From nobody Wed Dec 17 04:18:32 2025 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 6CF91C001B0 for ; Fri, 11 Aug 2023 22:19:53 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S236757AbjHKWTs (ORCPT ); Fri, 11 Aug 2023 18:19:48 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:53604 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229577AbjHKWTl (ORCPT ); Fri, 11 Aug 2023 18:19:41 -0400 Received: from BN6PR00CU002.outbound.protection.outlook.com (mail-eastus2azon11021018.outbound.protection.outlook.com [52.101.57.18]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 23458171D; Fri, 11 Aug 2023 15:19:41 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=gTrG+BrUJOE1WkX+G7x69/H1HN7IIJsJXegznZdCXXZ+Tuk/3bMvH+rt28LmMgb2UfgHo6vtc4w0QN68JuAzB+AGTcqOAwPoXceqcw0v9+HAfR8w8Nfj2t7AC1kYE8/ih/MeDPIhKEM+uJ2rIx8XqfKRX+K8G0+G/Rk8g6PuhL1QDCn/0hNRzVeqDXeDHs7ljq/QWfjU782eZ9Ci+89L+jOA0nKgSjOGhCh7x6ZcES9AWRJ5/9dG9XmxDKKFaOVZBS/e6O9qJ+4PrnVZbeFwRL4pFCVFBcifCYyq5QvxukOesTAxDEoFGgHr/dGbm16GQuyo+hO75Zlgb32UC5H/2w== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=jsxlGNyHyZGJSfOYcfINkAYvGjJ2EkDOAZy3Aj2hJq8=; b=iN4q2+L22WyhNznDT8AvsZ/wdrRvY51aoyBMmvls7rp3an6+kgRKJc6GbbAwifYd1ogngE71fxEESJbo1Ut220onOGZhX8kr6dCluPknGcciaVqeH7X7p+xF9Q4acZidggi9VdpTVDfgxphp+CFTMncBac8nyg/go8N21XLRFuRPhtiopc5lmFwzOeWN1phzmpApQY0dNCkRh2EI6+Gk8DztZz/bucN362tCHATJAfYSoFVOry8l7VlYVEuqrn/Vz6EHA3MxA9vtm3pSXAeb231q0r3P+Ku+mn7RiupXiAQlnqyerOYK6d2tKlgR1to3F27tsozoywZ65Q0ELw52gw== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=microsoft.com; dmarc=pass action=none header.from=microsoft.com; dkim=pass header.d=microsoft.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=jsxlGNyHyZGJSfOYcfINkAYvGjJ2EkDOAZy3Aj2hJq8=; b=DfL/5TZh5QWvy4sSFQduntVAI80D4jBH4HOGrc4rRtilitBTDZwGh9hDQEDZKX3r+lflVnDqeQEhYC1vND37+W4neQmS4v0spr6a7NqzwIaIngdAEM5VCbkr37uofnRPCSkt88IaTCGxIfgSb4PNtw1hCDH7tuPPCbeEHAri3Ck= Authentication-Results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=microsoft.com; Received: from MW2PR2101MB1099.namprd21.prod.outlook.com (2603:10b6:302:4::29) by DM4PR21MB3417.namprd21.prod.outlook.com (2603:10b6:8:b1::6) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6699.9; Fri, 11 Aug 2023 22:19:36 +0000 Received: from MW2PR2101MB1099.namprd21.prod.outlook.com ([fe80::5feb:7d06:e396:fdba]) by MW2PR2101MB1099.namprd21.prod.outlook.com ([fe80::5feb:7d06:e396:fdba%4]) with mapi id 15.20.6699.008; Fri, 11 Aug 2023 22:19:36 +0000 From: Dexuan Cui To: ak@linux.intel.com, arnd@arndb.de, bp@alien8.de, brijesh.singh@amd.com, dan.j.williams@intel.com, dave.hansen@intel.com, dave.hansen@linux.intel.com, haiyangz@microsoft.com, hpa@zytor.com, jane.chu@oracle.com, kirill.shutemov@linux.intel.com, kys@microsoft.com, linux-hyperv@vger.kernel.org, luto@kernel.org, mingo@redhat.com, peterz@infradead.org, rostedt@goodmis.org, sathyanarayanan.kuppuswamy@linux.intel.com, seanjc@google.com, tglx@linutronix.de, tony.luck@intel.com, wei.liu@kernel.org, Jason@zx2c4.com, nik.borisov@suse.com, mikelley@microsoft.com Cc: x86@kernel.org, linux-kernel@vger.kernel.org, linux-arch@vger.kernel.org, Tianyu.Lan@microsoft.com, rick.p.edgecombe@intel.com, andavis@redhat.com, mheslin@redhat.com, vkuznets@redhat.com, xiaoyao.li@intel.com, Dexuan Cui Subject: [PATCH 1/9] x86/hyperv: Add hv_isolation_type_tdx() to detect TDX guests Date: Fri, 11 Aug 2023 15:18:43 -0700 Message-Id: <20230811221851.10244-2-decui@microsoft.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20230811221851.10244-1-decui@microsoft.com> References: <20230811221851.10244-1-decui@microsoft.com> X-ClientProxiedBy: MW2PR16CA0047.namprd16.prod.outlook.com (2603:10b6:907:1::24) To MW2PR2101MB1099.namprd21.prod.outlook.com (2603:10b6:302:4::29) MIME-Version: 1.0 X-MS-Exchange-MessageSentRepresentingType: 1 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: MW2PR2101MB1099:EE_|DM4PR21MB3417:EE_ X-MS-Office365-Filtering-Correlation-Id: 04c3f884-0dc6-463d-8162-08db9ab90c14 X-LD-Processed: 72f988bf-86f1-41af-91ab-2d7cd011db47,ExtAddr X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: qjkXXPE15Pzg3qj4UBz1o1q0O+FN0XAe2BkHrIdskw8QxIZNzQRGZuumk/4gqnq+I/hKzchsnCe0LvwyTkDqo6/NdL9L8saOCwqJ+bwrYEnz8E8WPBKL5r1EQ7WYuD0OXM95Oy671YwH2B7Y6FCa07HKsvuP9vBQ3xgIzghJr7COxbxDqonWVZo7Y5klH4aYnCdwTdhSRKkEPyqSrXBQ77YXhdZC40CUUXxlFdUNF15M9DEgd9aj2ORJkAmyJnS4UPAWStsmbPeuPt3QlWxij5uenPpeOrCb7jvvx6QHYH6Eslom5cvTu+RbRLYBrVdXzH1E0mdm5E0dZDp/7pLKGnt+s2iaj6tKoESj2ewfLIa6K/OgRh6E2YxetrVh9tHnClAbnjmL2d3V0uv9i/M0vOIpFK1qlUoq9l65DC+gJcLXJCFZNnoPeavJOiSAK3oCw/cWbUCPtVncMdu0UiqqIg9+5sg/Pov9qH28UoTdrJqhR139+aBEQdMh/Ya+n8W2QDzKuuuP5Uh/v+xpYoaebbIMDQRKu3X533Buub/2qkCCkJpQfx1rnW5hpw0/4gcBbanhjWX/6EYlV/LpnwjZlEzhCBn0E51tVNI+wFTLadfToowdHwlaTln9N+pE5sGIlERrVrjtaGICvK3AwBFXk13aXDQftVkjF7QXXQPZn1Q7OOcm8Msb3H7cCCERZmQ+ X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:MW2PR2101MB1099.namprd21.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230028)(39860400002)(346002)(366004)(136003)(376002)(396003)(1800799006)(451199021)(186006)(2906002)(12101799016)(36756003)(2616005)(86362001)(41300700001)(83380400001)(5660300002)(8676002)(8936002)(6506007)(1076003)(107886003)(6512007)(6486002)(4326008)(6636002)(316002)(52116002)(478600001)(10290500003)(66946007)(66476007)(66556008)(6666004)(921005)(7416002)(7406005)(82960400001)(82950400001)(38100700002);DIR:OUT;SFP:1102; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: =?us-ascii?Q?ZYGJH57yc9dPVvwbKw99IxOAwoFiz4+XgnGVy+NO+pDHJf9k8GL5o6RUMV37?= =?us-ascii?Q?u8D3tEijcm3aSG2pFlgbk9ktr4eIh3/iZ1LBcLp/kvBWdj0Xj0HI+sIdK6jH?= =?us-ascii?Q?dmTVL5UvDY3RfrDldbaBaakjSz7XmdROuut3XVYoURb1U8rkcnp9aH+Yb9SP?= =?us-ascii?Q?++35oHwxIWyOWwNAHQ3ciaWDuFTbtq9AVy03ehW7+H4vXG4lc2TzNbWTnysZ?= =?us-ascii?Q?y7cyfTUxvpIYt5nbmWKI+8N9HTokYrZ7uXuFb6j7rjUziI0/5PE86dXhR7pt?= =?us-ascii?Q?llVWPS48sWV3pFmOAaT8CUr5U6Y9Yubw5scuB4zDJ1LBss2xEAtemdg2uf4g?= =?us-ascii?Q?lkTIgqUUoc9qUHp/qJoblWkR12IHOlpnKm7hcaQknjw3HWDfzvLK7p8HFTxq?= =?us-ascii?Q?QYFOA8fxuFA3cE9GjHPL5xXJDAtLP0ppaH3nM5u88Sa9fdk5E1fvLt4DEoGs?= =?us-ascii?Q?jMXPuPuA43Fy/rLSmXyEkXYAcKsdnuVf1zLekqO1+yfVC/9WB1bHAA4e/MfD?= =?us-ascii?Q?GPPixjlS1T5tnmpCaWEKUkkZ2I1oYajGh6bZd1Nyz+OSfYhnw26u3ZziApPq?= =?us-ascii?Q?V92YQrOa2/Ux3L2x+0je70c2vufcrDmDd0Z4SV3R9rUmPx+8qT4k9VAiuifu?= =?us-ascii?Q?xIIARlVWzgyxfFl3/M1aPv7EfMEVFmAiopQkOT3uzUjuY/dDndjnhhjYjtSZ?= =?us-ascii?Q?xm9wezC8CJO2j3eqgZBORsOKiL8LRL3PKDjBki/51BrechvGUhYzWiRVlzGI?= =?us-ascii?Q?vXr4yLfc/uaDYBqjrqa0GZLek00IcZeiDAol9a6qjmG71Izd3iaBz9RQDldI?= =?us-ascii?Q?IsK70fVh+NAwJBHOxKKXUjBj+V/WyWhBIufJFLnIy6asiWDhvMKzSIlTmBYP?= =?us-ascii?Q?n4cs8xMsNcrLppGZN7kSBR8OojGosKbvBLDCTZnJLzaqcanpp9jPJGdUjcpy?= =?us-ascii?Q?EYPMqV07Ym915ZYrVKCSfwwKYF+2CKQt1w5tTH8WZxejL9JxQCd8OF+eYgO6?= =?us-ascii?Q?cQztDhdhkqx/3l2QFYfPZq53u7lba8vtmTOmZNH+Sz4NIQRpxX1/Fho0OT4r?= =?us-ascii?Q?7aHz2/vsQueYO/eKDodjJv7lmEswTWWGfj1ImYi2A1cAL6svJ1r054qCBV9x?= =?us-ascii?Q?Kxulf7UBGOvjT21O0QMPap51a176XUdI+9jKWZgsLy4OzyxD36Z2K4QW5GYt?= =?us-ascii?Q?EgSa5AJjOw53Gm6JAOvplkBatioC/I66zf4iAqwXYX5qDgT7n/cEOqbCG13E?= =?us-ascii?Q?L3bMDNv6wRQpOdBJx6uRjoPzBJcRDuJ9KDBOUacBuwUiTA9Zsx/pjbBH/+MW?= =?us-ascii?Q?fmVB2saEq+UsYRpKjGUl+HMDYspbyiER0X+IljReWSp3vXkJfffFfFhdzvTL?= =?us-ascii?Q?EOx6laVqgdfX8UC3NAwt1HbytZnsaasGk1WaA5gZNOoW3/qEMoA4cJ91hcTn?= =?us-ascii?Q?2aTyN8Y5gktjEk06ZHNP9twr2KX2K/eyIUnTc9AtjxmPabBT78ZUQa5HxQV8?= =?us-ascii?Q?Zqfwlj1eEDIeHW7sHU/VTHmZfV9FESs70/LxXvX/rfNMrgiGl7CWaQIos3zO?= =?us-ascii?Q?ktDNRcR71hNbUzldRYNH7l+1tb4tLAZ0czaSuXKPU9lZCsQsy5nw0KeI1tEg?= =?us-ascii?Q?hY+sRWnm5qp8Cx+wdel1Fxae8xE88G+T7BXtSmU8pzs4?= X-OriginatorOrg: microsoft.com X-MS-Exchange-CrossTenant-Network-Message-Id: 04c3f884-0dc6-463d-8162-08db9ab90c14 X-MS-Exchange-CrossTenant-AuthSource: MW2PR2101MB1099.namprd21.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 11 Aug 2023 22:19:36.7121 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 72f988bf-86f1-41af-91ab-2d7cd011db47 X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: 3FJb8SiW+sW0yBlI+FxtcNP9Kqh1zxyrsG9nR7qmDDz4AnBDxyPXX2VI9q2482UEUVvrxEdXcBMDTA/LkgN6rg== X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM4PR21MB3417 Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" No logic change to SNP/VBS guests. hv_isolation_type_tdx() will be used to instruct a TDX guest on Hyper-V to do some TDX-specific operations, e.g. for a fully enlightened TDX guest (i.e. without the paravisor), hv_do_hypercall() should use __tdx_hypercall() and such a guest on Hyper-V should handle the Hyper-V Event/Message/Monitor pages specially. Reviewed-by: Michael Kelley Signed-off-by: Dexuan Cui Reviewed-by in the v6 patchset [3]. Reviewed-by: Tianyu Lan --- arch/x86/hyperv/ivm.c | 9 +++++++++ arch/x86/include/asm/hyperv-tlfs.h | 3 ++- arch/x86/include/asm/mshyperv.h | 3 +++ arch/x86/kernel/cpu/mshyperv.c | 2 ++ drivers/hv/hv_common.c | 6 ++++++ include/asm-generic/mshyperv.h | 1 + 6 files changed, 23 insertions(+), 1 deletion(-) diff --git a/arch/x86/hyperv/ivm.c b/arch/x86/hyperv/ivm.c index ee08a0cd6da38..d4aafe8b6b50d 100644 --- a/arch/x86/hyperv/ivm.c +++ b/arch/x86/hyperv/ivm.c @@ -524,3 +524,12 @@ bool hv_isolation_type_en_snp(void) return static_branch_unlikely(&isolation_type_en_snp); } =20 +DEFINE_STATIC_KEY_FALSE(isolation_type_tdx); +/* + * hv_isolation_type_tdx - Check if the system runs in an Intel TDX based + * isolated VM. + */ +bool hv_isolation_type_tdx(void) +{ + return static_branch_unlikely(&isolation_type_tdx); +} diff --git a/arch/x86/include/asm/hyperv-tlfs.h b/arch/x86/include/asm/hype= rv-tlfs.h index 4bf0b315b0ce9..2ff26f53cd624 100644 --- a/arch/x86/include/asm/hyperv-tlfs.h +++ b/arch/x86/include/asm/hyperv-tlfs.h @@ -169,7 +169,8 @@ enum hv_isolation_type { HV_ISOLATION_TYPE_NONE =3D 0, HV_ISOLATION_TYPE_VBS =3D 1, - HV_ISOLATION_TYPE_SNP =3D 2 + HV_ISOLATION_TYPE_SNP =3D 2, + HV_ISOLATION_TYPE_TDX =3D 3 }; =20 /* Hyper-V specific model specific registers (MSRs) */ diff --git a/arch/x86/include/asm/mshyperv.h b/arch/x86/include/asm/mshyper= v.h index 0b0d1eb249d0a..83fc3a79f1557 100644 --- a/arch/x86/include/asm/mshyperv.h +++ b/arch/x86/include/asm/mshyperv.h @@ -27,6 +27,7 @@ union hv_ghcb; =20 DECLARE_STATIC_KEY_FALSE(isolation_type_snp); DECLARE_STATIC_KEY_FALSE(isolation_type_en_snp); +DECLARE_STATIC_KEY_FALSE(isolation_type_tdx); =20 typedef int (*hyperv_fill_flush_list_func)( struct hv_guest_mapping_flush_list *flush, @@ -59,6 +60,8 @@ int hv_call_deposit_pages(int node, u64 partition_id, u32= num_pages); int hv_call_add_logical_proc(int node, u32 lp_index, u32 acpi_id); int hv_call_create_vp(int node, u64 partition_id, u32 vp_index, u32 flags); =20 +bool hv_isolation_type_tdx(void); + static inline u64 hv_do_hypercall(u64 control, void *input, void *output) { u64 input_address =3D input ? virt_to_phys(input) : 0; diff --git a/arch/x86/kernel/cpu/mshyperv.c b/arch/x86/kernel/cpu/mshyperv.c index b7d73f3107c63..a50fd3650ea9b 100644 --- a/arch/x86/kernel/cpu/mshyperv.c +++ b/arch/x86/kernel/cpu/mshyperv.c @@ -418,6 +418,8 @@ static void __init ms_hyperv_init_platform(void) static_branch_enable(&isolation_type_en_snp); } else if (hv_get_isolation_type() =3D=3D HV_ISOLATION_TYPE_SNP) { static_branch_enable(&isolation_type_snp); + } else if (hv_get_isolation_type() =3D=3D HV_ISOLATION_TYPE_TDX) { + static_branch_enable(&isolation_type_tdx); } } =20 diff --git a/drivers/hv/hv_common.c b/drivers/hv/hv_common.c index 2d43ba2bc925d..da3307533f4d7 100644 --- a/drivers/hv/hv_common.c +++ b/drivers/hv/hv_common.c @@ -521,6 +521,12 @@ bool __weak hv_isolation_type_en_snp(void) } EXPORT_SYMBOL_GPL(hv_isolation_type_en_snp); =20 +bool __weak hv_isolation_type_tdx(void) +{ + return false; +} +EXPORT_SYMBOL_GPL(hv_isolation_type_tdx); + void __weak hv_setup_vmbus_handler(void (*handler)(void)) { } diff --git a/include/asm-generic/mshyperv.h b/include/asm-generic/mshyperv.h index efd0d2aedad39..c5e657c3cdf4c 100644 --- a/include/asm-generic/mshyperv.h +++ b/include/asm-generic/mshyperv.h @@ -66,6 +66,7 @@ extern u64 hv_do_hypercall(u64 control, void *inputaddr, = void *outputaddr); extern u64 hv_do_fast_hypercall8(u16 control, u64 input8); extern bool hv_isolation_type_snp(void); extern bool hv_isolation_type_en_snp(void); +extern bool hv_isolation_type_tdx(void); =20 /* Helper functions that provide a consistent pattern for checking Hyper-V= hypercall status. */ static inline int hv_result(u64 status) --=20 2.25.1 From nobody Wed Dec 17 04:18:32 2025 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id E3FC9C001DB for ; Fri, 11 Aug 2023 22:20:03 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S236925AbjHKWUB (ORCPT ); Fri, 11 Aug 2023 18:20:01 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:53620 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S236302AbjHKWTm (ORCPT ); Fri, 11 Aug 2023 18:19:42 -0400 Received: from BN6PR00CU002.outbound.protection.outlook.com (mail-eastus2azon11021018.outbound.protection.outlook.com [52.101.57.18]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 13E901703; Fri, 11 Aug 2023 15:19:42 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=adpCtpjkCO+jFbmiQ49KTwtp8IoVv3KRquAMQoZnHYZWUiTc/qUXYQGfDceYdz63a/hQkv/QACGHx34sqRblbHkhd9PRGfLprxG5Qbir3GTFJ6JzRwoM/7aUBNuS4ZjuVRYe3E00Ej2dGD7bKXg7OWUQVKTVJf0o3hPuqxmuoNQb7ttG79gs+o75W7t4r31elE8X5AKe4TgTDLBoVgh1EK/lBET9xx3B6DN5v0f7qdQRrcGXn+4db06eMMZID97jnqeY3rxhEcdG+dGj/BoT2XE+11YXnL1/kjmIO5Gg+6H/GNBZekJS/SrugY46NA8AdhpGUBdM0h5inJhl2AC+WA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=tPw7Vddc45kESbhT6KvcpG9Ky+b3HTPJlv/cwXC3dSI=; b=NHj0hADGuOSKWSmHE6fKokM84x3LNQmWT+/UR0/4sWvhd0z9yOzuHAFvIrFbh+YJFAC+M+JLJWnsLvcmxT7aGaAjQ7b53OjSlOY7KT3E8CjG4CaEuC9n8wCOjQslukroK+Zoi/XJiOWbAxia+dbk5VJ4KR1OQ2pkIFPQln5VcemaAtgs32YsN1BLfJ/EJQlQH521G0Wuv8GO5RKVX7PHRRsIIJkqiwy29NHaROEsTUbzCYXzt4h87JMCtPV5rDxDd0aS5ThYGZFOE0wOUWmqk7BBF42Swhsx1SzNqi4WwHFcYghvTX9W6d8tO5HUAexQTuSGa3BCanvDaufRTweUcA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=microsoft.com; dmarc=pass action=none header.from=microsoft.com; dkim=pass header.d=microsoft.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=tPw7Vddc45kESbhT6KvcpG9Ky+b3HTPJlv/cwXC3dSI=; b=eg2mKobYyWlGn5dS+txZpsgbhQr6ZLDNxBmlTzoMdnJiHH2ONZ3Xmz9/N+vbheT48idTH30CeJ7RkDnvCBvc37rlCkAoFirxy+aw0uei7hy5+K0flZn3sZdqqwiVUV7yli9MHDTXT2rS0hamLTXjjOxK1H3KJJddaW1fC4K8ZDE= Authentication-Results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=microsoft.com; Received: from MW2PR2101MB1099.namprd21.prod.outlook.com (2603:10b6:302:4::29) by DM4PR21MB3417.namprd21.prod.outlook.com (2603:10b6:8:b1::6) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6699.9; Fri, 11 Aug 2023 22:19:37 +0000 Received: from MW2PR2101MB1099.namprd21.prod.outlook.com ([fe80::5feb:7d06:e396:fdba]) by MW2PR2101MB1099.namprd21.prod.outlook.com ([fe80::5feb:7d06:e396:fdba%4]) with mapi id 15.20.6699.008; Fri, 11 Aug 2023 22:19:37 +0000 From: Dexuan Cui To: ak@linux.intel.com, arnd@arndb.de, bp@alien8.de, brijesh.singh@amd.com, dan.j.williams@intel.com, dave.hansen@intel.com, dave.hansen@linux.intel.com, haiyangz@microsoft.com, hpa@zytor.com, jane.chu@oracle.com, kirill.shutemov@linux.intel.com, kys@microsoft.com, linux-hyperv@vger.kernel.org, luto@kernel.org, mingo@redhat.com, peterz@infradead.org, rostedt@goodmis.org, sathyanarayanan.kuppuswamy@linux.intel.com, seanjc@google.com, tglx@linutronix.de, tony.luck@intel.com, wei.liu@kernel.org, Jason@zx2c4.com, nik.borisov@suse.com, mikelley@microsoft.com Cc: x86@kernel.org, linux-kernel@vger.kernel.org, linux-arch@vger.kernel.org, Tianyu.Lan@microsoft.com, rick.p.edgecombe@intel.com, andavis@redhat.com, mheslin@redhat.com, vkuznets@redhat.com, xiaoyao.li@intel.com, Dexuan Cui Subject: [PATCH 2/9] x86/hyperv: Support hypercalls for fully enlightened TDX guests Date: Fri, 11 Aug 2023 15:18:44 -0700 Message-Id: <20230811221851.10244-3-decui@microsoft.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20230811221851.10244-1-decui@microsoft.com> References: <20230811221851.10244-1-decui@microsoft.com> X-ClientProxiedBy: MW2PR16CA0047.namprd16.prod.outlook.com (2603:10b6:907:1::24) To MW2PR2101MB1099.namprd21.prod.outlook.com (2603:10b6:302:4::29) MIME-Version: 1.0 X-MS-Exchange-MessageSentRepresentingType: 1 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: MW2PR2101MB1099:EE_|DM4PR21MB3417:EE_ X-MS-Office365-Filtering-Correlation-Id: b1dec020-535a-4948-692b-08db9ab90c5e X-LD-Processed: 72f988bf-86f1-41af-91ab-2d7cd011db47,ExtAddr X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: 76nb6IvlmLOck9zG+EM7G/8i3ioepgQ1M1tKHMcPzH353kHeA44hgsBGpqwlyXQVhE1jYE1H8uP8HX3xO/KGZrQsvC9QM4FBDsUIQ8pr9m9kuc39dKHtxFB2uqdXzNcRbwyTo4IZ3S/9sKjeLaJHYkdvDDfbORx4csuGvXw7WQIvl3Zu/4NQXMnFhBRe/4cy/Q6rjnTS6K2Ymmqymj1LCnI4ScNJXukahblCdL/s6GO1OlV6f/SQRZNRqLdnuJMNFdt0Gv+HcRNmlveA+W6EVRztppfQR5uvSVoDG0O/xQ9pgF4kKkLCYj0i428aiCSgaFZQ3OXthErxfSQZ/Ezzbt1eL8yqfpJKjw8mVJNUznwuM/nEB0Ge32o+kTE2fQ/TZLK1zESNiJkS+HsvDJmo2DHctQek3PHNvmSCzwNuNpeXEJxo8l3pCAD8BrXCrKyERAlluxrP0GbWsId5ZS8bR4pQ78+ZmmgowZERMnUbDRPXN3m+A7QPHXaIG6/SOC4dXiSzbHjLTL/GoPA8NkiR184FWmbHjVDB5AnUoLc7F12AA4lCNj639oDRX6g+8Smcb7GCwOdGao0SWBY84Io/zLNpx5Lgcoi+Z5YLwxnLqSNMRx+539y5iRy6qzOb1qmnCCcw62+Szmxfvu0W4DUA4pW79p6PSpbo+0ktsVLB7AxGj41zAiBOlM/x23E5Fz6y X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:MW2PR2101MB1099.namprd21.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230028)(39860400002)(346002)(366004)(136003)(376002)(396003)(1800799006)(451199021)(186006)(2906002)(12101799016)(36756003)(2616005)(86362001)(41300700001)(83380400001)(5660300002)(8676002)(8936002)(6506007)(1076003)(107886003)(6512007)(6486002)(4326008)(6636002)(316002)(52116002)(478600001)(10290500003)(66946007)(66476007)(66556008)(6666004)(921005)(7416002)(7406005)(82960400001)(82950400001)(38100700002);DIR:OUT;SFP:1102; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: =?us-ascii?Q?/5LXOI3/byVzoJjYJ3taN4r/1JjGeedfAlfT2vWVGt0N5YDOtvxPDmQeFhv/?= =?us-ascii?Q?P04092yfpba4ofEr+/jTyLdf4Wu+yGg7GGeSk6WgjaOKaolBP5usu5/xCLjS?= =?us-ascii?Q?nUPRKtmoTPNWECgZy6J9H6bxzLOvIFLN1iLuOau0uUkP59MVy/Q2x3gt+LT1?= =?us-ascii?Q?wGJrPFyo+AUwlC5UedY9Nqy5UEbEcCZ/+V0cV4Qg8h1aPDZN0EFomSuMA/Sl?= =?us-ascii?Q?PgN8ETgpTSZ1KxwtvArukmpMfuFJCfl+deHCv0Iw1Mjr5x+A4siX7FmDbqkT?= =?us-ascii?Q?w7Np4tTjaf9ziSqo5RjgFg2wjbitEG+JXk2G7G1vvwOnBxyBMaEgKD1AehHx?= =?us-ascii?Q?PvxnUhztl8MC7bWgFSBmq/RRqfit5/US3e+/4SohUJJQyhgGMsnz8D7w8dk0?= =?us-ascii?Q?BttCxu02AwOk6cYn0IwGAz2bfBRm73L56A/2l04dhErT8NozW+FkjsCwUdKI?= =?us-ascii?Q?HhN/s9yMqBOUgJ6WZBJDJIs4K1TBAve5PKyiDRIEtPazSEkjyzn9joquuYDc?= =?us-ascii?Q?iM4gOc2AGNV0ZWKg/V7HAaNSLNBZRXnQsWHYpHCwTHRaeO55mw2srNtB4f/E?= =?us-ascii?Q?qVGwdTb/W6Lm0P5UTbCfBfiPDRQlyVj32e2kkZ+GU+sDYc5Q5Rv2Bb54h2V3?= =?us-ascii?Q?QWIi8lnK3ckA5p3zIhJlvNlIs5Pg1IiYiUTJSKBBk5/xXkVSC4bbdUUwdDV8?= =?us-ascii?Q?t6Yqo8IeUlAf0K0O+jBHiDOlLpiROKcBZV2XfHgi3X4GKWKq1ms8BjnRhwH/?= =?us-ascii?Q?P2J8zl5z0KkuerMkQrtd7MH/HfA0+haQ+UEWe2sJuyrYQ06CVKRcNfaEUpzq?= =?us-ascii?Q?c3/e7L6leUcwiGZZM4/63i1D5EiWRuoEIiqAjme6oFHQHDkD3KKNR2LBB2+n?= =?us-ascii?Q?eoYhTdzSH4vUbtWVYAvayBrmFnUQ66CKFW87Dli+emEKxquLyQakHu/IjQNJ?= =?us-ascii?Q?WjbVOBT2d354qVPlj0AbMW/qgo/yuKbrz5yMqLP4dpeXRcmKSmHU88VI5jxF?= =?us-ascii?Q?YtaFTwfBZA9T0ccRjGGoPkonXpUIzhh1zi/6Qx1xt3eTq0qtkRYglEDTXtOo?= =?us-ascii?Q?LCqe8hvbyYteWf/YiCKkSad4TBLFeFZAGkaaPnv0GHupBDEBJFxkt34j4Jo4?= =?us-ascii?Q?volcSS8sbdtyAfj+2YpedEYd41MlS0VDMdEDZy9vLOAttYgsuyyWyzOihNlo?= =?us-ascii?Q?inKtka62Yj3NvxmXuWMJQKlUYGsdrhZxAmxWnnwZGG7wwV8WWW082WFT88rj?= =?us-ascii?Q?X8Dsn1DopX0M2wD/2BroE1hFKyzsVv4VmpyhZlxaxk2lwmkIDMvXwlFS3h9x?= =?us-ascii?Q?7rWIynrNM5ZDN0GIWrEVF0Y9a/8SAS864WHBcoAANfgL0o836Gn4JRni4OoM?= =?us-ascii?Q?wnYqBSCTxLIlmD3y158H9a4rHXaA9Q1Bnv3Y2t51Lzmoa6E0R/evm3P4gEM9?= =?us-ascii?Q?2fFZygalDg7AJZMfi6WyyNImE1rabnqb+aCvrYuC2kZpffogVgoikQIqYK4s?= =?us-ascii?Q?fM/m8patD6qYo6Iz6+lQ/t0bPcAX+gdsVUIpDp6ePW10DGJI7xNXe7Ki6Yy8?= =?us-ascii?Q?Wsen2/vFSWCZMB1Ql6NVdR4FT4gYVi+v3Raq4bqgyrYjnp1hUfA5TOyqcggH?= =?us-ascii?Q?PKkX0imqStHm5ce7LN9gqdlGfDFxtul3+2JPWxURNV7f?= X-OriginatorOrg: microsoft.com X-MS-Exchange-CrossTenant-Network-Message-Id: b1dec020-535a-4948-692b-08db9ab90c5e X-MS-Exchange-CrossTenant-AuthSource: MW2PR2101MB1099.namprd21.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 11 Aug 2023 22:19:37.1909 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 72f988bf-86f1-41af-91ab-2d7cd011db47 X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: T/R9bxoMzaKUADHtL+PY+4DGgtlQieCbRj3F059fOevCAaPU868dhuVR0P6AptIMWs1VtX2nxv0yQikh4Sd7bQ== X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM4PR21MB3417 Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" A fully enlightened TDX guest on Hyper-V (i.e. without the paravisor) only uses the GHCI call rather than hv_hypercall_pg. In hv_do_hypercall(), Hyper-V requires that the input/output addresses must have the cc_mask. Reviewed-by: Kuppuswamy Sathyanarayanan Reviewed-by: Michael Kelley Signed-off-by: Dexuan Cui Reviewed-by in the v6 patchset [3]. Reviewed-by: Tianyu Lan --- arch/x86/hyperv/hv_init.c | 8 ++++++++ arch/x86/hyperv/ivm.c | 17 +++++++++++++++++ arch/x86/include/asm/mshyperv.h | 15 +++++++++++++++ drivers/hv/hv_common.c | 10 ++++++++-- include/asm-generic/mshyperv.h | 1 + 5 files changed, 49 insertions(+), 2 deletions(-) diff --git a/arch/x86/hyperv/hv_init.c b/arch/x86/hyperv/hv_init.c index 547ebf6a03bc9..d8ea54663113c 100644 --- a/arch/x86/hyperv/hv_init.c +++ b/arch/x86/hyperv/hv_init.c @@ -481,6 +481,10 @@ void __init hyperv_init(void) /* Hyper-V requires to write guest os id via ghcb in SNP IVM. */ hv_ghcb_msr_write(HV_X64_MSR_GUEST_OS_ID, guest_id); =20 + /* A TDX guest uses the GHCI call rather than hv_hypercall_pg. */ + if (hv_isolation_type_tdx()) + goto skip_hypercall_pg_init; + hv_hypercall_pg =3D __vmalloc_node_range(PAGE_SIZE, 1, VMALLOC_START, VMALLOC_END, GFP_KERNEL, PAGE_KERNEL_ROX, VM_FLUSH_RESET_PERMS, NUMA_NO_NODE, @@ -520,6 +524,7 @@ void __init hyperv_init(void) wrmsrl(HV_X64_MSR_HYPERCALL, hypercall_msr.as_uint64); } =20 +skip_hypercall_pg_init: /* * hyperv_init() is called before LAPIC is initialized: see * apic_intr_mode_init() -> x86_platform.apic_post_init() and @@ -647,6 +652,9 @@ bool hv_is_hyperv_initialized(void) if (x86_hyper_type !=3D X86_HYPER_MS_HYPERV) return false; =20 + /* A TDX guest uses the GHCI call rather than hv_hypercall_pg. */ + if (hv_isolation_type_tdx()) + return true; /* * Verify that earlier initialization succeeded by checking * that the hypercall page is setup diff --git a/arch/x86/hyperv/ivm.c b/arch/x86/hyperv/ivm.c index d4aafe8b6b50d..5792cddea4914 100644 --- a/arch/x86/hyperv/ivm.c +++ b/arch/x86/hyperv/ivm.c @@ -533,3 +533,20 @@ bool hv_isolation_type_tdx(void) { return static_branch_unlikely(&isolation_type_tdx); } + +#ifdef CONFIG_INTEL_TDX_GUEST + +u64 hv_tdx_hypercall(u64 control, u64 param1, u64 param2) +{ + struct tdx_hypercall_args args =3D { }; + + args.r10 =3D control; + args.rdx =3D param1; + args.r8 =3D param2; + + (void)__tdx_hypercall_ret(&args); + + return args.r11; +} + +#endif diff --git a/arch/x86/include/asm/mshyperv.h b/arch/x86/include/asm/mshyper= v.h index 83fc3a79f1557..4c68564a165e5 100644 --- a/arch/x86/include/asm/mshyperv.h +++ b/arch/x86/include/asm/mshyperv.h @@ -61,7 +61,12 @@ int hv_call_add_logical_proc(int node, u32 lp_index, u32= acpi_id); int hv_call_create_vp(int node, u64 partition_id, u32 vp_index, u32 flags); =20 bool hv_isolation_type_tdx(void); +u64 hv_tdx_hypercall(u64 control, u64 param1, u64 param2); =20 +/* + * If the hypercall involves no input or output parameters, the hypervisor + * ignores the corresponding GPA pointer. + */ static inline u64 hv_do_hypercall(u64 control, void *input, void *output) { u64 input_address =3D input ? virt_to_phys(input) : 0; @@ -69,6 +74,10 @@ static inline u64 hv_do_hypercall(u64 control, void *inp= ut, void *output) u64 hv_status; =20 #ifdef CONFIG_X86_64 + if (hv_isolation_type_tdx()) + return hv_tdx_hypercall(control, + cc_mkdec(input_address), + cc_mkdec(output_address)); if (!hv_hypercall_pg) return U64_MAX; =20 @@ -112,6 +121,9 @@ static inline u64 _hv_do_fast_hypercall8(u64 control, u= 64 input1) u64 hv_status; =20 #ifdef CONFIG_X86_64 + if (hv_isolation_type_tdx()) + return hv_tdx_hypercall(control, input1, 0); + { __asm__ __volatile__("mov %[thunk_target], %%r8\n" ALTERNATIVE(CALL_NOSPEC, "vmmcall", X86_FEATURE_SEV_ES) @@ -158,6 +170,9 @@ static inline u64 _hv_do_fast_hypercall16(u64 control, = u64 input1, u64 input2) u64 hv_status; =20 #ifdef CONFIG_X86_64 + if (hv_isolation_type_tdx()) + return hv_tdx_hypercall(control, input1, input2); + { __asm__ __volatile__("mov %[output], %%r8\n" ALTERNATIVE(CALL_NOSPEC, "vmmcall", X86_FEATURE_SEV_ES) diff --git a/drivers/hv/hv_common.c b/drivers/hv/hv_common.c index da3307533f4d7..897bbb96f4118 100644 --- a/drivers/hv/hv_common.c +++ b/drivers/hv/hv_common.c @@ -381,10 +381,10 @@ int hv_common_cpu_init(unsigned int cpu) *outputarg =3D (char *)(*inputarg) + HV_HYP_PAGE_SIZE; } =20 - if (hv_isolation_type_en_snp()) { + if (hv_isolation_type_en_snp() || hv_isolation_type_tdx()) { ret =3D set_memory_decrypted((unsigned long)*inputarg, pgcount); if (ret) { - kfree(*inputarg); + /* It may be unsafe to free *inputarg */ *inputarg =3D NULL; return ret; } @@ -567,3 +567,9 @@ u64 __weak hv_ghcb_hypercall(u64 control, void *input, = void *output, u32 input_s return HV_STATUS_INVALID_PARAMETER; } EXPORT_SYMBOL_GPL(hv_ghcb_hypercall); + +u64 __weak hv_tdx_hypercall(u64 control, u64 param1, u64 param2) +{ + return HV_STATUS_INVALID_PARAMETER; +} +EXPORT_SYMBOL_GPL(hv_tdx_hypercall); diff --git a/include/asm-generic/mshyperv.h b/include/asm-generic/mshyperv.h index c5e657c3cdf4c..30fa75facd784 100644 --- a/include/asm-generic/mshyperv.h +++ b/include/asm-generic/mshyperv.h @@ -283,6 +283,7 @@ enum hv_isolation_type hv_get_isolation_type(void); bool hv_is_isolation_supported(void); bool hv_isolation_type_snp(void); u64 hv_ghcb_hypercall(u64 control, void *input, void *output, u32 input_si= ze); +u64 hv_tdx_hypercall(u64 control, u64 param1, u64 param2); void hyperv_cleanup(void); bool hv_query_ext_cap(u64 cap_query); void hv_setup_dma_ops(struct device *dev, bool coherent); --=20 2.25.1 From nobody Wed Dec 17 04:18:32 2025 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 4C0ECC07E8A for ; Fri, 11 Aug 2023 22:20:07 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S237104AbjHKWUF (ORCPT ); Fri, 11 Aug 2023 18:20:05 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:53630 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S234245AbjHKWTn (ORCPT ); Fri, 11 Aug 2023 18:19:43 -0400 Received: from BN6PR00CU002.outbound.protection.outlook.com (mail-eastus2azon11021018.outbound.protection.outlook.com [52.101.57.18]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id EB1F62112; Fri, 11 Aug 2023 15:19:42 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=mZv3gRxngOaqaTIfi50YUSFat+90vXAlMO5RxjbnsPjVtWrUC9BEDEac5idFqxPVfWIcEEe2hfSPKTQ7i3cvWfdJ+CoHMAh13rdqzMF9QkIbE8P5kebjZQUM1uyVafXjT7nAgeeKpa2XEJ8nfkO8Sl6bJnjA1XTFSvzIvx10HvcNyYe/JxE7W2y6SnoQM406pICcjqNRxaecTokGrs+tNdCwKsM5cpVzlrlhU6/kynn6aYc4zQowhDxUwFGu0Eak8m0k9K0b6ZEvkePKqb50Z8OPgnqtyyGh8S0Y/l16EWb/fPwfBd/epnlh9oXONtBIpmbGe6eKSq4lWswYxgy8GA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=q9lZqK+cEA0T0J10/4vf1a6UqJ8X1i3s9TKQyPp5MvA=; b=W41GN0xtVDgu/YNFctIEmIQsvnWIapXDTLFxHJb73T2bOgn2xRnR0xQLMSF4iQf2xWOCpinqX/nxxCnm2wjD4GBap50qJa7Zzg+Bqdl+NBFik1a4JHLuII3EZT8Tkt23VVn4vLreZqZxN1j+bqmqCt9Hof4/z4LIGCocfQwtz4eg0Qo5fwkzABDu8r4sdp6uAfDJIGO2jBwCZK7g8SQuu80GDApYrCrIMVfuWvWr6aBOugZQlqPNaLWhBWCYIDKNdxQy6YatpcFTr7jCRiFxmabpwJ3firhjpUc4w/5Y8m3UOlxOBNNhiugKylrHmZ1w/WUKVGF59ZHCjoYGWHxe0w== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=microsoft.com; dmarc=pass action=none header.from=microsoft.com; dkim=pass header.d=microsoft.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=q9lZqK+cEA0T0J10/4vf1a6UqJ8X1i3s9TKQyPp5MvA=; b=OvQELrr5+KVy+AqK29b2tSOIGjApQKwrusEEg5Mty5q7dHx0IvmFWnvStqGKcSK0LTR6/pTt238DMNfJPDmSTIb7412/U+crdBebN4qC3cpAObdE8X5StiRqn5TUnmcz2jvHD1dNSmaGAINrSy977v9RFHH67QdBMGuzDqHoi/k= Authentication-Results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=microsoft.com; Received: from MW2PR2101MB1099.namprd21.prod.outlook.com (2603:10b6:302:4::29) by DM4PR21MB3417.namprd21.prod.outlook.com (2603:10b6:8:b1::6) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6699.9; Fri, 11 Aug 2023 22:19:38 +0000 Received: from MW2PR2101MB1099.namprd21.prod.outlook.com ([fe80::5feb:7d06:e396:fdba]) by MW2PR2101MB1099.namprd21.prod.outlook.com ([fe80::5feb:7d06:e396:fdba%4]) with mapi id 15.20.6699.008; Fri, 11 Aug 2023 22:19:37 +0000 From: Dexuan Cui To: ak@linux.intel.com, arnd@arndb.de, bp@alien8.de, brijesh.singh@amd.com, dan.j.williams@intel.com, dave.hansen@intel.com, dave.hansen@linux.intel.com, haiyangz@microsoft.com, hpa@zytor.com, jane.chu@oracle.com, kirill.shutemov@linux.intel.com, kys@microsoft.com, linux-hyperv@vger.kernel.org, luto@kernel.org, mingo@redhat.com, peterz@infradead.org, rostedt@goodmis.org, sathyanarayanan.kuppuswamy@linux.intel.com, seanjc@google.com, tglx@linutronix.de, tony.luck@intel.com, wei.liu@kernel.org, Jason@zx2c4.com, nik.borisov@suse.com, mikelley@microsoft.com Cc: x86@kernel.org, linux-kernel@vger.kernel.org, linux-arch@vger.kernel.org, Tianyu.Lan@microsoft.com, rick.p.edgecombe@intel.com, andavis@redhat.com, mheslin@redhat.com, vkuznets@redhat.com, xiaoyao.li@intel.com, Dexuan Cui Subject: [PATCH 3/9] Drivers: hv: vmbus: Support fully enlightened TDX guests Date: Fri, 11 Aug 2023 15:18:45 -0700 Message-Id: <20230811221851.10244-4-decui@microsoft.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20230811221851.10244-1-decui@microsoft.com> References: <20230811221851.10244-1-decui@microsoft.com> X-ClientProxiedBy: MW2PR16CA0047.namprd16.prod.outlook.com (2603:10b6:907:1::24) To MW2PR2101MB1099.namprd21.prod.outlook.com (2603:10b6:302:4::29) MIME-Version: 1.0 X-MS-Exchange-MessageSentRepresentingType: 1 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: MW2PR2101MB1099:EE_|DM4PR21MB3417:EE_ X-MS-Office365-Filtering-Correlation-Id: 392147c8-6711-409a-eeac-08db9ab90ca5 X-LD-Processed: 72f988bf-86f1-41af-91ab-2d7cd011db47,ExtAddr X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: utp+PutqGdqL+dDjryAsq4c3pYER30kgmPnvqbe9RZ6VmE+UiBmqOhN1WhSI1QqolAc5DQ9A5TcKPpY0wTkP1WKNYavXPimSDmxEntP5nD/hIei5fpMFtp5gyiVbEmsw2EtRCED3O/PTN8CuZlP4ZXqd3og/Lwy9Z0aB4GQ96xUEWtz6i4Q1ITvY4K0JMSBUm6I4e/5GfBBI0oAPFY8eAXyzTUAad+YH567fEJuXAR4mY1daJ7s+VL8SVEAMTCnDz6lPNEZ5CaCqwhUcThJYXnKx2xocaScorC/Y9wyUTqPR5/wnY183ZGrrBHzCuFIcotEBXMuAfqr3FbprWRn/fCnr/MuEW+wgpdSlTdZu/V5Ic3wB9BzMzSJ9Kifr87CTag8vC199rxsPr5wA8L8E8dVO0hP2DMVHJooOFQX9z5wFw+mvRQal66CicSGagtUCSqfvunA2uQohwAkLkmKkOy7e+j7R/gf0hT+L3mx0WrETMYW7uMo7BlH2cWi4EvL0f8gn+EIxwFfWUCZsl4iYhaKRse2Lc5o27ehLNx6Ily5568nisHmE6/TZIsLBhokrJT7/ZkLxI/Ua5dvUGJNrRvgHY5jdFekUa+blbyh58+jd3ft+xUTrq38rHfkxQc1z8pQgPDemi78UvG2g5Ovyujv4ib3f17CRSbYPAy8jRMnHSmFwHD31n+rHXRum4fC8 X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:MW2PR2101MB1099.namprd21.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230028)(39860400002)(346002)(366004)(136003)(376002)(396003)(1800799006)(451199021)(186006)(2906002)(12101799016)(36756003)(2616005)(86362001)(41300700001)(83380400001)(5660300002)(8676002)(8936002)(6506007)(1076003)(107886003)(6512007)(6486002)(4326008)(6636002)(316002)(52116002)(478600001)(10290500003)(66946007)(66476007)(66556008)(6666004)(921005)(7416002)(7406005)(82960400001)(82950400001)(38100700002);DIR:OUT;SFP:1102; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: =?us-ascii?Q?5lzu9Da0q42NaSCdqmXq3nREOHWttFYBwffqNkmjZq10eg9mIWeUkydUimsS?= =?us-ascii?Q?Rt3mECk4hc+/1k2n5mdhEzBa1Q8wVsb+Qr4poQwZRltl2vgEmG/apybGzAuL?= =?us-ascii?Q?SCNha5NwIQZPg0d6bln3HeX7LxSS8bmUUXNp8ZfVvRuVKeqaHadTx/cK5+KA?= =?us-ascii?Q?uuTK/mh8z3hqpRNCVNtkGW/D0kZg7Wg+j6bpUhBGyOhjgvYAgx0I0K32mxAP?= =?us-ascii?Q?YAa5H6+xs8wZk6E15u+oGii9+R6Qr7ETShyIPsJ1bMP0psd/jcuoVI2YKFmZ?= =?us-ascii?Q?8SFoyn6ur0XHU5sZEJpeilDI0u9+0JThIBzjry1joSr5MFWPXgwaKE4Nf0ys?= =?us-ascii?Q?WTj6I6paKZdi4nfysnQEgBla3U3i32EvGS56n3zIHmVIFTLnhEbRforv1QB0?= =?us-ascii?Q?XfwtlZw/yQbehgUCw+NTnzebrdQq9SFZQQ+LQGQfxaoE6eszVP8dFw0TmaAQ?= =?us-ascii?Q?Kc8C9+carKBFbdBctFuRhwg4jWytN3eQvp/REr1gV1T4YJEDOQWYsueJlacS?= =?us-ascii?Q?dPR2cUZ+hpcZU/AVyj0CJZLPBl0Z66vi3X2xtB5u7amETzXCgavaNvXQTvHT?= =?us-ascii?Q?leUCcU2L8GWqrxplh2m8ltnUv0EttCo9Bim80XQ+iorwDveYtSvNrXs4gtHu?= =?us-ascii?Q?sH6AnTHFcJxf6/NCCXZo5N4PVoYvlgTr2T1Vd9VwYRkREXgEnpmOquye4D9J?= =?us-ascii?Q?exP+8dJl7/17q+s6wZL0DtyiIW7gag/I8vfyJ/NFEaYpjlNChc0baEQTOVh/?= =?us-ascii?Q?6MmGgzwCu0kPshUUwU3+KkATmgVGwKGBRb9QwF85Y/d3KMMzPv9bdg1atdx4?= =?us-ascii?Q?tb7wgeJCWvNevZIMHaItAUZMC+I8ILXfXhroKHUSwg3f02IADGKAn+x2YV67?= =?us-ascii?Q?ONTeZ85C2pihClz6Y+qRMezcwXtH7842FPLh2LdLhlEW2kXd6s8FQ6dMFsj/?= =?us-ascii?Q?LKygHnzl5u9Lfm+BqJjDfvgG6iyqetU6SQ2BaV3/SX0OOcxuCKz8Sv28jg7a?= =?us-ascii?Q?Ydp7srZO1jWdWJKyXJ1kUvHadDelck271JCIfcKLC3omPsteg9OggsJeWuxl?= =?us-ascii?Q?BE+1cu6UW2hpH3SQqZx6JJ5Hi7X1nGtIqPnGynBOQa0jUMUcRJ9TQC7pRmtS?= =?us-ascii?Q?sN5HhEBXiXzWUPLnqsqu5N97n+yox6Hstzot1j8EC0YN+flZg6ERN8PrfnDS?= =?us-ascii?Q?VYl5O11CpszAB1Bh2/JiOZEqk3XV2loVFZRDgWDqld1r5N0Ljof3kB8PWFCh?= =?us-ascii?Q?whbuc5VmaNXoL8S1mi5Y3R00V1lpRbkYhEEHHbZTPygfz8Ua12VhhF4X87MA?= =?us-ascii?Q?Kjt+5j5+iOFxsM1lV55iGd3Gfp8FSpV7uZ35y6anbuL0YuAuKqtcGdqqljKC?= =?us-ascii?Q?D2NIoXkdKBIVvrR7f5l71trbK6p8fAUSpWjeQH+VOO3cW8KFDIbXz7z/QqJi?= =?us-ascii?Q?nNH1BVj6xSGV24gWPp3UZ9K/HTV1oiv/iGN4r+JWzahxofL7RWeUoI+yaFyS?= =?us-ascii?Q?X7OaTJuI/4oxjrLcNq3GsttSXXqP7EBwqQr3aXlVIRdaDXkvPd4UZhsfJeE4?= =?us-ascii?Q?dd6jhDRdpeoYKysaNuu8ZsL9XmQeaJHTaD8z1yh04dJgQgaRyzIu2FwVpB4w?= =?us-ascii?Q?cjqZ7x2RXYk+W/W6LwTX4MN0naFi0s5xjARP+bpG7rZn?= X-OriginatorOrg: microsoft.com X-MS-Exchange-CrossTenant-Network-Message-Id: 392147c8-6711-409a-eeac-08db9ab90ca5 X-MS-Exchange-CrossTenant-AuthSource: MW2PR2101MB1099.namprd21.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 11 Aug 2023 22:19:37.6522 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 72f988bf-86f1-41af-91ab-2d7cd011db47 X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: xhnx9XcWBUeexCj2PrtRmrycBAkRtGp5qkMHa6f9Jg1VR2Mo9sTgf5eSb1aJh/nNYS1m9N+dcSnjHqyUCyLFKQ== X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM4PR21MB3417 Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Add Hyper-V specific code so that a fully enlightened TDX guest (i.e. without the paravisor) can run on Hyper-V: Don't use hv_vp_assist_page. Use GHCI instead. Don't try to use the unsupported HV_REGISTER_CRASH_CTL. Don't trust (use) Hyper-V's TLB-flushing hypercalls. Don't use lazy EOI. Share the SynIC Event/Message pages with the hypervisor. Don't use the Hyper-V TSC page for now, because non-trivial work is required to share the page with the hypervisor. Reviewed-by: Michael Kelley Signed-off-by: Dexuan Cui Reviewed-by in the v6 patchset [3]. --- arch/x86/hyperv/hv_apic.c | 15 ++++++++++++--- arch/x86/hyperv/hv_init.c | 19 +++++++++++++++---- arch/x86/kernel/cpu/mshyperv.c | 23 +++++++++++++++++++++++ drivers/hv/hv.c | 17 +++++++++++++++-- 4 files changed, 65 insertions(+), 9 deletions(-) diff --git a/arch/x86/hyperv/hv_apic.c b/arch/x86/hyperv/hv_apic.c index 1fbda2f94184e..cb7429046d18d 100644 --- a/arch/x86/hyperv/hv_apic.c +++ b/arch/x86/hyperv/hv_apic.c @@ -177,8 +177,11 @@ static bool __send_ipi_mask(const struct cpumask *mask= , int vector, (exclude_self && weight =3D=3D 1 && cpumask_test_cpu(this_cpu, mask))) return true; =20 - if (!hv_hypercall_pg) - return false; + /* A fully enlightened TDX VM uses GHCI rather than hv_hypercall_pg. */ + if (!hv_hypercall_pg) { + if (ms_hyperv.paravisor_present || !hv_isolation_type_tdx()) + return false; + } =20 if ((vector < HV_IPI_LOW_VECTOR) || (vector > HV_IPI_HIGH_VECTOR)) return false; @@ -231,9 +234,15 @@ static bool __send_ipi_one(int cpu, int vector) =20 trace_hyperv_send_ipi_one(cpu, vector); =20 - if (!hv_hypercall_pg || (vp =3D=3D VP_INVAL)) + if (vp =3D=3D VP_INVAL) return false; =20 + /* A fully enlightened TDX VM uses GHCI rather than hv_hypercall_pg. */ + if (!hv_hypercall_pg) { + if (ms_hyperv.paravisor_present || !hv_isolation_type_tdx()) + return false; + } + if ((vector < HV_IPI_LOW_VECTOR) || (vector > HV_IPI_HIGH_VECTOR)) return false; =20 diff --git a/arch/x86/hyperv/hv_init.c b/arch/x86/hyperv/hv_init.c index d8ea54663113c..4bcd0a6f94760 100644 --- a/arch/x86/hyperv/hv_init.c +++ b/arch/x86/hyperv/hv_init.c @@ -80,7 +80,7 @@ static int hyperv_init_ghcb(void) static int hv_cpu_init(unsigned int cpu) { union hv_vp_assist_msr_contents msr =3D { 0 }; - struct hv_vp_assist_page **hvp =3D &hv_vp_assist_page[cpu]; + struct hv_vp_assist_page **hvp; int ret; =20 ret =3D hv_common_cpu_init(cpu); @@ -90,6 +90,7 @@ static int hv_cpu_init(unsigned int cpu) if (!hv_vp_assist_page) return 0; =20 + hvp =3D &hv_vp_assist_page[cpu]; if (hv_root_partition) { /* * For root partition we get the hypervisor provided VP assist @@ -447,11 +448,21 @@ void __init hyperv_init(void) if (hv_common_init()) return; =20 - hv_vp_assist_page =3D kcalloc(num_possible_cpus(), - sizeof(*hv_vp_assist_page), GFP_KERNEL); + /* + * The VP assist page is useless to a TDX guest: the only use we + * would have for it is lazy EOI, which can not be used with TDX. + */ + if (hv_isolation_type_tdx()) + hv_vp_assist_page =3D NULL; + else + hv_vp_assist_page =3D kcalloc(num_possible_cpus(), + sizeof(*hv_vp_assist_page), + GFP_KERNEL); if (!hv_vp_assist_page) { ms_hyperv.hints &=3D ~HV_X64_ENLIGHTENED_VMCS_RECOMMENDED; - goto common_free; + + if (!hv_isolation_type_tdx()) + goto common_free; } =20 if (hv_isolation_type_snp()) { diff --git a/arch/x86/kernel/cpu/mshyperv.c b/arch/x86/kernel/cpu/mshyperv.c index a50fd3650ea9b..507df0f64ae18 100644 --- a/arch/x86/kernel/cpu/mshyperv.c +++ b/arch/x86/kernel/cpu/mshyperv.c @@ -420,6 +420,29 @@ static void __init ms_hyperv_init_platform(void) static_branch_enable(&isolation_type_snp); } else if (hv_get_isolation_type() =3D=3D HV_ISOLATION_TYPE_TDX) { static_branch_enable(&isolation_type_tdx); + + /* A TDX VM must use x2APIC and doesn't use lazy EOI. */ + ms_hyperv.hints &=3D ~HV_X64_APIC_ACCESS_RECOMMENDED; + + if (!ms_hyperv.paravisor_present) { + /* + * The ms_hyperv.shared_gpa_boundary_active in + * a fully enlightened TDX VM is 0, but the GPAs + * of the SynIC Event/Message pages and VMBus + * Moniter pages in such a VM still need to be + * added by this offset. + */ + ms_hyperv.shared_gpa_boundary =3D cc_mkdec(0); + + /* To be supported: more work is required. */ + ms_hyperv.features &=3D ~HV_MSR_REFERENCE_TSC_AVAILABLE; + + /* HV_REGISTER_CRASH_CTL is unsupported. */ + ms_hyperv.misc_features &=3D ~HV_FEATURE_GUEST_CRASH_MSR_AVAILABLE; + + /* Don't trust Hyper-V's TLB-flushing hypercalls. */ + ms_hyperv.hints &=3D ~HV_X64_REMOTE_TLB_FLUSH_RECOMMENDED; + } } } =20 diff --git a/drivers/hv/hv.c b/drivers/hv/hv.c index ec6e35a0d9bf6..28bbb354324d6 100644 --- a/drivers/hv/hv.c +++ b/drivers/hv/hv.c @@ -121,11 +121,15 @@ int hv_synic_alloc(void) (void *)get_zeroed_page(GFP_ATOMIC); if (hv_cpu->synic_event_page =3D=3D NULL) { pr_err("Unable to allocate SYNIC event page\n"); + + free_page((unsigned long)hv_cpu->synic_message_page); + hv_cpu->synic_message_page =3D NULL; goto err; } } =20 - if (hv_isolation_type_en_snp()) { + if (!ms_hyperv.paravisor_present && + (hv_isolation_type_en_snp() || hv_isolation_type_tdx())) { ret =3D set_memory_decrypted((unsigned long) hv_cpu->synic_message_page, 1); if (ret) { @@ -174,7 +178,8 @@ void hv_synic_free(void) =3D per_cpu_ptr(hv_context.cpu_context, cpu); =20 /* It's better to leak the page if the encryption fails. */ - if (hv_isolation_type_en_snp()) { + if (!ms_hyperv.paravisor_present && + (hv_isolation_type_en_snp() || hv_isolation_type_tdx())) { if (hv_cpu->synic_message_page) { ret =3D set_memory_encrypted((unsigned long) hv_cpu->synic_message_page, 1); @@ -232,6 +237,10 @@ void hv_synic_enable_regs(unsigned int cpu) } else { simp.base_simp_gpa =3D virt_to_phys(hv_cpu->synic_message_page) >> HV_HYP_PAGE_SHIFT; + + if (hv_isolation_type_tdx()) + simp.base_simp_gpa |=3D ms_hyperv.shared_gpa_boundary + >> HV_HYP_PAGE_SHIFT; } =20 hv_set_register(HV_REGISTER_SIMP, simp.as_uint64); @@ -251,6 +260,10 @@ void hv_synic_enable_regs(unsigned int cpu) } else { siefp.base_siefp_gpa =3D virt_to_phys(hv_cpu->synic_event_page) >> HV_HYP_PAGE_SHIFT; + + if (hv_isolation_type_tdx()) + siefp.base_siefp_gpa |=3D ms_hyperv.shared_gpa_boundary + >> HV_HYP_PAGE_SHIFT; } =20 hv_set_register(HV_REGISTER_SIEFP, siefp.as_uint64); --=20 2.25.1 From nobody Wed Dec 17 04:18:32 2025 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 9A480C001B0 for ; Fri, 11 Aug 2023 22:20:11 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S237112AbjHKWUK (ORCPT ); Fri, 11 Aug 2023 18:20:10 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:53644 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S236611AbjHKWTp (ORCPT ); Fri, 11 Aug 2023 18:19:45 -0400 Received: from BN6PR00CU002.outbound.protection.outlook.com (mail-eastus2azon11021018.outbound.protection.outlook.com [52.101.57.18]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 8DD1A2D55; Fri, 11 Aug 2023 15:19:44 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=AoCMEGYxreULpB7YM5GmItqGCcwNsccnE36QorE5YUnpiK6wWPO6OD/D55kSNIT1ZRL7G/uA6sVZikJhuh55WnnEutr0RQTFhw7gW+Bk1a1z9BYaFVmTF0Pr9K2Wtm7o93dJAyTljerRzuGaBISPF9ceEO1mgXWBI7vsBkTwcs7zTQOESNxtkC8CppBzKEAe5Hbp59SnfQAX5PD4NVDuuWKx7zgVNVBpXRtwXsr+mYVknqiVSTScbP0Z3bQx+qhEChrC3o5YE9UAQFamk/1c6Lplsgn1Di1dADFMjJtnajkaIQNqNj7D0q2srhqR9FYKMvGRKKsvhNiGti7Sf9akjg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=pz9119zCdTDX/H5MP13eu2zZggOvfE9FQGMTo7FiWGI=; b=NRupShIG+vZQ4MiaT2O/+5J3Kb9m8bq+ti/z6KxPqTPOn3br/VMYFv0tVBWG1ELbGYqrM8R2HmeNvIfpF+vAjqqclkPAJzgzWPoiBy7eQtPnQymHAmBWbfd8BMvLZKi6rKrzYpschMlr/hur7gtb/xt/CGb5Ye44KByaLsDcf/j5lrT9px6mb9F1pRC6ZmJ+ezAMk77APKn514DaY/h77C5Jwi71C+o0JxWeOKrLPeyoAlvW7ZxojabrMN6J6DT5Jw32DlqAYKZ4Z0d7DQoJxqG6jILEBvoiUBjOZNo+uQ5hbBynOZC/VvudeeDDAaRvXfWEaidPZLyWfb5p/fuhjw== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=microsoft.com; dmarc=pass action=none header.from=microsoft.com; dkim=pass header.d=microsoft.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=pz9119zCdTDX/H5MP13eu2zZggOvfE9FQGMTo7FiWGI=; b=LiGvdPlyNX77chcy9YP/31g9VDX3FXTV1hG6Guz6pKJazDU0D2heOV0gWOfAjIpjwPhtzkt2c18ZzUUQowYvFImdnp+JYGUOvy6lRghbgpNEeYub5babm5QVfZE3tMR0ljszzkDSKpUQ7suVS/AeSHsB6OLKsaBWmI93tcDEuLg= Authentication-Results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=microsoft.com; Received: from MW2PR2101MB1099.namprd21.prod.outlook.com (2603:10b6:302:4::29) by DM4PR21MB3417.namprd21.prod.outlook.com (2603:10b6:8:b1::6) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6699.9; Fri, 11 Aug 2023 22:19:38 +0000 Received: from MW2PR2101MB1099.namprd21.prod.outlook.com ([fe80::5feb:7d06:e396:fdba]) by MW2PR2101MB1099.namprd21.prod.outlook.com ([fe80::5feb:7d06:e396:fdba%4]) with mapi id 15.20.6699.008; Fri, 11 Aug 2023 22:19:38 +0000 From: Dexuan Cui To: ak@linux.intel.com, arnd@arndb.de, bp@alien8.de, brijesh.singh@amd.com, dan.j.williams@intel.com, dave.hansen@intel.com, dave.hansen@linux.intel.com, haiyangz@microsoft.com, hpa@zytor.com, jane.chu@oracle.com, kirill.shutemov@linux.intel.com, kys@microsoft.com, linux-hyperv@vger.kernel.org, luto@kernel.org, mingo@redhat.com, peterz@infradead.org, rostedt@goodmis.org, sathyanarayanan.kuppuswamy@linux.intel.com, seanjc@google.com, tglx@linutronix.de, tony.luck@intel.com, wei.liu@kernel.org, Jason@zx2c4.com, nik.borisov@suse.com, mikelley@microsoft.com Cc: x86@kernel.org, linux-kernel@vger.kernel.org, linux-arch@vger.kernel.org, Tianyu.Lan@microsoft.com, rick.p.edgecombe@intel.com, andavis@redhat.com, mheslin@redhat.com, vkuznets@redhat.com, xiaoyao.li@intel.com, Dexuan Cui Subject: [PATCH 4/9] x86/hyperv: Fix serial console interrupts for fully enlightened TDX guests Date: Fri, 11 Aug 2023 15:18:46 -0700 Message-Id: <20230811221851.10244-5-decui@microsoft.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20230811221851.10244-1-decui@microsoft.com> References: <20230811221851.10244-1-decui@microsoft.com> X-ClientProxiedBy: MW2PR16CA0047.namprd16.prod.outlook.com (2603:10b6:907:1::24) To MW2PR2101MB1099.namprd21.prod.outlook.com (2603:10b6:302:4::29) MIME-Version: 1.0 X-MS-Exchange-MessageSentRepresentingType: 1 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: MW2PR2101MB1099:EE_|DM4PR21MB3417:EE_ X-MS-Office365-Filtering-Correlation-Id: ff439420-10f5-4ed0-11d1-08db9ab90ceb X-LD-Processed: 72f988bf-86f1-41af-91ab-2d7cd011db47,ExtAddr X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: Q7/OSJye2WQ06pNIvB+IO+x8iexSR9cTckBEPJLDjlG9b0r5tUsJ6Ffq+atjW2NV9vg6N07qBjjP0irrE+PZvFymE7ZG7+jRc2XpnU29sYnXxmhmqXMpPBvVX2NheE5hEYfWpo9xn+FGOZ7Um2A+j5nZf2xlTUrckAQNWL9ZJlu1m4Rv2j+XxHayPTZXyhkAvjfOEVgqAY6BcnAM661NGpTnZ4fOAlb0q1GwJB6I0xqBcSDOsx4qPapeEYopsSdj93yG/Fm/4h3vQPdLm1zZeHt+8XWwMSRX6NyEYWIFjKaQnZkZ/1YqR8/KGq5IoHmj2lGmhgUVovufELjYzwHWfyMZ9r0AB9bFVRBYjOeT3ZPfjp1zT4KJgoFO/uHZYSDTFWRVrVIyHv0VR9os2isHAyIjlSq4i3lSwGT6daJKDJK3nxkVus/jUT9PQu2dxQ/aLyURugC5Af9UQSKl5RMC/AXJAs48CAALOHK25cDfpSTXVEocPWzH3/CE1qg51XP3N9iCTAzrgrvWT8fZ3CNDu57uGYNms0hr7+thn+23uJXOSEsp0HvcFLMR3yR1xoPdcb4H6Bx97FL3LAcTiGaxiDJHo3h66dpItkrAQikfzExjOJycRoWpzOwlKy/EMpQDAh8sEL76s3keo6c6kYFyqhaIC2EeKNhjMyAAXAd62L+lbHmJhqDRgidhEO3k20nX X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:MW2PR2101MB1099.namprd21.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230028)(39860400002)(346002)(366004)(136003)(376002)(396003)(1800799006)(451199021)(186006)(2906002)(12101799016)(36756003)(2616005)(86362001)(41300700001)(83380400001)(5660300002)(8676002)(8936002)(6506007)(1076003)(107886003)(6512007)(6486002)(4326008)(6636002)(316002)(52116002)(478600001)(10290500003)(66946007)(66476007)(66556008)(6666004)(921005)(7416002)(7406005)(82960400001)(82950400001)(38100700002);DIR:OUT;SFP:1102; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: =?us-ascii?Q?Ta9M6uIT78W6b83jVk+oH4T3bcHmMrtiVkpDvlQDfOKzcrMBoaGj+DfBdixV?= =?us-ascii?Q?vKablcT8UeYVgMJiiKYWH5fCmlxxvPVUBe7n1a5P4FtTq9kJoIylu/1kB+7s?= =?us-ascii?Q?dvRPIQyVYiyjPMwhXVaDr7DojVt52d/y27+K4rRwcB/ZxysFNZQinWFyPR4Y?= =?us-ascii?Q?t+KZYDl38e6ZZGgo4uDjz20exZIIiQTEA7DGcxVbsW1eYmTAv1m565f47zHP?= =?us-ascii?Q?mlHzZi/mZvcgqwnDrm649+uaMmxdioHwKO77Gr0Lus4fx0prZqqNISLGHLR9?= =?us-ascii?Q?6MY0twd88bP6bEehmQOLYr7u9lheuKk3QMZadYt8ChJbDT5J/oDbGTmrzrYe?= =?us-ascii?Q?0kMcFJ4uGrzZXs3kpnUBPD581JAKoJYi0boZHTp1hZ6uSoAIRSTXEYQWhJog?= =?us-ascii?Q?3lRWA4P1fJXKL+ZKl5G0mCX7K2lWv7rD7MthmNqbnyIP94WzfzAFSJVgiTfC?= =?us-ascii?Q?JMPLoeCo5fQ5rniBXfwEvpzwP/vx/FUFCFEvxUMEvTp0cIUhd28n0ap924Q2?= =?us-ascii?Q?aYxC8wlxbZiXEDbt8LpADSJTnWA6idqYmLGRU2X/UsYIaI4qIvm4r4E3YlIG?= =?us-ascii?Q?BF49G3y1JWzkwHfq2aD0WzTGwPXNL/1BKh6Z4UdsYaI4CupfTbDc1qwaLe6M?= =?us-ascii?Q?DYWAU6H5i0F74vmrV+V3ikiRNHVc+zZdtPLRRl4NNUEG1mCnpAbqs3914PrP?= =?us-ascii?Q?hKzgOCxkX6dEBSqPh3c0lI4WGhLwv2PG0sZuUWlF/4+ao2lOCpGzWeOnol4l?= =?us-ascii?Q?oRL7s8/W0YJpIvTvVjDimbjYVkZeAC8x2dOiggJFJnTmRDYWYGJuB0vcGHcq?= =?us-ascii?Q?7Aw4jphWe467CBDhk3b/w/qDmPsgvrj/2r/b2gj1+x39KVwy8pf1mQ3qNxbF?= =?us-ascii?Q?fV652brywhW26AfDlrz/9WNuZl4vMZorNo85a01RYedX+tSewCK5c7bNwoHE?= =?us-ascii?Q?RBPwFCCp+/G5YfIeCQT38m6oyJZVJcgpn6k6o8GOjfj+Eb8BTtFSg93z7csT?= =?us-ascii?Q?lzssuVF9aiFBlA9Y0cfnbDcjyfxhls1rx2RI/baUYLoFwqSf+xH90YT69pQE?= =?us-ascii?Q?eN/NZvjWO/tyYoaEbvZ460rmEuRiYKjJN6TtJi2ClWLpkdN+ED6BjZIncrWa?= =?us-ascii?Q?xBHDme2rqVKuAqHV1/1w2VG8P44W+mzRIi+O+baKbaGsWv9pM5dldRYmJjz/?= =?us-ascii?Q?SjbypFCDkOJB6Qpu2qvWDrnF6Zxk4sd6uEyTbr55wuiMHacbS7wGnvxm9Un4?= =?us-ascii?Q?N68ypUZ8JkCMzJ2jPCv3hd75u9+8N8Yr8hJxrfgHVy1CEiDrsL8Wetn93FxV?= =?us-ascii?Q?6syLgP2R615h7khA4+btGmprcSBRubhmJkOtNswFzC/f6dpT1y93OIgOjy63?= =?us-ascii?Q?jLMHh4vBED40hPe7iKy4RAtr1LFFTq8T/8512DSgm0UT5Pifff7O7dQypFui?= =?us-ascii?Q?FRWvPnOQip1h5qCJCk6Cu8WZ0wTV5iEDdsA6MJNv86CrCT6QGC9asgYeVttd?= =?us-ascii?Q?f5NS3mDwvrLDXP7eMsxpYItFWcEy+ckFw6ljrxwMGdCtlBt0r3cTOeSs73X1?= =?us-ascii?Q?/MlTzzjhwHS7yvZm2LGmvf4UMLiLemFAnQ5O2QYoMrsuqtqVnA2M1fn/4+/j?= =?us-ascii?Q?K+lgvNEbetsxbRtWB8wrh7/qP4tJNxPPWzckpiWu3oV/?= X-OriginatorOrg: microsoft.com X-MS-Exchange-CrossTenant-Network-Message-Id: ff439420-10f5-4ed0-11d1-08db9ab90ceb X-MS-Exchange-CrossTenant-AuthSource: MW2PR2101MB1099.namprd21.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 11 Aug 2023 22:19:38.1153 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 72f988bf-86f1-41af-91ab-2d7cd011db47 X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: m0Mz5ZWPMAnxtMRm/I8/tYPYIEJQTsWQzz8NgclBdvrOimnTS9xmDFp4qiS3hCJkcBiCT9RN90Y8WqIRhmjcOw== X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM4PR21MB3417 Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" When a fully enlightened TDX guest runs on Hyper-V, the UEFI firmware sets the HW_REDUCED flag and consequently ttyS0 interrupts can't work. Fix the issue by overriding x86_init.acpi.reduced_hw_early_init(). Reviewed-by: Michael Kelley Signed-off-by: Dexuan Cui Reviewed-by in the v6 patchset [3]. Reviewed-by: Tianyu Lan --- arch/x86/kernel/cpu/mshyperv.c | 22 ++++++++++++++++++++++ 1 file changed, 22 insertions(+) diff --git a/arch/x86/kernel/cpu/mshyperv.c b/arch/x86/kernel/cpu/mshyperv.c index 507df0f64ae18..b4214e37e9124 100644 --- a/arch/x86/kernel/cpu/mshyperv.c +++ b/arch/x86/kernel/cpu/mshyperv.c @@ -324,6 +324,26 @@ static void __init hv_smp_prepare_cpus(unsigned int ma= x_cpus) } #endif =20 +/* + * When a fully enlightened TDX VM runs on Hyper-V, the firmware sets the + * HW_REDUCED flag: refer to acpi_tb_create_local_fadt(). Consequently tty= S0 + * interrupts can't work because request_irq() -> ... -> irq_to_desc() ret= urns + * NULL for ttyS0. This happens because mp_config_acpi_legacy_irqs() sees a + * nr_legacy_irqs() of 0, so it doesn't initialize the array 'mp_irqs[]', = and + * later setup_IO_APIC_irqs() -> find_irq_entry() fails to find the legacy= irqs + * from the array and hence doesn't create the necessary irq description i= nfo. + * + * Clone arch/x86/kernel/acpi/boot.c: acpi_generic_reduced_hw_init() here, + * except don't change 'legacy_pic', which keeps its default value + * 'default_legacy_pic'. This way, mp_config_acpi_legacy_irqs() sees a non= -zero + * nr_legacy_irqs() and eventually serial console interrupts works properl= y. + */ +static void __init reduced_hw_init(void) +{ + x86_init.timers.timer_init =3D x86_init_noop; + x86_init.irqs.pre_vector_init =3D x86_init_noop; +} + static void __init ms_hyperv_init_platform(void) { int hv_max_functions_eax; @@ -442,6 +462,8 @@ static void __init ms_hyperv_init_platform(void) =20 /* Don't trust Hyper-V's TLB-flushing hypercalls. */ ms_hyperv.hints &=3D ~HV_X64_REMOTE_TLB_FLUSH_RECOMMENDED; + + x86_init.acpi.reduced_hw_early_init =3D reduced_hw_init; } } } --=20 2.25.1 From nobody Wed Dec 17 04:18:32 2025 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 980F1C001B0 for ; Fri, 11 Aug 2023 22:20:16 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S237119AbjHKWUO (ORCPT ); Fri, 11 Aug 2023 18:20:14 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:53660 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S236622AbjHKWTp (ORCPT ); Fri, 11 Aug 2023 18:19:45 -0400 Received: from BN6PR00CU002.outbound.protection.outlook.com (mail-eastus2azon11021018.outbound.protection.outlook.com [52.101.57.18]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 4F6D22D57; Fri, 11 Aug 2023 15:19:45 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=jEs30HtORHNSxeMXCdjV1J2B0SXQkQn+xU1CxdkQqeR/axSkYaUVU7PiF5WdeQl/JWvLkGcn/VcnNgHcoWYy8o8a/G6lcwf/E+yTtA3CifoyRIna5/N8M0nHKuG1tjJ26kPGgcfbfGe62HO+1stugb7E660ojvdxo4Qvon2EhtGSjwSXi1PeiOjgsJ0o+ckPnJlH+3ptwWcPTyhEB+6dEudmaoGU/J4oKFkG/SSAqNMOaM4ltSRttHfzd9sublLjAvbtPxNvIKOWD1v8QrHAXaos+Dk05VPth+x21prGIjNjbam8ImH/cquHwvKzGrsRFdWJu5zn3eQCZMNrB/it4Q== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=UDm3zWLM6/sq1ToH6J3xOAqticgaoaF7xmZMV/tzYeA=; b=ZWZODz//pxMw4H8llF2JJ0CHOSpL7EBQUBWUbBYg6C7CA+DLlpudiGCfSA/A9Poni7RZyDKU8YuciheHO3wswwNXF6v+q+PF7Fh8CASQPIyfx5mfKOt0Ymj3YF3Yv0VSS3cYLF1Ic7GBWlZSt9uQETyV+lHrkHalUnPLbrDSRlHV5MpbihEKQuhNCYfaXub1vWxGq7zOmrsJma9sVIWv3uvwMo8kj+4RmyVhdYYu3WL2vnjqdiiFZMPZ/HACyhD39yO5q966cXoCLwmsnnfsLN0woG5KapaN+9MZYQXG319TyZaCVgO3orjH0P21d7dXDb0IqXmw+JFXL43/pLnT+g== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=microsoft.com; dmarc=pass action=none header.from=microsoft.com; dkim=pass header.d=microsoft.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=UDm3zWLM6/sq1ToH6J3xOAqticgaoaF7xmZMV/tzYeA=; b=dUrCpC3E3JUNyyGXCvKY+yb/vYXTHl4SfHVXEuGvVvAIjEhRfEAWTxRlN4yc70xmUXtO8hlI+kglIn9a3POZpNx3j1g7ElbBTk7G5R9G6GNTbIYVmZki+8P9ErW8LimMyYuGIACQOuqXWd5D09if7PcF7b6Yq9wJfNtEFVucX4c= Authentication-Results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=microsoft.com; Received: from MW2PR2101MB1099.namprd21.prod.outlook.com (2603:10b6:302:4::29) by DM4PR21MB3417.namprd21.prod.outlook.com (2603:10b6:8:b1::6) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6699.9; Fri, 11 Aug 2023 22:19:39 +0000 Received: from MW2PR2101MB1099.namprd21.prod.outlook.com ([fe80::5feb:7d06:e396:fdba]) by MW2PR2101MB1099.namprd21.prod.outlook.com ([fe80::5feb:7d06:e396:fdba%4]) with mapi id 15.20.6699.008; Fri, 11 Aug 2023 22:19:39 +0000 From: Dexuan Cui To: ak@linux.intel.com, arnd@arndb.de, bp@alien8.de, brijesh.singh@amd.com, dan.j.williams@intel.com, dave.hansen@intel.com, dave.hansen@linux.intel.com, haiyangz@microsoft.com, hpa@zytor.com, jane.chu@oracle.com, kirill.shutemov@linux.intel.com, kys@microsoft.com, linux-hyperv@vger.kernel.org, luto@kernel.org, mingo@redhat.com, peterz@infradead.org, rostedt@goodmis.org, sathyanarayanan.kuppuswamy@linux.intel.com, seanjc@google.com, tglx@linutronix.de, tony.luck@intel.com, wei.liu@kernel.org, Jason@zx2c4.com, nik.borisov@suse.com, mikelley@microsoft.com Cc: x86@kernel.org, linux-kernel@vger.kernel.org, linux-arch@vger.kernel.org, Tianyu.Lan@microsoft.com, rick.p.edgecombe@intel.com, andavis@redhat.com, mheslin@redhat.com, vkuznets@redhat.com, xiaoyao.li@intel.com, Dexuan Cui Subject: [PATCH 5/9] Drivers: hv: vmbus: Support >64 VPs for a fully enlightened TDX/SNP VM Date: Fri, 11 Aug 2023 15:18:47 -0700 Message-Id: <20230811221851.10244-6-decui@microsoft.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20230811221851.10244-1-decui@microsoft.com> References: <20230811221851.10244-1-decui@microsoft.com> X-ClientProxiedBy: MW2PR16CA0047.namprd16.prod.outlook.com (2603:10b6:907:1::24) To MW2PR2101MB1099.namprd21.prod.outlook.com (2603:10b6:302:4::29) MIME-Version: 1.0 X-MS-Exchange-MessageSentRepresentingType: 1 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: MW2PR2101MB1099:EE_|DM4PR21MB3417:EE_ X-MS-Office365-Filtering-Correlation-Id: fe0f7843-ce9c-4d3e-3504-08db9ab90d30 X-LD-Processed: 72f988bf-86f1-41af-91ab-2d7cd011db47,ExtAddr X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: Hia2ktRijHbm4deTCf+9sPgTPb11H787AvOvd/BvtuljyROe5fycNyMlYz81rS2jVkr3/29fQkLbxLl0BYrX8kWGg8q3QrnPxwBeSdPh2NdkDNKlfX+5+kYhfAo5yuOmQFdk4TRAbdoFOuza4gJKsyhjUuqkw0xF2MLheFLSIAHGQKmQFY/Mj0gOb7HCCjYOl6IGGFK+zjnpI5AbayicOGjvZ6iewwZQug7Q0pw5p44k6sMURQt1kiH29p13YRhg6mlDLLB176MVMLSo9eBQsb1AczmHwJ77so3yi8KuApcZmDifBcK87QYDx3w1xbDqCk+dWZ4+496HK/wJsuWG1VcQ0hMyKMMamXDutaXWGKaBcJmPeFBYGKzWQKoCb+p4z50QlRBrZzvo77+zAmaLPJXXyPZHnp/9kHmHqpGVNlWN+E+2mPOzoQrnhe3NDntj5oMvlN62tGSzBqlmoClBOUO0aJQJqZG+dalpBssJ8Bmo6oE9HkKM2J/wVW0hQ4w5YI4PLgyukZbctmofeQs1IbH1q264rmVcz0ZyrXs1JmT1PKgrEuDHqSuYcQbO0h59NVYm3x+WteR7VCJzymvxRJe67o76zSxvG4US07y7jBg/Fyzd7Bn25UMG3+mv7X6X7uHAeA0lKgv+TEseBsht1Thw7EeDUe1jNojuitkgV76jiUYbGwk7UYICWD+O/M1/ X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:MW2PR2101MB1099.namprd21.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230028)(39860400002)(346002)(366004)(136003)(376002)(396003)(1800799006)(451199021)(186006)(2906002)(12101799016)(36756003)(2616005)(86362001)(41300700001)(83380400001)(5660300002)(8676002)(8936002)(6506007)(1076003)(107886003)(6512007)(6486002)(4326008)(6636002)(316002)(52116002)(478600001)(10290500003)(66946007)(66476007)(66556008)(6666004)(921005)(7416002)(7406005)(82960400001)(82950400001)(38100700002);DIR:OUT;SFP:1102; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: =?us-ascii?Q?A/D6PlSH+l8Ew+D20LmRNMamxVbZltkqWCSgp67l8rgFN2s6m2Y5q4A4DOXa?= =?us-ascii?Q?TfkGQcS5lw0ISXNoo2FfoE8mAzXAY0PlbgQOH0Ne6g5uEe1uN1nsTyj7vz0d?= =?us-ascii?Q?WUbeNq6w/x6xVc3+SyRTCvQqYJdnaW9zPUD0DlMkZCHUYnep3Ds23Yif5893?= =?us-ascii?Q?r06BFUGMq18bcQcK+DtqBdNmVUT28NI9z3iId0qSkLh2yS1W6hAJgDvsFFTn?= =?us-ascii?Q?d9IKyg2Mb9QLkNeHZzuXrO/HBXwVpr0rNrGd6tM6jVJHfH2mYfl39nUkNi2M?= =?us-ascii?Q?tLFNcZFv6jcE2Pn82LEJCkwDFG3/S5xoKLkLgrQWzH/U4nT8QuHnYNjoVP++?= =?us-ascii?Q?G6qgEx+PrvZAIesJORJ4lLAhhcuw5RNLZq0YomiVvI/Lh7fkGXdyNRCjKhUW?= =?us-ascii?Q?rMDBsPJNDjEVWvGGIbO1IY589/BgRanCeD286pbLlb5c2W0u1/k7taZ1GabF?= =?us-ascii?Q?oeglYZJeKcyCJTKjPay9R04FhL7MyfQ6vQLy+CtMtrDwaCbIG3Htov1t2Ub9?= =?us-ascii?Q?26yxQtjEwGzxsgCNEL5d7qz8XmcK/026oUnNxNxJUpBw9D+6BxeX9jwuRkPj?= =?us-ascii?Q?mJP4X+/7O2CzGga6uiRT3QcaaOSUZEtZOcgwsSGCCAEtuWxZTctmpXKsr0JI?= =?us-ascii?Q?24GAZIMe2VZU/aPTAhxckH6v0LqfiDLXYiy0uXXTXZvgL4O1eAvbiHfgYeEQ?= =?us-ascii?Q?JLb7q4gGnmbpMlPoV+dzxykCKGHQa8OWgwZIADTyI7ItSv7IFUP+rjMsp0+l?= =?us-ascii?Q?fva8kvvE85e/V5f9lmXVsWyc2xbzptyhJjOqkrgqnOBFh5lVnf2m5H/QgrO/?= =?us-ascii?Q?eMCIwXQtRiGoPoFvOG/IuYYwEHgbFqmf57ElIGOYeCAfyzQTkyLIVUxIsef8?= =?us-ascii?Q?sf0CzFF6M/vjY2XXY9sCqQbJI+8Tl54cRU8iuz7MAKAQg2frGuJ+vHlmPqdg?= =?us-ascii?Q?Wck8eeEWJcJAxlJzjEV9LKk0tEwlxt+WOk+1P8VgTAWgID46TEHdqZeVg7Kb?= =?us-ascii?Q?zfWqcnGmAEjh4f7cu4tZZ7/5v3XZoAyzsPtaPe2Tt0BThjVELpXuatXmxRgp?= =?us-ascii?Q?Lk8mAzrb5pwGqYuSOOYkz3RXcgx3KKBrhLmkOalGnRX4RfxeHDRrSf1uTUxQ?= =?us-ascii?Q?9WFAeUQKVMhNSJKzJaVjIPJ93We1QcDBTNZH2DcmbgkFnFnFT6Epc9Nus4Zh?= =?us-ascii?Q?DReSNVB4aiAPonCTQ2F7p0jayN50Yq4MJVslyCqykuA1+3unmXl1NXVZSdFF?= =?us-ascii?Q?PnncFboxhdhjDeCiHqPvIpuEWiTTvJOE/uKLbRM/sMQvQQnH5x+dKHkVU44d?= =?us-ascii?Q?R4QX66tJ+Y9c9LJFqmiOk2bqpm7Pi/U/LUzSWdUUBoz/v0UskfcCfLR4fZVd?= =?us-ascii?Q?fJEfDfUlIDgcrPHiuyifF09so5IK0AJK/HVk6oMFOT9T9o6u+7NBM1ToAV9x?= =?us-ascii?Q?DpmIF+SSICSu3WcZ4WUwxRqmoRyhVS5459xPzN3SNZhlPTKnomRsl+wQuRSZ?= =?us-ascii?Q?BJxIwuCFIJ6SQYb3YxwRKOxA+0Hsy3KV1L4NBZ14QtMYqXeQ4oMyJeU37i/T?= =?us-ascii?Q?6xUVGFD5fezH/10YlMRp+mwsDwLG3DL7epule/t1SBFYzzqcyO+i+7+qGxcw?= =?us-ascii?Q?OPMFyKhYgniiSR0D0YUyKg82bQatHgaoCaL3qH6DZi1W?= X-OriginatorOrg: microsoft.com X-MS-Exchange-CrossTenant-Network-Message-Id: fe0f7843-ce9c-4d3e-3504-08db9ab90d30 X-MS-Exchange-CrossTenant-AuthSource: MW2PR2101MB1099.namprd21.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 11 Aug 2023 22:19:38.5803 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 72f988bf-86f1-41af-91ab-2d7cd011db47 X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: Eqd6G8PdgeP8yT+mmVTkjcfbqSXxZhykXBVU1xOBZ18IZWp6GJnYbAH3ucPcac1LS57xli79eIcn008buBWGhQ== X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM4PR21MB3417 Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Don't set *this_cpu_ptr(hyperv_pcpu_input_arg) before the function set_memory_decrypted() returns, otherwise we run into this ticky issue: For a fully enlightened TDX/SNP VM, in hv_common_cpu_init(), *this_cpu_ptr(hyperv_pcpu_input_arg) is an encrypted page before the set_memory_decrypted() returns. When such a VM has more than 64 VPs, if the hyperv_pcpu_input_arg is not NULL, hv_common_cpu_init() -> set_memory_decrypted() -> ... -> cpa_flush() -> on_each_cpu() -> ... -> hv_send_ipi_mask() -> ... -> __send_ipi_mask_ex() tries to call hv_do_fast_hypercall16() with the hyperv_pcpu_input_arg as the hypercall input page, which must be a decrypted page in such a VM, but the page is still encrypted at this point, and a fatal fault is triggered. Fix the issue by setting *this_cpu_ptr(hyperv_pcpu_input_arg) after set_memory_decrypted(): if the hyperv_pcpu_input_arg is NULL, __send_ipi_mask_ex() returns HV_STATUS_INVALID_PARAMETER immediately, and hv_send_ipi_mask() falls back to orig_apic.send_IPI_mask(), which can use x2apic_send_IPI_all(), which may be slightly slower than the hypercall but still works correctly in such a VM. Signed-off-by: Dexuan Cui Reviewed-by in the v6 patchset [3]. Reviewed-by: Tianyu Lan --- drivers/hv/hv_common.c | 30 +++++++++++++++++++++++------- 1 file changed, 23 insertions(+), 7 deletions(-) diff --git a/drivers/hv/hv_common.c b/drivers/hv/hv_common.c index 897bbb96f4118..4c858e1636da7 100644 --- a/drivers/hv/hv_common.c +++ b/drivers/hv/hv_common.c @@ -360,6 +360,7 @@ int hv_common_cpu_init(unsigned int cpu) u64 msr_vp_index; gfp_t flags; int pgcount =3D hv_root_partition ? 2 : 1; + void *mem; int ret; =20 /* hv_cpu_init() can be called with IRQs disabled from hv_resume() */ @@ -372,25 +373,40 @@ int hv_common_cpu_init(unsigned int cpu) * allocated if this CPU was previously online and then taken offline */ if (!*inputarg) { - *inputarg =3D kmalloc(pgcount * HV_HYP_PAGE_SIZE, flags); - if (!(*inputarg)) + mem =3D kmalloc(pgcount * HV_HYP_PAGE_SIZE, flags); + if (!mem) return -ENOMEM; =20 if (hv_root_partition) { outputarg =3D (void **)this_cpu_ptr(hyperv_pcpu_output_arg); - *outputarg =3D (char *)(*inputarg) + HV_HYP_PAGE_SIZE; + *outputarg =3D (char *)mem + HV_HYP_PAGE_SIZE; } =20 if (hv_isolation_type_en_snp() || hv_isolation_type_tdx()) { - ret =3D set_memory_decrypted((unsigned long)*inputarg, pgcount); + ret =3D set_memory_decrypted((unsigned long)mem, pgcount); if (ret) { - /* It may be unsafe to free *inputarg */ - *inputarg =3D NULL; + /* It may be unsafe to free 'mem' */ return ret; } =20 - memset(*inputarg, 0x00, pgcount * PAGE_SIZE); + memset(mem, 0x00, pgcount * HV_HYP_PAGE_SIZE); } + + /* + * In a fully enlightened TDX/SNP VM with more than 64 VPs, if + * hyperv_pcpu_input_arg is not NULL, set_memory_decrypted() -> + * ... -> cpa_flush()-> ... -> __send_ipi_mask_ex() tries to + * use hyperv_pcpu_input_arg as the hypercall input page, which + * must be a decrypted page in such a VM, but the page is still + * encrypted before set_memory_decrypted() returns. Fix this by + * setting *inputarg after the above set_memory_decrypted(): if + * hyperv_pcpu_input_arg is NULL, __send_ipi_mask_ex() returns + * HV_STATUS_INVALID_PARAMETER immediately, and the function + * hv_send_ipi_mask() falls back to orig_apic.send_IPI_mask(), + * which may be slightly slower than the hypercall, but still + * works correctly in such a VM. + */ + *inputarg =3D mem; } =20 msr_vp_index =3D hv_get_register(HV_REGISTER_VP_INDEX); --=20 2.25.1 From nobody Wed Dec 17 04:18:32 2025 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 935FCC04A6A for ; Fri, 11 Aug 2023 22:20:18 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S237123AbjHKWUQ (ORCPT ); Fri, 11 Aug 2023 18:20:16 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:53674 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S236682AbjHKWTq (ORCPT ); Fri, 11 Aug 2023 18:19:46 -0400 Received: from BN6PR00CU002.outbound.protection.outlook.com (mail-eastus2azon11021018.outbound.protection.outlook.com [52.101.57.18]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id EA4EE2D5B; Fri, 11 Aug 2023 15:19:45 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=iGeREU6I/o4uRrn35P3iicDIr9FhPSssJIOn2x4VxuAbiWAUdrydw5F2DNsysiwZyQ6RZwxeNWpfqz+XAQxPxFc2Um+tr1uPHHu1H+1/5yob1NIb4nm2x7ToABHQ9+DN2ExGiUHYOtQ7eqPwLX1ut2KOyVoqeP1FhWG8n9KgAy4I4dL1ymZP+FDiLKM0hIIs/KII0f2HNANntm7qw+vWHKSuiHhnbSt4+VfhZ4PrYu2tFCcrrMHgFLO2AbI9qPtlY64jpy8ZWA3tZKzfi298oKnxJuFHrf81xTbhn/wP3V+qPhOfTUJJucEq+maTn2IYsF7ty5SKj2ANBU7v207BOw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=KrDZjoP4EKuRXBH+OwFtD1TXWpVrzRIXgCGY/e0gbeY=; b=Gig4COnnS+pOnO+OuCqlRXn2qAkxARV3Jtj2wGgdmLgasqw/llnqZ63BVXf6Hxi5L0Tt6Zd3NdJoXQZ2Z272IFKCupQtTdJTiEuAxwO8G1fwqLQBxzXQnSYCM4YD7jG62DaU670O0iDjV1Kz9VGiAb07aCQ1nuPKgSMuK2G8IzB3dw2MS//Wnx2xr/7pE+E7Ao3GFon5EIFzt+2UTGHFoPTXwCAkcJBcdAtwz8hwUHfjPWEcq9sYMaLMPclIH09iFzUco18j9jXqTiXvxIkJUAS8o/mwAATCx8SnchGQMUYnCRzImUYtIPBEVURkRpagya/kS6T6A3ONoGuP/BtfvA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=microsoft.com; dmarc=pass action=none header.from=microsoft.com; dkim=pass header.d=microsoft.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=KrDZjoP4EKuRXBH+OwFtD1TXWpVrzRIXgCGY/e0gbeY=; b=grzJ/IJTyTQ7gm7es3XimcHdMmJcsa2t9EMZe/shckUCe2TulmyhiEKVRR31z+CmhfP3bExX0TWFpDwW0F4qmJ6n36DlV+k0tH2m4WQH43fJ5LUmrhAFYUEMBRKyoif5MmR2Cj5Df6xSNpVvyEsMiwTfY7Gun24wwKm0MNCZzdE= Authentication-Results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=microsoft.com; Received: from MW2PR2101MB1099.namprd21.prod.outlook.com (2603:10b6:302:4::29) by DM4PR21MB3417.namprd21.prod.outlook.com (2603:10b6:8:b1::6) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6699.9; Fri, 11 Aug 2023 22:19:39 +0000 Received: from MW2PR2101MB1099.namprd21.prod.outlook.com ([fe80::5feb:7d06:e396:fdba]) by MW2PR2101MB1099.namprd21.prod.outlook.com ([fe80::5feb:7d06:e396:fdba%4]) with mapi id 15.20.6699.008; Fri, 11 Aug 2023 22:19:39 +0000 From: Dexuan Cui To: ak@linux.intel.com, arnd@arndb.de, bp@alien8.de, brijesh.singh@amd.com, dan.j.williams@intel.com, dave.hansen@intel.com, dave.hansen@linux.intel.com, haiyangz@microsoft.com, hpa@zytor.com, jane.chu@oracle.com, kirill.shutemov@linux.intel.com, kys@microsoft.com, linux-hyperv@vger.kernel.org, luto@kernel.org, mingo@redhat.com, peterz@infradead.org, rostedt@goodmis.org, sathyanarayanan.kuppuswamy@linux.intel.com, seanjc@google.com, tglx@linutronix.de, tony.luck@intel.com, wei.liu@kernel.org, Jason@zx2c4.com, nik.borisov@suse.com, mikelley@microsoft.com Cc: x86@kernel.org, linux-kernel@vger.kernel.org, linux-arch@vger.kernel.org, Tianyu.Lan@microsoft.com, rick.p.edgecombe@intel.com, andavis@redhat.com, mheslin@redhat.com, vkuznets@redhat.com, xiaoyao.li@intel.com, Dexuan Cui Subject: [PATCH 6/9] x86/hyperv: Introduce a global variable hyperv_paravisor_present Date: Fri, 11 Aug 2023 15:18:48 -0700 Message-Id: <20230811221851.10244-7-decui@microsoft.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20230811221851.10244-1-decui@microsoft.com> References: <20230811221851.10244-1-decui@microsoft.com> X-ClientProxiedBy: MW2PR16CA0047.namprd16.prod.outlook.com (2603:10b6:907:1::24) To MW2PR2101MB1099.namprd21.prod.outlook.com (2603:10b6:302:4::29) MIME-Version: 1.0 X-MS-Exchange-MessageSentRepresentingType: 1 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: MW2PR2101MB1099:EE_|DM4PR21MB3417:EE_ X-MS-Office365-Filtering-Correlation-Id: ba029454-a03f-4600-ba7f-08db9ab90d77 X-LD-Processed: 72f988bf-86f1-41af-91ab-2d7cd011db47,ExtAddr X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: FQGuM64A0QmnQ9Skl2WQyJPF/Z34jOe9xdVvNUvbhrLksfbHmOm1agXnOD4nZAHF2q4Nco95Otzo+WVxwwhxsF+Go+h41ALLz0lAYiVaHfgVNz09aH6p8T91edj3MSFOzVzZ0bxv5v+Oja3gJakMQpL8YGreFI1q4ZscpdUBPtfM6y/jyGL6Ru6BA1lbE2u/DHqP6KYqiatekuC0TaVzs8/N2/zLrsmoLr2gbnv8WxpiYNOk1KaBs/u7aVRzQlwf5ss763LHOOXri3kJLobF4NYgjabl4kOoH/9W+Dtfmu/2xcztODwZvoizZM9p/KUhi5A5fWgm4bf4varBG0YScCaV7IWzEzY+cyBLHWvCRUBDw+QSD8fwjY2zxujUppZDb/+9L6hB7ypEedkxls15q52w/FLcMmBPHfW1/xEHedeWW4dnffjc/khPBFy/ly5xOtUn0w5X3MowME3wFqELOU/C+C6Teo6WYhyV1/si18Dj8t+YqAx0njo9CllS5xTENOsLUD24RGvsxPt/2C3K2XR2Ud5TDsrNZ/sfXnogN4vYk0/qBrMVXEYNjEydoxjhq6OMchSB+fy0ZYOsFxA7joBQ9P/FvhGlJoHdV2DugVCPYZnIjVBxCT/8MdAaQErfo2+37YwWfU3tl0/G1zXY8DVxXZgumuU65QR4ing05bIH3YJ8rh6zc7reZSLsiS1YMcmjbVM4qzVTpb1P+k6kCA== X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:MW2PR2101MB1099.namprd21.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230028)(39860400002)(346002)(366004)(136003)(376002)(396003)(1800799006)(451199021)(186006)(30864003)(2906002)(12101799016)(36756003)(2616005)(86362001)(41300700001)(83380400001)(5660300002)(8676002)(8936002)(6506007)(1076003)(107886003)(6512007)(6486002)(4326008)(6636002)(316002)(52116002)(478600001)(10290500003)(66946007)(66476007)(66556008)(6666004)(921005)(7416002)(7406005)(82960400001)(82950400001)(38100700002)(309714004);DIR:OUT;SFP:1102; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: =?us-ascii?Q?FzeLYFk9IwTo6qmpp+NslGXmVvfgnDblmju7RVtPScD8NDKB/QUT1Ui8GyWv?= =?us-ascii?Q?C/ciQrckgVqDv5uG/iClMT4WzfHuIfGb6JyOZWPNpGUSiV7pGGDX2pb+Btsu?= =?us-ascii?Q?2f209WSk2Cejf801lnZzIExvuBOgDSmP8W+seQsymIYo8iY6oknEwUwT0O6P?= =?us-ascii?Q?mdR1QddyPl9UnfH19t7A6zbxy0NG4Z161j4hXctLN2WTSseTS2DkuGEB0IDG?= =?us-ascii?Q?nIO4MM81Gu3UOg2iUDhgkm5//T/u8A0Bj/bSe97g/hEcExZXbFV4lALKtz5B?= =?us-ascii?Q?+ZYShkNtbjzDkf7xHaJONdqrjoPliW/Da2D5JGiOA5g4lfnDH9We1oQsFuU1?= =?us-ascii?Q?DmGzCithX0ExTPNTsoJRmn52fI/KI8CddyIqkSNBEGhyF+PPFzq24o+1vLmo?= =?us-ascii?Q?2ECTowc/vqhwkVdebSwGg9CC5PaLdlol9HVWuZ1x8bGwYLIDfW7KQgHOCP3v?= =?us-ascii?Q?ZKG6s0mhSZTONNF9LwH2JfPr+9tvd3zPZPyXpEV0hmVjTAJ56fAr88pWZ7fO?= =?us-ascii?Q?ENMbKgl97I6DDbOmqiVl8ulCnl81JZ1zoq4R9nn2STgyVXEzA3kdGiDpBCbR?= =?us-ascii?Q?diru+7bBylDEiAIdCVmYKu9+Dh4aFYle+FOAoCQFS+IM83IrFChV5zlecgk3?= =?us-ascii?Q?RSctQYoxQKx/yWXEzxo0dZVh1ON6HQX5IqVfc85SuZE5Rd75ZU3e486eQWxz?= =?us-ascii?Q?pwP7SprHR8s1y5Dos0ILGffZKhUHy0shm05gvyLXdC1DqtZ0YcgfFn51oJiG?= =?us-ascii?Q?6MnOKXPqGmfIWZdmtaYRpIVs8GRbFCB9eTLfAXJt9GZ2qt0Cvc+wN/0x5e2T?= =?us-ascii?Q?VsT8R2JM0FFhKpsTt/pHZdJcmtxMIHPGfIi28jITs8OVfiU0GsmfemOPVh0b?= =?us-ascii?Q?17ryCXPaMQq6aSCPS8/rVwxY/Ty7nwpciCd82vSiARME2vpiMYsYtlLPYwvx?= =?us-ascii?Q?CKokTkajDlOtTH7jnizVwO+6GKPeGg9jR/LCJArFIQZWZGb5L/gG1HZS8sHp?= =?us-ascii?Q?WSwCvD99iWiWNBQ6s5eQNHmq3MtIiSzKnxbhK7eB3y8KoX7gkMOdESiIxH/K?= =?us-ascii?Q?q34Tg+jn492AfTPU6DO1bRaTG8/Pt1HtFfCh43CC0DplHJ+jYdKKnnAaLdrC?= =?us-ascii?Q?ZuVKs+ud3OBw2uAjg6R/0GFPUNxhraRWeOp4Iw68fDcNkCiD0wBn/TnUb9yc?= =?us-ascii?Q?IBI9Oe6GaMFEXKABE+9lTBxOyu2bIrvQDhmgbfvDDcNX1UDJJLLZUwMZr8f8?= =?us-ascii?Q?R9ItCIb8gM20KcS6eTONCr1tBYYssConMX9qUf4ilur9RcwB3UETfw88UIsP?= =?us-ascii?Q?p3yU2vYpwfFAZe42B/BSZNH1rkckqB0Zb73dUy7k0GnmuFf6kNtBZmvMcf26?= =?us-ascii?Q?8EbU2M3yRC5CNxwavYOwYJXqTmU1btGMAaFfYVS57XCp8p2W/9y1YblB3sov?= =?us-ascii?Q?28px4taoUEc7QfW7oiJq1BYVwxElpN3t9tg9MH//w7WNOUA2BRxBEmvQ6IrY?= =?us-ascii?Q?yn/DrhQ5SNH0i8ENeKEq+UGvYXFGIm3hw/HIly1sxS5Dar/gexjhjoSoa1An?= =?us-ascii?Q?/ejsK5Qd0Xh2l5iWCYUFgBG/a8XQMpgO2jHgWV0WXYfAdLJihlukvp/oBEOM?= =?us-ascii?Q?9ZPggAPeeahbjjn5cbkggObvKjJaYO104DsH5+kR7K3D?= X-OriginatorOrg: microsoft.com X-MS-Exchange-CrossTenant-Network-Message-Id: ba029454-a03f-4600-ba7f-08db9ab90d77 X-MS-Exchange-CrossTenant-AuthSource: MW2PR2101MB1099.namprd21.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 11 Aug 2023 22:19:39.0357 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 72f988bf-86f1-41af-91ab-2d7cd011db47 X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: niyVp3zfRb3D5VsMKm1FCFNxHmW41IzvpIquGXWIDm01k7dxFSNw4L6KCG5toe2mDVRgR2zIK3hhDPD90DqQ8g== X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM4PR21MB3417 Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" The new variable hyperv_paravisor_present is set only when the VM is a SNP/TDX with the paravisor running: see ms_hyperv_init_platform(). In many places, hyperv_paravisor_present can replace ms_hyperv.paravisor_present, and it's also used to replace hv_isolation_type_snp() in drivers/hv/hv.c. Call hv_vtom_init() when it's a VBS VM or when hyperv_paravisor_present is true (i.e. the VM is a SNP/TDX VM with the paravisor). Enhance hv_vtom_init() for a TDX VM with the paravisor. The biggest motive to introduce hyperv_paravisor_present is that we can not use ms_hyperv.paravisor_present in arch/x86/include/asm/mshyperv.h: that would introduce a complicated header file dependency issue. In arch/x86/include/asm/mshyperv.h, _hv_do_fast_hypercall8() is changed to specially handle HVCALL_SIGNAL_EVENT for a TDX VM with the paravisor, because such a VM must use TDX GHCI (see hv_tdx_hypercall()) for this hypercall. See vmbus_set_event() -> hv_do_fast_hypercall8() -> _hv_do_fast_hypercall8() -> hv_tdx_hypercall(). In hv_common_cpu_init(), don't decrypt the hyperv_pcpu_input_arg for a TDX VM with the paravisor, just like we don't decrypt the page for a SNP VM with the paravisor. Signed-off-by: Dexuan Cui Reviewed-by in the v6 patchset [3]. --- arch/x86/hyperv/hv_apic.c | 4 ++-- arch/x86/hyperv/hv_init.c | 4 ++-- arch/x86/hyperv/ivm.c | 20 ++++++++++++++++++-- arch/x86/include/asm/mshyperv.h | 9 ++++++--- arch/x86/kernel/cpu/mshyperv.c | 13 ++++++++++--- drivers/hv/connection.c | 2 +- drivers/hv/hv.c | 12 ++++++------ drivers/hv/hv_common.c | 6 +++++- include/asm-generic/mshyperv.h | 1 + 9 files changed, 51 insertions(+), 20 deletions(-) diff --git a/arch/x86/hyperv/hv_apic.c b/arch/x86/hyperv/hv_apic.c index cb7429046d18d..8958836500d01 100644 --- a/arch/x86/hyperv/hv_apic.c +++ b/arch/x86/hyperv/hv_apic.c @@ -179,7 +179,7 @@ static bool __send_ipi_mask(const struct cpumask *mask,= int vector, =20 /* A fully enlightened TDX VM uses GHCI rather than hv_hypercall_pg. */ if (!hv_hypercall_pg) { - if (ms_hyperv.paravisor_present || !hv_isolation_type_tdx()) + if (hyperv_paravisor_present || !hv_isolation_type_tdx()) return false; } =20 @@ -239,7 +239,7 @@ static bool __send_ipi_one(int cpu, int vector) =20 /* A fully enlightened TDX VM uses GHCI rather than hv_hypercall_pg. */ if (!hv_hypercall_pg) { - if (ms_hyperv.paravisor_present || !hv_isolation_type_tdx()) + if (hyperv_paravisor_present || !hv_isolation_type_tdx()) return false; } =20 diff --git a/arch/x86/hyperv/hv_init.c b/arch/x86/hyperv/hv_init.c index 4bcd0a6f94760..e67e2430fba35 100644 --- a/arch/x86/hyperv/hv_init.c +++ b/arch/x86/hyperv/hv_init.c @@ -663,8 +663,8 @@ bool hv_is_hyperv_initialized(void) if (x86_hyper_type !=3D X86_HYPER_MS_HYPERV) return false; =20 - /* A TDX guest uses the GHCI call rather than hv_hypercall_pg. */ - if (hv_isolation_type_tdx()) + /* A TDX VM with no paravisor uses TDX GHCI call rather than hv_hypercall= _pg */ + if (hv_isolation_type_tdx() && !hyperv_paravisor_present) return true; /* * Verify that earlier initialization succeeded by checking diff --git a/arch/x86/hyperv/ivm.c b/arch/x86/hyperv/ivm.c index 5792cddea4914..0d54bc8b06b4a 100644 --- a/arch/x86/hyperv/ivm.c +++ b/arch/x86/hyperv/ivm.c @@ -459,13 +459,29 @@ int hv_snp_boot_ap(int cpu, unsigned long start_ip) =20 void __init hv_vtom_init(void) { + enum hv_isolation_type type =3D hv_get_isolation_type(); /* * By design, a VM using vTOM doesn't see the SEV setting, * so SEV initialization is bypassed and sev_status isn't set. * Set it here to indicate a vTOM VM. */ - sev_status =3D MSR_AMD64_SNP_VTOM; - cc_vendor =3D CC_VENDOR_AMD; + switch (type) { + case HV_ISOLATION_TYPE_VBS: + fallthrough; + + case HV_ISOLATION_TYPE_SNP: + sev_status =3D MSR_AMD64_SNP_VTOM; + cc_vendor =3D CC_VENDOR_AMD; + break; + + case HV_ISOLATION_TYPE_TDX: + cc_vendor =3D CC_VENDOR_INTEL; + break; + + default: + panic("hv_vtom_init: unsupported isolation type %d\n", type); + } + cc_set_mask(ms_hyperv.shared_gpa_boundary); physical_mask &=3D ms_hyperv.shared_gpa_boundary - 1; =20 diff --git a/arch/x86/include/asm/mshyperv.h b/arch/x86/include/asm/mshyper= v.h index 4c68564a165e5..9fa31dce69727 100644 --- a/arch/x86/include/asm/mshyperv.h +++ b/arch/x86/include/asm/mshyperv.h @@ -42,6 +42,7 @@ static inline unsigned char hv_get_nmi_reason(void) =20 #if IS_ENABLED(CONFIG_HYPERV) extern int hyperv_init_cpuhp; +extern bool hyperv_paravisor_present; =20 extern void *hv_hypercall_pg; =20 @@ -74,7 +75,7 @@ static inline u64 hv_do_hypercall(u64 control, void *inpu= t, void *output) u64 hv_status; =20 #ifdef CONFIG_X86_64 - if (hv_isolation_type_tdx()) + if (hv_isolation_type_tdx() && !hyperv_paravisor_present) return hv_tdx_hypercall(control, cc_mkdec(input_address), cc_mkdec(output_address)); @@ -121,7 +122,9 @@ static inline u64 _hv_do_fast_hypercall8(u64 control, u= 64 input1) u64 hv_status; =20 #ifdef CONFIG_X86_64 - if (hv_isolation_type_tdx()) + if (hv_isolation_type_tdx() && + (!hyperv_paravisor_present || + control =3D=3D (HVCALL_SIGNAL_EVENT | HV_HYPERCALL_FAST_BIT))) return hv_tdx_hypercall(control, input1, 0); =20 { @@ -170,7 +173,7 @@ static inline u64 _hv_do_fast_hypercall16(u64 control, = u64 input1, u64 input2) u64 hv_status; =20 #ifdef CONFIG_X86_64 - if (hv_isolation_type_tdx()) + if (hv_isolation_type_tdx() && !hyperv_paravisor_present) return hv_tdx_hypercall(control, input1, input2); =20 { diff --git a/arch/x86/kernel/cpu/mshyperv.c b/arch/x86/kernel/cpu/mshyperv.c index b4214e37e9124..ddcc62185e4ae 100644 --- a/arch/x86/kernel/cpu/mshyperv.c +++ b/arch/x86/kernel/cpu/mshyperv.c @@ -40,6 +40,12 @@ bool hv_root_partition; bool hv_nested; struct ms_hyperv_info ms_hyperv; =20 +/* + * Used in modules via hv_do_hypercall(): see arch/x86/include/asm/mshyper= v.h. + * Exported in drivers/hv/hv_common.c to not break the ARM64 build. + */ +bool hyperv_paravisor_present __ro_after_init; + #if IS_ENABLED(CONFIG_HYPERV) static inline unsigned int hv_get_nested_reg(unsigned int reg) { @@ -430,6 +436,8 @@ static void __init ms_hyperv_init_platform(void) ms_hyperv.shared_gpa_boundary =3D BIT_ULL(ms_hyperv.shared_gpa_boundary_bits); =20 + hyperv_paravisor_present =3D !!ms_hyperv.paravisor_present; + pr_info("Hyper-V: Isolation Config: Group A 0x%x, Group B 0x%x\n", ms_hyperv.isolation_config_a, ms_hyperv.isolation_config_b); =20 @@ -444,7 +452,7 @@ static void __init ms_hyperv_init_platform(void) /* A TDX VM must use x2APIC and doesn't use lazy EOI. */ ms_hyperv.hints &=3D ~HV_X64_APIC_ACCESS_RECOMMENDED; =20 - if (!ms_hyperv.paravisor_present) { + if (!hyperv_paravisor_present) { /* * The ms_hyperv.shared_gpa_boundary_active in * a fully enlightened TDX VM is 0, but the GPAs @@ -535,8 +543,7 @@ static void __init ms_hyperv_init_platform(void) =20 #if IS_ENABLED(CONFIG_HYPERV) if ((hv_get_isolation_type() =3D=3D HV_ISOLATION_TYPE_VBS) || - ((hv_get_isolation_type() =3D=3D HV_ISOLATION_TYPE_SNP) && - ms_hyperv.paravisor_present)) + hyperv_paravisor_present) hv_vtom_init(); /* * Setup the hook to get control post apic initialization. diff --git a/drivers/hv/connection.c b/drivers/hv/connection.c index 02b54f85dc607..7f64fc942323b 100644 --- a/drivers/hv/connection.c +++ b/drivers/hv/connection.c @@ -484,7 +484,7 @@ void vmbus_set_event(struct vmbus_channel *channel) =20 ++channel->sig_events; =20 - if (hv_isolation_type_snp()) + if (hv_isolation_type_snp() && hyperv_paravisor_present) hv_ghcb_hypercall(HVCALL_SIGNAL_EVENT, &channel->sig_event, NULL, sizeof(channel->sig_event)); else diff --git a/drivers/hv/hv.c b/drivers/hv/hv.c index 28bbb354324d6..20bc44923e4f0 100644 --- a/drivers/hv/hv.c +++ b/drivers/hv/hv.c @@ -109,7 +109,7 @@ int hv_synic_alloc(void) * Synic message and event pages are allocated by paravisor. * Skip these pages allocation here. */ - if (!hv_isolation_type_snp() && !hv_root_partition) { + if (!hyperv_paravisor_present && !hv_root_partition) { hv_cpu->synic_message_page =3D (void *)get_zeroed_page(GFP_ATOMIC); if (hv_cpu->synic_message_page =3D=3D NULL) { @@ -128,7 +128,7 @@ int hv_synic_alloc(void) } } =20 - if (!ms_hyperv.paravisor_present && + if (!hyperv_paravisor_present && (hv_isolation_type_en_snp() || hv_isolation_type_tdx())) { ret =3D set_memory_decrypted((unsigned long) hv_cpu->synic_message_page, 1); @@ -226,7 +226,7 @@ void hv_synic_enable_regs(unsigned int cpu) simp.as_uint64 =3D hv_get_register(HV_REGISTER_SIMP); simp.simp_enabled =3D 1; =20 - if (hv_isolation_type_snp() || hv_root_partition) { + if (hyperv_paravisor_present || hv_root_partition) { /* Mask out vTOM bit. ioremap_cache() maps decrypted */ u64 base =3D (simp.base_simp_gpa << HV_HYP_PAGE_SHIFT) & ~ms_hyperv.shared_gpa_boundary; @@ -249,7 +249,7 @@ void hv_synic_enable_regs(unsigned int cpu) siefp.as_uint64 =3D hv_get_register(HV_REGISTER_SIEFP); siefp.siefp_enabled =3D 1; =20 - if (hv_isolation_type_snp() || hv_root_partition) { + if (hyperv_paravisor_present || hv_root_partition) { /* Mask out vTOM bit. ioremap_cache() maps decrypted */ u64 base =3D (siefp.base_siefp_gpa << HV_HYP_PAGE_SHIFT) & ~ms_hyperv.shared_gpa_boundary; @@ -336,7 +336,7 @@ void hv_synic_disable_regs(unsigned int cpu) * addresses. */ simp.simp_enabled =3D 0; - if (hv_isolation_type_snp() || hv_root_partition) { + if (hyperv_paravisor_present || hv_root_partition) { iounmap(hv_cpu->synic_message_page); hv_cpu->synic_message_page =3D NULL; } else { @@ -348,7 +348,7 @@ void hv_synic_disable_regs(unsigned int cpu) siefp.as_uint64 =3D hv_get_register(HV_REGISTER_SIEFP); siefp.siefp_enabled =3D 0; =20 - if (hv_isolation_type_snp() || hv_root_partition) { + if (hyperv_paravisor_present || hv_root_partition) { iounmap(hv_cpu->synic_event_page); hv_cpu->synic_event_page =3D NULL; } else { diff --git a/drivers/hv/hv_common.c b/drivers/hv/hv_common.c index 4c858e1636da7..c0b0ac44ffa3c 100644 --- a/drivers/hv/hv_common.c +++ b/drivers/hv/hv_common.c @@ -40,6 +40,9 @@ bool __weak hv_root_partition; EXPORT_SYMBOL_GPL(hv_root_partition); =20 +bool __weak hyperv_paravisor_present; +EXPORT_SYMBOL_GPL(hyperv_paravisor_present); + bool __weak hv_nested; EXPORT_SYMBOL_GPL(hv_nested); =20 @@ -382,7 +385,8 @@ int hv_common_cpu_init(unsigned int cpu) *outputarg =3D (char *)mem + HV_HYP_PAGE_SIZE; } =20 - if (hv_isolation_type_en_snp() || hv_isolation_type_tdx()) { + if (!hyperv_paravisor_present && + (hv_isolation_type_en_snp() || hv_isolation_type_tdx())) { ret =3D set_memory_decrypted((unsigned long)mem, pgcount); if (ret) { /* It may be unsafe to free 'mem' */ diff --git a/include/asm-generic/mshyperv.h b/include/asm-generic/mshyperv.h index 30fa75facd784..a6e4f38222c81 100644 --- a/include/asm-generic/mshyperv.h +++ b/include/asm-generic/mshyperv.h @@ -176,6 +176,7 @@ extern int vmbus_interrupt; extern int vmbus_irq; =20 extern bool hv_root_partition; +extern bool hyperv_paravisor_present; =20 #if IS_ENABLED(CONFIG_HYPERV) /* --=20 2.25.1 From nobody Wed Dec 17 04:18:32 2025 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 32125C001B0 for ; Fri, 11 Aug 2023 22:20:22 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S237129AbjHKWUU (ORCPT ); Fri, 11 Aug 2023 18:20:20 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:53608 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S236774AbjHKWT7 (ORCPT ); Fri, 11 Aug 2023 18:19:59 -0400 Received: from BN6PR00CU002.outbound.protection.outlook.com (mail-eastus2azon11021018.outbound.protection.outlook.com [52.101.57.18]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id EC6FC30D2; Fri, 11 Aug 2023 15:19:46 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=A0X7Wor/VFgdxwKL8sW27ECB43AxXx/b2uTBjOtoBt6WKlcpDNWhqId4ZWd6Q2XKpUp528pV+hAsAxm2j4h464Rzt6u3CeSnlfJ4LP4AAy2goRYha1tbn+aFn3+xGE3OJ/8TeF+E8t6Gsg0V9xYiTeYgIhRsPDubj+xymtFRKLv903HoYpHpl5F+gTMxF03rKjSJMC7lNxkBOtPw8cKC2+mc6aCwNzxZwK4s5TDdznSBLhkhjJtI6yndSXXHJkOBZqAufLPMPeOmGVSy7BGhPqgzKx/URPm4S0GZFBLmObuqTCeaefsb3gYUVKChj3wroan0+RlkxWY1+Iie4En4bw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=VP+DsTE5fkHYtBcueWlakZ3AYSU1LGxtAACLwV2iAA4=; b=SrJCFhYtnNvquC5GhQ0FIL0FscxNkDAFaaBLUnHOnUMsLMI3XSLoz5sT7EunJtNR18JimPcHTo+o9AqiwgzO5ZuujQnMVsv7WZd6vfIo5l6G6IVR9NjKQFG1AaDCVjzythB9a2cTIx2dcZlqk1Y/cayQsyKjlAZujRpahdZjil0D+/iouCyj/c5nKj87hbQqYr7LexsjbpVbtK/BBDPqkjMmV/11Xx0wFBWj7JsNAHjpXUJjtWeBkdXsIToTjsKtA3s3YzJ3thB4PunEuxAuA0pwx78gl5iIptXPCKPM+aoxuO8Ye/wrFC3nmKI8MZaC9+mjHy6mqkt3dPIAbWj/hQ== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=microsoft.com; dmarc=pass action=none header.from=microsoft.com; dkim=pass header.d=microsoft.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=VP+DsTE5fkHYtBcueWlakZ3AYSU1LGxtAACLwV2iAA4=; b=TJ6r2b8WnC1YC61okFBY/6I+DeNOffsv8/qYLJOZ8/h/dAyQ/p/2jbiAhtt6GMUWDC6D7qaw+IRh3mIQOmHEvgIO2Zs7Zxc3imumm4QG/E5bIFdJeZXMqPPHeB/ALzYY/8fliCkV7OodyuXTb0vAdXpDTj1zlPGGPIzCwEd9Z88= Authentication-Results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=microsoft.com; Received: from MW2PR2101MB1099.namprd21.prod.outlook.com (2603:10b6:302:4::29) by DM4PR21MB3417.namprd21.prod.outlook.com (2603:10b6:8:b1::6) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6699.9; Fri, 11 Aug 2023 22:19:40 +0000 Received: from MW2PR2101MB1099.namprd21.prod.outlook.com ([fe80::5feb:7d06:e396:fdba]) by MW2PR2101MB1099.namprd21.prod.outlook.com ([fe80::5feb:7d06:e396:fdba%4]) with mapi id 15.20.6699.008; Fri, 11 Aug 2023 22:19:40 +0000 From: Dexuan Cui To: ak@linux.intel.com, arnd@arndb.de, bp@alien8.de, brijesh.singh@amd.com, dan.j.williams@intel.com, dave.hansen@intel.com, dave.hansen@linux.intel.com, haiyangz@microsoft.com, hpa@zytor.com, jane.chu@oracle.com, kirill.shutemov@linux.intel.com, kys@microsoft.com, linux-hyperv@vger.kernel.org, luto@kernel.org, mingo@redhat.com, peterz@infradead.org, rostedt@goodmis.org, sathyanarayanan.kuppuswamy@linux.intel.com, seanjc@google.com, tglx@linutronix.de, tony.luck@intel.com, wei.liu@kernel.org, Jason@zx2c4.com, nik.borisov@suse.com, mikelley@microsoft.com Cc: x86@kernel.org, linux-kernel@vger.kernel.org, linux-arch@vger.kernel.org, Tianyu.Lan@microsoft.com, rick.p.edgecombe@intel.com, andavis@redhat.com, mheslin@redhat.com, vkuznets@redhat.com, xiaoyao.li@intel.com, Dexuan Cui Subject: [PATCH 7/9] Drivers: hv: vmbus: Bring the post_msg_page back for TDX VMs with the paravisor Date: Fri, 11 Aug 2023 15:18:49 -0700 Message-Id: <20230811221851.10244-8-decui@microsoft.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20230811221851.10244-1-decui@microsoft.com> References: <20230811221851.10244-1-decui@microsoft.com> X-ClientProxiedBy: MW2PR16CA0047.namprd16.prod.outlook.com (2603:10b6:907:1::24) To MW2PR2101MB1099.namprd21.prod.outlook.com (2603:10b6:302:4::29) MIME-Version: 1.0 X-MS-Exchange-MessageSentRepresentingType: 1 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: MW2PR2101MB1099:EE_|DM4PR21MB3417:EE_ X-MS-Office365-Filtering-Correlation-Id: 0561afa3-18e0-473f-400b-08db9ab90dbf X-LD-Processed: 72f988bf-86f1-41af-91ab-2d7cd011db47,ExtAddr X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: gd5Ld+TvLNew94e7j4Ak7YQTdLUuv+Rmac2gYHzSut3YXc1RJlqFGKCGYNFKN5kzsuIxOUMfUgSgIwEVD5IH8AQsHuXqnqjClgj6Zmf2PPddZWjYASRKc0YEYK6votchLjWC2fGQAYpAXBi9hH+sVFZ7B+vVBUxy5/Lay6rDoCWJ2IMCV/3RT7b7cD7IzqsHi5hOaBdxqpZ246VP7CdRZe3YCDs1Qrw5GLK17q/TLSwO/3ptNubsUjCg1Ns56mwIGc133SXDCjfHQqawAgTpK1VjlzxqiErKYItGEfPIkswcEP5FxywEl9qEfqpwQZ1KIxTsXsS2aGE+hsyMBNSJb8yxAbs9z+nWjyQZNc5nJHxsVBGiVFUx1gkNB5fqHwStjwxTDWfLL2XJE03+rzEgSy6Z9GvOPFQerQApf5J2rKzb5P8c+8VHP3xJv++TzREdPvA0+f8l4w4LK4Mwlyalo7cx7aZNbpkSrfiMPGJ8Qjs8DWigJsj517A6DDFYXEg1zV6gYFnIUedRxj0j/knE2/Nm9pZ7QMZlpwINKWKD+1T3JS2JLrIn0T8p/bjqhrehZ/QqRlRXoGK4ekJe9TWnBdns25shiquWZr3Ww+rCvcnM7YQvbGaWShMXeLMcIXExyV3fiPlMght8ATAnN+vdMr734Fras/Llr7JwEvLhXEbtbcJe00qoPxf+HgDl+r8Q X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:MW2PR2101MB1099.namprd21.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230028)(39860400002)(346002)(366004)(136003)(376002)(396003)(1800799006)(451199021)(186006)(2906002)(12101799016)(36756003)(2616005)(86362001)(41300700001)(83380400001)(5660300002)(8676002)(8936002)(6506007)(1076003)(107886003)(6512007)(6486002)(4326008)(6636002)(316002)(52116002)(478600001)(10290500003)(66946007)(66476007)(66556008)(921005)(7416002)(7406005)(82960400001)(82950400001)(38100700002);DIR:OUT;SFP:1102; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: =?us-ascii?Q?S3XlOE+2vu9SJXGwFsoTGVLPURLnlYwmgBoY7IcICA0SyxZGLexRRR2BX1iC?= =?us-ascii?Q?ZXCin26JQAiO4EqsUbUaGc1bpNpFazDUCGtEiKxcqgA+lY/2wQkANhAHlBRY?= =?us-ascii?Q?SVBSjr6NVRn5wDXdmaOp3zTsD+xUzU5na0L6dlxXzlgCYNhPqwjcoXZ3r8v3?= =?us-ascii?Q?xqp6EpCpqxRt/YJfgYf/UfQ57oAR5oqcfMVwYf+6tyBAKV+WJYsZwAfL38Dy?= =?us-ascii?Q?6HVUY+zaJaPrePXy1ctyRNznJhwtWOBJJBde0R+P+A2K8822/i3T3mUkvMPw?= =?us-ascii?Q?iZxI3SXDT6ibpR2U7S06hjOLfa5VSjA/7Lr4DGSTXb5gzvAEpStDmhQvGTsV?= =?us-ascii?Q?MpeowKDxqX7NgPn3pqH9AgiTsURiJHFJtVW1ZJiL8kfNvRLeTQINOIQdNnjs?= =?us-ascii?Q?jmIY/ocQv4zL+13DDoJ8TtMvkmZwJCtVbCscM0rj5NhD8T574/mDqs1Q/hwX?= =?us-ascii?Q?ScDU3AiThf1UehaQX1af+VEoy/injG8ODwhEQD08kOVllt6ZJ3YvFlV57RQh?= =?us-ascii?Q?ZSrtNyLmkEd3I/oTMFod6maKBaRCtwrak9fgRYCc3iwb1zC76af8vY0SfRjY?= =?us-ascii?Q?ie65p6/uuSIh98UOjjP9Fa5fLDvCKvamOgdf/GupXROsSeLOwUBU+Bd6GGbK?= =?us-ascii?Q?kA3Ze/InFXqF3wrYr6KNW/Pl0tWbIm+OFj1sMgl1mKAnMLjDXvdBBh2ngEJI?= =?us-ascii?Q?PZJSLqmL5bTHlCWiWsytTOgT3vwqxcP7kNtyb6emNotqnY/FQ3Oy1RYGVUSJ?= =?us-ascii?Q?GDMFdeCbUyQbs3fjgx5+grVJtvuv15q7s53aPAALGK9kQJEpD6unvaMC25mD?= =?us-ascii?Q?U6bJBYbKER7X8ms5jOvrOjCPzaROsnrXVuQaYG51ljBPyhRndQRsa1XXGNj2?= =?us-ascii?Q?6p1oYzLN/kpXMpXSCEwly+AeX6xiyv5mEAYoE40a6SLoXwDgdM58gOZcfSZo?= =?us-ascii?Q?756KH4P+cVbX0JcOwyrIDTxL2Ii+51KH0L+d6xN/0JRe06y02/YPKwW6z1an?= =?us-ascii?Q?va3dlsC9CsRC4MSJ9dIrPKqoqZEMUy/fEz4jYGy1V4SDeC91bXeJdfNX1cyM?= =?us-ascii?Q?e4zKN2682oUXe8HYm259rkFcVpYePftO5UHTFhZ5FDhYO1xFlgYlp64PnddE?= =?us-ascii?Q?CAt0SWIQj46GBGqLZ4+vsELumFLX7+QbTxjgTqpAaRewWxFiGMqeF2m1QInV?= =?us-ascii?Q?5lSeW/O+dkhW/ha8ovwl/pyZTl6JQQLuFBmFzVw7EOQRUDkKLH2KK+qG5Onh?= =?us-ascii?Q?2F6YLPdSymFxXAwMaHxAHHpdsIamZghxfh2rAIT2v2K6E2QoN2Ripf43dqyu?= =?us-ascii?Q?47fwRhdCKx9j60F/l0Spg5At/7CEA/WssnxJOZiaEfloQf362F3StVfgThGa?= =?us-ascii?Q?lXXcRLyVp15oUJ2zkPB84r9QNdrtELDsIhyiBVqhynKfAmzRmkiCC4htVsY7?= =?us-ascii?Q?PlyGn/bxY64sG+bPGrxz5g1FOoUbJfXViEKn8UMBix7rYCQ5lJqujwIhdANq?= =?us-ascii?Q?RoyO3QgsV9/HNG5BDcBiTEAHbDxhnS2LeJpWD2u3Yn/F+R36dlhjEe3Yaizc?= =?us-ascii?Q?Damvyd5fsa17Uv7VQhF+VWln3vCD+8UcEedtK3qhT5mmHh2/1vn1HeYbCQ1v?= =?us-ascii?Q?1++xgOagd8yr2n6+nW82voH4TTI6pZy9cIJowqTluAkL?= X-OriginatorOrg: microsoft.com X-MS-Exchange-CrossTenant-Network-Message-Id: 0561afa3-18e0-473f-400b-08db9ab90dbf X-MS-Exchange-CrossTenant-AuthSource: MW2PR2101MB1099.namprd21.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 11 Aug 2023 22:19:39.4976 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 72f988bf-86f1-41af-91ab-2d7cd011db47 X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: 4u36eWYdnu/onqsPgllp76DQg/xKOZge7go1jFZcPz5DzBOxWZBJ9xpXNlJ9OZuravFr/50cgC59tRJklnmJhQ== X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM4PR21MB3417 Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" The post_msg_page was removed in commit 9a6b1a170ca8 ("Drivers: hv: vmbus: Remove the per-CPU post_msg_page") However, it turns out that we need to bring it back, but only for a TDX VM with the paravisor: in such a VM, the hyperv_pcpu_input_arg is not decrypte= d, but the HVCALL_POST_MESSAGE in such a VM needs a decrypted page as the hypercall input page: see the comments in hyperv_init() for a detailed explanation. Except for HVCALL_POST_MESSAGE and HVCALL_SIGNAL_EVENT, the other hypercalls in a TDX VM with the paravisor still use hv_hypercall_pg and must use the hyperv_pcpu_input_arg (which is encrypted in such a VM), when a hypercall input page is used. Signed-off-by: Dexuan Cui Reviewed-by in the v6 patchset [3]. --- arch/x86/hyperv/hv_init.c | 20 +++++++++++-- drivers/hv/hv.c | 63 ++++++++++++++++++++++++++++++++++----- drivers/hv/hyperv_vmbus.h | 11 +++++++ 3 files changed, 85 insertions(+), 9 deletions(-) diff --git a/arch/x86/hyperv/hv_init.c b/arch/x86/hyperv/hv_init.c index e67e2430fba35..9c12a199ea62c 100644 --- a/arch/x86/hyperv/hv_init.c +++ b/arch/x86/hyperv/hv_init.c @@ -485,6 +485,22 @@ void __init hyperv_init(void) * Setup the hypercall page and enable hypercalls. * 1. Register the guest ID * 2. Enable the hypercall and register the hypercall page + * + * A TDX VM with no paravisor only uses TDX GHCI rather than hv_hypercall= _pg: + * when the hypercall input is a page, such a VM must pass a decrypted + * page to Hyper-V, e.g. hv_post_message() uses the per-CPU page + * hyperv_pcpu_input_arg, which is decrypted if no paravisor is present. + * + * A TDX VM with the paravisor uses hv_hypercall_pg for most hypercalls, + * which are handled by the paravisor and the VM must use an encrypted + * input page: in such a VM, the hyperv_pcpu_input_arg is encrypted and + * used in the hypercalls, e.g. see hv_mark_gpa_visibility() and + * hv_arch_irq_unmask(). Such a VM uses TDX GHCI for two hypercalls: + * 1. HVCALL_SIGNAL_EVENT: see vmbus_set_event() and _hv_do_fast_hypercal= l8(). + * 2. HVCALL_POST_MESSAGE: the input page must be a decrypted page, i.e. + * hv_post_message() in such a VM can't use the encrypted hyperv_pcpu_inp= ut_arg; + * instead, hv_post_message() uses the post_msg_page, which is decrypted + * in such a VM and is only used in such a VM. */ guest_id =3D hv_generate_guest_id(LINUX_VERSION_CODE); wrmsrl(HV_X64_MSR_GUEST_OS_ID, guest_id); @@ -492,8 +508,8 @@ void __init hyperv_init(void) /* Hyper-V requires to write guest os id via ghcb in SNP IVM. */ hv_ghcb_msr_write(HV_X64_MSR_GUEST_OS_ID, guest_id); =20 - /* A TDX guest uses the GHCI call rather than hv_hypercall_pg. */ - if (hv_isolation_type_tdx()) + /* A TDX VM with no paravisor only uses TDX GHCI rather than hv_hypercall= _pg */ + if (hv_isolation_type_tdx() && !hyperv_paravisor_present) goto skip_hypercall_pg_init; =20 hv_hypercall_pg =3D __vmalloc_node_range(PAGE_SIZE, 1, VMALLOC_START, diff --git a/drivers/hv/hv.c b/drivers/hv/hv.c index 20bc44923e4f0..6b5f1805d4749 100644 --- a/drivers/hv/hv.c +++ b/drivers/hv/hv.c @@ -57,20 +57,39 @@ int hv_post_message(union hv_connection_id connection_i= d, =20 local_irq_save(flags); =20 - aligned_msg =3D *this_cpu_ptr(hyperv_pcpu_input_arg); + /* + * A TDX VM with the paravisor must use the decrypted post_msg_page: see + * the comment in struct hv_per_cpu_context. A SNP VM with the paravisor + * can use the encrypted hyperv_pcpu_input_arg because it copies the + * input into the GHCB page, which has been decrypted by the paravisor. + */ + if (hv_isolation_type_tdx() && hyperv_paravisor_present) + aligned_msg =3D this_cpu_ptr(hv_context.cpu_context)->post_msg_page; + else + aligned_msg =3D *this_cpu_ptr(hyperv_pcpu_input_arg); + aligned_msg->connectionid =3D connection_id; aligned_msg->reserved =3D 0; aligned_msg->message_type =3D message_type; aligned_msg->payload_size =3D payload_size; memcpy((void *)aligned_msg->payload, payload, payload_size); =20 - if (hv_isolation_type_snp()) - status =3D hv_ghcb_hypercall(HVCALL_POST_MESSAGE, - (void *)aligned_msg, NULL, - sizeof(*aligned_msg)); - else + if (hyperv_paravisor_present) { + if (hv_isolation_type_tdx()) { + u64 gpa_boundary =3D ms_hyperv.shared_gpa_boundary; + u64 in =3D virt_to_phys(aligned_msg) | gpa_boundary; + + status =3D hv_tdx_hypercall(HVCALL_POST_MESSAGE, in, 0); + } else if (hv_isolation_type_snp()) + status =3D hv_ghcb_hypercall(HVCALL_POST_MESSAGE, + aligned_msg, NULL, + sizeof(*aligned_msg)); + else + status =3D HV_STATUS_INVALID_PARAMETER; + } else { status =3D hv_do_hypercall(HVCALL_POST_MESSAGE, aligned_msg, NULL); + } =20 local_irq_restore(flags); =20 @@ -105,6 +124,24 @@ int hv_synic_alloc(void) tasklet_init(&hv_cpu->msg_dpc, vmbus_on_msg_dpc, (unsigned long) hv_cpu); =20 + if (hyperv_paravisor_present && hv_isolation_type_tdx()) { + hv_cpu->post_msg_page =3D (void *)get_zeroed_page(GFP_ATOMIC); + if (hv_cpu->post_msg_page =3D=3D NULL) { + pr_err("Unable to allocate post msg page\n"); + goto err; + } + + ret =3D set_memory_decrypted((unsigned long)hv_cpu->post_msg_page, 1); + if (ret) { + pr_err("Failed to decrypt post msg page: %d\n", ret); + /* Just leak the page, as it's unsafe to free the page. */ + hv_cpu->post_msg_page =3D NULL; + goto err; + } + + memset(hv_cpu->post_msg_page, 0, PAGE_SIZE); + } + /* * Synic message and event pages are allocated by paravisor. * Skip these pages allocation here. @@ -178,7 +215,18 @@ void hv_synic_free(void) =3D per_cpu_ptr(hv_context.cpu_context, cpu); =20 /* It's better to leak the page if the encryption fails. */ - if (!ms_hyperv.paravisor_present && + if (hyperv_paravisor_present && hv_isolation_type_tdx()) { + if (hv_cpu->post_msg_page) { + ret =3D set_memory_encrypted((unsigned long) + hv_cpu->post_msg_page, 1); + if (ret) { + pr_err("Failed to encrypt post msg page: %d\n", ret); + hv_cpu->post_msg_page =3D NULL; + } + } + } + + if (!hyperv_paravisor_present && (hv_isolation_type_en_snp() || hv_isolation_type_tdx())) { if (hv_cpu->synic_message_page) { ret =3D set_memory_encrypted((unsigned long) @@ -199,6 +247,7 @@ void hv_synic_free(void) } } =20 + free_page((unsigned long)hv_cpu->post_msg_page); free_page((unsigned long)hv_cpu->synic_event_page); free_page((unsigned long)hv_cpu->synic_message_page); } diff --git a/drivers/hv/hyperv_vmbus.h b/drivers/hv/hyperv_vmbus.h index 55f2086841ae4..f6b1e710f8055 100644 --- a/drivers/hv/hyperv_vmbus.h +++ b/drivers/hv/hyperv_vmbus.h @@ -123,6 +123,17 @@ struct hv_per_cpu_context { void *synic_message_page; void *synic_event_page; =20 + /* + * The page is only used in hv_post_message() for a TDX VM (with the + * paravisor) to post a messages to Hyper-V: when such a VM calls + * HVCALL_POST_MESSAGE, it can't use the hyperv_pcpu_input_arg (which + * is encrypted in such a VM) as the hypercall input page, because + * the input page for HVCALL_POST_MESSAGE must be decrypted in such a + * VM, so post_msg_page (which is decrypted in hv_synic_alloc()) is + * introduced for this purpose. See hyperv_init() for more comments. + */ + void *post_msg_page; + /* * Starting with win8, we can take channel interrupts on any CPU; * we will manage the tasklet that handles events messages on a per CPU --=20 2.25.1 From nobody Wed Dec 17 04:18:32 2025 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 8A928C04A94 for ; Fri, 11 Aug 2023 22:20:24 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S233893AbjHKWUX (ORCPT ); Fri, 11 Aug 2023 18:20:23 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:53620 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S236763AbjHKWT7 (ORCPT ); Fri, 11 Aug 2023 18:19:59 -0400 Received: from BN6PR00CU002.outbound.protection.outlook.com (mail-eastus2azon11021018.outbound.protection.outlook.com [52.101.57.18]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id CE98730DE; Fri, 11 Aug 2023 15:19:47 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=iWjw+cSsrEVdt82ibMCEDSWXUth9Eteuzw2L81esA2XsXDKeZfwOPmuE39myO4/THAOqjhxSCDAj5wCnWu/ZjcROiSTPbw/454RlcOdHljl5gGgdeIN2qLOtMyj2oJAIl9lXY0yMf7WiPv5sR0mDs2uGTjShhl0HbzQWtZVGXC3mhyw2fxZ+1ONfv5JWFhmmZBdtMxf5TOMfTowPmOFxP0XNvCkVjet7nBcXr8Y1yvKVjWOReqRllwj0uUv0O8JYECRLZNl+c3zjIYiGHrpjUgzlwFH5GnPsDF1Auxm+/wwcEdGp32XCHmlrn+626L4zKNp7ABBLQ9i9b+88G1UUIQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=7JWjwqNLkW2JGsdf5lKNlEg54cXE8hSh8knd9xwlUIw=; b=ElRCF2UFV6QWsyAsM0LxQOUzur+fqVN2Pe/67S7aTLIBEcvPCQ2hInTXINp0lFNbCliishd5YhMU5HH7LIcnAmQ36cNnu8sGRawAlnJxoDIZZoJlWXUzWjMnrLLtr04v7hm2QVy3DYeUmouGN7eTWnRngHViPrLozsX54bWX3NGVeL9ji3Jx/X7px3JWpQXc7nCydQia4jkPGovDC3W2WWSqoGPOZK6aTT82KWJfXzogbVfDzS5zoH3UVZwX3zbmBvZB2//31p1hlPZrT2+M0iIxXM/l+4heGUmrAUWXpQfqsaSR5g9AuzlmVX6cg/RjpIKpPyA5IUw8/dgkvpZhWw== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=microsoft.com; dmarc=pass action=none header.from=microsoft.com; dkim=pass header.d=microsoft.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=7JWjwqNLkW2JGsdf5lKNlEg54cXE8hSh8knd9xwlUIw=; b=aosxYPGZQvlQeubH23rDwe3KGP83al2Bln0PEAX0xOWbdukCMjWZIKcU44JcuxeIA4Op0bgA36+7NnTPB5jYhaF5cc+jcS5OoHZr2JBLw/8/XsY6rlGvOc/sXJBqEFd1YAjOKgoHWm8hPL42j0M3IB7/63EDF7Wad+IzA9e3GII= Authentication-Results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=microsoft.com; Received: from MW2PR2101MB1099.namprd21.prod.outlook.com (2603:10b6:302:4::29) by DM4PR21MB3417.namprd21.prod.outlook.com (2603:10b6:8:b1::6) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6699.9; Fri, 11 Aug 2023 22:19:41 +0000 Received: from MW2PR2101MB1099.namprd21.prod.outlook.com ([fe80::5feb:7d06:e396:fdba]) by MW2PR2101MB1099.namprd21.prod.outlook.com ([fe80::5feb:7d06:e396:fdba%4]) with mapi id 15.20.6699.008; Fri, 11 Aug 2023 22:19:41 +0000 From: Dexuan Cui To: ak@linux.intel.com, arnd@arndb.de, bp@alien8.de, brijesh.singh@amd.com, dan.j.williams@intel.com, dave.hansen@intel.com, dave.hansen@linux.intel.com, haiyangz@microsoft.com, hpa@zytor.com, jane.chu@oracle.com, kirill.shutemov@linux.intel.com, kys@microsoft.com, linux-hyperv@vger.kernel.org, luto@kernel.org, mingo@redhat.com, peterz@infradead.org, rostedt@goodmis.org, sathyanarayanan.kuppuswamy@linux.intel.com, seanjc@google.com, tglx@linutronix.de, tony.luck@intel.com, wei.liu@kernel.org, Jason@zx2c4.com, nik.borisov@suse.com, mikelley@microsoft.com Cc: x86@kernel.org, linux-kernel@vger.kernel.org, linux-arch@vger.kernel.org, Tianyu.Lan@microsoft.com, rick.p.edgecombe@intel.com, andavis@redhat.com, mheslin@redhat.com, vkuznets@redhat.com, xiaoyao.li@intel.com, Dexuan Cui Subject: [PATCH 8/9] x86/hyperv: Use TDX GHCI to access some MSRs in a TDX VM with the paravisor Date: Fri, 11 Aug 2023 15:18:50 -0700 Message-Id: <20230811221851.10244-9-decui@microsoft.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20230811221851.10244-1-decui@microsoft.com> References: <20230811221851.10244-1-decui@microsoft.com> X-ClientProxiedBy: MW2PR16CA0047.namprd16.prod.outlook.com (2603:10b6:907:1::24) To MW2PR2101MB1099.namprd21.prod.outlook.com (2603:10b6:302:4::29) MIME-Version: 1.0 X-MS-Exchange-MessageSentRepresentingType: 1 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: MW2PR2101MB1099:EE_|DM4PR21MB3417:EE_ X-MS-Office365-Filtering-Correlation-Id: 49ff765f-3946-48cf-c570-08db9ab90e06 X-LD-Processed: 72f988bf-86f1-41af-91ab-2d7cd011db47,ExtAddr X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: 7JvuirCfwTW5TTVHLi9NtPxfB2bSnti3CXvLEX6tP5kpF4BpT3xFjtr5kcXB1YeEeEGQiz3iBfdc0bn+bcZ8JllnzZt7YDz24aOGlbKydOYNkkQUj+UID8tol7r2F7Ac3oosWtPVNw30eFJw/Rx7otiRFaguX+b4FA4y5UgVnPOLRfL9XJXH3CY00EXA98aGMDdb25sKerEiWIuuhMevH15dKXPWlEXwWcVE79oBG4J9g859Giu23upcZgex94XdfCgyHw8oYWcUVO7ruUNFKYIR9Vr5ei/OGFjm2EH+qBelhwjajGbH6UVJGyM2PS7FFQJxQ9sIHTXDIyKVwZ71M8QqxCH5yR2zLfIw12HRzWttaYmo5uknKwEJyRkdfWyGOrZ2FGyztBkMwlC3gYnCSEspBbMVkDVglWuAtHAItIHuWUi1YLsrUazJq/rsfI2nv0e/2kkdLY+yVnMLruaDvA06nFT79Kp+KO5lmxomu62xku51r4onDsf43IV6jAfrzyiBmBztHuTZH9h0SA64ECAHW2CxwWLOdfvAUMMjbn/Pn/69jLLcdDYtlHqiOebWmTr1s9UkN2mQQ6tpj8tN/6OGEIy84LyoEXpLXjYXkKITiVeOS2+LJ+rKZ2rNiCfpb8sPm0OHN/bIzREVsuja+bkw/+J3Ue6sIq9zP7Cw3/r6IQMik2omFc0xL5MKERE2 X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:MW2PR2101MB1099.namprd21.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230028)(39860400002)(346002)(366004)(136003)(376002)(396003)(1800799006)(451199021)(186006)(2906002)(12101799016)(36756003)(2616005)(86362001)(41300700001)(83380400001)(5660300002)(8676002)(8936002)(6506007)(1076003)(107886003)(6512007)(6486002)(4326008)(6636002)(316002)(52116002)(478600001)(10290500003)(66946007)(66476007)(66556008)(6666004)(921005)(7416002)(7406005)(82960400001)(82950400001)(38100700002);DIR:OUT;SFP:1102; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: =?us-ascii?Q?wyRl4EVPUtf0uOoRbPYqUOJgXeCkOVl1X86vuLB0HptD9i6Hl8j+kTaxV7Le?= =?us-ascii?Q?jRUE+bTeIceMfMIkM5aSLCf0BQzWraMdO1vWVnvtrHeFB/nI5sXhju36Hj9X?= =?us-ascii?Q?dU2m8hXFLW3v1Q88Fm8U7fUw7x2teegNjB2hpPpExXOc4n52CAvOuFHYnTTV?= =?us-ascii?Q?xo1Y4uHXd5AsUaYUTruy4mlkEzCxjwPiaLKQ/JepQdWP8FagKs22oG9Xvkcg?= =?us-ascii?Q?uY8MgHkxra9iRshuNvkjo+d7+FQaI4A92Sh7OSASJZaXGNoOV08DhU8JzNTh?= =?us-ascii?Q?j+AIiTS36jJh+8d5DJjCmNRp0Eg7cX2Hs8jckaQYF6s/PQw8lfV7Wh+0Epmn?= =?us-ascii?Q?hu1tyeFJUqVTybe9pw/Se3l8Hhygn8Os8fqTaMpo+B2c8xL02IbRQaosEASU?= =?us-ascii?Q?5MjIlHDHk0VaJK3fUWLQ4sVJVvDFtsLlTfSOLXPEy3ZN2saDOyG8BGYLhE+s?= =?us-ascii?Q?vdcskbTODc44fc8jtUOmYUEdJYc7nejJc5WaHkFV9YzGbX9KK+KdBrCxcyS5?= =?us-ascii?Q?B+J8ywk0IbOIGXIYMw+Qee/LehVfYQPaIafs7PAy2lf0kPYMHVkvmphd1XA1?= =?us-ascii?Q?g64880RODVP1CDCReZyTgtGRzPVVUceZCAowtufqK4CIaYPDrJA+K7LG/Jas?= =?us-ascii?Q?NIaUNe30k5hObgx63bvQg7u0igO3kY+oVLUamb+X61gbXnuMo80W9ZfQyaqd?= =?us-ascii?Q?EcRWgn5VjP5RDVBBj9MR1mKId3CZcyUJUfE5Ai43kUSayXDF3JuZxSViZvb2?= =?us-ascii?Q?meGLEY+FxFY/jZx1npzhT4o3h4DHYNtPY0TDheKQnlnzulLNNA1wyY8A4EnZ?= =?us-ascii?Q?Uyaj0sE6FyIISu0WMAEOzmMHStk/ZqDUpX8pOjFqdf5LgHjN62REq5n8uv3w?= =?us-ascii?Q?HD7439AtMtK/RdA7Cq+4UGFocffSDsKzpPEaG9ym5pfWb0AtCg06OangPdQu?= =?us-ascii?Q?j7n9Xi7qGd9uKjuqSyqzNk9gBMq/U6Fo5XbrfqXaSK/6OpfoHodVmjyCm+sN?= =?us-ascii?Q?OmvBb/ctSJ/zBu3A6xLqdLcBjhMtFG5dxEzf0rYYnaBHGfndBe6vxjK6tnxC?= =?us-ascii?Q?HjZxOuSwOJXFCF1WbRQ0cBAyMwIla3a7N7U769bd8JSXc6ueo3wr+/yc4OQ5?= =?us-ascii?Q?ilsw9Fz2+gLi4Nl9LW2jkWhR5EdUUVsSumBKuA9+Q4E4A+Ts/nKj2r+8OFhS?= =?us-ascii?Q?nLwMNwJM4AgqyG9VxxyWOQYynOmBbKcIKh1O2Uoty0XQQlukBREFqswYUV7+?= =?us-ascii?Q?oA5JXbZs36JzNqvJb9TpdpmVxFVtW3lFVVEX8ffAu5aosRcVqHSMp8/gytLw?= =?us-ascii?Q?U79dPtJ72aw4sJTufF3rFXqkFGn1L+FO0CTXB5PZGw4bWz83wIRRwVAqABTh?= =?us-ascii?Q?HSPcsOupN7Btfvla6W1mJI8G3e7f6HCMfkS5Qf5mOu/VXpMLXZ3sBJx/xBjM?= =?us-ascii?Q?Wepq063Ca1fNZZQCgWcBA3TkhFnlpm/npGQIgrH9ltpy4FqTvmoWpTaPDMar?= =?us-ascii?Q?L61AB+EDFzzeR4knF8LAm1DvKaXdkua3ju9T+S6BnGYd1yl1FwFN3bOpgKj5?= =?us-ascii?Q?oG6RmS7rYmbVIC36eqfpNQ/L9u1OFFVmdPpcZeoWGPFdcjGv5VdPPsQrSK2p?= =?us-ascii?Q?cJ/zCQKzvOZBfgHYrbOsiyJuqXmiOLB3Ft0+4J9McH8e?= X-OriginatorOrg: microsoft.com X-MS-Exchange-CrossTenant-Network-Message-Id: 49ff765f-3946-48cf-c570-08db9ab90e06 X-MS-Exchange-CrossTenant-AuthSource: MW2PR2101MB1099.namprd21.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 11 Aug 2023 22:19:39.9579 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 72f988bf-86f1-41af-91ab-2d7cd011db47 X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: Gkx6MJpEqfLnuXpKKpSyfV0OcKopYDxmYgZzZxpv8hyiKW2/ytqeTh2oh6M0CeUKGjuivqtCQznLuEonVjCOOw== X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM4PR21MB3417 Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" When the paravisor is present, a SNP VM must use GHCB to access some special MSRs, including HV_X64_MSR_GUEST_OS_ID and some SynIC MSRs. Similarly, when the paravisor is present, a TDX VM must use TDX GHCI to access the same MSRs. Implement hv_tdx_read_msr() and hv_tdx_write_msr(), and use the helper functions hv_ivm_msr_read() and hv_ivm_msr_write() to access the MSRs in a unified way for SNP/TDX VMs with the paravisor. Signed-off-by: Dexuan Cui Reviewed-by in the v6 patchset [3]. --- arch/x86/hyperv/hv_init.c | 8 ++-- arch/x86/hyperv/ivm.c | 72 +++++++++++++++++++++++++++++++-- arch/x86/include/asm/mshyperv.h | 8 ++-- arch/x86/kernel/cpu/mshyperv.c | 8 ++-- 4 files changed, 80 insertions(+), 16 deletions(-) diff --git a/arch/x86/hyperv/hv_init.c b/arch/x86/hyperv/hv_init.c index 9c12a199ea62c..abd0a8bd3f15e 100644 --- a/arch/x86/hyperv/hv_init.c +++ b/arch/x86/hyperv/hv_init.c @@ -505,8 +505,8 @@ void __init hyperv_init(void) guest_id =3D hv_generate_guest_id(LINUX_VERSION_CODE); wrmsrl(HV_X64_MSR_GUEST_OS_ID, guest_id); =20 - /* Hyper-V requires to write guest os id via ghcb in SNP IVM. */ - hv_ghcb_msr_write(HV_X64_MSR_GUEST_OS_ID, guest_id); + /* With the paravisor, the VM must also write the ID via GHCB/GHCI */ + hv_ivm_msr_write(HV_X64_MSR_GUEST_OS_ID, guest_id); =20 /* A TDX VM with no paravisor only uses TDX GHCI rather than hv_hypercall= _pg */ if (hv_isolation_type_tdx() && !hyperv_paravisor_present) @@ -595,7 +595,7 @@ void __init hyperv_init(void) =20 clean_guest_os_id: wrmsrl(HV_X64_MSR_GUEST_OS_ID, 0); - hv_ghcb_msr_write(HV_X64_MSR_GUEST_OS_ID, 0); + hv_ivm_msr_write(HV_X64_MSR_GUEST_OS_ID, 0); cpuhp_remove_state(cpuhp); free_ghcb_page: free_percpu(hv_ghcb_pg); @@ -616,7 +616,7 @@ void hyperv_cleanup(void) =20 /* Reset our OS id */ wrmsrl(HV_X64_MSR_GUEST_OS_ID, 0); - hv_ghcb_msr_write(HV_X64_MSR_GUEST_OS_ID, 0); + hv_ivm_msr_write(HV_X64_MSR_GUEST_OS_ID, 0); =20 /* * Reset hypercall page reference before reset the page, diff --git a/arch/x86/hyperv/ivm.c b/arch/x86/hyperv/ivm.c index 0d54bc8b06b4a..b8fb1557c1986 100644 --- a/arch/x86/hyperv/ivm.c +++ b/arch/x86/hyperv/ivm.c @@ -184,7 +184,49 @@ bool hv_ghcb_negotiate_protocol(void) return true; } =20 -void hv_ghcb_msr_write(u64 msr, u64 value) +#define EXIT_REASON_MSR_READ 31 +#define EXIT_REASON_MSR_WRITE 32 + +static void hv_tdx_read_msr(u64 msr, u64 *val) +{ + struct tdx_hypercall_args args =3D { + .r10 =3D TDX_HYPERCALL_STANDARD, + .r11 =3D EXIT_REASON_MSR_READ, + .r12 =3D msr, + }; + +#ifdef CONFIG_INTEL_TDX_GUEST + u64 ret =3D __tdx_hypercall_ret(&args); +#else + u64 ret =3D HV_STATUS_INVALID_PARAMETER; +#endif + + if (WARN_ONCE(ret, "Failed to emulate MSR read: %lld\n", ret)) + *val =3D 0; + else + *val =3D args.r11; +} + +static void hv_tdx_write_msr(u64 msr, u64 val) +{ + struct tdx_hypercall_args args =3D { + .r10 =3D TDX_HYPERCALL_STANDARD, + .r11 =3D EXIT_REASON_MSR_WRITE, + .r12 =3D msr, + .r13 =3D val, + }; + +#ifdef CONFIG_INTEL_TDX_GUEST + u64 ret =3D __tdx_hypercall(&args); +#else + u64 ret =3D HV_STATUS_INVALID_PARAMETER; + (void)args; +#endif + + WARN_ONCE(ret, "Failed to emulate MSR write: %lld\n", ret); +} + +static void hv_ghcb_msr_write(u64 msr, u64 value) { union hv_ghcb *hv_ghcb; void **ghcb_base; @@ -212,9 +254,20 @@ void hv_ghcb_msr_write(u64 msr, u64 value) =20 local_irq_restore(flags); } -EXPORT_SYMBOL_GPL(hv_ghcb_msr_write); =20 -void hv_ghcb_msr_read(u64 msr, u64 *value) +void hv_ivm_msr_write(u64 msr, u64 value) +{ + if (!hyperv_paravisor_present) + return; + + if (hv_isolation_type_tdx()) + hv_tdx_write_msr(msr, value); + else if (hv_isolation_type_snp()) + hv_ghcb_msr_write(msr, value); +} +EXPORT_SYMBOL_GPL(hv_ivm_msr_write); + +static void hv_ghcb_msr_read(u64 msr, u64 *value) { union hv_ghcb *hv_ghcb; void **ghcb_base; @@ -244,7 +297,18 @@ void hv_ghcb_msr_read(u64 msr, u64 *value) | ((u64)lower_32_bits(hv_ghcb->ghcb.save.rdx) << 32); local_irq_restore(flags); } -EXPORT_SYMBOL_GPL(hv_ghcb_msr_read); + +void hv_ivm_msr_read(u64 msr, u64 *value) +{ + if (!hyperv_paravisor_present) + return; + + if (hv_isolation_type_tdx()) + hv_tdx_read_msr(msr, value); + else if (hv_isolation_type_snp()) + hv_ghcb_msr_read(msr, value); +} +EXPORT_SYMBOL_GPL(hv_ivm_msr_read); =20 /* * hv_mark_gpa_visibility - Set pages visible to host via hvcall. diff --git a/arch/x86/include/asm/mshyperv.h b/arch/x86/include/asm/mshyper= v.h index 9fa31dce69727..3f22324ef2e25 100644 --- a/arch/x86/include/asm/mshyperv.h +++ b/arch/x86/include/asm/mshyperv.h @@ -255,15 +255,15 @@ int hv_map_ioapic_interrupt(int ioapic_id, bool level= , int vcpu, int vector, int hv_unmap_ioapic_interrupt(int ioapic_id, struct hv_interrupt_entry *en= try); =20 #ifdef CONFIG_AMD_MEM_ENCRYPT -void hv_ghcb_msr_write(u64 msr, u64 value); -void hv_ghcb_msr_read(u64 msr, u64 *value); +void hv_ivm_msr_write(u64 msr, u64 value); +void hv_ivm_msr_read(u64 msr, u64 *value); bool hv_ghcb_negotiate_protocol(void); void __noreturn hv_ghcb_terminate(unsigned int set, unsigned int reason); void hv_vtom_init(void); int hv_snp_boot_ap(int cpu, unsigned long start_ip); #else -static inline void hv_ghcb_msr_write(u64 msr, u64 value) {} -static inline void hv_ghcb_msr_read(u64 msr, u64 *value) {} +static inline void hv_ivm_msr_write(u64 msr, u64 value) {} +static inline void hv_ivm_msr_read(u64 msr, u64 *value) {} static inline bool hv_ghcb_negotiate_protocol(void) { return false; } static inline void hv_ghcb_terminate(unsigned int set, unsigned int reason= ) {} static inline void hv_vtom_init(void) {} diff --git a/arch/x86/kernel/cpu/mshyperv.c b/arch/x86/kernel/cpu/mshyperv.c index ddcc62185e4ae..fb585d3b080b1 100644 --- a/arch/x86/kernel/cpu/mshyperv.c +++ b/arch/x86/kernel/cpu/mshyperv.c @@ -72,8 +72,8 @@ u64 hv_get_non_nested_register(unsigned int reg) { u64 value; =20 - if (hv_is_synic_reg(reg) && hv_isolation_type_snp()) - hv_ghcb_msr_read(reg, &value); + if (hv_is_synic_reg(reg) && hyperv_paravisor_present) + hv_ivm_msr_read(reg, &value); else rdmsrl(reg, value); return value; @@ -82,8 +82,8 @@ EXPORT_SYMBOL_GPL(hv_get_non_nested_register); =20 void hv_set_non_nested_register(unsigned int reg, u64 value) { - if (hv_is_synic_reg(reg) && hv_isolation_type_snp()) { - hv_ghcb_msr_write(reg, value); + if (hv_is_synic_reg(reg) && hyperv_paravisor_present) { + hv_ivm_msr_write(reg, value); =20 /* Write proxy bit via wrmsl instruction */ if (hv_is_sint_reg(reg)) --=20 2.25.1 From nobody Wed Dec 17 04:18:32 2025 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 946C4C001B0 for ; Fri, 11 Aug 2023 22:20:28 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229719AbjHKWU0 (ORCPT ); Fri, 11 Aug 2023 18:20:26 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:53622 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S236815AbjHKWT7 (ORCPT ); Fri, 11 Aug 2023 18:19:59 -0400 Received: from BN6PR00CU002.outbound.protection.outlook.com (mail-eastus2azon11021018.outbound.protection.outlook.com [52.101.57.18]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id C004A30EE; Fri, 11 Aug 2023 15:19:48 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=fQcJJSD86O505Bz9l+rYU2UihxJFwe/hb9XOBG8HFZGefu0DVXoPsLe4z/HiGiJtAO0RVouo43qeYb3wgtf595Z4cZ+JZJmK7pfSDUlrOMyfzI7uxcyATGwMi2KesPz2PP3Ru35QQZVW2iKtMxSABsIgikFIiw1mMCv+3KNIWSKrKa97SmENARJMe7+rWYGoscNqeasNnU0Tq5DCN0SU7Gl91XcAAHV5G2JqPmZpLqTKJ0tD2PsuAek6smjmk7seqmxfLzxVloXtBQQ7sGWpm9eF7h3mvE9SvUCzmjwe86iqYmJZt/zBXBKlB4Djt9kIMUhUQU5jBs64pN96bId6ZQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=JqtBgYF2h5GHK+rW8z0uE5xp9vLLBjDPZow42mIYH5s=; b=Wzb77JaiY0jZ9i1kFnWtmCGkhWBbDlP+V4hDmmQq7IbY1eMe+fq8BE4uardwXK5EoqCuzwFD3MQMz3B2Kb4Uz9ohpqZU7pWvYnTR5PxwVlws8iv7GNkPyk+nv8RZ2MulDpfmPEkTKy50N1uEWvGCVhIg1b5f0K6V11Uf6bQHbgTZp4r81ngSdIio7qEEbEWCklEj5zgQuAp+XdITznFta2FWhVbHr5oaqa4uyHQ9VSo8VhLrLYWNx1dgRkbyhZsbtkRzQNT1kTzt/yGkV608Cakuj/fHh6IsDiHTgFPDPtIdkjghV+nKHqhgF1dl93vnzDYzBuYYjMFqcDGXqPD9zw== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=microsoft.com; dmarc=pass action=none header.from=microsoft.com; dkim=pass header.d=microsoft.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=JqtBgYF2h5GHK+rW8z0uE5xp9vLLBjDPZow42mIYH5s=; b=hidA2/DmVtb3RVtXItDqii/jLk8mP6X5mSQmAmcMUkQJqj0P9qALX/tC0GtCSglgdyjjw30tbdNViWvgQZq9y3fqCd14jclPQV6t5ZWbBnmdSZDsn5hnNl7Lw4VmduXxeA/oPjzQKzLc5JMl0F+Fjdq0fWhkTPci2P+aCdAgvcE= Authentication-Results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=microsoft.com; Received: from MW2PR2101MB1099.namprd21.prod.outlook.com (2603:10b6:302:4::29) by DM4PR21MB3417.namprd21.prod.outlook.com (2603:10b6:8:b1::6) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6699.9; Fri, 11 Aug 2023 22:19:41 +0000 Received: from MW2PR2101MB1099.namprd21.prod.outlook.com ([fe80::5feb:7d06:e396:fdba]) by MW2PR2101MB1099.namprd21.prod.outlook.com ([fe80::5feb:7d06:e396:fdba%4]) with mapi id 15.20.6699.008; Fri, 11 Aug 2023 22:19:41 +0000 From: Dexuan Cui To: ak@linux.intel.com, arnd@arndb.de, bp@alien8.de, brijesh.singh@amd.com, dan.j.williams@intel.com, dave.hansen@intel.com, dave.hansen@linux.intel.com, haiyangz@microsoft.com, hpa@zytor.com, jane.chu@oracle.com, kirill.shutemov@linux.intel.com, kys@microsoft.com, linux-hyperv@vger.kernel.org, luto@kernel.org, mingo@redhat.com, peterz@infradead.org, rostedt@goodmis.org, sathyanarayanan.kuppuswamy@linux.intel.com, seanjc@google.com, tglx@linutronix.de, tony.luck@intel.com, wei.liu@kernel.org, Jason@zx2c4.com, nik.borisov@suse.com, mikelley@microsoft.com Cc: x86@kernel.org, linux-kernel@vger.kernel.org, linux-arch@vger.kernel.org, Tianyu.Lan@microsoft.com, rick.p.edgecombe@intel.com, andavis@redhat.com, mheslin@redhat.com, vkuznets@redhat.com, xiaoyao.li@intel.com, Dexuan Cui Subject: [PATCH 9/9] x86/hyperv: Remove hv_isolation_type_en_snp Date: Fri, 11 Aug 2023 15:18:51 -0700 Message-Id: <20230811221851.10244-10-decui@microsoft.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20230811221851.10244-1-decui@microsoft.com> References: <20230811221851.10244-1-decui@microsoft.com> X-ClientProxiedBy: MW2PR16CA0047.namprd16.prod.outlook.com (2603:10b6:907:1::24) To MW2PR2101MB1099.namprd21.prod.outlook.com (2603:10b6:302:4::29) MIME-Version: 1.0 X-MS-Exchange-MessageSentRepresentingType: 1 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: MW2PR2101MB1099:EE_|DM4PR21MB3417:EE_ X-MS-Office365-Filtering-Correlation-Id: 29641c8c-ed06-4662-864c-08db9ab90e49 X-LD-Processed: 72f988bf-86f1-41af-91ab-2d7cd011db47,ExtAddr X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: R1C6z+vgysD6bUHtsc8VisjjZU8sN/mpv+itCyy5UwsOfsSNMZwfWwqwZUvf5oGxFoa0mrTjM/KLERTchSvxfIH0aMR7vTBcIRjjVuy8FN26c0UGVOBJspy5r+Ql52+Go249f+GC4t6NhKNeor7tnBdHmYp00wIt9TcKEDYQ11EAhD2xEc6Iuz7TNzG0Xz04nshHGVK9UtJq4j39GDdxXsQJkmgJbrQVa1uREJhmizgAj+x1rAFgllRhUCX/paQ2n/5cz3KjMaZuPeXN5UizZbKyXRMQGCaHqPztHLFkX2bNuB6B7RBas0s2+m6gzBCMso309xxxJVBVXteGz1fVvQXJpll10dSPAoC0/fpLrEJoX9cuCzQyYjYuIuTM3cU8TxWzN/CGgU0AV2SnMvz/Qq59Ezkx5Tj/1aADxMhfl4gQADpVjVOdAjJ1Kju/MiI5dvSpGJqenfWUPMbdCrSoFp5C8JO9QcZ+ZcbWmeNgn0XnJXpejdV0Jv8q8jH+6pV8MbOFct2D+OBv1fS7JMmBd9fM3dWmpNYOakLabLjreohD8GaZZauMzAcA4aevXDyUyp4EBToZeIkOfDxFO9VervR0pWltaBdHoUFPuuHJHqavM1+p2TxIoLMIliWVR7O36uYMwxBqkgJIjzBk6l7q8kaEntiY5S8UIVGPk6zwmmC56XwWLP+MCc2/cuxrXXZw X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:MW2PR2101MB1099.namprd21.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230028)(39860400002)(346002)(366004)(136003)(376002)(396003)(1800799006)(451199021)(186006)(2906002)(12101799016)(36756003)(2616005)(86362001)(41300700001)(83380400001)(5660300002)(8676002)(8936002)(6506007)(1076003)(107886003)(6512007)(6486002)(4326008)(6636002)(316002)(52116002)(478600001)(10290500003)(66946007)(66476007)(66556008)(6666004)(921005)(7416002)(7406005)(82960400001)(82950400001)(38100700002);DIR:OUT;SFP:1102; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: =?us-ascii?Q?Y7hJNZXKe0xs4wzu3qGVjzkAKnrEkIg28bEX3DAVs5cE26JxZZZ/fjUEOKPL?= =?us-ascii?Q?TrRPtQ+bvYFHSNzGc2qAkEJJ8K1cg/+mdVhoD8W8H7O5jatm6Z8oNk6/GpOj?= =?us-ascii?Q?XAbUzCX4zOi/kt+wldE+i5SXUax5yrm5VfrVNKa5g2fCFdlV2ELUpNWxsvcP?= =?us-ascii?Q?msSoUmx83FVQx7UQtm21rH8n5jzaLNsNEhQwoJaqcZo+cPQ7x5HZ3vQGMBF4?= =?us-ascii?Q?oNxd92l+0Ss5QGxl7LURE0uIGJcUpDh5Pk1FsGbi4ydZqiln+s+Wjnd/ZANk?= =?us-ascii?Q?9v7R+5RQgQefC17LzyveCvFqEYi06qa/jBt4kcBr7ppobFh5Wle5HNAJ4LvC?= =?us-ascii?Q?VOr0Zkc/buLIU5G6rJp9JsyXQRchnvxsSDsZT+gYUMd18I8nY6jemeypbLlq?= =?us-ascii?Q?MY2o2z+VLdyyLWra82gUNEgWmTXwVsetDeMOVaQibkJSls0L1tRiJ3TaraUE?= =?us-ascii?Q?y47BInXkyEHUBnm3V18KWuFpwDfDkDnCGw2QzAm1p3O0ewV6mpYE3D+IhOyo?= =?us-ascii?Q?qUISG8XVqOyv/fMZp+3RrxckZ4Y96qPksRIax+9OUZ/iJ6HwfIV94Zz1Y82p?= =?us-ascii?Q?LimFeT02TBqIoEH0X4Wf4kIa3UckIp2kaLQcn+/yzm3/T15v0ppwikoksSES?= =?us-ascii?Q?jqcwfDeEIVmoJEmO7iTz39N3kSuPvuTZa/MeR1QeSoH9i+cTiQKl0SEbmlfE?= =?us-ascii?Q?vWlvcF1iL4A2xScYK+eMuY6Xse8xf6t6kNT4LLa1m8K0/PEgTAWGFepedInD?= =?us-ascii?Q?7yGQtE2KtOVFBZSzLC+d7JKInAJSdfyIVVkFKisIzKeEFX51bl60lg+CerQe?= =?us-ascii?Q?vz4jgSbV12jNyA63u9oerX3pI5+IN2hTy5gNB8QIT+Uti1j+cildkVtytQCW?= =?us-ascii?Q?ySCh6XRRTFTgPDOjEUkJEp016gkYDxNkGl1JgqKhLHKyEJ2utltyFE48pbHP?= =?us-ascii?Q?R1zUeX+XNBtqbAQvUjE0L8HY2vf+Xo5qeF8LyEbWlMz4dQkf7eXC/eiPIYBU?= =?us-ascii?Q?EAKxm+f+oTir+TcuqyT3BbUe3Gl8NtGgcrjVl8RrSdtR1pvoZVfNtE/CegUR?= =?us-ascii?Q?NpHy/pVKL0z1vDtHR+dmtW25cRay64cfHZBqg5cNYEylTT7XAXjaMIcijruw?= =?us-ascii?Q?PJJKk9QyypUlvArRbl5mzpu0KEPOfMJTdS7Xnu5a5eXHay7TbFwVLovnTbMn?= =?us-ascii?Q?lzv9+KSqtevStBlV1CS84geOaQS4LmoidWPFaRWZWb2hKHkYaR1/5LSqxm7W?= =?us-ascii?Q?pNtCOU/W+iqg0NVXOVVRy9FwsibRTnK2ua0D6L9JdmWyWcNiAr9rT9i13Uem?= =?us-ascii?Q?Y5nInR12Uicd6VfwASwnz4GPGisBegcHwfCBrna5A7bIDk+Nl5c2T5+5ubWp?= =?us-ascii?Q?pZIIdPcbdCSjBblD8n0Y1MFmAzq1s2cIPG64eAHRxOVaRjdL8TC9umEFUaOZ?= =?us-ascii?Q?stmnm7IsRyQCkFkFf1pKfdqfGg5QlUof8xZIcEkrZny4Skw1Av7HV4TKgIUH?= =?us-ascii?Q?23wIcKRlPIxysC+fLkFtIH1UZl/qu+laRS40uVdLFVuXqiwRuKwE0KJGXp72?= =?us-ascii?Q?A1XEIjoycQGscSiTOiYP82A0GE/zy8I2PoPLYgnkcy0+Win4Fq36wwiW+BCf?= =?us-ascii?Q?mFnBEL+2XCos5mwCIvIaa7spMtrVvuw5WFSPZrH4TeM1?= X-OriginatorOrg: microsoft.com X-MS-Exchange-CrossTenant-Network-Message-Id: 29641c8c-ed06-4662-864c-08db9ab90e49 X-MS-Exchange-CrossTenant-AuthSource: MW2PR2101MB1099.namprd21.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 11 Aug 2023 22:19:40.4116 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 72f988bf-86f1-41af-91ab-2d7cd011db47 X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: d8UrWOkNUAHgWGY4lporF2GIakxs0VYR9g6ymJGn8HpsVzlDig7WvRxW2h5OPOd1Ps2zFSdKHpbhv8FKB5MmDA== X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM4PR21MB3417 Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" In ms_hyperv_init_platform(), do not distinguish between a SNP VM with the paravisor and a SNP VM without the paravisor. Replace hv_isolation_type_en_snp() with !hyperv_paravisor_present && hv_isolation_type_snp(). The hv_isolation_type_en_snp() in drivers/hv/hv.c and drivers/hv/hv_common.c can be changed to hv_isolation_type_snp() since we know !hyperv_paravisor_present is true there. Signed-off-by: Dexuan Cui Reviewed-by in the v6 patchset [3]. --- arch/x86/hyperv/hv_init.c | 2 +- arch/x86/hyperv/ivm.c | 12 +----------- arch/x86/kernel/cpu/mshyperv.c | 6 ++---- drivers/hv/hv.c | 4 ++-- drivers/hv/hv_common.c | 8 +------- 5 files changed, 7 insertions(+), 25 deletions(-) diff --git a/arch/x86/hyperv/hv_init.c b/arch/x86/hyperv/hv_init.c index abd0a8bd3f15e..b23466c1cd574 100644 --- a/arch/x86/hyperv/hv_init.c +++ b/arch/x86/hyperv/hv_init.c @@ -117,7 +117,7 @@ static int hv_cpu_init(unsigned int cpu) * is blocked to run in Confidential VM. So only decrypt assist * page in non-root partition here. */ - if (*hvp && hv_isolation_type_en_snp()) { + if (*hvp && !hyperv_paravisor_present && hv_isolation_type_snp()) { WARN_ON_ONCE(set_memory_decrypted((unsigned long)(*hvp), 1)); memset(*hvp, 0, PAGE_SIZE); } diff --git a/arch/x86/hyperv/ivm.c b/arch/x86/hyperv/ivm.c index b8fb1557c1986..068f05574067c 100644 --- a/arch/x86/hyperv/ivm.c +++ b/arch/x86/hyperv/ivm.c @@ -586,7 +586,7 @@ bool hv_is_isolation_supported(void) DEFINE_STATIC_KEY_FALSE(isolation_type_snp); =20 /* - * hv_isolation_type_snp - Check system runs in the AMD SEV-SNP based + * hv_isolation_type_snp - Check if the system runs in an AMD SEV-SNP based * isolation VM. */ bool hv_isolation_type_snp(void) @@ -594,16 +594,6 @@ bool hv_isolation_type_snp(void) return static_branch_unlikely(&isolation_type_snp); } =20 -DEFINE_STATIC_KEY_FALSE(isolation_type_en_snp); -/* - * hv_isolation_type_en_snp - Check system runs in the AMD SEV-SNP based - * isolation enlightened VM. - */ -bool hv_isolation_type_en_snp(void) -{ - return static_branch_unlikely(&isolation_type_en_snp); -} - DEFINE_STATIC_KEY_FALSE(isolation_type_tdx); /* * hv_isolation_type_tdx - Check if the system runs in an Intel TDX based diff --git a/arch/x86/kernel/cpu/mshyperv.c b/arch/x86/kernel/cpu/mshyperv.c index fb585d3b080b1..6b464ed3cf546 100644 --- a/arch/x86/kernel/cpu/mshyperv.c +++ b/arch/x86/kernel/cpu/mshyperv.c @@ -306,7 +306,7 @@ static void __init hv_smp_prepare_cpus(unsigned int max= _cpus) * Override wakeup_secondary_cpu_64 callback for SEV-SNP * enlightened guest. */ - if (hv_isolation_type_en_snp()) + if (!hyperv_paravisor_present && hv_isolation_type_snp()) apic->wakeup_secondary_cpu_64 =3D hv_snp_boot_ap; =20 if (!hv_root_partition) @@ -442,9 +442,7 @@ static void __init ms_hyperv_init_platform(void) ms_hyperv.isolation_config_a, ms_hyperv.isolation_config_b); =20 =20 - if (cc_platform_has(CC_ATTR_GUEST_SEV_SNP)) { - static_branch_enable(&isolation_type_en_snp); - } else if (hv_get_isolation_type() =3D=3D HV_ISOLATION_TYPE_SNP) { + if (hv_get_isolation_type() =3D=3D HV_ISOLATION_TYPE_SNP) { static_branch_enable(&isolation_type_snp); } else if (hv_get_isolation_type() =3D=3D HV_ISOLATION_TYPE_TDX) { static_branch_enable(&isolation_type_tdx); diff --git a/drivers/hv/hv.c b/drivers/hv/hv.c index 6b5f1805d4749..932b8bc239acb 100644 --- a/drivers/hv/hv.c +++ b/drivers/hv/hv.c @@ -166,7 +166,7 @@ int hv_synic_alloc(void) } =20 if (!hyperv_paravisor_present && - (hv_isolation_type_en_snp() || hv_isolation_type_tdx())) { + (hv_isolation_type_snp() || hv_isolation_type_tdx())) { ret =3D set_memory_decrypted((unsigned long) hv_cpu->synic_message_page, 1); if (ret) { @@ -227,7 +227,7 @@ void hv_synic_free(void) } =20 if (!hyperv_paravisor_present && - (hv_isolation_type_en_snp() || hv_isolation_type_tdx())) { + (hv_isolation_type_snp() || hv_isolation_type_tdx())) { if (hv_cpu->synic_message_page) { ret =3D set_memory_encrypted((unsigned long) hv_cpu->synic_message_page, 1); diff --git a/drivers/hv/hv_common.c b/drivers/hv/hv_common.c index c0b0ac44ffa3c..d3f95a1be1e99 100644 --- a/drivers/hv/hv_common.c +++ b/drivers/hv/hv_common.c @@ -386,7 +386,7 @@ int hv_common_cpu_init(unsigned int cpu) } =20 if (!hyperv_paravisor_present && - (hv_isolation_type_en_snp() || hv_isolation_type_tdx())) { + (hv_isolation_type_snp() || hv_isolation_type_tdx())) { ret =3D set_memory_decrypted((unsigned long)mem, pgcount); if (ret) { /* It may be unsafe to free 'mem' */ @@ -535,12 +535,6 @@ bool __weak hv_isolation_type_snp(void) } EXPORT_SYMBOL_GPL(hv_isolation_type_snp); =20 -bool __weak hv_isolation_type_en_snp(void) -{ - return false; -} -EXPORT_SYMBOL_GPL(hv_isolation_type_en_snp); - bool __weak hv_isolation_type_tdx(void) { return false; --=20 2.25.1