From nobody Wed Oct  1 23:34:11 2025
Received: from mail-pj1-f74.google.com (mail-pj1-f74.google.com
 [209.85.216.74])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id EC45930DEB9
	for <linux-kernel@vger.kernel.org>; Thu, 25 Sep 2025 17:29:02 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org;
 arc=none smtp.client-ip=209.85.216.74
ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;
	t=1758821344; cv=none;
 b=qFbrjnCwnnbBwqKyYF1bH+b+RYSI/YbB+y+wVLlE/OL/1ym7l4AANU6fR4f1fSswLfpf74WnU48Luj9txHco0nWQeGsN0xyYTh3qZzs8VkuhSAf8d/u3MlO/X9ws6HxImsWfn+J4kUPouVoLrSCTa49PwL3W81LsxYm913rsijM=
ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org;
	s=arc-20240116; t=1758821344; c=relaxed/simple;
	bh=PuuZvAh1tDY0QCSwBSanimRBMOrq8kLY5IMjjWh+8co=;
	h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From:
	 To:Cc:Content-Type;
 b=TkGNsTHB4RujHVIMpmkLpyLqVVXYj4TVjGIf4zMiavfL0zhd8QupXvfWrlNVj6BPJzaAuz8x7kv8/CgdiUcomhRJv0WIEPKiAXYPE0fSdog8r+wt6Zrp4Ss1bzmLThEKqOhYpkwMze5qHo0svF3V51JIHz8pHXVtlZgTGwbE6rQ=
ARC-Authentication-Results: i=1; smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com;
 spf=pass smtp.mailfrom=flex--sagis.bounces.google.com;
 dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b=ZyiVtvmK; arc=none smtp.client-ip=209.85.216.74
Authentication-Results: smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com
Authentication-Results: smtp.subspace.kernel.org;
 spf=pass smtp.mailfrom=flex--sagis.bounces.google.com
Authentication-Results: smtp.subspace.kernel.org;
	dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b="ZyiVtvmK"
Received: by mail-pj1-f74.google.com with SMTP id
 98e67ed59e1d1-32eb18b5500so2059473a91.2
        for <linux-kernel@vger.kernel.org>;
 Thu, 25 Sep 2025 10:29:02 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=google.com; s=20230601; t=1758821342; x=1759426142;
 darn=vger.kernel.org;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:from:to:cc:subject:date:message-id:reply-to;
        bh=ZXlB8+SSRRplw/eMnY6X9cuqM5T51OD1clP8ffUYU5E=;
        b=ZyiVtvmKANal6bGC3Ztv4gWESw+3V4YSQ+gwYEjGZXBvJ0aC21kVqANg59iJ95Tsg1
         dhAY6Bf4UL9/inCILdSxP6gSvbMkq1ueEPtUvaientSuofkK4GFH+Di0bafAn0cYHRi2
         WcmegnjuLzpDOG2zsNSEZCtpyo8kVlif5wd+REUG2087kferzcOdVpKOY2Zy1o3BtziB
         uZr8+WuHxTfNfL6cc5yS7m1cmRgHoy6t69W8Jdt4QUNkiFTPFvQ3jctSt4KANh2DC5Sg
         EJBCeDsgJUvALpPH5sm5uBD1+uYUJIYD9NH6NGKka54JdmSsfSzoslNDxYIZXm+XPqyx
         f+AA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1758821342; x=1759426142;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to;
        bh=ZXlB8+SSRRplw/eMnY6X9cuqM5T51OD1clP8ffUYU5E=;
        b=cFNtTb5NiSWnEb4tKLcbBbaviLdYdFXFCR74e+O+U2zOJP9unkDGbRsY2Co0uWZ9Gj
         spJgUoc2oMbtet7btLLFrtH3E47A26YCyOSK4Nar4MMuhp4EiWYOHh/VUjh5s+ETTW1/
         nXWl8msuQZR8GN+VliBpjPJsFr9SfPvWFs6+bortnVlbtlpR/Ryi5dOFRdoUOfH7/5oO
         zTqQ9bdrt4L0MP/Rx522H3Q7ZHzluviS74DHeLBUewuCG0bh3Vtb5OCI3dZYIk1ge8yW
         HcfcVeADu8rRzPaSI6jESnzm6ct8rw4nE9YKjo4NvE87K/+kO3gS4hIQ5B4hYmfE5w64
         uWbQ==
X-Gm-Message-State: AOJu0Yy+DbREh77dFNLV9i9x6S/2QZStMTXHdd0v2DWKebiXTlT+ljpU
	g8/yQhSlWsOAWNt0eS6ym4lVEi2ZGXy0x6sH+I5ihfVSuFYTkMg36Ef3ZS5Scplar516W7eTYWo
	0UQ==
X-Google-Smtp-Source: 
 AGHT+IEZzGQjlcer4TtgJJyp6W2h4duZ2REhE76+yEr5JrO7LsVNgHPdNsMEIaC4XzQAmGY4FsHHPQDEzw==
X-Received: from pjbgb5.prod.google.com ([2002:a17:90b:605:b0:327:dc48:1406])
 (user=sagis job=prod-delivery.src-stubby-dispatcher) by
 2002:a17:90b:3b8c:b0:32e:7270:949c
 with SMTP id 98e67ed59e1d1-3342a30798emr4459374a91.35.1758821342275; Thu, 25
 Sep 2025 10:29:02 -0700 (PDT)
Date: Thu, 25 Sep 2025 10:28:29 -0700
In-Reply-To: <20250925172851.606193-1-sagis@google.com>
Precedence: bulk
X-Mailing-List: linux-kernel@vger.kernel.org
List-Id: <linux-kernel.vger.kernel.org>
List-Subscribe: <mailto:linux-kernel+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:linux-kernel+unsubscribe@vger.kernel.org>
Mime-Version: 1.0
References: <20250925172851.606193-1-sagis@google.com>
X-Mailer: git-send-email 2.51.0.536.g15c5d4f767-goog
Message-ID: <20250925172851.606193-2-sagis@google.com>
Subject: [PATCH v11 01/21] KVM: selftests: Allocate pgd in virt_map() as
 necessary
From: Sagi Shahar <sagis@google.com>
To: linux-kselftest@vger.kernel.org, Paolo Bonzini <pbonzini@redhat.com>,
	Shuah Khan <shuah@kernel.org>, Sean Christopherson <seanjc@google.com>,
	Ackerley Tng <ackerleytng@google.com>, Ryan Afranji <afranji@google.com>,
	Andrew Jones <ajones@ventanamicro.com>,
 Isaku Yamahata <isaku.yamahata@intel.com>,
	Erdem Aktas <erdemaktas@google.com>,
 Rick Edgecombe <rick.p.edgecombe@intel.com>,
	Sagi Shahar <sagis@google.com>, Roger Wang <runanwang@google.com>,
	Binbin Wu <binbin.wu@linux.intel.com>, Oliver Upton <oliver.upton@linux.dev>,
	"Pratik R. Sampat" <pratikrajesh.sampat@amd.com>,
 Reinette Chatre <reinette.chatre@intel.com>,
	Ira Weiny <ira.weiny@intel.com>, Chao Gao <chao.gao@intel.com>,
	Chenyi Qiang <chenyi.qiang@intel.com>
Cc: linux-kernel@vger.kernel.org, kvm@vger.kernel.org
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain; charset="utf-8"

If virt_map() is called before any call to ____vm_vaddr_alloc() it
will create the mapping using an invalid pgd.

Add call to virt_pgd_alloc() as part of virt_map() before creating the
mapping, similarly to ____vm_vaddr_alloc()

Reviewed-by: Ira Weiny <ira.weiny@intel.com>
Reviewed-by: Binbin Wu <binbin.wu@linux.intel.com>
Signed-off-by: Sagi Shahar <sagis@google.com>
---
 tools/testing/selftests/kvm/lib/kvm_util.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/tools/testing/selftests/kvm/lib/kvm_util.c b/tools/testing/sel=
ftests/kvm/lib/kvm_util.c
index c3f5142b0a54..b4c8702ba4bd 100644
--- a/tools/testing/selftests/kvm/lib/kvm_util.c
+++ b/tools/testing/selftests/kvm/lib/kvm_util.c
@@ -1609,6 +1609,7 @@ void virt_map(struct kvm_vm *vm, uint64_t vaddr, uint=
64_t paddr,
 	TEST_ASSERT(vaddr + size > vaddr, "Vaddr overflow");
 	TEST_ASSERT(paddr + size > paddr, "Paddr overflow");
=20
+	virt_pgd_alloc(vm);
 	while (npages--) {
 		virt_pg_map(vm, vaddr, paddr);
 		sparsebit_set(vm->vpages_mapped, vaddr >> vm->page_shift);
--=20
2.51.0.536.g15c5d4f767-goog
From nobody Wed Oct  1 23:34:11 2025
Received: from mail-pf1-f201.google.com (mail-pf1-f201.google.com
 [209.85.210.201])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id 9888E311592
	for <linux-kernel@vger.kernel.org>; Thu, 25 Sep 2025 17:29:04 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org;
 arc=none smtp.client-ip=209.85.210.201
ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;
	t=1758821346; cv=none;
 b=f9zYrl9e4LvYF2WGScABlP+4sC9ECoJ6eapreRwTPpZSNnRy4iz7Wu5SaQAjgKAKYTIJZykCc4XQpDf5W0LxDDR6nQ8z+mvfrjCfXwpUBfTyrDCk8eg9ami8iOoXTj0FAl85wS8Q1QJHyxOBtc9dEy4TXIE9E6rTsdrz3rF508Y=
ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org;
	s=arc-20240116; t=1758821346; c=relaxed/simple;
	bh=ajazmAXcgCXOhCMgF6c8IA9hIPNsZ0Ny8LW/+nRUD1w=;
	h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From:
	 To:Cc:Content-Type;
 b=arSahJ67EQdH43zo2H9+Kg7w/DBHuia9FJLjLsQ+0UGTYOhDdaeatpiT519aWtPDpzoAtsaiMGKJ+vw3mJmfILgCs8jb7XVWagQd9h0cs6Y/485FDlPE1ZDwjqhVvDnTBuE8jkVh2imR6ur4Ht3+vrfAx5Nd5h/CbRXjuZIWG0I=
ARC-Authentication-Results: i=1; smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com;
 spf=pass smtp.mailfrom=flex--sagis.bounces.google.com;
 dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b=GAPbxzYJ; arc=none smtp.client-ip=209.85.210.201
Authentication-Results: smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com
Authentication-Results: smtp.subspace.kernel.org;
 spf=pass smtp.mailfrom=flex--sagis.bounces.google.com
Authentication-Results: smtp.subspace.kernel.org;
	dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b="GAPbxzYJ"
Received: by mail-pf1-f201.google.com with SMTP id
 d2e1a72fcca58-77f2466eeb5so1080935b3a.2
        for <linux-kernel@vger.kernel.org>;
 Thu, 25 Sep 2025 10:29:04 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=google.com; s=20230601; t=1758821344; x=1759426144;
 darn=vger.kernel.org;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:from:to:cc:subject:date:message-id:reply-to;
        bh=+8ifmburBeSC8WUGUcPT3YChUFYu/ybrkpYDbnSiwtw=;
        b=GAPbxzYJmmjsn5ytIy0TwP0HLmMLkLPdwp9zUmZO9p5UiHBCsRAgpTyGVWtAB7/BeM
         Sbg9agTN4ArccRopGujM+0uNEdzFnTiUirCmR/Vyz+iNeH4LTRZs88knBWZoK0F8//Ce
         uNpa7NZZvMLy8wDkqMzOAOYhBrFELcPpn6G+PDGG2JLZslU4SxtHeoQ8w/WjX8+6lDy7
         FAqH6oDsAPE3ow/VlVN78tkO7f4FOh5cAbmyVaZ7xNXogXlf+f4VJjWCUhW/xF7BxiQ/
         6Pt6e2w0UvTwk/ZmvgK3V0Yv5Wl+Z0eUtI08kJjBHbbkr6USOUGm0y9eyN3YKDM/zrk3
         lGxg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1758821344; x=1759426144;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to;
        bh=+8ifmburBeSC8WUGUcPT3YChUFYu/ybrkpYDbnSiwtw=;
        b=alUSNTby2uudtPQhFj5+GlitKvt5pEL6G+zyW+Nk+rCT5dxV7zI/SQnBjxpkLK/rBe
         uLNE4us81x+6sqX+5Sotxgv2iMPjk/IiTJPcTffyWMocwWvPsyn0qBBgnQ3EF8eB1e62
         oiixqVQ5Z0U0pYCDNamyt/Y+vQVUnbIfR3yBrDc0J6wPeROzgmmaTL4IDPm4UDBX0PTv
         b0rMhNxaXqoVOGk0CDvq3s4vrhbONoeeyTwAxQR3H3iyJ1IfZhtREsiE/Kj7BeehidYi
         3RAPMIbumlKtIK/UzreSuLbo8PHN3Fy/rRLpg58Pm/Jynq7SLTO1NDxh5k1WKSbYtgNl
         zg+A==
X-Gm-Message-State: AOJu0Ywr9S68xYlW+hd3gEzgZKDwe0Jftv1Xrs1msrlv8CY5KNJOokAj
	rLj18elofzvIrRq3YWEPND27G36Oih6ZyPgn7vxDqbOnbx28GAbAEWOLHEWXEqHtPpQ+jg7G5nX
	I4Q==
X-Google-Smtp-Source: 
 AGHT+IGrkyBRHghioEEsNPLgX1a/QnnxGkOYM+tTJb1o+oHPLCPFpT249t2kyMMvcKAJwNIDKc0vdnUxMA==
X-Received: from pfbhr17-n1.prod.google.com
 ([2002:a05:6a00:6b91:10b0:76b:3822:35ea])
 (user=sagis job=prod-delivery.src-stubby-dispatcher) by
 2002:a05:6a00:3902:b0:772:86aa:ed0a
 with SMTP id d2e1a72fcca58-780fced989emr5023794b3a.25.1758821343828; Thu, 25
 Sep 2025 10:29:03 -0700 (PDT)
Date: Thu, 25 Sep 2025 10:28:30 -0700
In-Reply-To: <20250925172851.606193-1-sagis@google.com>
Precedence: bulk
X-Mailing-List: linux-kernel@vger.kernel.org
List-Id: <linux-kernel.vger.kernel.org>
List-Subscribe: <mailto:linux-kernel+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:linux-kernel+unsubscribe@vger.kernel.org>
Mime-Version: 1.0
References: <20250925172851.606193-1-sagis@google.com>
X-Mailer: git-send-email 2.51.0.536.g15c5d4f767-goog
Message-ID: <20250925172851.606193-3-sagis@google.com>
Subject: [PATCH v11 02/21] KVM: selftests: Expose functions to get default
 sregs values
From: Sagi Shahar <sagis@google.com>
To: linux-kselftest@vger.kernel.org, Paolo Bonzini <pbonzini@redhat.com>,
	Shuah Khan <shuah@kernel.org>, Sean Christopherson <seanjc@google.com>,
	Ackerley Tng <ackerleytng@google.com>, Ryan Afranji <afranji@google.com>,
	Andrew Jones <ajones@ventanamicro.com>,
 Isaku Yamahata <isaku.yamahata@intel.com>,
	Erdem Aktas <erdemaktas@google.com>,
 Rick Edgecombe <rick.p.edgecombe@intel.com>,
	Sagi Shahar <sagis@google.com>, Roger Wang <runanwang@google.com>,
	Binbin Wu <binbin.wu@linux.intel.com>, Oliver Upton <oliver.upton@linux.dev>,
	"Pratik R. Sampat" <pratikrajesh.sampat@amd.com>,
 Reinette Chatre <reinette.chatre@intel.com>,
	Ira Weiny <ira.weiny@intel.com>, Chao Gao <chao.gao@intel.com>,
	Chenyi Qiang <chenyi.qiang@intel.com>
Cc: linux-kernel@vger.kernel.org, kvm@vger.kernel.org
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain; charset="utf-8"

TDX can't set sregs values directly using KVM_SET_SREGS. Expose the
default values of certain sregs used by TDX VMs so they can be set
manually.

Reviewed-by: Binbin Wu <binbin.wu@linux.intel.com>
Signed-off-by: Sagi Shahar <sagis@google.com>
---
 .../selftests/kvm/include/x86/processor.h     | 33 +++++++++++++++++++
 .../testing/selftests/kvm/lib/x86/processor.c | 12 +++----
 2 files changed, 38 insertions(+), 7 deletions(-)

diff --git a/tools/testing/selftests/kvm/include/x86/processor.h b/tools/te=
sting/selftests/kvm/include/x86/processor.h
index 2efb05c2f2fb..f610c09cadf4 100644
--- a/tools/testing/selftests/kvm/include/x86/processor.h
+++ b/tools/testing/selftests/kvm/include/x86/processor.h
@@ -27,6 +27,10 @@ extern uint64_t guest_tsc_khz;
 #define MAX_NR_CPUID_ENTRIES 100
 #endif
=20
+#ifndef NUM_INTERRUPTS
+#define NUM_INTERRUPTS 256
+#endif
+
 #define NONCANONICAL 0xaaaaaaaaaaaaaaaaull
=20
 /* Forced emulation prefix, used to invoke the emulator unconditionally. */
@@ -1456,4 +1460,33 @@ void virt_map_level(struct kvm_vm *vm, uint64_t vadd=
r, uint64_t paddr,
=20
 bool sys_clocksource_is_based_on_tsc(void);
=20
+static inline uint16_t kvm_get_default_idt_limit(void)
+{
+	return NUM_INTERRUPTS * sizeof(struct idt_entry) - 1;
+}
+
+static inline uint16_t kvm_get_default_gdt_limit(void)
+{
+	return getpagesize() - 1;
+}
+
+static inline uint64_t kvm_get_default_cr0(void)
+{
+	return X86_CR0_PE | X86_CR0_NE | X86_CR0_PG;
+}
+
+static inline uint64_t kvm_get_default_cr4(void)
+{
+	uint64_t cr4 =3D X86_CR4_PAE | X86_CR4_OSFXSR;
+
+	if (kvm_cpu_has(X86_FEATURE_XSAVE))
+		cr4 |=3D X86_CR4_OSXSAVE;
+	return cr4;
+}
+
+static inline uint64_t kvm_get_default_efer(void)
+{
+	return EFER_LME | EFER_LMA | EFER_NX;
+}
+
 #endif /* SELFTEST_KVM_PROCESSOR_H */
diff --git a/tools/testing/selftests/kvm/lib/x86/processor.c b/tools/testin=
g/selftests/kvm/lib/x86/processor.c
index d4c19ac885a9..83efcf48faad 100644
--- a/tools/testing/selftests/kvm/lib/x86/processor.c
+++ b/tools/testing/selftests/kvm/lib/x86/processor.c
@@ -498,15 +498,13 @@ static void vcpu_init_sregs(struct kvm_vm *vm, struct=
 kvm_vcpu *vcpu)
 	vcpu_sregs_get(vcpu, &sregs);
=20
 	sregs.idt.base =3D vm->arch.idt;
-	sregs.idt.limit =3D NUM_INTERRUPTS * sizeof(struct idt_entry) - 1;
+	sregs.idt.limit =3D kvm_get_default_idt_limit();
 	sregs.gdt.base =3D vm->arch.gdt;
-	sregs.gdt.limit =3D getpagesize() - 1;
+	sregs.gdt.limit =3D kvm_get_default_gdt_limit();
=20
-	sregs.cr0 =3D X86_CR0_PE | X86_CR0_NE | X86_CR0_PG;
-	sregs.cr4 |=3D X86_CR4_PAE | X86_CR4_OSFXSR;
-	if (kvm_cpu_has(X86_FEATURE_XSAVE))
-		sregs.cr4 |=3D X86_CR4_OSXSAVE;
-	sregs.efer |=3D (EFER_LME | EFER_LMA | EFER_NX);
+	sregs.cr0 =3D kvm_get_default_cr0();
+	sregs.cr4 |=3D kvm_get_default_cr4();
+	sregs.efer |=3D kvm_get_default_efer();
=20
 	kvm_seg_set_unusable(&sregs.ldt);
 	kvm_seg_set_kernel_code_64bit(&sregs.cs);
--=20
2.51.0.536.g15c5d4f767-goog
From nobody Wed Oct  1 23:34:11 2025
Received: from mail-pf1-f202.google.com (mail-pf1-f202.google.com
 [209.85.210.202])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id 30C1A3128BC
	for <linux-kernel@vger.kernel.org>; Thu, 25 Sep 2025 17:29:06 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org;
 arc=none smtp.client-ip=209.85.210.202
ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;
	t=1758821349; cv=none;
 b=iTeZ1NjOCQmIfN52KZyIB8u15CFmvcGudO/8fhV24XXSZlI3tR3pvSuJI2asABw/vs2InMW84OzROwRxi9AaA8YgYH65BAD6CccvmZJ7LG8EUDDFJW75lIlsEdAhW1SWts2EzUNJP3xhCd3smElvC1t2Z7mBtMUdL8a+u5JIq28=
ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org;
	s=arc-20240116; t=1758821349; c=relaxed/simple;
	bh=bOvTd2bB6/WZ+eh2dApwatXxF97GRYm67HVPHEr5nyI=;
	h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From:
	 To:Cc:Content-Type;
 b=EbPSGjvpxy7A09OSRio3CADHd0o2qZgpGnqF/R0oO1ktzg2hWQ6UxYc9yNIR5Oc8DA9xa+2JMNVSMHjJMuXCwr4y794AYO+ZtrB5oC5HxzJWANvVdNnjPbCzFbY//yrURYNCTB7DL38l2pjrMYPG+qhN6K/bbxu+CXYp7bmggRw=
ARC-Authentication-Results: i=1; smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com;
 spf=pass smtp.mailfrom=flex--sagis.bounces.google.com;
 dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b=MK3C2EYJ; arc=none smtp.client-ip=209.85.210.202
Authentication-Results: smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com
Authentication-Results: smtp.subspace.kernel.org;
 spf=pass smtp.mailfrom=flex--sagis.bounces.google.com
Authentication-Results: smtp.subspace.kernel.org;
	dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b="MK3C2EYJ"
Received: by mail-pf1-f202.google.com with SMTP id
 d2e1a72fcca58-780f7238196so957758b3a.3
        for <linux-kernel@vger.kernel.org>;
 Thu, 25 Sep 2025 10:29:06 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=google.com; s=20230601; t=1758821345; x=1759426145;
 darn=vger.kernel.org;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:from:to:cc:subject:date:message-id:reply-to;
        bh=1mZRrNcnYUjmo7rmN8LDqwFLvvoTI0A/jd/T6+rTzXE=;
        b=MK3C2EYJ2xhwEz5iOoB8l7jKrN/W046guBM0koBTVXaGOWgEwZwrT8xS/lFBzjiuSZ
         q0i8JNFDsuHcM0Gk0KdUTf0O05B86+d/ajUN2ivDfrA+4oXZ75s+ezaQgi6Pr58oDjme
         lPU1tLmSdEUk90dO+tEKejbVz2lGTididvxwWpoctEyGhuI9sVBFZfhYbTzkrDpQ9JZH
         7oTbFMsj6NpdAXc06qMwDbni8YMGs5mVXvJIkcxzOtZh2OVMgpdPWffwR4O3dHyoT2E2
         tND2b19thsOGwfD7GLkUtfjIIHO3b8cwPPzfZ+/pDeGD8z+Lh9lWhKky8t/FitV9cZ2E
         i+EQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1758821345; x=1759426145;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to;
        bh=1mZRrNcnYUjmo7rmN8LDqwFLvvoTI0A/jd/T6+rTzXE=;
        b=QS4ExHBHAchk5ex/uBS+/rkWjnaumgqV92JcT3Z/99d6mF9gMLGZp/l0LMDNw6JTr+
         wQU1UJMM4TU6Z+CT57bmVuLKQ3g8P5K+GAMh4H/HEm3K3IwNehc0WEMC07ix0GkC4gI+
         zzcWDOHJiMM1hMf7NNr1153v0wcS9yp/s0UP8TJvyN8YCiNxIXhOqHyl0igAVo0FyiIg
         R1hoZ7eDMuIjwhjwegLwGmjND/Op3m0rO1tZW1UHHXtbtxdsL70VARMRUujnQ7P9WthH
         EFjBAyBA96eszgzHgb81WMRgJm6wmLaG0IgQC9dFWipG8m40B7LkG1laEJunWt3p0UYs
         hq0A==
X-Gm-Message-State: AOJu0YwRI7z0onydY2Ypi8jyIhyXLip3yHP5arFDL4KbdG3KRKmdzper
	WaYilbW2qlrHJ/0jfPWm6HRfDpJfbxMHg5+t4azPI8lj0VgE/5FPWbTHY9kcHZz2zpiATk3ILpt
	8Qg==
X-Google-Smtp-Source: 
 AGHT+IHH7Mef2XNVh1ACvfIhTNHlDP18hKQJPvznI4TzvCashHW+qf63OPYFuy4CAmBPIVH0739cX6UI/A==
X-Received: from pfbhh2.prod.google.com
 ([2002:a05:6a00:8682:b0:77f:61e8:fabd])
 (user=sagis job=prod-delivery.src-stubby-dispatcher) by
 2002:a05:6a00:4b0a:b0:776:1f45:9044
 with SMTP id d2e1a72fcca58-780fcc6b61bmr4255358b3a.0.1758821345338; Thu, 25
 Sep 2025 10:29:05 -0700 (PDT)
Date: Thu, 25 Sep 2025 10:28:31 -0700
In-Reply-To: <20250925172851.606193-1-sagis@google.com>
Precedence: bulk
X-Mailing-List: linux-kernel@vger.kernel.org
List-Id: <linux-kernel.vger.kernel.org>
List-Subscribe: <mailto:linux-kernel+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:linux-kernel+unsubscribe@vger.kernel.org>
Mime-Version: 1.0
References: <20250925172851.606193-1-sagis@google.com>
X-Mailer: git-send-email 2.51.0.536.g15c5d4f767-goog
Message-ID: <20250925172851.606193-4-sagis@google.com>
Subject: [PATCH v11 03/21] KVM: selftests: Expose function to allocate guest
 vCPU stack
From: Sagi Shahar <sagis@google.com>
To: linux-kselftest@vger.kernel.org, Paolo Bonzini <pbonzini@redhat.com>,
	Shuah Khan <shuah@kernel.org>, Sean Christopherson <seanjc@google.com>,
	Ackerley Tng <ackerleytng@google.com>, Ryan Afranji <afranji@google.com>,
	Andrew Jones <ajones@ventanamicro.com>,
 Isaku Yamahata <isaku.yamahata@intel.com>,
	Erdem Aktas <erdemaktas@google.com>,
 Rick Edgecombe <rick.p.edgecombe@intel.com>,
	Sagi Shahar <sagis@google.com>, Roger Wang <runanwang@google.com>,
	Binbin Wu <binbin.wu@linux.intel.com>, Oliver Upton <oliver.upton@linux.dev>,
	"Pratik R. Sampat" <pratikrajesh.sampat@amd.com>,
 Reinette Chatre <reinette.chatre@intel.com>,
	Ira Weiny <ira.weiny@intel.com>, Chao Gao <chao.gao@intel.com>,
	Chenyi Qiang <chenyi.qiang@intel.com>
Cc: linux-kernel@vger.kernel.org, kvm@vger.kernel.org
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain; charset="utf-8"

TDX guests' registers cannot be initialized directly using
vcpu_regs_set(), hence the stack pointer needs to be initialized by
the guest itself, running boot code beginning at the reset vector.

Expose the function to allocate the guest stack so that TDX
initialization code can allocate it itself and skip the allocation in
vm_arch_vcpu_add() in that case.

Reviewed-by: Binbin Wu <binbin.wu@linux.intel.com>
Signed-off-by: Sagi Shahar <sagis@google.com>
---
 .../selftests/kvm/include/x86/processor.h        |  2 ++
 tools/testing/selftests/kvm/lib/x86/processor.c  | 16 +++++++++++-----
 2 files changed, 13 insertions(+), 5 deletions(-)

diff --git a/tools/testing/selftests/kvm/include/x86/processor.h b/tools/te=
sting/selftests/kvm/include/x86/processor.h
index f610c09cadf4..8e75df5e6bc9 100644
--- a/tools/testing/selftests/kvm/include/x86/processor.h
+++ b/tools/testing/selftests/kvm/include/x86/processor.h
@@ -1109,6 +1109,8 @@ static inline void vcpu_clear_cpuid_feature(struct kv=
m_vcpu *vcpu,
 	vcpu_set_or_clear_cpuid_feature(vcpu, feature, false);
 }
=20
+vm_vaddr_t kvm_allocate_vcpu_stack(struct kvm_vm *vm);
+
 uint64_t vcpu_get_msr(struct kvm_vcpu *vcpu, uint64_t msr_index);
 int _vcpu_set_msr(struct kvm_vcpu *vcpu, uint64_t msr_index, uint64_t msr_=
value);
=20
diff --git a/tools/testing/selftests/kvm/lib/x86/processor.c b/tools/testin=
g/selftests/kvm/lib/x86/processor.c
index 83efcf48faad..82369373e843 100644
--- a/tools/testing/selftests/kvm/lib/x86/processor.c
+++ b/tools/testing/selftests/kvm/lib/x86/processor.c
@@ -658,12 +658,9 @@ void vcpu_arch_set_entry_point(struct kvm_vcpu *vcpu, =
void *guest_code)
 	vcpu_regs_set(vcpu, &regs);
 }
=20
-struct kvm_vcpu *vm_arch_vcpu_add(struct kvm_vm *vm, uint32_t vcpu_id)
+vm_vaddr_t kvm_allocate_vcpu_stack(struct kvm_vm *vm)
 {
-	struct kvm_mp_state mp_state;
-	struct kvm_regs regs;
 	vm_vaddr_t stack_vaddr;
-	struct kvm_vcpu *vcpu;
=20
 	stack_vaddr =3D __vm_vaddr_alloc(vm, DEFAULT_STACK_PGS * getpagesize(),
 				       DEFAULT_GUEST_STACK_VADDR_MIN,
@@ -684,6 +681,15 @@ struct kvm_vcpu *vm_arch_vcpu_add(struct kvm_vm *vm, u=
int32_t vcpu_id)
 		    "__vm_vaddr_alloc() did not provide a page-aligned address");
 	stack_vaddr -=3D 8;
=20
+	return stack_vaddr;
+}
+
+struct kvm_vcpu *vm_arch_vcpu_add(struct kvm_vm *vm, uint32_t vcpu_id)
+{
+	struct kvm_mp_state mp_state;
+	struct kvm_regs regs;
+	struct kvm_vcpu *vcpu;
+
 	vcpu =3D __vm_vcpu_add(vm, vcpu_id);
 	vcpu_init_cpuid(vcpu, kvm_get_supported_cpuid());
 	vcpu_init_sregs(vm, vcpu);
@@ -692,7 +698,7 @@ struct kvm_vcpu *vm_arch_vcpu_add(struct kvm_vm *vm, ui=
nt32_t vcpu_id)
 	/* Setup guest general purpose registers */
 	vcpu_regs_get(vcpu, &regs);
 	regs.rflags =3D regs.rflags | 0x2;
-	regs.rsp =3D stack_vaddr;
+	regs.rsp =3D kvm_allocate_vcpu_stack(vm);
 	vcpu_regs_set(vcpu, &regs);
=20
 	/* Setup the MP state */
--=20
2.51.0.536.g15c5d4f767-goog
From nobody Wed Oct  1 23:34:11 2025
Received: from mail-pg1-f201.google.com (mail-pg1-f201.google.com
 [209.85.215.201])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id 5EE083128D7
	for <linux-kernel@vger.kernel.org>; Thu, 25 Sep 2025 17:29:07 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org;
 arc=none smtp.client-ip=209.85.215.201
ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;
	t=1758821349; cv=none;
 b=L6vQW2tJ3lGvQ9ncP8N8C/4Z1VdK++/1k2XWZIt1RaJFjOGEdwVw6o7sGU7o4KZbbUM5hBDuqcPmL2N+4yGmdCimBR2wl/PPVYPbue9PpTHI/gG+z5aumFVr9IcU5u2q0scOuCTkcdcKH0+kEoZGKODOBIWE532jWeXq4H3LKtU=
ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org;
	s=arc-20240116; t=1758821349; c=relaxed/simple;
	bh=ZzhA1E5+bwHrW7btlY3pOX20ORYI4vjZu03yVvByMfo=;
	h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From:
	 To:Cc:Content-Type;
 b=G+KUMoqgES1fpOVmaOESbAgJJqwytIr43q3eP2mnVxAn32U87hZi234AAVyIcRVsreI/ump/rLA+k7MIBfaP7BhrXXcFHP05J3/WYvjovY13Euqnc6TcWX+UmgpyeR4G2Uj6P2WC7/bAZy+aLQ0Vlh8hphLLyzTq/PakvVSfsAU=
ARC-Authentication-Results: i=1; smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com;
 spf=pass smtp.mailfrom=flex--sagis.bounces.google.com;
 dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b=VMeO4/IX; arc=none smtp.client-ip=209.85.215.201
Authentication-Results: smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com
Authentication-Results: smtp.subspace.kernel.org;
 spf=pass smtp.mailfrom=flex--sagis.bounces.google.com
Authentication-Results: smtp.subspace.kernel.org;
	dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b="VMeO4/IX"
Received: by mail-pg1-f201.google.com with SMTP id
 41be03b00d2f7-b55436fff66so913760a12.2
        for <linux-kernel@vger.kernel.org>;
 Thu, 25 Sep 2025 10:29:07 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=google.com; s=20230601; t=1758821347; x=1759426147;
 darn=vger.kernel.org;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:from:to:cc:subject:date:message-id:reply-to;
        bh=ob07LuDFfKYbEaEx9P5dlQJ3PRLLB9y+zXQT8zPF5u4=;
        b=VMeO4/IXrKXZoEeDO5D5bsvxTuSdQ5rx6dNj0NR+eXn62mNS0dbqJ9ABf7xrAnKO/z
         O5BOQNj3Xjdk2VJCSYGID1G4ykxtoC2G8fGxUh+YgJamh3BoPadooD+eBoZI3kQaXrcq
         wun80wSXQ6avc/fuDcGixTt6w4wYMVjHwahgQT1YxLTXl52cxz5W0e/yTrC0Okge42uw
         EnPGdx/iTpM+7qimkq0p+ku3UXO4NGDutX7jyt30+00d3dBXoc2Bu+fEAVZ2f1Xd1jjH
         K2bvkSzia3D/mezCfNIhthoi5ju+ZdABc5u1mFTSUSn5WztZEtOGiii0nrZlJVcLWANv
         E1NQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1758821347; x=1759426147;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to;
        bh=ob07LuDFfKYbEaEx9P5dlQJ3PRLLB9y+zXQT8zPF5u4=;
        b=ZUOFSaliiR/k6ThihF/cQXNVq6AC1zufX4Vy94AmTDMo+CVGgiWSRuNLGUFm25Vtkj
         89AuT8KnwdR0w1vdPXwhCuab7nrI6+unSxPzAO9CcZUOUv4Cu+wBt9w9EITD9Qr2iDbO
         Dxb71Ci5b3PtNb7kYe4ftvaMFGZwtee10eaZ/s2UGWrHtebPNHkuHVzKBAJLjLt+PS9f
         6sp7IGjrI4OH4ZuU8lOudQ2X76SI3e+EbrwV1QOokBKXaZEFJflWo29I2hH2xSPI6nRR
         EQ8uVWfvHXEvFKuyzs3Lt9z9YL7O41lK6GonWUay7YOIpqXHtaR9RniN9/JL9tx617B+
         77Hw==
X-Gm-Message-State: AOJu0YzwxudaRM3v9nSDOhPd6qFQRQ2Ipia7W/IRHuW1xXCEw87yYT2x
	/8/fA2cQtnYLrEywPxtAvkpffvmTpzGyhpkeS7Tg/Le94DMXpmFY4YKoBjH90kf4pbT+/LLop1y
	qdA==
X-Google-Smtp-Source: 
 AGHT+IGQw7sH7xaAAsUIkXDLS372Nk/6XXhYM+efdWLqBDD0tTIWBSnqczrJaPgwMMUtg7JkLEtOw/7Ing==
X-Received: from pfbde17.prod.google.com
 ([2002:a05:6a00:4691:b0:77a:60b9:2099])
 (user=sagis job=prod-delivery.src-stubby-dispatcher) by
 2002:a05:6a20:72a6:b0:249:84dc:e0cb
 with SMTP id adf61e73a8af0-2e7c85532c3mr5211979637.18.1758821346819; Thu, 25
 Sep 2025 10:29:06 -0700 (PDT)
Date: Thu, 25 Sep 2025 10:28:32 -0700
In-Reply-To: <20250925172851.606193-1-sagis@google.com>
Precedence: bulk
X-Mailing-List: linux-kernel@vger.kernel.org
List-Id: <linux-kernel.vger.kernel.org>
List-Subscribe: <mailto:linux-kernel+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:linux-kernel+unsubscribe@vger.kernel.org>
Mime-Version: 1.0
References: <20250925172851.606193-1-sagis@google.com>
X-Mailer: git-send-email 2.51.0.536.g15c5d4f767-goog
Message-ID: <20250925172851.606193-5-sagis@google.com>
Subject: [PATCH v11 04/21] KVM: selftests: Update
 kvm_init_vm_address_properties()
 for TDX
From: Sagi Shahar <sagis@google.com>
To: linux-kselftest@vger.kernel.org, Paolo Bonzini <pbonzini@redhat.com>,
	Shuah Khan <shuah@kernel.org>, Sean Christopherson <seanjc@google.com>,
	Ackerley Tng <ackerleytng@google.com>, Ryan Afranji <afranji@google.com>,
	Andrew Jones <ajones@ventanamicro.com>,
 Isaku Yamahata <isaku.yamahata@intel.com>,
	Erdem Aktas <erdemaktas@google.com>,
 Rick Edgecombe <rick.p.edgecombe@intel.com>,
	Sagi Shahar <sagis@google.com>, Roger Wang <runanwang@google.com>,
	Binbin Wu <binbin.wu@linux.intel.com>, Oliver Upton <oliver.upton@linux.dev>,
	"Pratik R. Sampat" <pratikrajesh.sampat@amd.com>,
 Reinette Chatre <reinette.chatre@intel.com>,
	Ira Weiny <ira.weiny@intel.com>, Chao Gao <chao.gao@intel.com>,
	Chenyi Qiang <chenyi.qiang@intel.com>
Cc: linux-kernel@vger.kernel.org, kvm@vger.kernel.org,
	Adrian Hunter <adrian.hunter@intel.com>
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain; charset="utf-8"

From: Isaku Yamahata <isaku.yamahata@intel.com>

Let kvm_init_vm_address_properties() initialize vm->arch.{s_bit, tag_mask}
similar to SEV.

TDX sets the shared bit based on the guest physical address width and
currently supports 48 and 52 widths.

Reviewed-by: Binbin Wu <binbin.wu@linux.intel.com>
Co-developed-by: Adrian Hunter <adrian.hunter@intel.com>
Signed-off-by: Adrian Hunter <adrian.hunter@intel.com>
Signed-off-by: Isaku Yamahata <isaku.yamahata@intel.com>
Co-developed-by: Sagi Shahar <sagis@google.com>
Signed-off-by: Sagi Shahar <sagis@google.com>
---
 .../selftests/kvm/include/x86/tdx/tdx_util.h       | 14 ++++++++++++++
 tools/testing/selftests/kvm/lib/x86/processor.c    | 12 ++++++++++--
 2 files changed, 24 insertions(+), 2 deletions(-)
 create mode 100644 tools/testing/selftests/kvm/include/x86/tdx/tdx_util.h

diff --git a/tools/testing/selftests/kvm/include/x86/tdx/tdx_util.h b/tools=
/testing/selftests/kvm/include/x86/tdx/tdx_util.h
new file mode 100644
index 000000000000..286d5e3c24b1
--- /dev/null
+++ b/tools/testing/selftests/kvm/include/x86/tdx/tdx_util.h
@@ -0,0 +1,14 @@
+/* SPDX-License-Identifier: GPL-2.0-only */
+#ifndef SELFTESTS_TDX_TDX_UTIL_H
+#define SELFTESTS_TDX_TDX_UTIL_H
+
+#include <stdbool.h>
+
+#include "kvm_util.h"
+
+static inline bool is_tdx_vm(struct kvm_vm *vm)
+{
+	return vm->type =3D=3D KVM_X86_TDX_VM;
+}
+
+#endif // SELFTESTS_TDX_TDX_UTIL_H
diff --git a/tools/testing/selftests/kvm/lib/x86/processor.c b/tools/testin=
g/selftests/kvm/lib/x86/processor.c
index 82369373e843..2a44831e0cc9 100644
--- a/tools/testing/selftests/kvm/lib/x86/processor.c
+++ b/tools/testing/selftests/kvm/lib/x86/processor.c
@@ -8,6 +8,7 @@
 #include "kvm_util.h"
 #include "processor.h"
 #include "sev.h"
+#include "tdx/tdx_util.h"
=20
 #ifndef NUM_INTERRUPTS
 #define NUM_INTERRUPTS 256
@@ -1160,12 +1161,19 @@ void kvm_get_cpu_address_width(unsigned int *pa_bit=
s, unsigned int *va_bits)
=20
 void kvm_init_vm_address_properties(struct kvm_vm *vm)
 {
+	uint32_t gpa_bits =3D kvm_cpu_property(X86_PROPERTY_GUEST_MAX_PHY_ADDR);
+
+	vm->arch.sev_fd =3D -1;
+
 	if (is_sev_vm(vm)) {
 		vm->arch.sev_fd =3D open_sev_dev_path_or_exit();
 		vm->arch.c_bit =3D BIT_ULL(this_cpu_property(X86_PROPERTY_SEV_C_BIT));
 		vm->gpa_tag_mask =3D vm->arch.c_bit;
-	} else {
-		vm->arch.sev_fd =3D -1;
+	} else if (is_tdx_vm(vm)) {
+		TEST_ASSERT(gpa_bits =3D=3D 48 || gpa_bits =3D=3D 52,
+			    "TDX: bad X86_PROPERTY_GUEST_MAX_PHY_ADDR value: %u", gpa_bits);
+		vm->arch.s_bit =3D BIT_ULL(gpa_bits - 1);
+		vm->gpa_tag_mask =3D vm->arch.s_bit;
 	}
 }
=20
--=20
2.51.0.536.g15c5d4f767-goog
From nobody Wed Oct  1 23:34:11 2025
Received: from mail-pl1-f201.google.com (mail-pl1-f201.google.com
 [209.85.214.201])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id 08FB9313278
	for <linux-kernel@vger.kernel.org>; Thu, 25 Sep 2025 17:29:08 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org;
 arc=none smtp.client-ip=209.85.214.201
ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;
	t=1758821351; cv=none;
 b=N9+hSTB5W3aanPzh5vgVYzxG/P3PpTBkKuKjUHGUS/lSlD8kBSC6q2JED8l9nXhdKJjQ+xiiQMpk2VTGZQXMSn43HuvlrTigQPEx7hoaagDsber+tAGcipk95GFEJtUhSjRhiFbmZx+yz5588Y/uTBZ1FceBp21w0R5mBNjECnU=
ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org;
	s=arc-20240116; t=1758821351; c=relaxed/simple;
	bh=Vl39UxfWLWLi3l5PbdsKcdt3BuwhVH+RNLvx6eLUFoA=;
	h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From:
	 To:Cc:Content-Type;
 b=YZyc05OdwiLhcDi0Iew4CYJNffwXzIgwV1PHRh/Cl9l4TK7JkOFH7RsbmG5h8p1FGkhV1qxFrM3UEUbbjWXW+B5B0r8isqXc/z0GScZJVopTjaNi5ch4Snnyc050egoFIjo0mdWFtdx8+4urrXJYZpt/gQ1/eEXfz939ui+Jl88=
ARC-Authentication-Results: i=1; smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com;
 spf=pass smtp.mailfrom=flex--sagis.bounces.google.com;
 dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b=1JQrl+//; arc=none smtp.client-ip=209.85.214.201
Authentication-Results: smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com
Authentication-Results: smtp.subspace.kernel.org;
 spf=pass smtp.mailfrom=flex--sagis.bounces.google.com
Authentication-Results: smtp.subspace.kernel.org;
	dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b="1JQrl+//"
Received: by mail-pl1-f201.google.com with SMTP id
 d9443c01a7336-25bdf8126ceso20509785ad.3
        for <linux-kernel@vger.kernel.org>;
 Thu, 25 Sep 2025 10:29:08 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=google.com; s=20230601; t=1758821348; x=1759426148;
 darn=vger.kernel.org;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:from:to:cc:subject:date:message-id:reply-to;
        bh=8JLPpbGWSB/sDzGd/uv8bd5LqS+aNG5e8oV7q+AvEFc=;
        b=1JQrl+//f1SKXwpcvtTTWENFrf12CpFsf73scxHDBHZlJmNl2dUqmmiR0pOoK1ga2E
         yJSEOTYv0r2lh4wvvZELKocDGFLhiDQZxSELf0g7XEcaices9sDe3//+R2sP294s6T/w
         lD5kgZyaBn4AKYXT70jz5s6t2jyQIY9hkWDpit4aNl57aKL9e7dgun30x5ADQMR3NvsJ
         9LBPuUS8Lb+PsnuZvUgT7RckTjtuqSmZslcFrAofj/ntXRH1XRmR8tYa6sokUO+CUYO/
         6kL5NJT6I4QVed9K91HJaXTJTFOCqSqWD/jArj9+7uF6WwDwb/A1fVSYtTtPtV7KPZoK
         jIkw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1758821348; x=1759426148;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to;
        bh=8JLPpbGWSB/sDzGd/uv8bd5LqS+aNG5e8oV7q+AvEFc=;
        b=qaRDu1+641vy6McYIA5L559HS7aMbVaFXKkeqPJfhPKZuEEJu3xhY1T4cjvKHiQqSw
         XCvW8PPU6R3MVfLAM/Vwia8wRIzgEgocK6VCGcf1mtKb0ZiuNPQDUE+3u4Wl7JTqoMei
         ePUqfiwWiHWe/WUF5JUX3sQQGOeZjFHmyUZznTYH9YvCPKNhKULc9W2JirWjpABcQoZR
         ytQ89aAG7hNYaePF0ZZGRXko8nZjaBj6uU3x4bnW81SBMzbQjPA4bU0wpRcte5f0B6yQ
         E3FBLZ2v5YHPIOTnWJbyRCAD8brhxIa1UUv2CcQOOocAWoptr4tkWbM+H5/92oOsFH+/
         kZqQ==
X-Gm-Message-State: AOJu0Yy4PuNe+3DaMQKY/7H4+4aDbG9hT8DpPVgKnEAvkP1N7IPhYyX7
	IC2HDjmWtsStmFUdIg04PmOWbzNkSK0f8iPrbNC1LPXuNjZKariBQP/lT3P97IXmTsHrQXRWCum
	Vbg==
X-Google-Smtp-Source: 
 AGHT+IH54ohEK5/MMngFaFNsOgY6XT822zyLzOf+8aqtVGUvZwS2Bzm6zXgfkyoSbTkuPIFgLtC29AVTcg==
X-Received: from plhe13.prod.google.com ([2002:a17:903:1cd:b0:267:b6b7:9ac3])
 (user=sagis job=prod-delivery.src-stubby-dispatcher) by
 2002:a17:903:1a6f:b0:272:f9c3:31fa
 with SMTP id d9443c01a7336-27ed49b8e31mr48712695ad.9.1758821348247; Thu, 25
 Sep 2025 10:29:08 -0700 (PDT)
Date: Thu, 25 Sep 2025 10:28:33 -0700
In-Reply-To: <20250925172851.606193-1-sagis@google.com>
Precedence: bulk
X-Mailing-List: linux-kernel@vger.kernel.org
List-Id: <linux-kernel.vger.kernel.org>
List-Subscribe: <mailto:linux-kernel+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:linux-kernel+unsubscribe@vger.kernel.org>
Mime-Version: 1.0
References: <20250925172851.606193-1-sagis@google.com>
X-Mailer: git-send-email 2.51.0.536.g15c5d4f767-goog
Message-ID: <20250925172851.606193-6-sagis@google.com>
Subject: [PATCH v11 05/21] KVM: selftests: Expose segment definitons to
 assembly files
From: Sagi Shahar <sagis@google.com>
To: linux-kselftest@vger.kernel.org, Paolo Bonzini <pbonzini@redhat.com>,
	Shuah Khan <shuah@kernel.org>, Sean Christopherson <seanjc@google.com>,
	Ackerley Tng <ackerleytng@google.com>, Ryan Afranji <afranji@google.com>,
	Andrew Jones <ajones@ventanamicro.com>,
 Isaku Yamahata <isaku.yamahata@intel.com>,
	Erdem Aktas <erdemaktas@google.com>,
 Rick Edgecombe <rick.p.edgecombe@intel.com>,
	Sagi Shahar <sagis@google.com>, Roger Wang <runanwang@google.com>,
	Binbin Wu <binbin.wu@linux.intel.com>, Oliver Upton <oliver.upton@linux.dev>,
	"Pratik R. Sampat" <pratikrajesh.sampat@amd.com>,
 Reinette Chatre <reinette.chatre@intel.com>,
	Ira Weiny <ira.weiny@intel.com>, Chao Gao <chao.gao@intel.com>,
	Chenyi Qiang <chenyi.qiang@intel.com>
Cc: linux-kernel@vger.kernel.org, kvm@vger.kernel.org
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain; charset="utf-8"

Move kernel segment definitions to a separate file which can be included
from assembly files.

Reviewed-by: Ira Weiny <ira.weiny@intel.com>
Reviewed-by: Binbin Wu <binbin.wu@linux.intel.com>
Signed-off-by: Sagi Shahar <sagis@google.com>
---
 .../selftests/kvm/include/x86/processor_asm.h        | 12 ++++++++++++
 tools/testing/selftests/kvm/lib/x86/processor.c      |  5 +----
 2 files changed, 13 insertions(+), 4 deletions(-)
 create mode 100644 tools/testing/selftests/kvm/include/x86/processor_asm.h

diff --git a/tools/testing/selftests/kvm/include/x86/processor_asm.h b/tool=
s/testing/selftests/kvm/include/x86/processor_asm.h
new file mode 100644
index 000000000000..7e5386a85ca8
--- /dev/null
+++ b/tools/testing/selftests/kvm/include/x86/processor_asm.h
@@ -0,0 +1,12 @@
+/* SPDX-License-Identifier: GPL-2.0-only */
+/*
+ * Used for storing defines used by both processor.c and assembly code.
+ */
+#ifndef SELFTEST_KVM_PROCESSOR_ASM_H
+#define SELFTEST_KVM_PROCESSOR_ASM_H
+
+#define KERNEL_CS	0x8
+#define KERNEL_DS	0x10
+#define KERNEL_TSS	0x18
+
+#endif  // SELFTEST_KVM_PROCESSOR_ASM_H
diff --git a/tools/testing/selftests/kvm/lib/x86/processor.c b/tools/testin=
g/selftests/kvm/lib/x86/processor.c
index 2a44831e0cc9..623168ea9a44 100644
--- a/tools/testing/selftests/kvm/lib/x86/processor.c
+++ b/tools/testing/selftests/kvm/lib/x86/processor.c
@@ -7,6 +7,7 @@
 #include "test_util.h"
 #include "kvm_util.h"
 #include "processor.h"
+#include "processor_asm.h"
 #include "sev.h"
 #include "tdx/tdx_util.h"
=20
@@ -14,10 +15,6 @@
 #define NUM_INTERRUPTS 256
 #endif
=20
-#define KERNEL_CS	0x8
-#define KERNEL_DS	0x10
-#define KERNEL_TSS	0x18
-
 vm_vaddr_t exception_handlers;
 bool host_cpu_is_amd;
 bool host_cpu_is_intel;
--=20
2.51.0.536.g15c5d4f767-goog
From nobody Wed Oct  1 23:34:11 2025
Received: from mail-pf1-f201.google.com (mail-pf1-f201.google.com
 [209.85.210.201])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id 7DD2B315D2A
	for <linux-kernel@vger.kernel.org>; Thu, 25 Sep 2025 17:29:10 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org;
 arc=none smtp.client-ip=209.85.210.201
ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;
	t=1758821352; cv=none;
 b=u7gHfdzOO4/BB3BfcLKki4XE1mryp9YKJ7VmrnKn/rGcBMqSkOFqnIljDhbv3hKonavBvKdqEh560SHwQvKB0JpKrRBhPV7d68hsDhYE/4U00INeOc6mITHQpzhpezjXNESpP/Fr2wLibGQqZBST440fk91PjIr8YuiLgAE2Zps=
ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org;
	s=arc-20240116; t=1758821352; c=relaxed/simple;
	bh=0y5fQGm8eE/UeEH9i6wG4uQhn+iU8S7fLI3PEGfFu4c=;
	h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From:
	 To:Cc:Content-Type;
 b=EQL77yN3lK/sp/0lyJi40oiXgEooBEeaqVtwP+SIkAQCViHPC5Abv1QYLuUyScRgdGg3a1wWfV9IRfpS7bIKPHJD1IlTvJ54w+knUuXqkaSyvCZZiR2S862GhkJXljyQRn68xfLBL0csd7JLoOK2kL0H3hA4wA3kiKodMMRmqsE=
ARC-Authentication-Results: i=1; smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com;
 spf=pass smtp.mailfrom=flex--sagis.bounces.google.com;
 dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b=z9SOKRCJ; arc=none smtp.client-ip=209.85.210.201
Authentication-Results: smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com
Authentication-Results: smtp.subspace.kernel.org;
 spf=pass smtp.mailfrom=flex--sagis.bounces.google.com
Authentication-Results: smtp.subspace.kernel.org;
	dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b="z9SOKRCJ"
Received: by mail-pf1-f201.google.com with SMTP id
 d2e1a72fcca58-780f914b5a4so1322313b3a.1
        for <linux-kernel@vger.kernel.org>;
 Thu, 25 Sep 2025 10:29:10 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=google.com; s=20230601; t=1758821350; x=1759426150;
 darn=vger.kernel.org;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:from:to:cc:subject:date:message-id:reply-to;
        bh=kDgCQyedB71H0kfnvZA2kT6wk/MFKRoB6HJA4SpT7vo=;
        b=z9SOKRCJSjXbF2PYnfP6G01Ww9RknMg1h9V2mFI3ZJhR3KDt11utsZnzq04pI2YQhp
         NUiqJvpk0g7myVqjhThmtx+Ah4cO0zsNCc9/ERr8X7w7p3AY5P4ob8o6rjccvzqVAf7K
         Xv31rze/9K9c7bUrLXKxDu7Bfx5mGq1P9ZGvnVIcqWjud+OZUMI8o9gnTHfFWZqclxPf
         1mCPXfWXeFkv7NiU3jYgMauZECkav+VveEZzXfbkcn8Zxy29BJZJjuG4vRTbViI5RRAA
         xtNLapa4VfMokkjeIYahZ63Yx2ZinkmL3N77Ze4SnAhuApcCAvQOY7tQ0a1VU5aIEbKd
         2YHg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1758821350; x=1759426150;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to;
        bh=kDgCQyedB71H0kfnvZA2kT6wk/MFKRoB6HJA4SpT7vo=;
        b=DVpeDvW2KhnVy5ziHdHD7O2LA9o7AlBg9ocIRDWclINawdh4HrRu++brizV7QMGQM5
         RqAZ/SCwHBhhX7TpFrGoMPcOk6MTKvI5hWOkrfbdHJ0jiAtmQvzFPzLYkf67WhFaXePD
         Wvn7V/kD2ldCUlg2WLUjbkxPLvdS7bjAhRtgDVL0Az923D+7YgD+uBQ0gE323zfhImXe
         gfRsmvHF1ojPxLAq24HSZMWZTPvpwqDJr3umdp8O6zrlFTrdAK3/2+eaRsMdv5R6IGQ/
         5WlpkTJLQ2Ymbp+SOV//D3TB8XWAGTQHlM02uX/X21m7EZ5bo3uJBhFujcE2lLqr7c2y
         k+ZQ==
X-Gm-Message-State: AOJu0Yz3ocUUHGhF0njVJjZb0AjW0R63D/djFXAKidMXTr/poS7ZXEIf
	aYhkaMj4vMB0OOKAMZYiiFIXE5oW4/dtLJJY6C1d126GInPs8/0CMTm4J99HrDLje0q8eATUZyE
	lGw==
X-Google-Smtp-Source: 
 AGHT+IGey0Bsncdv1pAniAZkU2NZXSHwDQbbIp9oQ5u4q/yxWwSNnNZ1y7mDiI1SKf8/XgDfCngCoRAD3A==
X-Received: from pfbhg12.prod.google.com
 ([2002:a05:6a00:860c:b0:776:2281:3189])
 (user=sagis job=prod-delivery.src-stubby-dispatcher) by
 2002:a05:6a00:1906:b0:77c:ddd1:749e
 with SMTP id d2e1a72fcca58-780fcea3c28mr4322193b3a.19.1758821349624; Thu, 25
 Sep 2025 10:29:09 -0700 (PDT)
Date: Thu, 25 Sep 2025 10:28:34 -0700
In-Reply-To: <20250925172851.606193-1-sagis@google.com>
Precedence: bulk
X-Mailing-List: linux-kernel@vger.kernel.org
List-Id: <linux-kernel.vger.kernel.org>
List-Subscribe: <mailto:linux-kernel+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:linux-kernel+unsubscribe@vger.kernel.org>
Mime-Version: 1.0
References: <20250925172851.606193-1-sagis@google.com>
X-Mailer: git-send-email 2.51.0.536.g15c5d4f767-goog
Message-ID: <20250925172851.606193-7-sagis@google.com>
Subject: [PATCH v11 06/21] KVM: selftests: Add kbuild definitons
From: Sagi Shahar <sagis@google.com>
To: linux-kselftest@vger.kernel.org, Paolo Bonzini <pbonzini@redhat.com>,
	Shuah Khan <shuah@kernel.org>, Sean Christopherson <seanjc@google.com>,
	Ackerley Tng <ackerleytng@google.com>, Ryan Afranji <afranji@google.com>,
	Andrew Jones <ajones@ventanamicro.com>,
 Isaku Yamahata <isaku.yamahata@intel.com>,
	Erdem Aktas <erdemaktas@google.com>,
 Rick Edgecombe <rick.p.edgecombe@intel.com>,
	Sagi Shahar <sagis@google.com>, Roger Wang <runanwang@google.com>,
	Binbin Wu <binbin.wu@linux.intel.com>, Oliver Upton <oliver.upton@linux.dev>,
	"Pratik R. Sampat" <pratikrajesh.sampat@amd.com>,
 Reinette Chatre <reinette.chatre@intel.com>,
	Ira Weiny <ira.weiny@intel.com>, Chao Gao <chao.gao@intel.com>,
	Chenyi Qiang <chenyi.qiang@intel.com>
Cc: linux-kernel@vger.kernel.org, kvm@vger.kernel.org
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain; charset="utf-8"

Add kbuild.h that can be used by files under tools/

Definitions are taken from the original definitions at
include/linux/kbuild.h

This is needed to expose values from c code to assembly code.

Signed-off-by: Sagi Shahar <sagis@google.com>
---
 tools/include/linux/kbuild.h | 18 ++++++++++++++++++
 1 file changed, 18 insertions(+)
 create mode 100644 tools/include/linux/kbuild.h

diff --git a/tools/include/linux/kbuild.h b/tools/include/linux/kbuild.h
new file mode 100644
index 000000000000..62e20ba9380e
--- /dev/null
+++ b/tools/include/linux/kbuild.h
@@ -0,0 +1,18 @@
+/* SPDX-License-Identifier: GPL-2.0 */
+#ifndef __TOOLS_LINUX_KBUILD_H
+#define __TOOLS_LINUX_KBUILD_H
+
+#include <stddef.h>
+
+#define DEFINE(sym, val) \
+	asm volatile("\n.ascii \"->" #sym " %0 " #val "\"" : : "i" (val))
+
+#define BLANK() asm volatile("\n.ascii \"->\"" : : )
+
+#define OFFSET(sym, str, mem) \
+	DEFINE(sym, offsetof(struct str, mem))
+
+#define COMMENT(x) \
+	asm volatile("\n.ascii \"->#" x "\"")
+
+#endif /* __TOOLS_LINUX_KBUILD_H */
--=20
2.51.0.536.g15c5d4f767-goog
From nobody Wed Oct  1 23:34:11 2025
Received: from mail-pg1-f201.google.com (mail-pg1-f201.google.com
 [209.85.215.201])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id E7DE53164C5
	for <linux-kernel@vger.kernel.org>; Thu, 25 Sep 2025 17:29:11 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org;
 arc=none smtp.client-ip=209.85.215.201
ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;
	t=1758821354; cv=none;
 b=ZNxvu8UheWMKU/pluhRnBo0gGLqPS00A9O7j+4F8L4gpOqtvXLyjKzV/JWZC/b1Omc50hFseloJ8Q7+60Wxp8PY5WP8yy0e97pxLuOtJ7wvesEc/qDuAvnN1Xsofd5D5uyg/zDrNnCfRx/98LBssh0HyFFplDms+MfqLLVDd5VM=
ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org;
	s=arc-20240116; t=1758821354; c=relaxed/simple;
	bh=2aGhCVj/LNDFnEdSAf8neR5oHQqP5TXDmEwdpSPrxU8=;
	h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From:
	 To:Cc:Content-Type;
 b=eRNUEXHayDHEp+5DESp9Qudh/O6rF34MuyEclnKdauyVxH3GmWYKEYMyjJu++ufuvz24h3q3RWJcPOyDjnKdDd6raZ+TSz0yxl++iHBDpNbNE0xaaW/daE1tb5bpIfSeTqDN0aIOoYGJHl9gMz+aMr/t/uycqbnNG1tmNDy0Pno=
ARC-Authentication-Results: i=1; smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com;
 spf=pass smtp.mailfrom=flex--sagis.bounces.google.com;
 dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b=q0s5InbC; arc=none smtp.client-ip=209.85.215.201
Authentication-Results: smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com
Authentication-Results: smtp.subspace.kernel.org;
 spf=pass smtp.mailfrom=flex--sagis.bounces.google.com
Authentication-Results: smtp.subspace.kernel.org;
	dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b="q0s5InbC"
Received: by mail-pg1-f201.google.com with SMTP id
 41be03b00d2f7-b55283ff3fcso938677a12.3
        for <linux-kernel@vger.kernel.org>;
 Thu, 25 Sep 2025 10:29:11 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=google.com; s=20230601; t=1758821351; x=1759426151;
 darn=vger.kernel.org;
        h=content-transfer-encoding:cc:to:from:subject:message-id:references
         :mime-version:in-reply-to:date:from:to:cc:subject:date:message-id
         :reply-to;
        bh=RBv2XFOPOYwVrsbHlHK72SSQVDUecqQrSx2DBvtfKys=;
        b=q0s5InbCUmubsN4ARCeOP/UIqkQLG0uotJEeCLMQ6XqLwKD+XgHZj47QH7o9bDSAcH
         zUHC2uuUvr/NjsBY0s61AjsbhSFPV0d5XR9uhaGviJnqzNtkKIWutmKTSscfq/6gvOsV
         aOyq5x0Hv1C7M+lKBKp/nZcI/dJU5D1XtXxCsLeFuYDg6KSbvGpemi+cICPAE6VsWEu3
         xJTuRRLK+1WQAIkOazPGPUEFO6VhHqs/QUio2Y54XT/aZ5O5azxbTlCGyRV4+cbK/4s3
         0sMcfioticJMEy3LiFNjaZaEVbp8wwD2ReFb2CsT285OKH8lm/qQWgY5A9bvoDD4QjBI
         FLqQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1758821351; x=1759426151;
        h=content-transfer-encoding:cc:to:from:subject:message-id:references
         :mime-version:in-reply-to:date:x-gm-message-state:from:to:cc:subject
         :date:message-id:reply-to;
        bh=RBv2XFOPOYwVrsbHlHK72SSQVDUecqQrSx2DBvtfKys=;
        b=hHrXMkGJNTWuSJvu2VUWsZdcQhzbFCc0g24sWCoquaKH3gHFE6+pqE/B7T+7nL1R3j
         Ca+1vJCCQd+E/oHY8lyzniD2ROFLtouJN3ssYExkk9fXfTXzVA1Q4HzSaf4j195ciGXq
         68ILGbo+QKzC+U3ob0Ged62gA6zR8Op1HnmDWgYpayfjmoh7F6M08OFerjT3f8ncAKtv
         Rhdeg/eSlXmG4guzJzeYSdql5ls6YpyUt/LgE/tRKWGt5HWQcxNDDHpT83WqYe0F6jaJ
         wk5plNVgX+mGAXLubtqXWC0CihyFeYxDF4RJVMy1OkDJ86ivJK0Cx2mY9fTUIc2WxUnA
         YjMw==
X-Gm-Message-State: AOJu0Yxz1Sgg1kdRI+ZyrZyOIO5ltcOkTdWaTbqH48Fg+vLTWEfeHzF0
	NpKN4eY4Rmsp1hZ1u4SRpOBpNTSvMOSNM9zhUZYH1KG/fJlmpShUNxMYa86bsuKT0yVfY2VpTP3
	HEg==
X-Google-Smtp-Source: 
 AGHT+IH/sptRbEA29DMiih/wuul98Bn98Ig0LrOqxAWzIlzvAqkRKtdxath+4sAuWyfk7/KQTJZQyTAwGA==
X-Received: from pfoh3.prod.google.com ([2002:aa7:86c3:0:b0:77d:12a5:d3dc])
 (user=sagis job=prod-delivery.src-stubby-dispatcher) by
 2002:a05:6a20:76a5:b0:2d6:9a15:137a
 with SMTP id adf61e73a8af0-2e7d474b870mr3423110637.53.1758821351240; Thu, 25
 Sep 2025 10:29:11 -0700 (PDT)
Date: Thu, 25 Sep 2025 10:28:35 -0700
In-Reply-To: <20250925172851.606193-1-sagis@google.com>
Precedence: bulk
X-Mailing-List: linux-kernel@vger.kernel.org
List-Id: <linux-kernel.vger.kernel.org>
List-Subscribe: <mailto:linux-kernel+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:linux-kernel+unsubscribe@vger.kernel.org>
Mime-Version: 1.0
References: <20250925172851.606193-1-sagis@google.com>
X-Mailer: git-send-email 2.51.0.536.g15c5d4f767-goog
Message-ID: <20250925172851.606193-8-sagis@google.com>
Subject: [PATCH v11 07/21] KVM: selftests: Define structs to pass parameters
 to TDX boot code
From: Sagi Shahar <sagis@google.com>
To: linux-kselftest@vger.kernel.org, Paolo Bonzini <pbonzini@redhat.com>,
	Shuah Khan <shuah@kernel.org>, Sean Christopherson <seanjc@google.com>,
	Ackerley Tng <ackerleytng@google.com>, Ryan Afranji <afranji@google.com>,
	Andrew Jones <ajones@ventanamicro.com>,
 Isaku Yamahata <isaku.yamahata@intel.com>,
	Erdem Aktas <erdemaktas@google.com>,
 Rick Edgecombe <rick.p.edgecombe@intel.com>,
	Sagi Shahar <sagis@google.com>, Roger Wang <runanwang@google.com>,
	Binbin Wu <binbin.wu@linux.intel.com>, Oliver Upton <oliver.upton@linux.dev>,
	"Pratik R. Sampat" <pratikrajesh.sampat@amd.com>,
 Reinette Chatre <reinette.chatre@intel.com>,
	Ira Weiny <ira.weiny@intel.com>, Chao Gao <chao.gao@intel.com>,
	Chenyi Qiang <chenyi.qiang@intel.com>
Cc: linux-kernel@vger.kernel.org, kvm@vger.kernel.org
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain; charset="utf-8"

TDX registers are inaccessible to KVM. Therefore we need a different
mechanism to load boot parameters for TDX code. TDX boot code will read
the registers values from memory and set the registers manually.

This patch defines the data structures used to communicate between c
code and the TDX assembly boot code which will be added in a later
patch.

Use kbuild.h to expose the offsets into the structs from c code to
assembly code.

Reviewed-by: Binbin Wu <binbin.wu@linux.intel.com>
Co-developed-by: Ackerley Tng <ackerleytng@google.com>
Signed-off-by: Ackerley Tng <ackerleytng@google.com>
Signed-off-by: Sagi Shahar <sagis@google.com>
---
 tools/testing/selftests/kvm/Makefile.kvm      | 18 +++++
 .../selftests/kvm/include/x86/tdx/td_boot.h   | 69 +++++++++++++++++++
 .../kvm/lib/x86/tdx/td_boot_offsets.c         | 21 ++++++
 3 files changed, 108 insertions(+)
 create mode 100644 tools/testing/selftests/kvm/include/x86/tdx/td_boot.h
 create mode 100644 tools/testing/selftests/kvm/lib/x86/tdx/td_boot_offsets=
.c

diff --git a/tools/testing/selftests/kvm/Makefile.kvm b/tools/testing/selft=
ests/kvm/Makefile.kvm
index 41b40c676d7f..3f93c093b046 100644
--- a/tools/testing/selftests/kvm/Makefile.kvm
+++ b/tools/testing/selftests/kvm/Makefile.kvm
@@ -19,6 +19,8 @@ LIBKVM +=3D lib/userfaultfd_util.c
=20
 LIBKVM_STRING +=3D lib/string_override.c
=20
+LIBKVM_ASM_DEFS +=3D lib/x86/tdx/td_boot_offsets.c
+
 LIBKVM_x86 +=3D lib/x86/apic.c
 LIBKVM_x86 +=3D lib/x86/handlers.S
 LIBKVM_x86 +=3D lib/x86/hyperv.c
@@ -230,6 +232,10 @@ OVERRIDE_TARGETS =3D 1
 include ../lib.mk
 include ../cgroup/lib/libcgroup.mk
=20
+# Enable Kbuild tools.
+include $(top_srcdir)/scripts/Kbuild.include
+include $(top_srcdir)/scripts/Makefile.lib
+
 INSTALL_HDR_PATH =3D $(top_srcdir)/usr
 LINUX_HDR_PATH =3D $(INSTALL_HDR_PATH)/include/
 LINUX_TOOL_INCLUDE =3D $(top_srcdir)/tools/include
@@ -282,6 +288,7 @@ LIBKVM_S :=3D $(filter %.S,$(LIBKVM))
 LIBKVM_C_OBJ :=3D $(patsubst %.c, $(OUTPUT)/%.o, $(LIBKVM_C))
 LIBKVM_S_OBJ :=3D $(patsubst %.S, $(OUTPUT)/%.o, $(LIBKVM_S))
 LIBKVM_STRING_OBJ :=3D $(patsubst %.c, $(OUTPUT)/%.o, $(LIBKVM_STRING))
+LIBKVM_ASM_DEFS_OBJ +=3D $(patsubst %.c, $(OUTPUT)/%.s, $(LIBKVM_ASM_DEFS))
 LIBKVM_OBJS =3D $(LIBKVM_C_OBJ) $(LIBKVM_S_OBJ) $(LIBKVM_STRING_OBJ) $(LIB=
CGROUP_O)
 SPLIT_TEST_GEN_PROGS :=3D $(patsubst %, $(OUTPUT)/%, $(SPLIT_TESTS))
 SPLIT_TEST_GEN_OBJ :=3D $(patsubst %, $(OUTPUT)/$(ARCH)/%.o, $(SPLIT_TESTS=
))
@@ -308,6 +315,7 @@ $(SPLIT_TEST_GEN_OBJ): $(OUTPUT)/$(ARCH)/%.o: $(ARCH)/%=
.c
=20
 EXTRA_CLEAN +=3D $(GEN_HDRS) \
 	       $(LIBKVM_OBJS) \
+	       $(LIBKVM_ASM_DEFS_OBJ) \
 	       $(SPLIT_TEST_GEN_OBJ) \
 	       $(TEST_DEP_FILES) \
 	       $(TEST_GEN_OBJ) \
@@ -319,18 +327,28 @@ $(LIBKVM_C_OBJ): $(OUTPUT)/%.o: %.c $(GEN_HDRS)
 $(LIBKVM_S_OBJ): $(OUTPUT)/%.o: %.S $(GEN_HDRS)
 	$(CC) $(CFLAGS) $(CPPFLAGS) $(TARGET_ARCH) -c $< -o $@
=20
+$(LIBKVM_ASM_DEFS_OBJ): $(OUTPUT)/%.s: %.c FORCE
+	$(CC) $(CFLAGS) $(CPPFLAGS) $(TARGET_ARCH) -S $< -o $@
+
 # Compile the string overrides as freestanding to prevent the compiler from
 # generating self-referential code, e.g. without "freestanding" the compil=
er may
 # "optimize" memcmp() by invoking memcmp(), thus causing infinite recursio=
n.
 $(LIBKVM_STRING_OBJ): $(OUTPUT)/%.o: %.c
 	$(CC) $(CFLAGS) $(CPPFLAGS) $(TARGET_ARCH) -c -ffreestanding $< -o $@
=20
+$(OUTPUT)/include/x86/tdx/td_boot_offsets.h: $(OUTPUT)/lib/x86/tdx/td_boot=
_offsets.s FORCE
+	$(call filechk,offsets,__TDX_BOOT_OFFSETS_H__)
+
+EXTRA_CLEAN +=3D $(OUTPUT)/include/x86/tdx/td_boot_offsets.h
+
 $(shell mkdir -p $(sort $(dir $(TEST_GEN_PROGS))))
 $(SPLIT_TEST_GEN_OBJ): $(GEN_HDRS)
 $(TEST_GEN_PROGS): $(LIBKVM_OBJS)
 $(TEST_GEN_PROGS_EXTENDED): $(LIBKVM_OBJS)
 $(TEST_GEN_OBJ): $(GEN_HDRS)
=20
+FORCE:
+
 cscope: include_paths =3D $(LINUX_TOOL_INCLUDE) $(LINUX_HDR_PATH) include =
lib ..
 cscope:
 	$(RM) cscope.*
diff --git a/tools/testing/selftests/kvm/include/x86/tdx/td_boot.h b/tools/=
testing/selftests/kvm/include/x86/tdx/td_boot.h
new file mode 100644
index 000000000000..32631645fe13
--- /dev/null
+++ b/tools/testing/selftests/kvm/include/x86/tdx/td_boot.h
@@ -0,0 +1,69 @@
+/* SPDX-License-Identifier: GPL-2.0-only */
+#ifndef SELFTEST_TDX_TD_BOOT_H
+#define SELFTEST_TDX_TD_BOOT_H
+
+#include <stdint.h>
+
+#include <linux/compiler.h>
+#include <linux/sizes.h>
+
+/*
+ * Layout for boot section (not to scale)
+ *
+ *                                   GPA
+ * _________________________________ 0x1_0000_0000 (4GB)
+ * |   Boot code trampoline    |
+ * |___________________________|____ 0x0_ffff_fff0: Reset vector (16B belo=
w 4GB)
+ * |   Boot code               |
+ * |___________________________|____ td_boot will be copied here, so that =
the
+ * |                           |     jmp to td_boot is exactly at the rese=
t vector
+ * |   Empty space             |
+ * |                           |
+ * |=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=
=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=
=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=
=94=80=E2=94=80=E2=94=80|
+ * |                           |
+ * |                           |
+ * |   Boot parameters         |
+ * |                           |
+ * |                           |
+ * |___________________________|____ 0x0_ffff_0000: TD_BOOT_PARAMETERS_GPA
+ */
+#define FOUR_GIGABYTES_GPA (SZ_4G)
+
+/*
+ * The exact memory layout for LGDT or LIDT instructions.
+ */
+struct __packed td_boot_parameters_dtr {
+	uint16_t limit;
+	uint32_t base;
+};
+
+/*
+ * Allows each vCPU to be initialized with different rip and esp.
+ */
+struct td_per_vcpu_parameters {
+	uint32_t esp_gva;
+	uint64_t guest_code;
+};
+
+/*
+ * Boot parameters for the TD.
+ *
+ * Unlike a regular VM, KVM cannot set registers such as esp, eip, etc
+ * before boot, so to run selftests, these registers' values have to be
+ * initialized by the TD.
+ *
+ * This struct is loaded in TD private memory at TD_BOOT_PARAMETERS_GPA.
+ *
+ * The TD boot code will read off parameters from this struct and set up t=
he
+ * vCPU for executing selftests.
+ */
+struct td_boot_parameters {
+	uint32_t cr0;
+	uint32_t cr3;
+	uint32_t cr4;
+	struct td_boot_parameters_dtr gdtr;
+	struct td_boot_parameters_dtr idtr;
+	struct td_per_vcpu_parameters per_vcpu[];
+};
+
+#endif /* SELFTEST_TDX_TD_BOOT_H */
diff --git a/tools/testing/selftests/kvm/lib/x86/tdx/td_boot_offsets.c b/to=
ols/testing/selftests/kvm/lib/x86/tdx/td_boot_offsets.c
new file mode 100644
index 000000000000..7f76a3585b99
--- /dev/null
+++ b/tools/testing/selftests/kvm/lib/x86/tdx/td_boot_offsets.c
@@ -0,0 +1,21 @@
+// SPDX-License-Identifier: GPL-2.0
+#define COMPILE_OFFSETS
+
+#include <linux/kbuild.h>
+
+#include "tdx/td_boot.h"
+
+static void __attribute__((used)) common(void)
+{
+	OFFSET(TD_BOOT_PARAMETERS_CR0, td_boot_parameters, cr0);
+	OFFSET(TD_BOOT_PARAMETERS_CR3, td_boot_parameters, cr3);
+	OFFSET(TD_BOOT_PARAMETERS_CR4, td_boot_parameters, cr4);
+	OFFSET(TD_BOOT_PARAMETERS_GDT, td_boot_parameters, gdtr);
+	OFFSET(TD_BOOT_PARAMETERS_IDT, td_boot_parameters, idtr);
+	OFFSET(TD_BOOT_PARAMETERS_PER_VCPU, td_boot_parameters, per_vcpu);
+	OFFSET(TD_PER_VCPU_PARAMETERS_ESP_GVA, td_per_vcpu_parameters, esp_gva);
+	OFFSET(TD_PER_VCPU_PARAMETERS_GUEST_CODE, td_per_vcpu_parameters,
+	       guest_code);
+	DEFINE(SIZEOF_TD_PER_VCPU_PARAMETERS,
+	       sizeof(struct td_per_vcpu_parameters));
+}
--=20
2.51.0.536.g15c5d4f767-goog
From nobody Wed Oct  1 23:34:11 2025
Received: from mail-pl1-f202.google.com (mail-pl1-f202.google.com
 [209.85.214.202])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id 9519E3191D3
	for <linux-kernel@vger.kernel.org>; Thu, 25 Sep 2025 17:29:13 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org;
 arc=none smtp.client-ip=209.85.214.202
ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;
	t=1758821355; cv=none;
 b=srxru30Oh/PRVFZ3XnkQtGwF3/Lf7D7YH2ty4ic5o58wu6jVOsRDKNJGMxS6K8zHi3qwyMi7zp/vByvoGqBz9b9oae35fAlutzeGNLvgb84skt12uiPtzCbXiL5k1DV6vu5ujB7uPA4PLiZkz05UzRlDuJxEPVYgp3dp+7Rz1r8=
ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org;
	s=arc-20240116; t=1758821355; c=relaxed/simple;
	bh=dcZcfLBHEDdJ8yMegXc/dito69RMVA2QXmBxWBpDAAY=;
	h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From:
	 To:Cc:Content-Type;
 b=RRlwyDfK5eeQOi7IzCaUtymjx1CHB1O7Cd5rcP8mTfCcWqVEUZlfWGXXDvrHWQb0c7daP+sCmJTPwWIl0zqtfcTMl6f8hSm+rXkEKxg8abOb8WNm6K/vsR3OCIRSJZR1az97Zvf9bjrB4FUR6OrXskyryBZzZbjj/p/7nOeDIz0=
ARC-Authentication-Results: i=1; smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com;
 spf=pass smtp.mailfrom=flex--sagis.bounces.google.com;
 dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b=Dp9CYfVe; arc=none smtp.client-ip=209.85.214.202
Authentication-Results: smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com
Authentication-Results: smtp.subspace.kernel.org;
 spf=pass smtp.mailfrom=flex--sagis.bounces.google.com
Authentication-Results: smtp.subspace.kernel.org;
	dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b="Dp9CYfVe"
Received: by mail-pl1-f202.google.com with SMTP id
 d9443c01a7336-277f0ea6fc6so21905985ad.2
        for <linux-kernel@vger.kernel.org>;
 Thu, 25 Sep 2025 10:29:13 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=google.com; s=20230601; t=1758821353; x=1759426153;
 darn=vger.kernel.org;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:from:to:cc:subject:date:message-id:reply-to;
        bh=UjN2And+41EcoLkFolWMI5aqg9xz/C+Uf176e6DCrIA=;
        b=Dp9CYfVeWEYRrtna9BgQBmDpNjKx1mY50EydMWVnoYgawhAXR0LXQYrFB+zqYtZlqN
         C/L9NXrPuBifskY8HmfczuP46b4/4jRYhdbOWk1+DplYjkcGJ9146+rvGCzOafhCprLS
         8MFWAHlOkiRlpRq0nujfUIdz7VzAogN82IJWDV8GYZ8XrQDJYBavbb0eLSryP/SfFaD0
         iXmj5xazlggOASbFIelbVPEjLSyj0WS76YNB2W80olNw+/aLavOHHwWC+c5IkM9hTr05
         GZNWRlGL/bz0tXvjdWqN0VGInJd7tXaJtx2fIBdH2R0l2ZA3DmTYUFuTogUzUqADqHpu
         k7Uw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1758821353; x=1759426153;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to;
        bh=UjN2And+41EcoLkFolWMI5aqg9xz/C+Uf176e6DCrIA=;
        b=e+7ZEj2s2/zX8qs944hFWy538X10UIcERFrpLUWvGJzqi+3WCdGrTRefsRx8DaiSYo
         8MGJv8Upf+ahVWxQgAdYkUP2SxCzY6y4OPlmUHzOApQHLpholxVlUKnEtUviydv+IAjJ
         ucnHF9aSUKLAIf1PGQY4MURKyEmkuWxxHBHWBKYNx36FlrmJX4c1H1+36X5vSilOGmi1
         8ocMqpQLaYyqH5Xdp1swwVikbpdCNRGB5YhFrKDwWQEpQ1A+otVK1qpe7tty4mKwNqVA
         m5cYVYJ4Xl276AonV6+0cy2HX+QCI58k7JgWizxvdj0SP6rjX0IbJmShnFi2mSI5TfDt
         IQ5g==
X-Gm-Message-State: AOJu0Yzl2PK2m4cOxfWg1wosb/uWTpUvgLnTOn1+xWuZw2HLg+UJodlk
	WRHtiLYDKHi20GuOg5cA4GIBDWQjusZ1HoscETi4KOkzZPfIGTnEQblVN1h8ryD8whCRbihImwz
	eVQ==
X-Google-Smtp-Source: 
 AGHT+IHerot8YDYpsW/lm7uci9zz8zXkTxKtb9HrunoxbUDNS0AZvZE8G1xYW/zyexL5yW3KvcXNUJvQZQ==
X-Received: from plblo4.prod.google.com ([2002:a17:903:4344:b0:274:e523:6f5a])
 (user=sagis job=prod-delivery.src-stubby-dispatcher) by
 2002:a17:902:d2c6:b0:262:9ac8:610f
 with SMTP id d9443c01a7336-27ed4a09677mr43910195ad.22.1758821352834; Thu, 25
 Sep 2025 10:29:12 -0700 (PDT)
Date: Thu, 25 Sep 2025 10:28:36 -0700
In-Reply-To: <20250925172851.606193-1-sagis@google.com>
Precedence: bulk
X-Mailing-List: linux-kernel@vger.kernel.org
List-Id: <linux-kernel.vger.kernel.org>
List-Subscribe: <mailto:linux-kernel+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:linux-kernel+unsubscribe@vger.kernel.org>
Mime-Version: 1.0
References: <20250925172851.606193-1-sagis@google.com>
X-Mailer: git-send-email 2.51.0.536.g15c5d4f767-goog
Message-ID: <20250925172851.606193-9-sagis@google.com>
Subject: [PATCH v11 08/21] KVM: selftests: Add TDX boot code
From: Sagi Shahar <sagis@google.com>
To: linux-kselftest@vger.kernel.org, Paolo Bonzini <pbonzini@redhat.com>,
	Shuah Khan <shuah@kernel.org>, Sean Christopherson <seanjc@google.com>,
	Ackerley Tng <ackerleytng@google.com>, Ryan Afranji <afranji@google.com>,
	Andrew Jones <ajones@ventanamicro.com>,
 Isaku Yamahata <isaku.yamahata@intel.com>,
	Erdem Aktas <erdemaktas@google.com>,
 Rick Edgecombe <rick.p.edgecombe@intel.com>,
	Sagi Shahar <sagis@google.com>, Roger Wang <runanwang@google.com>,
	Binbin Wu <binbin.wu@linux.intel.com>, Oliver Upton <oliver.upton@linux.dev>,
	"Pratik R. Sampat" <pratikrajesh.sampat@amd.com>,
 Reinette Chatre <reinette.chatre@intel.com>,
	Ira Weiny <ira.weiny@intel.com>, Chao Gao <chao.gao@intel.com>,
	Chenyi Qiang <chenyi.qiang@intel.com>
Cc: linux-kernel@vger.kernel.org, kvm@vger.kernel.org
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain; charset="utf-8"

From: Erdem Aktas <erdemaktas@google.com>

Add code to boot a TDX test VM. Since TDX registers are inaccessible to
KVM, the boot code loads the relevant values from memory into the
registers before jumping to the guest code.

Reviewed-by: Binbin Wu <binbin.wu@linux.intel.com>
Signed-off-by: Erdem Aktas <erdemaktas@google.com>
Co-developed-by: Ackerley Tng <ackerleytng@google.com>
Signed-off-by: Ackerley Tng <ackerleytng@google.com>
Co-developed-by: Sagi Shahar <sagis@google.com>
Signed-off-by: Sagi Shahar <sagis@google.com>
---
 tools/testing/selftests/kvm/Makefile.kvm      |  3 +
 .../selftests/kvm/include/x86/tdx/td_boot.h   |  5 ++
 .../kvm/include/x86/tdx/td_boot_asm.h         | 16 +++++
 .../selftests/kvm/lib/x86/tdx/td_boot.S       | 60 +++++++++++++++++++
 4 files changed, 84 insertions(+)
 create mode 100644 tools/testing/selftests/kvm/include/x86/tdx/td_boot_asm=
.h
 create mode 100644 tools/testing/selftests/kvm/lib/x86/tdx/td_boot.S

diff --git a/tools/testing/selftests/kvm/Makefile.kvm b/tools/testing/selft=
ests/kvm/Makefile.kvm
index 3f93c093b046..d11d02e17cc5 100644
--- a/tools/testing/selftests/kvm/Makefile.kvm
+++ b/tools/testing/selftests/kvm/Makefile.kvm
@@ -31,6 +31,7 @@ LIBKVM_x86 +=3D lib/x86/sev.c
 LIBKVM_x86 +=3D lib/x86/svm.c
 LIBKVM_x86 +=3D lib/x86/ucall.c
 LIBKVM_x86 +=3D lib/x86/vmx.c
+LIBKVM_x86 +=3D lib/x86/tdx/td_boot.S
=20
 LIBKVM_arm64 +=3D lib/arm64/gic.c
 LIBKVM_arm64 +=3D lib/arm64/gic_v3.c
@@ -336,6 +337,8 @@ $(LIBKVM_ASM_DEFS_OBJ): $(OUTPUT)/%.s: %.c FORCE
 $(LIBKVM_STRING_OBJ): $(OUTPUT)/%.o: %.c
 	$(CC) $(CFLAGS) $(CPPFLAGS) $(TARGET_ARCH) -c -ffreestanding $< -o $@
=20
+$(OUTPUT)/lib/x86/tdx/td_boot.o: $(OUTPUT)/include/x86/tdx/td_boot_offsets=
.h
+
 $(OUTPUT)/include/x86/tdx/td_boot_offsets.h: $(OUTPUT)/lib/x86/tdx/td_boot=
_offsets.s FORCE
 	$(call filechk,offsets,__TDX_BOOT_OFFSETS_H__)
=20
diff --git a/tools/testing/selftests/kvm/include/x86/tdx/td_boot.h b/tools/=
testing/selftests/kvm/include/x86/tdx/td_boot.h
index 32631645fe13..a590516dd83c 100644
--- a/tools/testing/selftests/kvm/include/x86/tdx/td_boot.h
+++ b/tools/testing/selftests/kvm/include/x86/tdx/td_boot.h
@@ -66,4 +66,9 @@ struct td_boot_parameters {
 	struct td_per_vcpu_parameters per_vcpu[];
 };
=20
+void td_boot(void);
+void td_boot_code_end(void);
+
+#define TD_BOOT_CODE_SIZE (td_boot_code_end - td_boot)
+
 #endif /* SELFTEST_TDX_TD_BOOT_H */
diff --git a/tools/testing/selftests/kvm/include/x86/tdx/td_boot_asm.h b/to=
ols/testing/selftests/kvm/include/x86/tdx/td_boot_asm.h
new file mode 100644
index 000000000000..10b4b527595c
--- /dev/null
+++ b/tools/testing/selftests/kvm/include/x86/tdx/td_boot_asm.h
@@ -0,0 +1,16 @@
+/* SPDX-License-Identifier: GPL-2.0-only */
+#ifndef SELFTEST_TDX_TD_BOOT_ASM_H
+#define SELFTEST_TDX_TD_BOOT_ASM_H
+
+/*
+ * GPA where TD boot parameters will be loaded.
+ *
+ * TD_BOOT_PARAMETERS_GPA is arbitrarily chosen to
+ *
+ * + be within the 4GB address space
+ * + provide enough contiguous memory for the struct td_boot_parameters su=
ch
+ *   that there is one struct td_per_vcpu_parameters for KVM_MAX_VCPUS
+ */
+#define TD_BOOT_PARAMETERS_GPA 0xffff0000
+
+#endif  // SELFTEST_TDX_TD_BOOT_ASM_H
diff --git a/tools/testing/selftests/kvm/lib/x86/tdx/td_boot.S b/tools/test=
ing/selftests/kvm/lib/x86/tdx/td_boot.S
new file mode 100644
index 000000000000..7aa33caa9a78
--- /dev/null
+++ b/tools/testing/selftests/kvm/lib/x86/tdx/td_boot.S
@@ -0,0 +1,60 @@
+/* SPDX-License-Identifier: GPL-2.0-only */
+
+#include "tdx/td_boot_asm.h"
+#include "tdx/td_boot_offsets.h"
+#include "processor_asm.h"
+
+.code32
+
+.globl td_boot
+td_boot:
+	/* In this procedure, edi is used as a temporary register. */
+	cli
+
+	/* Paging is off. */
+
+	movl $TD_BOOT_PARAMETERS_GPA, %ebx
+
+	/*
+	 * Find the address of struct td_per_vcpu_parameters for this
+	 * vCPU based on esi (TDX spec: initialized with vCPU id). Put
+	 * struct address into register for indirect addressing.
+	 */
+	movl $SIZEOF_TD_PER_VCPU_PARAMETERS, %eax
+	mul %esi
+	leal TD_BOOT_PARAMETERS_PER_VCPU(%ebx), %edi
+	addl %edi, %eax
+
+	/* Setup stack. */
+	movl TD_PER_VCPU_PARAMETERS_ESP_GVA(%eax), %esp
+
+	/* Setup GDT. */
+	leal TD_BOOT_PARAMETERS_GDT(%ebx), %edi
+	lgdt (%edi)
+
+	/* Setup IDT. */
+	leal TD_BOOT_PARAMETERS_IDT(%ebx), %edi
+	lidt (%edi)
+
+	/*
+	 * Set up control registers (There are no instructions to mov from
+	 * memory to control registers, hence use edi as a scratch register).
+	 */
+	movl TD_BOOT_PARAMETERS_CR4(%ebx), %edi
+	movl %edi, %cr4
+	movl TD_BOOT_PARAMETERS_CR3(%ebx), %edi
+	movl %edi, %cr3
+	movl TD_BOOT_PARAMETERS_CR0(%ebx), %edi
+	movl %edi, %cr0
+
+	/* Switching to 64bit mode after ljmp and then jump to guest code */
+	ljmp $(KERNEL_CS),$1f
+1:
+	jmp *TD_PER_VCPU_PARAMETERS_GUEST_CODE(%eax)
+
+/* Leave marker so size of td_boot code can be computed. */
+.globl td_boot_code_end
+td_boot_code_end:
+
+/* Disable executable stack. */
+.section .note.GNU-stack,"",%progbits
--=20
2.51.0.536.g15c5d4f767-goog
From nobody Wed Oct  1 23:34:11 2025
Received: from mail-pf1-f202.google.com (mail-pf1-f202.google.com
 [209.85.210.202])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id 7416A31A56B
	for <linux-kernel@vger.kernel.org>; Thu, 25 Sep 2025 17:29:15 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org;
 arc=none smtp.client-ip=209.85.210.202
ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;
	t=1758821357; cv=none;
 b=FKRwwQD/rVPJEaZqwf6ZUxUkKAyidUt7ZOJ17Zf5NtuJJLyyJQ1ft1+G5yQtAenlKEmqA27I0CU0lPkCI/rkGClwOO5Ib+D235ofk2gybk1tMW7OJWMzK/Jo9bzXMvmDf3+ZdmNkrMHr8dInmo3r3uabyqmMg/38+w4R9fECLhs=
ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org;
	s=arc-20240116; t=1758821357; c=relaxed/simple;
	bh=vcPa/8+T0B4Q4SJqZzrdtuLDEPV0mlJUVpPCGNb8pyw=;
	h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From:
	 To:Cc:Content-Type;
 b=Iz9++fOZ9HimhA5f5bkxhGGum0unE5TUSZhVBgUdsZ1lMkmDeL8zjNiiocOuSiuTBPWrmaCa+yQuIv90iqrN85Cxr7uXnrXTfnMbzWVCQPtOodFZaJPcwgqywWZxBig+v4+owonjr7m9IYM7AB+3OGmSnmQMSMtNMpRjZXkY0MU=
ARC-Authentication-Results: i=1; smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com;
 spf=pass smtp.mailfrom=flex--sagis.bounces.google.com;
 dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b=r60fY2Fk; arc=none smtp.client-ip=209.85.210.202
Authentication-Results: smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com
Authentication-Results: smtp.subspace.kernel.org;
 spf=pass smtp.mailfrom=flex--sagis.bounces.google.com
Authentication-Results: smtp.subspace.kernel.org;
	dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b="r60fY2Fk"
Received: by mail-pf1-f202.google.com with SMTP id
 d2e1a72fcca58-7810912fc31so619320b3a.3
        for <linux-kernel@vger.kernel.org>;
 Thu, 25 Sep 2025 10:29:15 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=google.com; s=20230601; t=1758821354; x=1759426154;
 darn=vger.kernel.org;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:from:to:cc:subject:date:message-id:reply-to;
        bh=RfWoG7IZp/a/xEpP5J49/+hi6ZM0bSO6oF7v+4iZmqY=;
        b=r60fY2FkLAB8lL2hJ3FBh0aCFVl1wBl8KDX2oxSjwYxpwpdNjtgvrU4HTL5DLmc3hd
         Z96ZERuzvWTRImcchhMPgdGWAne9vtP8VUwF/Zx3z/QL74ADMP+c0VcgNYcIW9k6XMF6
         0GZ0VjdzxyWVq8e0NgDlZEMXvpGtO+Ne2gOpLJJSlEY6hTe8EIqdTWFoR+YtzireRoTq
         lGKS5hvPO7TCOe83//pXdaQTYrEy++a478fxZ5QnOT84Cn48p4Kf694kNhWOqleXHzEc
         J8T4e5aieLEQVD26EGw8N+OPDUjxgc4D+97YCgc7zm6rk4PlmyJqAhoIccTyKHu6/o2J
         oO+A==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1758821354; x=1759426154;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to;
        bh=RfWoG7IZp/a/xEpP5J49/+hi6ZM0bSO6oF7v+4iZmqY=;
        b=Idwty5K/jEY/D3TePaC0CnX4T2oJDdmrCuWVGdm1IEUyhvH+SgGOdNNHeYn/MJr1WY
         XhhKByzU3sCYTYzbU36XQFgGgm6BAp85RuyxlcqUw+pl30EWUNHsB1HfWE2SRNJjeTYU
         npJyx5IPTVDrekdAMKgfVBBqxJV/SbH6J308D30tfmFdj+bXHG/33MMN6jUdA9MBbzOR
         rxaXZqgmzBHCZr3sutYMGap4rsJWjDZM3nsEdZWDDC2T3ikQZs5Xvkr2C17pWJktzBNv
         Q2ofpLEZD6IOkXsjO4V2GbQkplJUM9GMFKxIdt+iT97O9Ok/xE8/e30wdJ2X+LHFGsM3
         dWyg==
X-Gm-Message-State: AOJu0Yy8+ixgo8rYyrQ47AKGnNrycHs5sxYURNOoqYkG4nJbpXRE4QAr
	gTLpnSHlvPO0lGO7pSMF+BBiRd5IkaJvgrlh07ePa6OJ1DwaK6BRXJXItwjY/rbx6uHyNVBiK/7
	c3A==
X-Google-Smtp-Source: 
 AGHT+IHyFyTl9WiREscF9Z1dQpnxV0cKGlLGeahIiAvSF2f2lAo5MVyaathSymz4Yh0PWTdHib8siPrddA==
X-Received: from pfbei28.prod.google.com
 ([2002:a05:6a00:80dc:b0:77f:33ea:96e9])
 (user=sagis job=prod-delivery.src-stubby-dispatcher) by
 2002:a05:6a00:1250:b0:77f:24b0:1f58
 with SMTP id d2e1a72fcca58-780fce2cc1bmr4989505b3a.14.1758821354431; Thu, 25
 Sep 2025 10:29:14 -0700 (PDT)
Date: Thu, 25 Sep 2025 10:28:37 -0700
In-Reply-To: <20250925172851.606193-1-sagis@google.com>
Precedence: bulk
X-Mailing-List: linux-kernel@vger.kernel.org
List-Id: <linux-kernel.vger.kernel.org>
List-Subscribe: <mailto:linux-kernel+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:linux-kernel+unsubscribe@vger.kernel.org>
Mime-Version: 1.0
References: <20250925172851.606193-1-sagis@google.com>
X-Mailer: git-send-email 2.51.0.536.g15c5d4f767-goog
Message-ID: <20250925172851.606193-10-sagis@google.com>
Subject: [PATCH v11 09/21] KVM: selftests: Set up TDX boot code region
From: Sagi Shahar <sagis@google.com>
To: linux-kselftest@vger.kernel.org, Paolo Bonzini <pbonzini@redhat.com>,
	Shuah Khan <shuah@kernel.org>, Sean Christopherson <seanjc@google.com>,
	Ackerley Tng <ackerleytng@google.com>, Ryan Afranji <afranji@google.com>,
	Andrew Jones <ajones@ventanamicro.com>,
 Isaku Yamahata <isaku.yamahata@intel.com>,
	Erdem Aktas <erdemaktas@google.com>,
 Rick Edgecombe <rick.p.edgecombe@intel.com>,
	Sagi Shahar <sagis@google.com>, Roger Wang <runanwang@google.com>,
	Binbin Wu <binbin.wu@linux.intel.com>, Oliver Upton <oliver.upton@linux.dev>,
	"Pratik R. Sampat" <pratikrajesh.sampat@amd.com>,
 Reinette Chatre <reinette.chatre@intel.com>,
	Ira Weiny <ira.weiny@intel.com>, Chao Gao <chao.gao@intel.com>,
	Chenyi Qiang <chenyi.qiang@intel.com>
Cc: linux-kernel@vger.kernel.org, kvm@vger.kernel.org
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain; charset="utf-8"

Add memory for TDX boot code in a separate memslot.

Use virt_map() to get identity map in this memory region to allow for
seamless transition from paging disabled to paging enabled code.

Copy the boot code into the memory region and set up the reset vector
at this point. While it's possible to separate the memory allocation and
boot code initialization into separate functions, having all the
calculations for memory size and offsets in one place simplifies the
code and avoids duplications.

Handcode the reset vector as suggested by Sean Christopherson.

Reviewed-by: Binbin Wu <binbin.wu@linux.intel.com>
Suggested-by: Sean Christopherson <seanjc@google.com>
Co-developed-by: Erdem Aktas <erdemaktas@google.com>
Signed-off-by: Erdem Aktas <erdemaktas@google.com>
Signed-off-by: Sagi Shahar <sagis@google.com>
---
 tools/testing/selftests/kvm/Makefile.kvm      |  1 +
 .../selftests/kvm/include/x86/tdx/tdx_util.h  |  2 +
 .../selftests/kvm/lib/x86/tdx/tdx_util.c      | 54 +++++++++++++++++++
 3 files changed, 57 insertions(+)
 create mode 100644 tools/testing/selftests/kvm/lib/x86/tdx/tdx_util.c

diff --git a/tools/testing/selftests/kvm/Makefile.kvm b/tools/testing/selft=
ests/kvm/Makefile.kvm
index d11d02e17cc5..52c90f1c0484 100644
--- a/tools/testing/selftests/kvm/Makefile.kvm
+++ b/tools/testing/selftests/kvm/Makefile.kvm
@@ -31,6 +31,7 @@ LIBKVM_x86 +=3D lib/x86/sev.c
 LIBKVM_x86 +=3D lib/x86/svm.c
 LIBKVM_x86 +=3D lib/x86/ucall.c
 LIBKVM_x86 +=3D lib/x86/vmx.c
+LIBKVM_x86 +=3D lib/x86/tdx/tdx_util.c
 LIBKVM_x86 +=3D lib/x86/tdx/td_boot.S
=20
 LIBKVM_arm64 +=3D lib/arm64/gic.c
diff --git a/tools/testing/selftests/kvm/include/x86/tdx/tdx_util.h b/tools=
/testing/selftests/kvm/include/x86/tdx/tdx_util.h
index 286d5e3c24b1..ec05bcd59145 100644
--- a/tools/testing/selftests/kvm/include/x86/tdx/tdx_util.h
+++ b/tools/testing/selftests/kvm/include/x86/tdx/tdx_util.h
@@ -11,4 +11,6 @@ static inline bool is_tdx_vm(struct kvm_vm *vm)
 	return vm->type =3D=3D KVM_X86_TDX_VM;
 }
=20
+void vm_tdx_setup_boot_code_region(struct kvm_vm *vm);
+
 #endif // SELFTESTS_TDX_TDX_UTIL_H
diff --git a/tools/testing/selftests/kvm/lib/x86/tdx/tdx_util.c b/tools/tes=
ting/selftests/kvm/lib/x86/tdx/tdx_util.c
new file mode 100644
index 000000000000..a1cf12de9d56
--- /dev/null
+++ b/tools/testing/selftests/kvm/lib/x86/tdx/tdx_util.c
@@ -0,0 +1,54 @@
+// SPDX-License-Identifier: GPL-2.0-only
+
+#include <stdint.h>
+
+#include "kvm_util.h"
+#include "processor.h"
+#include "tdx/td_boot.h"
+#include "tdx/tdx_util.h"
+
+/* Arbitrarily selected to avoid overlaps with anything else */
+#define TD_BOOT_CODE_SLOT	20
+
+#define X86_RESET_VECTOR	0xfffffff0ul
+#define X86_RESET_VECTOR_SIZE	16
+
+void vm_tdx_setup_boot_code_region(struct kvm_vm *vm)
+{
+	size_t total_code_size =3D TD_BOOT_CODE_SIZE + X86_RESET_VECTOR_SIZE;
+	vm_paddr_t boot_code_gpa =3D X86_RESET_VECTOR - TD_BOOT_CODE_SIZE;
+	vm_paddr_t alloc_gpa =3D round_down(boot_code_gpa, PAGE_SIZE);
+	size_t nr_pages =3D DIV_ROUND_UP(total_code_size, PAGE_SIZE);
+	vm_paddr_t gpa;
+	uint8_t *hva;
+
+	vm_userspace_mem_region_add(vm, VM_MEM_SRC_ANONYMOUS,
+				    alloc_gpa,
+				    TD_BOOT_CODE_SLOT, nr_pages,
+				    KVM_MEM_GUEST_MEMFD);
+
+	gpa =3D vm_phy_pages_alloc(vm, nr_pages, alloc_gpa, TD_BOOT_CODE_SLOT);
+	TEST_ASSERT(gpa =3D=3D alloc_gpa, "Failed vm_phy_pages_alloc\n");
+
+	virt_map(vm, alloc_gpa, alloc_gpa, nr_pages);
+	hva =3D addr_gpa2hva(vm, boot_code_gpa);
+	memcpy(hva, td_boot, TD_BOOT_CODE_SIZE);
+
+	hva +=3D TD_BOOT_CODE_SIZE;
+	TEST_ASSERT(hva =3D=3D addr_gpa2hva(vm, X86_RESET_VECTOR),
+		    "Expected RESET vector at hva 0x%lx, got %lx",
+		    (unsigned long)addr_gpa2hva(vm, X86_RESET_VECTOR), (unsigned long)hv=
a);
+
+	/*
+	 * Handcode "JMP rel8" at the RESET vector to jump back to the TD boot
+	 * code, as there are only 16 bytes at the RESET vector before RIP will
+	 * wrap back to zero.  Insert a trailing int3 so that the vCPU crashes
+	 * in case the JMP somehow falls through.  Note!  The target address is
+	 * relative to the end of the instruction!
+	 */
+	TEST_ASSERT(TD_BOOT_CODE_SIZE + 2 <=3D 128,
+		    "TD boot code not addressable by 'JMP rel8'");
+	hva[0] =3D 0xeb;
+	hva[1] =3D 256 - 2 - TD_BOOT_CODE_SIZE;
+	hva[2] =3D 0xcc;
+}
--=20
2.51.0.536.g15c5d4f767-goog
From nobody Wed Oct  1 23:34:11 2025
Received: from mail-pf1-f202.google.com (mail-pf1-f202.google.com
 [209.85.210.202])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id B738331B123
	for <linux-kernel@vger.kernel.org>; Thu, 25 Sep 2025 17:29:16 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org;
 arc=none smtp.client-ip=209.85.210.202
ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;
	t=1758821360; cv=none;
 b=eK8wHsh3WulEwB2WL7GcpIlA+LtGAu6cgWio1Dn4XIowcPfycEgB7HKUQfVPGNXfGzYdO5H2xuFqSLMYYheLSEVTugNu7YpS/ZrsOyk37MoApHtciKcAKJLcSey5dcx8Bd7rt8VZSN50clkxOotY4ScGDZ49VaDL7O4yKdNR4fY=
ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org;
	s=arc-20240116; t=1758821360; c=relaxed/simple;
	bh=Bu94ep6LXVCBGk9mhGFiOfvC3iFU5bTCmLww/QF+Y0w=;
	h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From:
	 To:Cc:Content-Type;
 b=BjtJrXEUC/pNNVNpOp4nHKqDu6sJXDWQ0Whr2QC7fTmtOjs7kio6PjcMlyS8gFA/Sd647++gRJcq4ev8XXnlXDp2wBlkfkfm3H2z9Gk/Gadb68V6oMQG+BsoVNygLc8N7RYmDoG8Yar1+bA0gMKAU2/2MGaf/OgLzbPY+bHg9tI=
ARC-Authentication-Results: i=1; smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com;
 spf=pass smtp.mailfrom=flex--sagis.bounces.google.com;
 dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b=a157fuen; arc=none smtp.client-ip=209.85.210.202
Authentication-Results: smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com
Authentication-Results: smtp.subspace.kernel.org;
 spf=pass smtp.mailfrom=flex--sagis.bounces.google.com
Authentication-Results: smtp.subspace.kernel.org;
	dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b="a157fuen"
Received: by mail-pf1-f202.google.com with SMTP id
 d2e1a72fcca58-77f5e6a324fso2263421b3a.0
        for <linux-kernel@vger.kernel.org>;
 Thu, 25 Sep 2025 10:29:16 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=google.com; s=20230601; t=1758821356; x=1759426156;
 darn=vger.kernel.org;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:from:to:cc:subject:date:message-id:reply-to;
        bh=+dlLssYObMpDc3Mig0BnX1nAYbBtGHYEAQU3DA8pmFQ=;
        b=a157fuenyUnGcWey9HMUtsceb49OOctA1xOEjoRKrG3L/uf4LqLE0kfOQL83L/ilkv
         xXXaH5BYv0keQ+offAgB2ziw209O3gykypDj/401xRBdtA3isq9GfO/EOFPBRE/D8Imh
         Kh4VQKoYoXwPiPTQLc18KkWBgQsT4ozDV0yNRZEEjTG7pdbkSygqLhqDvujwDHG/IlfG
         eNcESJoeYexTN62M5YzEyk5niu4IqW0GjAjBx7jDUFjYjary4f78zaywmnQ2P5Vdq2s2
         iVjU3jdxgwRZcDIVmObfW87zcACE/TYBJ5vGIEOAVzjL55TkkQy2oJaJBQjh1a5+OspU
         rROA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1758821356; x=1759426156;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to;
        bh=+dlLssYObMpDc3Mig0BnX1nAYbBtGHYEAQU3DA8pmFQ=;
        b=pNv6x8gslMHH1LJwYLyJgeQ6bsiKjx/yXtCCHPljMdcFaPEdhc7FSJAUqtj5PZJ3Cv
         8F427/kZcEs9D91K0dA7CsTj+MOONb9HuLuOLsjL2Msa/wtvHL2AO3p+akYdZbkLmXY1
         zE6DfzXE+xdaQ6t/KffcZTF8j3e//bcT41vaEPTfWVRCxX7tVRmqG9CFSDXbRsX1sGtO
         nsoHyI5dMS1ajYOyg+9+Gypa8tINfljLZUTPsKBelkKsPCNRCf7R7qP71mrG+3fdy8Sz
         tCi/Cm5y13estAzrTPltf/j5Pe76WsXr6MHQ1ssRZ/HeBf+WZPKftQl5ZWQ87hGInEL9
         Nj0w==
X-Gm-Message-State: AOJu0YzF30VXb5d4kzz25O81HiCgCNhDIiJrE4opivPTVHK+bplrrzph
	iz4Gi9KXl1tjr3XYGRkNDmgBt0dyh7nkyhhBiWktpImavhQA7pR7cE+ozbSovHfu4l2gkhxZD+3
	xlg==
X-Google-Smtp-Source: 
 AGHT+IE73CoIJzyKmVA8thi2OhWNCikU0g0L+pUzECN/cCGBVKYk3F06bo+KSf76r+1vZuQUYCZQe/QjcA==
X-Received: from pfbkh3.prod.google.com
 ([2002:a05:6a00:9443:b0:772:749b:de38])
 (user=sagis job=prod-delivery.src-stubby-dispatcher) by
 2002:a05:6a20:244e:b0:24e:84c9:e986
 with SMTP id adf61e73a8af0-2e7c79c5ac6mr5667587637.15.1758821356049; Thu, 25
 Sep 2025 10:29:16 -0700 (PDT)
Date: Thu, 25 Sep 2025 10:28:38 -0700
In-Reply-To: <20250925172851.606193-1-sagis@google.com>
Precedence: bulk
X-Mailing-List: linux-kernel@vger.kernel.org
List-Id: <linux-kernel.vger.kernel.org>
List-Subscribe: <mailto:linux-kernel+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:linux-kernel+unsubscribe@vger.kernel.org>
Mime-Version: 1.0
References: <20250925172851.606193-1-sagis@google.com>
X-Mailer: git-send-email 2.51.0.536.g15c5d4f767-goog
Message-ID: <20250925172851.606193-11-sagis@google.com>
Subject: [PATCH v11 10/21] KVM: selftests: Set up TDX boot parameters region
From: Sagi Shahar <sagis@google.com>
To: linux-kselftest@vger.kernel.org, Paolo Bonzini <pbonzini@redhat.com>,
	Shuah Khan <shuah@kernel.org>, Sean Christopherson <seanjc@google.com>,
	Ackerley Tng <ackerleytng@google.com>, Ryan Afranji <afranji@google.com>,
	Andrew Jones <ajones@ventanamicro.com>,
 Isaku Yamahata <isaku.yamahata@intel.com>,
	Erdem Aktas <erdemaktas@google.com>,
 Rick Edgecombe <rick.p.edgecombe@intel.com>,
	Sagi Shahar <sagis@google.com>, Roger Wang <runanwang@google.com>,
	Binbin Wu <binbin.wu@linux.intel.com>, Oliver Upton <oliver.upton@linux.dev>,
	"Pratik R. Sampat" <pratikrajesh.sampat@amd.com>,
 Reinette Chatre <reinette.chatre@intel.com>,
	Ira Weiny <ira.weiny@intel.com>, Chao Gao <chao.gao@intel.com>,
	Chenyi Qiang <chenyi.qiang@intel.com>
Cc: linux-kernel@vger.kernel.org, kvm@vger.kernel.org
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain; charset="utf-8"

Allocate memory for TDX boot parameters and define the utility functions
necessary to fill this memory with the boot parameters.

Co-developed-by: Ackerley Tng <ackerleytng@google.com>
Signed-off-by: Ackerley Tng <ackerleytng@google.com>
Signed-off-by: Sagi Shahar <sagis@google.com>

---------------------------------------------

Changes from v10:
 * Removed code for setting up X86_CR4_OSXMMEXCPT bit. At least for now
   it is not needed and the test pass without it.
---
 .../selftests/kvm/include/x86/tdx/tdx_util.h  |  4 ++
 .../selftests/kvm/lib/x86/tdx/tdx_util.c      | 72 +++++++++++++++++++
 2 files changed, 76 insertions(+)

diff --git a/tools/testing/selftests/kvm/include/x86/tdx/tdx_util.h b/tools=
/testing/selftests/kvm/include/x86/tdx/tdx_util.h
index ec05bcd59145..dafdc7e46abe 100644
--- a/tools/testing/selftests/kvm/include/x86/tdx/tdx_util.h
+++ b/tools/testing/selftests/kvm/include/x86/tdx/tdx_util.h
@@ -12,5 +12,9 @@ static inline bool is_tdx_vm(struct kvm_vm *vm)
 }
=20
 void vm_tdx_setup_boot_code_region(struct kvm_vm *vm);
+void vm_tdx_setup_boot_parameters_region(struct kvm_vm *vm, uint32_t nr_ru=
nnable_vcpus);
+void vm_tdx_load_common_boot_parameters(struct kvm_vm *vm);
+void vm_tdx_load_vcpu_boot_parameters(struct kvm_vm *vm, struct kvm_vcpu *=
vcpu);
+void vm_tdx_set_vcpu_entry_point(struct kvm_vcpu *vcpu, void *guest_code);
=20
 #endif // SELFTESTS_TDX_TDX_UTIL_H
diff --git a/tools/testing/selftests/kvm/lib/x86/tdx/tdx_util.c b/tools/tes=
ting/selftests/kvm/lib/x86/tdx/tdx_util.c
index a1cf12de9d56..f3b69923e928 100644
--- a/tools/testing/selftests/kvm/lib/x86/tdx/tdx_util.c
+++ b/tools/testing/selftests/kvm/lib/x86/tdx/tdx_util.c
@@ -5,10 +5,12 @@
 #include "kvm_util.h"
 #include "processor.h"
 #include "tdx/td_boot.h"
+#include "tdx/td_boot_asm.h"
 #include "tdx/tdx_util.h"
=20
 /* Arbitrarily selected to avoid overlaps with anything else */
 #define TD_BOOT_CODE_SLOT	20
+#define TD_BOOT_PARAMETERS_SLOT	21
=20
 #define X86_RESET_VECTOR	0xfffffff0ul
 #define X86_RESET_VECTOR_SIZE	16
@@ -52,3 +54,73 @@ void vm_tdx_setup_boot_code_region(struct kvm_vm *vm)
 	hva[1] =3D 256 - 2 - TD_BOOT_CODE_SIZE;
 	hva[2] =3D 0xcc;
 }
+
+void vm_tdx_setup_boot_parameters_region(struct kvm_vm *vm, uint32_t nr_ru=
nnable_vcpus)
+{
+	size_t boot_params_size =3D
+		sizeof(struct td_boot_parameters) +
+		nr_runnable_vcpus * sizeof(struct td_per_vcpu_parameters);
+	int npages =3D DIV_ROUND_UP(boot_params_size, PAGE_SIZE);
+	vm_paddr_t gpa;
+
+	vm_userspace_mem_region_add(vm, VM_MEM_SRC_ANONYMOUS,
+				    TD_BOOT_PARAMETERS_GPA,
+				    TD_BOOT_PARAMETERS_SLOT, npages,
+				    KVM_MEM_GUEST_MEMFD);
+	gpa =3D vm_phy_pages_alloc(vm, npages, TD_BOOT_PARAMETERS_GPA, TD_BOOT_PA=
RAMETERS_SLOT);
+	TEST_ASSERT(gpa =3D=3D TD_BOOT_PARAMETERS_GPA, "Failed vm_phy_pages_alloc=
\n");
+
+	virt_map(vm, TD_BOOT_PARAMETERS_GPA, TD_BOOT_PARAMETERS_GPA, npages);
+}
+
+void vm_tdx_load_common_boot_parameters(struct kvm_vm *vm)
+{
+	struct td_boot_parameters *params =3D
+		addr_gpa2hva(vm, TD_BOOT_PARAMETERS_GPA);
+	uint32_t cr4;
+
+	TEST_ASSERT_EQ(vm->mode, VM_MODE_PXXV48_4K);
+
+	cr4 =3D kvm_get_default_cr4();
+
+	/* TDX spec 11.6.2: CR4 bit MCE is fixed to 1 */
+	cr4 |=3D X86_CR4_MCE;
+
+	/* TDX spec 11.6.2: CR4 bit VMXE and SMXE are fixed to 0 */
+	cr4 &=3D ~(X86_CR4_VMXE | X86_CR4_SMXE);
+
+	/* Set parameters! */
+	params->cr0 =3D kvm_get_default_cr0();
+	params->cr3 =3D vm->pgd;
+	params->cr4 =3D cr4;
+	params->idtr.base =3D vm->arch.idt;
+	params->idtr.limit =3D kvm_get_default_idt_limit();
+	params->gdtr.base =3D vm->arch.gdt;
+	params->gdtr.limit =3D kvm_get_default_gdt_limit();
+
+	TEST_ASSERT(params->cr0 !=3D 0, "cr0 should not be 0");
+	TEST_ASSERT(params->cr3 !=3D 0, "cr3 should not be 0");
+	TEST_ASSERT(params->cr4 !=3D 0, "cr4 should not be 0");
+	TEST_ASSERT(params->gdtr.base !=3D 0, "gdt base address should not be 0");
+	TEST_ASSERT(params->idtr.base !=3D 0, "idt base address should not be 0");
+}
+
+void vm_tdx_load_vcpu_boot_parameters(struct kvm_vm *vm, struct kvm_vcpu *=
vcpu)
+{
+	struct td_boot_parameters *params =3D
+		addr_gpa2hva(vm, TD_BOOT_PARAMETERS_GPA);
+	struct td_per_vcpu_parameters *vcpu_params =3D
+		&params->per_vcpu[vcpu->id];
+
+	vcpu_params->esp_gva =3D kvm_allocate_vcpu_stack(vm);
+}
+
+void vm_tdx_set_vcpu_entry_point(struct kvm_vcpu *vcpu, void *guest_code)
+{
+	struct td_boot_parameters *params =3D
+		addr_gpa2hva(vcpu->vm, TD_BOOT_PARAMETERS_GPA);
+	struct td_per_vcpu_parameters *vcpu_params =3D
+		&params->per_vcpu[vcpu->id];
+
+	vcpu_params->guest_code =3D (uint64_t)guest_code;
+}
--=20
2.51.0.536.g15c5d4f767-goog
From nobody Wed Oct  1 23:34:11 2025
Received: from mail-pf1-f201.google.com (mail-pf1-f201.google.com
 [209.85.210.201])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id 7835330F528
	for <linux-kernel@vger.kernel.org>; Thu, 25 Sep 2025 17:29:18 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org;
 arc=none smtp.client-ip=209.85.210.201
ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;
	t=1758821360; cv=none;
 b=iLrGbsgz11sJC1bo3K+BvV/JfL5i7HeI7u4Q1pkkICRRaed65Ua5jFd0RqdLL0zls5plKRXsyx4NtYvwlAPL0yTuTl3szITmGmaKWXec/yPLNBZaXjTir4hCo1VQNPInRF/vVtAONXybvKFUEopuamx5R0JBTgx3zEaZileeJlg=
ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org;
	s=arc-20240116; t=1758821360; c=relaxed/simple;
	bh=vTy30/tQgLN9RDnh25oE90h3VeWiHnYTSMLkxhXis7M=;
	h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From:
	 To:Cc:Content-Type;
 b=PVMDygjxYoOWtQw3tYbsbgaKy8DkPEp3ZCTpjl3fm3XHqoFf6et3JN1P5u6Bem2kr1Gs0yrZFRVhhq/Elgr/eOSkKI2EDCAM8FQKPOnHIOIDH4OrOeutwmlyXuAR413MCTJWNb/w4dlGFxPTIyxOcNaXM0EsxKQxSKUp1SVlMlc=
ARC-Authentication-Results: i=1; smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com;
 spf=pass smtp.mailfrom=flex--sagis.bounces.google.com;
 dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b=QlTPIlYz; arc=none smtp.client-ip=209.85.210.201
Authentication-Results: smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com
Authentication-Results: smtp.subspace.kernel.org;
 spf=pass smtp.mailfrom=flex--sagis.bounces.google.com
Authentication-Results: smtp.subspace.kernel.org;
	dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b="QlTPIlYz"
Received: by mail-pf1-f201.google.com with SMTP id
 d2e1a72fcca58-78105c10afdso865825b3a.1
        for <linux-kernel@vger.kernel.org>;
 Thu, 25 Sep 2025 10:29:18 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=google.com; s=20230601; t=1758821357; x=1759426157;
 darn=vger.kernel.org;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:from:to:cc:subject:date:message-id:reply-to;
        bh=jq32N4zQdZvpB3KBOjRNfMvgxoaP6cr0TCKHzbKZPoI=;
        b=QlTPIlYz1A+ijur5228q73au+L0dIo5UtEf4DyDP4AWDVLDEKX5cKwFLcTSG/YOSNU
         h/rIRO/yY6Bc+npWpM3xP3xoTS949WZEFvN0gNqtJdBiybON93MfixKRmxfpHeJtId5C
         NwP9KXNKw+94/rUMQcWqrO4609h5U3/VoT40zhYlxeMY67jd3ysfVa/okl6ASUN8zJfN
         xs9VZHhy2OrsikCqlggIaIUL4LQFfmZpWuR2gAA7JBmJTrayZYe4nWYHD+Jeh3G79cn4
         Dol7IGqegCugDZAV0Gm56bbUMpxbsBvKJniHYLvKA8yWovNlZXdtywtjoVtMv7ZmtQTh
         hhyw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1758821357; x=1759426157;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to;
        bh=jq32N4zQdZvpB3KBOjRNfMvgxoaP6cr0TCKHzbKZPoI=;
        b=JQH9kJKLypx/+O+KR+f0dh2Jes1AxfRM3liHlcCRBpAOUC5N4WCgi8n+dkTKjE4YNV
         hg3KfAokFlM5xTtvB99wrc2YnvV9+oRagLhktNo8wTE0bQaAzVqaqdHX6UN5zMTYpHiv
         4Gt66MbYcl/apysYUNAyGpSwJRC5kLsUPdIDd+Hn9qz6qfY5qOBGIFlfNjWNxtEdtvCT
         9GHgOH3lTplVNc3h6VKBLyXK5is9rlO74MQNyaeGVxEwZXZ12C5mt9psjs4AISVTIY+V
         BqKLD6WSfAiP/VYbyvg514SI0xhefr5NWBbAheAt+3l3X5BXqAMK0o4ERPwRFCjhUUWM
         7Lxw==
X-Gm-Message-State: AOJu0Yx80Y4W3raFWtaR8/8Z+VcEZqLjEQOMw2E0iLeVCCKmN8JCyAcO
	GAClz1yY6Is3repgio38aMtLkg5TJnnbxtIU/MmgD2lIJZTCEaRf14sZXy1tyf8UYwTdnLdxITg
	Cjw==
X-Google-Smtp-Source: 
 AGHT+IGwifTeRKj3uUJwXuvkE8D4Y4qWQNpxH/T52DC7hpr054BQxhka4L8X920sPMemfC+xK1McRF26FQ==
X-Received: from pfbkx21.prod.google.com
 ([2002:a05:6a00:6f15:b0:77c:7706:8702])
 (user=sagis job=prod-delivery.src-stubby-dispatcher) by
 2002:a05:6a00:928b:b0:77f:366b:b711
 with SMTP id d2e1a72fcca58-780fce1dd3amr5135005b3a.6.1758821357465; Thu, 25
 Sep 2025 10:29:17 -0700 (PDT)
Date: Thu, 25 Sep 2025 10:28:39 -0700
In-Reply-To: <20250925172851.606193-1-sagis@google.com>
Precedence: bulk
X-Mailing-List: linux-kernel@vger.kernel.org
List-Id: <linux-kernel.vger.kernel.org>
List-Subscribe: <mailto:linux-kernel+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:linux-kernel+unsubscribe@vger.kernel.org>
Mime-Version: 1.0
References: <20250925172851.606193-1-sagis@google.com>
X-Mailer: git-send-email 2.51.0.536.g15c5d4f767-goog
Message-ID: <20250925172851.606193-12-sagis@google.com>
Subject: [PATCH v11 11/21] KVM: selftests: Add helper to initialize TDX VM
From: Sagi Shahar <sagis@google.com>
To: linux-kselftest@vger.kernel.org, Paolo Bonzini <pbonzini@redhat.com>,
	Shuah Khan <shuah@kernel.org>, Sean Christopherson <seanjc@google.com>,
	Ackerley Tng <ackerleytng@google.com>, Ryan Afranji <afranji@google.com>,
	Andrew Jones <ajones@ventanamicro.com>,
 Isaku Yamahata <isaku.yamahata@intel.com>,
	Erdem Aktas <erdemaktas@google.com>,
 Rick Edgecombe <rick.p.edgecombe@intel.com>,
	Sagi Shahar <sagis@google.com>, Roger Wang <runanwang@google.com>,
	Binbin Wu <binbin.wu@linux.intel.com>, Oliver Upton <oliver.upton@linux.dev>,
	"Pratik R. Sampat" <pratikrajesh.sampat@amd.com>,
 Reinette Chatre <reinette.chatre@intel.com>,
	Ira Weiny <ira.weiny@intel.com>, Chao Gao <chao.gao@intel.com>,
	Chenyi Qiang <chenyi.qiang@intel.com>
Cc: linux-kernel@vger.kernel.org, kvm@vger.kernel.org
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain; charset="utf-8"

KVM_TDX_INIT_VM needs to be called after KVM_CREATE_VM and before
creating any VCPUs, thus before KVM_SET_CPUID2. KVM_TDX_INIT_VM accepts
the CPUID values directly.

Since KVM_GET_CPUID2 can't be used at this point, calculate the CPUID
values manually by using kvm_get_supported_cpuid() and filter the
returned CPUIDs against the supported CPUID values read from the TDX
module.

Co-developed-by: Isaku Yamahata <isaku.yamahata@intel.com>
Signed-off-by: Isaku Yamahata <isaku.yamahata@intel.com>
Co-developed-by: Rick Edgecombe <rick.p.edgecombe@intel.com>
Signed-off-by: Rick Edgecombe <rick.p.edgecombe@intel.com>
Signed-off-by: Sagi Shahar <sagis@google.com>
---
 .../selftests/kvm/include/x86/tdx/tdx_util.h  |  54 +++++++
 .../selftests/kvm/lib/x86/tdx/tdx_util.c      | 132 ++++++++++++++++++
 2 files changed, 186 insertions(+)

diff --git a/tools/testing/selftests/kvm/include/x86/tdx/tdx_util.h b/tools=
/testing/selftests/kvm/include/x86/tdx/tdx_util.h
index dafdc7e46abe..a2509959c7ce 100644
--- a/tools/testing/selftests/kvm/include/x86/tdx/tdx_util.h
+++ b/tools/testing/selftests/kvm/include/x86/tdx/tdx_util.h
@@ -11,6 +11,60 @@ static inline bool is_tdx_vm(struct kvm_vm *vm)
 	return vm->type =3D=3D KVM_X86_TDX_VM;
 }
=20
+/*
+ * TDX ioctls
+ */
+
+#define __vm_tdx_vm_ioctl(vm, cmd, metadata, arg)			\
+({									\
+	int r;								\
+									\
+	union {								\
+		struct kvm_tdx_cmd c;					\
+		unsigned long raw;					\
+	} tdx_cmd =3D { .c =3D {						\
+		.id =3D (cmd),						\
+		.flags =3D (uint32_t)(metadata),				\
+		.data =3D (uint64_t)(arg),				\
+	} };								\
+									\
+	r =3D __vm_ioctl(vm, KVM_MEMORY_ENCRYPT_OP, &tdx_cmd.raw);	\
+	r ?: tdx_cmd.c.hw_error;					\
+})
+
+#define vm_tdx_vm_ioctl(vm, cmd, flags, arg)				\
+({									\
+	int ret =3D __vm_tdx_vm_ioctl(vm, cmd, flags, arg);		\
+									\
+	__TEST_ASSERT_VM_VCPU_IOCTL(!ret, #cmd,	ret, vm);		\
+})
+
+#define __vm_tdx_vcpu_ioctl(vcpu, cmd, metadata, arg)			\
+({									\
+	int r;								\
+									\
+	union {								\
+		struct kvm_tdx_cmd c;					\
+		unsigned long raw;					\
+	} tdx_cmd =3D { .c =3D {						\
+		.id =3D (cmd),						\
+		.flags =3D (uint32_t)(metadata),				\
+		.data =3D (uint64_t)(arg),				\
+	} };								\
+									\
+	r =3D __vcpu_ioctl(vcpu, KVM_MEMORY_ENCRYPT_OP, &tdx_cmd.raw);	\
+	r ?: tdx_cmd.c.hw_error;					\
+})
+
+#define vm_tdx_vcpu_ioctl(vcpu, cmd, flags, arg)			\
+({									\
+	int ret =3D __vm_tdx_vcpu_ioctl(vcpu, cmd, flags, arg);		\
+									\
+	__TEST_ASSERT_VM_VCPU_IOCTL(!ret, #cmd, ret, (vcpu)->vm);	\
+})
+
+void vm_tdx_init_vm(struct kvm_vm *vm, uint64_t attributes);
+
 void vm_tdx_setup_boot_code_region(struct kvm_vm *vm);
 void vm_tdx_setup_boot_parameters_region(struct kvm_vm *vm, uint32_t nr_ru=
nnable_vcpus);
 void vm_tdx_load_common_boot_parameters(struct kvm_vm *vm);
diff --git a/tools/testing/selftests/kvm/lib/x86/tdx/tdx_util.c b/tools/tes=
ting/selftests/kvm/lib/x86/tdx/tdx_util.c
index f3b69923e928..7a622b4810b1 100644
--- a/tools/testing/selftests/kvm/lib/x86/tdx/tdx_util.c
+++ b/tools/testing/selftests/kvm/lib/x86/tdx/tdx_util.c
@@ -124,3 +124,135 @@ void vm_tdx_set_vcpu_entry_point(struct kvm_vcpu *vcp=
u, void *guest_code)
=20
 	vcpu_params->guest_code =3D (uint64_t)guest_code;
 }
+
+static struct kvm_tdx_capabilities *tdx_read_capabilities(struct kvm_vm *v=
m)
+{
+	struct kvm_tdx_capabilities *tdx_cap =3D NULL;
+	int nr_cpuid_configs =3D 4;
+	int rc =3D -1;
+	int i;
+
+	do {
+		nr_cpuid_configs *=3D 2;
+
+		tdx_cap =3D realloc(tdx_cap, sizeof(*tdx_cap) +
+					   sizeof(tdx_cap->cpuid) +
+					   (sizeof(struct kvm_cpuid_entry2) * nr_cpuid_configs));
+		TEST_ASSERT(tdx_cap,
+			    "Could not allocate memory for tdx capability nr_cpuid_configs %d\n=
",
+			    nr_cpuid_configs);
+
+		tdx_cap->cpuid.nent =3D nr_cpuid_configs;
+		rc =3D __vm_tdx_vm_ioctl(vm, KVM_TDX_CAPABILITIES, 0, tdx_cap);
+	} while (rc < 0 && errno =3D=3D E2BIG);
+
+	TEST_ASSERT(rc =3D=3D 0, "KVM_TDX_CAPABILITIES failed: %d %d",
+		    rc, errno);
+
+	pr_debug("tdx_cap: supported_attrs: 0x%016llx\n"
+		 "tdx_cap: supported_xfam 0x%016llx\n",
+		 tdx_cap->supported_attrs, tdx_cap->supported_xfam);
+
+	for (i =3D 0; i < tdx_cap->cpuid.nent; i++) {
+		const struct kvm_cpuid_entry2 *config =3D &tdx_cap->cpuid.entries[i];
+
+		pr_debug("cpuid config[%d]: leaf 0x%x sub_leaf 0x%x eax 0x%08x ebx 0x%08=
x ecx 0x%08x edx 0x%08x\n",
+			 i, config->function, config->index,
+			 config->eax, config->ebx, config->ecx, config->edx);
+	}
+
+	return tdx_cap;
+}
+
+static struct kvm_cpuid_entry2 *tdx_find_cpuid_config(struct kvm_tdx_capab=
ilities *cap,
+						      uint32_t leaf, uint32_t sub_leaf)
+{
+	struct kvm_cpuid_entry2 *config;
+	uint32_t i;
+
+	for (i =3D 0; i < cap->cpuid.nent; i++) {
+		config =3D &cap->cpuid.entries[i];
+
+		if (config->function =3D=3D leaf && config->index =3D=3D sub_leaf)
+			return config;
+	}
+
+	return NULL;
+}
+
+/*
+ * Filter CPUID based on TDX supported capabilities
+ *
+ * Input Args:
+ *   vm - Virtual Machine
+ *   cpuid_data - CPUID fileds to filter
+ *
+ * Output Args: None
+ *
+ * Return: None
+ *
+ * For each CPUID leaf, filter out non-supported bits based on the capabil=
ities reported
+ * by the TDX module
+ */
+static void vm_tdx_filter_cpuid(struct kvm_vm *vm,
+				struct kvm_cpuid2 *cpuid_data)
+{
+	struct kvm_tdx_capabilities *tdx_cap;
+	struct kvm_cpuid_entry2 *config;
+	struct kvm_cpuid_entry2 *e;
+	int i;
+
+	tdx_cap =3D tdx_read_capabilities(vm);
+
+	i =3D 0;
+	while (i < cpuid_data->nent) {
+		e =3D cpuid_data->entries + i;
+		config =3D tdx_find_cpuid_config(tdx_cap, e->function, e->index);
+
+		if (!config) {
+			int left =3D cpuid_data->nent - i - 1;
+
+			if (left > 0)
+				memmove(cpuid_data->entries + i,
+					cpuid_data->entries + i + 1,
+					sizeof(*cpuid_data->entries) * left);
+			cpuid_data->nent--;
+			continue;
+		}
+
+		e->eax &=3D config->eax;
+		e->ebx &=3D config->ebx;
+		e->ecx &=3D config->ecx;
+		e->edx &=3D config->edx;
+
+		i++;
+	}
+
+	free(tdx_cap);
+}
+
+void vm_tdx_init_vm(struct kvm_vm *vm, uint64_t attributes)
+{
+	struct kvm_tdx_init_vm *init_vm;
+	const struct kvm_cpuid2 *tmp;
+	struct kvm_cpuid2 *cpuid;
+
+	tmp =3D kvm_get_supported_cpuid();
+
+	cpuid =3D allocate_kvm_cpuid2(MAX_NR_CPUID_ENTRIES);
+	memcpy(cpuid, tmp, kvm_cpuid2_size(tmp->nent));
+	vm_tdx_filter_cpuid(vm, cpuid);
+
+	init_vm =3D calloc(1, sizeof(*init_vm) +
+			 sizeof(init_vm->cpuid.entries[0]) * cpuid->nent);
+	TEST_ASSERT(init_vm, "init_vm allocation failed");
+
+	memcpy(&init_vm->cpuid, cpuid, kvm_cpuid2_size(cpuid->nent));
+	free(cpuid);
+
+	init_vm->attributes =3D attributes;
+
+	vm_tdx_vm_ioctl(vm, KVM_TDX_INIT_VM, 0, init_vm);
+
+	free(init_vm);
+}
--=20
2.51.0.536.g15c5d4f767-goog
From nobody Wed Oct  1 23:34:11 2025
Received: from mail-pf1-f201.google.com (mail-pf1-f201.google.com
 [209.85.210.201])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id BA1D431BCB5
	for <linux-kernel@vger.kernel.org>; Thu, 25 Sep 2025 17:29:19 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org;
 arc=none smtp.client-ip=209.85.210.201
ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;
	t=1758821361; cv=none;
 b=NBXIYLLE9yZHomCLLTYAl5fVAa2mW9+pbd6IbLI3gqrzkqruz6S+FOnxIHfjjQ+AQQS5eh8xE5qKecsVbbOCd+0/qyVYZnt4Hqaz93uGFjm9kS4sGsc2vOeF+yw5GNs6Sdch8oVCOVIhAPi+JgtQ/tSmxMP1DcV4axlujovQRCI=
ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org;
	s=arc-20240116; t=1758821361; c=relaxed/simple;
	bh=kyNUo03VHcUtqgem5Ure2zDndq9TR63HAvb7v0MESQ8=;
	h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From:
	 To:Cc:Content-Type;
 b=Uz1M2Cyc93/gV8ZtJhsahfQFFcmR772TghLSH59fx+KrZX0ABSz6cIOJKxi8l9kbVZ4Pr59uUsfCuryeZ8dA5fWSSvbl9O/HhX3/glb3GYy6oJSzcRl4/2X7rT7oYkw+jsjK6NpN1LP1OksDdnxN6oZuWBjJSP8IA+B6KtdoBKM=
ARC-Authentication-Results: i=1; smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com;
 spf=pass smtp.mailfrom=flex--sagis.bounces.google.com;
 dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b=phqyScAG; arc=none smtp.client-ip=209.85.210.201
Authentication-Results: smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com
Authentication-Results: smtp.subspace.kernel.org;
 spf=pass smtp.mailfrom=flex--sagis.bounces.google.com
Authentication-Results: smtp.subspace.kernel.org;
	dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b="phqyScAG"
Received: by mail-pf1-f201.google.com with SMTP id
 d2e1a72fcca58-78104c8c8ddso824955b3a.2
        for <linux-kernel@vger.kernel.org>;
 Thu, 25 Sep 2025 10:29:19 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=google.com; s=20230601; t=1758821359; x=1759426159;
 darn=vger.kernel.org;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:from:to:cc:subject:date:message-id:reply-to;
        bh=3MAW67C+26Du9WD+afvdTUdsrfWFPaXzJwetR1H+pT8=;
        b=phqyScAGkUBL9wXzNie4OEXIrmTcV42jIoB6IEB0Sq1H+T0wUvuThPoMB6GJYM5Tab
         x+dvPcOT7vIGFdraHA2cylqsnLeCORas9YDvcC57qDiSVl/WXRFfky5yup6rT4vAmuzD
         u23tLucbiGZQKi9e+eDw2tjKh1BCzxHU754xw6Fr9Cmv20LAFlMCh76mu+VxA30USd4n
         PXx1PtblsY2rHhVGKkjRUyf7w81o9/j05AWMXQZltuxd65DuJQ8z/aG27SLBVA0zgMSx
         Mizz/VALe6ZbjB1WxImhRP8QJ/E3J0ay86Indn/NGTov7RgoSi9UgNdWe6jELyRY0yXu
         cHdw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1758821359; x=1759426159;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to;
        bh=3MAW67C+26Du9WD+afvdTUdsrfWFPaXzJwetR1H+pT8=;
        b=l4AP5ye2akIsY4x8SIGt7r4/lyklFPEs/8hUtSWxTxxaVQhxkEosZOQu3Ax6pA9Uf3
         h+qR72NFiaxeRG0uYBsum7SdFYXsQAU6meaCk+fGTPaf5dpW6fAmeKQpItkG5bG6JaUF
         XiXb8o3zBv+aaYLCqZxdLXCiqocC8Bw/34Es/M/2zus+G41F4so6lmSuXuRjUaj/VF8P
         7aUFjDaqaTBSl4YTZI160Gx9MWO82596iBg9ED+aIi54dbmuh3rlFz2hRnb9AgtkAfQI
         4Gp/KIsnN0+VMp0xxw/nJw3IPS1HIplUFFlTOJK3ixWB8B3vkXcQFfaJ5CpyrP2R8ye+
         Y1Bw==
X-Gm-Message-State: AOJu0Yx6z64Ja88QN0CrAFQ5FR3JdIiuPcfRjLIHgLPHtypF04+FKFTO
	KLQ2wc7qnxjT/iHcUUFpLRMl+F6wrOQmY82MW6KhdlavXE3zO5qM2ehATlB59o3EDVF7Rx0iJit
	Glw==
X-Google-Smtp-Source: 
 AGHT+IGwUeh3R66fQdhA9+GehJSHKHpxVELu+AiwXNl9uAO8pVVzXP1LD+WHAVUHsIgABaveFX8UT5GZaw==
X-Received: from pfbk26.prod.google.com
 ([2002:a05:6a00:b01a:b0:77f:5efe:2d71])
 (user=sagis job=prod-delivery.src-stubby-dispatcher) by
 2002:aa7:8895:0:b0:77f:449f:66b0
 with SMTP id d2e1a72fcca58-780fcee0494mr5488295b3a.32.1758821359006; Thu, 25
 Sep 2025 10:29:19 -0700 (PDT)
Date: Thu, 25 Sep 2025 10:28:40 -0700
In-Reply-To: <20250925172851.606193-1-sagis@google.com>
Precedence: bulk
X-Mailing-List: linux-kernel@vger.kernel.org
List-Id: <linux-kernel.vger.kernel.org>
List-Subscribe: <mailto:linux-kernel+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:linux-kernel+unsubscribe@vger.kernel.org>
Mime-Version: 1.0
References: <20250925172851.606193-1-sagis@google.com>
X-Mailer: git-send-email 2.51.0.536.g15c5d4f767-goog
Message-ID: <20250925172851.606193-13-sagis@google.com>
Subject: [PATCH v11 12/21] KVM: selftests: TDX: Use KVM_TDX_CAPABILITIES to
 validate TDs' attribute configuration
From: Sagi Shahar <sagis@google.com>
To: linux-kselftest@vger.kernel.org, Paolo Bonzini <pbonzini@redhat.com>,
	Shuah Khan <shuah@kernel.org>, Sean Christopherson <seanjc@google.com>,
	Ackerley Tng <ackerleytng@google.com>, Ryan Afranji <afranji@google.com>,
	Andrew Jones <ajones@ventanamicro.com>,
 Isaku Yamahata <isaku.yamahata@intel.com>,
	Erdem Aktas <erdemaktas@google.com>,
 Rick Edgecombe <rick.p.edgecombe@intel.com>,
	Sagi Shahar <sagis@google.com>, Roger Wang <runanwang@google.com>,
	Binbin Wu <binbin.wu@linux.intel.com>, Oliver Upton <oliver.upton@linux.dev>,
	"Pratik R. Sampat" <pratikrajesh.sampat@amd.com>,
 Reinette Chatre <reinette.chatre@intel.com>,
	Ira Weiny <ira.weiny@intel.com>, Chao Gao <chao.gao@intel.com>,
	Chenyi Qiang <chenyi.qiang@intel.com>
Cc: linux-kernel@vger.kernel.org, kvm@vger.kernel.org
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain; charset="utf-8"

From: Isaku Yamahata <isaku.yamahata@intel.com>

Make sure that all the attributes enabled by the test are reported as
supported by the TDX module.

This also exercises the KVM_TDX_CAPABILITIES ioctl.

Signed-off-by: Isaku Yamahata <isaku.yamahata@intel.com>
Co-developed-by: Sagi Shahar <sagis@google.com>
Signed-off-by: Sagi Shahar <sagis@google.com>
---
 tools/testing/selftests/kvm/lib/x86/tdx/tdx_util.c | 14 ++++++++++++++
 1 file changed, 14 insertions(+)

diff --git a/tools/testing/selftests/kvm/lib/x86/tdx/tdx_util.c b/tools/tes=
ting/selftests/kvm/lib/x86/tdx/tdx_util.c
index 7a622b4810b1..2551b3eac8f8 100644
--- a/tools/testing/selftests/kvm/lib/x86/tdx/tdx_util.c
+++ b/tools/testing/selftests/kvm/lib/x86/tdx/tdx_util.c
@@ -231,6 +231,18 @@ static void vm_tdx_filter_cpuid(struct kvm_vm *vm,
 	free(tdx_cap);
 }
=20
+static void tdx_check_attributes(struct kvm_vm *vm, uint64_t attributes)
+{
+	struct kvm_tdx_capabilities *tdx_cap;
+
+	tdx_cap =3D tdx_read_capabilities(vm);
+
+	/* Make sure all the attributes are reported as supported */
+	TEST_ASSERT_EQ(attributes & tdx_cap->supported_attrs, attributes);
+
+	free(tdx_cap);
+}
+
 void vm_tdx_init_vm(struct kvm_vm *vm, uint64_t attributes)
 {
 	struct kvm_tdx_init_vm *init_vm;
@@ -250,6 +262,8 @@ void vm_tdx_init_vm(struct kvm_vm *vm, uint64_t attribu=
tes)
 	memcpy(&init_vm->cpuid, cpuid, kvm_cpuid2_size(cpuid->nent));
 	free(cpuid);
=20
+	tdx_check_attributes(vm, attributes);
+
 	init_vm->attributes =3D attributes;
=20
 	vm_tdx_vm_ioctl(vm, KVM_TDX_INIT_VM, 0, init_vm);
--=20
2.51.0.536.g15c5d4f767-goog
From nobody Wed Oct  1 23:34:11 2025
Received: from mail-pf1-f201.google.com (mail-pf1-f201.google.com
 [209.85.210.201])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id 6544331D394
	for <linux-kernel@vger.kernel.org>; Thu, 25 Sep 2025 17:29:21 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org;
 arc=none smtp.client-ip=209.85.210.201
ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;
	t=1758821363; cv=none;
 b=dQ3joN56Ff8q0lDs0pms+sQebPwac6pcQu6dBbTjnoHLRDN0Fem5ikTdhREKNRZ+IRNhzrYd8/FKBsQNO67EuvHzmKVAtROcXTWcJDUz5WxXOmpJgLf3rTU3jUkiOSTz8cJk8zvjHs9+jOMKJAFzMPVeqAzmhnkSsfWSRu5WVxk=
ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org;
	s=arc-20240116; t=1758821363; c=relaxed/simple;
	bh=DUH9fjzyZeNaJk1vwhK4spw7UfiiPdlKPNLppXCGf6A=;
	h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From:
	 To:Cc:Content-Type;
 b=usIzqlXVriFRYpbT0zh8ifn1rzErli4oht9ZczLpxYILPfUzGI4vA4PbW+tVGhyiAI3DHxG6bjYj2U10ZXOIa8SYA9oEQafJ4voaFVJDJ1eWLXp14uoVlaHUBNaOa5qX0B8TCioIzsqB7faLzaYypXEC4YA4GTFCZt+aYcJ53yY=
ARC-Authentication-Results: i=1; smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com;
 spf=pass smtp.mailfrom=flex--sagis.bounces.google.com;
 dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b=dziUl5Tl; arc=none smtp.client-ip=209.85.210.201
Authentication-Results: smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com
Authentication-Results: smtp.subspace.kernel.org;
 spf=pass smtp.mailfrom=flex--sagis.bounces.google.com
Authentication-Results: smtp.subspace.kernel.org;
	dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b="dziUl5Tl"
Received: by mail-pf1-f201.google.com with SMTP id
 d2e1a72fcca58-76e2e60221fso1804418b3a.0
        for <linux-kernel@vger.kernel.org>;
 Thu, 25 Sep 2025 10:29:21 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=google.com; s=20230601; t=1758821361; x=1759426161;
 darn=vger.kernel.org;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:from:to:cc:subject:date:message-id:reply-to;
        bh=UwluHtdboHgFkjYLYoAoxhCM/ZvR3gc2caEP86bvb2g=;
        b=dziUl5Tl5bolv7VWhbzYosLweLmTfkb5PAd+ZiCzZqdttYHlGyU2OHjLWDrGxYqzNY
         /Xdpx84m2/KP6U3+BXuGRyNKEL8iDptuDE//c1M6d9xdOzjMO9EJscBnDIbgWfbm3szH
         i5QpjWpaKjryA3UTvyqrWxxXz5PEg1Eno55YBuIS6tSbrQy0fuTaCeIMvonCIg8rS+V4
         60ZQy1fE7i9upYH5pigfGMHnCRPV9XISxUuk8xgxEDSvpDKoKcCPA5msTHI5SnTvPTZp
         CJLQaSvux9LYvkr/FUXLjncI7cMm2e1ZNIMBb7EQ3yPAN4p+m947NJa4BYaOcLV0wWiE
         rUwQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1758821361; x=1759426161;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to;
        bh=UwluHtdboHgFkjYLYoAoxhCM/ZvR3gc2caEP86bvb2g=;
        b=NJ4I0woAL/PkkczhWe3ljM+4ILwC0PpdgdZoZl7PbJBUCJw5SJUv1USwc4LkuXVyEV
         BElDbVXWOwNjf3H4r3akRg8B2I+CcSkr/UhS+zCWA1pt0YEiGeDo2ey+3jP3FLiaLERO
         ZPN4ZDRFidky+X+WDynpP2sPBt4XfjtmypSdPwZ/eVmXD1mqZF2FOVD0xzjIjvQ0U+/b
         38KOhaHmOYTf/Fki/hWy80j9d1Mk4/KQ90aJ1xnPL2pJi72ljeX/QUNfWFHEbx8DgIQN
         MQH6nIA5n477bn6aqwrpmCMm3vyfMj0j9mHZhwMu3Y/lZxqHjCszCXA4bduz0PpAVQP4
         n8HA==
X-Gm-Message-State: AOJu0Yw44AhizXClizVDDzZrWtTkV631FEPVjAtyiPVbmXJM66C8CrZA
	BiOz22JX52A6KXg3kxgSzqKmRtYKSQfH3LGOHqTZC60gB86Lb8MteqJ8OzYiwc4Z+WqNDvlRS6W
	ELg==
X-Google-Smtp-Source: 
 AGHT+IG5bIjhoprp/h1DT6S8BYHcRFaJOqG+ix6N3YO2qGG59dz6qELsQRMpwnSKkFLz6xfS5/BegDK77g==
X-Received: from pfug20.prod.google.com ([2002:a05:6a00:794:b0:77f:3341:eef2])
 (user=sagis job=prod-delivery.src-stubby-dispatcher) by
 2002:a05:6a00:194f:b0:77d:2ca7:84be
 with SMTP id d2e1a72fcca58-780fcea2dd6mr4953965b3a.18.1758821360611; Thu, 25
 Sep 2025 10:29:20 -0700 (PDT)
Date: Thu, 25 Sep 2025 10:28:41 -0700
In-Reply-To: <20250925172851.606193-1-sagis@google.com>
Precedence: bulk
X-Mailing-List: linux-kernel@vger.kernel.org
List-Id: <linux-kernel.vger.kernel.org>
List-Subscribe: <mailto:linux-kernel+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:linux-kernel+unsubscribe@vger.kernel.org>
Mime-Version: 1.0
References: <20250925172851.606193-1-sagis@google.com>
X-Mailer: git-send-email 2.51.0.536.g15c5d4f767-goog
Message-ID: <20250925172851.606193-14-sagis@google.com>
Subject: [PATCH v11 13/21] KVM: selftests: Add helpers to init TDX memory and
 finalize VM
From: Sagi Shahar <sagis@google.com>
To: linux-kselftest@vger.kernel.org, Paolo Bonzini <pbonzini@redhat.com>,
	Shuah Khan <shuah@kernel.org>, Sean Christopherson <seanjc@google.com>,
	Ackerley Tng <ackerleytng@google.com>, Ryan Afranji <afranji@google.com>,
	Andrew Jones <ajones@ventanamicro.com>,
 Isaku Yamahata <isaku.yamahata@intel.com>,
	Erdem Aktas <erdemaktas@google.com>,
 Rick Edgecombe <rick.p.edgecombe@intel.com>,
	Sagi Shahar <sagis@google.com>, Roger Wang <runanwang@google.com>,
	Binbin Wu <binbin.wu@linux.intel.com>, Oliver Upton <oliver.upton@linux.dev>,
	"Pratik R. Sampat" <pratikrajesh.sampat@amd.com>,
 Reinette Chatre <reinette.chatre@intel.com>,
	Ira Weiny <ira.weiny@intel.com>, Chao Gao <chao.gao@intel.com>,
	Chenyi Qiang <chenyi.qiang@intel.com>
Cc: linux-kernel@vger.kernel.org, kvm@vger.kernel.org
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain; charset="utf-8"

From: Ackerley Tng <ackerleytng@google.com>

TDX protected memory needs to be measured and encrypted before it can be
used by the guest. Traverse the VM's memory regions and initialize all
the protected ranges by calling KVM_TDX_INIT_MEM_REGION.

Once all the memory is initialized, the VM can be finalized by calling
KVM_TDX_FINALIZE_VM.

Signed-off-by: Ackerley Tng <ackerleytng@google.com>
Co-developed-by: Erdem Aktas <erdemaktas@google.com>
Signed-off-by: Erdem Aktas <erdemaktas@google.com>
Co-developed-by: Sagi Shahar <sagis@google.com>
Signed-off-by: Sagi Shahar <sagis@google.com>
---
 .../selftests/kvm/include/x86/tdx/tdx_util.h  |  2 +
 .../selftests/kvm/lib/x86/tdx/tdx_util.c      | 58 +++++++++++++++++++
 2 files changed, 60 insertions(+)

diff --git a/tools/testing/selftests/kvm/include/x86/tdx/tdx_util.h b/tools=
/testing/selftests/kvm/include/x86/tdx/tdx_util.h
index a2509959c7ce..2467b6c35557 100644
--- a/tools/testing/selftests/kvm/include/x86/tdx/tdx_util.h
+++ b/tools/testing/selftests/kvm/include/x86/tdx/tdx_util.h
@@ -71,4 +71,6 @@ void vm_tdx_load_common_boot_parameters(struct kvm_vm *vm=
);
 void vm_tdx_load_vcpu_boot_parameters(struct kvm_vm *vm, struct kvm_vcpu *=
vcpu);
 void vm_tdx_set_vcpu_entry_point(struct kvm_vcpu *vcpu, void *guest_code);
=20
+void vm_tdx_finalize(struct kvm_vm *vm);
+
 #endif // SELFTESTS_TDX_TDX_UTIL_H
diff --git a/tools/testing/selftests/kvm/lib/x86/tdx/tdx_util.c b/tools/tes=
ting/selftests/kvm/lib/x86/tdx/tdx_util.c
index 2551b3eac8f8..53cfadeff8de 100644
--- a/tools/testing/selftests/kvm/lib/x86/tdx/tdx_util.c
+++ b/tools/testing/selftests/kvm/lib/x86/tdx/tdx_util.c
@@ -270,3 +270,61 @@ void vm_tdx_init_vm(struct kvm_vm *vm, uint64_t attrib=
utes)
=20
 	free(init_vm);
 }
+
+static void tdx_init_mem_region(struct kvm_vm *vm, void *source_pages,
+				uint64_t gpa, uint64_t size)
+{
+	uint32_t metadata =3D KVM_TDX_MEASURE_MEMORY_REGION;
+	struct kvm_tdx_init_mem_region mem_region =3D {
+		.source_addr =3D (uint64_t)source_pages,
+		.gpa =3D gpa,
+		.nr_pages =3D size / PAGE_SIZE,
+	};
+	struct kvm_vcpu *vcpu;
+
+	vcpu =3D list_first_entry_or_null(&vm->vcpus, struct kvm_vcpu, list);
+
+	TEST_ASSERT((mem_region.nr_pages > 0) &&
+		    ((mem_region.nr_pages * PAGE_SIZE) =3D=3D size),
+		    "Cannot add partial pages to the guest memory.\n");
+	TEST_ASSERT(((uint64_t)source_pages & (PAGE_SIZE - 1)) =3D=3D 0,
+		    "Source memory buffer is not page aligned\n");
+	vm_tdx_vcpu_ioctl(vcpu, KVM_TDX_INIT_MEM_REGION, metadata, &mem_region);
+}
+
+static void load_td_private_memory(struct kvm_vm *vm)
+{
+	struct userspace_mem_region *region;
+	int ctr;
+
+	hash_for_each(vm->regions.slot_hash, ctr, region, slot_node) {
+		const struct sparsebit *protected_pages =3D region->protected_phy_pages;
+		const vm_paddr_t gpa_base =3D region->region.guest_phys_addr;
+		const uint64_t hva_base =3D region->region.userspace_addr;
+		const sparsebit_idx_t lowest_page_in_region =3D gpa_base >> vm->page_shi=
ft;
+		sparsebit_idx_t i, j;
+
+		if (!sparsebit_any_set(protected_pages))
+			continue;
+
+		TEST_ASSERT(region->region.guest_memfd !=3D -1,
+			    "TD private memory must be backed by guest_memfd");
+
+		sparsebit_for_each_set_range(protected_pages, i, j) {
+			const uint64_t size_to_load =3D (j - i + 1) * vm->page_size;
+			const uint64_t offset =3D
+				(i - lowest_page_in_region) * vm->page_size;
+			const uint64_t hva =3D hva_base + offset;
+			const uint64_t gpa =3D gpa_base + offset;
+
+			vm_mem_set_private(vm, gpa, size_to_load);
+			tdx_init_mem_region(vm, (void *)hva, gpa, size_to_load);
+		}
+	}
+}
+
+void vm_tdx_finalize(struct kvm_vm *vm)
+{
+	load_td_private_memory(vm);
+	vm_tdx_vm_ioctl(vm, KVM_TDX_FINALIZE_VM, 0, NULL);
+}
--=20
2.51.0.536.g15c5d4f767-goog
From nobody Wed Oct  1 23:34:11 2025
Received: from mail-pj1-f73.google.com (mail-pj1-f73.google.com
 [209.85.216.73])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id D7BEB31354A
	for <linux-kernel@vger.kernel.org>; Thu, 25 Sep 2025 17:29:22 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org;
 arc=none smtp.client-ip=209.85.216.73
ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;
	t=1758821364; cv=none;
 b=NlIh8pj1W1GaPUyu611Cf6rvFmkEirB8Yx2qbT3WQWf731jWxPYt4vSJGH3TcpNwQFzr1Y5EP0iQerpJA9cVfBpQR4bx9pC5boP/wK4wwhoLvFm7Bv1y8fGhbVXO4iJrKuf1AjoeRUH4W3ukLBJuvALCozoxs3tEEE/rHt1X6iY=
ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org;
	s=arc-20240116; t=1758821364; c=relaxed/simple;
	bh=zHc45FNunudgpxBR4JWuEiZa0w9yuYjewmkAKB9HjsY=;
	h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From:
	 To:Cc:Content-Type;
 b=I73t1vxVaBULHGVkQgvMRsuvU8vAa/fL0I2SJ6QUakK9E53D3xknrKGZP/0f3kNLYiJg5yXGFGYvCl/O7H5zmBaiHHXJ7HYvTo/DvBA7Yf57C2+rp7du+W4Nbu1MSfEnz3SBjHqSZ31LbZLTcl/7ZUj5VJ/yzT11cAPqYPeywBY=
ARC-Authentication-Results: i=1; smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com;
 spf=pass smtp.mailfrom=flex--sagis.bounces.google.com;
 dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b=FVnR4uT8; arc=none smtp.client-ip=209.85.216.73
Authentication-Results: smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com
Authentication-Results: smtp.subspace.kernel.org;
 spf=pass smtp.mailfrom=flex--sagis.bounces.google.com
Authentication-Results: smtp.subspace.kernel.org;
	dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b="FVnR4uT8"
Received: by mail-pj1-f73.google.com with SMTP id
 98e67ed59e1d1-335276a711cso188792a91.2
        for <linux-kernel@vger.kernel.org>;
 Thu, 25 Sep 2025 10:29:22 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=google.com; s=20230601; t=1758821362; x=1759426162;
 darn=vger.kernel.org;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:from:to:cc:subject:date:message-id:reply-to;
        bh=5cDfoEeJQNzVJqyItlC9ynzGaEr3okFQ1wEjDJ/9WZc=;
        b=FVnR4uT8FWWcn7eZ6eEsRPeYqtWpdH1gzgaA3ex1yC0Nt9Q0xdTL6XFkdwoVs5brMG
         oneohsu3L8tz50JWFpGCYrdA2qf+ODixy+rm4sjt++4dHOKqt+5IFIGcNWO4V1sull9f
         cpCKhujK8GuqLKyO+rUMvmyULwkfRNOeXR9n7H6j09wyA2s0Vs+PKQfqdIUmU0g8le+Z
         uo9p3akKLtqMZsRHGkS2OjvrTbS/HDqkSZT4GQ/RATwyObGg3o+nNWnJ+MXZE58J8oZT
         NAUwBT1GMBLlIyQnVPVm535TVSuzeTLr9Bx4XgA0z0NBMj2NeIqpuX3InWPA+skTdUFV
         OilA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1758821362; x=1759426162;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to;
        bh=5cDfoEeJQNzVJqyItlC9ynzGaEr3okFQ1wEjDJ/9WZc=;
        b=ri5MTYCR8ONaKQEth/kfbbmzWNgP+ylVNDC4WcQEMDhkdwaX5inI2/NEKLrspMSXXx
         XA3dBSNJ+lcIaZRuT2pf1VhUZTmPtUAQOftH/qxx4nTHsQqLX8Ugz3u2bgPEtVp3Nzyx
         j2yK7g1QcZGwS23GC1hWAAKPex9l+zMT4V7GtDCbdvKMkZk7UiKwFeKeJ9kBsjNBVK04
         KkjnvX+TnFF0WUgJRBLwqpdWFkLgp6D99G8FSE3+LtR9B63xxZpti3DxzarcQkuaNjWi
         q+sqASG/RRxAN7cA1AoCZ+ch+LpJzCYq0nbVUptk+SXvPKiPtuOxl2ggYgcg35PYvYTs
         tAWw==
X-Gm-Message-State: AOJu0Yxu/zylMw00Qpt+DzFts49BMoy8Y7SXliOM3mXIkM//dvsbSZK4
	mvvSYuMqBxXzT/cDidlnyyR/W6pT3JpUwOEkEpNyPW3so9x8QXbnWlFomKabAo8WIJ7e6sj7HIa
	RPw==
X-Google-Smtp-Source: 
 AGHT+IFiX5yq/423ZwdRIOB/VoKEpIBcTMitBDLAXUyebQio6K4Ks9LdhVWtAAfHLvX8WQ69wO2GK0ei+Q==
X-Received: from pjbqo15.prod.google.com
 ([2002:a17:90b:3dcf:b0:332:a4e1:42ec])
 (user=sagis job=prod-delivery.src-stubby-dispatcher) by
 2002:a17:90b:1a8b:b0:32e:38b0:1600
 with SMTP id 98e67ed59e1d1-3342a22d164mr4911146a91.6.1758821362103; Thu, 25
 Sep 2025 10:29:22 -0700 (PDT)
Date: Thu, 25 Sep 2025 10:28:42 -0700
In-Reply-To: <20250925172851.606193-1-sagis@google.com>
Precedence: bulk
X-Mailing-List: linux-kernel@vger.kernel.org
List-Id: <linux-kernel.vger.kernel.org>
List-Subscribe: <mailto:linux-kernel+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:linux-kernel+unsubscribe@vger.kernel.org>
Mime-Version: 1.0
References: <20250925172851.606193-1-sagis@google.com>
X-Mailer: git-send-email 2.51.0.536.g15c5d4f767-goog
Message-ID: <20250925172851.606193-15-sagis@google.com>
Subject: [PATCH v11 14/21] KVM: selftests: Call TDX init when creating a new
 TDX vm
From: Sagi Shahar <sagis@google.com>
To: linux-kselftest@vger.kernel.org, Paolo Bonzini <pbonzini@redhat.com>,
	Shuah Khan <shuah@kernel.org>, Sean Christopherson <seanjc@google.com>,
	Ackerley Tng <ackerleytng@google.com>, Ryan Afranji <afranji@google.com>,
	Andrew Jones <ajones@ventanamicro.com>,
 Isaku Yamahata <isaku.yamahata@intel.com>,
	Erdem Aktas <erdemaktas@google.com>,
 Rick Edgecombe <rick.p.edgecombe@intel.com>,
	Sagi Shahar <sagis@google.com>, Roger Wang <runanwang@google.com>,
	Binbin Wu <binbin.wu@linux.intel.com>, Oliver Upton <oliver.upton@linux.dev>,
	"Pratik R. Sampat" <pratikrajesh.sampat@amd.com>,
 Reinette Chatre <reinette.chatre@intel.com>,
	Ira Weiny <ira.weiny@intel.com>, Chao Gao <chao.gao@intel.com>,
	Chenyi Qiang <chenyi.qiang@intel.com>
Cc: linux-kernel@vger.kernel.org, kvm@vger.kernel.org
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain; charset="utf-8"

TDX VMs need to issue the KVM_TDX_INIT_VM ioctl after VM creation to
initialize the TD. This ioctl also sets the cpuids and attributes for
the VM.

At this point we can also set the common boot parameters such as CR3,
CR4, etc. These parameters will get copied to the relevant registers by
the TD boot code trampoline.

Signed-off-by: Sagi Shahar <sagis@google.com>

---------------------------------------------

Changes from v10:
 * The call to vm_tdx_load_common_boot_parameters() was accidently
   dropped as part of the refactor from v9 to v10. I re-added it here.
---
 tools/testing/selftests/kvm/lib/x86/processor.c | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/tools/testing/selftests/kvm/lib/x86/processor.c b/tools/testin=
g/selftests/kvm/lib/x86/processor.c
index 623168ea9a44..63b751253d1b 100644
--- a/tools/testing/selftests/kvm/lib/x86/processor.c
+++ b/tools/testing/selftests/kvm/lib/x86/processor.c
@@ -641,6 +641,11 @@ void kvm_arch_vm_post_create(struct kvm_vm *vm)
 		vm_sev_ioctl(vm, KVM_SEV_INIT2, &init);
 	}
=20
+	if (is_tdx_vm(vm)) {
+		vm_tdx_init_vm(vm, 0);
+		vm_tdx_load_common_boot_parameters(vm);
+	}
+
 	r =3D __vm_ioctl(vm, KVM_GET_TSC_KHZ, NULL);
 	TEST_ASSERT(r > 0, "KVM_GET_TSC_KHZ did not provide a valid TSC frequency=
.");
 	guest_tsc_khz =3D r;
--=20
2.51.0.536.g15c5d4f767-goog
From nobody Wed Oct  1 23:34:11 2025
Received: from mail-pj1-f73.google.com (mail-pj1-f73.google.com
 [209.85.216.73])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id 79E7C31E0FB
	for <linux-kernel@vger.kernel.org>; Thu, 25 Sep 2025 17:29:24 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org;
 arc=none smtp.client-ip=209.85.216.73
ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;
	t=1758821367; cv=none;
 b=tmuWfQAnK2TAO4G49DiWVYFb5rmJv1qLskMP34F0V7a3qQ2ofvyQGQh1oXHCAkhniCKVwC764Wotjnr/3S1t0ZQ++9c/k8j2tAKfIfYqd1vKCypr8hS11moG7di2Gly1AP5PFyFuYFVXiDbT/u2jOXRWTrzeeMZvaEfpHel8WRc=
ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org;
	s=arc-20240116; t=1758821367; c=relaxed/simple;
	bh=N5r2pH7Jwn+UxzmPgmfntcD0GoTvHLPDa8gfUCDrUac=;
	h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From:
	 To:Cc:Content-Type;
 b=PmbPuNUEo5t2sdhWiXapfmSzOWrJniXU6FuTDGth0ZGt97LkHsKYNdeOs3gaYbw5Z6cPT3ZWcDWksb+4UKno+vayyGaimlilpsFBT1NvZLoinz472ll0l7+mxLUvG6JEywW0CsFwo5IUVwIeRmpwZhGVcMa3M3beMUd+9nRR5nA=
ARC-Authentication-Results: i=1; smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com;
 spf=pass smtp.mailfrom=flex--sagis.bounces.google.com;
 dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b=kiPEiI36; arc=none smtp.client-ip=209.85.216.73
Authentication-Results: smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com
Authentication-Results: smtp.subspace.kernel.org;
 spf=pass smtp.mailfrom=flex--sagis.bounces.google.com
Authentication-Results: smtp.subspace.kernel.org;
	dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b="kiPEiI36"
Received: by mail-pj1-f73.google.com with SMTP id
 98e67ed59e1d1-32eb864fe90so1671864a91.3
        for <linux-kernel@vger.kernel.org>;
 Thu, 25 Sep 2025 10:29:24 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=google.com; s=20230601; t=1758821364; x=1759426164;
 darn=vger.kernel.org;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:from:to:cc:subject:date:message-id:reply-to;
        bh=TyCKgWtQwcGiOpMFoEKR3neFUGnY7KbKUl9IgIuxfzM=;
        b=kiPEiI36knB8QTJ3KHIYCWiPvvsocQ5DEHDaXsm/x1eDDfhaOGfeoGdpa1kUx8uVso
         qgQj6Lo/q7NG4Ozh4G3ArfTAZiwByd87LlUzsb0P3ZOPXCxyyi6O0sZd70S/AaVjr4pg
         wNIOSERXGWbRpbZaaO1LSAv1aSFK4rIck/ErEXO1Lm1iTuryL8+N7JKVQVJXHqPRtMyG
         Kq+HOxeC6HXQ0nM41yy6UqlUVE4lPa/oeZVxQ4udJ6QsRNm+RU32VmA+CoNdWyXX3WrQ
         mjF4ueVfSY8xqKTdiZgipl/e3x/LIiR2g61iDBHFc2QF7oLyI3mfnOJMr0SHlWl3Xbu9
         +b1w==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1758821364; x=1759426164;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to;
        bh=TyCKgWtQwcGiOpMFoEKR3neFUGnY7KbKUl9IgIuxfzM=;
        b=vYDnXQmrmFdWZFTgOfCwgm6LXoaM3+ZgAtODupQCSeV70sUjnliVhQPJtDQ/26M0dB
         NLvotDYBMBEAz07br/xHUD+IhL+IZ5AEUp6dgRhlTlufGo5niuaEA2Bt3C/qCwIlffm7
         jX8G5ypP5jtEJmoLyxLf/+qQDJrTvq4bGKaZZ11l9HFrvN9C5Vgio8YZjb/ePac8oRuY
         kjNYewsZwhoM3nn2mHKQHFKqMcBEAo+JWSM6lqNUo7Myk4pw2ijwuC3Ojb2cT5TYUsak
         8BU5ww61770X2n8v+hwSX6AnzDjI5nF/nHYT8/VL2zwUu58BXnDrhpfjpFQZVgmDz5Wp
         lLSQ==
X-Gm-Message-State: AOJu0YxSTMK/8E81mXDa2ZdJpVyyt9DzvkX0jQSxfSHp5DORJ39nGRDF
	gIlcfUyJMlaTDFCvpS+oG0wKQ3GGhcUbNCz9r4Ch+OOjTZaJkteMtFHPJ1oUUPSuur71dQXwLVa
	KWw==
X-Google-Smtp-Source: 
 AGHT+IGtkbqPWYz7tRWeWPbzX217uH2zZdaR1bIpo6u/9uGJ75IYJo3XP4QrWpILMFrCsKY1/OpEkVcpXw==
X-Received: from pjbon17.prod.google.com
 ([2002:a17:90b:1d11:b0:32e:e06a:4668])
 (user=sagis job=prod-delivery.src-stubby-dispatcher) by
 2002:a17:90b:1e05:b0:330:6d2f:1b53
 with SMTP id 98e67ed59e1d1-3342a2e3f06mr4714551a91.35.1758821363780; Thu, 25
 Sep 2025 10:29:23 -0700 (PDT)
Date: Thu, 25 Sep 2025 10:28:43 -0700
In-Reply-To: <20250925172851.606193-1-sagis@google.com>
Precedence: bulk
X-Mailing-List: linux-kernel@vger.kernel.org
List-Id: <linux-kernel.vger.kernel.org>
List-Subscribe: <mailto:linux-kernel+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:linux-kernel+unsubscribe@vger.kernel.org>
Mime-Version: 1.0
References: <20250925172851.606193-1-sagis@google.com>
X-Mailer: git-send-email 2.51.0.536.g15c5d4f767-goog
Message-ID: <20250925172851.606193-16-sagis@google.com>
Subject: [PATCH v11 15/21] KVM: selftests: Setup memory regions for TDX on vm
 creation
From: Sagi Shahar <sagis@google.com>
To: linux-kselftest@vger.kernel.org, Paolo Bonzini <pbonzini@redhat.com>,
	Shuah Khan <shuah@kernel.org>, Sean Christopherson <seanjc@google.com>,
	Ackerley Tng <ackerleytng@google.com>, Ryan Afranji <afranji@google.com>,
	Andrew Jones <ajones@ventanamicro.com>,
 Isaku Yamahata <isaku.yamahata@intel.com>,
	Erdem Aktas <erdemaktas@google.com>,
 Rick Edgecombe <rick.p.edgecombe@intel.com>,
	Sagi Shahar <sagis@google.com>, Roger Wang <runanwang@google.com>,
	Binbin Wu <binbin.wu@linux.intel.com>, Oliver Upton <oliver.upton@linux.dev>,
	"Pratik R. Sampat" <pratikrajesh.sampat@amd.com>,
 Reinette Chatre <reinette.chatre@intel.com>,
	Ira Weiny <ira.weiny@intel.com>, Chao Gao <chao.gao@intel.com>,
	Chenyi Qiang <chenyi.qiang@intel.com>
Cc: linux-kernel@vger.kernel.org, kvm@vger.kernel.org
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain; charset="utf-8"

Guest registers are inaccessible to kvm for TDX VMs. In order to set
register values for TDX we use a special boot code which loads the
register values from memory and write them into the appropriate
registers.

This patch sets up the memory regions used for the boot code and the
boot parameters for TDX.

Signed-off-by: Sagi Shahar <sagis@google.com>
---
 tools/testing/selftests/kvm/lib/kvm_util.c | 9 ++++++++-
 1 file changed, 8 insertions(+), 1 deletion(-)

diff --git a/tools/testing/selftests/kvm/lib/kvm_util.c b/tools/testing/sel=
ftests/kvm/lib/kvm_util.c
index b4c8702ba4bd..d8a944b5ada3 100644
--- a/tools/testing/selftests/kvm/lib/kvm_util.c
+++ b/tools/testing/selftests/kvm/lib/kvm_util.c
@@ -4,6 +4,7 @@
  *
  * Copyright (C) 2018, Google LLC.
  */
+#include "tdx/tdx_util.h"
 #include "test_util.h"
 #include "kvm_util.h"
 #include "processor.h"
@@ -465,7 +466,7 @@ void kvm_set_files_rlimit(uint32_t nr_vcpus)
 static bool is_guest_memfd_required(struct vm_shape shape)
 {
 #ifdef __x86_64__
-	return shape.type =3D=3D KVM_X86_SNP_VM;
+	return (shape.type =3D=3D KVM_X86_SNP_VM || shape.type =3D=3D KVM_X86_TDX=
_VM);
 #else
 	return false;
 #endif
@@ -499,6 +500,12 @@ struct kvm_vm *__vm_create(struct vm_shape shape, uint=
32_t nr_runnable_vcpus,
 	for (i =3D 0; i < NR_MEM_REGIONS; i++)
 		vm->memslots[i] =3D 0;
=20
+	if (is_tdx_vm(vm)) {
+		/* Setup additional mem regions for TDX. */
+		vm_tdx_setup_boot_code_region(vm);
+		vm_tdx_setup_boot_parameters_region(vm, nr_runnable_vcpus);
+	}
+
 	kvm_vm_elf_load(vm, program_invocation_name);
=20
 	/*
--=20
2.51.0.536.g15c5d4f767-goog
From nobody Wed Oct  1 23:34:11 2025
Received: from mail-pj1-f73.google.com (mail-pj1-f73.google.com
 [209.85.216.73])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id DC1F631BCB5
	for <linux-kernel@vger.kernel.org>; Thu, 25 Sep 2025 17:29:25 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org;
 arc=none smtp.client-ip=209.85.216.73
ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;
	t=1758821367; cv=none;
 b=JiJsegTj2Ce/ozuD/SR162gIZpa6p18Wb/CIxMdtpZrlSpBBinjWkCK3Gx0eptpevi9PTw0A9b0xjveTn/jOe9ETx2z75FvOsXb7s+NZdtv7JmOvNpRbe0y+GghPCOeHxf9Xv/YQbfhIwWetfe0h8J99pecdcm5qeLCaX5CATjk=
ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org;
	s=arc-20240116; t=1758821367; c=relaxed/simple;
	bh=rY4Ycxq8QNFfTlKpgKYsuMxxweY8g7PDper3LW3OHIM=;
	h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From:
	 To:Cc:Content-Type;
 b=Jry04bMl3xVQeJzQDvpOTrQkvOjnMMVm8rw/jR9bJ6d0CamoyrpBMjaLcOAgxSZiDxg0NwGpL7bxwLCh3uVKd8TRI9hxXOtfocv417Oa6BD6YxTJziX2ALetjiTF422dSN+eTGJnoUpkoSDMvK8UsxTCbcuJ8MFSy/ab9g3JDpI=
ARC-Authentication-Results: i=1; smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com;
 spf=pass smtp.mailfrom=flex--sagis.bounces.google.com;
 dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b=PjrKtQUa; arc=none smtp.client-ip=209.85.216.73
Authentication-Results: smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com
Authentication-Results: smtp.subspace.kernel.org;
 spf=pass smtp.mailfrom=flex--sagis.bounces.google.com
Authentication-Results: smtp.subspace.kernel.org;
	dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b="PjrKtQUa"
Received: by mail-pj1-f73.google.com with SMTP id
 98e67ed59e1d1-32eb864fe90so1671897a91.3
        for <linux-kernel@vger.kernel.org>;
 Thu, 25 Sep 2025 10:29:25 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=google.com; s=20230601; t=1758821365; x=1759426165;
 darn=vger.kernel.org;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:from:to:cc:subject:date:message-id:reply-to;
        bh=+Va1zA5ixIcyoN0vd3aUHA8j5zm7YdEz/wv0z/nEjSI=;
        b=PjrKtQUasguwa1WvXPLxu4Wc1i5O3pTuPDGhbO4bw4wXERkIsW9sC9VqTa8ocy9nWa
         J7b8uzlpcWXNidm/v/H2ZCwzuNhr1sRRaaWur2HJ/j4S6hTM+hiludjA/AiMgp29Tfc1
         bin52bNvbwlkjEpDfnz7txRbIf3VJOHhS5x1Rn8jmyFKmN4X8Z+mgnUrJ9vBhRhBjv3z
         J+UFQzu4oRzjf0jhHA0B+bYmOYnurbx7WSIQEkh9TDvS4wWoqpMLA2uTU6K9gWqb+sx6
         4qZv17FVoMqLFT/zIcsGzPIJ9mudQppHoLNm4gjXo7ea/Y2jWrdKozjpQacYKgxkFlRh
         WG2A==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1758821365; x=1759426165;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to;
        bh=+Va1zA5ixIcyoN0vd3aUHA8j5zm7YdEz/wv0z/nEjSI=;
        b=CPFbrm9w29dDTKy3+Orwuat5nHTRNvL1t0Q7IaN/iqxL4mgGENGDSa9p5keI52g8hg
         ZMWovL7/4rEDaZBVZoT/aUJ7iAEqFpCI2Ew2CXiMbUA1Re6SqUTRETGbTEI8/T8+NrES
         Y82kNV12mlBrar9ocyw1oIU0qljzrPOLGySHeJNELK8ZCgHcgy7ozwn5o8yba4ImVLN8
         P0c3RBlnx8ue+g20w8x+LZCP1f0di23R0cllTf1j48CcmKq2rDPSZUxO/GB4eDZLGj4N
         5Y/q3aWwQEXhVZ1NJ/5/ei2l7ya20ToIML60ccZ03gc32e1Uz7pbINh7OmoaOyPsJBZ0
         ULNA==
X-Gm-Message-State: AOJu0YyRHMkl2wxUjwiG7MrURgslIxzIJgvoE3LVWQuyCJBLS/jCq7A9
	QCGSgLSgDz5S2NLHTQ47he7w0Im5oRzkDZB1fBjXyWWryn2O657Ke6gnk6oJyy+yYRCFzy9CuZS
	ypA==
X-Google-Smtp-Source: 
 AGHT+IGO+kzY6zrc5L2YijkKRhK8hVWCvgdGtGL5epGOc/asjJqUyFVd0BNC8oxEFQsxsY1921qPWa7JOQ==
X-Received: from pjbhl7.prod.google.com ([2002:a17:90b:1347:b0:32e:d644:b829])
 (user=sagis job=prod-delivery.src-stubby-dispatcher) by
 2002:a17:90b:5343:b0:32d:17ce:49d5
 with SMTP id 98e67ed59e1d1-3342a2b08bcmr4282494a91.23.1758821365169; Thu, 25
 Sep 2025 10:29:25 -0700 (PDT)
Date: Thu, 25 Sep 2025 10:28:44 -0700
In-Reply-To: <20250925172851.606193-1-sagis@google.com>
Precedence: bulk
X-Mailing-List: linux-kernel@vger.kernel.org
List-Id: <linux-kernel.vger.kernel.org>
List-Subscribe: <mailto:linux-kernel+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:linux-kernel+unsubscribe@vger.kernel.org>
Mime-Version: 1.0
References: <20250925172851.606193-1-sagis@google.com>
X-Mailer: git-send-email 2.51.0.536.g15c5d4f767-goog
Message-ID: <20250925172851.606193-17-sagis@google.com>
Subject: [PATCH v11 16/21] KVM: selftests: Call KVM_TDX_INIT_VCPU when
 creating a new TDX vcpu
From: Sagi Shahar <sagis@google.com>
To: linux-kselftest@vger.kernel.org, Paolo Bonzini <pbonzini@redhat.com>,
	Shuah Khan <shuah@kernel.org>, Sean Christopherson <seanjc@google.com>,
	Ackerley Tng <ackerleytng@google.com>, Ryan Afranji <afranji@google.com>,
	Andrew Jones <ajones@ventanamicro.com>,
 Isaku Yamahata <isaku.yamahata@intel.com>,
	Erdem Aktas <erdemaktas@google.com>,
 Rick Edgecombe <rick.p.edgecombe@intel.com>,
	Sagi Shahar <sagis@google.com>, Roger Wang <runanwang@google.com>,
	Binbin Wu <binbin.wu@linux.intel.com>, Oliver Upton <oliver.upton@linux.dev>,
	"Pratik R. Sampat" <pratikrajesh.sampat@amd.com>,
 Reinette Chatre <reinette.chatre@intel.com>,
	Ira Weiny <ira.weiny@intel.com>, Chao Gao <chao.gao@intel.com>,
	Chenyi Qiang <chenyi.qiang@intel.com>
Cc: linux-kernel@vger.kernel.org, kvm@vger.kernel.org
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain; charset="utf-8"

TDX VMs need to issue the KVM_TDX_INIT_VCPU ioctl for each vcpu after
vcpu creation.

Since the cpuids for TD are managed by the TDX module, read the values
virtualized for the TD using KVM_TDX_GET_CPUID and set them in kvm using
KVM_SET_CPUID2 so that kvm has an accurate view of the VM cpuid values.

Signed-off-by: Sagi Shahar <sagis@google.com>
---
 .../testing/selftests/kvm/lib/x86/processor.c | 35 ++++++++++++++-----
 1 file changed, 27 insertions(+), 8 deletions(-)

diff --git a/tools/testing/selftests/kvm/lib/x86/processor.c b/tools/testin=
g/selftests/kvm/lib/x86/processor.c
index 63b751253d1b..f7ddea3b2044 100644
--- a/tools/testing/selftests/kvm/lib/x86/processor.c
+++ b/tools/testing/selftests/kvm/lib/x86/processor.c
@@ -687,6 +687,19 @@ vm_vaddr_t kvm_allocate_vcpu_stack(struct kvm_vm *vm)
 	return stack_vaddr;
 }
=20
+static void vm_tdx_vcpu_add(struct kvm_vm *vm, struct kvm_vcpu *vcpu)
+{
+	struct kvm_cpuid2 *cpuid;
+
+	cpuid =3D allocate_kvm_cpuid2(MAX_NR_CPUID_ENTRIES);
+	vm_tdx_vcpu_ioctl(vcpu, KVM_TDX_GET_CPUID, 0, cpuid);
+	vcpu_init_cpuid(vcpu, cpuid);
+	free(cpuid);
+	vm_tdx_vcpu_ioctl(vcpu, KVM_TDX_INIT_VCPU, 0, NULL);
+
+	vm_tdx_load_vcpu_boot_parameters(vm, vcpu);
+}
+
 struct kvm_vcpu *vm_arch_vcpu_add(struct kvm_vm *vm, uint32_t vcpu_id)
 {
 	struct kvm_mp_state mp_state;
@@ -694,15 +707,21 @@ struct kvm_vcpu *vm_arch_vcpu_add(struct kvm_vm *vm, =
uint32_t vcpu_id)
 	struct kvm_vcpu *vcpu;
=20
 	vcpu =3D __vm_vcpu_add(vm, vcpu_id);
-	vcpu_init_cpuid(vcpu, kvm_get_supported_cpuid());
-	vcpu_init_sregs(vm, vcpu);
-	vcpu_init_xcrs(vm, vcpu);
=20
-	/* Setup guest general purpose registers */
-	vcpu_regs_get(vcpu, &regs);
-	regs.rflags =3D regs.rflags | 0x2;
-	regs.rsp =3D kvm_allocate_vcpu_stack(vm);
-	vcpu_regs_set(vcpu, &regs);
+	if (is_tdx_vm(vm)) {
+		vm_tdx_vcpu_add(vm, vcpu);
+	} else {
+		vcpu_init_cpuid(vcpu, kvm_get_supported_cpuid());
+
+		vcpu_init_sregs(vm, vcpu);
+		vcpu_init_xcrs(vm, vcpu);
+
+		/* Setup guest general purpose registers */
+		vcpu_regs_get(vcpu, &regs);
+		regs.rflags =3D regs.rflags | 0x2;
+		regs.rsp =3D kvm_allocate_vcpu_stack(vm);
+		vcpu_regs_set(vcpu, &regs);
+	}
=20
 	/* Setup the MP state */
 	mp_state.mp_state =3D 0;
--=20
2.51.0.536.g15c5d4f767-goog
From nobody Wed Oct  1 23:34:11 2025
Received: from mail-pg1-f201.google.com (mail-pg1-f201.google.com
 [209.85.215.201])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id 89B7031FEFA
	for <linux-kernel@vger.kernel.org>; Thu, 25 Sep 2025 17:29:27 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org;
 arc=none smtp.client-ip=209.85.215.201
ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;
	t=1758821369; cv=none;
 b=LXJQ6S5Z1HlYfJyR/i7zusoImVBwAEslcgev/NryGv4XYgaO4u7Xt4QbLNof/tJm93pB1feIuiubzH0H7sSNjTiLi3iigPZLgrZJ+J7ZgymP0TlxI5dgrTJ/GQPE2d9+FTK5g5QwAJy9WZO2bBmEIUuOjBlyC+QtNSNpgOwyi4Y=
ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org;
	s=arc-20240116; t=1758821369; c=relaxed/simple;
	bh=dYFvkv/kP46uEh3pmF+KAf5FeYo5k2Exf5A9E/UqiwU=;
	h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From:
	 To:Cc:Content-Type;
 b=PX6A6/G/XBGIOEnBqZDkMDOGNZavDMW8SUCc3Q9IPrqg+WIHlXcXxml2g8VfrFWpx9hP29omI38+vYmQgbqa+7mveMLrPxoyqWSb2Z+QaVCRRM/XMdRokC00W4NW5hDfypXzjuI7z+QP0ps0eqVq/BYXfhKDRWln1yGj4vuO0tI=
ARC-Authentication-Results: i=1; smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com;
 spf=pass smtp.mailfrom=flex--sagis.bounces.google.com;
 dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b=xYlFAF1e; arc=none smtp.client-ip=209.85.215.201
Authentication-Results: smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com
Authentication-Results: smtp.subspace.kernel.org;
 spf=pass smtp.mailfrom=flex--sagis.bounces.google.com
Authentication-Results: smtp.subspace.kernel.org;
	dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b="xYlFAF1e"
Received: by mail-pg1-f201.google.com with SMTP id
 41be03b00d2f7-b522037281bso852688a12.3
        for <linux-kernel@vger.kernel.org>;
 Thu, 25 Sep 2025 10:29:27 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=google.com; s=20230601; t=1758821367; x=1759426167;
 darn=vger.kernel.org;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:from:to:cc:subject:date:message-id:reply-to;
        bh=oGebHjn44dF8SnIsKkF6tQFy+O1wwz15ARCChz5z1aE=;
        b=xYlFAF1eKYNDHnHf7vyZkzEzvlJzL4NjoveILHWrOthxFmg747NFr1BwYKpnB6UVk6
         wOhPfa1Y7TDbTcwInCOWCse4AX26K46qmI1HcCVU/c9R5Bkx12XQW5erjTH+8yvxVXo/
         BLvA51wGBx1vQLRAd4rS4dYSlAXThDEejJMKT2M+keeKYI1lxiWS0NHZqDbFWXjyX74p
         AZXEAgA/Qg/1EMhpiItZ4dOSxL9A4vrP6YpapY3VzPE9iY+26E87SbgDp8FAScL2n1AO
         T11CV50ze40JXl5PWMrqB1EF/8F5g6hiKhrqlGF8QXIv+uE/6QKB9mxCHxErp58XITta
         FsBg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1758821367; x=1759426167;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to;
        bh=oGebHjn44dF8SnIsKkF6tQFy+O1wwz15ARCChz5z1aE=;
        b=vsSF+iki1Oxg6Wpcpylv3UMnL2fOIEh9zRlh5tsnFyBY76yybeCMnR2pCvpzjhuACC
         ZeMvtOM9z+lvEhCl9kxE/Zb2B6oasz+u+QJvCZVKktjli0Kq5fAokU2Pvv3s6lU2aDuM
         /efCMt+Q7hkYgMJJfy3srM54/XBUWdVl6lX1TRXoKeEUEHVXRvZX6h12VM4m4B9GI2+b
         Fj9TxQgnmStT4idVysrxZi2ZGZFMffD5DJdynfcM19b/efhrqaG7Hw/B4/AqMH9MUUCY
         sA5PqGu+w9haBQzPdr2vNCgjKPj3VzI9qksNj7XX7+KFlQZzPjEdUe2L0ci0NSxg/zE3
         eISg==
X-Gm-Message-State: AOJu0Ywl2Y6nHbMlFj+eJQkXiBgpkS6qesccuNePSQkkgPgVDBJEscvw
	fIDDFsU6hxssACD1XHlvaZQ2aXmUJZULKEzZaEehzaQaStM5+EH2mxSuP4HposaNeXyKIpywB34
	Q4A==
X-Google-Smtp-Source: 
 AGHT+IFQmB0Qc6Pt6BHOi6WxFN9Xk84xHXHc9lPe2+pu/qXW/7V7Q0SpznZQK+4Toe8YWlsRbTCyi3+w/w==
X-Received: from pjbgg20.prod.google.com ([2002:a17:90b:a14:b0:32e:8ff7:495])
 (user=sagis job=prod-delivery.src-stubby-dispatcher) by
 2002:a17:90b:3901:b0:327:b2a1:2964
 with SMTP id 98e67ed59e1d1-3342a26119amr5380780a91.15.1758821366694; Thu, 25
 Sep 2025 10:29:26 -0700 (PDT)
Date: Thu, 25 Sep 2025 10:28:45 -0700
In-Reply-To: <20250925172851.606193-1-sagis@google.com>
Precedence: bulk
X-Mailing-List: linux-kernel@vger.kernel.org
List-Id: <linux-kernel.vger.kernel.org>
List-Subscribe: <mailto:linux-kernel+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:linux-kernel+unsubscribe@vger.kernel.org>
Mime-Version: 1.0
References: <20250925172851.606193-1-sagis@google.com>
X-Mailer: git-send-email 2.51.0.536.g15c5d4f767-goog
Message-ID: <20250925172851.606193-18-sagis@google.com>
Subject: [PATCH v11 17/21] KVM: selftests: Set entry point for TDX guest code
From: Sagi Shahar <sagis@google.com>
To: linux-kselftest@vger.kernel.org, Paolo Bonzini <pbonzini@redhat.com>,
	Shuah Khan <shuah@kernel.org>, Sean Christopherson <seanjc@google.com>,
	Ackerley Tng <ackerleytng@google.com>, Ryan Afranji <afranji@google.com>,
	Andrew Jones <ajones@ventanamicro.com>,
 Isaku Yamahata <isaku.yamahata@intel.com>,
	Erdem Aktas <erdemaktas@google.com>,
 Rick Edgecombe <rick.p.edgecombe@intel.com>,
	Sagi Shahar <sagis@google.com>, Roger Wang <runanwang@google.com>,
	Binbin Wu <binbin.wu@linux.intel.com>, Oliver Upton <oliver.upton@linux.dev>,
	"Pratik R. Sampat" <pratikrajesh.sampat@amd.com>,
 Reinette Chatre <reinette.chatre@intel.com>,
	Ira Weiny <ira.weiny@intel.com>, Chao Gao <chao.gao@intel.com>,
	Chenyi Qiang <chenyi.qiang@intel.com>
Cc: linux-kernel@vger.kernel.org, kvm@vger.kernel.org
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain; charset="utf-8"

Since the rip register is inaccessible for TDX VMs, we need a different
way to set the guest entry point for TDX VMs. This is done by writing
the guest code address to a predefined location in the guest memory and
loading it into rip as part of the TDX boot code.

Signed-off-by: Sagi Shahar <sagis@google.com>
---
 tools/testing/selftests/kvm/lib/x86/processor.c | 10 +++++++---
 1 file changed, 7 insertions(+), 3 deletions(-)

diff --git a/tools/testing/selftests/kvm/lib/x86/processor.c b/tools/testin=
g/selftests/kvm/lib/x86/processor.c
index f7ddea3b2044..92a9cac18c56 100644
--- a/tools/testing/selftests/kvm/lib/x86/processor.c
+++ b/tools/testing/selftests/kvm/lib/x86/processor.c
@@ -656,9 +656,13 @@ void vcpu_arch_set_entry_point(struct kvm_vcpu *vcpu, =
void *guest_code)
 {
 	struct kvm_regs regs;
=20
-	vcpu_regs_get(vcpu, &regs);
-	regs.rip =3D (unsigned long) guest_code;
-	vcpu_regs_set(vcpu, &regs);
+	if (is_tdx_vm(vcpu->vm))
+		vm_tdx_set_vcpu_entry_point(vcpu, guest_code);
+	else {
+		vcpu_regs_get(vcpu, &regs);
+		regs.rip =3D (unsigned long) guest_code;
+		vcpu_regs_set(vcpu, &regs);
+	}
 }
=20
 vm_vaddr_t kvm_allocate_vcpu_stack(struct kvm_vm *vm)
--=20
2.51.0.536.g15c5d4f767-goog
From nobody Wed Oct  1 23:34:11 2025
Received: from mail-pg1-f201.google.com (mail-pg1-f201.google.com
 [209.85.215.201])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id EF32231354A
	for <linux-kernel@vger.kernel.org>; Thu, 25 Sep 2025 17:29:28 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org;
 arc=none smtp.client-ip=209.85.215.201
ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;
	t=1758821371; cv=none;
 b=p9vK0LBy2sPiKgz5kfBw1fMWEbumnpX3FoqNhzIYT2lTgZ1YFDxC0jhPKgm/EaBUjrUnNpndd38iwUYFcfMKbAmO3DxubPzWV7o7gXwQDrrXjsJ4NQ85bcv0viqUVUhOB86IPXLScRoPT9gfZlg7nXkUbhsMNSAISttHmX+VNa4=
ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org;
	s=arc-20240116; t=1758821371; c=relaxed/simple;
	bh=xx91kaM8zfaoJEfsnflUjFDkM3EzKmV5y85jRHTVBqk=;
	h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From:
	 To:Cc:Content-Type;
 b=mxoNCC1BAlAFsYBwwxDx3jyfRciLpaXFGHv6YycAwL5mOYEqj+xZt/2XyjC35/uY5aXRVUXyJt23fFmcy2hPW2lIfuofnPGFh55EJLpCumxunKblc8UauWJ+CgLSUs3hEt/qjxkUbMlDaQ8H7iPNdE6SHOjgD13VBQXsytwwQr8=
ARC-Authentication-Results: i=1; smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com;
 spf=pass smtp.mailfrom=flex--sagis.bounces.google.com;
 dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b=zse5uVos; arc=none smtp.client-ip=209.85.215.201
Authentication-Results: smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com
Authentication-Results: smtp.subspace.kernel.org;
 spf=pass smtp.mailfrom=flex--sagis.bounces.google.com
Authentication-Results: smtp.subspace.kernel.org;
	dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b="zse5uVos"
Received: by mail-pg1-f201.google.com with SMTP id
 41be03b00d2f7-b54a30515cfso1731139a12.1
        for <linux-kernel@vger.kernel.org>;
 Thu, 25 Sep 2025 10:29:28 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=google.com; s=20230601; t=1758821368; x=1759426168;
 darn=vger.kernel.org;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:from:to:cc:subject:date:message-id:reply-to;
        bh=uVcHgjF8bZbQcV2iSiYNl9kU+EHyscxLqETDjVDPU48=;
        b=zse5uVosywTJ042cvfUru4JRVHVR/lo5yIsWwgf36YT2OcqXdPh4rxmQMBHf/fqmzp
         +tFfRQeGzC3WpX4G4meK6+kz5P0wz1wmhARzHM6YITnIswpRA0uStw9xkCLLrFozSjjb
         k1YVh2wZvUHQ/IEM7PkBuej0u+1VlJFwRMEhO2XWC5vxsq7xzN1Ftog/sdhELIMB+xUO
         IPOaNkaL+8qSLbNjobEhYRRl/IUqjs9wEBdA9koQpOZ6SDXrncGrLpH3nOYxglECG6qL
         opNwZQGozDrgjQdvjgn4obuXPkrfWcAKHv4IlZFQJ93CdFPzK75OvpmL875mh2W3V+09
         gw8A==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1758821368; x=1759426168;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to;
        bh=uVcHgjF8bZbQcV2iSiYNl9kU+EHyscxLqETDjVDPU48=;
        b=f2klAq/aWSQppq+bSsRoQx+4HRRR92wmNtYj8GRlawTrEJjZclIa4HkA0Z9jisWRW0
         bO/vodH0GuLkYF9QhHYj6fXfaTaqVk8coxtAZsOkkQB4UXNcBcZMDBocF7V0j0jnM+Ws
         MuACiSbhVPfRGgZ5dmDmqIMRtlzc1Q7sXD6DpEsamqTmr+CfH8BJ2TbjETtDBeYorV+H
         OuUxcS2LI9pt8Q9xj0BVcdMtEDr3hbXdlrq1VFOGEFeYZn33vnpoailmJmazGO7khZN7
         SBmXBtJw8Ts0T+lVe7Wcs3bhbJ20Uxe7pOCQrUC9+Jh+oVey7nfHw5KMRyvqqsQCkDAx
         jhWg==
X-Gm-Message-State: AOJu0YxrSfWLX9KBgYCquS0mKGugfRtAnZUJZdDYiRL2Q8gK2qmm0llv
	v4QnsufVAYeef1H+Eg6Y6vcj4wyNaeFDLvXVCPDtQ+xJDpeZiCMHPjKndifECyIsug6lMnNLjiJ
	LRA==
X-Google-Smtp-Source: 
 AGHT+IG9AJw6xYfZvbyyqhgBN+Q7ZNk6dh+OK2KGZhFSFOzyee1k1LKRYFhqhW75y1aQ/kh+PuFSno7gqA==
X-Received: from pliy11.prod.google.com ([2002:a17:903:3d0b:b0:267:a5c9:8a4c])
 (user=sagis job=prod-delivery.src-stubby-dispatcher) by
 2002:a17:903:3bc4:b0:265:b60f:d18
 with SMTP id d9443c01a7336-27ed6ad0c80mr32448345ad.1.1758821368252; Thu, 25
 Sep 2025 10:29:28 -0700 (PDT)
Date: Thu, 25 Sep 2025 10:28:46 -0700
In-Reply-To: <20250925172851.606193-1-sagis@google.com>
Precedence: bulk
X-Mailing-List: linux-kernel@vger.kernel.org
List-Id: <linux-kernel.vger.kernel.org>
List-Subscribe: <mailto:linux-kernel+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:linux-kernel+unsubscribe@vger.kernel.org>
Mime-Version: 1.0
References: <20250925172851.606193-1-sagis@google.com>
X-Mailer: git-send-email 2.51.0.536.g15c5d4f767-goog
Message-ID: <20250925172851.606193-19-sagis@google.com>
Subject: [PATCH v11 18/21] KVM: selftests: Add support for TDX TDCALL from
 guest
From: Sagi Shahar <sagis@google.com>
To: linux-kselftest@vger.kernel.org, Paolo Bonzini <pbonzini@redhat.com>,
	Shuah Khan <shuah@kernel.org>, Sean Christopherson <seanjc@google.com>,
	Ackerley Tng <ackerleytng@google.com>, Ryan Afranji <afranji@google.com>,
	Andrew Jones <ajones@ventanamicro.com>,
 Isaku Yamahata <isaku.yamahata@intel.com>,
	Erdem Aktas <erdemaktas@google.com>,
 Rick Edgecombe <rick.p.edgecombe@intel.com>,
	Sagi Shahar <sagis@google.com>, Roger Wang <runanwang@google.com>,
	Binbin Wu <binbin.wu@linux.intel.com>, Oliver Upton <oliver.upton@linux.dev>,
	"Pratik R. Sampat" <pratikrajesh.sampat@amd.com>,
 Reinette Chatre <reinette.chatre@intel.com>,
	Ira Weiny <ira.weiny@intel.com>, Chao Gao <chao.gao@intel.com>,
	Chenyi Qiang <chenyi.qiang@intel.com>
Cc: linux-kernel@vger.kernel.org, kvm@vger.kernel.org
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain; charset="utf-8"

From: Erdem Aktas <erdemaktas@google.com>

Add support for TDX guests to issue TDCALLs to the TDX module.

Signed-off-by: Erdem Aktas <erdemaktas@google.com>
Co-developed-by: Sagi Shahar <sagis@google.com>
Signed-off-by: Sagi Shahar <sagis@google.com>
---
 tools/testing/selftests/kvm/Makefile.kvm      |  8 ++
 .../selftests/kvm/include/x86/tdx/tdcall.h    | 34 +++++++
 .../selftests/kvm/lib/x86/tdx/tdcall.S        | 93 +++++++++++++++++++
 .../kvm/lib/x86/tdx/tdcall_offsets.c          | 16 ++++
 4 files changed, 151 insertions(+)
 create mode 100644 tools/testing/selftests/kvm/include/x86/tdx/tdcall.h
 create mode 100644 tools/testing/selftests/kvm/lib/x86/tdx/tdcall.S
 create mode 100644 tools/testing/selftests/kvm/lib/x86/tdx/tdcall_offsets.c

diff --git a/tools/testing/selftests/kvm/Makefile.kvm b/tools/testing/selft=
ests/kvm/Makefile.kvm
index 52c90f1c0484..2d4fd68984a0 100644
--- a/tools/testing/selftests/kvm/Makefile.kvm
+++ b/tools/testing/selftests/kvm/Makefile.kvm
@@ -20,6 +20,7 @@ LIBKVM +=3D lib/userfaultfd_util.c
 LIBKVM_STRING +=3D lib/string_override.c
=20
 LIBKVM_ASM_DEFS +=3D lib/x86/tdx/td_boot_offsets.c
+LIBKVM_ASM_DEFS +=3D lib/x86/tdx/tdcall_offsets.c
=20
 LIBKVM_x86 +=3D lib/x86/apic.c
 LIBKVM_x86 +=3D lib/x86/handlers.S
@@ -33,6 +34,7 @@ LIBKVM_x86 +=3D lib/x86/ucall.c
 LIBKVM_x86 +=3D lib/x86/vmx.c
 LIBKVM_x86 +=3D lib/x86/tdx/tdx_util.c
 LIBKVM_x86 +=3D lib/x86/tdx/td_boot.S
+LIBKVM_x86 +=3D lib/x86/tdx/tdcall.S
=20
 LIBKVM_arm64 +=3D lib/arm64/gic.c
 LIBKVM_arm64 +=3D lib/arm64/gic_v3.c
@@ -343,7 +345,13 @@ $(OUTPUT)/lib/x86/tdx/td_boot.o: $(OUTPUT)/include/x86=
/tdx/td_boot_offsets.h
 $(OUTPUT)/include/x86/tdx/td_boot_offsets.h: $(OUTPUT)/lib/x86/tdx/td_boot=
_offsets.s FORCE
 	$(call filechk,offsets,__TDX_BOOT_OFFSETS_H__)
=20
+$(OUTPUT)/lib/x86/tdx/tdcall.o: $(OUTPUT)/include/x86/tdx/tdcall_offsets.h
+
+$(OUTPUT)/include/x86/tdx/tdcall_offsets.h: $(OUTPUT)/lib/x86/tdx/tdcall_o=
ffsets.s FORCE
+	$(call filechk,offsets,__TDCALL__OFFSETS_H__)
+
 EXTRA_CLEAN +=3D $(OUTPUT)/include/x86/tdx/td_boot_offsets.h
+EXTRA_CLEAN +=3D $(OUTPUT)/include/x86/tdx/tdcall_offsets.h
=20
 $(shell mkdir -p $(sort $(dir $(TEST_GEN_PROGS))))
 $(SPLIT_TEST_GEN_OBJ): $(GEN_HDRS)
diff --git a/tools/testing/selftests/kvm/include/x86/tdx/tdcall.h b/tools/t=
esting/selftests/kvm/include/x86/tdx/tdcall.h
new file mode 100644
index 000000000000..60c70646f876
--- /dev/null
+++ b/tools/testing/selftests/kvm/include/x86/tdx/tdcall.h
@@ -0,0 +1,34 @@
+/* SPDX-License-Identifier: GPL-2.0-only */
+/* Adapted from arch/x86/include/asm/shared/tdx.h */
+
+#ifndef SELFTESTS_TDX_TDCALL_H
+#define SELFTESTS_TDX_TDCALL_H
+
+#include <linux/bits.h>
+
+#define TDX_TDCALL_HAS_OUTPUT BIT(0)
+
+#ifndef __ASSEMBLY__
+
+#include <linux/types.h>
+
+/*
+ * Used in __tdx_tdcall() to pass down and get back registers' values of
+ * the TDCALL instruction when requesting services from the VMM.
+ *
+ * This is a software only structure and not part of the TDX module/VMM AB=
I.
+ */
+struct tdx_tdcall_args {
+	u64 r10;
+	u64 r11;
+	u64 r12;
+	u64 r13;
+	u64 r14;
+	u64 r15;
+};
+
+/* Used to request services from the VMM */
+u64 __tdx_tdcall(struct tdx_tdcall_args *args, unsigned long flags);
+
+#endif // __ASSEMBLY__
+#endif // SELFTESTS_TDX_TDCALL_H
diff --git a/tools/testing/selftests/kvm/lib/x86/tdx/tdcall.S b/tools/testi=
ng/selftests/kvm/lib/x86/tdx/tdcall.S
new file mode 100644
index 000000000000..05869e86b9d8
--- /dev/null
+++ b/tools/testing/selftests/kvm/lib/x86/tdx/tdcall.S
@@ -0,0 +1,93 @@
+/* SPDX-License-Identifier: GPL-2.0-only */
+/* Adapted from arch/x86/virt/vmx/tdx/tdxcall.S */
+
+#ifndef __ASSEMBLY__
+#define __ASSEMBLY__
+#endif
+
+#include <linux/bits.h>
+#include "tdx/tdcall.h"
+#include "tdx/tdcall_offsets.h"
+
+/*
+ * TDCALL is supported in Binutils >=3D 2.36, add it for older version.
+ */
+#define tdcall		.byte 0x66,0x0f,0x01,0xcc
+
+/*
+ * Bitmasks of exposed registers (with VMM).
+ */
+#define TDX_R10		BIT(10)
+#define TDX_R11		BIT(11)
+#define TDX_R12		BIT(12)
+#define TDX_R13		BIT(13)
+#define TDX_R14		BIT(14)
+#define TDX_R15		BIT(15)
+
+/*
+ * These registers are clobbered to hold arguments for each
+ * TDVMCALL. They are safe to expose to the VMM.
+ * Each bit in this mask represents a register ID. Bit field
+ * details can be found in TDX GHCI specification, section
+ * titled "TDCALL [TDG.VP.VMCALL] leaf".
+ */
+#define TDVMCALL_EXPOSE_REGS_MASK    \
+         (TDX_R10 | TDX_R11 | TDX_R12 | TDX_R13 | TDX_R14 | TDX_R15)
+
+.code64
+.section .text
+
+.globl __tdx_tdcall
+.type __tdx_tdcall, @function
+__tdx_tdcall:
+	/* Set up stack frame */
+	push %rbp
+	movq %rsp, %rbp
+
+	/* Save callee-saved GPRs as mandated by the x86_64 ABI */
+	push %r15
+	push %r14
+	push %r13
+	push %r12
+
+	/* Mangle function call ABI into TDCALL ABI: */
+	/* Set TDCALL leaf ID (TDVMCALL (0)) in RAX */
+	xor %eax, %eax
+
+	/* Copy tdcall registers from arg struct: */
+	movq TDX_TDCALL_R10(%rdi), %r10
+	movq TDX_TDCALL_R11(%rdi), %r11
+	movq TDX_TDCALL_R12(%rdi), %r12
+	movq TDX_TDCALL_R13(%rdi), %r13
+	movq TDX_TDCALL_R14(%rdi), %r14
+	movq TDX_TDCALL_R15(%rdi), %r15
+
+	movl $TDVMCALL_EXPOSE_REGS_MASK, %ecx
+
+	tdcall
+
+	/* TDVMCALL leaf return code is in R10 */
+	movq %r10, %rax
+
+	/* Copy tdcall result registers to arg struct if needed */
+	testq $TDX_TDCALL_HAS_OUTPUT, %rsi
+	jz .Lout
+
+	movq %r10, TDX_TDCALL_R10(%rdi)
+	movq %r11, TDX_TDCALL_R11(%rdi)
+	movq %r12, TDX_TDCALL_R12(%rdi)
+	movq %r13, TDX_TDCALL_R13(%rdi)
+	movq %r14, TDX_TDCALL_R14(%rdi)
+	movq %r15, TDX_TDCALL_R15(%rdi)
+.Lout:
+	/* Restore callee-saved GPRs as mandated by the x86_64 ABI */
+	pop %r12
+	pop %r13
+	pop %r14
+	pop %r15
+
+	pop %rbp
+	ret
+
+/* Disable executable stack */
+.section .note.GNU-stack,"",%progbits
diff --git a/tools/testing/selftests/kvm/lib/x86/tdx/tdcall_offsets.c b/too=
ls/testing/selftests/kvm/lib/x86/tdx/tdcall_offsets.c
new file mode 100644
index 000000000000..dcd4457be6e5
--- /dev/null
+++ b/tools/testing/selftests/kvm/lib/x86/tdx/tdcall_offsets.c
@@ -0,0 +1,16 @@
+// SPDX-License-Identifier: GPL-2.0
+#define COMPILE_OFFSETS
+
+#include <linux/kbuild.h>
+
+#include "tdx/tdcall.h"
+
+static void __attribute__((used)) common(void)
+{
+	OFFSET(TDX_TDCALL_R10, tdx_tdcall_args, r10);
+	OFFSET(TDX_TDCALL_R11, tdx_tdcall_args, r11);
+	OFFSET(TDX_TDCALL_R12, tdx_tdcall_args, r12);
+	OFFSET(TDX_TDCALL_R13, tdx_tdcall_args, r13);
+	OFFSET(TDX_TDCALL_R14, tdx_tdcall_args, r14);
+	OFFSET(TDX_TDCALL_R15, tdx_tdcall_args, r15);
+}
--=20
2.51.0.536.g15c5d4f767-goog
From nobody Wed Oct  1 23:34:11 2025
Received: from mail-pj1-f74.google.com (mail-pj1-f74.google.com
 [209.85.216.74])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id 43150320CD6
	for <linux-kernel@vger.kernel.org>; Thu, 25 Sep 2025 17:29:30 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org;
 arc=none smtp.client-ip=209.85.216.74
ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;
	t=1758821373; cv=none;
 b=lR9bzOlU72HcBM9k1r8LUldMcE81+BYaa1VdJ8jK9hg5UT7gRplV7sjx5cVlWGYZ4L9EL3okREm8i4MkPvQ8whyDAyu8RB4NhAKtGM8j1LU530oEj8Vsbgdf1JtkCwTU75uHW0ip4JUPfC+iLCSdXxdWtaxRyDPsgPzrumi9HN8=
ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org;
	s=arc-20240116; t=1758821373; c=relaxed/simple;
	bh=3znNNTzzgwZ3OVafDf2/cAXagMtlSh9rcqeBjFqLA9k=;
	h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From:
	 To:Cc:Content-Type;
 b=myrBA4nlzR74UuM4vcZOL0bRlxxid3tX3M3xZrwob9cZIqnafdS/LSFbgaV9AGfB7lOPy2aiDX9knggM1YI8LLxVdZ1fE9d+Uko3zBvgRySoxJP1QmmIZSQ5bWf5tzTr4LgiLct6jRHzHXsKVhT4zL+Ub+97hYe2TM6SWhCup7o=
ARC-Authentication-Results: i=1; smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com;
 spf=pass smtp.mailfrom=flex--sagis.bounces.google.com;
 dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b=AB0WFZGE; arc=none smtp.client-ip=209.85.216.74
Authentication-Results: smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com
Authentication-Results: smtp.subspace.kernel.org;
 spf=pass smtp.mailfrom=flex--sagis.bounces.google.com
Authentication-Results: smtp.subspace.kernel.org;
	dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b="AB0WFZGE"
Received: by mail-pj1-f74.google.com with SMTP id
 98e67ed59e1d1-3234811cab3so1362713a91.3
        for <linux-kernel@vger.kernel.org>;
 Thu, 25 Sep 2025 10:29:30 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=google.com; s=20230601; t=1758821370; x=1759426170;
 darn=vger.kernel.org;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:from:to:cc:subject:date:message-id:reply-to;
        bh=1I0d3H8TyKfzIE5uQLOEkCrQLG+nnvdngPIYTlDoLN4=;
        b=AB0WFZGEyrT619+y5bjWGObwquNz8dFmqCFaisC4mXQt3IqkdZHEKIGX3TYw5CIxpi
         bU0dyV8WicmDxa++gyBuff52EOkswpG1/7PnixibFdjz08IMWKlAK/RVEixsONfg8+y2
         QllqziD0zOSEbkfDO+y9vyNhymr1Ep9Znac9m/fzoBHE3pYDEg3EycKrUfDMzU0794Xu
         sEempVKw3Ez1lOrmQlMnwzYBvV84kVggQPyPy4J7st08w9cR3aRyJRF9PTtyk6mWHlCh
         oq9Vz8Bd0bK/v2IM6v9CMZpNXVqdbuDO/4SPj9vnuOtqumil3TQ9Ywnc1a4FMFMFTAJ8
         9IRg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1758821370; x=1759426170;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to;
        bh=1I0d3H8TyKfzIE5uQLOEkCrQLG+nnvdngPIYTlDoLN4=;
        b=nPovFkyLTqEhitoHKSvkFP2RrvydOrI9NodWPjexFA52lcZ8tPEVWj5KqZD9WHbh7i
         Dv3U2iIMf5TWpp/NxHX3JVSiJYD5ougsPCwIkLGHah5LsZCYR/SZD26S66DDb1BBoDx7
         C9yXGJfiIvMcvYhURQCX+t7JCgNCALsGTIN36LYgYd9qGbBeOmxFqpP0M0oEaqfbkO2S
         CRioQJTHznaggF2JwO9+yQxAx3NtIHRwfbFq6sERn655/9qGApx7xb/VJzYT34CcHpBp
         n1abJ5+ga39vkm80j9o8rNVmE3JUBFUUb9tnXchOXpK73q9XpnVoTFniJOmcyfiyZbrs
         cFwg==
X-Gm-Message-State: AOJu0YzfHH0jVYWQE8wxGi8P3+48SCLBuMy7k33d1Ymvt9JkJNm13DS9
	NKHd9cRsxuKKFmFzc2GCPdLyklBOUEwlS4Bhoqb+lJZi69+Peelj0SKjFdOfREEK3mfTcv6xeX7
	0CA==
X-Google-Smtp-Source: 
 AGHT+IECM1WrKtqV1I4hTE41GQwZHS00MBwdDco5WyVseq3MBB5Rg5a30RkPZBPhewvNjT9OfGZ9wLQtjg==
X-Received: from pjbnp18.prod.google.com
 ([2002:a17:90b:4c52:b0:334:1843:ee45])
 (user=sagis job=prod-delivery.src-stubby-dispatcher) by
 2002:a17:90a:d886:b0:32f:469:954c
 with SMTP id 98e67ed59e1d1-3342a2f9276mr4237165a91.34.1758821369732; Thu, 25
 Sep 2025 10:29:29 -0700 (PDT)
Date: Thu, 25 Sep 2025 10:28:47 -0700
In-Reply-To: <20250925172851.606193-1-sagis@google.com>
Precedence: bulk
X-Mailing-List: linux-kernel@vger.kernel.org
List-Id: <linux-kernel.vger.kernel.org>
List-Subscribe: <mailto:linux-kernel+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:linux-kernel+unsubscribe@vger.kernel.org>
Mime-Version: 1.0
References: <20250925172851.606193-1-sagis@google.com>
X-Mailer: git-send-email 2.51.0.536.g15c5d4f767-goog
Message-ID: <20250925172851.606193-20-sagis@google.com>
Subject: [PATCH v11 19/21] KVM: selftests: Add wrapper for TDX MMIO from guest
From: Sagi Shahar <sagis@google.com>
To: linux-kselftest@vger.kernel.org, Paolo Bonzini <pbonzini@redhat.com>,
	Shuah Khan <shuah@kernel.org>, Sean Christopherson <seanjc@google.com>,
	Ackerley Tng <ackerleytng@google.com>, Ryan Afranji <afranji@google.com>,
	Andrew Jones <ajones@ventanamicro.com>,
 Isaku Yamahata <isaku.yamahata@intel.com>,
	Erdem Aktas <erdemaktas@google.com>,
 Rick Edgecombe <rick.p.edgecombe@intel.com>,
	Sagi Shahar <sagis@google.com>, Roger Wang <runanwang@google.com>,
	Binbin Wu <binbin.wu@linux.intel.com>, Oliver Upton <oliver.upton@linux.dev>,
	"Pratik R. Sampat" <pratikrajesh.sampat@amd.com>,
 Reinette Chatre <reinette.chatre@intel.com>,
	Ira Weiny <ira.weiny@intel.com>, Chao Gao <chao.gao@intel.com>,
	Chenyi Qiang <chenyi.qiang@intel.com>
Cc: linux-kernel@vger.kernel.org, kvm@vger.kernel.org
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain; charset="utf-8"

Add utility function to issue MMIO TDCALL from TDX guests.

Signed-off-by: Sagi Shahar <sagis@google.com>
---
 tools/testing/selftests/kvm/Makefile.kvm      |  1 +
 .../selftests/kvm/include/x86/tdx/tdx.h       | 14 +++++++++++
 tools/testing/selftests/kvm/lib/x86/tdx/tdx.c | 23 +++++++++++++++++++
 3 files changed, 38 insertions(+)
 create mode 100644 tools/testing/selftests/kvm/include/x86/tdx/tdx.h
 create mode 100644 tools/testing/selftests/kvm/lib/x86/tdx/tdx.c

diff --git a/tools/testing/selftests/kvm/Makefile.kvm b/tools/testing/selft=
ests/kvm/Makefile.kvm
index 2d4fd68984a0..1a73e08c8437 100644
--- a/tools/testing/selftests/kvm/Makefile.kvm
+++ b/tools/testing/selftests/kvm/Makefile.kvm
@@ -35,6 +35,7 @@ LIBKVM_x86 +=3D lib/x86/vmx.c
 LIBKVM_x86 +=3D lib/x86/tdx/tdx_util.c
 LIBKVM_x86 +=3D lib/x86/tdx/td_boot.S
 LIBKVM_x86 +=3D lib/x86/tdx/tdcall.S
+LIBKVM_x86 +=3D lib/x86/tdx/tdx.c
=20
 LIBKVM_arm64 +=3D lib/arm64/gic.c
 LIBKVM_arm64 +=3D lib/arm64/gic_v3.c
diff --git a/tools/testing/selftests/kvm/include/x86/tdx/tdx.h b/tools/test=
ing/selftests/kvm/include/x86/tdx/tdx.h
new file mode 100644
index 000000000000..22b096402998
--- /dev/null
+++ b/tools/testing/selftests/kvm/include/x86/tdx/tdx.h
@@ -0,0 +1,14 @@
+/* SPDX-License-Identifier: GPL-2.0-only */
+#ifndef SELFTESTS_TDX_TDX_H
+#define SELFTESTS_TDX_TDX_H
+
+#include <stdint.h>
+
+/* MMIO direction */
+#define MMIO_READ	0
+#define MMIO_WRITE	1
+
+uint64_t tdg_vp_vmcall_ve_request_mmio_write(uint64_t address, uint64_t si=
ze,
+					     uint64_t data_in);
+
+#endif // SELFTESTS_TDX_TDX_H
diff --git a/tools/testing/selftests/kvm/lib/x86/tdx/tdx.c b/tools/testing/=
selftests/kvm/lib/x86/tdx/tdx.c
new file mode 100644
index 000000000000..f9c1acd5b30c
--- /dev/null
+++ b/tools/testing/selftests/kvm/lib/x86/tdx/tdx.c
@@ -0,0 +1,23 @@
+// SPDX-License-Identifier: GPL-2.0-only
+
+#include "tdx/tdcall.h"
+#include "tdx/tdx.h"
+
+#define TDG_VP_VMCALL 0
+
+#define TDG_VP_VMCALL_VE_REQUEST_MMIO	48
+
+uint64_t tdg_vp_vmcall_ve_request_mmio_write(uint64_t address, uint64_t si=
ze,
+					     uint64_t data_in)
+{
+	struct tdx_tdcall_args args =3D {
+		.r10 =3D TDG_VP_VMCALL,
+		.r11 =3D TDG_VP_VMCALL_VE_REQUEST_MMIO,
+		.r12 =3D size,
+		.r13 =3D MMIO_WRITE,
+		.r14 =3D address,
+		.r15 =3D data_in,
+	};
+
+	return __tdx_tdcall(&args, 0);
+}
--=20
2.51.0.536.g15c5d4f767-goog
From nobody Wed Oct  1 23:34:11 2025
Received: from mail-pj1-f74.google.com (mail-pj1-f74.google.com
 [209.85.216.74])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id C4C0E3218BA
	for <linux-kernel@vger.kernel.org>; Thu, 25 Sep 2025 17:29:31 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org;
 arc=none smtp.client-ip=209.85.216.74
ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;
	t=1758821373; cv=none;
 b=puti/Am2roBipnELQjRyAl0lrZWlz5l4IqjLVgRX/XUxPrtFJJ9aSbzlyo+5RQojTPk68j67cfXffM1dtvwv6yDBMpp/FAfjPvonEJrYaN1tcJja9m8cZz5a9nZ3aZWsLQ/y+AHk7XLg6mpfbiWfupBP5JZwA03AaZ1xTpXrVrs=
ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org;
	s=arc-20240116; t=1758821373; c=relaxed/simple;
	bh=dQKO09oJCnocRjFNIJDtEll6Y8mthajh35gt3qwwu5Y=;
	h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From:
	 To:Cc:Content-Type;
 b=EA85f1pWYksI6iqG5MGRYj89l/9Kv7RtERHEqD1wuER06AWHweXaYNVHHGsNmMSW5j0gDUNARzFRTI8HgZ8N8FV0hExz1YlCz4sTQpMNQ9QkV24KkTvgFoo3nEe2gV+Ti80Hu883QD4PluOSLOHaRk9scdlOJ+7Q2WpEr2GUEw8=
ARC-Authentication-Results: i=1; smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com;
 spf=pass smtp.mailfrom=flex--sagis.bounces.google.com;
 dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b=cyZW/fdB; arc=none smtp.client-ip=209.85.216.74
Authentication-Results: smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com
Authentication-Results: smtp.subspace.kernel.org;
 spf=pass smtp.mailfrom=flex--sagis.bounces.google.com
Authentication-Results: smtp.subspace.kernel.org;
	dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b="cyZW/fdB"
Received: by mail-pj1-f74.google.com with SMTP id
 98e67ed59e1d1-32ec69d22b2so1192062a91.1
        for <linux-kernel@vger.kernel.org>;
 Thu, 25 Sep 2025 10:29:31 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=google.com; s=20230601; t=1758821371; x=1759426171;
 darn=vger.kernel.org;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:from:to:cc:subject:date:message-id:reply-to;
        bh=ThwYPhcmkCcqvioAtkivdQwxT8TbijxWH5xfKoaQ6zM=;
        b=cyZW/fdBOJExph9ZXQLzSsO3znwutoIZ6isNvl8JN9BHU9paLFBSxxsNdJyEprLARn
         5YQQTZ5+jfoaGt7rwll9s09kSDQzJBUD9YrlGs+UAE3MIrikGCJwwuchnOlIe6tMsQk5
         rLFwBa6umtZIrtT4FeWQl3dBSSAU0pLVI1vrGFAen3LCXCEJV8dhIL7CA4Mb668BOl8d
         Aji12W4TsDQb/i0bCjyAzmYKWwa/rPbjQQdJRkglDSzq30c9y2Zcn2mWjeoyyUna4P3l
         z3Pyc3O/deyiE51rVZl1gTTDVS6lrLoyNBmaU+aa9BR4l1IZ+qkrjgCOOdYbfLiDmubO
         nhKw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1758821371; x=1759426171;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to;
        bh=ThwYPhcmkCcqvioAtkivdQwxT8TbijxWH5xfKoaQ6zM=;
        b=AUfJkQo8goarDr5ZOYR/Q4VBW2MshPfX5JFLb/yPutzM09ECXwk8jjgsVrIDtTqsJ6
         rBr/yLZtqJoSmH9XdOdE/0IZPSOyx8kqNMv34Tsb+eeWU0AFWnmWsejMEgfbwtHb5QJe
         4jBs3P/YJa91PhwtXIRawRd9hSA2zNvkNoX49o+GKkhViZnV764BmMy6nq3xe1D529V5
         EsXc7BSKR4geVL/sM5qGO/NY44hDdUUEj4D3XWezwDIAYxkhlSzr48paabvkcinIKQIk
         a/3GjVFxQdywAuAWMDxdBYdPB03RMoXrvItW+Ys488oiFUUyi8a4LTPaPWIowinfZ20Y
         K9dw==
X-Gm-Message-State: AOJu0YzMaEjnWr+RYWiJVonJPpEolLmErcsRDJJx3wkaXZGGPy4CZAYR
	8LiaGMrmIyvtBeGpfntUjYag4ZvHQ+sNqjtSKDSp30ylzo1J3mHmJL048xZuxkl0RJJ0tSrSozK
	yEg==
X-Google-Smtp-Source: 
 AGHT+IHM1CN9rSt/1jalfBqV4Qi3jOCHo0SnGbk6lWEtgzzPfwzmrVSoUXtYNBHsHrzpTPor0m+ksolOYw==
X-Received: from pjbmr16.prod.google.com
 ([2002:a17:90b:2390:b0:330:8b1f:c4e7])
 (user=sagis job=prod-delivery.src-stubby-dispatcher) by
 2002:a17:90b:1b4f:b0:330:4a1d:223c
 with SMTP id 98e67ed59e1d1-3342a23af2fmr5505597a91.15.1758821371197; Thu, 25
 Sep 2025 10:29:31 -0700 (PDT)
Date: Thu, 25 Sep 2025 10:28:48 -0700
In-Reply-To: <20250925172851.606193-1-sagis@google.com>
Precedence: bulk
X-Mailing-List: linux-kernel@vger.kernel.org
List-Id: <linux-kernel.vger.kernel.org>
List-Subscribe: <mailto:linux-kernel+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:linux-kernel+unsubscribe@vger.kernel.org>
Mime-Version: 1.0
References: <20250925172851.606193-1-sagis@google.com>
X-Mailer: git-send-email 2.51.0.536.g15c5d4f767-goog
Message-ID: <20250925172851.606193-21-sagis@google.com>
Subject: [PATCH v11 20/21] KVM: selftests: Add ucall support for TDX
From: Sagi Shahar <sagis@google.com>
To: linux-kselftest@vger.kernel.org, Paolo Bonzini <pbonzini@redhat.com>,
	Shuah Khan <shuah@kernel.org>, Sean Christopherson <seanjc@google.com>,
	Ackerley Tng <ackerleytng@google.com>, Ryan Afranji <afranji@google.com>,
	Andrew Jones <ajones@ventanamicro.com>,
 Isaku Yamahata <isaku.yamahata@intel.com>,
	Erdem Aktas <erdemaktas@google.com>,
 Rick Edgecombe <rick.p.edgecombe@intel.com>,
	Sagi Shahar <sagis@google.com>, Roger Wang <runanwang@google.com>,
	Binbin Wu <binbin.wu@linux.intel.com>, Oliver Upton <oliver.upton@linux.dev>,
	"Pratik R. Sampat" <pratikrajesh.sampat@amd.com>,
 Reinette Chatre <reinette.chatre@intel.com>,
	Ira Weiny <ira.weiny@intel.com>, Chao Gao <chao.gao@intel.com>,
	Chenyi Qiang <chenyi.qiang@intel.com>
Cc: linux-kernel@vger.kernel.org, kvm@vger.kernel.org
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain; charset="utf-8"

From: Ackerley Tng <ackerleytng@google.com>

ucalls for non-Coco VMs work by having the guest write to the rdi
register, then perform an io instruction to exit to the host. The host
then reads rdi using kvm_get_regs().

CPU registers can't be read using kvm_get_regs() for TDX, so TDX
guests use MMIO to pass the struct ucall's hva to the host. MMIO was
chosen because it is one of the simplest (hence unlikely to fail)
mechanisms that support passing 8 bytes from guest to host.

Signed-off-by: Ackerley Tng <ackerleytng@google.com>
Co-developed-by: Sagi Shahar <sagis@google.com>
Signed-off-by: Sagi Shahar <sagis@google.com>

----------------------------------------------

Changes from v10:
 * Removed ucall_arch_init() decleration from ucall.h.
 * Replace vm_type type check with is_tdx_vm().
 * Move mmio info initialization under is_tdx_vm() case.
---
 .../selftests/kvm/include/ucall_common.h      |  1 +
 .../testing/selftests/kvm/include/x86/ucall.h |  6 ---
 tools/testing/selftests/kvm/lib/x86/ucall.c   | 46 +++++++++++++++++--
 3 files changed, 42 insertions(+), 11 deletions(-)

diff --git a/tools/testing/selftests/kvm/include/ucall_common.h b/tools/tes=
ting/selftests/kvm/include/ucall_common.h
index d9d6581b8d4f..f5eebf690033 100644
--- a/tools/testing/selftests/kvm/include/ucall_common.h
+++ b/tools/testing/selftests/kvm/include/ucall_common.h
@@ -4,6 +4,7 @@
  */
 #ifndef SELFTEST_KVM_UCALL_COMMON_H
 #define SELFTEST_KVM_UCALL_COMMON_H
+#include "kvm_util.h"
 #include "test_util.h"
 #include "ucall.h"
=20
diff --git a/tools/testing/selftests/kvm/include/x86/ucall.h b/tools/testin=
g/selftests/kvm/include/x86/ucall.h
index d3825dcc3cd9..7e54ec2c1a45 100644
--- a/tools/testing/selftests/kvm/include/x86/ucall.h
+++ b/tools/testing/selftests/kvm/include/x86/ucall.h
@@ -2,12 +2,6 @@
 #ifndef SELFTEST_KVM_UCALL_H
 #define SELFTEST_KVM_UCALL_H
=20
-#include "kvm_util.h"
-
 #define UCALL_EXIT_REASON       KVM_EXIT_IO
=20
-static inline void ucall_arch_init(struct kvm_vm *vm, vm_paddr_t mmio_gpa)
-{
-}
-
 #endif
diff --git a/tools/testing/selftests/kvm/lib/x86/ucall.c b/tools/testing/se=
lftests/kvm/lib/x86/ucall.c
index 1265cecc7dd1..fae6f37b0bcd 100644
--- a/tools/testing/selftests/kvm/lib/x86/ucall.c
+++ b/tools/testing/selftests/kvm/lib/x86/ucall.c
@@ -5,11 +5,35 @@
  * Copyright (C) 2018, Red Hat, Inc.
  */
 #include "kvm_util.h"
+#include "tdx/tdx.h"
+#include "tdx/tdx_util.h"
=20
 #define UCALL_PIO_PORT ((uint16_t)0x1000)
=20
+static uint8_t vm_type;
+static vm_paddr_t host_ucall_mmio_gpa;
+static vm_paddr_t ucall_mmio_gpa;
+
+void ucall_arch_init(struct kvm_vm *vm, vm_paddr_t mmio_gpa)
+{
+	vm_type =3D vm->type;
+	sync_global_to_guest(vm, vm_type);
+
+	if (is_tdx_vm(vm)) {
+		host_ucall_mmio_gpa =3D ucall_mmio_gpa =3D mmio_gpa;
+		ucall_mmio_gpa |=3D vm->arch.s_bit;
+	}
+
+	sync_global_to_guest(vm, ucall_mmio_gpa);
+}
+
 void ucall_arch_do_ucall(vm_vaddr_t uc)
 {
+	if (vm_type =3D=3D KVM_X86_TDX_VM) {
+		tdg_vp_vmcall_ve_request_mmio_write(ucall_mmio_gpa, 8, uc);
+		return;
+	}
+
 	/*
 	 * FIXME: Revert this hack (the entire commit that added it) once nVMX
 	 * preserves L2 GPRs across a nested VM-Exit.  If a ucall from L2, e.g.
@@ -46,11 +70,23 @@ void *ucall_arch_get_ucall(struct kvm_vcpu *vcpu)
 {
 	struct kvm_run *run =3D vcpu->run;
=20
-	if (run->exit_reason =3D=3D KVM_EXIT_IO && run->io.port =3D=3D UCALL_PIO_=
PORT) {
-		struct kvm_regs regs;
+	switch (vm_type) {
+	case KVM_X86_TDX_VM:
+		if (vcpu->run->exit_reason =3D=3D KVM_EXIT_MMIO &&
+		    vcpu->run->mmio.phys_addr =3D=3D host_ucall_mmio_gpa &&
+		    vcpu->run->mmio.len =3D=3D 8 && vcpu->run->mmio.is_write) {
+			uint64_t data =3D *(uint64_t *)vcpu->run->mmio.data;
+
+			return (void *)data;
+		}
+		return NULL;
+	default:
+		if (run->exit_reason =3D=3D KVM_EXIT_IO && run->io.port =3D=3D UCALL_PIO=
_PORT) {
+			struct kvm_regs regs;
=20
-		vcpu_regs_get(vcpu, &regs);
-		return (void *)regs.rdi;
+			vcpu_regs_get(vcpu, &regs);
+			return (void *)regs.rdi;
+		}
+		return NULL;
 	}
-	return NULL;
 }
--=20
2.51.0.536.g15c5d4f767-goog
From nobody Wed Oct  1 23:34:11 2025
Received: from mail-pj1-f74.google.com (mail-pj1-f74.google.com
 [209.85.216.74])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id 6D5DA321F3E
	for <linux-kernel@vger.kernel.org>; Thu, 25 Sep 2025 17:29:33 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org;
 arc=none smtp.client-ip=209.85.216.74
ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;
	t=1758821375; cv=none;
 b=EKFgKCKwgrw9SYifywNI9YUvPs8LDrDU+b3mFPqwE+dOQSGTDmNeitt0W2VvQOvLHQtE0WitSoj8ZeyGect/6Hji+P6dKhedMWQm5ChWS72Ajn6+ZMPlMfPcG71P4Fz7i0FutVs33H8t2P1EMJzVojDLMeAzSU9gYKWUjoHOb18=
ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org;
	s=arc-20240116; t=1758821375; c=relaxed/simple;
	bh=agNHzizJ+pu2GHvDilj4v+Sz4qwxNdK8ZAynRol9myI=;
	h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From:
	 To:Cc:Content-Type;
 b=SaZrtwwObVndig5HMpt8zRr5uLCsKDvuQoGdts4M8pxKBfVHgix7fNJomnfSe75ILbh2iA3SbQJazg1PY/gTghlfAVkQmVKvzhL3dFEt2OvR5CRm3Ks9zEY1dTiak2lIPDOxozaCvrTW/gOB8CltBpEjISquH04R63cgE20O2u4=
ARC-Authentication-Results: i=1; smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com;
 spf=pass smtp.mailfrom=flex--sagis.bounces.google.com;
 dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b=N2y8yFwm; arc=none smtp.client-ip=209.85.216.74
Authentication-Results: smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com
Authentication-Results: smtp.subspace.kernel.org;
 spf=pass smtp.mailfrom=flex--sagis.bounces.google.com
Authentication-Results: smtp.subspace.kernel.org;
	dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b="N2y8yFwm"
Received: by mail-pj1-f74.google.com with SMTP id
 98e67ed59e1d1-33274f8ff7cso1811997a91.0
        for <linux-kernel@vger.kernel.org>;
 Thu, 25 Sep 2025 10:29:33 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=google.com; s=20230601; t=1758821373; x=1759426173;
 darn=vger.kernel.org;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:from:to:cc:subject:date:message-id:reply-to;
        bh=1xPKp0CWKeH6BVksYl8nT4cVmvOfs6P2rPR25K+k3iU=;
        b=N2y8yFwmZz5GX2ct89JU0BRXZNUgmOl21lR2lhRLY1yA3pCygw/gnkzBPodr5MapEQ
         OvwnUe4VhvnBqs5skVhuv7qojuq21Vbyqp3HqtqdXXtrTwb7hB1o94dPuur3PHGmYFYN
         hkfB7rdqlgVEDaduG0poh6VZEndPy0j3AEJK5/IF0RGIJ+5UXnPMyg2oxsGSB7qVtisH
         ubNrhQLpfDPCrtdPY38XHSUmhT/Sz5aQiK6+p8eUaDXTk71d2OSftWykpEpuMngawrbX
         fX/JsLeyx2rXsr0o0rlWNCtift1R464RwYxgOq3gOSnsUAV6wc2wI06hictsL88BSEv+
         UY1w==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1758821373; x=1759426173;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to;
        bh=1xPKp0CWKeH6BVksYl8nT4cVmvOfs6P2rPR25K+k3iU=;
        b=Sa6IzkN0R11ZULMJv3xFtDQvHHPDuVrEUglNpdc5LSfDp/e5c8ZJ2uXAsZSEVermfP
         7f/CMR1QcJpIWQWutnWAQb1A8ZjQwr1ESwpEZ5V7+euxyYs1TSuUSl1oAqx13JjC2sPu
         Gbbf3Z7PNM26BkrC5f7ZaDEWKeCWkfLe/W8fA5b9EFeTwiXt+PCLgApRQ1aAej/fZYZl
         BzoA1uretbq4kFvqER7nQPvNOejlVyVREI1LyucC+ayys+keQTV/5eaWxo41J4iNkBJ+
         rDp1IotR/fVJsbZOc0Pvk9Aeg2kwFD5ywSsyCA9/VJZYZRKOas6OyyMSA/0J4eDxsrtV
         ynzw==
X-Gm-Message-State: AOJu0YziseLhREvFUXeAtNDULnPbV45GuUey4efPHKCMZyWI6MVnWDkg
	FSfKchGmSE230wdA5vF2KXb3LR+VoJ71vHdDRJhcZ15aQV4YQvPV4Pt30+1KREKSVSqhRvndfUm
	+mA==
X-Google-Smtp-Source: 
 AGHT+IFabB5ZJxkse1FxMHYo+VsnYSqWzdJfcXGK5NpuSl7voX2cKYO5R6GfWwQO7rPrUoSbZvlO3/cyHw==
X-Received: from pjbcz15.prod.google.com
 ([2002:a17:90a:d44f:b0:32b:8eda:24e8])
 (user=sagis job=prod-delivery.src-stubby-dispatcher) by
 2002:a17:90b:1b07:b0:335:2824:aab4
 with SMTP id 98e67ed59e1d1-3352824ac26mr337614a91.24.1758821372692; Thu, 25
 Sep 2025 10:29:32 -0700 (PDT)
Date: Thu, 25 Sep 2025 10:28:49 -0700
In-Reply-To: <20250925172851.606193-1-sagis@google.com>
Precedence: bulk
X-Mailing-List: linux-kernel@vger.kernel.org
List-Id: <linux-kernel.vger.kernel.org>
List-Subscribe: <mailto:linux-kernel+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:linux-kernel+unsubscribe@vger.kernel.org>
Mime-Version: 1.0
References: <20250925172851.606193-1-sagis@google.com>
X-Mailer: git-send-email 2.51.0.536.g15c5d4f767-goog
Message-ID: <20250925172851.606193-22-sagis@google.com>
Subject: [PATCH v11 21/21] KVM: selftests: Add TDX lifecycle test
From: Sagi Shahar <sagis@google.com>
To: linux-kselftest@vger.kernel.org, Paolo Bonzini <pbonzini@redhat.com>,
	Shuah Khan <shuah@kernel.org>, Sean Christopherson <seanjc@google.com>,
	Ackerley Tng <ackerleytng@google.com>, Ryan Afranji <afranji@google.com>,
	Andrew Jones <ajones@ventanamicro.com>,
 Isaku Yamahata <isaku.yamahata@intel.com>,
	Erdem Aktas <erdemaktas@google.com>,
 Rick Edgecombe <rick.p.edgecombe@intel.com>,
	Sagi Shahar <sagis@google.com>, Roger Wang <runanwang@google.com>,
	Binbin Wu <binbin.wu@linux.intel.com>, Oliver Upton <oliver.upton@linux.dev>,
	"Pratik R. Sampat" <pratikrajesh.sampat@amd.com>,
 Reinette Chatre <reinette.chatre@intel.com>,
	Ira Weiny <ira.weiny@intel.com>, Chao Gao <chao.gao@intel.com>,
	Chenyi Qiang <chenyi.qiang@intel.com>
Cc: linux-kernel@vger.kernel.org, kvm@vger.kernel.org
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain; charset="utf-8"

Adding a test to verify TDX lifecycle by creating a simple TD.

Signed-off-by: Sagi Shahar <sagis@google.com>
---
 tools/testing/selftests/kvm/Makefile.kvm      |  1 +
 .../selftests/kvm/include/x86/tdx/tdx_util.h  | 10 ++++++
 .../selftests/kvm/lib/x86/tdx/tdx_util.c      | 18 +++++++++++
 tools/testing/selftests/kvm/x86/tdx_vm_test.c | 31 +++++++++++++++++++
 4 files changed, 60 insertions(+)
 create mode 100644 tools/testing/selftests/kvm/x86/tdx_vm_test.c

diff --git a/tools/testing/selftests/kvm/Makefile.kvm b/tools/testing/selft=
ests/kvm/Makefile.kvm
index 1a73e08c8437..1a76e9fa45d6 100644
--- a/tools/testing/selftests/kvm/Makefile.kvm
+++ b/tools/testing/selftests/kvm/Makefile.kvm
@@ -155,6 +155,7 @@ TEST_GEN_PROGS_x86 +=3D rseq_test
 TEST_GEN_PROGS_x86 +=3D steal_time
 TEST_GEN_PROGS_x86 +=3D system_counter_offset_test
 TEST_GEN_PROGS_x86 +=3D pre_fault_memory_test
+TEST_GEN_PROGS_x86 +=3D x86/tdx_vm_test
=20
 # Compiled outputs used by test targets
 TEST_GEN_PROGS_EXTENDED_x86 +=3D x86/nx_huge_pages_test
diff --git a/tools/testing/selftests/kvm/include/x86/tdx/tdx_util.h b/tools=
/testing/selftests/kvm/include/x86/tdx/tdx_util.h
index 2467b6c35557..775ca249f74d 100644
--- a/tools/testing/selftests/kvm/include/x86/tdx/tdx_util.h
+++ b/tools/testing/selftests/kvm/include/x86/tdx/tdx_util.h
@@ -11,6 +11,14 @@ static inline bool is_tdx_vm(struct kvm_vm *vm)
 	return vm->type =3D=3D KVM_X86_TDX_VM;
 }
=20
+/*
+ * Verify that TDX is supported by KVM.
+ */
+static inline bool is_tdx_enabled(void)
+{
+	return !!(kvm_check_cap(KVM_CAP_VM_TYPES) & BIT(KVM_X86_TDX_VM));
+}
+
 /*
  * TDX ioctls
  */
@@ -72,5 +80,7 @@ void vm_tdx_load_vcpu_boot_parameters(struct kvm_vm *vm, =
struct kvm_vcpu *vcpu);
 void vm_tdx_set_vcpu_entry_point(struct kvm_vcpu *vcpu, void *guest_code);
=20
 void vm_tdx_finalize(struct kvm_vm *vm);
+struct kvm_vm *vm_tdx_create_with_one_vcpu(void *guest_code,
+					   struct kvm_vcpu **vcpu);
=20
 #endif // SELFTESTS_TDX_TDX_UTIL_H
diff --git a/tools/testing/selftests/kvm/lib/x86/tdx/tdx_util.c b/tools/tes=
ting/selftests/kvm/lib/x86/tdx/tdx_util.c
index 53cfadeff8de..714413e062fd 100644
--- a/tools/testing/selftests/kvm/lib/x86/tdx/tdx_util.c
+++ b/tools/testing/selftests/kvm/lib/x86/tdx/tdx_util.c
@@ -328,3 +328,21 @@ void vm_tdx_finalize(struct kvm_vm *vm)
 	load_td_private_memory(vm);
 	vm_tdx_vm_ioctl(vm, KVM_TDX_FINALIZE_VM, 0, NULL);
 }
+
+struct kvm_vm *vm_tdx_create_with_one_vcpu(void *guest_code,
+					   struct kvm_vcpu **vcpu)
+{
+	struct vm_shape shape =3D {
+		.mode =3D VM_MODE_DEFAULT,
+		.type =3D KVM_X86_TDX_VM,
+	};
+	struct kvm_vm *vm;
+	struct kvm_vcpu *vcpus[1];
+
+	vm =3D __vm_create_with_vcpus(shape, 1, 0, guest_code, vcpus);
+	*vcpu =3D vcpus[0];
+
+	vm_tdx_finalize(vm);
+
+	return vm;
+}
diff --git a/tools/testing/selftests/kvm/x86/tdx_vm_test.c b/tools/testing/=
selftests/kvm/x86/tdx_vm_test.c
new file mode 100644
index 000000000000..a9ee489eea1a
--- /dev/null
+++ b/tools/testing/selftests/kvm/x86/tdx_vm_test.c
@@ -0,0 +1,31 @@
+// SPDX-License-Identifier: GPL-2.0-only
+
+#include "kvm_util.h"
+#include "tdx/tdx_util.h"
+#include "ucall_common.h"
+#include "kselftest_harness.h"
+
+static void guest_code_lifecycle(void)
+{
+	GUEST_DONE();
+}
+
+TEST(verify_td_lifecycle)
+{
+	struct kvm_vcpu *vcpu;
+	struct kvm_vm *vm;
+	struct ucall uc;
+
+	vm =3D vm_tdx_create_with_one_vcpu(guest_code_lifecycle, &vcpu);
+
+	vcpu_run(vcpu);
+	TEST_ASSERT_EQ(get_ucall(vcpu, &uc), UCALL_DONE);
+
+	kvm_vm_free(vm);
+}
+
+int main(int argc, char **argv)
+{
+	TEST_REQUIRE(is_tdx_enabled());
+	return test_harness_run(argc, argv);
+}
--=20
2.51.0.536.g15c5d4f767-goog