From nobody Thu Dec 18 06:32:21 2025 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 0F859C83003 for ; Thu, 24 Aug 2023 08:10:29 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S234788AbjHXIJ6 (ORCPT ); Thu, 24 Aug 2023 04:09:58 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:39002 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S240491AbjHXIJy (ORCPT ); Thu, 24 Aug 2023 04:09:54 -0400 Received: from DM6FTOPR00CU001.outbound.protection.outlook.com (mail-centralusazon11020019.outbound.protection.outlook.com [52.101.61.19]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id C87B919B4; Thu, 24 Aug 2023 01:09:15 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=AVYrxRefmJZozrH7k77l+o8ObLzlFO/OVysvc2rITpeiqxAkKUcd1kWUyeScg/eezfBgJki4lV3D1y2bdlSgkAWSYeIHG3TX9NaDdByGKllRRH4K8PDK6dSemT5tqRXTlkrTUUrWkPxfADZ33Jo59XtoOfEetplm8WaKTLYKYXUUMa4mvQ2vC/kMxwfv6mJz0BNmZPtDq/pmImXdtiMyvSudXcHnkh+fncff41nX0vV+r66mPdiIOR2AYH1V9CbP7BL5bTWaaXFlfF0hy20Y4/Qx5IxcvGiGRz8iVQ0r6NYwOCp/mEv26Ro4L8RerPx8yaQ5bhig7woOrSn61WoYGg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=hNnCWruRzaVzMVsHevd9qI5PkSxJpdgik0ZgJNbUbt8=; b=VQivQCGx74AO/KELMsvsDPOY75IAAjMoBvCwqQWZJIK5DU3JJFDN3HRjd+aE0Ufs9+yn4MBJ+l7HAuAjWnzRLj93uVJpcqL4TfLdn2GZ9T/peY7eh6slSOr+G4daAcj/7lIHa9HQQtbZJmLTS8ps4js3mlOssIA44smDV7GvSd/9cuafzCOk5qKEJmH554kw21mxzon+4nAifQmYnspuZdS4D1Csv6j83QsMPNLMiibTIUNxJ5NNAL8LDURavXYd3P78tTo3pByyoXBx5vPMauhIfRqBfyaWczb5EW1owIQXeL3AbZ8SYn+fuj/iElb49ScgXoL0D5foHG7u9e7KKg== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=microsoft.com; dmarc=pass action=none header.from=microsoft.com; dkim=pass header.d=microsoft.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=hNnCWruRzaVzMVsHevd9qI5PkSxJpdgik0ZgJNbUbt8=; b=X8PgTiXiGd4VpFcBEFCWSpUwtZ9qKoLUQU2aQNDy4ZsDky1nCx80m6Z2dFlAvzJqp1tG6lnfrhlpd2vlCXEBQCZLcjR5zL1ybKezYwkh3WPeQ0huPKXcENm0i+0x+3EE5RLt0923XxUIxQ7m1AO7mxxlq39e5VKcIxhko4WRq/U= Authentication-Results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=microsoft.com; Received: from BL0PR2101MB1092.namprd21.prod.outlook.com (2603:10b6:207:30::23) by PH8PR21MB3901.namprd21.prod.outlook.com (2603:10b6:510:23a::20) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6745.4; Thu, 24 Aug 2023 08:07:54 +0000 Received: from BL0PR2101MB1092.namprd21.prod.outlook.com ([fe80::b3df:a8e9:52dd:dfad]) by BL0PR2101MB1092.namprd21.prod.outlook.com ([fe80::b3df:a8e9:52dd:dfad%5]) with mapi id 15.20.6745.006; Thu, 24 Aug 2023 08:07:54 +0000 From: Dexuan Cui To: ak@linux.intel.com, arnd@arndb.de, bp@alien8.de, brijesh.singh@amd.com, dan.j.williams@intel.com, dave.hansen@intel.com, dave.hansen@linux.intel.com, haiyangz@microsoft.com, hpa@zytor.com, jane.chu@oracle.com, kirill.shutemov@linux.intel.com, kys@microsoft.com, linux-hyperv@vger.kernel.org, luto@kernel.org, mingo@redhat.com, peterz@infradead.org, rostedt@goodmis.org, sathyanarayanan.kuppuswamy@linux.intel.com, seanjc@google.com, tglx@linutronix.de, tony.luck@intel.com, wei.liu@kernel.org, Jason@zx2c4.com, nik.borisov@suse.com, mikelley@microsoft.com Cc: x86@kernel.org, linux-kernel@vger.kernel.org, linux-arch@vger.kernel.org, Tianyu.Lan@microsoft.com, rick.p.edgecombe@intel.com, andavis@redhat.com, mheslin@redhat.com, vkuznets@redhat.com, xiaoyao.li@intel.com, Dexuan Cui Subject: [PATCH v3 01/10] x86/hyperv: Add hv_isolation_type_tdx() to detect TDX guests Date: Thu, 24 Aug 2023 01:07:03 -0700 Message-Id: <20230824080712.30327-2-decui@microsoft.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20230824080712.30327-1-decui@microsoft.com> References: <20230824080712.30327-1-decui@microsoft.com> X-ClientProxiedBy: CY5PR15CA0175.namprd15.prod.outlook.com (2603:10b6:930:81::20) To BL0PR2101MB1092.namprd21.prod.outlook.com (2603:10b6:207:30::23) MIME-Version: 1.0 X-MS-Exchange-MessageSentRepresentingType: 1 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: BL0PR2101MB1092:EE_|PH8PR21MB3901:EE_ X-MS-Office365-Filtering-Correlation-Id: b853fe43-fd60-46c3-7077-08dba4793833 X-LD-Processed: 72f988bf-86f1-41af-91ab-2d7cd011db47,ExtAddr X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: YMUYeegFSFKKuokF/6XUpczy5VLus+6u5zv5nWteesFxdmeYJcvnxvgobLRF+hts8CzT4zLFJA/NYaPv5q/0wTJ5lsSlc8GjIAAh7F6aEbO6OQr6e8BoXQ30WWc+L0Swdm2sn7ON6SHTTC9BYOBGQJMNbUDxHpkBfIJemsPERtenwSv8azxmYzh+PwS5+wzVlOi7iCG9ybGwiDMEOzw/4NJtCKYjzpT5OLc0GxhFh6di/I+RScQznmnm2Omwiujm/BLHGbR/SEUq8vPyhN+fOqP7n8ZmPk3Glch0DhK8w8O6ponYcd+D9GR85H4yqlQKtRK7haJM/LSccEqUCE8BnPgBvgGhszQARSUlep/ukNEumEZV26XubOjbkupjy8lYySHETtFwXox7vk/DbVS9p7+sS2smdb+gcI6qpvB+oEA6FQ5lrFsQeWZ8elUtEX3/jvQuIG5bvew+N/pzELgO3LixDTytPVu21m+gs7lyplZQZtYaAvf30X4/mybgOgHydqqTq4OCO3jyUUXAg/OdMuaoBLXlfEUL2Pp25BpYsTbNUis3EP1++qSw1587bKGK4KElfhz9nVkOW2W/m6c2GNSv6PqzK3+JGJDDoQvfpavhTfKjEQB8Lb7+4klK4ahWJYA33gtWMweibgeqm7II+BLniivgWpssmWtyaQR3tfSSjV65jQPlcGa16+WdkvkD X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:BL0PR2101MB1092.namprd21.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230031)(396003)(376002)(366004)(346002)(39860400002)(136003)(451199024)(1800799009)(186009)(12101799020)(478600001)(6486002)(10290500003)(6666004)(83380400001)(38100700002)(7406005)(82950400001)(921005)(2906002)(52116002)(7416002)(4326008)(1076003)(6506007)(2616005)(107886003)(6512007)(66556008)(36756003)(66476007)(86362001)(82960400001)(5660300002)(316002)(8676002)(8936002)(6636002)(66946007)(41300700001);DIR:OUT;SFP:1102; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: =?us-ascii?Q?UhB5yoM3OfhLEv49I5KIY3EskLiBRWaC3W7U6kQ9cxDyDF60Aw2UvJQJ5PdD?= =?us-ascii?Q?Qb0UA31pbgLo7OioOT/loZ2KaS5u/HrRqgBeD3G6AgFjHvq04oIdQ588BecC?= =?us-ascii?Q?uPzppzOzLhh0IT5ccV98VL7SPr7R1yDFFVAgWMELJD46bBCN/umpXCEa2qq4?= =?us-ascii?Q?Q1NnlI9Kz5lTcs5DGWQKqEoQKIHBXkHa+p5eNPGUE484aQjzH3Bo08l/Q12+?= =?us-ascii?Q?ATR5fhAMCZzOHX9jPa+t+2fUxxvnmSpGhj7aZScxOjz4YKiH1QBpGjtHZQGg?= =?us-ascii?Q?38ZjpmRn25xAxkIeFfVtXYXmvwpTM5LuU0f8PPg8FlgGBXnhBhHg7gyTZYWT?= =?us-ascii?Q?IkLo2mnXw+l3i4bel4MJ03EE6zx2hZU7ca0hiZbfx7e2X6v1gB2+jTldwFhi?= =?us-ascii?Q?3RI42tH9mqv9elOPxNm25iOAuL7W4WFDRWhMKh6Z6BlaUaF1AdQPVpvRGIDL?= =?us-ascii?Q?9NsIztMrcWZSD09tBXBhoYNQP2mBy9N2XqHfIk8hDt+EpSe8nAHPYTUrdI89?= =?us-ascii?Q?4HaQ+mU62/sgAwwCZNMRSISIrzgc2BL2gjJdMcv6dDUIENaiQjlU5qk2KhyU?= =?us-ascii?Q?NQabc12n5t/LPSmyz+xl2DJP9RN5IKog4HQzrAtyo5wbJ7wczKSzFk3k20BK?= =?us-ascii?Q?9y7pFbtgolgi5K/tpQxH7Y7ZAG9qXAYzcAFItMWxrL2WpmcpYDmDI/m29yda?= =?us-ascii?Q?hSE3oEySfn/tIt1VhhmPZkPhrpgLvIBK/k+0ML+vKUbfTBJDEcYCEJ7534s9?= =?us-ascii?Q?OZrgyxfWiWsfM7e7hd31i4yAwjMnWas3xOsW/q6TERivwA/LBRpoiUOx2wbk?= =?us-ascii?Q?P09Y1NQiv4p63MD8E9ItM8PDuu6NL6v3qXdBEmJp7tZf0Brc+Q43JA1eHNgv?= =?us-ascii?Q?yPQsBxGqlHaXCdOr+A5qx2SNMbVoqgLhcWz74OIxqThzh6wBXnDEiG2T9Miw?= =?us-ascii?Q?QWeOKC9392pCMFH03bwnBb96/45YpyjC3BYUO2RhWRMZ0Qc0boPz34uCaY5m?= =?us-ascii?Q?0lkeEiskU1g6gpMklz7/taLF4jAsgeuQX7UrS0zwhHcpw9j+BVgtUCmRa/oy?= =?us-ascii?Q?eQoHMz4+PV2ma6AiWUgSSGoXOLYxLGT22nMVztMUYcVMDWdZpsbj/3eOm/jg?= =?us-ascii?Q?INInOY1pbuSla3IwjUpgw0aG6QRrCVhmP3sqt/v8VqNrYkU+zMoWviMmWGY7?= =?us-ascii?Q?afBomg7i3Wp2ltGrPPjLC19101ldG4IGbFB9hKmYy5329VtCMtXK9qXTkLZ1?= =?us-ascii?Q?mPR30JTLzTY3U4aEiO5Bef/+IWNwBczP5639W7ZZbanJKWoqUaWKAO9fYxsN?= =?us-ascii?Q?XIDVmHXI2fJponCxCfKbPUkRyseLf9wD94YSfQ++Nt3husyOEulX1c6czfmi?= =?us-ascii?Q?jZjst1RN7KMG4Xm4Aoq10qx52M3OhH6GjvZGLl+5sTb2CvkdL6Emdzx6y/k0?= =?us-ascii?Q?6SFrdxONcmAQhNKRZY8+p/JLrhST/692miGUpneZHL9Ffe9W/bUjouKf1vhQ?= =?us-ascii?Q?hTSK49mhXVwCF0jvxwJSUvQ0uibDtN5XmAordfbj5QihhJyViwUuYB5TOEjs?= =?us-ascii?Q?kiGcHSmxpEgNGal9VD80MxEpVaFImyhGhJOnEliEiwW0eLgCONNZWxLwRRDK?= =?us-ascii?Q?vb6eostmjcOwqA0TLd5nDOZRfxCNxybFrOpJVxKTy0rk?= X-OriginatorOrg: microsoft.com X-MS-Exchange-CrossTenant-Network-Message-Id: b853fe43-fd60-46c3-7077-08dba4793833 X-MS-Exchange-CrossTenant-AuthSource: BL0PR2101MB1092.namprd21.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 24 Aug 2023 08:07:54.6826 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 72f988bf-86f1-41af-91ab-2d7cd011db47 X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: YyS563LN4h41YPtf/Ia+cTYsyAwzanLeXWtAYEHN/x8gtTglhG3/NBU4Fuza+/VGj0QxCu5JPmka1/TaCxK+sQ== X-MS-Exchange-Transport-CrossTenantHeadersStamped: PH8PR21MB3901 Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" No logic change to SNP/VBS guests. hv_isolation_type_tdx() will be used to instruct a TDX guest on Hyper-V to do some TDX-specific operations, e.g. for a fully enlightened TDX guest (i.e. without the paravisor), hv_do_hypercall() should use __tdx_hypercall() and such a guest on Hyper-V should handle the Hyper-V Event/Message/Monitor pages specially. Reviewed-by: Michael Kelley Reviewed-by: Tianyu Lan Signed-off-by: Dexuan Cui Reviewed-by in the v6 patchset [2]. --- Changes in v2: Added Tianyu's Reviewed-by. Changes in v3: None. arch/x86/hyperv/ivm.c | 9 +++++++++ arch/x86/include/asm/hyperv-tlfs.h | 3 ++- arch/x86/include/asm/mshyperv.h | 3 +++ arch/x86/kernel/cpu/mshyperv.c | 2 ++ drivers/hv/hv_common.c | 6 ++++++ include/asm-generic/mshyperv.h | 1 + 6 files changed, 23 insertions(+), 1 deletion(-) diff --git a/arch/x86/hyperv/ivm.c b/arch/x86/hyperv/ivm.c index cbbd3af4c3da..afdae1a8a117 100644 --- a/arch/x86/hyperv/ivm.c +++ b/arch/x86/hyperv/ivm.c @@ -562,3 +562,12 @@ bool hv_isolation_type_en_snp(void) return static_branch_unlikely(&isolation_type_en_snp); } =20 +DEFINE_STATIC_KEY_FALSE(isolation_type_tdx); +/* + * hv_isolation_type_tdx - Check if the system runs in an Intel TDX based + * isolated VM. + */ +bool hv_isolation_type_tdx(void) +{ + return static_branch_unlikely(&isolation_type_tdx); +} diff --git a/arch/x86/include/asm/hyperv-tlfs.h b/arch/x86/include/asm/hype= rv-tlfs.h index 4bf0b315b0ce..2ff26f53cd62 100644 --- a/arch/x86/include/asm/hyperv-tlfs.h +++ b/arch/x86/include/asm/hyperv-tlfs.h @@ -169,7 +169,8 @@ enum hv_isolation_type { HV_ISOLATION_TYPE_NONE =3D 0, HV_ISOLATION_TYPE_VBS =3D 1, - HV_ISOLATION_TYPE_SNP =3D 2 + HV_ISOLATION_TYPE_SNP =3D 2, + HV_ISOLATION_TYPE_TDX =3D 3 }; =20 /* Hyper-V specific model specific registers (MSRs) */ diff --git a/arch/x86/include/asm/mshyperv.h b/arch/x86/include/asm/mshyper= v.h index b6be267ff3d0..3feb4e36851e 100644 --- a/arch/x86/include/asm/mshyperv.h +++ b/arch/x86/include/asm/mshyperv.h @@ -27,6 +27,7 @@ union hv_ghcb; =20 DECLARE_STATIC_KEY_FALSE(isolation_type_snp); DECLARE_STATIC_KEY_FALSE(isolation_type_en_snp); +DECLARE_STATIC_KEY_FALSE(isolation_type_tdx); =20 typedef int (*hyperv_fill_flush_list_func)( struct hv_guest_mapping_flush_list *flush, @@ -49,6 +50,8 @@ extern u64 hv_current_partition_id; extern union hv_ghcb * __percpu *hv_ghcb_pg; =20 extern bool hv_isolation_type_en_snp(void); +bool hv_isolation_type_tdx(void); + /* * DEFAULT INIT GPAT and SEGMENT LIMIT value in struct VMSA * to start AP in enlightened SEV guest. diff --git a/arch/x86/kernel/cpu/mshyperv.c b/arch/x86/kernel/cpu/mshyperv.c index c8d3ca2b0e0e..63093870ec33 100644 --- a/arch/x86/kernel/cpu/mshyperv.c +++ b/arch/x86/kernel/cpu/mshyperv.c @@ -418,6 +418,8 @@ static void __init ms_hyperv_init_platform(void) static_branch_enable(&isolation_type_snp); else static_branch_enable(&isolation_type_en_snp); + } else if (hv_get_isolation_type() =3D=3D HV_ISOLATION_TYPE_TDX) { + static_branch_enable(&isolation_type_tdx); } } =20 diff --git a/drivers/hv/hv_common.c b/drivers/hv/hv_common.c index 2d43ba2bc925..da3307533f4d 100644 --- a/drivers/hv/hv_common.c +++ b/drivers/hv/hv_common.c @@ -521,6 +521,12 @@ bool __weak hv_isolation_type_en_snp(void) } EXPORT_SYMBOL_GPL(hv_isolation_type_en_snp); =20 +bool __weak hv_isolation_type_tdx(void) +{ + return false; +} +EXPORT_SYMBOL_GPL(hv_isolation_type_tdx); + void __weak hv_setup_vmbus_handler(void (*handler)(void)) { } diff --git a/include/asm-generic/mshyperv.h b/include/asm-generic/mshyperv.h index efd0d2aedad3..82eba2d5fc4c 100644 --- a/include/asm-generic/mshyperv.h +++ b/include/asm-generic/mshyperv.h @@ -66,6 +66,7 @@ extern u64 hv_do_hypercall(u64 control, void *inputaddr, = void *outputaddr); extern u64 hv_do_fast_hypercall8(u16 control, u64 input8); extern bool hv_isolation_type_snp(void); extern bool hv_isolation_type_en_snp(void); +bool hv_isolation_type_tdx(void); =20 /* Helper functions that provide a consistent pattern for checking Hyper-V= hypercall status. */ static inline int hv_result(u64 status) --=20 2.25.1 From nobody Thu Dec 18 06:32:21 2025 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id B19DAC83003 for ; Thu, 24 Aug 2023 08:11:00 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S236179AbjHXIKc (ORCPT ); Thu, 24 Aug 2023 04:10:32 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:58574 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S235870AbjHXIKB (ORCPT ); Thu, 24 Aug 2023 04:10:01 -0400 Received: from DM5PR00CU002.outbound.protection.outlook.com (mail-cusazlp170110003.outbound.protection.outlook.com [IPv6:2a01:111:f403:c111::3]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 2D6001711; Thu, 24 Aug 2023 01:09:25 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=Cj1ZpUaH/+vfovkc7v6DTw+7yFV0k454JnZTXy2nmFkZ+W/SSW7EQzzmFoczvrCl/FDxzt4xnyYi/ukpuTxDJfDLe3Cd3J1DXE/XVxbba/bOnWk1ERpKpT3To6ZSEKpX4sBdNsse7Z/efepJ6WgDC3F0ha3V/QZgJuzMi2Fajrwx6x4JoDR5RFtis5W5UGH6OkPLk1sW929Bn0MaAz+xbYLv7ykikBFXyn1l56wdCiTl2eN1Wj1KIC3KHptYpNv0sWFrb+HNNIQvJnjBgOjOzAHP/Ww7Ju2c9kGHHMIykcJEeR9QNiYHgi8nmMJwJjJ7prgF8D/tzXLV+8OfG9E+9w== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=pJO0dTUqrjmxy/9FRCN2EjxqSxtkuSOQhjpYPBOtZpU=; b=hrGhp8B6wI/TQgOXwrXf40YYhle67iX0eRuC058p35kMqpqx//FXzok8MRVe/UPG/Wo7haXqoJOrG0/gHa5VRPDQyl7hQxz9vOcdHgUXvia/cJ6sfnabK49d9wN5++UDH079iLOa2q708QnPh75xeAOE1oFlkWiLCyeoTFXAuXlXSCSsyL7o2q30L/ue1R8oX6Z2AWefdKM9MZfhB+cnuIkwbSH2/rcohHA1EE/DxCXSP5UAThvhyqoP/InxU1PjpWAuEg++BFOyGZTC8a9JTNCUhMicF/xerPtXdcTyspKv9csWTSqBkOznE0/IOF1Xd1LZqlbv5SFzX9YBbfYT+w== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=microsoft.com; dmarc=pass action=none header.from=microsoft.com; dkim=pass header.d=microsoft.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=pJO0dTUqrjmxy/9FRCN2EjxqSxtkuSOQhjpYPBOtZpU=; b=QKtB//cHNs9fhdrYZ3S1adTgQVCQuGDwLxZQumgCbkSgBOP+wRsSXtV5K5kiZ3smhcAiqZmliGsi4Ny/4BN/SAc7zi5Rqi6HKGQqphF4KRHJdLPdjrbRTkCtBvNTN3JM0ThXIQw23vMhgNaihA3XwRTijNFjdQqZMlCh4EWYv50= Authentication-Results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=microsoft.com; Received: from BL0PR2101MB1092.namprd21.prod.outlook.com (2603:10b6:207:30::23) by PH8PR21MB3901.namprd21.prod.outlook.com (2603:10b6:510:23a::20) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6745.4; Thu, 24 Aug 2023 08:07:57 +0000 Received: from BL0PR2101MB1092.namprd21.prod.outlook.com ([fe80::b3df:a8e9:52dd:dfad]) by BL0PR2101MB1092.namprd21.prod.outlook.com ([fe80::b3df:a8e9:52dd:dfad%5]) with mapi id 15.20.6745.006; Thu, 24 Aug 2023 08:07:57 +0000 From: Dexuan Cui To: ak@linux.intel.com, arnd@arndb.de, bp@alien8.de, brijesh.singh@amd.com, dan.j.williams@intel.com, dave.hansen@intel.com, dave.hansen@linux.intel.com, haiyangz@microsoft.com, hpa@zytor.com, jane.chu@oracle.com, kirill.shutemov@linux.intel.com, kys@microsoft.com, linux-hyperv@vger.kernel.org, luto@kernel.org, mingo@redhat.com, peterz@infradead.org, rostedt@goodmis.org, sathyanarayanan.kuppuswamy@linux.intel.com, seanjc@google.com, tglx@linutronix.de, tony.luck@intel.com, wei.liu@kernel.org, Jason@zx2c4.com, nik.borisov@suse.com, mikelley@microsoft.com Cc: x86@kernel.org, linux-kernel@vger.kernel.org, linux-arch@vger.kernel.org, Tianyu.Lan@microsoft.com, rick.p.edgecombe@intel.com, andavis@redhat.com, mheslin@redhat.com, vkuznets@redhat.com, xiaoyao.li@intel.com, Dexuan Cui Subject: [PATCH v3 02/10] x86/hyperv: Support hypercalls for fully enlightened TDX guests Date: Thu, 24 Aug 2023 01:07:04 -0700 Message-Id: <20230824080712.30327-3-decui@microsoft.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20230824080712.30327-1-decui@microsoft.com> References: <20230824080712.30327-1-decui@microsoft.com> X-ClientProxiedBy: CY5PR15CA0175.namprd15.prod.outlook.com (2603:10b6:930:81::20) To BL0PR2101MB1092.namprd21.prod.outlook.com (2603:10b6:207:30::23) MIME-Version: 1.0 X-MS-Exchange-MessageSentRepresentingType: 1 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: BL0PR2101MB1092:EE_|PH8PR21MB3901:EE_ X-MS-Office365-Filtering-Correlation-Id: f8633869-d7c5-4b39-a3b8-08dba47939d4 X-LD-Processed: 72f988bf-86f1-41af-91ab-2d7cd011db47,ExtAddr X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: RXx7pIR4cwlCTpXilpMTujpRJBXzjSuBiAfpXSpp+IL/Ax5fzTwFasyRuf+4Fb2B4C+5BKd5pxyc6DHHdsSEl3lOvLuVZrTUsq3Mk4SGG58CkTOk4Pk6BHilwiCXC8YlnMx23/CluLosv068D70ayXw8u1kstdSjMnvlqZ7bIed6Pisk5Xuxvk6JDd64low1yGU/DfWWfj3vQjMdYT17KdeTY/35dpF9YtFe8+7EqEamhZm8zR8UAEFSzCkkbu/5hNjpBJYTSlinOkMbl98Icm3nasWrSKUxhETYIme0+TU2wXWSHcx0M5rTZbl0CSbPTuBPMi96JGseOx63YGoKIGQwK5YLhpFqTelf+tH1FbKCZYKrpu0YGktGCwRuiRjQ7S0M2PB9y98hxhcihSPaBSs/MJG8Tv1JBCmXVric4DonjlrIZ4KUGKKZahD51E8bdgDrhtp0gW9aHOiwCFgTU439R5OmlUiaZhMcrn8vgXlQe033uJmVVtNSHgMxmvytoRRqsCd9Vq7CCNPS3MGhCDVPhgvz8/Xmq6woQKJIa22Xo907PpPCpskgEmHVvxU/kiRcd0WKJ865j480oncS+Bpctt6ope1gWjGIE6QJaRWWtdD7+RJtsUkLANdz2L7xzYJ1RucP/O3nElsDGah2F5woO/3dD1INpLlvCB7gQQMlnl+FKDxDFd9526Y612Wb X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:BL0PR2101MB1092.namprd21.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230031)(396003)(376002)(366004)(346002)(39860400002)(136003)(451199024)(1800799009)(186009)(12101799020)(478600001)(6486002)(10290500003)(6666004)(83380400001)(38100700002)(7406005)(82950400001)(921005)(2906002)(52116002)(7416002)(4326008)(1076003)(6506007)(2616005)(107886003)(6512007)(66556008)(36756003)(66476007)(86362001)(82960400001)(5660300002)(316002)(8676002)(8936002)(6636002)(66946007)(41300700001);DIR:OUT;SFP:1102; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: =?us-ascii?Q?YKgVYUjQB1fQsC7UAeR3dBzcW/5NfN0Xvn59SclpXjb07wj8oEJDOrOAeJZY?= =?us-ascii?Q?tkWWcd90ABp1tmf+J5Z7JLrXMb0GXRMguBW4PUbU0fV7rPTyyfZnwILocKrD?= =?us-ascii?Q?keloxN7JNbcdTb83fbj08/9RUK8pZCDgoZU/3NaOspal1z7ajHfyhrFYiZKs?= =?us-ascii?Q?2GIhkSQDp7p8ONPz9aTj36uSBWMmismuQkQb7gCffPNSij24/dfdPcgFA5sv?= =?us-ascii?Q?tfQ5OQ2IR0C05ovM+EvqeyMRPACvTpM059jsZ7RRyT6U0JvX7ruay5pcE6ka?= =?us-ascii?Q?vOROvRwASDQJi9gc7d0qtY3z+z3oOl2sVKPFHXcgmtDJYWjtCTCbjSg0D5ZO?= =?us-ascii?Q?zSqSRlqpY7kFmKMKBACErr/VWCfK2W0ICWVemUjDjr8NT7el+8hlVQyU816H?= =?us-ascii?Q?3A4e5USu82xMRfjqVkTUmenwIF34J5JDJdT2C8lIFW8Wj9ZG1y+Ih8MW4l61?= =?us-ascii?Q?IahgIRnwDhuSSqcMRktnAdd4t0iH8AJ9i9BmpfHR3BJdwLwEaASNnIqxeIpp?= =?us-ascii?Q?7WG1GmG8BuHRRAZTVXbwTXtbLftjBVYClqlyf4VgmnBTu6+Y2G1wpdsEbeeV?= =?us-ascii?Q?QB3FJZPJMVSrtUSKoLhaaiWOW2j5aREGVt0REyItu/TyBlVh0MwRYtND+Qke?= =?us-ascii?Q?hTcuREagLj5uwzRwEdV5sscpNEM4sre7DKC142Xq/O3v8R4tqP1W5AX1XB4g?= =?us-ascii?Q?c18+rtdEC04MtHMlzD9HG/OJyxeoe8xf3KtM2vcAVq4wAdCEg/vKYvRx3OWi?= =?us-ascii?Q?XpCs3VFJkkJ9fvy1oXATVsUKlNd7bSghZqEvDFwGC4z+PXDFy7zUyr0gH3a7?= =?us-ascii?Q?39hEGuYmMRezjevETdnxpPDjuYVMx/oH2OKQ2bvTPDOK6VYKuAtnzjD5fped?= =?us-ascii?Q?xbPDAeMXRIPhFrRl2zZ1E/uBeeBbMjfX64mULyWTulbSQbZB3W7dIroDr4/5?= =?us-ascii?Q?NN79gDvhmPZBH4hO62V7H3JVWojWb5XUdh+MBoV0mP3EG72jGIDipudkYteM?= =?us-ascii?Q?VotC55mXZDV0AYKC+LMw4q1/g4tO4TL4NnGFT9gUmCq6KhqCNWl/jQ072VI3?= =?us-ascii?Q?ZmtrS/ujjV/GsdA5mgbuupp/hJyWCuL++Q4Gy9tU0o1oTqeE5wuX1G/4Coq+?= =?us-ascii?Q?KT1md0yexg8+IbHyCNNK6sd/5cWNMCGw/nxFm3wXAddjqybxZ43GI5lgwGy2?= =?us-ascii?Q?49oKgkFMZ/6rWJ99ifky6yRUTxLmtBXLYHblRYDzsgrPZV5CG6RuGZ+UIWzA?= =?us-ascii?Q?N9s9E5iTWcdilx3DXSRwDpc4mt4ZW/VhzC1TIWV4fwlzZwsC1OG2QId0Kv4Q?= =?us-ascii?Q?R+rswxcgM/kizyntKTbc9hxPK2OtBAn5NAK6g+8AQLERbG5MYYhyQ/HzTBs/?= =?us-ascii?Q?eB6EylCmFqepCyp08awCSVKJ3arR5r1nRzcveSbSOtGMKjc9ImTHYSM1nJqj?= =?us-ascii?Q?TjKnVg7igqG1aa7/BVZ9CSpK5a5MfSrk10MkLbSOjN3TkaXhE1Om0qr+s1Nz?= =?us-ascii?Q?782SOOuprk4eTpA+TP5GuGydaiQKEbZeMnBbStsQ7IekgZppDA2cfyX5ba95?= =?us-ascii?Q?SYqtlLG8uuIu/BarVRnb1msfWBvGRzjrYN/YX4HfH7dilrncjT6i5xL9Bftv?= =?us-ascii?Q?ykt7UWeggQJRZd7LJcGpUOe4lcW1Ms3A5FBd1lRC0MRd?= X-OriginatorOrg: microsoft.com X-MS-Exchange-CrossTenant-Network-Message-Id: f8633869-d7c5-4b39-a3b8-08dba47939d4 X-MS-Exchange-CrossTenant-AuthSource: BL0PR2101MB1092.namprd21.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 24 Aug 2023 08:07:57.4029 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 72f988bf-86f1-41af-91ab-2d7cd011db47 X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: t8hXF+yA6gwekYQKLTGDnjeqcVzFJiHcP/RDdpeARGXQnevwF4md6cmAz3+DijKbYz+Vnyjfh3jm5+W2Q35qIQ== X-MS-Exchange-Transport-CrossTenantHeadersStamped: PH8PR21MB3901 Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" A fully enlightened TDX guest on Hyper-V (i.e. without the paravisor) only uses the GHCI call rather than hv_hypercall_pg. Do not initialize hypercall_pg for such a guest. In hv_common_cpu_init(), the hyperv_pcpu_input_arg page needs to be decrypted in such a guest. Reviewed-by: Kuppuswamy Sathyanarayanan Reviewed-by: Michael Kelley Reviewed-by: Tianyu Lan Signed-off-by: Dexuan Cui Reviewed-by in the v6 patchset [2]. --- Changes in v2: Included asm/coco.h in arch/x86/include/asm/mshyperv.h to avoid a gcc warning: "implicit declaration of cc_mkdec" Changes in v3: Added Tianyu's Reviewed-by. Removed the cc_mkdec() from hv_do_hypercall(). This is no longer needed on generally available Hyper-V. Removed the inclusion of coco.h arch/x86/hyperv/hv_init.c | 8 ++++++++ arch/x86/hyperv/ivm.c | 17 +++++++++++++++++ arch/x86/include/asm/mshyperv.h | 14 ++++++++++++++ drivers/hv/hv_common.c | 10 ++++++++-- include/asm-generic/mshyperv.h | 1 + 5 files changed, 48 insertions(+), 2 deletions(-) diff --git a/arch/x86/hyperv/hv_init.c b/arch/x86/hyperv/hv_init.c index bcfbcda8b050..255e02ec467e 100644 --- a/arch/x86/hyperv/hv_init.c +++ b/arch/x86/hyperv/hv_init.c @@ -476,6 +476,10 @@ void __init hyperv_init(void) /* Hyper-V requires to write guest os id via ghcb in SNP IVM. */ hv_ghcb_msr_write(HV_X64_MSR_GUEST_OS_ID, guest_id); =20 + /* A TDX guest uses the GHCI call rather than hv_hypercall_pg. */ + if (hv_isolation_type_tdx()) + goto skip_hypercall_pg_init; + hv_hypercall_pg =3D __vmalloc_node_range(PAGE_SIZE, 1, VMALLOC_START, VMALLOC_END, GFP_KERNEL, PAGE_KERNEL_ROX, VM_FLUSH_RESET_PERMS, NUMA_NO_NODE, @@ -515,6 +519,7 @@ void __init hyperv_init(void) wrmsrl(HV_X64_MSR_HYPERCALL, hypercall_msr.as_uint64); } =20 +skip_hypercall_pg_init: /* * hyperv_init() is called before LAPIC is initialized: see * apic_intr_mode_init() -> x86_platform.apic_post_init() and @@ -642,6 +647,9 @@ bool hv_is_hyperv_initialized(void) if (x86_hyper_type !=3D X86_HYPER_MS_HYPERV) return false; =20 + /* A TDX guest uses the GHCI call rather than hv_hypercall_pg. */ + if (hv_isolation_type_tdx()) + return true; /* * Verify that earlier initialization succeeded by checking * that the hypercall page is setup diff --git a/arch/x86/hyperv/ivm.c b/arch/x86/hyperv/ivm.c index afdae1a8a117..6c7598d9e68a 100644 --- a/arch/x86/hyperv/ivm.c +++ b/arch/x86/hyperv/ivm.c @@ -571,3 +571,20 @@ bool hv_isolation_type_tdx(void) { return static_branch_unlikely(&isolation_type_tdx); } + +#ifdef CONFIG_INTEL_TDX_GUEST + +u64 hv_tdx_hypercall(u64 control, u64 param1, u64 param2) +{ + struct tdx_hypercall_args args =3D { }; + + args.r10 =3D control; + args.rdx =3D param1; + args.r8 =3D param2; + + (void)__tdx_hypercall_ret(&args); + + return args.r11; +} + +#endif diff --git a/arch/x86/include/asm/mshyperv.h b/arch/x86/include/asm/mshyper= v.h index 3feb4e36851e..6a9e00c4730b 100644 --- a/arch/x86/include/asm/mshyperv.h +++ b/arch/x86/include/asm/mshyperv.h @@ -51,6 +51,7 @@ extern union hv_ghcb * __percpu *hv_ghcb_pg; =20 extern bool hv_isolation_type_en_snp(void); bool hv_isolation_type_tdx(void); +u64 hv_tdx_hypercall(u64 control, u64 param1, u64 param2); =20 /* * DEFAULT INIT GPAT and SEGMENT LIMIT value in struct VMSA @@ -63,6 +64,10 @@ int hv_call_deposit_pages(int node, u64 partition_id, u3= 2 num_pages); int hv_call_add_logical_proc(int node, u32 lp_index, u32 acpi_id); int hv_call_create_vp(int node, u64 partition_id, u32 vp_index, u32 flags); =20 +/* + * If the hypercall involves no input or output parameters, the hypervisor + * ignores the corresponding GPA pointer. + */ static inline u64 hv_do_hypercall(u64 control, void *input, void *output) { u64 input_address =3D input ? virt_to_phys(input) : 0; @@ -70,6 +75,9 @@ static inline u64 hv_do_hypercall(u64 control, void *inpu= t, void *output) u64 hv_status; =20 #ifdef CONFIG_X86_64 + if (hv_isolation_type_tdx()) + return hv_tdx_hypercall(control, input_address, output_address); + if (hv_isolation_type_en_snp()) { __asm__ __volatile__("mov %4, %%r8\n" "vmmcall" @@ -123,6 +131,9 @@ static inline u64 _hv_do_fast_hypercall8(u64 control, u= 64 input1) u64 hv_status; =20 #ifdef CONFIG_X86_64 + if (hv_isolation_type_tdx()) + return hv_tdx_hypercall(control, input1, 0); + if (hv_isolation_type_en_snp()) { __asm__ __volatile__( "vmmcall" @@ -174,6 +185,9 @@ static inline u64 _hv_do_fast_hypercall16(u64 control, = u64 input1, u64 input2) u64 hv_status; =20 #ifdef CONFIG_X86_64 + if (hv_isolation_type_tdx()) + return hv_tdx_hypercall(control, input1, input2); + if (hv_isolation_type_en_snp()) { __asm__ __volatile__("mov %4, %%r8\n" "vmmcall" diff --git a/drivers/hv/hv_common.c b/drivers/hv/hv_common.c index da3307533f4d..897bbb96f411 100644 --- a/drivers/hv/hv_common.c +++ b/drivers/hv/hv_common.c @@ -381,10 +381,10 @@ int hv_common_cpu_init(unsigned int cpu) *outputarg =3D (char *)(*inputarg) + HV_HYP_PAGE_SIZE; } =20 - if (hv_isolation_type_en_snp()) { + if (hv_isolation_type_en_snp() || hv_isolation_type_tdx()) { ret =3D set_memory_decrypted((unsigned long)*inputarg, pgcount); if (ret) { - kfree(*inputarg); + /* It may be unsafe to free *inputarg */ *inputarg =3D NULL; return ret; } @@ -567,3 +567,9 @@ u64 __weak hv_ghcb_hypercall(u64 control, void *input, = void *output, u32 input_s return HV_STATUS_INVALID_PARAMETER; } EXPORT_SYMBOL_GPL(hv_ghcb_hypercall); + +u64 __weak hv_tdx_hypercall(u64 control, u64 param1, u64 param2) +{ + return HV_STATUS_INVALID_PARAMETER; +} +EXPORT_SYMBOL_GPL(hv_tdx_hypercall); diff --git a/include/asm-generic/mshyperv.h b/include/asm-generic/mshyperv.h index 82eba2d5fc4c..f577eff58ea0 100644 --- a/include/asm-generic/mshyperv.h +++ b/include/asm-generic/mshyperv.h @@ -283,6 +283,7 @@ enum hv_isolation_type hv_get_isolation_type(void); bool hv_is_isolation_supported(void); bool hv_isolation_type_snp(void); u64 hv_ghcb_hypercall(u64 control, void *input, void *output, u32 input_si= ze); +u64 hv_tdx_hypercall(u64 control, u64 param1, u64 param2); void hyperv_cleanup(void); bool hv_query_ext_cap(u64 cap_query); void hv_setup_dma_ops(struct device *dev, bool coherent); --=20 2.25.1 From nobody Thu Dec 18 06:32:21 2025 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 2ADB7EE49AB for ; Thu, 24 Aug 2023 08:11:01 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S236833AbjHXIKh (ORCPT ); Thu, 24 Aug 2023 04:10:37 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:50356 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S240506AbjHXIKM (ORCPT ); Thu, 24 Aug 2023 04:10:12 -0400 Received: from DM5PR00CU002.outbound.protection.outlook.com (mail-cusazlp170110003.outbound.protection.outlook.com [IPv6:2a01:111:f403:c111::3]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 86F411996; Thu, 24 Aug 2023 01:09:44 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=UHNJr2VTULa5RAoieo+EsHMB7S1v82xhpOMi7bSK1jot50SL7ZJmyT+g1qcxhN3vDikcAFc/sCu5BJyGquBhtw5SPBpstJ4WR+IRg+7TIEi4Wdti/B4bqatdt2ND+sBLPu1MUAMjkTf2jgQtL92oCMI9cJT8qlT9T5ebzP+uv7pyqu8XHWadNDiiz4k/7wdWJ0hbxiRcwnurAS+Nn1SAkjab98JUu8a36fpK6DxBTsC/8D07JLXo5fX1+48LGmlE1xG/B3IlhyGLay6UOS4a3P6fF1vtsr86jgyK0wcZ0h5XHPCMisvyiDpk3Mpt+IzV6Tt1B/ZMnp3bvhhsZNr0Fw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=sOR0U/hkfJWQyo6zXruH5ZA7YPT3OD8Z9w0mxOjzn1U=; b=GLHS9bBstDjU49yBlDaTccmCbaaXZ4w5ijOzAKdq5UfMCZ7qY8tdGekkiuxIXDUB3TbQYC8sUFx+bBI7Bu30orQioOocHN09/X9Ld8YTJ+pbzn9nHY1Jb/IkrJJaSlsoBvYp/+qybJJpzMPaZpB5S7F4n9RCoIbBICGYFYwuXJBAvEW5GMIC4VRnkcyfFH2a+Ax5dZYpQRJSA4VKfh3VOjOhtBj9K4PWOZAlKsD1VZKb2gkzUVPymFN+mQI3gT17IysMDSVDs1dn1OCw9UPP8BzJMYW7dgrevNbLunihxzzWtFRZxHVNgcLw5Qosh0i9ksUUeNlFTXm7WOu88O4h1A== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=microsoft.com; dmarc=pass action=none header.from=microsoft.com; dkim=pass header.d=microsoft.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=sOR0U/hkfJWQyo6zXruH5ZA7YPT3OD8Z9w0mxOjzn1U=; b=JpmKx1dNHVoPcvDwUx8YGnXd54l4/a3Mfx+i159VmXqLOe5PpXwCZsC5PbHiF48AZxeUP4AU+7GesUso0sMJbCxD9W6D7mTmCt5Qj97IxVuBlgOpbJm4cVVRPegkruJulPDks1a/EUVp2T4nTDSvJXZb0ZxEz0IB5BV6KsqHVB0= Authentication-Results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=microsoft.com; Received: from BL0PR2101MB1092.namprd21.prod.outlook.com (2603:10b6:207:30::23) by PH8PR21MB3901.namprd21.prod.outlook.com (2603:10b6:510:23a::20) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6745.4; Thu, 24 Aug 2023 08:08:00 +0000 Received: from BL0PR2101MB1092.namprd21.prod.outlook.com ([fe80::b3df:a8e9:52dd:dfad]) by BL0PR2101MB1092.namprd21.prod.outlook.com ([fe80::b3df:a8e9:52dd:dfad%5]) with mapi id 15.20.6745.006; Thu, 24 Aug 2023 08:08:00 +0000 From: Dexuan Cui To: ak@linux.intel.com, arnd@arndb.de, bp@alien8.de, brijesh.singh@amd.com, dan.j.williams@intel.com, dave.hansen@intel.com, dave.hansen@linux.intel.com, haiyangz@microsoft.com, hpa@zytor.com, jane.chu@oracle.com, kirill.shutemov@linux.intel.com, kys@microsoft.com, linux-hyperv@vger.kernel.org, luto@kernel.org, mingo@redhat.com, peterz@infradead.org, rostedt@goodmis.org, sathyanarayanan.kuppuswamy@linux.intel.com, seanjc@google.com, tglx@linutronix.de, tony.luck@intel.com, wei.liu@kernel.org, Jason@zx2c4.com, nik.borisov@suse.com, mikelley@microsoft.com Cc: x86@kernel.org, linux-kernel@vger.kernel.org, linux-arch@vger.kernel.org, Tianyu.Lan@microsoft.com, rick.p.edgecombe@intel.com, andavis@redhat.com, mheslin@redhat.com, vkuznets@redhat.com, xiaoyao.li@intel.com, Dexuan Cui Subject: [PATCH v3 03/10] Drivers: hv: vmbus: Support fully enlightened TDX guests Date: Thu, 24 Aug 2023 01:07:05 -0700 Message-Id: <20230824080712.30327-4-decui@microsoft.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20230824080712.30327-1-decui@microsoft.com> References: <20230824080712.30327-1-decui@microsoft.com> X-ClientProxiedBy: CY5PR15CA0175.namprd15.prod.outlook.com (2603:10b6:930:81::20) To BL0PR2101MB1092.namprd21.prod.outlook.com (2603:10b6:207:30::23) MIME-Version: 1.0 X-MS-Exchange-MessageSentRepresentingType: 1 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: BL0PR2101MB1092:EE_|PH8PR21MB3901:EE_ X-MS-Office365-Filtering-Correlation-Id: c258cfe1-ef4c-4295-d70d-08dba4793b75 X-LD-Processed: 72f988bf-86f1-41af-91ab-2d7cd011db47,ExtAddr X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: vBOAFbLNQUly4idqJpSoThFx8ivPol/49COQD4nqTeKkj6h+g3vWUwD7dr7ZckV8y5NG17SDZVkS2s5FWMraGKojRMSQAPN3gCiHnxIlW0I6/Bz7z0VRhjuZY9v7VQPJ84rujTZdJBcp4kOUo9YcrxRyBESiItgS5e6M98GSIj1699mLrfTOBZyUz8fH6HouKmQG5uzZTEdnre10FV4KVEGB90osFh/xLFqkVg8gPRyP28Pgqif8cZQgHavivRO38GQ+NNpOGfhecb94aFpwVUf9/w6Gzu1miJwzxJGl7M0louoDKa1n8W0PMLPyE8Q71FVqlo0MZmL6HT7x6JB0gDpnaNWsi7dcC7kzGdrpvw+bnyqcptsOeQotTWUqbpeCC3qWYCKLLe5CDG7kBk2QPg2IJ4p1rw/6JJXQfK8ms/Ygx8DQ9nu8BG52dNHhPK8oHtQ2pJlqomuwOCeOVcCUn84fvNHQv1GG0vU6uY1KZUJVvV2zwT/V9lqVMxNQd2NQyonue3sunwxlse3X/TDSvK0WnzobSSIGyozHB8RAwLHEZuf4zuBKLYvIJ4nzl5GoNcHiFe6YVTGavABhXIQtjm+KbSUIsEkRXtxv6L9u2qsMbAsMBodfiF81KVvgA980nCZ0eSalsCNjSWl4WVYGBAUQF1DnNxAU8tACZNECpTuYrSzG54NI1sc+pZtVktSR X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:BL0PR2101MB1092.namprd21.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230031)(396003)(376002)(366004)(346002)(39860400002)(136003)(451199024)(1800799009)(186009)(12101799020)(478600001)(6486002)(10290500003)(83380400001)(38100700002)(7406005)(82950400001)(921005)(2906002)(52116002)(7416002)(4326008)(1076003)(6506007)(2616005)(107886003)(6512007)(66556008)(36756003)(66476007)(86362001)(82960400001)(5660300002)(316002)(8676002)(8936002)(6636002)(66946007)(41300700001);DIR:OUT;SFP:1102; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: =?us-ascii?Q?dghLLZb7tKANvVdO1GZs2B2j0N9vG1Zp2mnkWmCxxolG1yz5nqT42CHmg8et?= =?us-ascii?Q?wqPwub+rHEwZJXZU8cmRI2WvpKmCi+oNpDdwUTX/Zc3vaBmd4iKCvF2fwnT1?= =?us-ascii?Q?/5zTOpnKkq/ejPZNw6YpmW4pHbk4e3G1gfZ0xi0hAsZvafAzYIxhCfb4HXp2?= =?us-ascii?Q?1nKBEJ33IKtVlCX/4rZTnCGO0NEAYyvKGSdOlFyYAhiL7uHCrXLqg6XLnGW9?= =?us-ascii?Q?x2QUvW+eRBCeRkJt7v/wyxxWB4zYdmOH5MqLmYvUUlCcEhDZ2oxsf0iMhchC?= =?us-ascii?Q?A5k8pfn4L8GBUaBNfPgJvl5foiaB2BGWp8IOz7XOtKhnaykANqqNetv2P389?= =?us-ascii?Q?pWrmGt6l7lUZh6RQWVZUsyf+Am6ziYTNlalrRRflsLsB95RDJ9lzB508QX/w?= =?us-ascii?Q?nnQtp6W0sNExQ2KxXwtnghhflJDtM1UvKfRgkRc0xya8GD/1WJFUAyQuyEGt?= =?us-ascii?Q?qdRk1qsFfIf74nfsvoGTzk28o4EgFcShTN7YGWSEq6F69cNJ2+zDYElkWmhy?= =?us-ascii?Q?rPaFTha919VOGDXIrWAeigjIgXz0Jg8Aqt9USwy1G4JwkC3YZtqgTS9srTmI?= =?us-ascii?Q?J1gao3SE0ReHtoBGXsrwuSZeEpWXNr9PWkyPjJZ3hICES7r64VEfy+plQM/A?= =?us-ascii?Q?X5a/Z8onk+l8mNEYzJjzIlaVaBgUlCOTwT3mX2O8meMEzzywGrP2CszYuvTX?= =?us-ascii?Q?5hzmuiSnrUsm+HNLQHJxQ96QLr/IYF2BrFc0XfOaKNeTwhKLByRiGpLh7ohP?= =?us-ascii?Q?MgAUIg1Edaz3nFZnOo00KlY6vM7KyUL+Sot6qUwufkMD3Mfqe0ppcqsYTN/S?= =?us-ascii?Q?9CifmjntEZHBzzwNSyhIOZaV6+IukLfkfuZgI7N8q2FFwEyXR9gdIuvfC9Jo?= =?us-ascii?Q?ApJXBxm+tPAnyKa7yo5TX7uESRBOWK5WJh0xAmFeXNI5HB8tAdUH2ZFHdXdD?= =?us-ascii?Q?cAhblBAbcuTc9hM26/uKwqANwynx2d59kB927nOPEYVkqhSWEZrALkDPVBec?= =?us-ascii?Q?+3ut4JAcexFO2MfWpyzGuwXv+87sQHMhUESX70AvAb+3LE0At1xaBARRKtYA?= =?us-ascii?Q?CUG+uE5YrxkP9mdLPXF6EealZlogFSJzKPjy1hYwP/zeTmaPAUkN23VpNs79?= =?us-ascii?Q?TP/rwykYuQyBeil2S/k8VdG0DzUlIsSQaTSq7jufCrxQFcXcbKRoBeVDZ6wS?= =?us-ascii?Q?WzsL3lxDrhSkG/9dlAp+Zn86PwWh6QiZkNQ2otXaNhmbIUvKKawok+1EMMnL?= =?us-ascii?Q?ph7OltKxnT7ZhybZiN+QAtjGGB1TNA6sv8KpaWbivmJuo4rhvO64zmGstwDN?= =?us-ascii?Q?yl9RwGnVWU1061NJdrXZ09fo2oGvtsVuJSJkEC6gbjRE4mbS6dyJqDQwHs9a?= =?us-ascii?Q?svCHCaDnNfT4BnH1no/XT4lsm4UA18D/y8meOV+O1F6c3YScm6tJdJQG4p3y?= =?us-ascii?Q?QE7rE96IOQowT+xnaSndgKs1NV4sHCCjjIbdJXndSebvcOGZtxo2e00qJN0D?= =?us-ascii?Q?hE8dTVlBz7bDuNJUrrmJfUwdoXUdAmhnkxZhGPayMbuuU+MUvvQ+/fgNtIwr?= =?us-ascii?Q?iaLT7TmETZaLsKesD96ngLS2iQlxWOJYky2cmYLi/sK3fnJm2+yqvFKe+42J?= =?us-ascii?Q?0RFbobcwgK9Zg7jUd46w3HuUsEmTlKzZHP1UOhGPOI8z?= X-OriginatorOrg: microsoft.com X-MS-Exchange-CrossTenant-Network-Message-Id: c258cfe1-ef4c-4295-d70d-08dba4793b75 X-MS-Exchange-CrossTenant-AuthSource: BL0PR2101MB1092.namprd21.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 24 Aug 2023 08:08:00.1266 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 72f988bf-86f1-41af-91ab-2d7cd011db47 X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: iJTLKFvtq8H8E9mh1ul2fEJSdSCB9h9TK4cl3tPajKMbCDh7vfA4zHmgvy2aPj4uOxg3QhAP8wIdIh2Si9uGEw== X-MS-Exchange-Transport-CrossTenantHeadersStamped: PH8PR21MB3901 Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Add Hyper-V specific code so that a fully enlightened TDX guest (i.e. without the paravisor) can run on Hyper-V: Don't use hv_vp_assist_page. Use GHCI instead. Don't try to use the unsupported HV_REGISTER_CRASH_CTL. Don't trust (use) Hyper-V's TLB-flushing hypercalls. Don't use lazy EOI. Share the SynIC Event/Message pages with the hypervisor. Don't use the Hyper-V TSC page for now, because non-trivial work is required to share the page with the hypervisor. Reviewed-by: Michael Kelley Signed-off-by: Dexuan Cui Reviewed-by in the v6 patchset [2]. --- Changes in v2: None Changes in v3: ms_hyperv_init_platform(): Removed cc_mkdec(0). hv_synic_alloc(), hv_synic_enable_regs(): Removed "|=3D ms_hyperv.shared_gpa_boundary": No longer needed on GA Hy= per-V. arch/x86/hyperv/hv_apic.c | 15 ++++++++++++--- arch/x86/hyperv/hv_init.c | 19 +++++++++++++++---- arch/x86/kernel/cpu/mshyperv.c | 14 ++++++++++++++ drivers/hv/hv.c | 9 +++++++-- 4 files changed, 48 insertions(+), 9 deletions(-) diff --git a/arch/x86/hyperv/hv_apic.c b/arch/x86/hyperv/hv_apic.c index 1fbda2f94184..cb7429046d18 100644 --- a/arch/x86/hyperv/hv_apic.c +++ b/arch/x86/hyperv/hv_apic.c @@ -177,8 +177,11 @@ static bool __send_ipi_mask(const struct cpumask *mask= , int vector, (exclude_self && weight =3D=3D 1 && cpumask_test_cpu(this_cpu, mask))) return true; =20 - if (!hv_hypercall_pg) - return false; + /* A fully enlightened TDX VM uses GHCI rather than hv_hypercall_pg. */ + if (!hv_hypercall_pg) { + if (ms_hyperv.paravisor_present || !hv_isolation_type_tdx()) + return false; + } =20 if ((vector < HV_IPI_LOW_VECTOR) || (vector > HV_IPI_HIGH_VECTOR)) return false; @@ -231,9 +234,15 @@ static bool __send_ipi_one(int cpu, int vector) =20 trace_hyperv_send_ipi_one(cpu, vector); =20 - if (!hv_hypercall_pg || (vp =3D=3D VP_INVAL)) + if (vp =3D=3D VP_INVAL) return false; =20 + /* A fully enlightened TDX VM uses GHCI rather than hv_hypercall_pg. */ + if (!hv_hypercall_pg) { + if (ms_hyperv.paravisor_present || !hv_isolation_type_tdx()) + return false; + } + if ((vector < HV_IPI_LOW_VECTOR) || (vector > HV_IPI_HIGH_VECTOR)) return false; =20 diff --git a/arch/x86/hyperv/hv_init.c b/arch/x86/hyperv/hv_init.c index 255e02ec467e..c1c1b4e1502f 100644 --- a/arch/x86/hyperv/hv_init.c +++ b/arch/x86/hyperv/hv_init.c @@ -80,7 +80,7 @@ static int hyperv_init_ghcb(void) static int hv_cpu_init(unsigned int cpu) { union hv_vp_assist_msr_contents msr =3D { 0 }; - struct hv_vp_assist_page **hvp =3D &hv_vp_assist_page[cpu]; + struct hv_vp_assist_page **hvp; int ret; =20 ret =3D hv_common_cpu_init(cpu); @@ -90,6 +90,7 @@ static int hv_cpu_init(unsigned int cpu) if (!hv_vp_assist_page) return 0; =20 + hvp =3D &hv_vp_assist_page[cpu]; if (hv_root_partition) { /* * For root partition we get the hypervisor provided VP assist @@ -442,11 +443,21 @@ void __init hyperv_init(void) if (hv_common_init()) return; =20 - hv_vp_assist_page =3D kcalloc(num_possible_cpus(), - sizeof(*hv_vp_assist_page), GFP_KERNEL); + /* + * The VP assist page is useless to a TDX guest: the only use we + * would have for it is lazy EOI, which can not be used with TDX. + */ + if (hv_isolation_type_tdx()) + hv_vp_assist_page =3D NULL; + else + hv_vp_assist_page =3D kcalloc(num_possible_cpus(), + sizeof(*hv_vp_assist_page), + GFP_KERNEL); if (!hv_vp_assist_page) { ms_hyperv.hints &=3D ~HV_X64_ENLIGHTENED_VMCS_RECOMMENDED; - goto common_free; + + if (!hv_isolation_type_tdx()) + goto common_free; } =20 if (hv_isolation_type_snp()) { diff --git a/arch/x86/kernel/cpu/mshyperv.c b/arch/x86/kernel/cpu/mshyperv.c index 63093870ec33..ff3d9c5de19c 100644 --- a/arch/x86/kernel/cpu/mshyperv.c +++ b/arch/x86/kernel/cpu/mshyperv.c @@ -420,6 +420,20 @@ static void __init ms_hyperv_init_platform(void) static_branch_enable(&isolation_type_en_snp); } else if (hv_get_isolation_type() =3D=3D HV_ISOLATION_TYPE_TDX) { static_branch_enable(&isolation_type_tdx); + + /* A TDX VM must use x2APIC and doesn't use lazy EOI. */ + ms_hyperv.hints &=3D ~HV_X64_APIC_ACCESS_RECOMMENDED; + + if (!ms_hyperv.paravisor_present) { + /* To be supported: more work is required. */ + ms_hyperv.features &=3D ~HV_MSR_REFERENCE_TSC_AVAILABLE; + + /* HV_REGISTER_CRASH_CTL is unsupported. */ + ms_hyperv.misc_features &=3D ~HV_FEATURE_GUEST_CRASH_MSR_AVAILABLE; + + /* Don't trust Hyper-V's TLB-flushing hypercalls. */ + ms_hyperv.hints &=3D ~HV_X64_REMOTE_TLB_FLUSH_RECOMMENDED; + } } } =20 diff --git a/drivers/hv/hv.c b/drivers/hv/hv.c index ec6e35a0d9bf..d1064118a72f 100644 --- a/drivers/hv/hv.c +++ b/drivers/hv/hv.c @@ -121,11 +121,15 @@ int hv_synic_alloc(void) (void *)get_zeroed_page(GFP_ATOMIC); if (hv_cpu->synic_event_page =3D=3D NULL) { pr_err("Unable to allocate SYNIC event page\n"); + + free_page((unsigned long)hv_cpu->synic_message_page); + hv_cpu->synic_message_page =3D NULL; goto err; } } =20 - if (hv_isolation_type_en_snp()) { + if (!ms_hyperv.paravisor_present && + (hv_isolation_type_en_snp() || hv_isolation_type_tdx())) { ret =3D set_memory_decrypted((unsigned long) hv_cpu->synic_message_page, 1); if (ret) { @@ -174,7 +178,8 @@ void hv_synic_free(void) =3D per_cpu_ptr(hv_context.cpu_context, cpu); =20 /* It's better to leak the page if the encryption fails. */ - if (hv_isolation_type_en_snp()) { + if (!ms_hyperv.paravisor_present && + (hv_isolation_type_en_snp() || hv_isolation_type_tdx())) { if (hv_cpu->synic_message_page) { ret =3D set_memory_encrypted((unsigned long) hv_cpu->synic_message_page, 1); --=20 2.25.1 From nobody Thu Dec 18 06:32:21 2025 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id CF4CDEE49AD for ; Thu, 24 Aug 2023 08:11:33 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S238968AbjHXILK (ORCPT ); Thu, 24 Aug 2023 04:11:10 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:53626 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S235658AbjHXIKa (ORCPT ); Thu, 24 Aug 2023 04:10:30 -0400 Received: from DM5PR00CU002.outbound.protection.outlook.com (mail-cusazlp170110003.outbound.protection.outlook.com [IPv6:2a01:111:f403:c111::3]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id B8AE51727; Thu, 24 Aug 2023 01:09:59 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=VCNX+ommUUGX5WwV0CaB0wK5L7Rr29/1wTCdnIjIEjxkir25hwI6ZvF/5aMW/ggQiSuuwZwcRLV4uZ9VSKgFV3CtUWoNom21n+W6ut0tEBDwEt4VujjzCeBJoBxM7FDwOtxmapCte3tNL0qofISKXwv3RcZPyVwhuiyDMGyOlEYhfhh1pvPYaAVc5KB5vQX/BPHYP8OjQ0Zajz2bBUJ22I+KE69ivnBYtc6mAwVMuQAOAZRKFf9g1V6H/CMrGedUubj947mVUhlkfI2YK5TW/xIH+8S3/WVuFrgni//l6dWM3CfMjHZ9xHMDju+j3hPWRS7pVw4tQ4Y7ai2PaDv1Qg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=o7a2HVOOmebTGDDQKx6O8R/NiZ/wXH72SpwoOHafJtQ=; b=GWBht9oMOurJsSnbCMRSIR0PlEcPuoDSbh6OT7pHDcnLvyIXsNuaU4lYW9splZPRCoQneciXKUIMgGUBR5nDooksn5vnEDKUgXWih5SPt8mHj5AWVyvUGeUKLmXiD9S7XXy/1BTGjLRJ5laHU1oiK3vUyZWsy8qucK6p6QcVXoaD77yGlyirMGUFPDMz/zy15RlUomGMtYImF3+iE9L9aBwW1KqMTTnzJkAujhY1RLsWUSXC4CxSkYug0F9jQpVZlnGK4jQABDYNIdWQqz7q+bn5Dk4y4qabPDZh4yz/utcYFvAby5q/TQr/E/8i6Jo6le4Ghn3XQOOSW+r2a75a2w== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=microsoft.com; dmarc=pass action=none header.from=microsoft.com; dkim=pass header.d=microsoft.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=o7a2HVOOmebTGDDQKx6O8R/NiZ/wXH72SpwoOHafJtQ=; b=JXVDT5aET0FKXMpYPjYYB3tA/RkDjSjjvV/yACV+TTely1ZYqToOJnA1BtycXp+D8I60NjB0YZzxqPh8cWU+43n5noZIBIppqSmDcaAiqr8OJLlKUXU/aALRn/e1lBAV5n7PUCnQXPFm5t8NuHnssV5CWOg86HtWB2Bkp2rwWQY= Authentication-Results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=microsoft.com; Received: from BL0PR2101MB1092.namprd21.prod.outlook.com (2603:10b6:207:30::23) by PH8PR21MB3901.namprd21.prod.outlook.com (2603:10b6:510:23a::20) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6745.4; Thu, 24 Aug 2023 08:08:03 +0000 Received: from BL0PR2101MB1092.namprd21.prod.outlook.com ([fe80::b3df:a8e9:52dd:dfad]) by BL0PR2101MB1092.namprd21.prod.outlook.com ([fe80::b3df:a8e9:52dd:dfad%5]) with mapi id 15.20.6745.006; Thu, 24 Aug 2023 08:08:03 +0000 From: Dexuan Cui To: ak@linux.intel.com, arnd@arndb.de, bp@alien8.de, brijesh.singh@amd.com, dan.j.williams@intel.com, dave.hansen@intel.com, dave.hansen@linux.intel.com, haiyangz@microsoft.com, hpa@zytor.com, jane.chu@oracle.com, kirill.shutemov@linux.intel.com, kys@microsoft.com, linux-hyperv@vger.kernel.org, luto@kernel.org, mingo@redhat.com, peterz@infradead.org, rostedt@goodmis.org, sathyanarayanan.kuppuswamy@linux.intel.com, seanjc@google.com, tglx@linutronix.de, tony.luck@intel.com, wei.liu@kernel.org, Jason@zx2c4.com, nik.borisov@suse.com, mikelley@microsoft.com Cc: x86@kernel.org, linux-kernel@vger.kernel.org, linux-arch@vger.kernel.org, Tianyu.Lan@microsoft.com, rick.p.edgecombe@intel.com, andavis@redhat.com, mheslin@redhat.com, vkuznets@redhat.com, xiaoyao.li@intel.com, Dexuan Cui Subject: [PATCH v3 04/10] x86/hyperv: Fix serial console interrupts for fully enlightened TDX guests Date: Thu, 24 Aug 2023 01:07:06 -0700 Message-Id: <20230824080712.30327-5-decui@microsoft.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20230824080712.30327-1-decui@microsoft.com> References: <20230824080712.30327-1-decui@microsoft.com> X-ClientProxiedBy: CY5PR15CA0175.namprd15.prod.outlook.com (2603:10b6:930:81::20) To BL0PR2101MB1092.namprd21.prod.outlook.com (2603:10b6:207:30::23) MIME-Version: 1.0 X-MS-Exchange-MessageSentRepresentingType: 1 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: BL0PR2101MB1092:EE_|PH8PR21MB3901:EE_ X-MS-Office365-Filtering-Correlation-Id: 102884b6-2aa4-4319-0a49-08dba4793d17 X-LD-Processed: 72f988bf-86f1-41af-91ab-2d7cd011db47,ExtAddr X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: Gi07ykZblRW+rj78rdS5d/h+X93nGPNuDqgtksUjUDGw97S6lF0c49FcLbNril6MPM/WpqbohAXOEvIT0FvIfHwVAsOwf/PUA6Rw7kQuuDseQVQILxz+2IDXqupryLWuw8EVeO9UC3f3yGK1jXcHdVjNhSfaF6IK0tGOpXjOXfGjweziiGMoKqS8UEeIy+OlVrjp8tovT/1KdIr2KeY8IyhfqMX2sFl7zgNt27mK6QJWRekrk+EpsjnzMoZP+D/ONzVtO9lksa5MXxvvqq9HktJyOIc2f4FNEfFt1DReMW3VfcRQ8q/cl7CeCtMmDNxTchNIGG7q5TkWGkfU0Sd15qyvuSZAW/92k6FvnaBZDWbay0tVGgfmuRGWVaZE+TDGSao+ZpAwFmBf6yr11Sg0LqvpwyTB6J/29BJxILnRWQQNGr8v79UjOcgHUoZOUcvvuxeEcPTVwtTcMq2qcTbLYkDqEo6tIoUSb9djNRqOSK0k7bz2G69gYrsFm+rSi3LNEPMUkSm1PU3y64LCFGevfc7sQcALVzl5Ib6oiH1fXQWj+2cHwZPnqM0TKbRA+xxf+y2dtihWls/Q+PeSrLWcX8Bs5e0Fyx5D9vfje/yAsLnkNPTrtc2L6KZSkWFhZKlnj1ZdEj5qkToftXasZ8eEnsub6litYYYR3hmoq0XTSyDWVO4TPazy9qqj7tbCELre X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:BL0PR2101MB1092.namprd21.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230031)(396003)(376002)(366004)(346002)(39860400002)(136003)(451199024)(1800799009)(186009)(12101799020)(478600001)(6486002)(10290500003)(83380400001)(38100700002)(7406005)(82950400001)(921005)(2906002)(52116002)(7416002)(4326008)(1076003)(6506007)(2616005)(107886003)(6512007)(66556008)(36756003)(66476007)(86362001)(82960400001)(5660300002)(316002)(8676002)(8936002)(6636002)(66946007)(41300700001);DIR:OUT;SFP:1102; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: =?us-ascii?Q?zRNlRwYk7T/+vA3jP/wG2HIO5UkCQwcbN0wpohs24WR0rZLQnt30CASW9qjU?= =?us-ascii?Q?vQxwl1p/bpO56Q7n0caRSLbKt7IMLyc2CyQf1tlIiPPk8tNEKIYKV4t9iUyK?= =?us-ascii?Q?VfiAp77ozsTfSRguZX+vYbVQZ4P2tn1nyS2Vdn9Zt3xc+7KEivHBHUtbbmCy?= =?us-ascii?Q?vojgzAAsqnttFivlwD6YBCVVsJvaVne7Ujh/uhPLsm0F2fMfpYCoqLw4ccXa?= =?us-ascii?Q?LxCboc3umDekzmqKS/STU5OMKAntdlfazVVaovFMiqc2I35vyyItQ6xcCnSJ?= =?us-ascii?Q?okAzsb4k1eKPEM3zWpcNlL/Crext7kvwCzWEKftY+Q3DQLDxTjcT3mHNa5A2?= =?us-ascii?Q?SXcM+b6pNfzNp2ncmk95sLlcJk4zln3VdY3iGLBxXdraNQ/oCWMgrYIn9hYH?= =?us-ascii?Q?U42E/NbDbtAhBxxxmFWGkYmg9+aWSUzyH+9Cbnxbo/Tf4sPgUsdPoynPk5JJ?= =?us-ascii?Q?I0cOILIw0CCDC/U9KRLSphO5lk2uQRCPM39Z4vXJQIEQR7oDHAv1VxfPn2C4?= =?us-ascii?Q?ZQfTiZA/FRLwuzEN6kt0gt46/E3+TE/AK1u+Fe/8KngH/b7r8sLk08j6wp1q?= =?us-ascii?Q?m3BEfD4obVbAxm8ZZ164y39RdBmZt/tgBSDrXEfOu/MXqXRHKeJXWjWb/S5r?= =?us-ascii?Q?UYz+6hmDaMazX7FYYGiMOpeB47lUIDnsCB18ON554T4FnAPue+d+YA3Qb8XP?= =?us-ascii?Q?7kA9BLHlHKwQMK18E5kUDA9VTmIqqSCBUE3RP+uFC1GXfiHireGfsr3KMpAe?= =?us-ascii?Q?nNxcla8X9TBc/ovq6iATYBcHLOhyJDifWGET6v/JKv/RpJomfLPd1RgPMLcs?= =?us-ascii?Q?EotJ49lRcF1tDu09SRwRPYwqv4A7aCvGndK18hA8CZ1jwZbHpz1DaQtOzV7b?= =?us-ascii?Q?Bbsuti81zzHgJPTTRxPcVTLZK0k4P3dqoUUqXpGjxTQgOIDYsIk3Oa9vC9GW?= =?us-ascii?Q?izwM7XQDLWKybgxjcOhVOgcxxBGKzYB0yc7Uc5emaNjwUKidhHPvD5LTgZv+?= =?us-ascii?Q?bWDYJNngvrIPSMqGBYKBTjPXLZrpOw932I1qPIgnurJFIXh7q45heeAg3qVs?= =?us-ascii?Q?ZN2ZNocJcpmp9KtxA6Rouht7hLZaoCsbOPfIXMbblk56ZLvGgyxFpzWkg0qU?= =?us-ascii?Q?iJSS/H+B683ONuJC5bB3/rC6Byg4SD2uE+OmqDZSClINjkODhDnKD47OZuCg?= =?us-ascii?Q?GwTQ0Jc+SY795AoUUsRxJ+zsyLkP2iIK4tP3Wa7TpfLcm65DTJyHyhQA2sFF?= =?us-ascii?Q?pzeHVGG3TUPLJQ4bAwRVU2+Rz8QrBWnFKTB1QPOANuGLu3OzqFPehKaZ/VYK?= =?us-ascii?Q?5p5ZGU8D2REK34s+s+zrAKrLs+r0eTQ676qiHvM0H27Vb6lGNS+FdPCwhQ/H?= =?us-ascii?Q?KMychYB+5+DU318/GOJG9pfnqR3sjvo7aqD0cJTKnAjIKpDgksF9JJtXrVKp?= =?us-ascii?Q?94tl+1pWR1PrZkR/rfz/aB06NZGTeEfkZlG6fQX+efWUl3J6x1NmIAelUi6P?= =?us-ascii?Q?jJqh1UqyQuC1R7tZtZoV71VTkOHSjdN5+tSD0VQOZTeXJwvhrhvc4YSbb2J5?= =?us-ascii?Q?AJpSUjYjlisnMyiHjs+SIWqZ3u1J/HsuO3qH/pcac4dtmAr3V3DOnM0PrApF?= =?us-ascii?Q?DoiHZHdfoWiPHC3Ucbq5TucssXIMe48D6ROm/Ctf33O2?= X-OriginatorOrg: microsoft.com X-MS-Exchange-CrossTenant-Network-Message-Id: 102884b6-2aa4-4319-0a49-08dba4793d17 X-MS-Exchange-CrossTenant-AuthSource: BL0PR2101MB1092.namprd21.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 24 Aug 2023 08:08:02.8525 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 72f988bf-86f1-41af-91ab-2d7cd011db47 X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: LmVMwdMuljfuPYbi/uQqMpPRQFc8AAeIcnurkEQQQ31G7nF1lEhi+EH72sMlshKGS8nweTNvaLjXU+O3EJDk/Q== X-MS-Exchange-Transport-CrossTenantHeadersStamped: PH8PR21MB3901 Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" When a fully enlightened TDX guest runs on Hyper-V, the UEFI firmware sets the HW_REDUCED flag and consequently ttyS0 interrupts can't work. Fix the issue by overriding x86_init.acpi.reduced_hw_early_init(). Reviewed-by: Michael Kelley Reviewed-by: Tianyu Lan Signed-off-by: Dexuan Cui Reviewed-by in the v6 patchset [2]. --- Changes in v2: None Changes in v3: Added Tianyu's Reviewed-by. arch/x86/kernel/cpu/mshyperv.c | 22 ++++++++++++++++++++++ 1 file changed, 22 insertions(+) diff --git a/arch/x86/kernel/cpu/mshyperv.c b/arch/x86/kernel/cpu/mshyperv.c index ff3d9c5de19c..fe5393d759d3 100644 --- a/arch/x86/kernel/cpu/mshyperv.c +++ b/arch/x86/kernel/cpu/mshyperv.c @@ -323,6 +323,26 @@ static void __init hv_smp_prepare_cpus(unsigned int ma= x_cpus) } #endif =20 +/* + * When a fully enlightened TDX VM runs on Hyper-V, the firmware sets the + * HW_REDUCED flag: refer to acpi_tb_create_local_fadt(). Consequently tty= S0 + * interrupts can't work because request_irq() -> ... -> irq_to_desc() ret= urns + * NULL for ttyS0. This happens because mp_config_acpi_legacy_irqs() sees a + * nr_legacy_irqs() of 0, so it doesn't initialize the array 'mp_irqs[]', = and + * later setup_IO_APIC_irqs() -> find_irq_entry() fails to find the legacy= irqs + * from the array and hence doesn't create the necessary irq description i= nfo. + * + * Clone arch/x86/kernel/acpi/boot.c: acpi_generic_reduced_hw_init() here, + * except don't change 'legacy_pic', which keeps its default value + * 'default_legacy_pic'. This way, mp_config_acpi_legacy_irqs() sees a non= -zero + * nr_legacy_irqs() and eventually serial console interrupts works properl= y. + */ +static void __init reduced_hw_init(void) +{ + x86_init.timers.timer_init =3D x86_init_noop; + x86_init.irqs.pre_vector_init =3D x86_init_noop; +} + static void __init ms_hyperv_init_platform(void) { int hv_max_functions_eax; @@ -433,6 +453,8 @@ static void __init ms_hyperv_init_platform(void) =20 /* Don't trust Hyper-V's TLB-flushing hypercalls. */ ms_hyperv.hints &=3D ~HV_X64_REMOTE_TLB_FLUSH_RECOMMENDED; + + x86_init.acpi.reduced_hw_early_init =3D reduced_hw_init; } } } --=20 2.25.1 From nobody Thu Dec 18 06:32:21 2025 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 3E2C7EE49AD for ; Thu, 24 Aug 2023 08:11:01 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S237533AbjHXIKl (ORCPT ); Thu, 24 Aug 2023 04:10:41 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:50480 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S240529AbjHXIKR (ORCPT ); Thu, 24 Aug 2023 04:10:17 -0400 Received: from DM5PR00CU002.outbound.protection.outlook.com (mail-cusazlp170110003.outbound.protection.outlook.com [IPv6:2a01:111:f403:c111::3]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 08C5F199F; Thu, 24 Aug 2023 01:09:52 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=UFfGYd9e+s4a/0Zui66nJ1mjTuBTRPbL2U7jSgRN5xWNrkn2Qre2Sq5xAG+2k423Mp8l/hHHRVmOYsioPl9SoWwg5YZlE+m4HFl5OMv6iqh8UOf1gzxLZ+u5CfV1cTSyQyAC5MCOKAM1eDMUHFyYDwNHg/GYDTmP9toHtS81r5CSXQ3b+XLF4EzKInf5gY7FIdtJU6vsA5B0nElIt+QM9Y1EGtpLwNHmIM5o7kj31uMhNZaJZVFgAfkjTh9C49pOhTF8bWIPShybuh27tFYXH1A6CxmZ3buMWELDZ3ROLfqdAsfk3hxczGT6IpHTW2Y3mq87AuGuH8tOxuYoi4JdBA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=fwswV8Bj6wPA8UjZhh+UyjKK1FqHgPhxmwpfmGElJ8M=; b=a9dxqrNIRJDCf5W2qsahMzDkhKwbWz5LOzxwN864dgysPEELJ6WzMRg2eZVSsafI3GEx4i3SBw8fZ68LqC28bW7DIxThE0D+bzG6/2eNuXtDaz64iQpznsK3tHDv0AuQ/sUdBeZhjB7t2xoT6fN0Ymw+H2L1TpwMOZy4y9VCYwYzK6Ei0+lRgrqnGuHNApwki9fHrBLYJaT8qZ3OOdfG2POjJbE/QsTD94hJDBc/bXO622DPzAPltYNHZxfamkUjKapCkuv/XGS6nYtNN6JLJZm/zi428R1w3BN0GWq1HDqLa5yhJsq3VcuMBDphl1It8fUfnSsKTxJO58rf6d9E+Q== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=microsoft.com; dmarc=pass action=none header.from=microsoft.com; dkim=pass header.d=microsoft.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=fwswV8Bj6wPA8UjZhh+UyjKK1FqHgPhxmwpfmGElJ8M=; b=gGySFw/gIEcPszhZAl/Et4xCG0Mjz83swzI3F74VlHi1dOyXGOdu2kS878l6g29/K+Tz8DEElNyl1Q5g03wN/1QmYAdvylTp3vjhYZvm4OszoH+y99vTH9pwxFQ2GjkK5zgegTEhlgmD+WPg2QOMaMfYgdGp+rxTYm38c1XVTKc= Authentication-Results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=microsoft.com; Received: from BL0PR2101MB1092.namprd21.prod.outlook.com (2603:10b6:207:30::23) by PH8PR21MB3901.namprd21.prod.outlook.com (2603:10b6:510:23a::20) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6745.4; Thu, 24 Aug 2023 08:08:05 +0000 Received: from BL0PR2101MB1092.namprd21.prod.outlook.com ([fe80::b3df:a8e9:52dd:dfad]) by BL0PR2101MB1092.namprd21.prod.outlook.com ([fe80::b3df:a8e9:52dd:dfad%5]) with mapi id 15.20.6745.006; Thu, 24 Aug 2023 08:08:05 +0000 From: Dexuan Cui To: ak@linux.intel.com, arnd@arndb.de, bp@alien8.de, brijesh.singh@amd.com, dan.j.williams@intel.com, dave.hansen@intel.com, dave.hansen@linux.intel.com, haiyangz@microsoft.com, hpa@zytor.com, jane.chu@oracle.com, kirill.shutemov@linux.intel.com, kys@microsoft.com, linux-hyperv@vger.kernel.org, luto@kernel.org, mingo@redhat.com, peterz@infradead.org, rostedt@goodmis.org, sathyanarayanan.kuppuswamy@linux.intel.com, seanjc@google.com, tglx@linutronix.de, tony.luck@intel.com, wei.liu@kernel.org, Jason@zx2c4.com, nik.borisov@suse.com, mikelley@microsoft.com Cc: x86@kernel.org, linux-kernel@vger.kernel.org, linux-arch@vger.kernel.org, Tianyu.Lan@microsoft.com, rick.p.edgecombe@intel.com, andavis@redhat.com, mheslin@redhat.com, vkuznets@redhat.com, xiaoyao.li@intel.com, Dexuan Cui Subject: [PATCH v3 05/10] Drivers: hv: vmbus: Support >64 VPs for a fully enlightened TDX/SNP VM Date: Thu, 24 Aug 2023 01:07:07 -0700 Message-Id: <20230824080712.30327-6-decui@microsoft.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20230824080712.30327-1-decui@microsoft.com> References: <20230824080712.30327-1-decui@microsoft.com> X-ClientProxiedBy: CY5PR15CA0175.namprd15.prod.outlook.com (2603:10b6:930:81::20) To BL0PR2101MB1092.namprd21.prod.outlook.com (2603:10b6:207:30::23) MIME-Version: 1.0 X-MS-Exchange-MessageSentRepresentingType: 1 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: BL0PR2101MB1092:EE_|PH8PR21MB3901:EE_ X-MS-Office365-Filtering-Correlation-Id: da8a13b6-635b-42eb-db3c-08dba4793eb5 X-LD-Processed: 72f988bf-86f1-41af-91ab-2d7cd011db47,ExtAddr X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: Rfb+9c7tJgbUhqUoyQgCsupWXrRuFujv5e2XJgwNm0o99gBGbfmkGoE7fdtP10yHmIP4oNeeB+xepq7XwUVNfiLOniQIMvjxwxoMUmz3/OVqihIDYO4ty9yKZjezWSIpwS356XIf0LMBkYlLK6doYdjIZqIQ3EGKyqU0E0cn+8VOFcSaOOjMoevC8egy1cB23x5dT82TfvsKyfuJIuV23Ka201PePooK/S2XEddS5LhGnWCAYlGTb/JUAasagzDp61oYiYCbhemlUysMISatOSAcu2PyfevFyye9Pxej3EaIyxH13WwwAZvnLmc7/+8NT5SG5Md8mKWaxge+Yexzv6T16wB1/PJ1BciQVy35XLJLPDYJqOW+PhDLtwwbO3WJe2UQpcKvnENd4kF8xb0K0mGPLhC1B/Qm1WKP/feZAwvywbulh2tyysXD+hSyub+paKt36OlXoMZrSWNa4pWSJYqCQ2ntO1umpHNW9OoNttDNtP8oVi+Q53bYEFstV/hPNZ5+J7GQ2dhoBvksRFcmoVdxTAnQIIQuGcpOE997yzP78XoeUFAKGlit+CUfXENZkTXfnx1hu/vTujYJ1U0AA6cMteiU8yjup7N1X97iGyLIn5maTcT0TVQ5vzUnjnLuEZiRwSw1CyYmuLkA1U0V8NiimUiF4yh/FimnKyM2TpQYgRYhGj6Lnnw0WGJN75YA X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:BL0PR2101MB1092.namprd21.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230031)(396003)(376002)(366004)(346002)(39860400002)(136003)(451199024)(1800799009)(186009)(12101799020)(478600001)(6486002)(10290500003)(83380400001)(38100700002)(7406005)(82950400001)(921005)(2906002)(52116002)(7416002)(4326008)(1076003)(6506007)(2616005)(107886003)(6512007)(66556008)(36756003)(66476007)(86362001)(82960400001)(5660300002)(316002)(8676002)(8936002)(6636002)(66946007)(41300700001);DIR:OUT;SFP:1102; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: =?us-ascii?Q?Wt8YhSzxKcMFbLqdc+NCiiRf2E9FDEY6WlXXKvNKsWvydqLP4ZHFDGpuN38d?= =?us-ascii?Q?DGlqVkCzXk1/mMUKkb2OziHHpyyI3xVs+OUxG0xSalY+q3ReJwQQW/mcXroE?= =?us-ascii?Q?QZtGbjqNCkGuEZkC/Xx/fT+giFJLfsDzQsufgphfVX1syVmihq0bm8I7+bgE?= =?us-ascii?Q?StAMiFg7DDBjgX2Y+FHJ0hEyJRf1FpU+85/qKpfPp8isOWt3pi5L6mdY8g/E?= =?us-ascii?Q?fRhai3jJ4QiSja8d8Tn5RO+Z+vVqqtNJpkWRvUx98Mp1VItxmB8ccTo0LcH9?= =?us-ascii?Q?O+TkMpSt1LPvEn7OPV7R1zASC66qqIFK2BgeymxT7VG5zn71g79De9oY9GhX?= =?us-ascii?Q?vbmaJr77+at2HYKbRdrG3TDx+3Png5EmCq79hsPXR01GVPiDnJNw5z+Or+Ei?= =?us-ascii?Q?fE1GUcN0shDxAZZdXurHxsL87zYZVezonK7AEiQJLEnFQ1b0WeMGrMl83KZE?= =?us-ascii?Q?hXTJosdFS5pnTS1L/Fbsqzvb0/SIftaC5DrcOMrMylIhiofpmF319xSuf2Yf?= =?us-ascii?Q?nybxM56lST/DKogc6BvhHbdGxFqlGrCe3F+QETtCx4XW4MUdbc25KFbRgnNP?= =?us-ascii?Q?xj+1Ssak6BeM3EQ9heOkZ4RcIaO2m2PAPljONGmT9mvkBOYQbwRVEOV6BF9p?= =?us-ascii?Q?egmZ14IpWJ+L+SBCUigDmVTYJ6Gtfa28OGJ4jiKZAI7QNwJqbQbas8P9yEj7?= =?us-ascii?Q?MJ8x7Gsk/eCG0YRShykM3KWW6a6xYHU5B/2MzsJHqgBLNMILJHjnNe9WxENR?= =?us-ascii?Q?LrQRZLI++wj92VpIW/6ta/VIaGLp16BnJQos0Oq04HGEmMtoYju9Qdaq2iXs?= =?us-ascii?Q?wLdZM1Qefq3FtCa3+ZcphdllMslNNOF1/ZTnSavWX5WmxTpoltQhOQrQNX9l?= =?us-ascii?Q?x4zea/LSYJ4LV5fi2MwwmLsKQFEfSGpGpDaQ0rk7a1AeSFwTUzoWxT717MBY?= =?us-ascii?Q?Jcw9o86SnMS2++iKzMpkqj1l+KdFP6fK7f+5sIRDJAoYvBz2SbXdE5ifcm3k?= =?us-ascii?Q?fSHVu1iOXuCdWwLldwQxQUrFIsxsDWCLMFbJLKwuzjgr83Hwa0nfZIIhPiac?= =?us-ascii?Q?T72eHKmPr9jjoFmDi5YBlje7qfcgD+mjjeiIMo9zCo3L92xea+esOmLShmu4?= =?us-ascii?Q?4OSF/0iAiit/OmRbTltQq0rWXGwlcijYet1dBuTfRmpzSVoPKJqYfjr/5uyB?= =?us-ascii?Q?/6LNRIK/ylURITnEcMGFY//LtURUUDXp7GXNxrIWQbpCQO/ZK2BGhlbdCrT0?= =?us-ascii?Q?vJ+peTy1+UFiAmZOwBt3T7v2qtem3BeAczuFoY8tRxV/hXcsrh3dZoncgneX?= =?us-ascii?Q?yPvxLvbqEIZ5E2Nk7v1i4JCk1LprIcG7v6X6OtQy0PUnLQTuMLbBTwoYsboR?= =?us-ascii?Q?0LYqv3DXuu3y/rDOCHLQy9WnMdfaseq+TMP75lmv83h6keicnvZr5rt3WzNm?= =?us-ascii?Q?y8p8H4jWS2SyLqt7TlRshvDZwjojxCVVK91aOr9ef1eeX/YLH3M0mEGTMF6e?= =?us-ascii?Q?o9mIVvvcka6I/Sn/9sdm2bxoEys4rebt30fIF2JWXHUtdDW7cixp3+FLxdfW?= =?us-ascii?Q?FEvi5bMGcgWZFH3tBhojOU+gyIPR7ltGUBq3xY/G6pabFYrOjkyw/Fjf9uCc?= =?us-ascii?Q?sFxjA9db3CfrHQVHR2vBkTnwSU9DvtVzor/qqX01PKpY?= X-OriginatorOrg: microsoft.com X-MS-Exchange-CrossTenant-Network-Message-Id: da8a13b6-635b-42eb-db3c-08dba4793eb5 X-MS-Exchange-CrossTenant-AuthSource: BL0PR2101MB1092.namprd21.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 24 Aug 2023 08:08:05.5787 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 72f988bf-86f1-41af-91ab-2d7cd011db47 X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: +kvx/n/npasp6IVtWdch4hyOdSne4aiiyntiC6dAodmmLhyGtqzHMYyB/zkodT3q3n4HN+WLxJGA4zIBIekkxg== X-MS-Exchange-Transport-CrossTenantHeadersStamped: PH8PR21MB3901 Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Don't set *this_cpu_ptr(hyperv_pcpu_input_arg) before the function set_memory_decrypted() returns, otherwise we run into this ticky issue: For a fully enlightened TDX/SNP VM, in hv_common_cpu_init(), *this_cpu_ptr(hyperv_pcpu_input_arg) is an encrypted page before the set_memory_decrypted() returns. When such a VM has more than 64 VPs, if the hyperv_pcpu_input_arg is not NULL, hv_common_cpu_init() -> set_memory_decrypted() -> ... -> cpa_flush() -> on_each_cpu() -> ... -> hv_send_ipi_mask() -> ... -> __send_ipi_mask_ex() tries to call hv_do_rep_hypercall() with the hyperv_pcpu_input_arg as the hypercall input page, which must be a decrypted page in such a VM, but the page is still encrypted at this point, and a fatal fault is triggered. Fix the issue by setting *this_cpu_ptr(hyperv_pcpu_input_arg) after set_memory_decrypted(): if the hyperv_pcpu_input_arg is NULL, __send_ipi_mask_ex() returns HV_STATUS_INVALID_PARAMETER immediately, and hv_send_ipi_mask() falls back to orig_apic.send_IPI_mask(), which can use x2apic_send_IPI_all(), which may be slightly slower than the hypercall but still works correctly in such a VM. Reviewed-by: Michael Kelley Reviewed-by: Tianyu Lan Signed-off-by: Dexuan Cui Reviewed-by in the v6 patchset [2]. --- Changes in v2: None Changes in v3: Added Michael's and Tianyu's Reviewed-by Fixed a typo in the changelog: hv_do_fast_hypercall16 -> hv_do_rep_hypercall drivers/hv/hv_common.c | 30 +++++++++++++++++++++++------- 1 file changed, 23 insertions(+), 7 deletions(-) diff --git a/drivers/hv/hv_common.c b/drivers/hv/hv_common.c index 897bbb96f411..4c858e1636da 100644 --- a/drivers/hv/hv_common.c +++ b/drivers/hv/hv_common.c @@ -360,6 +360,7 @@ int hv_common_cpu_init(unsigned int cpu) u64 msr_vp_index; gfp_t flags; int pgcount =3D hv_root_partition ? 2 : 1; + void *mem; int ret; =20 /* hv_cpu_init() can be called with IRQs disabled from hv_resume() */ @@ -372,25 +373,40 @@ int hv_common_cpu_init(unsigned int cpu) * allocated if this CPU was previously online and then taken offline */ if (!*inputarg) { - *inputarg =3D kmalloc(pgcount * HV_HYP_PAGE_SIZE, flags); - if (!(*inputarg)) + mem =3D kmalloc(pgcount * HV_HYP_PAGE_SIZE, flags); + if (!mem) return -ENOMEM; =20 if (hv_root_partition) { outputarg =3D (void **)this_cpu_ptr(hyperv_pcpu_output_arg); - *outputarg =3D (char *)(*inputarg) + HV_HYP_PAGE_SIZE; + *outputarg =3D (char *)mem + HV_HYP_PAGE_SIZE; } =20 if (hv_isolation_type_en_snp() || hv_isolation_type_tdx()) { - ret =3D set_memory_decrypted((unsigned long)*inputarg, pgcount); + ret =3D set_memory_decrypted((unsigned long)mem, pgcount); if (ret) { - /* It may be unsafe to free *inputarg */ - *inputarg =3D NULL; + /* It may be unsafe to free 'mem' */ return ret; } =20 - memset(*inputarg, 0x00, pgcount * PAGE_SIZE); + memset(mem, 0x00, pgcount * HV_HYP_PAGE_SIZE); } + + /* + * In a fully enlightened TDX/SNP VM with more than 64 VPs, if + * hyperv_pcpu_input_arg is not NULL, set_memory_decrypted() -> + * ... -> cpa_flush()-> ... -> __send_ipi_mask_ex() tries to + * use hyperv_pcpu_input_arg as the hypercall input page, which + * must be a decrypted page in such a VM, but the page is still + * encrypted before set_memory_decrypted() returns. Fix this by + * setting *inputarg after the above set_memory_decrypted(): if + * hyperv_pcpu_input_arg is NULL, __send_ipi_mask_ex() returns + * HV_STATUS_INVALID_PARAMETER immediately, and the function + * hv_send_ipi_mask() falls back to orig_apic.send_IPI_mask(), + * which may be slightly slower than the hypercall, but still + * works correctly in such a VM. + */ + *inputarg =3D mem; } =20 msr_vp_index =3D hv_get_register(HV_REGISTER_VP_INDEX); --=20 2.25.1 From nobody Thu Dec 18 06:32:21 2025 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 53411EE49A6 for ; Thu, 24 Aug 2023 08:11:01 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S239918AbjHXIKo (ORCPT ); Thu, 24 Aug 2023 04:10:44 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:50556 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S240542AbjHXIKU (ORCPT ); Thu, 24 Aug 2023 04:10:20 -0400 Received: from DM6FTOPR00CU001.outbound.protection.outlook.com (mail-centralusazon11020019.outbound.protection.outlook.com [52.101.61.19]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 60F6719AC; Thu, 24 Aug 2023 01:09:53 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=eOVCvzJ+0ucAjfikJdj+Q5KOt5gU8MiyvLc5rsxx9/lv8OjO34/5f8RcoPS1EDVMyBS3xMjK6MuYwZUd7N7QoQ10u7QbS262q+J5n0WI6HYJ9VShpLQZtiFKFw/pcg3j54SP2vdfJiz/J9kXugGSespQaTsKwesJkj1Lyg2dY2gQO4So0wVoCiFxxkLewb8kwRTXg79dbp257qQoEgHYbnsHGDL4V+GqM7UGeRtc9OMSW4rOXLaq+O7TH6Wf5Jr9IYU/PqFMdxZo6LP0mKUDLX1tOufJjQjBjCagG0woLDgRQHLSC/oOpCFpSSpmk8B6qo5Gaps9CGYS3+6FIgJ9nQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=gp++m1rz7QMhIaw8w5ngvgVSlt7AgJlBNmZNhW7QHzM=; b=DZUGmX+xOthLZ/n83Sue4qC308Q8a2TEHqs2DmFn6TCwfB1hVKpjYg2IWy+LWavkOYnOREeCbGm0ALSGYr3d2n3BNcCUAR7Vvuv1pK8/MCUNP4eolkiO6jH2JVu8IMdFEy+Y66/HEJVAPe4+zZDCAh8fiM9LvlveDikvRADhzdXIRCtfUleBGxYf9bfGqvwm2q8Lrt9eIGx6at7s6A0q8XG2VZcAGNHn/AXyQGERrqr2D9ms2KLSqPgcc3eV86LWZ5H6hWPVjvdY5fH6ncS7sKhQLihEPy4sPLxIhNl9fR2yFnwozMTycQHZ5HcDzo7322FNwPZYcvuL202+gFgnbw== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=microsoft.com; dmarc=pass action=none header.from=microsoft.com; dkim=pass header.d=microsoft.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=gp++m1rz7QMhIaw8w5ngvgVSlt7AgJlBNmZNhW7QHzM=; b=h93XP77Epa6449FkgubZQaTpgwkR6yqPOaJs3q0nKgUGujyv3uoU7JntebCNTsJMZHmBTn2m6SzMnIQzNuQgHO5Ec8U7Z3Peo8dAcxcHs0fnjqvYgSj36VChuGvI/44k3XhcFZ4taeONKTiJ9i57mheJvrR+E49KlDGiWk3l38s= Authentication-Results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=microsoft.com; Received: from BL0PR2101MB1092.namprd21.prod.outlook.com (2603:10b6:207:30::23) by PH8PR21MB3901.namprd21.prod.outlook.com (2603:10b6:510:23a::20) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6745.4; Thu, 24 Aug 2023 08:08:08 +0000 Received: from BL0PR2101MB1092.namprd21.prod.outlook.com ([fe80::b3df:a8e9:52dd:dfad]) by BL0PR2101MB1092.namprd21.prod.outlook.com ([fe80::b3df:a8e9:52dd:dfad%5]) with mapi id 15.20.6745.006; Thu, 24 Aug 2023 08:08:08 +0000 From: Dexuan Cui To: ak@linux.intel.com, arnd@arndb.de, bp@alien8.de, brijesh.singh@amd.com, dan.j.williams@intel.com, dave.hansen@intel.com, dave.hansen@linux.intel.com, haiyangz@microsoft.com, hpa@zytor.com, jane.chu@oracle.com, kirill.shutemov@linux.intel.com, kys@microsoft.com, linux-hyperv@vger.kernel.org, luto@kernel.org, mingo@redhat.com, peterz@infradead.org, rostedt@goodmis.org, sathyanarayanan.kuppuswamy@linux.intel.com, seanjc@google.com, tglx@linutronix.de, tony.luck@intel.com, wei.liu@kernel.org, Jason@zx2c4.com, nik.borisov@suse.com, mikelley@microsoft.com Cc: x86@kernel.org, linux-kernel@vger.kernel.org, linux-arch@vger.kernel.org, Tianyu.Lan@microsoft.com, rick.p.edgecombe@intel.com, andavis@redhat.com, mheslin@redhat.com, vkuznets@redhat.com, xiaoyao.li@intel.com, Dexuan Cui Subject: [PATCH v3 06/10] x86/hyperv: Introduce a global variable hyperv_paravisor_present Date: Thu, 24 Aug 2023 01:07:08 -0700 Message-Id: <20230824080712.30327-7-decui@microsoft.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20230824080712.30327-1-decui@microsoft.com> References: <20230824080712.30327-1-decui@microsoft.com> X-ClientProxiedBy: CY5PR15CA0175.namprd15.prod.outlook.com (2603:10b6:930:81::20) To BL0PR2101MB1092.namprd21.prod.outlook.com (2603:10b6:207:30::23) MIME-Version: 1.0 X-MS-Exchange-MessageSentRepresentingType: 1 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: BL0PR2101MB1092:EE_|PH8PR21MB3901:EE_ X-MS-Office365-Filtering-Correlation-Id: adf33ea3-ae03-4408-ac32-08dba4794054 X-LD-Processed: 72f988bf-86f1-41af-91ab-2d7cd011db47,ExtAddr X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: in5/snVR9j7QfwgGeCtVCOpkmneYIjgY6ux7vLRwS9tfPL0jr2uKzc8TpPY9RZL4dAwHmIX68brYNUELiPPOE4jOBSP8sUNN8LKNIGd2Y2CUCeToll/ulfZ0OT3Qxo2Lu9yY0IzIg3XzvByNGrk1v2WOaSmKuutKSvEXDLsR4tnPV4WANBTcKlhUOxYNC+E2e2clNhgr9IEy53msqSA1j6YoxTdzjwpRO2XtiOZcrGfduOizWD2DauS9WhigIm16UCYMI2yTbXos7w36N0O4tdSklt5PddR+uC3tp/JRDknQ0KweNAceDfGqitcgTBUysUd9xz5yEAn5NguGOwdyXyWL6Y/R1MCcWSiZ2OiRn9LZoj1+FifDmqqZGPSuaFjdG/OptdsQZLbPw8ql8KHLqYJn0DdBZ0o/5kE8xBkn3IgrfvvtM9016Jz2f9/6e8lwPYU9QfI9c/0ofaV136aqYBzLQBS0BGD4kij6uswoxEZoFOdPnC016TrccAJpPDbmd6dXXno6ycYlgpTrfQd0n0XptFtv2WTCuAog6eAyDA4rZTFMvA0+p+6fiRRDLmU1Xm2cF2K42O2vIdqmOr/Da6/c6/3/i9A3wKgW3pPG2fKvEhygX3zYOkVYX8KSxpweuBAzINWhJcT6t83x/hNeKSebaAMPfWj6BJmtdyCUkE9Df+6DMDpibOxdNg3bd5OZuZL6c942ZacYxAizr6AkoGSXAbATskae88D8UMvxhSvZUMoy1cXWmCYbVRWSjllD X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:BL0PR2101MB1092.namprd21.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230031)(396003)(376002)(366004)(346002)(39860400002)(136003)(451199024)(1800799009)(186009)(12101799020)(478600001)(6486002)(10290500003)(83380400001)(38100700002)(7406005)(82950400001)(921005)(2906002)(52116002)(7416002)(4326008)(1076003)(6506007)(2616005)(107886003)(6512007)(30864003)(66556008)(36756003)(66476007)(86362001)(82960400001)(5660300002)(316002)(8676002)(8936002)(6636002)(66946007)(41300700001)(334744004)(309714004);DIR:OUT;SFP:1102; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: =?us-ascii?Q?wXf4iT+l9uRLwV/W2r2zblZu6DEdh9jBVGcFPpGxhw2qvWe5zRgq8iBJzZTh?= =?us-ascii?Q?SBu1tUnSIftd7GCCl12WZWgQOC5NHXQUyr5pOKe6LPRRgmouEaDRXBPDqeZK?= =?us-ascii?Q?E78Anb65jXk6tyj8N5Mb+w85zDUF2dAXykqQbxeXhOlxQjnxsLwbqtx5H8ZB?= =?us-ascii?Q?AjQAfyBEqM6bJhhgRI+nyg5aRoqT7SecAHqXBjR+mYwLt7/y6ivPtYGsh053?= =?us-ascii?Q?olherjmvVeG0idas+YzRN6uZkmM5KK6cP/L2eg06GToA2W/rmPM07nZK11A3?= =?us-ascii?Q?RC+RvvNyYdDu/bS13foJSxslrd320BYiufMo6dhSPcxt7gMWrBy3bi6KPiEW?= =?us-ascii?Q?VnfhuLmzEfLbgmMBfciyeBsIWw64I9Dd47ElJOBYe9GgBCLLqdvNK/ruoff+?= =?us-ascii?Q?asUL4IDgn9OV/lDxXlSOYYu6ceguJGcYowhwxQtho6mbjtJcE+r/h3koX7bM?= =?us-ascii?Q?/BeNh292/AfPBQigC0ckrmV6cHg8TJbuPj3dN7EVaXOdqsyROMbM4WyIJqDQ?= =?us-ascii?Q?WMCKS7PDVKpS80b5Awxsrk3bYSkjHdNWwKJOOy9JjPLFMv0mZIyKKHxwwfPE?= =?us-ascii?Q?IOEnbySYbvdPfrBfMDei/q42YloebupjoRonNf3C/eT8n84HefxTXxNk/Ivr?= =?us-ascii?Q?JWHqGGfG+61BE5UMmNqJ20mkiDo1ZQ1k/PKYknKdWvxa709H6eweYygoaUBz?= =?us-ascii?Q?L1JIqYFmkaoH/9vJihIkGe2ssc8aqoT1LKtwJR+pFnZoXX06ZXbxtGHeuIiQ?= =?us-ascii?Q?rcOsK+oehEC6534Hx5RO0goXrzaDnA21vR1t9zf1MZT9e5TGA2iVDzi7ZsQE?= =?us-ascii?Q?FnpvJiNNCMOO7XQ1sugvGuH4QJHk4P5rYZ5sDuiMOCdF6trHJM7bwkvG2xuR?= =?us-ascii?Q?zyt5bNCYPBDQyL6X3gsi4YNJnk4mb9I2hllU2RUlo0zku8Tkstk1gGnGzg71?= =?us-ascii?Q?kmxnKv3MEeZC99kt/ZKgmtfvuwOuVWa4/Xx4geUnomkdZHQExPjnZHtal5zT?= =?us-ascii?Q?dvUvxKc5LJ69Cry7Lt7A1emw7NWNPyD+koP+Ealzxztd9v08v43b/nOZo4vI?= =?us-ascii?Q?W/sUsZ8QF5VSofqjiHUOL/z0Xd2VWQZ05S9z6CmMOB9bxdnpCaHTHQNlmg+w?= =?us-ascii?Q?d14UOPPr3vZnkoaxLM8duTdkX/E1ZIh7ho10nnN5xVuj1n3rD8f7CVx/Ae6w?= =?us-ascii?Q?5hr6QWZBZX391btMsi8VEdGaWZWaD6/NpURxP1r481x/NodNVBn7hHxX9Dqv?= =?us-ascii?Q?hl3butIFipeer0971yUU94oMJe1xa5f7LnjkcKpcz50oC8hAAZiGvtLt6Ogf?= =?us-ascii?Q?UGiGoIulG587+9Ei3KWpOfilhmILIJrNRe+rbsaOn+nsYb+XhHu6PrH4ww0S?= =?us-ascii?Q?BnUfv8mxOlRTZnAcD7K3gXl/FAFkFe5Q4ytwWIa2RVnV+KMaDI/9pb+bqrnA?= =?us-ascii?Q?EXZheDobMGZfVwsdR2RwW7z7G2hZA5EvGplgNuf4xdzBdcXGfHODI15dgGYw?= =?us-ascii?Q?mLi2QZKXvTy18hHLvsmf195Mp/WpFGmbmUrfVPzwvS1t1Z2F2ZGvFihmW5Ji?= =?us-ascii?Q?lQ5vdNzqLD8FNcQo3puFVAkbkdnQR+YjkQDkwZdS91JrW9jkLPBn7qn3EG0u?= =?us-ascii?Q?Q57ajKSnOt5yS9SiJQjrAQKXgg1KVqQmS++CjnjJNNlQ?= X-OriginatorOrg: microsoft.com X-MS-Exchange-CrossTenant-Network-Message-Id: adf33ea3-ae03-4408-ac32-08dba4794054 X-MS-Exchange-CrossTenant-AuthSource: BL0PR2101MB1092.namprd21.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 24 Aug 2023 08:08:08.2751 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 72f988bf-86f1-41af-91ab-2d7cd011db47 X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: Wf+2ehr+UBHuSqyEkDzZApAAVwberNmev2LOTRNFhtlYdxEAoF4UkUETyGCCFwS1NPCqXZj9b8Uy30r+lUeisA== X-MS-Exchange-Transport-CrossTenantHeadersStamped: PH8PR21MB3901 Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" The new variable hyperv_paravisor_present is set only when the VM is a SNP/TDX VM with the paravisor running: see ms_hyperv_init_platform(). We introduce hyperv_paravisor_present because we can not use ms_hyperv.paravisor_present in arch/x86/include/asm/mshyperv.h: struct ms_hyperv_info is defined in include/asm-generic/mshyperv.h, which is included at the end of arch/x86/include/asm/mshyperv.h, but at the beginning of arch/x86/include/asm/mshyperv.h, we would already need to use struct ms_hyperv_info in hv_do_hypercall(). We use hyperv_paravisor_present only in include/asm-generic/mshyperv.h, and use ms_hyperv.paravisor_present elsewhere. In the future, we'll introduce a hypercall function structure for different VM types, and at boot time, the right function pointers would be written into the structure so that runtime testing of TDX vs. SNP vs. normal will be avoided and hyperv_paravisor_present will no longer be needed. Call hv_vtom_init() when it's a VBS VM or when ms_hyperv.paravisor_present is true, i.e. the VM is a SNP VM or TDX VM with the paravisor. Enhance hv_vtom_init() for a TDX VM with the paravisor. In hv_common_cpu_init(), don't decrypt the hyperv_pcpu_input_arg for a TDX VM with the paravisor, just like we don't decrypt the page for a SNP VM with the paravisor. Signed-off-by: Dexuan Cui Reviewed-by in the v6 patchset [2]. Reviewed-by: Michael Kelley Reviewed-by: Tianyu Lan --- Changes in v2: None Changes in v3: Improved the changelog Use ms_hyperv.paravisor_present in general and only use hyperv_paravisor_present in arch/x86/include/asm/mshyperv.h Fixed the build when CONFIG_AMD_MEM_ENCRYPT and/or CONFIG_INTEL_TDX_GUEST are not set. Updated arch/x86/include/asm/mshyperv.h accordingly =20 hv_vtom_init(): Fixed/added the comments Handled the TDX special case directly in vmbus_set_event(). arch/x86/hyperv/hv_init.c | 4 ++-- arch/x86/hyperv/ivm.c | 38 ++++++++++++++++++++++++++++++--- arch/x86/include/asm/mshyperv.h | 15 ++++++++----- arch/x86/kernel/cpu/mshyperv.c | 9 ++++++-- drivers/hv/connection.c | 15 +++++++++---- drivers/hv/hv.c | 10 ++++----- drivers/hv/hv_common.c | 3 ++- 7 files changed, 72 insertions(+), 22 deletions(-) diff --git a/arch/x86/hyperv/hv_init.c b/arch/x86/hyperv/hv_init.c index c1c1b4e1502f..eca5c4b7e3b5 100644 --- a/arch/x86/hyperv/hv_init.c +++ b/arch/x86/hyperv/hv_init.c @@ -658,8 +658,8 @@ bool hv_is_hyperv_initialized(void) if (x86_hyper_type !=3D X86_HYPER_MS_HYPERV) return false; =20 - /* A TDX guest uses the GHCI call rather than hv_hypercall_pg. */ - if (hv_isolation_type_tdx()) + /* A TDX VM with no paravisor uses TDX GHCI call rather than hv_hypercall= _pg */ + if (hv_isolation_type_tdx() && !ms_hyperv.paravisor_present) return true; /* * Verify that earlier initialization succeeded by checking diff --git a/arch/x86/hyperv/ivm.c b/arch/x86/hyperv/ivm.c index 6c7598d9e68a..7bd0359d5e38 100644 --- a/arch/x86/hyperv/ivm.c +++ b/arch/x86/hyperv/ivm.c @@ -248,6 +248,9 @@ void hv_ghcb_msr_read(u64 msr, u64 *value) } EXPORT_SYMBOL_GPL(hv_ghcb_msr_read); =20 +#endif /* CONFIG_AMD_MEM_ENCRYPT */ + +#if defined(CONFIG_AMD_MEM_ENCRYPT) || defined(CONFIG_INTEL_TDX_GUEST) /* * hv_mark_gpa_visibility - Set pages visible to host via hvcall. * @@ -368,6 +371,10 @@ static bool hv_is_private_mmio(u64 addr) return false; } =20 +#endif /* defined(CONFIG_AMD_MEM_ENCRYPT) || defined(CONFIG_INTEL_TDX_GUES= T) */ + +#ifdef CONFIG_AMD_MEM_ENCRYPT + #define hv_populate_vmcb_seg(seg, gdtr_base) \ do { \ if (seg.selector) { \ @@ -495,15 +502,40 @@ int hv_snp_boot_ap(int cpu, unsigned long start_ip) return ret; } =20 +#endif /* CONFIG_AMD_MEM_ENCRYPT */ + +#if defined(CONFIG_AMD_MEM_ENCRYPT) || defined(CONFIG_INTEL_TDX_GUEST) + void __init hv_vtom_init(void) { + enum hv_isolation_type type =3D hv_get_isolation_type(); + + switch (type) { + case HV_ISOLATION_TYPE_VBS: + fallthrough; /* * By design, a VM using vTOM doesn't see the SEV setting, * so SEV initialization is bypassed and sev_status isn't set. * Set it here to indicate a vTOM VM. + * + * Note: if CONFIG_AMD_MEM_ENCRYPT is not set, sev_status is + * defined as 0ULL, to which we can't assigned a value. */ - sev_status =3D MSR_AMD64_SNP_VTOM; - cc_vendor =3D CC_VENDOR_AMD; +#ifdef CONFIG_AMD_MEM_ENCRYPT + case HV_ISOLATION_TYPE_SNP: + sev_status =3D MSR_AMD64_SNP_VTOM; + cc_vendor =3D CC_VENDOR_AMD; + break; +#endif + + case HV_ISOLATION_TYPE_TDX: + cc_vendor =3D CC_VENDOR_INTEL; + break; + + default: + panic("hv_vtom_init: unsupported isolation type %d\n", type); + } + cc_set_mask(ms_hyperv.shared_gpa_boundary); physical_mask &=3D ms_hyperv.shared_gpa_boundary - 1; =20 @@ -516,7 +548,7 @@ void __init hv_vtom_init(void) mtrr_overwrite_state(NULL, 0, MTRR_TYPE_WRBACK); } =20 -#endif /* CONFIG_AMD_MEM_ENCRYPT */ +#endif /* defined(CONFIG_AMD_MEM_ENCRYPT) || defined(CONFIG_INTEL_TDX_GUES= T) */ =20 enum hv_isolation_type hv_get_isolation_type(void) { diff --git a/arch/x86/include/asm/mshyperv.h b/arch/x86/include/asm/mshyper= v.h index 6a9e00c4730b..a9f453c39371 100644 --- a/arch/x86/include/asm/mshyperv.h +++ b/arch/x86/include/asm/mshyperv.h @@ -42,6 +42,7 @@ static inline unsigned char hv_get_nmi_reason(void) =20 #if IS_ENABLED(CONFIG_HYPERV) extern int hyperv_init_cpuhp; +extern bool hyperv_paravisor_present; =20 extern void *hv_hypercall_pg; =20 @@ -75,7 +76,7 @@ static inline u64 hv_do_hypercall(u64 control, void *inpu= t, void *output) u64 hv_status; =20 #ifdef CONFIG_X86_64 - if (hv_isolation_type_tdx()) + if (hv_isolation_type_tdx() && !hyperv_paravisor_present) return hv_tdx_hypercall(control, input_address, output_address); =20 if (hv_isolation_type_en_snp()) { @@ -131,7 +132,7 @@ static inline u64 _hv_do_fast_hypercall8(u64 control, u= 64 input1) u64 hv_status; =20 #ifdef CONFIG_X86_64 - if (hv_isolation_type_tdx()) + if (hv_isolation_type_tdx() && !hyperv_paravisor_present) return hv_tdx_hypercall(control, input1, 0); =20 if (hv_isolation_type_en_snp()) { @@ -185,7 +186,7 @@ static inline u64 _hv_do_fast_hypercall16(u64 control, = u64 input1, u64 input2) u64 hv_status; =20 #ifdef CONFIG_X86_64 - if (hv_isolation_type_tdx()) + if (hv_isolation_type_tdx() && !hyperv_paravisor_present) return hv_tdx_hypercall(control, input1, input2); =20 if (hv_isolation_type_en_snp()) { @@ -278,19 +279,23 @@ void hv_ghcb_msr_write(u64 msr, u64 value); void hv_ghcb_msr_read(u64 msr, u64 *value); bool hv_ghcb_negotiate_protocol(void); void __noreturn hv_ghcb_terminate(unsigned int set, unsigned int reason); -void hv_vtom_init(void); int hv_snp_boot_ap(int cpu, unsigned long start_ip); #else static inline void hv_ghcb_msr_write(u64 msr, u64 value) {} static inline void hv_ghcb_msr_read(u64 msr, u64 *value) {} static inline bool hv_ghcb_negotiate_protocol(void) { return false; } static inline void hv_ghcb_terminate(unsigned int set, unsigned int reason= ) {} -static inline void hv_vtom_init(void) {} static inline int hv_snp_boot_ap(int cpu, unsigned long start_ip) { return= 0; } #endif =20 extern bool hv_isolation_type_snp(void); =20 +#if defined(CONFIG_AMD_MEM_ENCRYPT) || defined(CONFIG_INTEL_TDX_GUEST) +void hv_vtom_init(void); +#else +static inline void hv_vtom_init(void) {} +#endif + static inline bool hv_is_synic_reg(unsigned int reg) { return (reg >=3D HV_REGISTER_SCONTROL) && diff --git a/arch/x86/kernel/cpu/mshyperv.c b/arch/x86/kernel/cpu/mshyperv.c index fe5393d759d3..4c5a174935ca 100644 --- a/arch/x86/kernel/cpu/mshyperv.c +++ b/arch/x86/kernel/cpu/mshyperv.c @@ -40,6 +40,10 @@ bool hv_root_partition; bool hv_nested; struct ms_hyperv_info ms_hyperv; =20 +/* Used in modules via hv_do_hypercall(): see arch/x86/include/asm/mshyper= v.h */ +bool hyperv_paravisor_present __ro_after_init; +EXPORT_SYMBOL_GPL(hyperv_paravisor_present); + #if IS_ENABLED(CONFIG_HYPERV) static inline unsigned int hv_get_nested_reg(unsigned int reg) { @@ -429,6 +433,8 @@ static void __init ms_hyperv_init_platform(void) ms_hyperv.shared_gpa_boundary =3D BIT_ULL(ms_hyperv.shared_gpa_boundary_bits); =20 + hyperv_paravisor_present =3D !!ms_hyperv.paravisor_present; + pr_info("Hyper-V: Isolation Config: Group A 0x%x, Group B 0x%x\n", ms_hyperv.isolation_config_a, ms_hyperv.isolation_config_b); =20 @@ -526,8 +532,7 @@ static void __init ms_hyperv_init_platform(void) =20 #if IS_ENABLED(CONFIG_HYPERV) if ((hv_get_isolation_type() =3D=3D HV_ISOLATION_TYPE_VBS) || - ((hv_get_isolation_type() =3D=3D HV_ISOLATION_TYPE_SNP) && - ms_hyperv.paravisor_present)) + ms_hyperv.paravisor_present) hv_vtom_init(); /* * Setup the hook to get control post apic initialization. diff --git a/drivers/hv/connection.c b/drivers/hv/connection.c index 02b54f85dc60..2dd972ca85dd 100644 --- a/drivers/hv/connection.c +++ b/drivers/hv/connection.c @@ -484,10 +484,17 @@ void vmbus_set_event(struct vmbus_channel *channel) =20 ++channel->sig_events; =20 - if (hv_isolation_type_snp()) - hv_ghcb_hypercall(HVCALL_SIGNAL_EVENT, &channel->sig_event, - NULL, sizeof(channel->sig_event)); - else + if (ms_hyperv.paravisor_present) { + if (hv_isolation_type_snp()) + hv_ghcb_hypercall(HVCALL_SIGNAL_EVENT, &channel->sig_event, + NULL, sizeof(channel->sig_event)); + else if (hv_isolation_type_tdx()) + hv_tdx_hypercall(HVCALL_SIGNAL_EVENT | HV_HYPERCALL_FAST_BIT, + channel->sig_event, 0); + else + WARN_ON_ONCE(1); + } else { hv_do_fast_hypercall8(HVCALL_SIGNAL_EVENT, channel->sig_event); + } } EXPORT_SYMBOL_GPL(vmbus_set_event); diff --git a/drivers/hv/hv.c b/drivers/hv/hv.c index d1064118a72f..48b1623112f0 100644 --- a/drivers/hv/hv.c +++ b/drivers/hv/hv.c @@ -109,7 +109,7 @@ int hv_synic_alloc(void) * Synic message and event pages are allocated by paravisor. * Skip these pages allocation here. */ - if (!hv_isolation_type_snp() && !hv_root_partition) { + if (!ms_hyperv.paravisor_present && !hv_root_partition) { hv_cpu->synic_message_page =3D (void *)get_zeroed_page(GFP_ATOMIC); if (hv_cpu->synic_message_page =3D=3D NULL) { @@ -226,7 +226,7 @@ void hv_synic_enable_regs(unsigned int cpu) simp.as_uint64 =3D hv_get_register(HV_REGISTER_SIMP); simp.simp_enabled =3D 1; =20 - if (hv_isolation_type_snp() || hv_root_partition) { + if (ms_hyperv.paravisor_present || hv_root_partition) { /* Mask out vTOM bit. ioremap_cache() maps decrypted */ u64 base =3D (simp.base_simp_gpa << HV_HYP_PAGE_SHIFT) & ~ms_hyperv.shared_gpa_boundary; @@ -245,7 +245,7 @@ void hv_synic_enable_regs(unsigned int cpu) siefp.as_uint64 =3D hv_get_register(HV_REGISTER_SIEFP); siefp.siefp_enabled =3D 1; =20 - if (hv_isolation_type_snp() || hv_root_partition) { + if (ms_hyperv.paravisor_present || hv_root_partition) { /* Mask out vTOM bit. ioremap_cache() maps decrypted */ u64 base =3D (siefp.base_siefp_gpa << HV_HYP_PAGE_SHIFT) & ~ms_hyperv.shared_gpa_boundary; @@ -328,7 +328,7 @@ void hv_synic_disable_regs(unsigned int cpu) * addresses. */ simp.simp_enabled =3D 0; - if (hv_isolation_type_snp() || hv_root_partition) { + if (ms_hyperv.paravisor_present || hv_root_partition) { iounmap(hv_cpu->synic_message_page); hv_cpu->synic_message_page =3D NULL; } else { @@ -340,7 +340,7 @@ void hv_synic_disable_regs(unsigned int cpu) siefp.as_uint64 =3D hv_get_register(HV_REGISTER_SIEFP); siefp.siefp_enabled =3D 0; =20 - if (hv_isolation_type_snp() || hv_root_partition) { + if (ms_hyperv.paravisor_present || hv_root_partition) { iounmap(hv_cpu->synic_event_page); hv_cpu->synic_event_page =3D NULL; } else { diff --git a/drivers/hv/hv_common.c b/drivers/hv/hv_common.c index 4c858e1636da..e62d64753902 100644 --- a/drivers/hv/hv_common.c +++ b/drivers/hv/hv_common.c @@ -382,7 +382,8 @@ int hv_common_cpu_init(unsigned int cpu) *outputarg =3D (char *)mem + HV_HYP_PAGE_SIZE; } =20 - if (hv_isolation_type_en_snp() || hv_isolation_type_tdx()) { + if (!ms_hyperv.paravisor_present && + (hv_isolation_type_en_snp() || hv_isolation_type_tdx())) { ret =3D set_memory_decrypted((unsigned long)mem, pgcount); if (ret) { /* It may be unsafe to free 'mem' */ --=20 2.25.1 From nobody Thu Dec 18 06:32:21 2025 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id BF3E2EE49A5 for ; Thu, 24 Aug 2023 08:11:33 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S235870AbjHXILG (ORCPT ); Thu, 24 Aug 2023 04:11:06 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:46324 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S239376AbjHXIKo (ORCPT ); Thu, 24 Aug 2023 04:10:44 -0400 Received: from DM5PR00CU002.outbound.protection.outlook.com (mail-cusazlp170110003.outbound.protection.outlook.com [IPv6:2a01:111:f403:c111::3]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 3EBCA1989; Thu, 24 Aug 2023 01:10:00 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=oCqONykCn0iqWSt6WUpLA7M4tCp8u/XrC2XEfS49pSPHhRYZSKDunIBYvca7Lp2UJdTgNOtmz6hI7QwzBXgThnLkuSvrH3pJXHGY5TSaKVLK2jLAKHQet7IuSXM10Ab16Cg3EElNIFkBdu1AmXuyfj0pvgDVcprXlaM/NQydNDsc6sCAe1zUKnjV9yIKxzyXE61wHRu1wgwy2TezjTM9JgSIrJTudwgSDFzmMAU69x6NEyu9gfVwZ7jPYuFBfg3ZJ6OV9lQUVUpwGEkJAHie73MeoSSgCcLxRDXkq5SXQ0nyjLJ2mwnd4fD+qYnt2b7Fm9np9hn5IqrRNPKMSKNMtw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=Sxgkr5jIcqci7y3BNhOT8j71zNzbQ4WzI8nrmvuOIaQ=; b=RojF/9mHQ0rnl45AyR4i3J9t4gTZtUNCDgJLqTEeWW679otbZPZRbCGZE2Cf14NKyqETU2LlWHRdXWoT8IAIxjOUjJZlB7TAtqfTCrm/z9rSREt6xKVeT1R39NJT9pSU1Y/hoTqi29bVu/KXfY+tl9xs9YVFkdWsUhEv73WqxXMKv4OdJT4wL7UliAgIB2s4CqExYiT7oGlOkAY57KRd71S3+sMljU3volccliRTUha6/VEumYc5UbKX7Zc4vJPT2QKdwOG1trS49/dgKXRF7HTsxAh/lxhkZtNe1A82ltJR91jUsu5jQ8SSWancP1/NBRLD+axopexDjD2NFCQBhg== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=microsoft.com; dmarc=pass action=none header.from=microsoft.com; dkim=pass header.d=microsoft.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=Sxgkr5jIcqci7y3BNhOT8j71zNzbQ4WzI8nrmvuOIaQ=; b=aBITZnbCxPd7gB3z74uGzfCSAL8QQebahmNkn6J4EDkN31WR5LXH90rRlD0mkZgnKJkiNkFw9p4xvzJMGbDHJGuh+Yjf5ZsESJMdgsNQNcpoC/HhgAcP2am/2DinB467Iy9vFMmHdBwMXlTqkBx5J1bOThzMDc2XuwFA/WbsGkM= Authentication-Results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=microsoft.com; Received: from BL0PR2101MB1092.namprd21.prod.outlook.com (2603:10b6:207:30::23) by PH8PR21MB3901.namprd21.prod.outlook.com (2603:10b6:510:23a::20) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6745.4; Thu, 24 Aug 2023 08:08:11 +0000 Received: from BL0PR2101MB1092.namprd21.prod.outlook.com ([fe80::b3df:a8e9:52dd:dfad]) by BL0PR2101MB1092.namprd21.prod.outlook.com ([fe80::b3df:a8e9:52dd:dfad%5]) with mapi id 15.20.6745.006; Thu, 24 Aug 2023 08:08:11 +0000 From: Dexuan Cui To: ak@linux.intel.com, arnd@arndb.de, bp@alien8.de, brijesh.singh@amd.com, dan.j.williams@intel.com, dave.hansen@intel.com, dave.hansen@linux.intel.com, haiyangz@microsoft.com, hpa@zytor.com, jane.chu@oracle.com, kirill.shutemov@linux.intel.com, kys@microsoft.com, linux-hyperv@vger.kernel.org, luto@kernel.org, mingo@redhat.com, peterz@infradead.org, rostedt@goodmis.org, sathyanarayanan.kuppuswamy@linux.intel.com, seanjc@google.com, tglx@linutronix.de, tony.luck@intel.com, wei.liu@kernel.org, Jason@zx2c4.com, nik.borisov@suse.com, mikelley@microsoft.com Cc: x86@kernel.org, linux-kernel@vger.kernel.org, linux-arch@vger.kernel.org, Tianyu.Lan@microsoft.com, rick.p.edgecombe@intel.com, andavis@redhat.com, mheslin@redhat.com, vkuznets@redhat.com, xiaoyao.li@intel.com, Dexuan Cui Subject: [PATCH v3 07/10] Drivers: hv: vmbus: Bring the post_msg_page back for TDX VMs with the paravisor Date: Thu, 24 Aug 2023 01:07:09 -0700 Message-Id: <20230824080712.30327-8-decui@microsoft.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20230824080712.30327-1-decui@microsoft.com> References: <20230824080712.30327-1-decui@microsoft.com> X-ClientProxiedBy: CY5PR15CA0175.namprd15.prod.outlook.com (2603:10b6:930:81::20) To BL0PR2101MB1092.namprd21.prod.outlook.com (2603:10b6:207:30::23) MIME-Version: 1.0 X-MS-Exchange-MessageSentRepresentingType: 1 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: BL0PR2101MB1092:EE_|PH8PR21MB3901:EE_ X-MS-Office365-Filtering-Correlation-Id: 7ca9d0ec-7634-4aea-1ae0-08dba47941f1 X-LD-Processed: 72f988bf-86f1-41af-91ab-2d7cd011db47,ExtAddr X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: S0hMVn9HTUQKLQaxquuIvHnVNTKkViVKYguc8iJMdWGk3zce/JFNrGcHoy+ocjtho3jOsTbWU2nOA919X/0WcUES0O4J0VBA6B3sWetWJ6qLop7yhekIyytcjyK4LAZ8CJqmiHQVgpjaHT3XGFUF5RpZ37idgC2uSye1thUR6i0CG8/eF11YTk1k1Dr5LgnA60wKcKpdsdXxSkxoadGHUj12we99OyXhh+wrXkL3WqVr38oyqPlJKXOBMYsxgY0lDS1WJ4tpYHzmsEMKWkdfVO3Tr+4tqzrbTFq8SCwkvMIUfYJ1fiyReXiaEzwG/B61MXwvV0F5Azxy8m7bEvMLh4wPojoHvkQpMd+0rCdzKrZseCDiolpbJS9XH9XKlRzT4ww4aXMpOpsJz1j4ncAzs2ibNX8DuoVp0r6FzA2yUnOIuHhT6dNowMuhUQ7ygTTXr5BLFmdclE+Xg0umnoZuyvpDE+elTOXFUugfySQk5S/tDYhqGRNU/bQnhfarP7dDxzFjgqR1LZg8NdI8l/MOlbtxzeUA1UFjk3wdM/O57bGM+kt5ssMIZEnNxhfBle0CcH682w0Fuh8WbyeluJorYWh4piqBysbN04dVjiS/SxZywKCfO9aPOew3VF1Disrp9H41HJ6p3oaYu/WaZgz8iHzf7AJCSnmjqmvHtM62eNWLpw8EsG9Cm5D6nXgmT1hz X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:BL0PR2101MB1092.namprd21.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230031)(396003)(376002)(366004)(346002)(39860400002)(136003)(451199024)(1800799009)(186009)(12101799020)(478600001)(6486002)(10290500003)(83380400001)(38100700002)(7406005)(82950400001)(921005)(2906002)(52116002)(7416002)(4326008)(1076003)(6506007)(2616005)(107886003)(6512007)(66556008)(36756003)(66476007)(86362001)(82960400001)(5660300002)(316002)(8676002)(8936002)(6636002)(66946007)(41300700001);DIR:OUT;SFP:1102; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: =?us-ascii?Q?szt8dCrHjC6V5iKOORcuYG7IJP3ytkuV3rz/n6jwEZiexGSKGK8XwO3xDGOC?= =?us-ascii?Q?eAahczCBVo97VTBXE3zdYca6wYi5Y0GExDz3Nws9bosPReUn1C9Sl32wVvWC?= =?us-ascii?Q?zBBeKaglxuk+QTLOEBX2bV4Qpv6y3YtnpRin5JwDAxdYlefqL+ALEMwgq1Q5?= =?us-ascii?Q?FH2QZrQ7pbBA1C8tes57iUvY0UD2LK/RMx3GHuQL/i0izz7FA7V+Ej/PbTDc?= =?us-ascii?Q?nKqcgDektNNEVXzhL04I/Xvw3qEuj3BAks05SokdB0PmYS4mwl/QuH9x9qVw?= =?us-ascii?Q?+frJl3yWKb9gGN+y8x1/1Rmg1deISd8GgNs9JsZu6N0hXnhdQFH6lwHA1nqM?= =?us-ascii?Q?DXxCdOzJGtRaFI4GqBMVmx15Go3kUr4Wc5t0zTIXWQGZ+fOHDw74ESy5+n6V?= =?us-ascii?Q?MM8Oy6DgxQ4OlwByFAtDcBLIKu+ctVifxS4uCLbRl/aU+zdIm8xxoFhQr2KE?= =?us-ascii?Q?FqzxYb6a6OPzM0Tx2xSDRQ2YFIF/iEJkIWRtn7D+T9aQu/IUnlduhzChJpIV?= =?us-ascii?Q?vEyz6APRT7NobhPf9b+7LhZFbF+7sIwE4x4Lclqa8rZ3uKGtq1CuePJGhGyQ?= =?us-ascii?Q?3AqDea84HlpaAyNPloSQj+bfbx5Pqfm9dr8HvksH2FlhWvwWTvUXrTJKjLWC?= =?us-ascii?Q?3sFKMVb2KjQxHxTkj2a4HCmKVOOXDGiIYkxp254fCDBQ2qN34QLbVVzyfH8g?= =?us-ascii?Q?Nt3nfG2EAhPjO41Nh+vBx+aanju9TkD0oLYeqlpwtsbBCo8hFXWeUt8VLlEf?= =?us-ascii?Q?tkxfOdxYUCkUeCCFSPg61MQ2GK6MkRRAWzjIAQhxQRxsar6XExB3caQN8ej7?= =?us-ascii?Q?pi0b8fC6QjW9kaZgRY8og5OKFOhzIsWOTiinQQYVIAkxSrY4pQFkXfQI9SMw?= =?us-ascii?Q?pba95wktTwlbtFI+4aMH38VJfX8NWipB4kFKtWLKau2XVLdoqy4Xv/Yq7sDi?= =?us-ascii?Q?8gvE9ihkNP8qS1broEUH9jFcwfclO1bY4Hprx5Pk/Tq4Bwnsrz0S/w4qmudM?= =?us-ascii?Q?SAp3m1+Qt8GI+fkH12lGlYL12zA5dx5Z+rbPT5Afnfgfj9H5yvplOnGcAOSb?= =?us-ascii?Q?D3tKCLtEyeJgX8mEBwtzD5np0k+XyFeVMfk3ncXwrPP1GwKIXaJIc48z0b49?= =?us-ascii?Q?n7lMqQANQ1EUdkEkXrFW7HKOjhpzwurYMi2Gk6+ST19y3mTurYtjisjJZd/V?= =?us-ascii?Q?lTT7AjzIO18TkmjbbBFHUI2udJxi/efSUeyA9dIIKXbaQlv+yIvJ7mpU/vAS?= =?us-ascii?Q?kOt+JZjOIekfaJBORtYLX0FsgRGVrCcJyrxVv49ajLACTyMYv8aQlRSSnaF2?= =?us-ascii?Q?E7niUOQl/of9BTmdEhVrBUHqhDdVkXz5I5zrq7Nmt6r/1d1DiahxQpS7fYr6?= =?us-ascii?Q?3HfggqUGqn/1duzeRqyrhyQvwn0QLFX3zpbDIbF0NqL8Q51R23JqjYkKgcyu?= =?us-ascii?Q?h6fS3uctVbKJLRke8QXqtRDP5j+TbZhlipFbDXOfZALcky90SUSjprdcquI3?= =?us-ascii?Q?kaHjth+jY8x7FhmmJ0BPaRKANEFHQJancPuh4hMxlnhSMqLEFYjTtaMsG4Il?= =?us-ascii?Q?COiE4XfUzCpbMY3RICQwKIopXrtsvWWqv33qhNMY/bVVwjMpUUPbI4rcAdKX?= =?us-ascii?Q?mPCKsNdWh6/lvtCe9Ahu6P4qiHlUcVyUrWzcFhbRGvUG?= X-OriginatorOrg: microsoft.com X-MS-Exchange-CrossTenant-Network-Message-Id: 7ca9d0ec-7634-4aea-1ae0-08dba47941f1 X-MS-Exchange-CrossTenant-AuthSource: BL0PR2101MB1092.namprd21.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 24 Aug 2023 08:08:11.0054 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 72f988bf-86f1-41af-91ab-2d7cd011db47 X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: blgXKbl7cSMJGb5d4AQwhjzd0+/cjqsR1WYKiTPDu7fjfsGwIoTEfO4GHCUARYwoNNUEZ9t7awNBP0QrZwCECQ== X-MS-Exchange-Transport-CrossTenantHeadersStamped: PH8PR21MB3901 Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" The post_msg_page was removed in commit 9a6b1a170ca8 ("Drivers: hv: vmbus: Remove the per-CPU post_msg_page") However, it turns out that we need to bring it back, but only for a TDX VM with the paravisor: in such a VM, the hyperv_pcpu_input_arg is not decrypte= d, but the HVCALL_POST_MESSAGE in such a VM needs a decrypted page as the hypercall input page: see the comments in hyperv_init() for a detailed explanation. Except for HVCALL_POST_MESSAGE and HVCALL_SIGNAL_EVENT, the other hypercalls in a TDX VM with the paravisor still use hv_hypercall_pg and must use the hyperv_pcpu_input_arg (which is encrypted in such a VM), when a hypercall input page is used. Signed-off-by: Dexuan Cui Reviewed-by in the v6 patchset [2]. Reviewed-by: Michael Kelley Reviewed-by: Tianyu Lan --- Changes in v2: None Changes in v3: hyperv_paravisor_present -> ms_hyperv.paravisor_present arch/x86/hyperv/hv_init.c | 20 +++++++++++-- drivers/hv/hv.c | 59 +++++++++++++++++++++++++++++++++++---- drivers/hv/hyperv_vmbus.h | 11 ++++++++ 3 files changed, 82 insertions(+), 8 deletions(-) diff --git a/arch/x86/hyperv/hv_init.c b/arch/x86/hyperv/hv_init.c index eca5c4b7e3b5..3729eee21e47 100644 --- a/arch/x86/hyperv/hv_init.c +++ b/arch/x86/hyperv/hv_init.c @@ -480,6 +480,22 @@ void __init hyperv_init(void) * Setup the hypercall page and enable hypercalls. * 1. Register the guest ID * 2. Enable the hypercall and register the hypercall page + * + * A TDX VM with no paravisor only uses TDX GHCI rather than hv_hypercall= _pg: + * when the hypercall input is a page, such a VM must pass a decrypted + * page to Hyper-V, e.g. hv_post_message() uses the per-CPU page + * hyperv_pcpu_input_arg, which is decrypted if no paravisor is present. + * + * A TDX VM with the paravisor uses hv_hypercall_pg for most hypercalls, + * which are handled by the paravisor and the VM must use an encrypted + * input page: in such a VM, the hyperv_pcpu_input_arg is encrypted and + * used in the hypercalls, e.g. see hv_mark_gpa_visibility() and + * hv_arch_irq_unmask(). Such a VM uses TDX GHCI for two hypercalls: + * 1. HVCALL_SIGNAL_EVENT: see vmbus_set_event() and _hv_do_fast_hypercal= l8(). + * 2. HVCALL_POST_MESSAGE: the input page must be a decrypted page, i.e. + * hv_post_message() in such a VM can't use the encrypted hyperv_pcpu_inp= ut_arg; + * instead, hv_post_message() uses the post_msg_page, which is decrypted + * in such a VM and is only used in such a VM. */ guest_id =3D hv_generate_guest_id(LINUX_VERSION_CODE); wrmsrl(HV_X64_MSR_GUEST_OS_ID, guest_id); @@ -487,8 +503,8 @@ void __init hyperv_init(void) /* Hyper-V requires to write guest os id via ghcb in SNP IVM. */ hv_ghcb_msr_write(HV_X64_MSR_GUEST_OS_ID, guest_id); =20 - /* A TDX guest uses the GHCI call rather than hv_hypercall_pg. */ - if (hv_isolation_type_tdx()) + /* A TDX VM with no paravisor only uses TDX GHCI rather than hv_hypercall= _pg */ + if (hv_isolation_type_tdx() && !ms_hyperv.paravisor_present) goto skip_hypercall_pg_init; =20 hv_hypercall_pg =3D __vmalloc_node_range(PAGE_SIZE, 1, VMALLOC_START, diff --git a/drivers/hv/hv.c b/drivers/hv/hv.c index 48b1623112f0..523c5d99f375 100644 --- a/drivers/hv/hv.c +++ b/drivers/hv/hv.c @@ -57,20 +57,37 @@ int hv_post_message(union hv_connection_id connection_i= d, =20 local_irq_save(flags); =20 - aligned_msg =3D *this_cpu_ptr(hyperv_pcpu_input_arg); + /* + * A TDX VM with the paravisor must use the decrypted post_msg_page: see + * the comment in struct hv_per_cpu_context. A SNP VM with the paravisor + * can use the encrypted hyperv_pcpu_input_arg because it copies the + * input into the GHCB page, which has been decrypted by the paravisor. + */ + if (hv_isolation_type_tdx() && ms_hyperv.paravisor_present) + aligned_msg =3D this_cpu_ptr(hv_context.cpu_context)->post_msg_page; + else + aligned_msg =3D *this_cpu_ptr(hyperv_pcpu_input_arg); + aligned_msg->connectionid =3D connection_id; aligned_msg->reserved =3D 0; aligned_msg->message_type =3D message_type; aligned_msg->payload_size =3D payload_size; memcpy((void *)aligned_msg->payload, payload, payload_size); =20 - if (hv_isolation_type_snp()) - status =3D hv_ghcb_hypercall(HVCALL_POST_MESSAGE, - (void *)aligned_msg, NULL, - sizeof(*aligned_msg)); - else + if (ms_hyperv.paravisor_present) { + if (hv_isolation_type_tdx()) + status =3D hv_tdx_hypercall(HVCALL_POST_MESSAGE, + virt_to_phys(aligned_msg), 0); + else if (hv_isolation_type_snp()) + status =3D hv_ghcb_hypercall(HVCALL_POST_MESSAGE, + aligned_msg, NULL, + sizeof(*aligned_msg)); + else + status =3D HV_STATUS_INVALID_PARAMETER; + } else { status =3D hv_do_hypercall(HVCALL_POST_MESSAGE, aligned_msg, NULL); + } =20 local_irq_restore(flags); =20 @@ -105,6 +122,24 @@ int hv_synic_alloc(void) tasklet_init(&hv_cpu->msg_dpc, vmbus_on_msg_dpc, (unsigned long) hv_cpu); =20 + if (ms_hyperv.paravisor_present && hv_isolation_type_tdx()) { + hv_cpu->post_msg_page =3D (void *)get_zeroed_page(GFP_ATOMIC); + if (hv_cpu->post_msg_page =3D=3D NULL) { + pr_err("Unable to allocate post msg page\n"); + goto err; + } + + ret =3D set_memory_decrypted((unsigned long)hv_cpu->post_msg_page, 1); + if (ret) { + pr_err("Failed to decrypt post msg page: %d\n", ret); + /* Just leak the page, as it's unsafe to free the page. */ + hv_cpu->post_msg_page =3D NULL; + goto err; + } + + memset(hv_cpu->post_msg_page, 0, PAGE_SIZE); + } + /* * Synic message and event pages are allocated by paravisor. * Skip these pages allocation here. @@ -178,6 +213,17 @@ void hv_synic_free(void) =3D per_cpu_ptr(hv_context.cpu_context, cpu); =20 /* It's better to leak the page if the encryption fails. */ + if (ms_hyperv.paravisor_present && hv_isolation_type_tdx()) { + if (hv_cpu->post_msg_page) { + ret =3D set_memory_encrypted((unsigned long) + hv_cpu->post_msg_page, 1); + if (ret) { + pr_err("Failed to encrypt post msg page: %d\n", ret); + hv_cpu->post_msg_page =3D NULL; + } + } + } + if (!ms_hyperv.paravisor_present && (hv_isolation_type_en_snp() || hv_isolation_type_tdx())) { if (hv_cpu->synic_message_page) { @@ -199,6 +245,7 @@ void hv_synic_free(void) } } =20 + free_page((unsigned long)hv_cpu->post_msg_page); free_page((unsigned long)hv_cpu->synic_event_page); free_page((unsigned long)hv_cpu->synic_message_page); } diff --git a/drivers/hv/hyperv_vmbus.h b/drivers/hv/hyperv_vmbus.h index 55f2086841ae..f6b1e710f805 100644 --- a/drivers/hv/hyperv_vmbus.h +++ b/drivers/hv/hyperv_vmbus.h @@ -123,6 +123,17 @@ struct hv_per_cpu_context { void *synic_message_page; void *synic_event_page; =20 + /* + * The page is only used in hv_post_message() for a TDX VM (with the + * paravisor) to post a messages to Hyper-V: when such a VM calls + * HVCALL_POST_MESSAGE, it can't use the hyperv_pcpu_input_arg (which + * is encrypted in such a VM) as the hypercall input page, because + * the input page for HVCALL_POST_MESSAGE must be decrypted in such a + * VM, so post_msg_page (which is decrypted in hv_synic_alloc()) is + * introduced for this purpose. See hyperv_init() for more comments. + */ + void *post_msg_page; + /* * Starting with win8, we can take channel interrupts on any CPU; * we will manage the tasklet that handles events messages on a per CPU --=20 2.25.1 From nobody Thu Dec 18 06:32:21 2025 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id DF332EE49AB for ; Thu, 24 Aug 2023 08:11:33 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S240012AbjHXILO (ORCPT ); Thu, 24 Aug 2023 04:11:14 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:46514 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S240544AbjHXIKr (ORCPT ); Thu, 24 Aug 2023 04:10:47 -0400 Received: from DM5PR00CU002.outbound.protection.outlook.com (mail-cusazlp170110003.outbound.protection.outlook.com [IPv6:2a01:111:f403:c111::3]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 469A61BD0; Thu, 24 Aug 2023 01:10:11 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=gJyCe1YbLRUp/cndihMMTf2C50jWIMu1HnHj/4TSlvMY587YizPUva+q9QFrd2LI6OM88Ixi+QWFrnCJqSAz8eL6sJz3n/jIzah5264n4yzMyyziJNArn+bH1HPZvE5uEPJw/Y1jEh2RpcgkvG6h7DLr55VaC4WoXYG5qfPP9ZiQuFsxOppwGFcsMPKQxC31odmoxqBmbyKv3jdmWQ7chC7T8aWo8FTiyRkYRdPX69+jQ9sxjsiA1hDYtda8frBEWx1ysyyreZTtwX/qQPLoQiRvrDy31jPdbZUwYoTk7BmC5AK1cg7Nddvmqe1eRbyewhVC40is71ijh/cT7l4vCg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=Lyznhn3nWPaHh7DRBjzUhjZDgDz+gcQMYl9lzdh7di8=; b=K4uBMJ8CuJqCiIa/mSNRLG2GEPQkpktdvPg2z/1wZZL+TDHr0BGePLPVIA63cgskr56YX275ULIMKcnfgF2EdkZ8A4NALtuFpCgJeFhb1DrhV69uSPhl4JiU1fDsKSY8OxO6otQBwWTlbjaeIY/aqJrcFWmDJqEmJMMmZAHfvvw7GBkxDwm6PYPD+cN/UXDxHHrQU5Wm4H4iLxBlc+S7NPhdJ+TkPFqsb4l0S3UYSUVrQodkahFkbOlZFLfoFAs8oesBcaPMdq3gSbN84XDNb2CwC2IeI4PiqhXShD8RNmMPDVWxO2yOJGtdbXQpElPtcrj+E1ye8QLu2LOEu9Az1w== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=microsoft.com; dmarc=pass action=none header.from=microsoft.com; dkim=pass header.d=microsoft.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=Lyznhn3nWPaHh7DRBjzUhjZDgDz+gcQMYl9lzdh7di8=; b=NIfjKWrMV+RrXuZomC7UvVQ00RwVgn4ITdn8k+SsFTOtSrtTS4g9GCYGc7O6Vg0X2nTB6A5sxCxMIy6a+SRmIie2TdOR3YA7m4rTUrCbRNpM0jxjAr/qRvlHMB4XyINm1Si2hQn01N9en6GaQf+xz2njhm79+ORlv64nd3onSrs= Authentication-Results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=microsoft.com; Received: from BL0PR2101MB1092.namprd21.prod.outlook.com (2603:10b6:207:30::23) by PH8PR21MB3901.namprd21.prod.outlook.com (2603:10b6:510:23a::20) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6745.4; Thu, 24 Aug 2023 08:08:13 +0000 Received: from BL0PR2101MB1092.namprd21.prod.outlook.com ([fe80::b3df:a8e9:52dd:dfad]) by BL0PR2101MB1092.namprd21.prod.outlook.com ([fe80::b3df:a8e9:52dd:dfad%5]) with mapi id 15.20.6745.006; Thu, 24 Aug 2023 08:08:13 +0000 From: Dexuan Cui To: ak@linux.intel.com, arnd@arndb.de, bp@alien8.de, brijesh.singh@amd.com, dan.j.williams@intel.com, dave.hansen@intel.com, dave.hansen@linux.intel.com, haiyangz@microsoft.com, hpa@zytor.com, jane.chu@oracle.com, kirill.shutemov@linux.intel.com, kys@microsoft.com, linux-hyperv@vger.kernel.org, luto@kernel.org, mingo@redhat.com, peterz@infradead.org, rostedt@goodmis.org, sathyanarayanan.kuppuswamy@linux.intel.com, seanjc@google.com, tglx@linutronix.de, tony.luck@intel.com, wei.liu@kernel.org, Jason@zx2c4.com, nik.borisov@suse.com, mikelley@microsoft.com Cc: x86@kernel.org, linux-kernel@vger.kernel.org, linux-arch@vger.kernel.org, Tianyu.Lan@microsoft.com, rick.p.edgecombe@intel.com, andavis@redhat.com, mheslin@redhat.com, vkuznets@redhat.com, xiaoyao.li@intel.com, Dexuan Cui Subject: [PATCH v3 08/10] x86/hyperv: Use TDX GHCI to access some MSRs in a TDX VM with the paravisor Date: Thu, 24 Aug 2023 01:07:10 -0700 Message-Id: <20230824080712.30327-9-decui@microsoft.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20230824080712.30327-1-decui@microsoft.com> References: <20230824080712.30327-1-decui@microsoft.com> X-ClientProxiedBy: CY5PR15CA0175.namprd15.prod.outlook.com (2603:10b6:930:81::20) To BL0PR2101MB1092.namprd21.prod.outlook.com (2603:10b6:207:30::23) MIME-Version: 1.0 X-MS-Exchange-MessageSentRepresentingType: 1 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: BL0PR2101MB1092:EE_|PH8PR21MB3901:EE_ X-MS-Office365-Filtering-Correlation-Id: bcda9c3a-fc05-4b51-4e39-08dba4794392 X-LD-Processed: 72f988bf-86f1-41af-91ab-2d7cd011db47,ExtAddr X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: Cnx+GtKw50uW04497evVHn9uUkCz3y5SzmyJbaqMHiZoaGHBjeC9ns9+AVlR6jlL3kcY1pMCN/cJaXa4IL9hYgw+c52J28AotY3Bp1DgQLrpaH0Gl9fl5sxpHW16WbZ8jGXX9OeDdzccBRImZ/Tk6+tdXJ6L1iyO0W3FJBeBsYw/9WFKZNdxLXAsbVenbRiY1fbSNsPlOXgxVXSZmirhubw8fbRjI6k96wclXGbt7sCv6tKoartpFo24VMk6Otqt//QeLHRd48Uv9aory+oJ7/YpWtjxc8lwXGgD55fHfPWqyWZW60GPohcbr7FK+U0brzNEDryAOb/pE+RRuRECarbo6lKB3DeUu/flQCH24ruMMCqYDD683OH03W+AloXHiX5K3JyqCFohbL7YvytelEWgTAPoohjem8b3v824VMszHEibvwOhzAlbp443yfcqjWlBTYBLsTRx2gVglHdS8wodMxPV1O71xhsm89aD4dZrHh15+y5s23ImbjiFZg+l/4wzbC49NrtGlTbtzl7BO9QbXattf2HQvhF5ZElZkgAq/NuvtkU8o+zqH7OhqC3fHtdQUzu8fNp1A9eVsvB/ifEqdjC4ceqMMa4bMqIJl+j4j3OZHiMH4a1oqhMGdrW49IkPo9dIUe18z7B+s00mnLqzbcMd7gWFYmdxDvGkgLkjOLrfwux17Mschf0oxnCL X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:BL0PR2101MB1092.namprd21.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230031)(396003)(376002)(366004)(346002)(39860400002)(136003)(451199024)(1800799009)(186009)(12101799020)(478600001)(6486002)(10290500003)(83380400001)(38100700002)(7406005)(82950400001)(921005)(2906002)(52116002)(7416002)(4326008)(1076003)(6506007)(2616005)(107886003)(6512007)(66556008)(36756003)(66476007)(86362001)(82960400001)(5660300002)(316002)(8676002)(8936002)(6636002)(66946007)(41300700001);DIR:OUT;SFP:1102; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: =?us-ascii?Q?4CNrcuWd+6pjNSYFwDsF0vEccDMX6fwZoSDQ83UVlX9OVbVRpu4EAWsYanz9?= =?us-ascii?Q?s8J7C+LulHODw03GHmupsAPGiwt4xeTkfBUjbCBhdlaq8o13wM45O+idh84D?= =?us-ascii?Q?5VwdoPWAwUeydIYTIVbHrVfL37hMmxwoOO0xqVHRQ/59vGZZBbE0MaX6a+zA?= =?us-ascii?Q?uGgd2yjEoeyDi9V5p0JEVspFuqGDUF3l32xCOGBtW/ZszQW6NpWsj/cMXM7v?= =?us-ascii?Q?nbn8/mGvZMlWcQoziEWw62aETIi5JiP9tDrIzGwtLLomUDCHbpNDEI3/DZV3?= =?us-ascii?Q?zNxVBKNNE3BU0XNLO5zKe0K1T/Ynm6VnBo074eMZxlIyhhYMMf86a846soFT?= =?us-ascii?Q?BMYLXq+B4or5RhPLE/PxuAOH9rxwuD8F00KNUJGFDUQOoa5xmIEykqABb+mm?= =?us-ascii?Q?6eU0lN6ZtkACYxgucRycyMqxcltU3NvTu6lDyUF9W0y9jeZl7vXwUUm58CWf?= =?us-ascii?Q?VQ/Hj07myQ+FX1iISrv2l10NBQt4rBl7M+k9yDXQt9Wt5egLF6tyfnje6ZR+?= =?us-ascii?Q?KM7ZC/GW7oNiURTdWOwRZFjk6pR+loSiFAfzTqo2LKoZ3rwmW1RGt3CxRGTY?= =?us-ascii?Q?gcBO6ObZsNZr/NMQLy1m4n5xqYpODudlAnoGV9R7kg6UGtJXEuEAiCmCWnut?= =?us-ascii?Q?ZaXTer2JB3wAcZ24iNeSSXNcSr7g/zYKsE4QhPB9NCsedUFR3Ku6W6C9gH5/?= =?us-ascii?Q?h39HnWIiO4gxTpE88bETzSunX5u2zMkgVynkF4iSiYYbVjPzRvr/67vHVclK?= =?us-ascii?Q?af3DJ3jKkWvel+SMiKKdt3kfr/5TPr1JhI74Ap7CLiXlPF1QAKlAP3NnKQND?= =?us-ascii?Q?D3yBPKFhnn3QEo2y4EzaFVYs/zt54Os53r2SSGR1xAw0LW5kLsfkcei1mZk2?= =?us-ascii?Q?m9FyKjCfSzfoZw5EN9kO6rJDmPqTmcO8T6CaYs5To5KOGU2yD2pUYuRP/weO?= =?us-ascii?Q?V/UElpz58i0NCwMeDESs+al8kkfGisBM5z0EWaY4lRiUyZlM9a8VWIZTFlVe?= =?us-ascii?Q?faWMS/P244PhmOlZf+VmLHiEMYThtoYqZobejygkZ3v/lAHTnBB8Ew6Xa0Bf?= =?us-ascii?Q?0Lk9/4pyDvCOCCXst4pRByMKBRigsyfgOg28waEh34i8j1axV+iJOqKqbmPH?= =?us-ascii?Q?HrCQYUqDaeAB0d8PfOaJF3mKNMkQFceHDJUADPNYeBMo4E/hkqVZgHPzCntA?= =?us-ascii?Q?0WR/EKHebb5Pc5W68F48MqeFHC06tC/VPXcXa4O70rX5fxcXwKAv5KtEvL8O?= =?us-ascii?Q?3j0cL9p8pdNXoLSH4j8m06B8suj56HIY9dURFPX4iuVXXu2S8cSfK+98mT2i?= =?us-ascii?Q?0c61gIpccmv2MrcX3IgVlreaAUbl5W08MW/KUHk385m6MYMQjySv0Sg7jbem?= =?us-ascii?Q?vVkb6Bt/Mbsjyvy6uHq/ZXwGS/9HMYwOypfm1IEWjQakfC6iNZm9H4rLKzNP?= =?us-ascii?Q?oXLdzQZ6y04qrsUjoY122HXpQ7kpdhEydlk1J6L2ZEjBw9VEiP+9WjqqyOY8?= =?us-ascii?Q?OB2D+oHcBt0AuS7PPUQJeEWS972dPshuzt6QY25SuDSBfJBFgJDj3nviTpjX?= =?us-ascii?Q?c5tUJ5haLHKMwoO5HPvNahtXqxMTY4CvrUCUffumV04dPfEDlTPK7DWiFvXb?= =?us-ascii?Q?rjbo0VLxxm/F0pyJ2PcBJrvW5PUWA6bqfNtUkDbhfW+I?= X-OriginatorOrg: microsoft.com X-MS-Exchange-CrossTenant-Network-Message-Id: bcda9c3a-fc05-4b51-4e39-08dba4794392 X-MS-Exchange-CrossTenant-AuthSource: BL0PR2101MB1092.namprd21.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 24 Aug 2023 08:08:13.7173 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 72f988bf-86f1-41af-91ab-2d7cd011db47 X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: YFYMvY31VXZ7W4cg9ljAtPXydTMVAb/PpgWVGVnqLj4txlHdRfqzpWC55di3Cele4hl2Hq8Nf/Cyu6uM/vKw4Q== X-MS-Exchange-Transport-CrossTenantHeadersStamped: PH8PR21MB3901 Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" When the paravisor is present, a SNP VM must use GHCB to access some special MSRs, including HV_X64_MSR_GUEST_OS_ID and some SynIC MSRs. Similarly, when the paravisor is present, a TDX VM must use TDX GHCI to access the same MSRs. Implement hv_tdx_msr_write() and hv_tdx_msr_read(), and use the helper functions hv_ivm_msr_read() and hv_ivm_msr_write() to access the MSRs in a unified way for SNP/TDX VMs with the paravisor. Do not export hv_tdx_msr_write() and hv_tdx_msr_read(), because we never really used hv_ghcb_msr_write() and hv_ghcb_msr_read() in any module. Update arch/x86/include/asm/mshyperv.h so that the kernel can still build if CONFIG_AMD_MEM_ENCRYPT or CONFIG_INTEL_TDX_GUEST is not set, or neither is set. Signed-off-by: Dexuan Cui Reviewed-by in the v6 patchset [2]. Reviewed-by: Michael Kelley Reviewed-by: Tianyu Lan --- Changes in v2: None Changes in v3: hv_tdx_read_msr -> hv_tdx_msr_read hv_tdx_write_msr -> hv_tdx_msr_write Do not export hv_tdx_msr_write() and hv_tdx_msr_read(). included Updated arch/x86/include/asm/mshyperv.h so that the kernel can still build if CONFIG_AMD_MEM_ENCRYPT and/or CONFIG_INTEL_TDX_GUEST are not set. arch/x86/hyperv/hv_init.c | 8 ++-- arch/x86/hyperv/ivm.c | 69 +++++++++++++++++++++++++++++++-- arch/x86/include/asm/mshyperv.h | 8 ++-- arch/x86/kernel/cpu/mshyperv.c | 8 ++-- 4 files changed, 77 insertions(+), 16 deletions(-) diff --git a/arch/x86/hyperv/hv_init.c b/arch/x86/hyperv/hv_init.c index 3729eee21e47..c4cffa3b1c3c 100644 --- a/arch/x86/hyperv/hv_init.c +++ b/arch/x86/hyperv/hv_init.c @@ -500,8 +500,8 @@ void __init hyperv_init(void) guest_id =3D hv_generate_guest_id(LINUX_VERSION_CODE); wrmsrl(HV_X64_MSR_GUEST_OS_ID, guest_id); =20 - /* Hyper-V requires to write guest os id via ghcb in SNP IVM. */ - hv_ghcb_msr_write(HV_X64_MSR_GUEST_OS_ID, guest_id); + /* With the paravisor, the VM must also write the ID via GHCB/GHCI */ + hv_ivm_msr_write(HV_X64_MSR_GUEST_OS_ID, guest_id); =20 /* A TDX VM with no paravisor only uses TDX GHCI rather than hv_hypercall= _pg */ if (hv_isolation_type_tdx() && !ms_hyperv.paravisor_present) @@ -590,7 +590,7 @@ void __init hyperv_init(void) =20 clean_guest_os_id: wrmsrl(HV_X64_MSR_GUEST_OS_ID, 0); - hv_ghcb_msr_write(HV_X64_MSR_GUEST_OS_ID, 0); + hv_ivm_msr_write(HV_X64_MSR_GUEST_OS_ID, 0); cpuhp_remove_state(cpuhp); free_ghcb_page: free_percpu(hv_ghcb_pg); @@ -611,7 +611,7 @@ void hyperv_cleanup(void) =20 /* Reset our OS id */ wrmsrl(HV_X64_MSR_GUEST_OS_ID, 0); - hv_ghcb_msr_write(HV_X64_MSR_GUEST_OS_ID, 0); + hv_ivm_msr_write(HV_X64_MSR_GUEST_OS_ID, 0); =20 /* * Reset hypercall page reference before reset the page, diff --git a/arch/x86/hyperv/ivm.c b/arch/x86/hyperv/ivm.c index 7bd0359d5e38..fbc07493fcb4 100644 --- a/arch/x86/hyperv/ivm.c +++ b/arch/x86/hyperv/ivm.c @@ -24,6 +24,7 @@ #include #include #include +#include =20 #ifdef CONFIG_AMD_MEM_ENCRYPT =20 @@ -186,7 +187,7 @@ bool hv_ghcb_negotiate_protocol(void) return true; } =20 -void hv_ghcb_msr_write(u64 msr, u64 value) +static void hv_ghcb_msr_write(u64 msr, u64 value) { union hv_ghcb *hv_ghcb; void **ghcb_base; @@ -214,9 +215,8 @@ void hv_ghcb_msr_write(u64 msr, u64 value) =20 local_irq_restore(flags); } -EXPORT_SYMBOL_GPL(hv_ghcb_msr_write); =20 -void hv_ghcb_msr_read(u64 msr, u64 *value) +static void hv_ghcb_msr_read(u64 msr, u64 *value) { union hv_ghcb *hv_ghcb; void **ghcb_base; @@ -246,10 +246,71 @@ void hv_ghcb_msr_read(u64 msr, u64 *value) | ((u64)lower_32_bits(hv_ghcb->ghcb.save.rdx) << 32); local_irq_restore(flags); } -EXPORT_SYMBOL_GPL(hv_ghcb_msr_read); =20 +#else +static inline void hv_ghcb_msr_write(u64 msr, u64 value) {} +static inline void hv_ghcb_msr_read(u64 msr, u64 *value) {} #endif /* CONFIG_AMD_MEM_ENCRYPT */ =20 +#ifdef CONFIG_INTEL_TDX_GUEST +static void hv_tdx_msr_write(u64 msr, u64 val) +{ + struct tdx_hypercall_args args =3D { + .r10 =3D TDX_HYPERCALL_STANDARD, + .r11 =3D EXIT_REASON_MSR_WRITE, + .r12 =3D msr, + .r13 =3D val, + }; + + u64 ret =3D __tdx_hypercall(&args); + + WARN_ONCE(ret, "Failed to emulate MSR write: %lld\n", ret); +} + +static void hv_tdx_msr_read(u64 msr, u64 *val) +{ + struct tdx_hypercall_args args =3D { + .r10 =3D TDX_HYPERCALL_STANDARD, + .r11 =3D EXIT_REASON_MSR_READ, + .r12 =3D msr, + }; + + u64 ret =3D __tdx_hypercall_ret(&args); + + if (WARN_ONCE(ret, "Failed to emulate MSR read: %lld\n", ret)) + *val =3D 0; + else + *val =3D args.r11; +} +#else +static inline void hv_tdx_msr_write(u64 msr, u64 value) {} +static inline void hv_tdx_msr_read(u64 msr, u64 *value) {} +#endif /* CONFIG_INTEL_TDX_GUEST */ + +#if defined(CONFIG_AMD_MEM_ENCRYPT) || defined(CONFIG_INTEL_TDX_GUEST) +void hv_ivm_msr_write(u64 msr, u64 value) +{ + if (!ms_hyperv.paravisor_present) + return; + + if (hv_isolation_type_tdx()) + hv_tdx_msr_write(msr, value); + else if (hv_isolation_type_snp()) + hv_ghcb_msr_write(msr, value); +} + +void hv_ivm_msr_read(u64 msr, u64 *value) +{ + if (!ms_hyperv.paravisor_present) + return; + + if (hv_isolation_type_tdx()) + hv_tdx_msr_read(msr, value); + else if (hv_isolation_type_snp()) + hv_ghcb_msr_read(msr, value); +} +#endif + #if defined(CONFIG_AMD_MEM_ENCRYPT) || defined(CONFIG_INTEL_TDX_GUEST) /* * hv_mark_gpa_visibility - Set pages visible to host via hvcall. diff --git a/arch/x86/include/asm/mshyperv.h b/arch/x86/include/asm/mshyper= v.h index a9f453c39371..101f71b85cfd 100644 --- a/arch/x86/include/asm/mshyperv.h +++ b/arch/x86/include/asm/mshyperv.h @@ -275,14 +275,10 @@ int hv_map_ioapic_interrupt(int ioapic_id, bool level= , int vcpu, int vector, int hv_unmap_ioapic_interrupt(int ioapic_id, struct hv_interrupt_entry *en= try); =20 #ifdef CONFIG_AMD_MEM_ENCRYPT -void hv_ghcb_msr_write(u64 msr, u64 value); -void hv_ghcb_msr_read(u64 msr, u64 *value); bool hv_ghcb_negotiate_protocol(void); void __noreturn hv_ghcb_terminate(unsigned int set, unsigned int reason); int hv_snp_boot_ap(int cpu, unsigned long start_ip); #else -static inline void hv_ghcb_msr_write(u64 msr, u64 value) {} -static inline void hv_ghcb_msr_read(u64 msr, u64 *value) {} static inline bool hv_ghcb_negotiate_protocol(void) { return false; } static inline void hv_ghcb_terminate(unsigned int set, unsigned int reason= ) {} static inline int hv_snp_boot_ap(int cpu, unsigned long start_ip) { return= 0; } @@ -292,8 +288,12 @@ extern bool hv_isolation_type_snp(void); =20 #if defined(CONFIG_AMD_MEM_ENCRYPT) || defined(CONFIG_INTEL_TDX_GUEST) void hv_vtom_init(void); +void hv_ivm_msr_write(u64 msr, u64 value); +void hv_ivm_msr_read(u64 msr, u64 *value); #else static inline void hv_vtom_init(void) {} +static inline void hv_ivm_msr_write(u64 msr, u64 value) {} +static inline void hv_ivm_msr_read(u64 msr, u64 *value) {} #endif =20 static inline bool hv_is_synic_reg(unsigned int reg) diff --git a/arch/x86/kernel/cpu/mshyperv.c b/arch/x86/kernel/cpu/mshyperv.c index 4c5a174935ca..4f51dac9eeb2 100644 --- a/arch/x86/kernel/cpu/mshyperv.c +++ b/arch/x86/kernel/cpu/mshyperv.c @@ -70,8 +70,8 @@ u64 hv_get_non_nested_register(unsigned int reg) { u64 value; =20 - if (hv_is_synic_reg(reg) && hv_isolation_type_snp()) - hv_ghcb_msr_read(reg, &value); + if (hv_is_synic_reg(reg) && ms_hyperv.paravisor_present) + hv_ivm_msr_read(reg, &value); else rdmsrl(reg, value); return value; @@ -80,8 +80,8 @@ EXPORT_SYMBOL_GPL(hv_get_non_nested_register); =20 void hv_set_non_nested_register(unsigned int reg, u64 value) { - if (hv_is_synic_reg(reg) && hv_isolation_type_snp()) { - hv_ghcb_msr_write(reg, value); + if (hv_is_synic_reg(reg) && ms_hyperv.paravisor_present) { + hv_ivm_msr_write(reg, value); =20 /* Write proxy bit via wrmsl instruction */ if (hv_is_sint_reg(reg)) --=20 2.25.1 From nobody Thu Dec 18 06:32:21 2025 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 0A75BEE49B0 for ; Thu, 24 Aug 2023 08:11:34 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S240441AbjHXILW (ORCPT ); Thu, 24 Aug 2023 04:11:22 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:46600 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S240566AbjHXIKs (ORCPT ); Thu, 24 Aug 2023 04:10:48 -0400 Received: from DM5PR00CU002.outbound.protection.outlook.com (mail-cusazlp170110003.outbound.protection.outlook.com [IPv6:2a01:111:f403:c111::3]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id A5E1F1BD5; Thu, 24 Aug 2023 01:10:16 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=G78q8uEnVvnr8DgNsGQcdyEpJQbrs6nGaR9+FNW+AUy84NZLV0lmP7837sQYJPQSGh0b//NeacKJzgnPTMmr/EnpYttvgJw152hmrcjy3LOPnzOCuKsk+FJ7J8l7OjlqZT49Emypl9MYaSscF5yW8F1DiNGgtSH/0pDxWqsp1yPPukGdZbqS+97N7LWYDZLJIkrg5Eay9jQa5IzZ5aegQE8SdboOxAU3aDxdS50tc5CmtcVV92m3ieHrsVoSDqXziYKW8ZLlaya1ThFdl3Trw+X04Ik/L507FV0mS4luN9RsPhmaIndoF/8qxMuPphiAnJODAB9Mv82Dt3n5OJIh7g== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=+nRC+b/av7IcmGe0uxy6ASM+L3B24FoMzt7s0PObOjk=; b=htLUlK5FEeW6zj8nK1rLnZdRsz6eUoYPpbvOZqhFgaSHmbYaFPbbHB6bUVozGUxfcFNNWmbvdk40jkkESzti6BoRUvkMln4MPo88tdw1AzkJhibflYemHnT7Ldp3Z2kz+pooLr3NhbUjPoNFkmnip3CZqx1/hJNao/V3Ad0sx9Hy7cHEjmDSv6YoaT7r1YFOG/rQzm9N7YuNbxh/FACfiN0mBmLLBmPHhSDITxcZJCKb4uhrwCl0R7ylIMm0DN/i9Smzm5/XTMqlsnzBkYdJO8R14Hw4g8ojYaIpL3aQRUnFEo8+oZ5Ov1yA5VZP+n0dFjg2GwbMrj7LyYJeQw1syQ== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=microsoft.com; dmarc=pass action=none header.from=microsoft.com; dkim=pass header.d=microsoft.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=+nRC+b/av7IcmGe0uxy6ASM+L3B24FoMzt7s0PObOjk=; b=e0JtTyohOSJjx633xUF2/xBv9I4TuRDuEqQB/6I1LOrpbcO8UsnxYBBXYByWgioPZko0BMFTJSCcpA6BQXuHtHlrlzcLELOdHwvO3QnzsVjucOI2+kSitRoCA03nRgJiuJDd83VJNJSwkTzfsyClLIq/Mr4YFR9zf8al1hvu+NI= Authentication-Results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=microsoft.com; Received: from BL0PR2101MB1092.namprd21.prod.outlook.com (2603:10b6:207:30::23) by PH8PR21MB3901.namprd21.prod.outlook.com (2603:10b6:510:23a::20) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6745.4; Thu, 24 Aug 2023 08:08:16 +0000 Received: from BL0PR2101MB1092.namprd21.prod.outlook.com ([fe80::b3df:a8e9:52dd:dfad]) by BL0PR2101MB1092.namprd21.prod.outlook.com ([fe80::b3df:a8e9:52dd:dfad%5]) with mapi id 15.20.6745.006; Thu, 24 Aug 2023 08:08:16 +0000 From: Dexuan Cui To: ak@linux.intel.com, arnd@arndb.de, bp@alien8.de, brijesh.singh@amd.com, dan.j.williams@intel.com, dave.hansen@intel.com, dave.hansen@linux.intel.com, haiyangz@microsoft.com, hpa@zytor.com, jane.chu@oracle.com, kirill.shutemov@linux.intel.com, kys@microsoft.com, linux-hyperv@vger.kernel.org, luto@kernel.org, mingo@redhat.com, peterz@infradead.org, rostedt@goodmis.org, sathyanarayanan.kuppuswamy@linux.intel.com, seanjc@google.com, tglx@linutronix.de, tony.luck@intel.com, wei.liu@kernel.org, Jason@zx2c4.com, nik.borisov@suse.com, mikelley@microsoft.com Cc: x86@kernel.org, linux-kernel@vger.kernel.org, linux-arch@vger.kernel.org, Tianyu.Lan@microsoft.com, rick.p.edgecombe@intel.com, andavis@redhat.com, mheslin@redhat.com, vkuznets@redhat.com, xiaoyao.li@intel.com, Dexuan Cui Subject: [PATCH v3 09/10] x86/hyperv: Remove hv_isolation_type_en_snp Date: Thu, 24 Aug 2023 01:07:11 -0700 Message-Id: <20230824080712.30327-10-decui@microsoft.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20230824080712.30327-1-decui@microsoft.com> References: <20230824080712.30327-1-decui@microsoft.com> X-ClientProxiedBy: CY5PR15CA0175.namprd15.prod.outlook.com (2603:10b6:930:81::20) To BL0PR2101MB1092.namprd21.prod.outlook.com (2603:10b6:207:30::23) MIME-Version: 1.0 X-MS-Exchange-MessageSentRepresentingType: 1 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: BL0PR2101MB1092:EE_|PH8PR21MB3901:EE_ X-MS-Office365-Filtering-Correlation-Id: ab1f1696-e1e6-4924-1f2d-08dba4794531 X-LD-Processed: 72f988bf-86f1-41af-91ab-2d7cd011db47,ExtAddr X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: nljIa4+KaR2if3K+LK7Xi/m0do1Jv/QrJGVjeyz1wLrLv3YqdnmqUsvOs/Rk+4LPBEcpHame+UrqulkKiTEeu7j+Ibh9CNaGmcyDSqUiDlugSCz/jTCDigeeI55qoA3QzXPy0C6cjvSK/2GctuYMl3hjof5k4QoRvugazmnSEEEAuHfqi3ImrAWgNYwKgS9paoSTXhUjQq4OcfsImvEHkxPI5qtyK8DvycZXbljZpkHLbdGvyRGYjeaW4t6X1wULDbL0Q0cds1L106sdTeh6YRcSsim3G6iBxyd71dY5LhqR1l4ohyEIVGLGjODVhAwZmRHnCLKYHYLIrdBc5eEwnofAO4M7f9lgG7L9iiMFto5DDDiugu4J8X4gx4KXAa0648ULBPYbG4/C7g0l34WYgVB+KOmBMtXuEh0hhpUaRTL0wXG4507YHRamd7hgx8H6x1vPM52eZ+glpzyHL7BELU3KxHaqVwBhpa4RDWAGKK6OIt+Sw5dsLu9faIiLHuYNeq+ntIcfljMBHnYEcHFfl/DZxTIpL4MZU9BF1oX/sEcfjNn1QA2vD6sfb7lFHQeM9l+dW9S68iyoGkIVT9023uxTFa2dR1wxnedmy9pt9FfEPIqn1vtgaiV9CW12x267QEnrcwXR5LDgfDSODLDddmRiUloQD7LEx7SPeaiSZuGxDQQHZNbbGjwlX+Q3IGOx X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:BL0PR2101MB1092.namprd21.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230031)(396003)(376002)(366004)(346002)(39860400002)(136003)(451199024)(1800799009)(186009)(12101799020)(478600001)(6486002)(10290500003)(6666004)(83380400001)(38100700002)(7406005)(82950400001)(921005)(2906002)(52116002)(7416002)(4326008)(1076003)(6506007)(2616005)(107886003)(6512007)(66556008)(36756003)(66476007)(86362001)(82960400001)(5660300002)(316002)(8676002)(8936002)(6636002)(66946007)(41300700001);DIR:OUT;SFP:1102; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: =?us-ascii?Q?3HcnQdvC3kOpfXnH1jMELV8+SRHbLMhz1rsyIXlVfdBb885rCn3ztkGBQ7MP?= =?us-ascii?Q?qMCCv3W+8ZDbN945SmwGub0AGKsGyWC5BY4QCWPQZMfO9XIAGcYGBjaO/WUA?= =?us-ascii?Q?1RjzEzguvEX0Y9UqIYeAveSZf16z1kOawIr3XzBjjC8mLI1P6hJM3R6YC/LG?= =?us-ascii?Q?G3oFyg4K9BF0hAolGaoyPiaazmXEKl0FGdclSMGNuql5krkXJt6CoSte2Arf?= =?us-ascii?Q?7Z3C61YG75Iis2hoBsE4F/KitxBZf6ZKFQ/Ptpp3yUErhMr27CRzuOGSHnux?= =?us-ascii?Q?lFb7uRbDaxTi9/iBZBnwO1ah6MGblYGYnZRXs4OH/Fb1uo175S1QozDd+9m7?= =?us-ascii?Q?1h7NMFkC+8r105peHVQ/roJw/R1MZ+qHN0hmUgFRNMfxReIAQ0mUn6FNYDhy?= =?us-ascii?Q?tMCu/k+S0gVAQjMpG5ujWQQzqpofBGFi9ATwOWVbyYd2FoA5BjYIoXrpgMeZ?= =?us-ascii?Q?3zD1qu11DpRU07LLtdD/A/ZLFDyTLzNdTIEiqfAD84c9oOP1dHfh7L/QjCel?= =?us-ascii?Q?csXR79F7CCXufVdGDgwn+9YRXMtmTqiA1o293jwedmfG4QZowxUtR21D0vKz?= =?us-ascii?Q?twaAKOIFa5RzFo+4MeqtONogTIJ6QzBo0HNnIWi15NMSOQYJqlBIR5eGFQbs?= =?us-ascii?Q?KDUetJ5hHP+3O0CjFGulkm08cPVt7R+yVe3j2rcmMtq4R8YpKKI2ZxJWdjUC?= =?us-ascii?Q?QcDZZhoTTb+e3GI6G93sq1MYyy8YpJPJdsTZbl4jxMchDimUI4l48Uxyzxjq?= =?us-ascii?Q?WYLCPg//y4dFT4q4eCeLkw5N0B95+y7RFhl8BZOCb+5m06ipgTBMnfSzapKq?= =?us-ascii?Q?MwOo6ndtOCaYW3Seudb99YwMOII5ZPR8XuWbc2aD1hHhU3N3nxrpaGiTTROI?= =?us-ascii?Q?TZZao/5MfmiaouDUK/jZyWyck43dwbtsJuVpb/Js29iB/ju6lQkOBgdYA2lK?= =?us-ascii?Q?4KG5nPsiyyIqdlyg+lY24P/1tLc4ONjP535wT6hcESBMlrB3MswD3P+bH3M3?= =?us-ascii?Q?Ivb5VOmN5cg44N/wXIbDeOB6nLLbkS/8fhnsmYVKU3L7Uo5nozn0sTorF/Jr?= =?us-ascii?Q?imw3zpUb93bI0l/Cvr/fvLsJpkDnU2r+UpV8jMMK3jhjXrGv7yCjhn4O82F8?= =?us-ascii?Q?Wt0BAoZV17Ab6flUCXEF24Rz9InnyKA5u0t7u5SHGzFr6n28SblqEjA7ZA/N?= =?us-ascii?Q?INgj+yVkmutnXpYnNKt9WcoT0tnKH7WvO8tbpb37jBkPD/GcD7+dWEUiW1E8?= =?us-ascii?Q?3RNAgP0I/afuibQwXck5Vj+oVy6RIOiO7VFM6+uJy/kXJwQD+WsdIH2uhe0m?= =?us-ascii?Q?pqSbWxF6/PYn/SacHwfnqoIufVCEg35S8CgIfOpJZOvboTbUsBmWAkniPR+1?= =?us-ascii?Q?mTYtn8/BMSk59QTsvHUSHmYl1yum0aC7ocSHwqIYaEewyZWLWF3jvbb2XgoD?= =?us-ascii?Q?nkfXjrmzAcxUeRaW9bOR4ozM4kpikA5Q7m+cIqYnqNc4bwi755DK/FwCcPPK?= =?us-ascii?Q?FkP/InLsOGhDo1bwhlBPqC0zqdRE6zQ8REB6+quFi3kRFMJXEUa0zOXZbtqM?= =?us-ascii?Q?dSckL7Hkp06Zuw8FUYARu1QYg/RKSzJtdKAKv6EQhTD+xePXuCcXpnpNEI6O?= =?us-ascii?Q?XBKxflmGhmwWTEBNGpf6hOYXdtqlf7rSO1OZu+U6Ad+8?= X-OriginatorOrg: microsoft.com X-MS-Exchange-CrossTenant-Network-Message-Id: ab1f1696-e1e6-4924-1f2d-08dba4794531 X-MS-Exchange-CrossTenant-AuthSource: BL0PR2101MB1092.namprd21.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 24 Aug 2023 08:08:16.4252 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 72f988bf-86f1-41af-91ab-2d7cd011db47 X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: GFtzrES78bXf21eaq2Ug1oGNfBMQS/SeidmsXolz5cXekrwmgLkiJDctw/ZodSdneU1CysjXjrWVz6HE+CrXoA== X-MS-Exchange-Transport-CrossTenantHeadersStamped: PH8PR21MB3901 Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" In ms_hyperv_init_platform(), do not distinguish between a SNP VM with the paravisor and a SNP VM without the paravisor. Replace hv_isolation_type_en_snp() with !ms_hyperv.paravisor_present && hv_isolation_type_snp(). The hv_isolation_type_en_snp() in drivers/hv/hv.c and drivers/hv/hv_common.c can be changed to hv_isolation_type_snp() since we know !ms_hyperv.paravisor_present is true there. Signed-off-by: Dexuan Cui Reviewed-by in the v6 patchset [2]. Reviewed-by: Michael Kelley Reviewed-by: Tianyu Lan --- Changes in v2: Rebased to Tianyu's v7 SNP patchset: the changes are small. In hyperv_init_ghcb() and hyperv_init(), added the test of hyperv_paravisor_present, which was missed in v1. Updated the test before the call of get_vtl(). Updated the test in hv_do_hypercall() and friends. Updated the test for hv_smp_prepare_cpus(). Changes in v3: hyperv_paravisor_present -> ms_hyperv.paravisor_present =20 arch/x86/hyperv/hv_init.c | 8 ++++---- arch/x86/hyperv/ivm.c | 12 +----------- arch/x86/include/asm/mshyperv.h | 11 ++++------- arch/x86/kernel/cpu/mshyperv.c | 10 ++++------ drivers/hv/hv.c | 4 ++-- drivers/hv/hv_common.c | 8 +------- include/asm-generic/mshyperv.h | 3 +-- 7 files changed, 17 insertions(+), 39 deletions(-) diff --git a/arch/x86/hyperv/hv_init.c b/arch/x86/hyperv/hv_init.c index c4cffa3b1c3c..2b0124394e24 100644 --- a/arch/x86/hyperv/hv_init.c +++ b/arch/x86/hyperv/hv_init.c @@ -52,7 +52,7 @@ static int hyperv_init_ghcb(void) void *ghcb_va; void **ghcb_base; =20 - if (!hv_isolation_type_snp()) + if (!ms_hyperv.paravisor_present || !hv_isolation_type_snp()) return 0; =20 if (!hv_ghcb_pg) @@ -117,7 +117,7 @@ static int hv_cpu_init(unsigned int cpu) * is blocked to run in Confidential VM. So only decrypt assist * page in non-root partition here. */ - if (*hvp && hv_isolation_type_en_snp()) { + if (*hvp && !ms_hyperv.paravisor_present && hv_isolation_type_snp()) { WARN_ON_ONCE(set_memory_decrypted((unsigned long)(*hvp), 1)); memset(*hvp, 0, PAGE_SIZE); } @@ -460,7 +460,7 @@ void __init hyperv_init(void) goto common_free; } =20 - if (hv_isolation_type_snp()) { + if (ms_hyperv.paravisor_present && hv_isolation_type_snp()) { /* Negotiate GHCB Version. */ if (!hv_ghcb_negotiate_protocol()) hv_ghcb_terminate(SEV_TERM_SET_GEN, @@ -583,7 +583,7 @@ void __init hyperv_init(void) hv_query_ext_cap(0); =20 /* Find the VTL */ - if (hv_isolation_type_en_snp()) + if (!ms_hyperv.paravisor_present && hv_isolation_type_snp()) ms_hyperv.vtl =3D get_vtl(); =20 return; diff --git a/arch/x86/hyperv/ivm.c b/arch/x86/hyperv/ivm.c index fbc07493fcb4..3d48f823582c 100644 --- a/arch/x86/hyperv/ivm.c +++ b/arch/x86/hyperv/ivm.c @@ -637,7 +637,7 @@ bool hv_is_isolation_supported(void) DEFINE_STATIC_KEY_FALSE(isolation_type_snp); =20 /* - * hv_isolation_type_snp - Check system runs in the AMD SEV-SNP based + * hv_isolation_type_snp - Check if the system runs in an AMD SEV-SNP based * isolation VM. */ bool hv_isolation_type_snp(void) @@ -645,16 +645,6 @@ bool hv_isolation_type_snp(void) return static_branch_unlikely(&isolation_type_snp); } =20 -DEFINE_STATIC_KEY_FALSE(isolation_type_en_snp); -/* - * hv_isolation_type_en_snp - Check system runs in the AMD SEV-SNP based - * isolation enlightened VM. - */ -bool hv_isolation_type_en_snp(void) -{ - return static_branch_unlikely(&isolation_type_en_snp); -} - DEFINE_STATIC_KEY_FALSE(isolation_type_tdx); /* * hv_isolation_type_tdx - Check if the system runs in an Intel TDX based diff --git a/arch/x86/include/asm/mshyperv.h b/arch/x86/include/asm/mshyper= v.h index 101f71b85cfd..66ca641a164a 100644 --- a/arch/x86/include/asm/mshyperv.h +++ b/arch/x86/include/asm/mshyperv.h @@ -26,7 +26,6 @@ union hv_ghcb; =20 DECLARE_STATIC_KEY_FALSE(isolation_type_snp); -DECLARE_STATIC_KEY_FALSE(isolation_type_en_snp); DECLARE_STATIC_KEY_FALSE(isolation_type_tdx); =20 typedef int (*hyperv_fill_flush_list_func)( @@ -50,7 +49,7 @@ extern u64 hv_current_partition_id; =20 extern union hv_ghcb * __percpu *hv_ghcb_pg; =20 -extern bool hv_isolation_type_en_snp(void); +bool hv_isolation_type_snp(void); bool hv_isolation_type_tdx(void); u64 hv_tdx_hypercall(u64 control, u64 param1, u64 param2); =20 @@ -79,7 +78,7 @@ static inline u64 hv_do_hypercall(u64 control, void *inpu= t, void *output) if (hv_isolation_type_tdx() && !hyperv_paravisor_present) return hv_tdx_hypercall(control, input_address, output_address); =20 - if (hv_isolation_type_en_snp()) { + if (hv_isolation_type_snp() && !hyperv_paravisor_present) { __asm__ __volatile__("mov %4, %%r8\n" "vmmcall" : "=3Da" (hv_status), ASM_CALL_CONSTRAINT, @@ -135,7 +134,7 @@ static inline u64 _hv_do_fast_hypercall8(u64 control, u= 64 input1) if (hv_isolation_type_tdx() && !hyperv_paravisor_present) return hv_tdx_hypercall(control, input1, 0); =20 - if (hv_isolation_type_en_snp()) { + if (hv_isolation_type_snp() && !hyperv_paravisor_present) { __asm__ __volatile__( "vmmcall" : "=3Da" (hv_status), ASM_CALL_CONSTRAINT, @@ -189,7 +188,7 @@ static inline u64 _hv_do_fast_hypercall16(u64 control, = u64 input1, u64 input2) if (hv_isolation_type_tdx() && !hyperv_paravisor_present) return hv_tdx_hypercall(control, input1, input2); =20 - if (hv_isolation_type_en_snp()) { + if (hv_isolation_type_snp() && !hyperv_paravisor_present) { __asm__ __volatile__("mov %4, %%r8\n" "vmmcall" : "=3Da" (hv_status), ASM_CALL_CONSTRAINT, @@ -284,8 +283,6 @@ static inline void hv_ghcb_terminate(unsigned int set, = unsigned int reason) {} static inline int hv_snp_boot_ap(int cpu, unsigned long start_ip) { return= 0; } #endif =20 -extern bool hv_isolation_type_snp(void); - #if defined(CONFIG_AMD_MEM_ENCRYPT) || defined(CONFIG_INTEL_TDX_GUEST) void hv_vtom_init(void); void hv_ivm_msr_write(u64 msr, u64 value); diff --git a/arch/x86/kernel/cpu/mshyperv.c b/arch/x86/kernel/cpu/mshyperv.c index 4f51dac9eeb2..b63590ffc777 100644 --- a/arch/x86/kernel/cpu/mshyperv.c +++ b/arch/x86/kernel/cpu/mshyperv.c @@ -304,7 +304,7 @@ static void __init hv_smp_prepare_cpus(unsigned int max= _cpus) * Override wakeup_secondary_cpu_64 callback for SEV-SNP * enlightened guest. */ - if (hv_isolation_type_en_snp()) { + if (!ms_hyperv.paravisor_present && hv_isolation_type_snp()) { apic->wakeup_secondary_cpu_64 =3D hv_snp_boot_ap; return; } @@ -440,10 +440,7 @@ static void __init ms_hyperv_init_platform(void) =20 =20 if (hv_get_isolation_type() =3D=3D HV_ISOLATION_TYPE_SNP) { - if (ms_hyperv.paravisor_present) - static_branch_enable(&isolation_type_snp); - else - static_branch_enable(&isolation_type_en_snp); + static_branch_enable(&isolation_type_snp); } else if (hv_get_isolation_type() =3D=3D HV_ISOLATION_TYPE_TDX) { static_branch_enable(&isolation_type_tdx); =20 @@ -556,7 +553,8 @@ static void __init ms_hyperv_init_platform(void) =20 # ifdef CONFIG_SMP smp_ops.smp_prepare_boot_cpu =3D hv_smp_prepare_boot_cpu; - if (hv_root_partition || hv_isolation_type_en_snp()) + if (hv_root_partition || + (!ms_hyperv.paravisor_present && hv_isolation_type_snp())) smp_ops.smp_prepare_cpus =3D hv_smp_prepare_cpus; # endif =20 diff --git a/drivers/hv/hv.c b/drivers/hv/hv.c index 523c5d99f375..51e5018ac9b2 100644 --- a/drivers/hv/hv.c +++ b/drivers/hv/hv.c @@ -164,7 +164,7 @@ int hv_synic_alloc(void) } =20 if (!ms_hyperv.paravisor_present && - (hv_isolation_type_en_snp() || hv_isolation_type_tdx())) { + (hv_isolation_type_snp() || hv_isolation_type_tdx())) { ret =3D set_memory_decrypted((unsigned long) hv_cpu->synic_message_page, 1); if (ret) { @@ -225,7 +225,7 @@ void hv_synic_free(void) } =20 if (!ms_hyperv.paravisor_present && - (hv_isolation_type_en_snp() || hv_isolation_type_tdx())) { + (hv_isolation_type_snp() || hv_isolation_type_tdx())) { if (hv_cpu->synic_message_page) { ret =3D set_memory_encrypted((unsigned long) hv_cpu->synic_message_page, 1); diff --git a/drivers/hv/hv_common.c b/drivers/hv/hv_common.c index e62d64753902..81aa8be3e0df 100644 --- a/drivers/hv/hv_common.c +++ b/drivers/hv/hv_common.c @@ -383,7 +383,7 @@ int hv_common_cpu_init(unsigned int cpu) } =20 if (!ms_hyperv.paravisor_present && - (hv_isolation_type_en_snp() || hv_isolation_type_tdx())) { + (hv_isolation_type_snp() || hv_isolation_type_tdx())) { ret =3D set_memory_decrypted((unsigned long)mem, pgcount); if (ret) { /* It may be unsafe to free 'mem' */ @@ -532,12 +532,6 @@ bool __weak hv_isolation_type_snp(void) } EXPORT_SYMBOL_GPL(hv_isolation_type_snp); =20 -bool __weak hv_isolation_type_en_snp(void) -{ - return false; -} -EXPORT_SYMBOL_GPL(hv_isolation_type_en_snp); - bool __weak hv_isolation_type_tdx(void) { return false; diff --git a/include/asm-generic/mshyperv.h b/include/asm-generic/mshyperv.h index f577eff58ea0..e7ecf03f675e 100644 --- a/include/asm-generic/mshyperv.h +++ b/include/asm-generic/mshyperv.h @@ -64,8 +64,7 @@ extern void * __percpu *hyperv_pcpu_output_arg; =20 extern u64 hv_do_hypercall(u64 control, void *inputaddr, void *outputaddr); extern u64 hv_do_fast_hypercall8(u16 control, u64 input8); -extern bool hv_isolation_type_snp(void); -extern bool hv_isolation_type_en_snp(void); +bool hv_isolation_type_snp(void); bool hv_isolation_type_tdx(void); =20 /* Helper functions that provide a consistent pattern for checking Hyper-V= hypercall status. */ --=20 2.25.1 From nobody Thu Dec 18 06:32:21 2025 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id EEDA5EE49B2 for ; Thu, 24 Aug 2023 08:11:33 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S240407AbjHXILR (ORCPT ); Thu, 24 Aug 2023 04:11:17 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:46470 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S240572AbjHXIKt (ORCPT ); Thu, 24 Aug 2023 04:10:49 -0400 Received: from DM6FTOPR00CU001.outbound.protection.outlook.com (mail-centralusazon11020019.outbound.protection.outlook.com [52.101.61.19]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 6875019A0; Thu, 24 Aug 2023 01:10:19 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=mAy2EOTTDybv66nuw5oFKw90DWupTFzr7FAfmt5I4nD1KbPtTfItqPHygZt+XuqqFeGhY9jCVyQTgGOPuiIMFVwFtmFWMGuSgEWTL8fg6iOoaiV9nYmEr537dCVQuoDEknXfmEFhH4Jb9wjuGaNCMagJt7d/U67BROZIGuSvzDAdxbqVVK4l4axCWCWrck6Q3Ihlt/5eMyvLioycRY3W/hL0K3vy5yyOenAtP/16h8axZDNStqYHu573iJqaIM/O0N1COQxlAF+y+ZOEhs3xgNrzAEGdV4tz4hHp+IyPKenCUwTn0MRDE4JTLENyp6yg5ySwbTb1nlpCjJSe665TyQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=xxoVD7VtqZ1PESoEapVI9djwjmZYO03sBA++PPKSlHg=; b=NGU1yxrmPJOfkjLtFa8bdII503d861hlfzjN7Z8HHOO0wCzqp0tCHf5DiVH8q/PB3XXGV/4cst0eFZ82f+Hc2Ytx3Y5V7yJPHDCkUBarnH4ZHOWndPkiUsr3bxzb+A9g4xaaNBR507HaLxA03xoVDenRSs3E2uJS7HhWJHOa2j2ZnNbk0Zw9NU3QMekrUN3PG8LQx/uIS6KxeSxNrm+WuWWz4yCXE1oLjXtFyFNDdbeXxS9weX3xpE+cE2g1A+CU7fknc6WXelZL4pH8LWI2oWHvFFe21eTzVmn7X8gSftRrmKLWakOwxE6OBDKSeSWnoBrSeCiCn0PWHXvIKxMu2A== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=microsoft.com; dmarc=pass action=none header.from=microsoft.com; dkim=pass header.d=microsoft.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=xxoVD7VtqZ1PESoEapVI9djwjmZYO03sBA++PPKSlHg=; b=KP2+i3ApPZk8hZ+rAzXkttIFfI+NISWUoISGf16Z9bVVCbOjncpyi+cY7SSQ6qb0jSfP+hm4PJTLGBBzqJWVQSJZIGPuuS3Tm0K2IkQHoxvz829s7CoJD6RIC4XA/ZZPGa5RdmlY0qmOiTSK0tAyzNUCb6NY3zJYO3Eb7p4Gh10= Authentication-Results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=microsoft.com; Received: from BL0PR2101MB1092.namprd21.prod.outlook.com (2603:10b6:207:30::23) by PH8PR21MB3901.namprd21.prod.outlook.com (2603:10b6:510:23a::20) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6745.4; Thu, 24 Aug 2023 08:08:19 +0000 Received: from BL0PR2101MB1092.namprd21.prod.outlook.com ([fe80::b3df:a8e9:52dd:dfad]) by BL0PR2101MB1092.namprd21.prod.outlook.com ([fe80::b3df:a8e9:52dd:dfad%5]) with mapi id 15.20.6745.006; Thu, 24 Aug 2023 08:08:19 +0000 From: Dexuan Cui To: ak@linux.intel.com, arnd@arndb.de, bp@alien8.de, brijesh.singh@amd.com, dan.j.williams@intel.com, dave.hansen@intel.com, dave.hansen@linux.intel.com, haiyangz@microsoft.com, hpa@zytor.com, jane.chu@oracle.com, kirill.shutemov@linux.intel.com, kys@microsoft.com, linux-hyperv@vger.kernel.org, luto@kernel.org, mingo@redhat.com, peterz@infradead.org, rostedt@goodmis.org, sathyanarayanan.kuppuswamy@linux.intel.com, seanjc@google.com, tglx@linutronix.de, tony.luck@intel.com, wei.liu@kernel.org, Jason@zx2c4.com, nik.borisov@suse.com, mikelley@microsoft.com Cc: x86@kernel.org, linux-kernel@vger.kernel.org, linux-arch@vger.kernel.org, Tianyu.Lan@microsoft.com, rick.p.edgecombe@intel.com, andavis@redhat.com, mheslin@redhat.com, vkuznets@redhat.com, xiaoyao.li@intel.com, Dexuan Cui Subject: [PATCH v3 10/10] x86/hyperv: Move the code in ivm.c around to avoid unnecessary ifdef's Date: Thu, 24 Aug 2023 01:07:12 -0700 Message-Id: <20230824080712.30327-11-decui@microsoft.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20230824080712.30327-1-decui@microsoft.com> References: <20230824080712.30327-1-decui@microsoft.com> X-ClientProxiedBy: CY5PR15CA0175.namprd15.prod.outlook.com (2603:10b6:930:81::20) To BL0PR2101MB1092.namprd21.prod.outlook.com (2603:10b6:207:30::23) MIME-Version: 1.0 X-MS-Exchange-MessageSentRepresentingType: 1 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: BL0PR2101MB1092:EE_|PH8PR21MB3901:EE_ X-MS-Office365-Filtering-Correlation-Id: 7f854597-4620-4707-8dd3-08dba47946cd X-LD-Processed: 72f988bf-86f1-41af-91ab-2d7cd011db47,ExtAddr X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: iFhMVq3Hu4nVAvCT5GsNK7betCExKGYkg8vBBaaQzpfA4F5gUqaE7CwpE6dimgaHLj16B4d7hH6Pfo6otpxbOkDk6k3JJqPcE/fPV3oaYBJ5mHlbI6FiO2z4rV2HgWPF1cECUhbdLA30/OvqdiNBX9ZTnypf+3qruIM3vpmmnYj3YZmvMxXDGbyS2ZeddotIfSsWkIetGMi3BSf4egLz/IN48pM0RZXVb/BEBL0gAqhAG1BNye63xMPRpMKPvbDHnBTEkH77l6Fb95tc3pngMYl/fgfs9K7Q/8neJeY/RFt1+NDwicMZwyKd332cS5ppSg4urk5w9+1I2xnonhAAoU+dRPwlOklHHIKs3p0c5e9Q/fXXBSLaOTR2Nj/4bMIsSus9c/tm9/IFyUZz6X3a69WvQYeLMKtSujtcGfLKlxF9ftbCQuWvLsgY4H8FuYy28/EQQQg6l6LeTt2uZ/OLotaaU+zy3QnB7SCORqqz+MDi4IY/ZeAl+72euN5j+R9PVxXPc7JrpoT0S1dAchB/vLGdRXUBy7irD98cg2zg7Y8rJmbFyVMjDVGfGvTlOuEoL0m9v3uVonfU6+xqT1CNNpLkBfRdod3l0/sEs/SUjpFhOSoGA5aY3lhv5ngFU49jwzEqhECZRyD4/E2Da8cMg3auuds3v5o8Ji6jnPYC7raDZwuxjr4iv/69PVf/yzW4 X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:BL0PR2101MB1092.namprd21.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230031)(396003)(376002)(366004)(346002)(39860400002)(136003)(451199024)(1800799009)(186009)(12101799020)(478600001)(6486002)(10290500003)(6666004)(83380400001)(38100700002)(7406005)(82950400001)(921005)(2906002)(52116002)(7416002)(4326008)(1076003)(6506007)(2616005)(107886003)(6512007)(30864003)(66556008)(36756003)(66476007)(86362001)(82960400001)(5660300002)(316002)(8676002)(8936002)(6636002)(66946007)(41300700001);DIR:OUT;SFP:1102; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: =?us-ascii?Q?9qncviO4W4NedtKKcuuZqFnk3dJKasD/GEIMteyitDMu67uReC/mZj+J+0/q?= =?us-ascii?Q?iT/iVJ94tkGcNhfp3iadQAlm7oynk89rJFpryYWXweXdl5CV6qsn/ko+pDiI?= =?us-ascii?Q?cqSBLeyM4VozPdRSFt3qW6UesXswaZUP0KWPg2PFzL6tWN14qpOOqoWIqbzn?= =?us-ascii?Q?NXXNXNKAbafRgXAteoNCzKZGg96o5QLzGJT+M4xzHLs+XJrPO/4MuIzsiX/B?= =?us-ascii?Q?l+y/pAql36RgLkXeZ7gAo8EgX9eXUUa/ZMe3nHSDAt3PaJkFlQLGl5hqY0bh?= =?us-ascii?Q?eRQry+nVNsZJz279fQJt6Q7wwjaHwH7gvF0OeARGz+AcgmDy9JksdoPsLfZd?= =?us-ascii?Q?93JWggArEe5wwgVHu/kGN+4SPlwVp08rr5wX96/whGo5w3zGMkoLvLhyensJ?= =?us-ascii?Q?eD4672LypncDZiTJ7GVHpxFkBsvc5Dxjxrxxq33HfQSwNLpCpIvxcaOLD6vi?= =?us-ascii?Q?rNOW8+EO9LE+0x2C6bKA/lYjShQMLgCOwbdI47LwnUcgZssWgU/HLjTllzFg?= =?us-ascii?Q?7FBVwZVpj6fKMHe6ff8C97bAoJ/Eu1vj+84CjtB3u3i+tnfuqnN5s0QZIdx4?= =?us-ascii?Q?qrrq2OcqJ2EQMtwneiSsR/vq0nEVfHshTICWeObmwXuknhvFug/ANYSJBiSt?= =?us-ascii?Q?3T9iChtOxcqC4b/DHY6pgJqGQ2MAIWF+1oZ97MpLeDR4dG5R8NIAPez7YRt8?= =?us-ascii?Q?oxcnqiG/vM70Mm3skeMrzP2/CIBCe97Er2rQ6aZi2avnT9CtGgEYjrxEMfJS?= =?us-ascii?Q?DLd/MfcW7mU60yku2WGrXGYOTpHjzVzJzm/yat4QHAhCmHP85D8KOmlbNljI?= =?us-ascii?Q?Pri+1XFi1WooGR8uZEVsAzNMfZuoRqExfrXAYanMjvtfnNj1uUpk/zI3kI1d?= =?us-ascii?Q?yJ9Cbe9oozWbxV0VdbVENWCIJqSQynThlvjRVMTibVHGYTnuLbGkqltVdz+I?= =?us-ascii?Q?K1mNUYXGxaNxIIcbl9DtknqanhqisP2vpV6aar2W9ylvJP8iIo0f5ZF3yUGX?= =?us-ascii?Q?KZTdpNBJVh07TI6hkKAOa28H9x85VqdXMJQiEliP0B9KQsF1dwkXh2VXq47S?= =?us-ascii?Q?P6XtFsLu5DbU0PvKVgr1G7BL6nQGxylWaXpFubs5P7Ur3DysILQoulaSM4Ij?= =?us-ascii?Q?BhEmrtroLsb+yRD1TkdpiKUpOTJ0gR0vE910MddpcY0SUhcvVFxNBBjJDb9E?= =?us-ascii?Q?ytbTZxqrEmdHzObx/RS485jTsWTL8UkmeOgEI+7B+SEZhMyM2T6JXJ38Mi4s?= =?us-ascii?Q?YldynVkjchIWDMtRqk0pZmE9GwODlAARsQyqiB7pUR0OATyreCX0Hhopx4WE?= =?us-ascii?Q?7mPfyJXXAT+DwUv9mUN7XBBq4ko5NpbfrAtFkZqMPt0tyYF9dLRFKdDWnh/C?= =?us-ascii?Q?9L9B/9YcNRrs5BGklrbFmxQD5DKkMNtxhMwzKzZEHt/g3xAJC0euwXpyvIxh?= =?us-ascii?Q?I+o/7q0bSwq0o/9VuEu5rZnlpDel4K6L4tFOw4ZD+7q6joGiA4izHvB2Wr8O?= =?us-ascii?Q?nbhycI3yqxrblsMoyZe3/9QfiFoJmr37o5n9UM4tXoWllJK8ys8j7bqcZBlF?= =?us-ascii?Q?kaeqkLGfTKZR1GzM2MY5n+bkG6Jzhrl/GASkjCssQRmmblDmIIE6qjWqtzkW?= =?us-ascii?Q?0I8fcdbm8zEbeO7G+UZbDVUqQwgFdmz1SOLPDrnVMB81?= X-OriginatorOrg: microsoft.com X-MS-Exchange-CrossTenant-Network-Message-Id: 7f854597-4620-4707-8dd3-08dba47946cd X-MS-Exchange-CrossTenant-AuthSource: BL0PR2101MB1092.namprd21.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 24 Aug 2023 08:08:19.1259 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 72f988bf-86f1-41af-91ab-2d7cd011db47 X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: 6cuM4nH6oOCngTk+/IW+WdfPotEw7oE7uEySCl3Bm6ZarcxK264tsg3kRtLCEVdP2TifiAseEBjXRvsihRNTQw== X-MS-Exchange-Transport-CrossTenantHeadersStamped: PH8PR21MB3901 Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Group the code this way so that we can avoid too many ifdef's: Data only used in an SNP VM with the paravisor; Functions only used in an SNP VM with the paravisor; Data only used in an SNP VM without the paravisor; Functions only used in an SNP VM without the paravisor; Functions only used in a TDX VM, with and without the paravisor; Functions used in an SNP or TDX VM, when the paravisor is present; Functions always used, even in a regular non-CoCo VM. No functional change. Signed-off-by: Dexuan Cui Reviewed-by in the v6 patchset [2]. Reviewed-by: Michael Kelley Reviewed-by: Tianyu Lan --- This patch appears the first time in v3. arch/x86/hyperv/ivm.c | 309 ++++++++++++++++++++---------------------- 1 file changed, 150 insertions(+), 159 deletions(-) diff --git a/arch/x86/hyperv/ivm.c b/arch/x86/hyperv/ivm.c index 3d48f823582c..8fb3b28670e9 100644 --- a/arch/x86/hyperv/ivm.c +++ b/arch/x86/hyperv/ivm.c @@ -30,9 +30,6 @@ =20 #define GHCB_USAGE_HYPERV_CALL 1 =20 -static u8 ap_start_input_arg[PAGE_SIZE] __bss_decrypted __aligned(PAGE_SIZ= E); -static u8 ap_start_stack[PAGE_SIZE] __aligned(PAGE_SIZE); - union hv_ghcb { struct ghcb ghcb; struct { @@ -66,10 +63,10 @@ union hv_ghcb { } hypercall; } __packed __aligned(HV_HYP_PAGE_SIZE); =20 -static DEFINE_PER_CPU(struct sev_es_save_area *, hv_sev_vmsa); - +/* Only used in an SNP VM with the paravisor */ static u16 hv_ghcb_version __ro_after_init; =20 +/* Functions only used in an SNP VM with the paravisor go here. */ u64 hv_ghcb_hypercall(u64 control, void *input, void *output, u32 input_si= ze) { union hv_ghcb *hv_ghcb; @@ -247,6 +244,140 @@ static void hv_ghcb_msr_read(u64 msr, u64 *value) local_irq_restore(flags); } =20 +/* Only used in a fully enlightened SNP VM, i.e. without the paravisor */ +static u8 ap_start_input_arg[PAGE_SIZE] __bss_decrypted __aligned(PAGE_SIZ= E); +static u8 ap_start_stack[PAGE_SIZE] __aligned(PAGE_SIZE); +static DEFINE_PER_CPU(struct sev_es_save_area *, hv_sev_vmsa); + +/* Functions only used in an SNP VM without the paravisor go here. */ + +#define hv_populate_vmcb_seg(seg, gdtr_base) \ +do { \ + if (seg.selector) { \ + seg.base =3D 0; \ + seg.limit =3D HV_AP_SEGMENT_LIMIT; \ + seg.attrib =3D *(u16 *)(gdtr_base + seg.selector + 5); \ + seg.attrib =3D (seg.attrib & 0xFF) | ((seg.attrib >> 4) & 0xF00); \ + } \ +} while (0) \ + +static int snp_set_vmsa(void *va, bool vmsa) +{ + u64 attrs; + + /* + * Running at VMPL0 allows the kernel to change the VMSA bit for a page + * using the RMPADJUST instruction. However, for the instruction to + * succeed it must target the permissions of a lesser privileged + * (higher numbered) VMPL level, so use VMPL1 (refer to the RMPADJUST + * instruction in the AMD64 APM Volume 3). + */ + attrs =3D 1; + if (vmsa) + attrs |=3D RMPADJUST_VMSA_PAGE_BIT; + + return rmpadjust((unsigned long)va, RMP_PG_SIZE_4K, attrs); +} + +static void snp_cleanup_vmsa(struct sev_es_save_area *vmsa) +{ + int err; + + err =3D snp_set_vmsa(vmsa, false); + if (err) + pr_err("clear VMSA page failed (%u), leaking page\n", err); + else + free_page((unsigned long)vmsa); +} + +int hv_snp_boot_ap(int cpu, unsigned long start_ip) +{ + struct sev_es_save_area *vmsa =3D (struct sev_es_save_area *) + __get_free_page(GFP_KERNEL | __GFP_ZERO); + struct sev_es_save_area *cur_vmsa; + struct desc_ptr gdtr; + u64 ret, retry =3D 5; + struct hv_enable_vp_vtl *start_vp_input; + unsigned long flags; + + if (!vmsa) + return -ENOMEM; + + native_store_gdt(&gdtr); + + vmsa->gdtr.base =3D gdtr.address; + vmsa->gdtr.limit =3D gdtr.size; + + asm volatile("movl %%es, %%eax;" : "=3Da" (vmsa->es.selector)); + hv_populate_vmcb_seg(vmsa->es, vmsa->gdtr.base); + + asm volatile("movl %%cs, %%eax;" : "=3Da" (vmsa->cs.selector)); + hv_populate_vmcb_seg(vmsa->cs, vmsa->gdtr.base); + + asm volatile("movl %%ss, %%eax;" : "=3Da" (vmsa->ss.selector)); + hv_populate_vmcb_seg(vmsa->ss, vmsa->gdtr.base); + + asm volatile("movl %%ds, %%eax;" : "=3Da" (vmsa->ds.selector)); + hv_populate_vmcb_seg(vmsa->ds, vmsa->gdtr.base); + + vmsa->efer =3D native_read_msr(MSR_EFER); + + asm volatile("movq %%cr4, %%rax;" : "=3Da" (vmsa->cr4)); + asm volatile("movq %%cr3, %%rax;" : "=3Da" (vmsa->cr3)); + asm volatile("movq %%cr0, %%rax;" : "=3Da" (vmsa->cr0)); + + vmsa->xcr0 =3D 1; + vmsa->g_pat =3D HV_AP_INIT_GPAT_DEFAULT; + vmsa->rip =3D (u64)secondary_startup_64_no_verify; + vmsa->rsp =3D (u64)&ap_start_stack[PAGE_SIZE]; + + /* + * Set the SNP-specific fields for this VMSA: + * VMPL level + * SEV_FEATURES (matches the SEV STATUS MSR right shifted 2 bits) + */ + vmsa->vmpl =3D 0; + vmsa->sev_features =3D sev_status >> 2; + + ret =3D snp_set_vmsa(vmsa, true); + if (!ret) { + pr_err("RMPADJUST(%llx) failed: %llx\n", (u64)vmsa, ret); + free_page((u64)vmsa); + return ret; + } + + local_irq_save(flags); + start_vp_input =3D (struct hv_enable_vp_vtl *)ap_start_input_arg; + memset(start_vp_input, 0, sizeof(*start_vp_input)); + start_vp_input->partition_id =3D -1; + start_vp_input->vp_index =3D cpu; + start_vp_input->target_vtl.target_vtl =3D ms_hyperv.vtl; + *(u64 *)&start_vp_input->vp_context =3D __pa(vmsa) | 1; + + do { + ret =3D hv_do_hypercall(HVCALL_START_VP, + start_vp_input, NULL); + } while (hv_result(ret) =3D=3D HV_STATUS_TIME_OUT && retry--); + + local_irq_restore(flags); + + if (!hv_result_success(ret)) { + pr_err("HvCallStartVirtualProcessor failed: %llx\n", ret); + snp_cleanup_vmsa(vmsa); + vmsa =3D NULL; + } + + cur_vmsa =3D per_cpu(hv_sev_vmsa, cpu); + /* Free up any previous VMSA page */ + if (cur_vmsa) + snp_cleanup_vmsa(cur_vmsa); + + /* Record the current VMSA page */ + per_cpu(hv_sev_vmsa, cpu) =3D vmsa; + + return ret; +} + #else static inline void hv_ghcb_msr_write(u64 msr, u64 value) {} static inline void hv_ghcb_msr_read(u64 msr, u64 *value) {} @@ -282,6 +413,20 @@ static void hv_tdx_msr_read(u64 msr, u64 *val) else *val =3D args.r11; } + +u64 hv_tdx_hypercall(u64 control, u64 param1, u64 param2) +{ + struct tdx_hypercall_args args =3D { }; + + args.r10 =3D control; + args.rdx =3D param1; + args.r8 =3D param2; + + (void)__tdx_hypercall_ret(&args); + + return args.r11; +} + #else static inline void hv_tdx_msr_write(u64 msr, u64 value) {} static inline void hv_tdx_msr_read(u64 msr, u64 *value) {} @@ -309,9 +454,7 @@ void hv_ivm_msr_read(u64 msr, u64 *value) else if (hv_isolation_type_snp()) hv_ghcb_msr_read(msr, value); } -#endif =20 -#if defined(CONFIG_AMD_MEM_ENCRYPT) || defined(CONFIG_INTEL_TDX_GUEST) /* * hv_mark_gpa_visibility - Set pages visible to host via hvcall. * @@ -432,141 +575,6 @@ static bool hv_is_private_mmio(u64 addr) return false; } =20 -#endif /* defined(CONFIG_AMD_MEM_ENCRYPT) || defined(CONFIG_INTEL_TDX_GUES= T) */ - -#ifdef CONFIG_AMD_MEM_ENCRYPT - -#define hv_populate_vmcb_seg(seg, gdtr_base) \ -do { \ - if (seg.selector) { \ - seg.base =3D 0; \ - seg.limit =3D HV_AP_SEGMENT_LIMIT; \ - seg.attrib =3D *(u16 *)(gdtr_base + seg.selector + 5); \ - seg.attrib =3D (seg.attrib & 0xFF) | ((seg.attrib >> 4) & 0xF00); \ - } \ -} while (0) \ - -static int snp_set_vmsa(void *va, bool vmsa) -{ - u64 attrs; - - /* - * Running at VMPL0 allows the kernel to change the VMSA bit for a page - * using the RMPADJUST instruction. However, for the instruction to - * succeed it must target the permissions of a lesser privileged - * (higher numbered) VMPL level, so use VMPL1 (refer to the RMPADJUST - * instruction in the AMD64 APM Volume 3). - */ - attrs =3D 1; - if (vmsa) - attrs |=3D RMPADJUST_VMSA_PAGE_BIT; - - return rmpadjust((unsigned long)va, RMP_PG_SIZE_4K, attrs); -} - -static void snp_cleanup_vmsa(struct sev_es_save_area *vmsa) -{ - int err; - - err =3D snp_set_vmsa(vmsa, false); - if (err) - pr_err("clear VMSA page failed (%u), leaking page\n", err); - else - free_page((unsigned long)vmsa); -} - -int hv_snp_boot_ap(int cpu, unsigned long start_ip) -{ - struct sev_es_save_area *vmsa =3D (struct sev_es_save_area *) - __get_free_page(GFP_KERNEL | __GFP_ZERO); - struct sev_es_save_area *cur_vmsa; - struct desc_ptr gdtr; - u64 ret, retry =3D 5; - struct hv_enable_vp_vtl *start_vp_input; - unsigned long flags; - - if (!vmsa) - return -ENOMEM; - - native_store_gdt(&gdtr); - - vmsa->gdtr.base =3D gdtr.address; - vmsa->gdtr.limit =3D gdtr.size; - - asm volatile("movl %%es, %%eax;" : "=3Da" (vmsa->es.selector)); - hv_populate_vmcb_seg(vmsa->es, vmsa->gdtr.base); - - asm volatile("movl %%cs, %%eax;" : "=3Da" (vmsa->cs.selector)); - hv_populate_vmcb_seg(vmsa->cs, vmsa->gdtr.base); - - asm volatile("movl %%ss, %%eax;" : "=3Da" (vmsa->ss.selector)); - hv_populate_vmcb_seg(vmsa->ss, vmsa->gdtr.base); - - asm volatile("movl %%ds, %%eax;" : "=3Da" (vmsa->ds.selector)); - hv_populate_vmcb_seg(vmsa->ds, vmsa->gdtr.base); - - vmsa->efer =3D native_read_msr(MSR_EFER); - - asm volatile("movq %%cr4, %%rax;" : "=3Da" (vmsa->cr4)); - asm volatile("movq %%cr3, %%rax;" : "=3Da" (vmsa->cr3)); - asm volatile("movq %%cr0, %%rax;" : "=3Da" (vmsa->cr0)); - - vmsa->xcr0 =3D 1; - vmsa->g_pat =3D HV_AP_INIT_GPAT_DEFAULT; - vmsa->rip =3D (u64)secondary_startup_64_no_verify; - vmsa->rsp =3D (u64)&ap_start_stack[PAGE_SIZE]; - - /* - * Set the SNP-specific fields for this VMSA: - * VMPL level - * SEV_FEATURES (matches the SEV STATUS MSR right shifted 2 bits) - */ - vmsa->vmpl =3D 0; - vmsa->sev_features =3D sev_status >> 2; - - ret =3D snp_set_vmsa(vmsa, true); - if (!ret) { - pr_err("RMPADJUST(%llx) failed: %llx\n", (u64)vmsa, ret); - free_page((u64)vmsa); - return ret; - } - - local_irq_save(flags); - start_vp_input =3D (struct hv_enable_vp_vtl *)ap_start_input_arg; - memset(start_vp_input, 0, sizeof(*start_vp_input)); - start_vp_input->partition_id =3D -1; - start_vp_input->vp_index =3D cpu; - start_vp_input->target_vtl.target_vtl =3D ms_hyperv.vtl; - *(u64 *)&start_vp_input->vp_context =3D __pa(vmsa) | 1; - - do { - ret =3D hv_do_hypercall(HVCALL_START_VP, - start_vp_input, NULL); - } while (hv_result(ret) =3D=3D HV_STATUS_TIME_OUT && retry--); - - local_irq_restore(flags); - - if (!hv_result_success(ret)) { - pr_err("HvCallStartVirtualProcessor failed: %llx\n", ret); - snp_cleanup_vmsa(vmsa); - vmsa =3D NULL; - } - - cur_vmsa =3D per_cpu(hv_sev_vmsa, cpu); - /* Free up any previous VMSA page */ - if (cur_vmsa) - snp_cleanup_vmsa(cur_vmsa); - - /* Record the current VMSA page */ - per_cpu(hv_sev_vmsa, cpu) =3D vmsa; - - return ret; -} - -#endif /* CONFIG_AMD_MEM_ENCRYPT */ - -#if defined(CONFIG_AMD_MEM_ENCRYPT) || defined(CONFIG_INTEL_TDX_GUEST) - void __init hv_vtom_init(void) { enum hv_isolation_type type =3D hv_get_isolation_type(); @@ -654,20 +662,3 @@ bool hv_isolation_type_tdx(void) { return static_branch_unlikely(&isolation_type_tdx); } - -#ifdef CONFIG_INTEL_TDX_GUEST - -u64 hv_tdx_hypercall(u64 control, u64 param1, u64 param2) -{ - struct tdx_hypercall_args args =3D { }; - - args.r10 =3D control; - args.rdx =3D param1; - args.r8 =3D param2; - - (void)__tdx_hypercall_ret(&args); - - return args.r11; -} - -#endif --=20 2.25.1