From nobody Sun Feb 8 05:28:18 2026 Received: from mgamail.intel.com (mgamail.intel.com [198.175.65.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id BA64FD29E for ; Sat, 9 Mar 2024 21:02:46 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=198.175.65.17 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1710018168; cv=none; b=GwNaQ1U0AY9GZ6eEevA9NB55yedmtOeUk7tuIo9/RAnvYsPPl146rCoBMoKg6BLkgs8fDkFOHhadyQVd759/G8HvZeMCxUZUrm0lCR2o2/8lRaI6QcorBG5FsjwIxxU0h/jJTtQ4hVFTv+MxiHDafeGDqXvchwX73Gc2F0g7Jg8= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1710018168; c=relaxed/simple; bh=7PF0+D1IOCR6YLRa244+vy+ff5vcASshR/asOF7cdrk=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=A1o+7keuq2QBR8OJL5d1zh5rgKOg0SsaVRX5RunTISYDZ3dtDBfY8H35EMY4WqUbKrBUk/XoRo6wvRsHlSIK1D/oWTMjM7J9bwxQ6yR7UeferOvzVFOfOi3hBOCTRDiFIqso8E0GOKksXcRqAu0jacEgSH6VW9cjRouC2e0lnm8= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.intel.com; spf=none smtp.helo=mgamail.intel.com; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b=Igd8khMh; arc=none smtp.client-ip=198.175.65.17 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.intel.com Authentication-Results: smtp.subspace.kernel.org; spf=none smtp.helo=mgamail.intel.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b="Igd8khMh" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1710018167; x=1741554167; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=7PF0+D1IOCR6YLRa244+vy+ff5vcASshR/asOF7cdrk=; b=Igd8khMhBv4cDaT8IEOY6ODkWLieBt8qRz1FO4dmR2xMQsbZFqA3wvzu KMu5zNeypIN/bFVLr/tL/iuAc0sda6oWcV5CI810QP0aEm3ts28eTTkQR Drxfm9qi4KSbRswycHoGm8ZjMFcYV4wWLXCZGSg/2j+P0MEQEP7wjyxqm Nv+nZSUZicF/XLnCcjraWWeJ0dQ7IZEBzkBkVe840NdRUnwBQMHDsEKQo UGKgHpziJHrA6beoWSxdfpZEDse94E0mX8Or7RVcMNUhgORCdiEMAUgxA iXT+lZeXDjozxVbYf86nna5SbE5T0zJue1ZTv+nsbgUkAwtwooepoBXIM g==; X-IronPort-AV: E=McAfee;i="6600,9927,11008"; a="4861554" X-IronPort-AV: E=Sophos;i="6.07,113,1708416000"; d="scan'208";a="4861554" Received: from fmsmga001.fm.intel.com ([10.253.24.23]) by orvoesa109.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 09 Mar 2024 13:02:46 -0800 X-ExtLoop1: 1 X-IronPort-AV: E=McAfee;i="6600,9927,11008"; a="937048387" X-IronPort-AV: E=Sophos;i="6.07,113,1708416000"; d="scan'208";a="937048387" Received: from black.fi.intel.com ([10.237.72.28]) by fmsmga001.fm.intel.com with ESMTP; 09 Mar 2024 13:02:43 -0800 Received: by black.fi.intel.com (Postfix, from userid 1000) id 3AD1E169; Sat, 9 Mar 2024 23:02:42 +0200 (EET) From: "Kirill A. Shutemov" To: tglx@linutronix.de, mingo@redhat.com, bp@alien8.de, dave.hansen@intel.com Cc: sathyanarayanan.kuppuswamy@linux.intel.com, hpa@zytor.com, seanjc@google.com, ele.reshetova@intel.com, rick.p.edgecombe@intel.com, x86@kernel.org, linux-kernel@vger.kernel.org, "Kirill A. Shutemov" Subject: [PATCH 1/4] x86/tdx: Introduce tdg_vm_wr() Date: Sat, 9 Mar 2024 23:02:27 +0200 Message-ID: <20240309210230.239045-2-kirill.shutemov@linux.intel.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20240309210230.239045-1-kirill.shutemov@linux.intel.com> References: <20240309210230.239045-1-kirill.shutemov@linux.intel.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Add a helper to write to a TD-scope metadata field and use it to set NOTIFY_ENABLES. Signed-off-by: Kirill A. Shutemov --- arch/x86/coco/tdx/tdx.c | 20 +++++++++++++++----- 1 file changed, 15 insertions(+), 5 deletions(-) diff --git a/arch/x86/coco/tdx/tdx.c b/arch/x86/coco/tdx/tdx.c index cc67f7380055..5ffe5ef99536 100644 --- a/arch/x86/coco/tdx/tdx.c +++ b/arch/x86/coco/tdx/tdx.c @@ -77,6 +77,20 @@ static inline void tdcall(u64 fn, struct tdx_module_args= *args) panic("TDCALL %lld failed (Buggy TDX module!)\n", fn); } =20 +static inline u64 tdg_vm_wr(u64 field, u64 value, u64 mask) +{ + struct tdx_module_args args =3D { + .rdx =3D field, + .r8 =3D value, + .r9 =3D mask, + }; + + tdcall(TDG_VM_WR, &args); + + /* Old value */ + return args.r8; +} + /** * tdx_mcall_get_report0() - Wrapper to get TDREPORT0 (a.k.a. TDREPORT * subtype 0) using TDG.MR.REPORT TDCALL. @@ -902,10 +916,6 @@ static void tdx_kexec_unshare_mem(void) =20 void __init tdx_early_init(void) { - struct tdx_module_args args =3D { - .rdx =3D TDCS_NOTIFY_ENABLES, - .r9 =3D -1ULL, - }; u64 cc_mask; u32 eax, sig[3]; =20 @@ -924,7 +934,7 @@ void __init tdx_early_init(void) cc_set_mask(cc_mask); =20 /* Kernel does not use NOTIFY_ENABLES and does not need random #VEs */ - tdcall(TDG_VM_WR, &args); + tdg_vm_wr(TDCS_NOTIFY_ENABLES, 0, -1ULL); =20 /* * All bits above GPA width are reserved and kernel treats shared bit --=20 2.43.0 From nobody Sun Feb 8 05:28:18 2026 Received: from mgamail.intel.com (mgamail.intel.com [198.175.65.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 6028651021 for ; Sat, 9 Mar 2024 21:02:50 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=198.175.65.17 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1710018171; cv=none; b=ZhCpIECpOTeg5FVb7/sGWndUsIS+WkHsoB8mHifxcuZnQ33zeACuGaV/oiowMER8BMBb3GZBRhZHB4JAgk0z7ruxPd2S2SpDtpoKSY4CmZDFsBfAMekBwYZFlX2hn9aAdkCy1sNUugqE7pPxLtuw/DbxY1cTswpDiy4+lxQfCaw= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1710018171; c=relaxed/simple; bh=l1JZHNfw4NSUSsC+y2v9OCYY6Ndd0+Cz/FPtWPxp0a4=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=BHlGQ6XvxnRkeqh6cvA/uM8UnHoLUiGfauK8Vw3HkRpIby5edKeP+84inQbCT0k3IhZgWeE04mDrMuAsqNKkOc1bDGJ/R1Xs51DWTXkpmHnB01ObdYtTM8VeJmkAH1hbVPlb0FgzsbuQygJ+K5hO9QMax4GTkhRNcF6lKAb20hU= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.intel.com; spf=none smtp.helo=mgamail.intel.com; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b=Q8nwSujk; arc=none smtp.client-ip=198.175.65.17 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.intel.com Authentication-Results: smtp.subspace.kernel.org; spf=none smtp.helo=mgamail.intel.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b="Q8nwSujk" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1710018170; x=1741554170; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=l1JZHNfw4NSUSsC+y2v9OCYY6Ndd0+Cz/FPtWPxp0a4=; b=Q8nwSujkO18uW3ickIbrqqgoycyV614yNkdxSB0H0py42jFedVQIuN4/ n5lttgOuqCe+qxxCj+XuzqNlFiyDwFsxCJtTYTy/q5rvo0swYthoYmw3x AP1YwnSOaoxj+Jg3mcpKOvNzj2PyeMMroSOY3hojFSbg7QNVB/FoDKWz0 9Ka5BOHaKAjOrFeR5R0V9uh2e5EsIlngVqwJjrWPDPIv/RZ0UKS5Y5M38 mBFzN5sv23h07xXDCXmMcHmiSIxLlrQiUjCvS3TQuPHgBxQEPOLKR1+fi IE5T6Xi+DR1+8TewqLgUwRddFILFNmUkbgeRzOHufRLfftrWtzZMiynO2 Q==; X-IronPort-AV: E=McAfee;i="6600,9927,11008"; a="4861582" X-IronPort-AV: E=Sophos;i="6.07,113,1708416000"; d="scan'208";a="4861582" Received: from fmsmga001.fm.intel.com ([10.253.24.23]) by orvoesa109.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 09 Mar 2024 13:02:47 -0800 X-ExtLoop1: 1 X-IronPort-AV: E=McAfee;i="6600,9927,11008"; a="937048395" X-IronPort-AV: E=Sophos;i="6.07,113,1708416000"; d="scan'208";a="937048395" Received: from black.fi.intel.com ([10.237.72.28]) by fmsmga001.fm.intel.com with ESMTP; 09 Mar 2024 13:02:43 -0800 Received: by black.fi.intel.com (Postfix, from userid 1000) id 48B5536D; Sat, 9 Mar 2024 23:02:42 +0200 (EET) From: "Kirill A. Shutemov" To: tglx@linutronix.de, mingo@redhat.com, bp@alien8.de, dave.hansen@intel.com Cc: sathyanarayanan.kuppuswamy@linux.intel.com, hpa@zytor.com, seanjc@google.com, ele.reshetova@intel.com, rick.p.edgecombe@intel.com, x86@kernel.org, linux-kernel@vger.kernel.org, "Kirill A. Shutemov" Subject: [PATCH 2/4] x86/tdx: Rename tdx_parse_tdinfo() to tdx_setup() Date: Sat, 9 Mar 2024 23:02:28 +0200 Message-ID: <20240309210230.239045-3-kirill.shutemov@linux.intel.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20240309210230.239045-1-kirill.shutemov@linux.intel.com> References: <20240309210230.239045-1-kirill.shutemov@linux.intel.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Rename tdx_parse_tdinfo() to tdx_setup() and move setting NOTIFY_ENABLES there. The function will be extended to adjust TD configuration. Signed-off-by: Kirill A. Shutemov Reviewed-by: Kuppuswamy Sathyanarayanan --- arch/x86/coco/tdx/tdx.c | 13 ++++++++----- 1 file changed, 8 insertions(+), 5 deletions(-) diff --git a/arch/x86/coco/tdx/tdx.c b/arch/x86/coco/tdx/tdx.c index 5ffe5ef99536..afdaf46cabb9 100644 --- a/arch/x86/coco/tdx/tdx.c +++ b/arch/x86/coco/tdx/tdx.c @@ -181,7 +181,7 @@ static void __noreturn tdx_panic(const char *msg) __tdx_hypercall(&args); } =20 -static void tdx_parse_tdinfo(u64 *cc_mask) +static void tdx_setup(u64 *cc_mask) { struct tdx_module_args args =3D {}; unsigned int gpa_width; @@ -206,6 +206,9 @@ static void tdx_parse_tdinfo(u64 *cc_mask) gpa_width =3D args.rcx & GENMASK(5, 0); *cc_mask =3D BIT_ULL(gpa_width - 1); =20 + /* Kernel does not use NOTIFY_ENABLES and does not need random #VEs */ + tdg_vm_wr(TDCS_NOTIFY_ENABLES, 0, -1ULL); + /* * The kernel can not handle #VE's when accessing normal kernel * memory. Ensure that no #VE will be delivered for accesses to @@ -930,11 +933,11 @@ void __init tdx_early_init(void) setup_force_cpu_cap(X86_FEATURE_TSC_RELIABLE); =20 cc_vendor =3D CC_VENDOR_INTEL; - tdx_parse_tdinfo(&cc_mask); - cc_set_mask(cc_mask); =20 - /* Kernel does not use NOTIFY_ENABLES and does not need random #VEs */ - tdg_vm_wr(TDCS_NOTIFY_ENABLES, 0, -1ULL); + /* Configure the TD */ + tdx_setup(&cc_mask); + + cc_set_mask(cc_mask); =20 /* * All bits above GPA width are reserved and kernel treats shared bit --=20 2.43.0 From nobody Sun Feb 8 05:28:18 2026 Received: from mgamail.intel.com (mgamail.intel.com [198.175.65.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 2841250A93 for ; Sat, 9 Mar 2024 21:02:50 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=198.175.65.17 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1710018171; cv=none; b=riBcCCodN6eU4ZTgmDeNwBMqGMJrmDC3TlofCuzupmWje/CW43L4yVc2tG8lkBcF/meWEhpnPF+dPBPfnhWWDJl8TiuMwj+jaeJGrLy1BIbzjlTtpoktWaUfEDe6UiHJ7EWseQo6TGw1kWwaGE8c1Xv/sSE8CpitTC/bWTSGD14= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1710018171; c=relaxed/simple; bh=3UzLr7/RRaafFrtH5Z2p+MKstcMcwEJZRIwJsFMEBdg=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=lgxTlMf4dda4wIHU/5MtdeYEtd237WwH7EzUKC9Hekpv4PAjYnnA6KKZcKOxrzaUro0lGWv+396VeL9tjTcMMPSqwlbXU/hCH6WPfgfpqHnLGWfqd/TZ+L9dgpBR1Cfg4D+o5bbgq0EoRaikwsG0Ar5/RI1SuBq5bbt7iT3L3MM= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.intel.com; spf=none smtp.helo=mgamail.intel.com; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b=atKwgKfz; arc=none smtp.client-ip=198.175.65.17 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.intel.com Authentication-Results: smtp.subspace.kernel.org; spf=none smtp.helo=mgamail.intel.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b="atKwgKfz" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1710018170; x=1741554170; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=3UzLr7/RRaafFrtH5Z2p+MKstcMcwEJZRIwJsFMEBdg=; b=atKwgKfzB/DGy3HBRN3aiGZvUSq9nxqDVPsIP/XgfPHbvm1S3Ct2yXzL j7sW0rjjS/tCaAPRln9VInOFTofplPg0iWcxBpEvgsveBuYWW4OKcv1IB Dw8eLbAAq1+ey+om3eYl12rua3zfvG6D6NGgrkuh9aSzv8eYiBDyVUUmp Amn8PBmCOcefTErR4K/hCvfzVpy4t0NHUrpCCYp9QkZTZmelvHcVCGIYi 3iis03+heq/viv0tD+0Ay6ygphuOJeiQRE3A+98wsDkOkfqstRR7dnicK PmlcBidPUnvoNltTvtdyrieitzxWfw65DVhSALrCCe/XGNNgxa+qilknV g==; X-IronPort-AV: E=McAfee;i="6600,9927,11008"; a="4861575" X-IronPort-AV: E=Sophos;i="6.07,113,1708416000"; d="scan'208";a="4861575" Received: from fmsmga001.fm.intel.com ([10.253.24.23]) by orvoesa109.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 09 Mar 2024 13:02:47 -0800 X-ExtLoop1: 1 X-IronPort-AV: E=McAfee;i="6600,9927,11008"; a="937048393" X-IronPort-AV: E=Sophos;i="6.07,113,1708416000"; d="scan'208";a="937048393" Received: from black.fi.intel.com ([10.237.72.28]) by fmsmga001.fm.intel.com with ESMTP; 09 Mar 2024 13:02:43 -0800 Received: by black.fi.intel.com (Postfix, from userid 1000) id 56733377; Sat, 9 Mar 2024 23:02:42 +0200 (EET) From: "Kirill A. Shutemov" To: tglx@linutronix.de, mingo@redhat.com, bp@alien8.de, dave.hansen@intel.com Cc: sathyanarayanan.kuppuswamy@linux.intel.com, hpa@zytor.com, seanjc@google.com, ele.reshetova@intel.com, rick.p.edgecombe@intel.com, x86@kernel.org, linux-kernel@vger.kernel.org, "Kirill A. Shutemov" Subject: [PATCH 3/4] x86/tdx: Handle PENDING_EPT_VIOLATION_V2 Date: Sat, 9 Mar 2024 23:02:29 +0200 Message-ID: <20240309210230.239045-4-kirill.shutemov@linux.intel.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20240309210230.239045-1-kirill.shutemov@linux.intel.com> References: <20240309210230.239045-1-kirill.shutemov@linux.intel.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" PENDING_EPT_VIOLATION_V2 allows TD to control whether access to a pending page triggers #VE. Kernel doesn't want to see any #VEs on accesses to private memory: disable such #VEs. Signed-off-by: Kirill A. Shutemov --- arch/x86/coco/tdx/tdx.c | 66 ++++++++++++++++++++++++++++--- arch/x86/include/asm/shared/tdx.h | 18 ++++++++- 2 files changed, 78 insertions(+), 6 deletions(-) diff --git a/arch/x86/coco/tdx/tdx.c b/arch/x86/coco/tdx/tdx.c index afdaf46cabb9..d9ea82f8772d 100644 --- a/arch/x86/coco/tdx/tdx.c +++ b/arch/x86/coco/tdx/tdx.c @@ -77,6 +77,17 @@ static inline void tdcall(u64 fn, struct tdx_module_args= *args) panic("TDCALL %lld failed (Buggy TDX module!)\n", fn); } =20 +static inline u64 tdg_vm_rd(u64 field) +{ + struct tdx_module_args args =3D { + .rdx =3D field, + }; + + tdcall(TDG_VM_RD, &args); + + return args.r8; +} + static inline u64 tdg_vm_wr(u64 field, u64 value, u64 mask) { struct tdx_module_args args =3D { @@ -91,6 +102,17 @@ static inline u64 tdg_vm_wr(u64 field, u64 value, u64 m= ask) return args.r8; } =20 +static inline u64 tdg_sys_rd(u64 field) +{ + struct tdx_module_args args =3D { + .rdx =3D field, + }; + + tdcall(TDG_SYS_RD, &args); + + return args.r8; +} + /** * tdx_mcall_get_report0() - Wrapper to get TDREPORT0 (a.k.a. TDREPORT * subtype 0) using TDG.MR.REPORT TDCALL. @@ -185,7 +207,8 @@ static void tdx_setup(u64 *cc_mask) { struct tdx_module_args args =3D {}; unsigned int gpa_width; - u64 td_attr; + u64 td_attr, features; + bool sept_ve_disabled; =20 /* * TDINFO TDX module call is used to get the TD execution environment @@ -206,19 +229,52 @@ static void tdx_setup(u64 *cc_mask) gpa_width =3D args.rcx & GENMASK(5, 0); *cc_mask =3D BIT_ULL(gpa_width - 1); =20 + td_attr =3D args.rdx; + /* Kernel does not use NOTIFY_ENABLES and does not need random #VEs */ tdg_vm_wr(TDCS_NOTIFY_ENABLES, 0, -1ULL); =20 + features =3D tdg_sys_rd(TDCS_TDX_FEATURES0); + /* * The kernel can not handle #VE's when accessing normal kernel * memory. Ensure that no #VE will be delivered for accesses to * TD-private memory. Only VMM-shared memory (MMIO) will #VE. + * + * Check if the TD is created with SEPT #VE disabled. */ - td_attr =3D args.rdx; - if (!(td_attr & ATTR_SEPT_VE_DISABLE)) { - const char *msg =3D "TD misconfiguration: SEPT_VE_DISABLE attribute must= be set."; + sept_ve_disabled =3D td_attr & ATTR_SEPT_VE_DISABLE; =20 - /* Relax SEPT_VE_DISABLE check for debug TD. */ + /* + * Check if flexible control of SEPT #VE is supported. + * + * The check consists of verifying if the feature is supported by the + * TDX module (the TDX_FEATURES0 check) and if the feature is enabled + * for this TD (CONFIG_FLAGS check). + * + * If flexible control is supported, disable SEPT #VE. + * + * Disable SEPT #VE regardless of ATTR_SEPT_VE_DISABLE status as + * flexible control allows software running before the kernel to + * enable it. + * + * Skip SEPT disabling for debug TD. SEPT #VE is unsafe but can be + * useful for debugging to produce a stack trace. Known to be useful + * for debugging unaccepted memory problems. + */ + if (features & TDX_FEATURES0_PENDING_EPT_VIOLATION_V2 && + (tdg_vm_rd(TDCS_CONFIG_FLAGS) & TDCS_CONFIG_FLEXIBLE_PENDING_VE) && + !(td_attr & ATTR_DEBUG)) { + tdg_vm_wr(TDCS_TD_CTLS, + TD_CTLS_PENDING_VE_DISABLE, + TD_CTLS_PENDING_VE_DISABLE); + sept_ve_disabled =3D true; + } + + if (!sept_ve_disabled) { + const char *msg =3D "TD misconfiguration: SEPT #VE has to be disabled"; + + /* Relax SEPT #VE disable check for debug TD. */ if (td_attr & ATTR_DEBUG) pr_warn("%s\n", msg); else diff --git a/arch/x86/include/asm/shared/tdx.h b/arch/x86/include/asm/share= d/tdx.h index fdfd41511b02..29a61c72e4dd 100644 --- a/arch/x86/include/asm/shared/tdx.h +++ b/arch/x86/include/asm/shared/tdx.h @@ -16,11 +16,27 @@ #define TDG_VP_VEINFO_GET 3 #define TDG_MR_REPORT 4 #define TDG_MEM_PAGE_ACCEPT 6 +#define TDG_VM_RD 7 #define TDG_VM_WR 8 +#define TDG_SYS_RD 11 =20 -/* TDCS fields. To be used by TDG.VM.WR and TDG.VM.RD module calls */ +/* TDX Global Metadata. To be used by TDG.SYS.RD */ +#define TDCS_TDX_FEATURES0 0x0A00000300000008 + +/* TDX TD-Scope Metadata. To be used by TDG.VM.WR and TDG.VM.RD */ +#define TDCS_CONFIG_FLAGS 0x1110000300000016 +#define TDCS_TD_CTLS 0x1110000300000017 #define TDCS_NOTIFY_ENABLES 0x9100000000000010 =20 +/* TDCS_TDX_FEATURES0 bits */ +#define TDX_FEATURES0_PENDING_EPT_VIOLATION_V2 BIT_ULL(16) + +/* TDCS_CONFIG_FLAGS bits */ +#define TDCS_CONFIG_FLEXIBLE_PENDING_VE BIT_ULL(1) + +/* TDCS_TD_CTLS bits */ +#define TD_CTLS_PENDING_VE_DISABLE BIT_ULL(0) + /* TDX hypercall Leaf IDs */ #define TDVMCALL_MAP_GPA 0x10001 #define TDVMCALL_GET_QUOTE 0x10002 --=20 2.43.0 From nobody Sun Feb 8 05:28:18 2026 Received: from mgamail.intel.com (mgamail.intel.com [198.175.65.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 9DC6B4F200 for ; Sat, 9 Mar 2024 21:02:48 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=198.175.65.17 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1710018170; cv=none; b=d0Er4zXf2EECZoTtst/nujoG8p7es3Dh0lvQ9cnav+AsQ9bye7uQXMt5xTpBby7aC1Nw792bVJTvzE2lZrNVPdHFb/0qbLbykJB6EYqgdMnsHJlOYcYRO2qlEUDNY3Wnu9ydEMP/zslLBUaTeji6GLY8wIU/PDouc25ycpC/rws= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1710018170; c=relaxed/simple; bh=Jk5tt+gSzYYhQIlktRhIlr+6QKg9CrR+h9qHi82xD1w=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=peCJ4klOpCwqtiUCpQ+pTaKH39kUA4ujM1ofYYkCz3UghGIZxHkAUVeY273GPact8sdSTHf+UA5TP38zifrpGW3ZryQItlm/CIOHddsNQDqbgvtxpPD8bzYm5noNNSH6Y+VpLdVBjlkyX4EOXRuUZGMH5o9B9xvI+v/tHRc/hXQ= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.intel.com; spf=none smtp.helo=mgamail.intel.com; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b=B/CYXRBT; arc=none smtp.client-ip=198.175.65.17 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.intel.com Authentication-Results: smtp.subspace.kernel.org; spf=none smtp.helo=mgamail.intel.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b="B/CYXRBT" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1710018169; x=1741554169; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=Jk5tt+gSzYYhQIlktRhIlr+6QKg9CrR+h9qHi82xD1w=; b=B/CYXRBTq1CO3EIP5Bf+ynumSwyEWPIJGWLeCiNd2m74alrDz1BcWVux H0k1oI8ph34TXas9b/dJoKMcSALlFjEU4YipIeGxGlg3U+GpYp19T10SR mQFQoqyLsxk6q4pjBSlKHvCC0oXUJ7OxO84z/lPZkicHmxJ6ozXVtOycm xaocAc9bDOI4qXsLzKcgaL5VDq5snXVX9/EQJVMA8diAm+l5SRLYMu9qj /Bk+toN/eQ1VaBe4scpCzbk7hYd/EjP539wYaw1X0E02/X9KCImuu8fWe IOiFx+K9hVooD/rXrQxmzi8RabhEiI0BEexq4lUE8o2xX7jB+jK6iEvwk g==; X-IronPort-AV: E=McAfee;i="6600,9927,11008"; a="4861561" X-IronPort-AV: E=Sophos;i="6.07,113,1708416000"; d="scan'208";a="4861561" Received: from fmsmga001.fm.intel.com ([10.253.24.23]) by orvoesa109.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 09 Mar 2024 13:02:46 -0800 X-ExtLoop1: 1 X-IronPort-AV: E=McAfee;i="6600,9927,11008"; a="937048389" X-IronPort-AV: E=Sophos;i="6.07,113,1708416000"; d="scan'208";a="937048389" Received: from black.fi.intel.com ([10.237.72.28]) by fmsmga001.fm.intel.com with ESMTP; 09 Mar 2024 13:02:43 -0800 Received: by black.fi.intel.com (Postfix, from userid 1000) id 6402B385; Sat, 9 Mar 2024 23:02:42 +0200 (EET) From: "Kirill A. Shutemov" To: tglx@linutronix.de, mingo@redhat.com, bp@alien8.de, dave.hansen@intel.com Cc: sathyanarayanan.kuppuswamy@linux.intel.com, hpa@zytor.com, seanjc@google.com, ele.reshetova@intel.com, rick.p.edgecombe@intel.com, x86@kernel.org, linux-kernel@vger.kernel.org, "Kirill A. Shutemov" Subject: [PATCH 4/4] x86/tdx: Enable ENUM_TOPOLOGY Date: Sat, 9 Mar 2024 23:02:30 +0200 Message-ID: <20240309210230.239045-5-kirill.shutemov@linux.intel.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20240309210230.239045-1-kirill.shutemov@linux.intel.com> References: <20240309210230.239045-1-kirill.shutemov@linux.intel.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" TDX 1.0 generates a #VE when accessing topology-related CPUID leafs (0xB and 0x1F) and the X2APIC_APICID MSR. The kernel returns all zeros on CPUID #VEs. In practice, this means that the kernel can only boot with a plain topology. Any complications will cause problems. The ENUM_TOPOLOGY feature allows the VMM to provide topology information to the guest in a safe manner. Enabling the feature eliminates topology-related #VEs: the TDX module virtualizes accesses to the CPUID leafs and the MSR. Enable ENUM_TOPOLOGY if it is available. Signed-off-by: Kirill A. Shutemov --- arch/x86/coco/tdx/tdx.c | 20 ++++++++++++++++++++ arch/x86/include/asm/shared/tdx.h | 3 +++ 2 files changed, 23 insertions(+) diff --git a/arch/x86/coco/tdx/tdx.c b/arch/x86/coco/tdx/tdx.c index d9ea82f8772d..291e45db8d54 100644 --- a/arch/x86/coco/tdx/tdx.c +++ b/arch/x86/coco/tdx/tdx.c @@ -280,6 +280,26 @@ static void tdx_setup(u64 *cc_mask) else tdx_panic(msg); } + + /* + * TDX 1.0 generates a #VE when accessing topology-related CPUID leafs + * (0xB and 0x1F) and the X2APIC_APICID MSR. The kernel returns all + * zeros on CPUID #VEs. In practice, this means that the kernel can only + * boot with a plain topology. Any complications will cause problems. + * + * The ENUM_TOPOLOGY feature allows the VMM to provide topology + * information to the guest in a safe manner. Enabling the feature + * eliminates topology-related #VEs: the TDX module virtualizes + * accesses to the CPUID leafs and the MSR. + * + * Enable ENUM_TOPOLOGY if it is available. + */ + if ((features & TDX_FEATURES0_ENUM_TOPOLOGY) && + tdg_vm_rd(TDCS_TOPOLOGY_ENUM_CONFIGURED)) { + tdg_vm_wr(TDCS_TD_CTLS, + TD_CTLS_ENUM_TOPOLOGY, + TD_CTLS_ENUM_TOPOLOGY); + } } =20 /* diff --git a/arch/x86/include/asm/shared/tdx.h b/arch/x86/include/asm/share= d/tdx.h index 29a61c72e4dd..2964c506b241 100644 --- a/arch/x86/include/asm/shared/tdx.h +++ b/arch/x86/include/asm/shared/tdx.h @@ -27,15 +27,18 @@ #define TDCS_CONFIG_FLAGS 0x1110000300000016 #define TDCS_TD_CTLS 0x1110000300000017 #define TDCS_NOTIFY_ENABLES 0x9100000000000010 +#define TDCS_TOPOLOGY_ENUM_CONFIGURED 0x9100000000000019 =20 /* TDCS_TDX_FEATURES0 bits */ #define TDX_FEATURES0_PENDING_EPT_VIOLATION_V2 BIT_ULL(16) +#define TDX_FEATURES0_ENUM_TOPOLOGY BIT_ULL(20) =20 /* TDCS_CONFIG_FLAGS bits */ #define TDCS_CONFIG_FLEXIBLE_PENDING_VE BIT_ULL(1) =20 /* TDCS_TD_CTLS bits */ #define TD_CTLS_PENDING_VE_DISABLE BIT_ULL(0) +#define TD_CTLS_ENUM_TOPOLOGY BIT_ULL(1) =20 /* TDX hypercall Leaf IDs */ #define TDVMCALL_MAP_GPA 0x10001 --=20 2.43.0