From nobody Sun Feb 8 00:26:32 2026 Received: from mgamail.intel.com (mgamail.intel.com [192.198.163.14]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 9416014D299 for ; Mon, 25 Mar 2024 10:46:25 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=192.198.163.14 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1711363586; cv=none; b=hHtlHmzhVkCXdKgoXIrEzSObHLlF+NF5EUM/wyZisZyQ2mF3g2fB8Om+TKft1/WNPmt7mEyVtT3M3Q+s0li+WJxnPZTEChk2PREkuPNT46L/Gl3zZD5KmvUkMQLw+0IvxVQhD176fYO0uwnP776vF22/pIfOejSg0/eWya8zbRE= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1711363586; c=relaxed/simple; bh=cWV7a/56NGBWfLPCfzjcByxIHOjU8h5IHcNll3QuTV4=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=TMRK1HQvAOJk/goDXDcS/xoBcjfcWLvsao8ASmmv9bisIHpluj2B5ugnSMGbId9UGUsBGbd6vQnbN/am5P+fw7WQQ11praT6CZerRA/KyA3uK7VbQ0zoKM2y7Eexj453c7Ywe5aLfQEfjeuUQJ9ymjhTEFqMvQ2z5DH/qyuPc50= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.intel.com; spf=none smtp.helo=mgamail.intel.com; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b=JHoWuReV; arc=none smtp.client-ip=192.198.163.14 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.intel.com Authentication-Results: smtp.subspace.kernel.org; spf=none smtp.helo=mgamail.intel.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b="JHoWuReV" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1711363586; x=1742899586; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=cWV7a/56NGBWfLPCfzjcByxIHOjU8h5IHcNll3QuTV4=; b=JHoWuReVNGXkxWtY2tEwjC+K5C+UAZpiHrPrSxSH1QVx9OiA9cTTE8UQ BLBf15AL8ziuWN7ZUXhchK/pv+WKT2T4q8fx7nK9ERG+ijeWzm1UCfDtK cmfYGsZhvjAER/icSYEX1PcerWONfQJUKXEfXOijNDXi7/PHp7+QyAkXM MLwtiSLydpRIjqL2v0w0MdQ2aVyF7DrRxOf4Xx7eF1jxPU/S3dqMAT3K7 fwSbrb81eqrJwy5qKvzumRTxvvaHWPI//xbdSp5oA0ZzJ4xpG9AtBydIu INT+xxQTBqIiCZBAEyErur+/GGg8uQbF0AwKR98GhLIXQhx1n6dP33gnz g==; X-IronPort-AV: E=McAfee;i="6600,9927,11023"; a="6562000" X-IronPort-AV: E=Sophos;i="6.07,152,1708416000"; d="scan'208";a="6562000" Received: from fmsmga001.fm.intel.com ([10.253.24.23]) by fmvoesa108.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 25 Mar 2024 03:46:15 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=McAfee;i="6600,9927,11023"; a="937070189" X-IronPort-AV: E=Sophos;i="6.07,152,1708416000"; d="scan'208";a="937070189" Received: from black.fi.intel.com ([10.237.72.28]) by fmsmga001.fm.intel.com with ESMTP; 25 Mar 2024 03:46:11 -0700 Received: by black.fi.intel.com (Postfix, from userid 1000) id D049DE7; Mon, 25 Mar 2024 12:46:10 +0200 (EET) From: "Kirill A. Shutemov" To: tglx@linutronix.de, mingo@redhat.com, bp@alien8.de, dave.hansen@intel.com Cc: sathyanarayanan.kuppuswamy@linux.intel.com, hpa@zytor.com, seanjc@google.com, elena.reshetova@intel.com, rick.p.edgecombe@intel.com, x86@kernel.org, linux-kernel@vger.kernel.org, "Kirill A. Shutemov" Subject: [PATCHv2 1/4] x86/tdx: Introduce tdg_vm_wr() Date: Mon, 25 Mar 2024 12:46:04 +0200 Message-ID: <20240325104607.2653307-2-kirill.shutemov@linux.intel.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20240325104607.2653307-1-kirill.shutemov@linux.intel.com> References: <20240325104607.2653307-1-kirill.shutemov@linux.intel.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Add a helper function to write to a TD-scope metadata field and use it to set NOTIFY_ENABLES. The helper function will be paired with tdg_vm_rd() and will be used to manipulate other metadata fields, not just NOTIFY_ENABLES. Signed-off-by: Kirill A. Shutemov Reviewed-by: Kai Huang Reviewed-by: Kuppuswamy Sathyanarayanan --- arch/x86/coco/tdx/tdx.c | 20 +++++++++++++++----- 1 file changed, 15 insertions(+), 5 deletions(-) diff --git a/arch/x86/coco/tdx/tdx.c b/arch/x86/coco/tdx/tdx.c index 59776ce1c1d7..4fb36e5c4e80 100644 --- a/arch/x86/coco/tdx/tdx.c +++ b/arch/x86/coco/tdx/tdx.c @@ -77,6 +77,20 @@ static inline void tdcall(u64 fn, struct tdx_module_args= *args) panic("TDCALL %lld failed (Buggy TDX module!)\n", fn); } =20 +static inline u64 tdg_vm_wr(u64 field, u64 value, u64 mask) +{ + struct tdx_module_args args =3D { + .rdx =3D field, + .r8 =3D value, + .r9 =3D mask, + }; + + tdcall(TDG_VM_WR, &args); + + /* Old value */ + return args.r8; +} + /** * tdx_mcall_get_report0() - Wrapper to get TDREPORT0 (a.k.a. TDREPORT * subtype 0) using TDG.MR.REPORT TDCALL. @@ -902,10 +916,6 @@ static void tdx_kexec_unshare_mem(void) =20 void __init tdx_early_init(void) { - struct tdx_module_args args =3D { - .rdx =3D TDCS_NOTIFY_ENABLES, - .r9 =3D -1ULL, - }; u64 cc_mask; u32 eax, sig[3]; =20 @@ -924,7 +934,7 @@ void __init tdx_early_init(void) cc_set_mask(cc_mask); =20 /* Kernel does not use NOTIFY_ENABLES and does not need random #VEs */ - tdcall(TDG_VM_WR, &args); + tdg_vm_wr(TDCS_NOTIFY_ENABLES, 0, -1ULL); =20 /* * All bits above GPA width are reserved and kernel treats shared bit --=20 2.43.0 From nobody Sun Feb 8 00:26:32 2026 Received: from mgamail.intel.com (mgamail.intel.com [192.198.163.14]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 582DB129E8A for ; Mon, 25 Mar 2024 10:46:25 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=192.198.163.14 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1711363586; cv=none; b=e2QEOPMcGLbDXu5r56hsHi/DYVhF3B/7HQpq8LdzwZMl2UF0EiGDHe6Wg0zszkm62TSlRPPMyiHGUpOUMa1TgSILYxvSWDEemU4o7+kYfd1DvgZV8XCuTLagd2BV1nbV0edPeUUdQTX4p72TJo9/2PX8bOSTXYtl9lF9oBQMZPI= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1711363586; c=relaxed/simple; bh=1hJMdWMyKbRxuulTM+24tZ/hnpaqrnzbQWbwnHMvu3M=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=F/OdSot+4XkSGYdwOZ7HbbSE+Gb9hihBEwmWHagDhDugO41X2/1WNkB7aMfQql1z/cIxVo8JSok8WQXkQekgzG4M8uaZlxi3by2nos5c7Oyf4UWoVgcGaQrGXWOLA8nX9ZSUz7TBnl6Vwkr/l3oWeycH+4BKhq1TObcfmY8Wd60= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.intel.com; spf=none smtp.helo=mgamail.intel.com; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b=NjNqLfHb; arc=none smtp.client-ip=192.198.163.14 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.intel.com Authentication-Results: smtp.subspace.kernel.org; spf=none smtp.helo=mgamail.intel.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b="NjNqLfHb" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1711363585; x=1742899585; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=1hJMdWMyKbRxuulTM+24tZ/hnpaqrnzbQWbwnHMvu3M=; b=NjNqLfHbGuzVvLHEPgW4NPKg9k9ZnCayqSs0BxD4WlBxJZWrJ4cD6K+h CftUsSS6KeYUOHcJiGQYNOiy+jC22vRHMwdWn9McqLqAg3bsX9B422/Cc /BYx3+wNqMIlFirwIlWc8biZYyZVrdMlMklNyo6M5JvNyf87KBD0xP41Y lI+8b1yDCS9n5vL8nl5B2IgG8lvK/0b0e34aDIimtZk9KINdN1epwDoIf 5Wrhk1vxhZqOSihBZxGRUWa5kTdV8D5bP1QWsZQyxgBljlvPt/fULUEU7 jCDJAnGGe8AurOW3CKTlHq6zvuM+VwgX/wOGogtixuf4Z/PkOxXa8g57Z w==; X-IronPort-AV: E=McAfee;i="6600,9927,11023"; a="6561993" X-IronPort-AV: E=Sophos;i="6.07,152,1708416000"; d="scan'208";a="6561993" Received: from fmsmga001.fm.intel.com ([10.253.24.23]) by fmvoesa108.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 25 Mar 2024 03:46:15 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=McAfee;i="6600,9927,11023"; a="937070187" X-IronPort-AV: E=Sophos;i="6.07,152,1708416000"; d="scan'208";a="937070187" Received: from black.fi.intel.com ([10.237.72.28]) by fmsmga001.fm.intel.com with ESMTP; 25 Mar 2024 03:46:11 -0700 Received: by black.fi.intel.com (Postfix, from userid 1000) id DD91E3C5; Mon, 25 Mar 2024 12:46:10 +0200 (EET) From: "Kirill A. Shutemov" To: tglx@linutronix.de, mingo@redhat.com, bp@alien8.de, dave.hansen@intel.com Cc: sathyanarayanan.kuppuswamy@linux.intel.com, hpa@zytor.com, seanjc@google.com, elena.reshetova@intel.com, rick.p.edgecombe@intel.com, x86@kernel.org, linux-kernel@vger.kernel.org, "Kirill A. Shutemov" Subject: [PATCHv2 2/4] x86/tdx: Rename tdx_parse_tdinfo() to tdx_setup() Date: Mon, 25 Mar 2024 12:46:05 +0200 Message-ID: <20240325104607.2653307-3-kirill.shutemov@linux.intel.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20240325104607.2653307-1-kirill.shutemov@linux.intel.com> References: <20240325104607.2653307-1-kirill.shutemov@linux.intel.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Rename tdx_parse_tdinfo() to tdx_setup() and move setting NOTIFY_ENABLES there. The function will be extended to adjust TD configuration. Signed-off-by: Kirill A. Shutemov Reviewed-by: Kuppuswamy Sathyanarayanan Reviewed-by: Kai Huang --- arch/x86/coco/tdx/tdx.c | 13 ++++++++----- 1 file changed, 8 insertions(+), 5 deletions(-) diff --git a/arch/x86/coco/tdx/tdx.c b/arch/x86/coco/tdx/tdx.c index 4fb36e5c4e80..08e2bb462ce8 100644 --- a/arch/x86/coco/tdx/tdx.c +++ b/arch/x86/coco/tdx/tdx.c @@ -181,7 +181,7 @@ static void __noreturn tdx_panic(const char *msg) __tdx_hypercall(&args); } =20 -static void tdx_parse_tdinfo(u64 *cc_mask) +static void tdx_setup(u64 *cc_mask) { struct tdx_module_args args =3D {}; unsigned int gpa_width; @@ -206,6 +206,9 @@ static void tdx_parse_tdinfo(u64 *cc_mask) gpa_width =3D args.rcx & GENMASK(5, 0); *cc_mask =3D BIT_ULL(gpa_width - 1); =20 + /* Kernel does not use NOTIFY_ENABLES and does not need random #VEs */ + tdg_vm_wr(TDCS_NOTIFY_ENABLES, 0, -1ULL); + /* * The kernel can not handle #VE's when accessing normal kernel * memory. Ensure that no #VE will be delivered for accesses to @@ -930,11 +933,11 @@ void __init tdx_early_init(void) setup_force_cpu_cap(X86_FEATURE_TSC_RELIABLE); =20 cc_vendor =3D CC_VENDOR_INTEL; - tdx_parse_tdinfo(&cc_mask); - cc_set_mask(cc_mask); =20 - /* Kernel does not use NOTIFY_ENABLES and does not need random #VEs */ - tdg_vm_wr(TDCS_NOTIFY_ENABLES, 0, -1ULL); + /* Configure the TD */ + tdx_setup(&cc_mask); + + cc_set_mask(cc_mask); =20 /* * All bits above GPA width are reserved and kernel treats shared bit --=20 2.43.0 From nobody Sun Feb 8 00:26:32 2026 Received: from mgamail.intel.com (mgamail.intel.com [192.198.163.14]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id AA43B17F23D for ; Mon, 25 Mar 2024 10:46:23 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=192.198.163.14 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1711363585; cv=none; b=gEPzaWkFlMGWVUuTdESXwzGImHOLfyMHl6Jv+QYol0vu4L/mVurjVWO5B4v1AfaREkUjEz1rlLRpp+MtoxG5kacS48JSxCMm8cpqDP3Yd56gzM3mHcLMPewnTEp3RP/pN9r9FgIcbhxrgtdOYXMPz+/oe6vr/8Yds8QuwdvYznc= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1711363585; c=relaxed/simple; bh=JOv1yjXhc6nxbfinK757791wCBQoWQTpN+2rxg5iYUc=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=SpI/Y8zd4gKT13jyuAag3JqxTTPThXaiFVhWuS09Vu+t+P/5gCCEDPCzZA1o2af80ErJbJhvc/dZFQW7juV88DtIIuVdFMomOp7Tj+5oiiJOIXVrf2ZaV8faWPsL1YVOWjfMiVaz3MWAuhFIg1ZLxFRvbVevI6XO91vsn3Qtuuo= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.intel.com; spf=none smtp.helo=mgamail.intel.com; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b=mxUQJ/x8; arc=none smtp.client-ip=192.198.163.14 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.intel.com Authentication-Results: smtp.subspace.kernel.org; spf=none smtp.helo=mgamail.intel.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b="mxUQJ/x8" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1711363584; x=1742899584; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=JOv1yjXhc6nxbfinK757791wCBQoWQTpN+2rxg5iYUc=; b=mxUQJ/x8Hcagjj1C1o/B6BIxrfw162kra1U+F4+lf1bIPV2fA8QpGnwl NHXkcBpL+QIqKgKupRIy9GntUz0T34Djsak4zNGJraqfSc2W2k9bWJFOa BPvfW6R4ptRRcg8hkCee9X8eHh6UylHKIANBDT8nELIEHTN9sv24a5uJQ gFQtpUSDgSmEyJWOx0rnNjePq2yl5O9ObyJQe692e+cK1+3RHTsTxrXGg EDgZFz4alrzzXdAvzadS5Hasil92KNyL8wFhLJJ+IWJDnsi6k72ogl1cI QuJ2OJaRTBnMAjDGr7H9g86akMAz22HFHA5zRhot2MTgW8x7Yu/f2cyhx w==; X-IronPort-AV: E=McAfee;i="6600,9927,11023"; a="6561986" X-IronPort-AV: E=Sophos;i="6.07,152,1708416000"; d="scan'208";a="6561986" Received: from fmsmga001.fm.intel.com ([10.253.24.23]) by fmvoesa108.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 25 Mar 2024 03:46:14 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=McAfee;i="6600,9927,11023"; a="937070183" X-IronPort-AV: E=Sophos;i="6.07,152,1708416000"; d="scan'208";a="937070183" Received: from black.fi.intel.com ([10.237.72.28]) by fmsmga001.fm.intel.com with ESMTP; 25 Mar 2024 03:46:11 -0700 Received: by black.fi.intel.com (Postfix, from userid 1000) id EA3A6484; Mon, 25 Mar 2024 12:46:10 +0200 (EET) From: "Kirill A. Shutemov" To: tglx@linutronix.de, mingo@redhat.com, bp@alien8.de, dave.hansen@intel.com Cc: sathyanarayanan.kuppuswamy@linux.intel.com, hpa@zytor.com, seanjc@google.com, elena.reshetova@intel.com, rick.p.edgecombe@intel.com, x86@kernel.org, linux-kernel@vger.kernel.org, "Kirill A. Shutemov" Subject: [PATCHv2 3/4] x86/tdx: Handle PENDING_EPT_VIOLATION_V2 Date: Mon, 25 Mar 2024 12:46:06 +0200 Message-ID: <20240325104607.2653307-4-kirill.shutemov@linux.intel.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20240325104607.2653307-1-kirill.shutemov@linux.intel.com> References: <20240325104607.2653307-1-kirill.shutemov@linux.intel.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" PENDING_EPT_VIOLATION_V2 allows TD to control whether access to a pending page triggers #VE. Kernel doesn't want to see any #VEs on accesses to private memory: disable such #VEs. Signed-off-by: Kirill A. Shutemov --- arch/x86/coco/tdx/tdx.c | 75 ++++++++++++++++++++++++++++--- arch/x86/include/asm/shared/tdx.h | 18 +++++++- 2 files changed, 87 insertions(+), 6 deletions(-) diff --git a/arch/x86/coco/tdx/tdx.c b/arch/x86/coco/tdx/tdx.c index 08e2bb462ce8..860bfdd5a11d 100644 --- a/arch/x86/coco/tdx/tdx.c +++ b/arch/x86/coco/tdx/tdx.c @@ -77,6 +77,17 @@ static inline void tdcall(u64 fn, struct tdx_module_args= *args) panic("TDCALL %lld failed (Buggy TDX module!)\n", fn); } =20 +static inline u64 tdg_vm_rd(u64 field) +{ + struct tdx_module_args args =3D { + .rdx =3D field, + }; + + tdcall(TDG_VM_RD, &args); + + return args.r8; +} + static inline u64 tdg_vm_wr(u64 field, u64 value, u64 mask) { struct tdx_module_args args =3D { @@ -91,6 +102,28 @@ static inline u64 tdg_vm_wr(u64 field, u64 value, u64 m= ask) return args.r8; } =20 +static inline u64 tdg_sys_rd(u64 field) +{ + struct tdx_module_args args =3D { + .rdx =3D field, + }; + + tdcall(TDG_SYS_RD, &args); + + return args.r8; +} + +static bool tdcs_ctls_set(u64 mask) +{ + struct tdx_module_args args =3D { + .rdx =3D TDCS_TD_CTLS, + .r8 =3D mask, + .r9 =3D mask, + }; + + return __tdcall(TDG_VM_WR, &args) =3D=3D TDX_SUCCESS; +} + /** * tdx_mcall_get_report0() - Wrapper to get TDREPORT0 (a.k.a. TDREPORT * subtype 0) using TDG.MR.REPORT TDCALL. @@ -185,7 +218,8 @@ static void tdx_setup(u64 *cc_mask) { struct tdx_module_args args =3D {}; unsigned int gpa_width; - u64 td_attr; + u64 td_attr, features; + bool sept_ve_disabled; =20 /* * TDINFO TDX module call is used to get the TD execution environment @@ -206,19 +240,50 @@ static void tdx_setup(u64 *cc_mask) gpa_width =3D args.rcx & GENMASK(5, 0); *cc_mask =3D BIT_ULL(gpa_width - 1); =20 + td_attr =3D args.rdx; + /* Kernel does not use NOTIFY_ENABLES and does not need random #VEs */ tdg_vm_wr(TDCS_NOTIFY_ENABLES, 0, -1ULL); =20 + features =3D tdg_sys_rd(TDCS_TDX_FEATURES0); + /* * The kernel can not handle #VE's when accessing normal kernel * memory. Ensure that no #VE will be delivered for accesses to * TD-private memory. Only VMM-shared memory (MMIO) will #VE. + * + * Check if the TD is created with SEPT #VE disabled. */ - td_attr =3D args.rdx; - if (!(td_attr & ATTR_SEPT_VE_DISABLE)) { - const char *msg =3D "TD misconfiguration: SEPT_VE_DISABLE attribute must= be set."; + sept_ve_disabled =3D td_attr & ATTR_SEPT_VE_DISABLE; =20 - /* Relax SEPT_VE_DISABLE check for debug TD. */ + /* + * Check if flexible control of SEPT #VE is supported. + * + * The check consists of verifying if the feature is supported by the + * TDX module (the TDX_FEATURES0 check) and if the feature is enabled + * for this TD (CONFIG_FLAGS check). + * + * If flexible control is supported, disable SEPT #VE. + * + * Disable SEPT #VE regardless of ATTR_SEPT_VE_DISABLE status as + * flexible control allows software running before the kernel to + * enable it. + * + * Skip SEPT disabling for debug TD. SEPT #VE is unsafe but can be + * useful for debugging to produce a stack trace. Known to be useful + * for debugging unaccepted memory problems. + */ + if (features & TDX_FEATURES0_PENDING_EPT_VIOLATION_V2 && + (tdg_vm_rd(TDCS_CONFIG_FLAGS) & TDCS_CONFIG_FLEXIBLE_PENDING_VE) && + !(td_attr & ATTR_DEBUG)) { + if (tdcs_ctls_set(TD_CTLS_PENDING_VE_DISABLE)) + sept_ve_disabled =3D true; + } + + if (!sept_ve_disabled) { + const char *msg =3D "TD misconfiguration: SEPT #VE has to be disabled"; + + /* Relax SEPT #VE disable check for debug TD. */ if (td_attr & ATTR_DEBUG) pr_warn("%s\n", msg); else diff --git a/arch/x86/include/asm/shared/tdx.h b/arch/x86/include/asm/share= d/tdx.h index fdfd41511b02..29a61c72e4dd 100644 --- a/arch/x86/include/asm/shared/tdx.h +++ b/arch/x86/include/asm/shared/tdx.h @@ -16,11 +16,27 @@ #define TDG_VP_VEINFO_GET 3 #define TDG_MR_REPORT 4 #define TDG_MEM_PAGE_ACCEPT 6 +#define TDG_VM_RD 7 #define TDG_VM_WR 8 +#define TDG_SYS_RD 11 =20 -/* TDCS fields. To be used by TDG.VM.WR and TDG.VM.RD module calls */ +/* TDX Global Metadata. To be used by TDG.SYS.RD */ +#define TDCS_TDX_FEATURES0 0x0A00000300000008 + +/* TDX TD-Scope Metadata. To be used by TDG.VM.WR and TDG.VM.RD */ +#define TDCS_CONFIG_FLAGS 0x1110000300000016 +#define TDCS_TD_CTLS 0x1110000300000017 #define TDCS_NOTIFY_ENABLES 0x9100000000000010 =20 +/* TDCS_TDX_FEATURES0 bits */ +#define TDX_FEATURES0_PENDING_EPT_VIOLATION_V2 BIT_ULL(16) + +/* TDCS_CONFIG_FLAGS bits */ +#define TDCS_CONFIG_FLEXIBLE_PENDING_VE BIT_ULL(1) + +/* TDCS_TD_CTLS bits */ +#define TD_CTLS_PENDING_VE_DISABLE BIT_ULL(0) + /* TDX hypercall Leaf IDs */ #define TDVMCALL_MAP_GPA 0x10001 #define TDVMCALL_GET_QUOTE 0x10002 --=20 2.43.0 From nobody Sun Feb 8 00:26:32 2026 Received: from mgamail.intel.com (mgamail.intel.com [192.198.163.14]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id CD55214D2AC for ; Mon, 25 Mar 2024 10:46:26 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=192.198.163.14 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1711363588; cv=none; b=Q1RBZ0olFbiF470CyrFJ5xjhPwRGboUO3aqzEEvHwc6zR1rkf2vJUKz1suMtCOgjN360ddNXlW8b6W0nkqB5VTTqnLnrKK9vBKFNrtBCUrXs5JhLSzvggm8/Szdc43JUAc29gym9zlD0/jk5i69iGCh1goWWHuUOLOUJ0+2UAK8= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1711363588; c=relaxed/simple; bh=JRxUQLSehBM2TNxu0nNZermgpC+ysXDiyFSy6vNNmbY=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=YkHTh5ObTyCOl0xxzd1Z5mI/faRugT40CcCGC/HLAD+eI1L2gHrEgGowJtLfyI8VezV53ADRgNkprlbLqn6U2Rf1srL8I60RT9Y4Y3uT9hIUto4V1mumRYyGd8IcFmlj1Sr4Jxp5ntQv4lSZ2V6sz3tYiwtedDZidE8IbNFE5NU= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.intel.com; spf=none smtp.helo=mgamail.intel.com; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b=lxRv//7i; arc=none smtp.client-ip=192.198.163.14 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.intel.com Authentication-Results: smtp.subspace.kernel.org; spf=none smtp.helo=mgamail.intel.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b="lxRv//7i" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1711363587; x=1742899587; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=JRxUQLSehBM2TNxu0nNZermgpC+ysXDiyFSy6vNNmbY=; b=lxRv//7iIgl/n6U+5MOHF0QpcHc63EM29VybthQLLPiDy6U2bkUvISYA VIGEn39MBorYgxrOdJt+8xeijnD4ct174SCTqq9O4D/mPH59XSyeZng0t PIKirmDiQTUAfOLy9lHlQPBwK8SFF5q4evExR3Q5cknWjJD/DOPifrVNF M7CV+coJzRPm0MvZTAVR4t6dLqlwlQGl6gAJ+n6+YTjZAEkKuK00m4kIy VPhMubgVtU4nkqpfU/6HFowRCwpaC/Dc5Mw7JKNVAQWr7uuV7sPMfdFvk QR8Y1MwwFQjkG8X6mDSpGJPFc6xrD0Z6wAn94H11RVwtZqeaSWhypd0RL w==; X-IronPort-AV: E=McAfee;i="6600,9927,11023"; a="6562007" X-IronPort-AV: E=Sophos;i="6.07,152,1708416000"; d="scan'208";a="6562007" Received: from fmsmga001.fm.intel.com ([10.253.24.23]) by fmvoesa108.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 25 Mar 2024 03:46:15 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=McAfee;i="6600,9927,11023"; a="937070185" X-IronPort-AV: E=Sophos;i="6.07,152,1708416000"; d="scan'208";a="937070185" Received: from black.fi.intel.com ([10.237.72.28]) by fmsmga001.fm.intel.com with ESMTP; 25 Mar 2024 03:46:11 -0700 Received: by black.fi.intel.com (Postfix, from userid 1000) id 028C8524; Mon, 25 Mar 2024 12:46:10 +0200 (EET) From: "Kirill A. Shutemov" To: tglx@linutronix.de, mingo@redhat.com, bp@alien8.de, dave.hansen@intel.com Cc: sathyanarayanan.kuppuswamy@linux.intel.com, hpa@zytor.com, seanjc@google.com, elena.reshetova@intel.com, rick.p.edgecombe@intel.com, x86@kernel.org, linux-kernel@vger.kernel.org, "Kirill A. Shutemov" Subject: [PATCHv2 4/4] x86/tdx: Enable ENUM_TOPOLOGY Date: Mon, 25 Mar 2024 12:46:07 +0200 Message-ID: <20240325104607.2653307-5-kirill.shutemov@linux.intel.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20240325104607.2653307-1-kirill.shutemov@linux.intel.com> References: <20240325104607.2653307-1-kirill.shutemov@linux.intel.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" TDX 1.0 defines baseline behaviour of TDX guest platform. In TDX 1.0 generates a #VE when accessing topology-related CPUID leafs (0xB and 0x1F) and the X2APIC_APICID MSR. The kernel returns all zeros on CPUID topology. Any complications will cause problems. The ENUM_TOPOLOGY feature allows the VMM to provide topology information to the guest. Enabling the feature eliminates topology-related #VEs: the TDX module virtualizes accesses to the CPUID leafs and the MSR. Enable ENUM_TOPOLOGY if it is available. Signed-off-by: Kirill A. Shutemov --- arch/x86/coco/tdx/tdx.c | 19 +++++++++++++++++++ arch/x86/include/asm/shared/tdx.h | 3 +++ 2 files changed, 22 insertions(+) diff --git a/arch/x86/coco/tdx/tdx.c b/arch/x86/coco/tdx/tdx.c index 860bfdd5a11d..b2d969432a22 100644 --- a/arch/x86/coco/tdx/tdx.c +++ b/arch/x86/coco/tdx/tdx.c @@ -289,6 +289,25 @@ static void tdx_setup(u64 *cc_mask) else tdx_panic(msg); } + + /* + * TDX 1.0 generates a #VE when accessing topology-related CPUID leafs + * (0xB and 0x1F) and the X2APIC_APICID MSR. The kernel returns all + * zeros on CPUID #VEs. In practice, this means that the kernel can only + * boot with a plain topology. Any complications will cause problems. + * + * The ENUM_TOPOLOGY feature allows the VMM to provide topology + * information to the guest in a safe manner. Enabling the feature + * eliminates topology-related #VEs: the TDX module virtualizes + * accesses to the CPUID leafs and the MSR. + * + * Enable ENUM_TOPOLOGY if it is available. + */ + if ((features & TDX_FEATURES0_ENUM_TOPOLOGY) && + tdg_vm_rd(TDCS_TOPOLOGY_ENUM_CONFIGURED)) { + if (!tdcs_ctls_set(TD_CTLS_ENUM_TOPOLOGY)) + pr_warn("Failed to enable ENUM_TOPOLOGY\n"); + } } =20 /* diff --git a/arch/x86/include/asm/shared/tdx.h b/arch/x86/include/asm/share= d/tdx.h index 29a61c72e4dd..2964c506b241 100644 --- a/arch/x86/include/asm/shared/tdx.h +++ b/arch/x86/include/asm/shared/tdx.h @@ -27,15 +27,18 @@ #define TDCS_CONFIG_FLAGS 0x1110000300000016 #define TDCS_TD_CTLS 0x1110000300000017 #define TDCS_NOTIFY_ENABLES 0x9100000000000010 +#define TDCS_TOPOLOGY_ENUM_CONFIGURED 0x9100000000000019 =20 /* TDCS_TDX_FEATURES0 bits */ #define TDX_FEATURES0_PENDING_EPT_VIOLATION_V2 BIT_ULL(16) +#define TDX_FEATURES0_ENUM_TOPOLOGY BIT_ULL(20) =20 /* TDCS_CONFIG_FLAGS bits */ #define TDCS_CONFIG_FLEXIBLE_PENDING_VE BIT_ULL(1) =20 /* TDCS_TD_CTLS bits */ #define TD_CTLS_PENDING_VE_DISABLE BIT_ULL(0) +#define TD_CTLS_ENUM_TOPOLOGY BIT_ULL(1) =20 /* TDX hypercall Leaf IDs */ #define TDVMCALL_MAP_GPA 0x10001 --=20 2.43.0