From: Isaku Yamahata <isaku.yamahata@intel.com>

Handle KVM hypercall for TDX according to TDX Guest-Host Communication
Interface (GHCI) specification.

The TDX GHCI specification defines the ABI for the guest TD to issue
hypercalls.   When R10 is non-zero, it indicates the TDG.VP.VMCALL is
vendor-specific.  KVM uses R10 as KVM hypercall number and R11-R14
as 4 arguments, while the error code is returned in R10.  Follow the
ABI and handle the KVM hypercall for TDX.

Signed-off-by: Isaku Yamahata <isaku.yamahata@intel.com>
Co-developed-by: Binbin Wu <binbin.wu@linux.intel.com>
Signed-off-by: Binbin Wu <binbin.wu@linux.intel.com>
---
Hypercalls exit to userspace breakout:
- Renamed from "KVM: TDX: handle KVM hypercall with TDG.VP.VMCALL" to
  "KVM: TDX: Handle KVM hypercall with TDG.VP.VMCALL".
- Update the change log.
- Rebased on Sean's "Prep KVM hypercall handling for TDX" patch set.
  https://lore.kernel.org/kvm/20241128004344.4072099-1-seanjc@google.com
- Use the right register (i.e. R10) to set the return code after returning
  back from userspace.
---
 arch/x86/kvm/vmx/tdx.c | 31 +++++++++++++++++++++++++++++++
 1 file changed, 31 insertions(+)

diff --git a/arch/x86/kvm/vmx/tdx.c b/arch/x86/kvm/vmx/tdx.c
index 19fd8a5dabd0..4cc55b120ab0 100644
--- a/arch/x86/kvm/vmx/tdx.c
+++ b/arch/x86/kvm/vmx/tdx.c
@@ -957,8 +957,39 @@ static int tdx_handle_triple_fault(struct kvm_vcpu *vcpu)
 	return 0;
 }
 
+
+static int complete_hypercall_exit(struct kvm_vcpu *vcpu)
+{
+	kvm_r10_write(vcpu, vcpu->run->hypercall.ret);
+	return 1;
+}
+
+static int tdx_emulate_vmcall(struct kvm_vcpu *vcpu)
+{
+	int r;
+
+	/*
+	 * ABI for KVM tdvmcall argument:
+	 * In Guest-Hypervisor Communication Interface(GHCI) specification,
+	 * Non-zero leaf number (R10 != 0) is defined to indicate
+	 * vendor-specific.  KVM uses this for KVM hypercall.  NOTE: KVM
+	 * hypercall number starts from one.  Zero isn't used for KVM hypercall
+	 * number.
+	 *
+	 * R10: KVM hypercall number
+	 * arguments: R11, R12, R13, R14.
+	 */
+	r = __kvm_emulate_hypercall(vcpu, r10, r11, r12, r13, r14, true, 0,
+				    complete_hypercall_exit);
+
+	return r > 0;
+}
+
 static int handle_tdvmcall(struct kvm_vcpu *vcpu)
 {
+	if (tdvmcall_exit_type(vcpu))
+		return tdx_emulate_vmcall(vcpu);
+
 	switch (tdvmcall_leaf(vcpu)) {
 	default:
 		break;
-- 
2.46.0

On Sun, Dec 01, 2024 at 11:53:52AM +0800, Binbin Wu wrote:
>From: Isaku Yamahata <isaku.yamahata@intel.com>
>
>Handle KVM hypercall for TDX according to TDX Guest-Host Communication
>Interface (GHCI) specification.
>
>The TDX GHCI specification defines the ABI for the guest TD to issue
>hypercalls.   When R10 is non-zero, it indicates the TDG.VP.VMCALL is
>vendor-specific.  KVM uses R10 as KVM hypercall number and R11-R14
>as 4 arguments, while the error code is returned in R10.  Follow the
>ABI and handle the KVM hypercall for TDX.
>
>Signed-off-by: Isaku Yamahata <isaku.yamahata@intel.com>
>Co-developed-by: Binbin Wu <binbin.wu@linux.intel.com>
>Signed-off-by: Binbin Wu <binbin.wu@linux.intel.com>
>---
>Hypercalls exit to userspace breakout:
>- Renamed from "KVM: TDX: handle KVM hypercall with TDG.VP.VMCALL" to
>  "KVM: TDX: Handle KVM hypercall with TDG.VP.VMCALL".
>- Update the change log.
>- Rebased on Sean's "Prep KVM hypercall handling for TDX" patch set.
>  https://lore.kernel.org/kvm/20241128004344.4072099-1-seanjc@google.com
>- Use the right register (i.e. R10) to set the return code after returning
>  back from userspace.
>---
> arch/x86/kvm/vmx/tdx.c | 31 +++++++++++++++++++++++++++++++
> 1 file changed, 31 insertions(+)
>
>diff --git a/arch/x86/kvm/vmx/tdx.c b/arch/x86/kvm/vmx/tdx.c
>index 19fd8a5dabd0..4cc55b120ab0 100644
>--- a/arch/x86/kvm/vmx/tdx.c
>+++ b/arch/x86/kvm/vmx/tdx.c
>@@ -957,8 +957,39 @@ static int tdx_handle_triple_fault(struct kvm_vcpu *vcpu)
> 	return 0;
> }
> 
>+
>+static int complete_hypercall_exit(struct kvm_vcpu *vcpu)
>+{
>+	kvm_r10_write(vcpu, vcpu->run->hypercall.ret);

Use tdvmcall_set_return_code() here? it would be more self-explanatory.

>+	return 1;
>+}
>+
>+static int tdx_emulate_vmcall(struct kvm_vcpu *vcpu)
>+{
>+	int r;
>+
>+	/*
>+	 * ABI for KVM tdvmcall argument:
>+	 * In Guest-Hypervisor Communication Interface(GHCI) specification,
>+	 * Non-zero leaf number (R10 != 0) is defined to indicate
>+	 * vendor-specific.  KVM uses this for KVM hypercall.  NOTE: KVM
>+	 * hypercall number starts from one.  Zero isn't used for KVM hypercall
>+	 * number.
>+	 *
>+	 * R10: KVM hypercall number
>+	 * arguments: R11, R12, R13, R14.
>+	 */
>+	r = __kvm_emulate_hypercall(vcpu, r10, r11, r12, r13, r14, true, 0,

note r10-14 are not declared in this function.

>+				    complete_hypercall_exit);
>+
>+	return r > 0;
>+}
>+
> static int handle_tdvmcall(struct kvm_vcpu *vcpu)
> {
>+	if (tdvmcall_exit_type(vcpu))
>+		return tdx_emulate_vmcall(vcpu);
>+
> 	switch (tdvmcall_leaf(vcpu)) {
> 	default:
> 		break;
>-- 
>2.46.0
>

On 12/9/2024 10:58 AM, Chao Gao wrote:
> On Sun, Dec 01, 2024 at 11:53:52AM +0800, Binbin Wu wrote:
>> From: Isaku Yamahata <isaku.yamahata@intel.com>
>>
>> Handle KVM hypercall for TDX according to TDX Guest-Host Communication
>> Interface (GHCI) specification.
>>
>> The TDX GHCI specification defines the ABI for the guest TD to issue
>> hypercalls.   When R10 is non-zero, it indicates the TDG.VP.VMCALL is
>> vendor-specific.  KVM uses R10 as KVM hypercall number and R11-R14
>> as 4 arguments, while the error code is returned in R10.  Follow the
>> ABI and handle the KVM hypercall for TDX.
>>
>> Signed-off-by: Isaku Yamahata <isaku.yamahata@intel.com>
>> Co-developed-by: Binbin Wu <binbin.wu@linux.intel.com>
>> Signed-off-by: Binbin Wu <binbin.wu@linux.intel.com>
>> ---
>> Hypercalls exit to userspace breakout:
>> - Renamed from "KVM: TDX: handle KVM hypercall with TDG.VP.VMCALL" to
>>   "KVM: TDX: Handle KVM hypercall with TDG.VP.VMCALL".
>> - Update the change log.
>> - Rebased on Sean's "Prep KVM hypercall handling for TDX" patch set.
>>   https://lore.kernel.org/kvm/20241128004344.4072099-1-seanjc@google.com
>> - Use the right register (i.e. R10) to set the return code after returning
>>   back from userspace.
>> ---
>> arch/x86/kvm/vmx/tdx.c | 31 +++++++++++++++++++++++++++++++
>> 1 file changed, 31 insertions(+)
>>
>> diff --git a/arch/x86/kvm/vmx/tdx.c b/arch/x86/kvm/vmx/tdx.c
>> index 19fd8a5dabd0..4cc55b120ab0 100644
>> --- a/arch/x86/kvm/vmx/tdx.c
>> +++ b/arch/x86/kvm/vmx/tdx.c
>> @@ -957,8 +957,39 @@ static int tdx_handle_triple_fault(struct kvm_vcpu *vcpu)
>> 	return 0;
>> }
>>
>> +
>> +static int complete_hypercall_exit(struct kvm_vcpu *vcpu)
>> +{
>> +	kvm_r10_write(vcpu, vcpu->run->hypercall.ret);
> Use tdvmcall_set_return_code() here? it would be more self-explanatory.
Yes, it's better.
Thanks!

>
>> +	return 1;
>> +}
>> +
>> +static int tdx_emulate_vmcall(struct kvm_vcpu *vcpu)
>> +{
>> +	int r;
>> +
>> +	/*
>> +	 * ABI for KVM tdvmcall argument:
>> +	 * In Guest-Hypervisor Communication Interface(GHCI) specification,
>> +	 * Non-zero leaf number (R10 != 0) is defined to indicate
>> +	 * vendor-specific.  KVM uses this for KVM hypercall.  NOTE: KVM
>> +	 * hypercall number starts from one.  Zero isn't used for KVM hypercall
>> +	 * number.
>> +	 *
>> +	 * R10: KVM hypercall number
>> +	 * arguments: R11, R12, R13, R14.
>> +	 */
>> +	r = __kvm_emulate_hypercall(vcpu, r10, r11, r12, r13, r14, true, 0,
> note r10-14 are not declared in this function.
__kvm_emulate_hypercall() is a macro, so these will be replaced by
kvm_{r10, r11, r12, r13, r14}_read().


>
>> +				    complete_hypercall_exit);
>> +
>> +	return r > 0;
>> +}
>> +
>> static int handle_tdvmcall(struct kvm_vcpu *vcpu)
>> {
>> +	if (tdvmcall_exit_type(vcpu))
>> +		return tdx_emulate_vmcall(vcpu);
>> +
>> 	switch (tdvmcall_leaf(vcpu)) {
>> 	default:
>> 		break;
>> -- 
>> 2.46.0
>>