https://lwn.net/ml/linux-kernel/SA1PR21MB1335736123C2BCBBFD7460C3BF46= A@SA1PR21MB1335.namprd21.prod.outlook.com Changes in v8: Rebased to tip.git's master branch. diff --git a/arch/x86/coco/tdx/tdx.c b/arch/x86/coco/tdx/tdx.c index 1d6b863c42b0..0c198ab73aa7 100644 --- a/arch/x86/coco/tdx/tdx.c +++ b/arch/x86/coco/tdx/tdx.c @@ -703,14 +703,16 @@ static bool tdx_cache_flush_required(void) } =20 /* - * Inform the VMM of the guest's intent for this physical page: shared with - * the VMM or private to the guest. The VMM is expected to change its map= ping - * of the page in response. + * Notify the VMM about page mapping conversion. More info about ABI + * can be found in TDX Guest-Host-Communication Interface (GHCI), + * section "TDG.VP.VMCALL". */ -static bool tdx_enc_status_changed(unsigned long vaddr, int numpages, bool= enc) +static bool tdx_map_gpa(phys_addr_t start, phys_addr_t end, bool enc) { - phys_addr_t start =3D __pa(vaddr); - phys_addr_t end =3D __pa(vaddr + numpages * PAGE_SIZE); + const int max_retries_per_page =3D 3; + struct tdx_hypercall_args args; + u64 map_fail_paddr, ret; + int retry_count =3D 0; =20 if (!enc) { /* Set the shared (decrypted) bits: */ @@ -718,12 +720,49 @@ static bool tdx_enc_status_changed(unsigned long vadd= r, int numpages, bool enc) end |=3D cc_mkdec(0); } =20 - /* - * Notify the VMM about page mapping conversion. More info about ABI - * can be found in TDX Guest-Host-Communication Interface (GHCI), - * section "TDG.VP.VMCALL" - */ - if (_tdx_hypercall(TDVMCALL_MAP_GPA, start, end - start, 0, 0)) + while (retry_count < max_retries_per_page) { + memset(&args, 0, sizeof(args)); + args.r10 =3D TDX_HYPERCALL_STANDARD; + args.r11 =3D TDVMCALL_MAP_GPA; + args.r12 =3D start; + args.r13 =3D end - start; + + ret =3D __tdx_hypercall_ret(&args); + if (ret !=3D TDVMCALL_STATUS_RETRY) + return !ret; + /* + * The guest must retry the operation for the pages in the + * region starting at the GPA specified in R11. R11 comes + * from the untrusted VMM. Sanity check it. + */ + map_fail_paddr =3D args.r11; + if (map_fail_paddr < start || map_fail_paddr >=3D end) + return false; + + /* "Consume" a retry without forward progress */ + if (map_fail_paddr =3D=3D start) { + retry_count++; + continue; + } + + start =3D map_fail_paddr; + retry_count =3D 0; + } + + return false; +} + +/* + * Inform the VMM of the guest's intent for this physical page: shared with + * the VMM or private to the guest. The VMM is expected to change its map= ping + * of the page in response. + */ +static bool tdx_enc_status_changed(unsigned long vaddr, int numpages, bool= enc) +{ + phys_addr_t start =3D __pa(vaddr); + phys_addr_t end =3D __pa(vaddr + numpages * PAGE_SIZE); + + if (!tdx_map_gpa(start, end, enc)) return false; =20 /* shared->private conversion requires memory to be accepted before use */ diff --git a/arch/x86/include/asm/shared/tdx.h b/arch/x86/include/asm/share= d/tdx.h index 90ea813c4b99..9db89a99ae5b 100644 --- a/arch/x86/include/asm/shared/tdx.h +++ b/arch/x86/include/asm/shared/tdx.h @@ -24,6 +24,8 @@ #define TDVMCALL_MAP_GPA 0x10001 #define TDVMCALL_REPORT_FATAL_ERROR 0x10003 =20 +#define TDVMCALL_STATUS_RETRY 1 + #ifndef __ASSEMBLY__ =20 /* --=20 2.25.1 From nobody Sat Feb 7 21:53:00 2026 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 4253AEB64D7 for ; Tue, 20 Jun 2023 15:49:17 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232713AbjFTPtP (ORCPT ); Tue, 20 Jun 2023 11:49:15 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:37770 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232385AbjFTPtJ (ORCPT ); Tue, 20 Jun 2023 11:49:09 -0400 Received: from DM6FTOPR00CU001.outbound.protection.outlook.com (mail-centralusazon11020027.outbound.protection.outlook.com [52.101.61.27]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 230DCE72; Tue, 20 Jun 2023 08:49:08 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=m6MYxDB4/EIRI4feqD14g8dl4TunB7CLMwPobFNBdnH7qJXztQtzbHMXHyemxU1GJZon/7Lt2WOTNUkJtDn2JTS6UW6VBK7lL32zMix3k4zEAUkVhwiU13lre+82JK4XXwTOJaax7PuTxJr2nb/csOvNLxJfmWi8U+8x5dDqpiHByHd0tVK1bWn9MRZwrflu1Pb2k83muvj+pKst1lcsQUyRlg9SCA9Q3RU5tmALWCGDpWv9yCKtHHUr8pLtSY3xqMR47Soa8a8S4+q8W4RFszFFPX3cU7Cww3EFF2l8Ck7vcGL7WUM5yw0I8vGIBR6r95huQUo067s1P3wyRzbT5Q== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=YMhMHHKXXv6Xvf1JML21B4Iw5otO8hwEC5OErWhDUh8=; b=NpGBOuJvH4e1NSf1j0zVU+XwSVW32HZ45r8izodITK6e5fs5EBI7F+d7Pgr4NNwr1Rw+wjqMWpHMngA2Zm5KYrWHMEFvZGs1inq0+DBJdFywuYwAxcl+FxjX4HOXsj/v14E22sIyO12mtmqlMFqa21xN4M/UUUNVW2TfVttMMxIKeYOHZkmxKIuEfHFDDbi9m+aOiqEitlcicUCzlsCh2XhIxklN/MBAOFoDVYzldC83gYySasDngHaBFKjO5tK8GnW3SCP4tvqisIHDhKt9i1h5ik+BVHs7TbCp4ODMm5/UpYNjOjBvebCl805utmItJULrBbr/oLr5LqVwz7HxYA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=microsoft.com; dmarc=pass action=none header.from=microsoft.com; dkim=pass header.d=microsoft.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=YMhMHHKXXv6Xvf1JML21B4Iw5otO8hwEC5OErWhDUh8=; b=iJkhA8EWPC2ENCVvJKJusBMLduO8wGEP5QfoWEQYHHP8w6QJu5Yt8je23jmqVFXAc6R8trkgrHRkirfr7KJSVzbCC1/sj4fDdh2JAqWvTgN5lfXlWAhl4R++vx7fBAN4cGTxPaM06/PlQWDSn8byPp1gMkm1bYgjss57Az8AG+M= Authentication-Results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=microsoft.com; Received: from BL0PR2101MB1092.namprd21.prod.outlook.com (2603:10b6:207:30::23) by DM4PR21MB3585.namprd21.prod.outlook.com (2603:10b6:8:a3::21) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6544.4; Tue, 20 Jun 2023 15:49:03 +0000 Received: from BL0PR2101MB1092.namprd21.prod.outlook.com ([fe80::e673:bfeb:d3c1:7682]) by BL0PR2101MB1092.namprd21.prod.outlook.com ([fe80::e673:bfeb:d3c1:7682%3]) with mapi id 15.20.6544.006; Tue, 20 Jun 2023 15:49:03 +0000 From: Dexuan Cui To: ak@linux.intel.com, arnd@arndb.de, bp@alien8.de, brijesh.singh@amd.com, dan.j.williams@intel.com, dave.hansen@intel.com, dave.hansen@linux.intel.com, haiyangz@microsoft.com, hpa@zytor.com, jane.chu@oracle.com, kirill.shutemov@linux.intel.com, kys@microsoft.com, linux-arch@vger.kernel.org, linux-hyperv@vger.kernel.org, luto@kernel.org, mingo@redhat.com, peterz@infradead.org, rostedt@goodmis.org, sathyanarayanan.kuppuswamy@linux.intel.com, seanjc@google.com, tglx@linutronix.de, tony.luck@intel.com, wei.liu@kernel.org, x86@kernel.org, mikelley@microsoft.com Cc: linux-kernel@vger.kernel.org, Tianyu.Lan@microsoft.com, rick.p.edgecombe@intel.com, Dexuan Cui Subject: [PATCH v8 2/2] x86/tdx: Support vmalloc() for tdx_enc_status_changed() Date: Tue, 20 Jun 2023 08:48:30 -0700 Message-Id: <20230620154830.25442-3-decui@microsoft.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20230620154830.25442-1-decui@microsoft.com> References: <20230620154830.25442-1-decui@microsoft.com> X-ClientProxiedBy: MW2PR16CA0023.namprd16.prod.outlook.com (2603:10b6:907::36) To BL0PR2101MB1092.namprd21.prod.outlook.com (2603:10b6:207:30::23) MIME-Version: 1.0 X-MS-Exchange-MessageSentRepresentingType: 1 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: BL0PR2101MB1092:EE_|DM4PR21MB3585:EE_ X-MS-Office365-Filtering-Correlation-Id: a1399c80-6fdf-41e7-b408-08db71a5df57 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: lnRjp1p8v/xpF49IJeP/Wkx+PjGlUG3/9xD9j0ve+od3FGolvvjzDNbGlw6O6Yx494/IBsXOcuz8vH/IMlsrXIVhmmmrsEzQLHP6z6hFOCYdI+6gnlyeYRbNctwsGn+IQHpBmYOub8l2IeCrp8X64cthAIP6wSFnEmSzheI+gd/Yp/qsLpvzqEYwkfBtG/zJGfuhadTwjw7Eunm07RFhI/xWWfQaxecMH4GiQzdLRmc96WLU9xvk0CLplus76epuBSqTbFgs1rDfNQqUWIb4lc1AuDjS4vGjtlzGSFW6ebOmqEuZ9xQ2UcwuE5aWaggcxV1bxUv5RVlVSimAU7euESGtvFtBpx71Bxe/2zlsGt9oWgpreyG9S5kzTkxt5Q3F1hfY1/HW4f1qX3UzCtPMni2KSFg7jnBWM6znpeaGYN43WhXJbFZZHghVBKweLD6RLW7fE+ps1W2ZE3g1TuR5TDJ867jtto+VQ2/F2jE6uyoVtUccXreY7LI/Aaedn/DpMmzXhaqBFQR1+g7SzKcVm7I0ntnIP0nZVu6Ad8NEbUPQ9KP0Ecx6/mB4Xa8gxdKeADS/R8ISU3I27RK32hS3GAHgGPZvJgoDuVs+Aem8Hpmd+EtETjrYtaMLwhfQ2JqTllXsD5snbNf04JiNlN1NjQ== X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:BL0PR2101MB1092.namprd21.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230028)(4636009)(346002)(136003)(366004)(376002)(39860400002)(396003)(451199021)(52116002)(186003)(478600001)(6486002)(6666004)(86362001)(1076003)(6506007)(6512007)(107886003)(10290500003)(2616005)(38100700002)(316002)(82960400001)(82950400001)(83380400001)(66556008)(6636002)(66476007)(4326008)(66946007)(921005)(8676002)(8936002)(7416002)(5660300002)(2906002)(41300700001)(36756003);DIR:OUT;SFP:1102; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: =?us-ascii?Q?g7gS22lS/czTBhKI1TvG/4V2M6iEoUkUWA0LXGGSGAho0STiz3EcoI+T3Pn9?= =?us-ascii?Q?ghr4OqyqG2A5I62jtPRG8rNXbryPrbQlBtFz6MHaHewGNhAXPkep65vR5C3X?= =?us-ascii?Q?YNlIZHZPy+J+4gwC7qcO3BXH0pXO2zd/muzyjixtxvxQCAK3+yFixi8dBkyQ?= =?us-ascii?Q?wxoB1duHr1Yv2PDW2L66y3nbtk86kJcYgtnrXR00ChhfYd1l9gActKZKZtni?= =?us-ascii?Q?dtjWJDrRcePOgWWebGug48GfBh2maRj6SwmSKWQ1tHqenIC+rFLWEGkZnG+M?= =?us-ascii?Q?DbBbgJTUXEXiOJisUK/JhEAi2EqzTV62XACc2RaNCEKFeQ5JIrIRedl899UB?= =?us-ascii?Q?joN6dZ05iF8fuvNItkagJXL+stwUfws6N0Tpin36wKC82FUKT4gxz0SWwJo+?= =?us-ascii?Q?0Yhg70ZP/Pv2nCQDLaFiOhDC7dBfS5R6E6f46HjztDC+pWWwnxMh6kKzCE19?= =?us-ascii?Q?6Hxhc8wsQCZGaTUKvYhqFjIdpMaLiG8Wvkva9IVTZi29TqKOMbyTW8QMkDkq?= =?us-ascii?Q?HWOwhGA0r8fqCbrYAy+N4EWrYBPwWrYmyCJxd2f1LVFq8EoT6vV6zDIWDbp/?= =?us-ascii?Q?foqSG819eYL5K1e9EDr+DrBHdnAO6V05ZkISyGAiipBkxSzWhaO7M9hjDYQq?= =?us-ascii?Q?XbGLJK4Jz2z6qnDhr4P3BbKFndYXWIqkoZhzsnqxDWg9LLSQZkvtA50KOfMy?= =?us-ascii?Q?yHmaw92cQP8J7NOHmVPwbBlP7TsD2xdwY7L5Hz4N6Aqj58pzq5/XkNv4lZFn?= =?us-ascii?Q?4Gwub55cTLqmPYTOwPn7/RyGKyeZUQ4aLiTQ4JRxK1rJmXlGQj7trLdoKvj/?= =?us-ascii?Q?FHWNH0K3QuiEt1KXt6XhStzy+jIYr42N4XixePkHw47t3ju5TsjfpK6Hd63B?= =?us-ascii?Q?ci5WcOfDFk9O/iudVgB8xAaKE6/EaZXTlz2lD6u15OqPi5+CRiSu1Mu4hB3i?= =?us-ascii?Q?snaq4fJKRUuC5ehgWAu53oWpptZQ4KpELij63hwftKgr8bOo7+4gGqTmrUTy?= =?us-ascii?Q?c4wK9TacxMYX6UlKgaWD4OAxx949GaFf2ujn7sJJ8sJt7UF2W34QnSaWRsRR?= =?us-ascii?Q?uCdX54H1uZDCGNVIT/I06AOY1ZChs501KE2QtYku4SM4q1rrpemJV2t9mLH+?= =?us-ascii?Q?+ml0dGQi0yLQCGu4LBuaQZE4ToavAnU3i7zIh7NtttyHuLk6u2r/TK3TuVwX?= =?us-ascii?Q?7ul9mIUFq7g4Gl3i/vXK9MeZLD/1ntzJD6P6rT+r6F4JVM8eDElYqel/U9GH?= =?us-ascii?Q?WJGJTAz3FN7zqo1L/YOEGRqpkfiyQZ44XjaOwSXP4bwAxoxwWBPGpyg1wZtH?= =?us-ascii?Q?gTnyiue+Vp+vDhbYB6LX9+E89ytXzLXDxeDlGHUXnn4LkTe3OSVK8DimGW5L?= =?us-ascii?Q?E0zdC/qRMeh4XsqacIVBVgn7xewNTBde95SCyu4nehbChWSTien+hrlfQXlC?= =?us-ascii?Q?Gd4NPb0+lsSx4f0llgTH6hiwEkqhZjn19V5cHlZc6yHH4ctZrmBHJijCxrc/?= =?us-ascii?Q?TB3X5JkFm19whoTUaiFkXoKe/Qqdao8ua7hYgVFuKiLo8FQ6oJbPMZ6GMc4s?= =?us-ascii?Q?BkhbjyPtuVJBtUQI5+m+WLOR+H2jGFgD+yKvVa8ixM24BNY9UIkzUfxlEFSY?= =?us-ascii?Q?7te5fiT7rfPON/cQc4TAKpFxWseEnjFc7w+kUOvNhGH4?= X-OriginatorOrg: microsoft.com X-MS-Exchange-CrossTenant-Network-Message-Id: a1399c80-6fdf-41e7-b408-08db71a5df57 X-MS-Exchange-CrossTenant-AuthSource: BL0PR2101MB1092.namprd21.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 20 Jun 2023 15:49:03.5686 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 72f988bf-86f1-41af-91ab-2d7cd011db47 X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: a5x+DLxWb64xhvZ91o5FdZfAaP3LTXd76WDvP36ZsoVMwFQ79Xeh+0NdvRfgshWBgWqqRJC8ItarYZwLaIPASQ== X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM4PR21MB3585 Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" When a TDX guest runs on Hyper-V, the hv_netvsc driver's netvsc_init_buf() allocates buffers using vzalloc(), and needs to share the buffers with the host OS by calling set_memory_decrypted(), which is not working for vmalloc() yet. Add the support by handling the pages one by one. Co-developed-by: Kirill A. Shutemov Signed-off-by: Kirill A. Shutemov Reviewed-by: Michael Kelley Signed-off-by: Dexuan Cui Reviewed-by: Kuppuswamy Sathyanarayanan --- arch/x86/coco/tdx/tdx.c | 35 +++++++++++++++++++++++++++++------ 1 file changed, 29 insertions(+), 6 deletions(-) Changes in v2: Changed tdx_enc_status_changed() in place. Changes in v3: No change since v2. Changes in v4: Added Kirill's Co-developed-by since Kirill helped to improve the code by adding tdx_enc_status_changed_phys(). Thanks Kirill for the clarification on load_unaligned_zeropad()! Changes in v5: Added Kirill's Signed-off-by. Added Michael's Reviewed-by. Changes in v6: None. Changes in v7: None. Note: there was a race between set_memory_encrypted() and load_unaligned_zeropad(), which has been fixed by the 3 patches of Kirill in the x86/tdx branch of the tip tree. Changes in v8: Rebased to tip.git's master branch. diff --git a/arch/x86/coco/tdx/tdx.c b/arch/x86/coco/tdx/tdx.c index 0c198ab73aa7..a313d5ab42f1 100644 --- a/arch/x86/coco/tdx/tdx.c +++ b/arch/x86/coco/tdx/tdx.c @@ -8,6 +8,7 @@ #include #include +#include #include #include #include #include @@ -752,6 +753,19 @@ static bool tdx_map_gpa(phys_addr_t start, phys_addr_t= end, bool enc) return false; } =20 +static bool tdx_enc_status_changed_phys(phys_addr_t start, phys_addr_t end, + bool enc) +{ + if (!tdx_map_gpa(start, end, enc)) + return false; + + /* shared->private conversion requires memory to be accepted before use */ + if (enc) + return tdx_accept_memory(start, end); + + return true; +} + /* * Inform the VMM of the guest's intent for this physical page: shared with * the VMM or private to the guest. The VMM is expected to change its map= ping @@ -759,15 +773,24 @@ static bool tdx_map_gpa(phys_addr_t start, phys_addr_= t end, bool enc) */ static bool tdx_enc_status_changed(unsigned long vaddr, int numpages, bool= enc) { - phys_addr_t start =3D __pa(vaddr); - phys_addr_t end =3D __pa(vaddr + numpages * PAGE_SIZE); + unsigned long start =3D vaddr; + unsigned long end =3D start + numpages * PAGE_SIZE; =20 - if (!tdx_map_gpa(start, end, enc)) + if (offset_in_page(start) !=3D 0) return false; =20 - /* shared->private conversion requires memory to be accepted before use */ - if (enc) - return tdx_accept_memory(start, end); + if (!is_vmalloc_addr((void *)start)) + return tdx_enc_status_changed_phys(__pa(start), __pa(end), enc); + + while (start < end) { + phys_addr_t start_pa =3D slow_virt_to_phys((void *)start); + phys_addr_t end_pa =3D start_pa + PAGE_SIZE; + + if (!tdx_enc_status_changed_phys(start_pa, end_pa, enc)) + return false; + + start +=3D PAGE_SIZE; + } =20 return true; } --=20 2.25.1