From nobody Wed Dec 17 10:41:48 2025
Received: from mail-io1-f74.google.com (mail-io1-f74.google.com
 [209.85.166.74])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id 21CAE34C991
	for <linux-kernel@vger.kernel.org>; Tue, 28 Oct 2025 21:20:57 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org;
 arc=none smtp.client-ip=209.85.166.74
ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;
	t=1761686458; cv=none;
 b=ZVQKhFNkkM0dQAvImOOJJJNPYXHxvY5heJO6mCSdUwFYGm2YDFD/iMZI2mk38UpF+NghwN0lXduJC+yjsccW9LiMtim9rVGh8AT2lakg95hNohLWv8VsOEEmSvZMbvOQifPfqqGxtP37L3UM422mV0n5p884jG6YZ12vIW0xgqg=
ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org;
	s=arc-20240116; t=1761686458; c=relaxed/simple;
	bh=1taRtnVW6cATeCX53WJ7F7rAY20El5Aqn3oYb2ry0KY=;
	h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From:
	 To:Cc:Content-Type;
 b=aM+oQACYeqj42xQBE6dMTKIv/KM9JBlo7EyMq13ZheWIvxO2sG2oLT6ZhDJ6zDfN7ypSGf0oQmMI+PTrR688OpkqtAHoCTtBlJ5fOyX8XC2eurHQE7060sVd91j/UFJqf2BGWrnYy5fkwtOEr/Hqi7p965yQIcIizClSSPQEDNo=
ARC-Authentication-Results: i=1; smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com;
 spf=pass smtp.mailfrom=flex--sagis.bounces.google.com;
 dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b=JyrXlD0E; arc=none smtp.client-ip=209.85.166.74
Authentication-Results: smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com
Authentication-Results: smtp.subspace.kernel.org;
 spf=pass smtp.mailfrom=flex--sagis.bounces.google.com
Authentication-Results: smtp.subspace.kernel.org;
	dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b="JyrXlD0E"
Received: by mail-io1-f74.google.com with SMTP id
 ca18e2360f4ac-9228ed70eb7so1949015439f.2
        for <linux-kernel@vger.kernel.org>;
 Tue, 28 Oct 2025 14:20:57 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=google.com; s=20230601; t=1761686456; x=1762291256;
 darn=vger.kernel.org;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:from:to:cc:subject:date:message-id:reply-to;
        bh=p7v7/UUME0K6OufONPcieqq83sRrWQqrOjB3BM2ME/o=;
        b=JyrXlD0EnMHCqZzQYMYn/CeY6Tb403Y0w4GpVveB6lY/mYK7mAqgiB0+0U+esIvggF
         GNkLi97zdJGU11xWmWo9OZZz+WBKHHVQf32HBgD4P2wWcw3IVT8vZd4yhf177F7vMtqG
         BBo+7J6D4yq4228Fq4cq3O7UVul2Q1ZkhrICjQnUGxtd2oIRU5BHpCPGhOqr3WK0KWJ1
         ANgzyunn13ghI3CLanfrbsFQ3fDS8826nuw0QRZko6epnxydzimVfbD0e0xIb9PsgPDL
         wzfFS0Nub5KqQHy/7XGm9UrIgJicHTN31lxvWck8DE2s/rXWvhRlgw71J77vzvMoMyGm
         olGQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1761686456; x=1762291256;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to;
        bh=p7v7/UUME0K6OufONPcieqq83sRrWQqrOjB3BM2ME/o=;
        b=qnDT757t67zMk1JSF0p92krW6Xr2sIOPp8/9lgzIV8KlNQ1Dk7EIwPt57vg4JypQfN
         NjgTags8seMeTmv9tctj2Ua62cB2rA4IbFqSmVA1qpx8bq6E0gxT1FXf2m6cEnjn9Akn
         hBDh5MZFdYC102cJpwrGk+46bFK91TqjHMHdHc7qaxeL/ouzxRbW+1RcAcFTNnnwKhDG
         CJAiCJq3zTg23makWrj0UBuC+z7NOps3TvMIsSC7QuQ6YH72n1aRlaRjMBkQjfPEmFfx
         543xAnivv07x1kLGaHpvglv0EPF74jXjpxkTacgdwSSsQYnOPYZNQFY0dyP7eY5B5vek
         ULjg==
X-Gm-Message-State: AOJu0Yyz0EpCALCVlQauKZkA86SlL5vLZHUz3r524mB2msWbkMw1Nw4l
	gXDjX5yXVfW0WHfPTqPp8bNkt19S/2aqvUwE/rfrgJTDUUmPSO2HuThnDgftU/Krkrhz2ok+I6k
	SyA==
X-Google-Smtp-Source: 
 AGHT+IHNXgJLtfugfZ8phIcSQWQdiDgA9oVsbmqb4/VEjcfKWvug5tIMa6jcolDnkLWp3M99cFU8XavGwQ==
X-Received: from iobeh1.prod.google.com
 ([2002:a05:6602:4a01:b0:943:9a0c:d618])
 (user=sagis job=prod-delivery.src-stubby-dispatcher) by
 2002:a05:6602:2ccb:b0:943:edb3:ce65
 with SMTP id ca18e2360f4ac-945c97f2fddmr159522739f.15.1761686456312; Tue, 28
 Oct 2025 14:20:56 -0700 (PDT)
Date: Tue, 28 Oct 2025 21:20:27 +0000
In-Reply-To: <20251028212052.200523-1-sagis@google.com>
Precedence: bulk
X-Mailing-List: linux-kernel@vger.kernel.org
List-Id: <linux-kernel.vger.kernel.org>
List-Subscribe: <mailto:linux-kernel+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:linux-kernel+unsubscribe@vger.kernel.org>
Mime-Version: 1.0
References: <20251028212052.200523-1-sagis@google.com>
X-Mailer: git-send-email 2.51.1.851.g4ebd6896fd-goog
Message-ID: <20251028212052.200523-2-sagis@google.com>
Subject: [PATCH v12 01/23] KVM: selftests: Add macros so simplify creating VM
 shapes for non-default types
From: Sagi Shahar <sagis@google.com>
To: linux-kselftest@vger.kernel.org, Paolo Bonzini <pbonzini@redhat.com>,
	Shuah Khan <shuah@kernel.org>, Sean Christopherson <seanjc@google.com>,
	Ackerley Tng <ackerleytng@google.com>, Ryan Afranji <afranji@google.com>,
	Andrew Jones <ajones@ventanamicro.com>,
 Isaku Yamahata <isaku.yamahata@intel.com>,
	Erdem Aktas <erdemaktas@google.com>,
 Rick Edgecombe <rick.p.edgecombe@intel.com>,
	Sagi Shahar <sagis@google.com>, Roger Wang <runanwang@google.com>,
	Binbin Wu <binbin.wu@linux.intel.com>, Oliver Upton <oliver.upton@linux.dev>,
	"Pratik R. Sampat" <pratikrajesh.sampat@amd.com>,
 Reinette Chatre <reinette.chatre@intel.com>,
	Ira Weiny <ira.weiny@intel.com>, Chao Gao <chao.gao@intel.com>,
	Chenyi Qiang <chenyi.qiang@intel.com>
Cc: linux-kernel@vger.kernel.org, kvm@vger.kernel.org
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain; charset="utf-8"

From: Sean Christopherson <seanjc@google.com>

Add VM_TYPE() and __VM_TYPE() macros to create a vm_shape structure given
a type (and mode), and use the macros to define VM_SHAPE_{SEV,SEV_ES,SNP}
shapes for x86's SEV family of VM shapes.  Providing common infrastructure
will avoid having to copy+paste vm_sev_create_with_one_vcpu() for TDX.

Use the new SEV+ shapes and drop vm_sev_create_with_one_vcpu().

No functional change intended.

Signed-off-by: Sean Christopherson <seanjc@google.com>
Signed-off-by: Sagi Shahar <sagis@google.com>
Reviewed-by: Binbin Wu <binbin.wu@linux.intel.com>
Reviewed-by: Ira Weiny <ira.weiny@intel.com>
---
 .../testing/selftests/kvm/include/kvm_util.h  | 14 +++++++
 .../selftests/kvm/include/x86/processor.h     |  4 ++
 tools/testing/selftests/kvm/include/x86/sev.h |  2 -
 tools/testing/selftests/kvm/lib/x86/sev.c     | 16 --------
 .../selftests/kvm/x86/sev_smoke_test.c        | 40 +++++++++----------
 5 files changed, 38 insertions(+), 38 deletions(-)

diff --git a/tools/testing/selftests/kvm/include/kvm_util.h b/tools/testing=
/selftests/kvm/include/kvm_util.h
index d3f3e455c031..310ec2b8afb7 100644
--- a/tools/testing/selftests/kvm/include/kvm_util.h
+++ b/tools/testing/selftests/kvm/include/kvm_util.h
@@ -209,6 +209,20 @@ kvm_static_assert(sizeof(struct vm_shape) =3D=3D sizeo=
f(uint64_t));
 	shape;					\
 })
=20
+#define __VM_TYPE(__mode, __type)		\
+({						\
+	struct vm_shape shape =3D {		\
+		.mode =3D (__mode),		\
+		.type =3D (__type)		\
+	};					\
+						\
+	shape;					\
+})
+
+#define VM_TYPE(__type)				\
+	__VM_TYPE(VM_MODE_DEFAULT, __type)
+
+
 #if defined(__aarch64__)
=20
 extern enum vm_guest_mode vm_mode_default;
diff --git a/tools/testing/selftests/kvm/include/x86/processor.h b/tools/te=
sting/selftests/kvm/include/x86/processor.h
index 51cd84b9ca66..dd21e11e1908 100644
--- a/tools/testing/selftests/kvm/include/x86/processor.h
+++ b/tools/testing/selftests/kvm/include/x86/processor.h
@@ -362,6 +362,10 @@ static inline unsigned int x86_model(unsigned int eax)
 	return ((eax >> 12) & 0xf0) | ((eax >> 4) & 0x0f);
 }
=20
+#define VM_SHAPE_SEV		VM_TYPE(KVM_X86_SEV_VM)
+#define VM_SHAPE_SEV_ES		VM_TYPE(KVM_X86_SEV_ES_VM)
+#define VM_SHAPE_SNP		VM_TYPE(KVM_X86_SNP_VM)
+
 /* Page table bitfield declarations */
 #define PTE_PRESENT_MASK        BIT_ULL(0)
 #define PTE_WRITABLE_MASK       BIT_ULL(1)
diff --git a/tools/testing/selftests/kvm/include/x86/sev.h b/tools/testing/=
selftests/kvm/include/x86/sev.h
index 008b4169f5e2..3c3294599ba6 100644
--- a/tools/testing/selftests/kvm/include/x86/sev.h
+++ b/tools/testing/selftests/kvm/include/x86/sev.h
@@ -53,8 +53,6 @@ void snp_vm_launch_start(struct kvm_vm *vm, uint64_t poli=
cy);
 void snp_vm_launch_update(struct kvm_vm *vm);
 void snp_vm_launch_finish(struct kvm_vm *vm);
=20
-struct kvm_vm *vm_sev_create_with_one_vcpu(uint32_t type, void *guest_code,
-					   struct kvm_vcpu **cpu);
 void vm_sev_launch(struct kvm_vm *vm, uint64_t policy, uint8_t *measuremen=
t);
=20
 kvm_static_assert(SEV_RET_SUCCESS =3D=3D 0);
diff --git a/tools/testing/selftests/kvm/lib/x86/sev.c b/tools/testing/self=
tests/kvm/lib/x86/sev.c
index c3a9838f4806..1e3f6514c28d 100644
--- a/tools/testing/selftests/kvm/lib/x86/sev.c
+++ b/tools/testing/selftests/kvm/lib/x86/sev.c
@@ -158,22 +158,6 @@ void snp_vm_launch_finish(struct kvm_vm *vm)
 	vm_sev_ioctl(vm, KVM_SEV_SNP_LAUNCH_FINISH, &launch_finish);
 }
=20
-struct kvm_vm *vm_sev_create_with_one_vcpu(uint32_t type, void *guest_code,
-					   struct kvm_vcpu **cpu)
-{
-	struct vm_shape shape =3D {
-		.mode =3D VM_MODE_DEFAULT,
-		.type =3D type,
-	};
-	struct kvm_vm *vm;
-	struct kvm_vcpu *cpus[1];
-
-	vm =3D __vm_create_with_vcpus(shape, 1, 0, guest_code, cpus);
-	*cpu =3D cpus[0];
-
-	return vm;
-}
-
 void vm_sev_launch(struct kvm_vm *vm, uint64_t policy, uint8_t *measuremen=
t)
 {
 	if (is_sev_snp_vm(vm)) {
diff --git a/tools/testing/selftests/kvm/x86/sev_smoke_test.c b/tools/testi=
ng/selftests/kvm/x86/sev_smoke_test.c
index 77256c89bb8d..3903793c6750 100644
--- a/tools/testing/selftests/kvm/x86/sev_smoke_test.c
+++ b/tools/testing/selftests/kvm/x86/sev_smoke_test.c
@@ -74,7 +74,7 @@ static void compare_xsave(u8 *from_host, u8 *from_guest)
 		abort();
 }
=20
-static void test_sync_vmsa(uint32_t type, uint64_t policy)
+static void test_sync_vmsa(struct vm_shape shape, uint64_t policy)
 {
 	struct kvm_vcpu *vcpu;
 	struct kvm_vm *vm;
@@ -84,7 +84,7 @@ static void test_sync_vmsa(uint32_t type, uint64_t policy)
 	double x87val =3D M_PI;
 	struct kvm_xsave __attribute__((aligned(64))) xsave =3D { 0 };
=20
-	vm =3D vm_sev_create_with_one_vcpu(type, guest_code_xsave, &vcpu);
+	vm =3D vm_create_shape_with_one_vcpu(shape, &vcpu, guest_code_xsave);
 	gva =3D vm_vaddr_alloc_shared(vm, PAGE_SIZE, KVM_UTIL_MIN_VADDR,
 				    MEM_REGION_TEST_DATA);
 	hva =3D addr_gva2hva(vm, gva);
@@ -120,13 +120,13 @@ static void test_sync_vmsa(uint32_t type, uint64_t po=
licy)
 	kvm_vm_free(vm);
 }
=20
-static void test_sev(void *guest_code, uint32_t type, uint64_t policy)
+static void test_sev(void *guest_code, struct vm_shape shape, uint64_t pol=
icy)
 {
 	struct kvm_vcpu *vcpu;
 	struct kvm_vm *vm;
 	struct ucall uc;
=20
-	vm =3D vm_sev_create_with_one_vcpu(type, guest_code, &vcpu);
+	vm =3D vm_create_shape_with_one_vcpu(shape, &vcpu, guest_code);
=20
 	/* TODO: Validate the measurement is as expected. */
 	vm_sev_launch(vm, policy, NULL);
@@ -171,12 +171,12 @@ static void guest_shutdown_code(void)
 	__asm__ __volatile__("ud2");
 }
=20
-static void test_sev_shutdown(uint32_t type, uint64_t policy)
+static void test_sev_shutdown(struct vm_shape shape, uint64_t policy)
 {
 	struct kvm_vcpu *vcpu;
 	struct kvm_vm *vm;
=20
-	vm =3D vm_sev_create_with_one_vcpu(type, guest_shutdown_code, &vcpu);
+	vm =3D vm_create_shape_with_one_vcpu(shape, &vcpu, guest_shutdown_code);
=20
 	vm_sev_launch(vm, policy, NULL);
=20
@@ -188,28 +188,28 @@ static void test_sev_shutdown(uint32_t type, uint64_t=
 policy)
 	kvm_vm_free(vm);
 }
=20
-static void test_sev_smoke(void *guest, uint32_t type, uint64_t policy)
+static void test_sev_smoke(void *guest, struct vm_shape shape, uint64_t po=
licy)
 {
 	const u64 xf_mask =3D XFEATURE_MASK_X87_AVX;
=20
-	if (type =3D=3D KVM_X86_SNP_VM)
-		test_sev(guest, type, policy | SNP_POLICY_DBG);
+	if (shape.type =3D=3D KVM_X86_SNP_VM)
+		test_sev(guest, shape, policy | SNP_POLICY_DBG);
 	else
-		test_sev(guest, type, policy | SEV_POLICY_NO_DBG);
-	test_sev(guest, type, policy);
+		test_sev(guest, shape, policy | SEV_POLICY_NO_DBG);
+	test_sev(guest, shape, policy);
=20
-	if (type =3D=3D KVM_X86_SEV_VM)
+	if (shape.type =3D=3D KVM_X86_SEV_VM)
 		return;
=20
-	test_sev_shutdown(type, policy);
+	test_sev_shutdown(shape, policy);
=20
 	if (kvm_has_cap(KVM_CAP_XCRS) &&
 	    (xgetbv(0) & kvm_cpu_supported_xcr0() & xf_mask) =3D=3D xf_mask) {
-		test_sync_vmsa(type, policy);
-		if (type =3D=3D KVM_X86_SNP_VM)
-			test_sync_vmsa(type, policy | SNP_POLICY_DBG);
+		test_sync_vmsa(shape, policy);
+		if (shape.type =3D=3D KVM_X86_SNP_VM)
+			test_sync_vmsa(shape, policy | SNP_POLICY_DBG);
 		else
-			test_sync_vmsa(type, policy | SEV_POLICY_NO_DBG);
+			test_sync_vmsa(shape, policy | SEV_POLICY_NO_DBG);
 	}
 }
=20
@@ -217,13 +217,13 @@ int main(int argc, char *argv[])
 {
 	TEST_REQUIRE(kvm_cpu_has(X86_FEATURE_SEV));
=20
-	test_sev_smoke(guest_sev_code, KVM_X86_SEV_VM, 0);
+	test_sev_smoke(guest_sev_code, VM_SHAPE_SEV, 0);
=20
 	if (kvm_cpu_has(X86_FEATURE_SEV_ES))
-		test_sev_smoke(guest_sev_es_code, KVM_X86_SEV_ES_VM, SEV_POLICY_ES);
+		test_sev_smoke(guest_sev_es_code, VM_SHAPE_SEV_ES, SEV_POLICY_ES);
=20
 	if (kvm_cpu_has(X86_FEATURE_SEV_SNP))
-		test_sev_smoke(guest_snp_code, KVM_X86_SNP_VM, snp_default_policy());
+		test_sev_smoke(guest_snp_code, VM_SHAPE_SNP, snp_default_policy());
=20
 	return 0;
 }
--=20
2.51.1.851.g4ebd6896fd-goog
From nobody Wed Dec 17 10:41:48 2025
Received: from mail-ot1-f74.google.com (mail-ot1-f74.google.com
 [209.85.210.74])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id 3B214350D4C
	for <linux-kernel@vger.kernel.org>; Tue, 28 Oct 2025 21:20:58 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org;
 arc=none smtp.client-ip=209.85.210.74
ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;
	t=1761686459; cv=none;
 b=USJRjfnSmGN07RNy/t0BqiqnDRAwdHdy1GeHWOOfAHgePgB7IKyzoAP50P/oRX5rFyi2Z5AvQLZdmArc5nRo1lmFjGEQ8PKb0sqarxNCWThYxH73HC0CKazwQjG8V+0QSsVR3WkRsew7xFA7YruVTReG8Xma3o5aJmdajQl9Dm4=
ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org;
	s=arc-20240116; t=1761686459; c=relaxed/simple;
	bh=byR26H853vtY1lU2qQd3dx7y+cPojvAtdUsYskKNuJY=;
	h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From:
	 To:Cc:Content-Type;
 b=WLHef4JSzBKKiFko5YIWvWJ9V6m76uVgJGeUY76DrKGMp7eEwUUEejYyA2gEFpHnjNt+aT/R+izcBVt7E+e0gfS+OhWAd/95g/D+iJzoJtedLNpqmSd7AtbnSYG/a1MiPaGj+nzfJHlhEv3U3nfv/0jHcOCvqlTQJ+lOIRmSGwg=
ARC-Authentication-Results: i=1; smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com;
 spf=pass smtp.mailfrom=flex--sagis.bounces.google.com;
 dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b=P/xXcotN; arc=none smtp.client-ip=209.85.210.74
Authentication-Results: smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com
Authentication-Results: smtp.subspace.kernel.org;
 spf=pass smtp.mailfrom=flex--sagis.bounces.google.com
Authentication-Results: smtp.subspace.kernel.org;
	dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b="P/xXcotN"
Received: by mail-ot1-f74.google.com with SMTP id
 46e09a7af769-7c52d9638f8so2082582a34.0
        for <linux-kernel@vger.kernel.org>;
 Tue, 28 Oct 2025 14:20:57 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=google.com; s=20230601; t=1761686457; x=1762291257;
 darn=vger.kernel.org;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:from:to:cc:subject:date:message-id:reply-to;
        bh=MnNPBnpM5bYky9vxwBzGQagmW12705iL+thpB/tnb+E=;
        b=P/xXcotNawces0pDKnwZ+086OySgvphs2+KoiE0d9meYLbsOIqEr8hNiUcftkO28RW
         kHwJKqDqbYkryFpKmug/OnF24gvrX4en8m6wf3O9ESoPDYpxEzO32pqokx+f3yevJOFC
         Q4HtloX8W9ZABF3TS4VC8p8uQPsncu2xR4H17LY1urV/KPsX6Du11XSgMZBm/GEHfvdf
         Rd0XgdpHKI+R/5gwv9E8ogkPGIZACGfd1nRBtj8+tfErp1yqZy6Xiqod3oW/kN6bI1Qn
         7/MTMwYdn9pZ8O0nIBBDf9SbzU8iAjuyYCTDgCiseaMn5TtY5bAmEInEFgwFw/v0AhlG
         PrkQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1761686457; x=1762291257;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to;
        bh=MnNPBnpM5bYky9vxwBzGQagmW12705iL+thpB/tnb+E=;
        b=BRhUXLzeidfkgqb/BiUP75o/ygnYdYFfvCbLuy7JfbZLYEwL1TqMQMYtsfXDXKZuxJ
         O+zlduwuuRgSUY6V6XY0Ce6EeBZwWh2gDIWI5Q0ZRxssgZFayXEw30qYYQRIs9CgZ68/
         ybxr7M1f/4DXDOgegfp8/Guf+FGwX+4VLQ6/eSqY26quUbVv4W8SmfP2+Buftjx7Wh15
         HBGccZow7tu7CapSs1YX30TLi87AeihTVGwYUPatBh5IqDF26RPOgeAGIiKhFO0rqs1q
         3rnNT9XmKcSiP/JG6zmiBnu9CiHRyt6fBT4XXnSVneFA2lgbWBunvQYrdimsTaLdhxZq
         v5LQ==
X-Gm-Message-State: AOJu0YzQOvqjONMAHcNtevV7EvUrKXyr4ZB5HIZNUHRBUl9trBr1Kd5G
	AcBD838eZT/ufUjVjcaprHOyDst4DydJUauQJanC/bSMcKZYS8X1o9vlpLaJD00w1ZErFs9QKoU
	QxQ==
X-Google-Smtp-Source: 
 AGHT+IGR5mnppgMEZJUYIBgsKY04ukEokgXLIWL+libJL2Zf7k+H6SYVbXC6UYmt0y9gc43yPO9LBdNfLA==
X-Received: from otbay35.prod.google.com
 ([2002:a05:6830:46a3:b0:7c5:31c4:1a54])
 (user=sagis job=prod-delivery.src-stubby-dispatcher) by
 2002:a05:6830:4124:b0:7c5:4005:fff3
 with SMTP id 46e09a7af769-7c6830c4954mr406884a34.29.1761686457320; Tue, 28
 Oct 2025 14:20:57 -0700 (PDT)
Date: Tue, 28 Oct 2025 21:20:28 +0000
In-Reply-To: <20251028212052.200523-1-sagis@google.com>
Precedence: bulk
X-Mailing-List: linux-kernel@vger.kernel.org
List-Id: <linux-kernel.vger.kernel.org>
List-Subscribe: <mailto:linux-kernel+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:linux-kernel+unsubscribe@vger.kernel.org>
Mime-Version: 1.0
References: <20251028212052.200523-1-sagis@google.com>
X-Mailer: git-send-email 2.51.1.851.g4ebd6896fd-goog
Message-ID: <20251028212052.200523-3-sagis@google.com>
Subject: [PATCH v12 02/23] KVM: selftests: Allocate pgd in virt_map() as
 necessary
From: Sagi Shahar <sagis@google.com>
To: linux-kselftest@vger.kernel.org, Paolo Bonzini <pbonzini@redhat.com>,
	Shuah Khan <shuah@kernel.org>, Sean Christopherson <seanjc@google.com>,
	Ackerley Tng <ackerleytng@google.com>, Ryan Afranji <afranji@google.com>,
	Andrew Jones <ajones@ventanamicro.com>,
 Isaku Yamahata <isaku.yamahata@intel.com>,
	Erdem Aktas <erdemaktas@google.com>,
 Rick Edgecombe <rick.p.edgecombe@intel.com>,
	Sagi Shahar <sagis@google.com>, Roger Wang <runanwang@google.com>,
	Binbin Wu <binbin.wu@linux.intel.com>, Oliver Upton <oliver.upton@linux.dev>,
	"Pratik R. Sampat" <pratikrajesh.sampat@amd.com>,
 Reinette Chatre <reinette.chatre@intel.com>,
	Ira Weiny <ira.weiny@intel.com>, Chao Gao <chao.gao@intel.com>,
	Chenyi Qiang <chenyi.qiang@intel.com>
Cc: linux-kernel@vger.kernel.org, kvm@vger.kernel.org
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain; charset="utf-8"

If virt_map() is called before any call to ____vm_vaddr_alloc() it
will create the mapping using an invalid pgd.

Add call to virt_pgd_alloc() as part of virt_map() before creating the
mapping, similarly to ____vm_vaddr_alloc()

Reviewed-by: Ira Weiny <ira.weiny@intel.com>
Reviewed-by: Binbin Wu <binbin.wu@linux.intel.com>
Signed-off-by: Sagi Shahar <sagis@google.com>
---
 tools/testing/selftests/kvm/lib/kvm_util.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/tools/testing/selftests/kvm/lib/kvm_util.c b/tools/testing/sel=
ftests/kvm/lib/kvm_util.c
index 1a93d6361671..0e6a487ca7a4 100644
--- a/tools/testing/selftests/kvm/lib/kvm_util.c
+++ b/tools/testing/selftests/kvm/lib/kvm_util.c
@@ -1569,6 +1569,7 @@ void virt_map(struct kvm_vm *vm, uint64_t vaddr, uint=
64_t paddr,
 	TEST_ASSERT(vaddr + size > vaddr, "Vaddr overflow");
 	TEST_ASSERT(paddr + size > paddr, "Paddr overflow");
=20
+	virt_pgd_alloc(vm);
 	while (npages--) {
 		virt_pg_map(vm, vaddr, paddr);
 		sparsebit_set(vm->vpages_mapped, vaddr >> vm->page_shift);
--=20
2.51.1.851.g4ebd6896fd-goog
From nobody Wed Dec 17 10:41:48 2025
Received: from mail-io1-f73.google.com (mail-io1-f73.google.com
 [209.85.166.73])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id 1A291350D70
	for <linux-kernel@vger.kernel.org>; Tue, 28 Oct 2025 21:20:59 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org;
 arc=none smtp.client-ip=209.85.166.73
ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;
	t=1761686460; cv=none;
 b=tcqHbawXDbAwvVSB/0qHPReiXXuNiEmRdWlNH5gHNDkfH8vlrvibqlY0O9ImCpaH8Yz52RMKDXnbBjwB8sHAiwMeU5lj2waWDotnQhfqoaCE9TyAzxApJI+H6dV5SeZqEUc5+jXtpUV62Y/mxJdt4Bvr5FnFCsyBFsb0C49FHYg=
ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org;
	s=arc-20240116; t=1761686460; c=relaxed/simple;
	bh=RhhQQ3g/E7uLVDPLSe/xhEeCUVslBfZj2NcRXH2brrM=;
	h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From:
	 To:Cc:Content-Type;
 b=VGkk+SD+qG8XiMK6rE25G2yoPCppCpi33/ZBgttCLG4AwVsDsdxk39nZ5fty1RJ+luz74kgNio0TvkBV3fqD+o7ljNgYmFNtbDIKTIwhrNeQb9n2B13Cj71UXsliHr9O9g4iycxI+RaJp0+a7r8/Fcm1UiYBuNJJmVqg5U+s2pE=
ARC-Authentication-Results: i=1; smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com;
 spf=pass smtp.mailfrom=flex--sagis.bounces.google.com;
 dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b=0P1HKsT8; arc=none smtp.client-ip=209.85.166.73
Authentication-Results: smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com
Authentication-Results: smtp.subspace.kernel.org;
 spf=pass smtp.mailfrom=flex--sagis.bounces.google.com
Authentication-Results: smtp.subspace.kernel.org;
	dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b="0P1HKsT8"
Received: by mail-io1-f73.google.com with SMTP id
 ca18e2360f4ac-940d395fd10so1991907239f.1
        for <linux-kernel@vger.kernel.org>;
 Tue, 28 Oct 2025 14:20:59 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=google.com; s=20230601; t=1761686458; x=1762291258;
 darn=vger.kernel.org;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:from:to:cc:subject:date:message-id:reply-to;
        bh=4zg5nEpFqFtVUSzC2kyRShvvzMs6T5M/DcDPDAVSt1g=;
        b=0P1HKsT8bChvQvqkLOgOeSXbW+6NuyamBa5j998+Yy2A2XAZRQdIHdpwkVM9DAt0f7
         CR6LmTdV8IQZLUMz6BGdgd6+7OMiWdB4WghWsN09ZhSKyVuA7KuhpAv1ZWV/YHG6hdhB
         1VxpAtiorQp1W5jUNjQAw5esOh8Rnv9jv5mJelIOIwZhIDqsVvlVgcOikE6wDkvKoZWX
         g9OeAYNGFrkZMVm5G1u1mhSGmpF9+Ik5MLX0+pRqRZ8bLYOGQyaj7dbLj0hwy9BBKbfN
         KwGECjlGRMfvPfXpHaWewpK8UBP417J0MOIulHYU4ysNNCiPgNeuCtA5hynygVIWeeCY
         jd0Q==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1761686458; x=1762291258;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to;
        bh=4zg5nEpFqFtVUSzC2kyRShvvzMs6T5M/DcDPDAVSt1g=;
        b=n/1dJRvyQIjGpJMIXxv8GuSbGVotnAxQ3vnYLqRR+E09W/G+3+qcj6C9xrtv5lq3wG
         wM0CksSyesszIN9n4yk5DrDckgfhuGHu6rCJMbsCV5pjDhv8cfcQ6E/qX5DtjIHr9esI
         xdDHJoiC1OXOOw39pqisxZumhmOF1pwimjhDtlWPnRU70SSvtdBAi5lMzhlMReE8HgYi
         Ps/cfJpzFofZDgPV1SMWqeID8LdbxiMgV+Yf6Tye/o9FwqXr2X14z8ZY+s3oSoOQDD4L
         PCyBVvAI3YayfV1rNTFHF17sEtwej09gVZPulbGFlYKDt8+YiHzNqiTs2vISAUqOhzLm
         t04g==
X-Gm-Message-State: AOJu0YxOHRq2YFTHKmJ/v2DyBYn1QRr90bJ8rLOuXYF5sedzq0BP2lAF
	Q39eV0buYfVCUO8PhqT9nws+TEEEGuJ3gQAFLMrfN5gGzqKT+IrJVjiM5h2nPeuDKJGu4Q8x5Hj
	8dw==
X-Google-Smtp-Source: 
 AGHT+IFBk0GQR/OSePEAjjmNK0e0J9/LroiTOPVHlIFlxXtyBdjCNdYEJOGL9QWXFiI5OQPAcEV0fpwSPQ==
X-Received: from iobed10.prod.google.com
 ([2002:a05:6602:480a:b0:945:a426:aec0])
 (user=sagis job=prod-delivery.src-stubby-dispatcher) by
 2002:a05:6602:48f:b0:945:a8c4:7102
 with SMTP id ca18e2360f4ac-945c96d6e7cmr155506039f.5.1761686458321; Tue, 28
 Oct 2025 14:20:58 -0700 (PDT)
Date: Tue, 28 Oct 2025 21:20:29 +0000
In-Reply-To: <20251028212052.200523-1-sagis@google.com>
Precedence: bulk
X-Mailing-List: linux-kernel@vger.kernel.org
List-Id: <linux-kernel.vger.kernel.org>
List-Subscribe: <mailto:linux-kernel+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:linux-kernel+unsubscribe@vger.kernel.org>
Mime-Version: 1.0
References: <20251028212052.200523-1-sagis@google.com>
X-Mailer: git-send-email 2.51.1.851.g4ebd6896fd-goog
Message-ID: <20251028212052.200523-4-sagis@google.com>
Subject: [PATCH v12 03/23] KVM: selftests: Expose functions to get default
 sregs values
From: Sagi Shahar <sagis@google.com>
To: linux-kselftest@vger.kernel.org, Paolo Bonzini <pbonzini@redhat.com>,
	Shuah Khan <shuah@kernel.org>, Sean Christopherson <seanjc@google.com>,
	Ackerley Tng <ackerleytng@google.com>, Ryan Afranji <afranji@google.com>,
	Andrew Jones <ajones@ventanamicro.com>,
 Isaku Yamahata <isaku.yamahata@intel.com>,
	Erdem Aktas <erdemaktas@google.com>,
 Rick Edgecombe <rick.p.edgecombe@intel.com>,
	Sagi Shahar <sagis@google.com>, Roger Wang <runanwang@google.com>,
	Binbin Wu <binbin.wu@linux.intel.com>, Oliver Upton <oliver.upton@linux.dev>,
	"Pratik R. Sampat" <pratikrajesh.sampat@amd.com>,
 Reinette Chatre <reinette.chatre@intel.com>,
	Ira Weiny <ira.weiny@intel.com>, Chao Gao <chao.gao@intel.com>,
	Chenyi Qiang <chenyi.qiang@intel.com>
Cc: linux-kernel@vger.kernel.org, kvm@vger.kernel.org
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain; charset="utf-8"

TDX can't set sregs values directly using KVM_SET_SREGS. Expose the
default values of certain sregs used by TDX VMs so they can be set
manually.

Reviewed-by: Binbin Wu <binbin.wu@linux.intel.com>
Signed-off-by: Sagi Shahar <sagis@google.com>
Reviewed-by: Ira Weiny <ira.weiny@intel.com>
---
 .../selftests/kvm/include/x86/processor.h     | 33 +++++++++++++++++++
 .../testing/selftests/kvm/lib/x86/processor.c | 12 +++----
 2 files changed, 38 insertions(+), 7 deletions(-)

diff --git a/tools/testing/selftests/kvm/include/x86/processor.h b/tools/te=
sting/selftests/kvm/include/x86/processor.h
index dd21e11e1908..9caeb3de7df6 100644
--- a/tools/testing/selftests/kvm/include/x86/processor.h
+++ b/tools/testing/selftests/kvm/include/x86/processor.h
@@ -27,6 +27,10 @@ extern uint64_t guest_tsc_khz;
 #define MAX_NR_CPUID_ENTRIES 100
 #endif
=20
+#ifndef NUM_INTERRUPTS
+#define NUM_INTERRUPTS 256
+#endif
+
 #define NONCANONICAL 0xaaaaaaaaaaaaaaaaull
=20
 /* Forced emulation prefix, used to invoke the emulator unconditionally. */
@@ -1498,4 +1502,33 @@ void virt_map_level(struct kvm_vm *vm, uint64_t vadd=
r, uint64_t paddr,
=20
 bool sys_clocksource_is_based_on_tsc(void);
=20
+static inline uint16_t kvm_get_default_idt_limit(void)
+{
+	return NUM_INTERRUPTS * sizeof(struct idt_entry) - 1;
+}
+
+static inline uint16_t kvm_get_default_gdt_limit(void)
+{
+	return getpagesize() - 1;
+}
+
+static inline uint64_t kvm_get_default_cr0(void)
+{
+	return X86_CR0_PE | X86_CR0_NE | X86_CR0_PG;
+}
+
+static inline uint64_t kvm_get_default_cr4(void)
+{
+	uint64_t cr4 =3D X86_CR4_PAE | X86_CR4_OSFXSR;
+
+	if (kvm_cpu_has(X86_FEATURE_XSAVE))
+		cr4 |=3D X86_CR4_OSXSAVE;
+	return cr4;
+}
+
+static inline uint64_t kvm_get_default_efer(void)
+{
+	return EFER_LME | EFER_LMA | EFER_NX;
+}
+
 #endif /* SELFTEST_KVM_PROCESSOR_H */
diff --git a/tools/testing/selftests/kvm/lib/x86/processor.c b/tools/testin=
g/selftests/kvm/lib/x86/processor.c
index b418502c5ecc..2d1544e8af6c 100644
--- a/tools/testing/selftests/kvm/lib/x86/processor.c
+++ b/tools/testing/selftests/kvm/lib/x86/processor.c
@@ -532,15 +532,13 @@ static void vcpu_init_sregs(struct kvm_vm *vm, struct=
 kvm_vcpu *vcpu)
 	vcpu_sregs_get(vcpu, &sregs);
=20
 	sregs.idt.base =3D vm->arch.idt;
-	sregs.idt.limit =3D NUM_INTERRUPTS * sizeof(struct idt_entry) - 1;
+	sregs.idt.limit =3D kvm_get_default_idt_limit();
 	sregs.gdt.base =3D vm->arch.gdt;
-	sregs.gdt.limit =3D getpagesize() - 1;
+	sregs.gdt.limit =3D kvm_get_default_gdt_limit();
=20
-	sregs.cr0 =3D X86_CR0_PE | X86_CR0_NE | X86_CR0_PG;
-	sregs.cr4 |=3D X86_CR4_PAE | X86_CR4_OSFXSR;
-	if (kvm_cpu_has(X86_FEATURE_XSAVE))
-		sregs.cr4 |=3D X86_CR4_OSXSAVE;
-	sregs.efer |=3D (EFER_LME | EFER_LMA | EFER_NX);
+	sregs.cr0 =3D kvm_get_default_cr0();
+	sregs.cr4 |=3D kvm_get_default_cr4();
+	sregs.efer |=3D kvm_get_default_efer();
=20
 	kvm_seg_set_unusable(&sregs.ldt);
 	kvm_seg_set_kernel_code_64bit(&sregs.cs);
--=20
2.51.1.851.g4ebd6896fd-goog
From nobody Wed Dec 17 10:41:48 2025
Received: from mail-io1-f74.google.com (mail-io1-f74.google.com
 [209.85.166.74])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id 4218B351FD5
	for <linux-kernel@vger.kernel.org>; Tue, 28 Oct 2025 21:21:00 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org;
 arc=none smtp.client-ip=209.85.166.74
ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;
	t=1761686462; cv=none;
 b=H2esOSpoj+2uubxoqSJhZ8paS7SEtemtFI4xvoLv9MoBBSVSTzytMfzIuES68sDVT65AWdvr6HVtHhM+zN1qJPiA6L540wlurz/qUNm3OY1W1ioQcIz0Vcy8GycNMwNnJGOsKfzXOjf0XSTqJBkJI8JIPnS0AfDmkzzQhu49Pm0=
ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org;
	s=arc-20240116; t=1761686462; c=relaxed/simple;
	bh=VNH8CVMDxJFBcdGyaCU6T3UG3e69/KCqyLabtu2cxdc=;
	h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From:
	 To:Cc:Content-Type;
 b=XY4jsIHF1U1zNjxaCbKukmEAZDFEh0PDhsH+o8LfauwCwCPdnrFCGKNXm2vGxCnt58vpAluWMoyzv0AuarpcUslKnywgPolerSUsPBmG/8e+RAz8CpX9JfMG5EZ1cUNHPJZfmUAdNWHEuXwfB3lx8kR0VNUYMfSvCkSnrLIRrYM=
ARC-Authentication-Results: i=1; smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com;
 spf=pass smtp.mailfrom=flex--sagis.bounces.google.com;
 dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b=ZgAxBpzV; arc=none smtp.client-ip=209.85.166.74
Authentication-Results: smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com
Authentication-Results: smtp.subspace.kernel.org;
 spf=pass smtp.mailfrom=flex--sagis.bounces.google.com
Authentication-Results: smtp.subspace.kernel.org;
	dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b="ZgAxBpzV"
Received: by mail-io1-f74.google.com with SMTP id
 ca18e2360f4ac-945aae1d9f7so321431639f.3
        for <linux-kernel@vger.kernel.org>;
 Tue, 28 Oct 2025 14:21:00 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=google.com; s=20230601; t=1761686459; x=1762291259;
 darn=vger.kernel.org;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:from:to:cc:subject:date:message-id:reply-to;
        bh=MRyTmAGtbiYLKRxGX8ofD+iepUQ9YVHFIToGKiZ3XDM=;
        b=ZgAxBpzVX8AMJA9Fs6m532VsE/E7TSXyDmj7h9FkZUf4PIosuaY7ObF2ov5y0MGt2Y
         TCcz6VKB8nCxiDJfbzP1CA6bSApwDJpRsmlRU8+5SwXwiaeVrQjll9mIV9YbOYwO1IxK
         dMX4RwbGTVOan5IsNp/zf6MvLIUjOwxPx4O5kSwyPO99FeRmbKeEZkc0uO4SnO/k5NIf
         BhOtN88jxNk9/d1dOTb75V04w2nK6GxRbRV2yllSqM5L4HWPolHhytdx5NbXA0DH0tKQ
         CUGezb+/UIMSJykNmK81nTh7ou3V/fDnDhvS1GgKDUT9nA59APMOfRrjHT0sTczhGF+h
         z25Q==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1761686459; x=1762291259;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to;
        bh=MRyTmAGtbiYLKRxGX8ofD+iepUQ9YVHFIToGKiZ3XDM=;
        b=euXWFr/QepwEfjb4rGSfOXiUE/iWlADCll8r3fuqlLb5foOeS3HSEFZbI4ZYwNqbnl
         yrlQi85dkUNHJxC2RhtDSPnDOYE+FTLtkce4UjBJbk5tvwLXDf48edN60SYokKhhevzr
         oSVc9jHLFsUS3qw3TL/tLPXP27Y7Kqz22rsH8G5SpN+MQP0gIojYHBVk/oU7okn8+ZxC
         wR0HVfPI6cfxdkLgFJBPkEJSCJiYInxVhCM2dMcgUK0bNC3pH+K989NzKQIEgAJu0Srk
         Sr5j2iOPaMCNs9N1XQ6LlFiXykv6AetLshAa6Ow59SLCRKGYsaHcAsezY5Wx809Kxrs8
         wkzg==
X-Gm-Message-State: AOJu0YzHiQU7LePhALtzGMy9A7x+6lG1YprwM7Q3VvfyMZ4YJvXBuS1W
	3o5lnvGVlYdFu5tlP5OvHZjN92KMUgXsgyk5Hcx87ZxHpby/MS2zsPEfInW4Low0IAj45zsb9jx
	Lig==
X-Google-Smtp-Source: 
 AGHT+IEX2M8sMJYKjNjzv/RmBBD8GS/LYH1pfDM4GVeERde8ju9RTg31W/Ttu3uV9D7jJVP3Fiol92LL7A==
X-Received: from iobjh17.prod.google.com
 ([2002:a05:6602:7191:b0:945:a321:1fc4])
 (user=sagis job=prod-delivery.src-stubby-dispatcher) by
 2002:a05:6602:6d88:b0:887:56f5:26a2
 with SMTP id ca18e2360f4ac-945c981ed55mr148376039f.14.1761686459397; Tue, 28
 Oct 2025 14:20:59 -0700 (PDT)
Date: Tue, 28 Oct 2025 21:20:30 +0000
In-Reply-To: <20251028212052.200523-1-sagis@google.com>
Precedence: bulk
X-Mailing-List: linux-kernel@vger.kernel.org
List-Id: <linux-kernel.vger.kernel.org>
List-Subscribe: <mailto:linux-kernel+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:linux-kernel+unsubscribe@vger.kernel.org>
Mime-Version: 1.0
References: <20251028212052.200523-1-sagis@google.com>
X-Mailer: git-send-email 2.51.1.851.g4ebd6896fd-goog
Message-ID: <20251028212052.200523-5-sagis@google.com>
Subject: [PATCH v12 04/23] KVM: selftests: Expose function to allocate guest
 vCPU stack
From: Sagi Shahar <sagis@google.com>
To: linux-kselftest@vger.kernel.org, Paolo Bonzini <pbonzini@redhat.com>,
	Shuah Khan <shuah@kernel.org>, Sean Christopherson <seanjc@google.com>,
	Ackerley Tng <ackerleytng@google.com>, Ryan Afranji <afranji@google.com>,
	Andrew Jones <ajones@ventanamicro.com>,
 Isaku Yamahata <isaku.yamahata@intel.com>,
	Erdem Aktas <erdemaktas@google.com>,
 Rick Edgecombe <rick.p.edgecombe@intel.com>,
	Sagi Shahar <sagis@google.com>, Roger Wang <runanwang@google.com>,
	Binbin Wu <binbin.wu@linux.intel.com>, Oliver Upton <oliver.upton@linux.dev>,
	"Pratik R. Sampat" <pratikrajesh.sampat@amd.com>,
 Reinette Chatre <reinette.chatre@intel.com>,
	Ira Weiny <ira.weiny@intel.com>, Chao Gao <chao.gao@intel.com>,
	Chenyi Qiang <chenyi.qiang@intel.com>
Cc: linux-kernel@vger.kernel.org, kvm@vger.kernel.org
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain; charset="utf-8"

TDX guests' registers cannot be initialized directly using
vcpu_regs_set(), hence the stack pointer needs to be initialized by
the guest itself, running boot code beginning at the reset vector.

Expose the function to allocate the guest stack so that TDX
initialization code can allocate it itself and skip the allocation in
vm_arch_vcpu_add() in that case.

Reviewed-by: Binbin Wu <binbin.wu@linux.intel.com>
Signed-off-by: Sagi Shahar <sagis@google.com>
Reviewed-by: Ira Weiny <ira.weiny@intel.com>
---
 .../selftests/kvm/include/x86/processor.h        |  2 ++
 tools/testing/selftests/kvm/lib/x86/processor.c  | 16 +++++++++++-----
 2 files changed, 13 insertions(+), 5 deletions(-)

diff --git a/tools/testing/selftests/kvm/include/x86/processor.h b/tools/te=
sting/selftests/kvm/include/x86/processor.h
index 9caeb3de7df6..dba2b3d558d1 100644
--- a/tools/testing/selftests/kvm/include/x86/processor.h
+++ b/tools/testing/selftests/kvm/include/x86/processor.h
@@ -1120,6 +1120,8 @@ static inline void vcpu_clear_cpuid_feature(struct kv=
m_vcpu *vcpu,
 	vcpu_set_or_clear_cpuid_feature(vcpu, feature, false);
 }
=20
+vm_vaddr_t kvm_allocate_vcpu_stack(struct kvm_vm *vm);
+
 uint64_t vcpu_get_msr(struct kvm_vcpu *vcpu, uint64_t msr_index);
 int _vcpu_set_msr(struct kvm_vcpu *vcpu, uint64_t msr_index, uint64_t msr_=
value);
=20
diff --git a/tools/testing/selftests/kvm/lib/x86/processor.c b/tools/testin=
g/selftests/kvm/lib/x86/processor.c
index 2d1544e8af6c..2898fe4f6de4 100644
--- a/tools/testing/selftests/kvm/lib/x86/processor.c
+++ b/tools/testing/selftests/kvm/lib/x86/processor.c
@@ -693,12 +693,9 @@ void vcpu_arch_set_entry_point(struct kvm_vcpu *vcpu, =
void *guest_code)
 	vcpu_regs_set(vcpu, &regs);
 }
=20
-struct kvm_vcpu *vm_arch_vcpu_add(struct kvm_vm *vm, uint32_t vcpu_id)
+vm_vaddr_t kvm_allocate_vcpu_stack(struct kvm_vm *vm)
 {
-	struct kvm_mp_state mp_state;
-	struct kvm_regs regs;
 	vm_vaddr_t stack_vaddr;
-	struct kvm_vcpu *vcpu;
=20
 	stack_vaddr =3D __vm_vaddr_alloc(vm, DEFAULT_STACK_PGS * getpagesize(),
 				       DEFAULT_GUEST_STACK_VADDR_MIN,
@@ -719,6 +716,15 @@ struct kvm_vcpu *vm_arch_vcpu_add(struct kvm_vm *vm, u=
int32_t vcpu_id)
 		    "__vm_vaddr_alloc() did not provide a page-aligned address");
 	stack_vaddr -=3D 8;
=20
+	return stack_vaddr;
+}
+
+struct kvm_vcpu *vm_arch_vcpu_add(struct kvm_vm *vm, uint32_t vcpu_id)
+{
+	struct kvm_mp_state mp_state;
+	struct kvm_regs regs;
+	struct kvm_vcpu *vcpu;
+
 	vcpu =3D __vm_vcpu_add(vm, vcpu_id);
 	vcpu_init_cpuid(vcpu, kvm_get_supported_cpuid());
 	vcpu_init_sregs(vm, vcpu);
@@ -727,7 +733,7 @@ struct kvm_vcpu *vm_arch_vcpu_add(struct kvm_vm *vm, ui=
nt32_t vcpu_id)
 	/* Setup guest general purpose registers */
 	vcpu_regs_get(vcpu, &regs);
 	regs.rflags =3D regs.rflags | 0x2;
-	regs.rsp =3D stack_vaddr;
+	regs.rsp =3D kvm_allocate_vcpu_stack(vm);
 	vcpu_regs_set(vcpu, &regs);
=20
 	/* Setup the MP state */
--=20
2.51.1.851.g4ebd6896fd-goog
From nobody Wed Dec 17 10:41:48 2025
Received: from mail-io1-f74.google.com (mail-io1-f74.google.com
 [209.85.166.74])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id 62EB1354ADD
	for <linux-kernel@vger.kernel.org>; Tue, 28 Oct 2025 21:21:01 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org;
 arc=none smtp.client-ip=209.85.166.74
ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;
	t=1761686463; cv=none;
 b=Ukh/CUGuYLS2vt+abVd7UGEJ6N19LuNM/Uac+kCyAZSIpuOTpjpKoxPU+L7K7WRmWV6erPrdGBE8WnafXpXGldAApfO7iMuvL8duKy6QweUf6Q5mq2yCQ6B1a8h8dw1LfwmJkLYYvxAqrk6tg6Ivh+tULmWIdv6Zn2UJA3I6p74=
ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org;
	s=arc-20240116; t=1761686463; c=relaxed/simple;
	bh=EJICXa/yniV4LFyjrDgYiN24uZol6pdpsvo9d5t1gtc=;
	h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From:
	 To:Cc:Content-Type;
 b=o1/n8GNJTFNeJbFS61kwLrx0HMlEokJzpWwx6ygAhcrB/cmZ3dvmrF8bATLmWVwPAK07qJ5sLBs3QUP92yoGxyOqa9W1YRNlwSYHbvL0M4v+zc8KH+EFJiLhl3ziujWu89tZiSp0vcmqnylKHq7fOS6xr/t+TEFFD3nT71nrpss=
ARC-Authentication-Results: i=1; smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com;
 spf=pass smtp.mailfrom=flex--sagis.bounces.google.com;
 dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b=BT0Vg4bY; arc=none smtp.client-ip=209.85.166.74
Authentication-Results: smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com
Authentication-Results: smtp.subspace.kernel.org;
 spf=pass smtp.mailfrom=flex--sagis.bounces.google.com
Authentication-Results: smtp.subspace.kernel.org;
	dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b="BT0Vg4bY"
Received: by mail-io1-f74.google.com with SMTP id
 ca18e2360f4ac-93e4da7a183so609538239f.1
        for <linux-kernel@vger.kernel.org>;
 Tue, 28 Oct 2025 14:21:01 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=google.com; s=20230601; t=1761686460; x=1762291260;
 darn=vger.kernel.org;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:from:to:cc:subject:date:message-id:reply-to;
        bh=KJrNVIag5TCnvbKa/N0Y0euKb8NaHrULGif/OSObmig=;
        b=BT0Vg4bYZGBWSXHbuFwcZrV5ooC2CsTLeLzwo4/ZIVK2xd5bfLJGgGYuVaX3YFb4FW
         ULVOH3AgT0Gor0JOZm1BUhnEBxWofes7wVJ59DbEsN781F5hxiqFiWvTz01oDVwF7WTv
         B87lgLT0sLJ2WgMJtcslKrpZkVl5cQkcY8SfvmK4aihsaL9OoCYbyfSRjn/xmqsAE1JU
         gp7ysGgVuAyiueUQ9gWOLhP4x0eE4QWoBIEjAqh5BdoaMiMMPujUIJ7MTBtAT0aOAqub
         /ruuRMzbZTeUJ99EHqmpgGWEtDZRXArXkICAl+ekEo7Uo42oKHAp4ZCN/IVWFc9oxtGO
         LCaQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1761686460; x=1762291260;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to;
        bh=KJrNVIag5TCnvbKa/N0Y0euKb8NaHrULGif/OSObmig=;
        b=Lb0MVmpOqr0JzpIfJS+CdN+6I5eTC8puaBFy+k0piSW/gU80fYPq8FFDrwQFka8Eqe
         vL0eNsExn9cNcVk2fBMb76Ke8BgdcUu0HkBp9W8JRyHO6BSPdK6QfeY3eFT3UF4n/yaU
         iMKbqYB8qRLvYTm40zUbISF2tgF0UYIN1266VXblaGE0CP5QDVDlg639wYfQx3xnmC6v
         5unHX/4B6pFbAI5P/V/j44zCTEcE7ScomL+DkEfpyolrhnO5VEz1X96Iyqxmbqo1ILSX
         F2BGSUU463XKsJbwO7wdjRCeqDvNK7PHK4Ta5yW8AG7ZK1Rz/boVV88ZFsOfXwBRUgww
         yrpQ==
X-Gm-Message-State: AOJu0YyOjaMXOPlOcfrlHaBLgUJvV9TfoxETRz64KbH+7cgHT3VqPXR6
	hDpnXQ77RyDsANRIHowMNgvQHAonPpq4KyS7sN2TAFBA9VDEIf7+NIy06UJjXJhMHR92HG/0EK6
	JmQ==
X-Google-Smtp-Source: 
 AGHT+IEFDrPZWGFBr5+mejr0DLlrxzW412Y0+IuWkkXjbawypFaXM37gBgvb80RrvB50OENuGh7DZHijvw==
X-Received: from iobid12.prod.google.com
 ([2002:a05:6602:6a8c:b0:944:5708:3425])
 (user=sagis job=prod-delivery.src-stubby-dispatcher) by
 2002:a05:6602:3fcd:b0:945:a7ce:646c
 with SMTP id ca18e2360f4ac-945c97ea328mr148145439f.10.1761686460371; Tue, 28
 Oct 2025 14:21:00 -0700 (PDT)
Date: Tue, 28 Oct 2025 21:20:31 +0000
In-Reply-To: <20251028212052.200523-1-sagis@google.com>
Precedence: bulk
X-Mailing-List: linux-kernel@vger.kernel.org
List-Id: <linux-kernel.vger.kernel.org>
List-Subscribe: <mailto:linux-kernel+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:linux-kernel+unsubscribe@vger.kernel.org>
Mime-Version: 1.0
References: <20251028212052.200523-1-sagis@google.com>
X-Mailer: git-send-email 2.51.1.851.g4ebd6896fd-goog
Message-ID: <20251028212052.200523-6-sagis@google.com>
Subject: [PATCH v12 05/23] KVM: selftests: Update
 kvm_init_vm_address_properties()
 for TDX
From: Sagi Shahar <sagis@google.com>
To: linux-kselftest@vger.kernel.org, Paolo Bonzini <pbonzini@redhat.com>,
	Shuah Khan <shuah@kernel.org>, Sean Christopherson <seanjc@google.com>,
	Ackerley Tng <ackerleytng@google.com>, Ryan Afranji <afranji@google.com>,
	Andrew Jones <ajones@ventanamicro.com>,
 Isaku Yamahata <isaku.yamahata@intel.com>,
	Erdem Aktas <erdemaktas@google.com>,
 Rick Edgecombe <rick.p.edgecombe@intel.com>,
	Sagi Shahar <sagis@google.com>, Roger Wang <runanwang@google.com>,
	Binbin Wu <binbin.wu@linux.intel.com>, Oliver Upton <oliver.upton@linux.dev>,
	"Pratik R. Sampat" <pratikrajesh.sampat@amd.com>,
 Reinette Chatre <reinette.chatre@intel.com>,
	Ira Weiny <ira.weiny@intel.com>, Chao Gao <chao.gao@intel.com>,
	Chenyi Qiang <chenyi.qiang@intel.com>
Cc: linux-kernel@vger.kernel.org, kvm@vger.kernel.org,
	Adrian Hunter <adrian.hunter@intel.com>
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain; charset="utf-8"

From: Isaku Yamahata <isaku.yamahata@intel.com>

Let kvm_init_vm_address_properties() initialize vm->arch.{s_bit, tag_mask}
similar to SEV.

TDX sets the shared bit based on the guest physical address width and
currently supports 48 and 52 widths.

Reviewed-by: Binbin Wu <binbin.wu@linux.intel.com>
Co-developed-by: Adrian Hunter <adrian.hunter@intel.com>
Signed-off-by: Adrian Hunter <adrian.hunter@intel.com>
Signed-off-by: Isaku Yamahata <isaku.yamahata@intel.com>
Co-developed-by: Sagi Shahar <sagis@google.com>
Signed-off-by: Sagi Shahar <sagis@google.com>
Reviewed-by: Ira Weiny <ira.weiny@intel.com>
---
 .../selftests/kvm/include/x86/tdx/tdx_util.h       | 14 ++++++++++++++
 tools/testing/selftests/kvm/lib/x86/processor.c    | 12 ++++++++++--
 2 files changed, 24 insertions(+), 2 deletions(-)
 create mode 100644 tools/testing/selftests/kvm/include/x86/tdx/tdx_util.h

diff --git a/tools/testing/selftests/kvm/include/x86/tdx/tdx_util.h b/tools=
/testing/selftests/kvm/include/x86/tdx/tdx_util.h
new file mode 100644
index 000000000000..286d5e3c24b1
--- /dev/null
+++ b/tools/testing/selftests/kvm/include/x86/tdx/tdx_util.h
@@ -0,0 +1,14 @@
+/* SPDX-License-Identifier: GPL-2.0-only */
+#ifndef SELFTESTS_TDX_TDX_UTIL_H
+#define SELFTESTS_TDX_TDX_UTIL_H
+
+#include <stdbool.h>
+
+#include "kvm_util.h"
+
+static inline bool is_tdx_vm(struct kvm_vm *vm)
+{
+	return vm->type =3D=3D KVM_X86_TDX_VM;
+}
+
+#endif // SELFTESTS_TDX_TDX_UTIL_H
diff --git a/tools/testing/selftests/kvm/lib/x86/processor.c b/tools/testin=
g/selftests/kvm/lib/x86/processor.c
index 2898fe4f6de4..519d60a3827c 100644
--- a/tools/testing/selftests/kvm/lib/x86/processor.c
+++ b/tools/testing/selftests/kvm/lib/x86/processor.c
@@ -9,6 +9,7 @@
 #include "pmu.h"
 #include "processor.h"
 #include "sev.h"
+#include "tdx/tdx_util.h"
=20
 #ifndef NUM_INTERRUPTS
 #define NUM_INTERRUPTS 256
@@ -1195,12 +1196,19 @@ void kvm_get_cpu_address_width(unsigned int *pa_bit=
s, unsigned int *va_bits)
=20
 void kvm_init_vm_address_properties(struct kvm_vm *vm)
 {
+	uint32_t gpa_bits =3D kvm_cpu_property(X86_PROPERTY_GUEST_MAX_PHY_ADDR);
+
+	vm->arch.sev_fd =3D -1;
+
 	if (is_sev_vm(vm)) {
 		vm->arch.sev_fd =3D open_sev_dev_path_or_exit();
 		vm->arch.c_bit =3D BIT_ULL(this_cpu_property(X86_PROPERTY_SEV_C_BIT));
 		vm->gpa_tag_mask =3D vm->arch.c_bit;
-	} else {
-		vm->arch.sev_fd =3D -1;
+	} else if (is_tdx_vm(vm)) {
+		TEST_ASSERT(gpa_bits =3D=3D 48 || gpa_bits =3D=3D 52,
+			    "TDX: bad X86_PROPERTY_GUEST_MAX_PHY_ADDR value: %u", gpa_bits);
+		vm->arch.s_bit =3D BIT_ULL(gpa_bits - 1);
+		vm->gpa_tag_mask =3D vm->arch.s_bit;
 	}
 }
=20
--=20
2.51.1.851.g4ebd6896fd-goog
From nobody Wed Dec 17 10:41:48 2025
Received: from mail-io1-f74.google.com (mail-io1-f74.google.com
 [209.85.166.74])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id 59DCA355027
	for <linux-kernel@vger.kernel.org>; Tue, 28 Oct 2025 21:21:02 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org;
 arc=none smtp.client-ip=209.85.166.74
ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;
	t=1761686464; cv=none;
 b=ocZSwwTSNna25MotRBYehboC3OQzZDVwXIxj49Gl47OhW/iRxRqH99EXPqD6k/YqoH196Awd70xdrqi2Z1v4CRZT9hGhQ1Z4wwvGQ8xnCTnD57nswUzNi3pd7VCWoAmYW+/QuLq5WNIfKw1tWU2TTeFE5s7n7GHTGVdAa4PheR8=
ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org;
	s=arc-20240116; t=1761686464; c=relaxed/simple;
	bh=nEGfNmakvG/SJrWZlD9nSZUH+AMlCksOwOluH5NYAP4=;
	h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From:
	 To:Cc:Content-Type;
 b=n7MOTezUDybin9de/sc1/1Eay7wIaABxA4xF8CmukS0x4Z7BzDvV0uAYSUPTCC5M0Wu7WXiMGN3qs38Vwhpef7UhUMlD76bS8Py54F5ECTByX0n2IR/SqCQI+TYniibXTh5dOCMcBVz7vRsMO7ew+hiT8TVUuOINZCKv+oTTFTc=
ARC-Authentication-Results: i=1; smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com;
 spf=pass smtp.mailfrom=flex--sagis.bounces.google.com;
 dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b=iHk2Agy9; arc=none smtp.client-ip=209.85.166.74
Authentication-Results: smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com
Authentication-Results: smtp.subspace.kernel.org;
 spf=pass smtp.mailfrom=flex--sagis.bounces.google.com
Authentication-Results: smtp.subspace.kernel.org;
	dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b="iHk2Agy9"
Received: by mail-io1-f74.google.com with SMTP id
 ca18e2360f4ac-9447edc234fso1203446639f.2
        for <linux-kernel@vger.kernel.org>;
 Tue, 28 Oct 2025 14:21:02 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=google.com; s=20230601; t=1761686461; x=1762291261;
 darn=vger.kernel.org;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:from:to:cc:subject:date:message-id:reply-to;
        bh=uX5GVugwc+C6JrdMwZqI+sQGwgOrrPE6BL3d8gkbivU=;
        b=iHk2Agy9zj40Uf31mcDHKXO5AJ4tHfDnAXknJbX/Mj+iVtUxO23CRQgiN8HMXQMuiD
         LQMDI4ZpBgndun8af8CPJV/TeT37/OsLmss+FtwS5KlRS102s+ipZKy5Di8MWBys9QSh
         Kpxzme6Hy8W+mDpiFU5AhQg1dhhIgxuspGvB75d53eE2i4RDyFJK0LtSF/vvgdqOB3zA
         JG49KoIDvZrDSLxl487S0/5+aDB75l2HOaRcroSo6A3QpmsZ44AXCDss0csbSh+nwf+0
         cQIAuFfo9YGuwAgB/vHn245n2alGFIpX1Y3GyxS4q4wVqL4FJnYNkHcBR3U2jV4wHc7Q
         w3sg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1761686461; x=1762291261;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to;
        bh=uX5GVugwc+C6JrdMwZqI+sQGwgOrrPE6BL3d8gkbivU=;
        b=O6Kb+qv9zFsl7LWQu1CNECadNOcvOL2L+Nm1qlCVGsa6c06PQDt+fu+qtbkZN7cxO9
         ieN+PgZBLhTAPARt9apmgo3FborqgZ+U1j7RjP9OfODzGo7SBtbPc9dFVh1qhnxPkxSm
         AKUefSiL3U2xxJZdqxL7tCWHpFTrWc55rFVpl3WdFPjGI2gA1u/v1C7BTpL06Sobb04C
         JZejIMyDQK8EPOKlyZldgrcGCdfm7xVSp2sv2/6MxcdhLyjU7l59jO3eUIuIku4bELCj
         GtpVHW/c7yDh3uSc1cSJpWca2ZxH/JEGz68fZSDb0vpXrIP1ZH3lPCHSL4SJoGyf30d6
         LGzg==
X-Gm-Message-State: AOJu0Yzeg2KBKXC5OqJBM2RLNb4A9KkyL6WeArskVXM6AUSWi9Lavq6D
	jWW6Ar30SPifE+WyuuGs6azidaPqWpycN6CEa9vfY8EjC3nZ9N/EuM+yTFXUP3lCTAVsqO8+8Zw
	cpQ==
X-Google-Smtp-Source: 
 AGHT+IGAFvo/KKvEdFChEUwxqiCVhHew0LDSPHYl5/GxeXUOv2hI6CPOtlDXCHz1yE7r5C1l+LIYI7DprA==
X-Received: from iobjh17.prod.google.com
 ([2002:a05:6602:7191:b0:945:a321:1fc4])
 (user=sagis job=prod-delivery.src-stubby-dispatcher) by
 2002:a05:6602:718b:b0:93e:8bab:e17f
 with SMTP id ca18e2360f4ac-945c9865452mr118639039f.14.1761686461422; Tue, 28
 Oct 2025 14:21:01 -0700 (PDT)
Date: Tue, 28 Oct 2025 21:20:32 +0000
In-Reply-To: <20251028212052.200523-1-sagis@google.com>
Precedence: bulk
X-Mailing-List: linux-kernel@vger.kernel.org
List-Id: <linux-kernel.vger.kernel.org>
List-Subscribe: <mailto:linux-kernel+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:linux-kernel+unsubscribe@vger.kernel.org>
Mime-Version: 1.0
References: <20251028212052.200523-1-sagis@google.com>
X-Mailer: git-send-email 2.51.1.851.g4ebd6896fd-goog
Message-ID: <20251028212052.200523-7-sagis@google.com>
Subject: [PATCH v12 06/23] KVM: selftests: Expose segment definitons to
 assembly files
From: Sagi Shahar <sagis@google.com>
To: linux-kselftest@vger.kernel.org, Paolo Bonzini <pbonzini@redhat.com>,
	Shuah Khan <shuah@kernel.org>, Sean Christopherson <seanjc@google.com>,
	Ackerley Tng <ackerleytng@google.com>, Ryan Afranji <afranji@google.com>,
	Andrew Jones <ajones@ventanamicro.com>,
 Isaku Yamahata <isaku.yamahata@intel.com>,
	Erdem Aktas <erdemaktas@google.com>,
 Rick Edgecombe <rick.p.edgecombe@intel.com>,
	Sagi Shahar <sagis@google.com>, Roger Wang <runanwang@google.com>,
	Binbin Wu <binbin.wu@linux.intel.com>, Oliver Upton <oliver.upton@linux.dev>,
	"Pratik R. Sampat" <pratikrajesh.sampat@amd.com>,
 Reinette Chatre <reinette.chatre@intel.com>,
	Ira Weiny <ira.weiny@intel.com>, Chao Gao <chao.gao@intel.com>,
	Chenyi Qiang <chenyi.qiang@intel.com>
Cc: linux-kernel@vger.kernel.org, kvm@vger.kernel.org
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain; charset="utf-8"

Move kernel segment definitions to a separate file which can be included
from assembly files.

Reviewed-by: Ira Weiny <ira.weiny@intel.com>
Reviewed-by: Binbin Wu <binbin.wu@linux.intel.com>
Signed-off-by: Sagi Shahar <sagis@google.com>
---
 .../selftests/kvm/include/x86/processor_asm.h        | 12 ++++++++++++
 tools/testing/selftests/kvm/lib/x86/processor.c      |  5 +----
 2 files changed, 13 insertions(+), 4 deletions(-)
 create mode 100644 tools/testing/selftests/kvm/include/x86/processor_asm.h

diff --git a/tools/testing/selftests/kvm/include/x86/processor_asm.h b/tool=
s/testing/selftests/kvm/include/x86/processor_asm.h
new file mode 100644
index 000000000000..7e5386a85ca8
--- /dev/null
+++ b/tools/testing/selftests/kvm/include/x86/processor_asm.h
@@ -0,0 +1,12 @@
+/* SPDX-License-Identifier: GPL-2.0-only */
+/*
+ * Used for storing defines used by both processor.c and assembly code.
+ */
+#ifndef SELFTEST_KVM_PROCESSOR_ASM_H
+#define SELFTEST_KVM_PROCESSOR_ASM_H
+
+#define KERNEL_CS	0x8
+#define KERNEL_DS	0x10
+#define KERNEL_TSS	0x18
+
+#endif  // SELFTEST_KVM_PROCESSOR_ASM_H
diff --git a/tools/testing/selftests/kvm/lib/x86/processor.c b/tools/testin=
g/selftests/kvm/lib/x86/processor.c
index 519d60a3827c..5f75bd48623b 100644
--- a/tools/testing/selftests/kvm/lib/x86/processor.c
+++ b/tools/testing/selftests/kvm/lib/x86/processor.c
@@ -8,6 +8,7 @@
 #include "kvm_util.h"
 #include "pmu.h"
 #include "processor.h"
+#include "processor_asm.h"
 #include "sev.h"
 #include "tdx/tdx_util.h"
=20
@@ -15,10 +16,6 @@
 #define NUM_INTERRUPTS 256
 #endif
=20
-#define KERNEL_CS	0x8
-#define KERNEL_DS	0x10
-#define KERNEL_TSS	0x18
-
 vm_vaddr_t exception_handlers;
 bool host_cpu_is_amd;
 bool host_cpu_is_intel;
--=20
2.51.1.851.g4ebd6896fd-goog
From nobody Wed Dec 17 10:41:48 2025
Received: from mail-io1-f74.google.com (mail-io1-f74.google.com
 [209.85.166.74])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id 0C78F350A2F
	for <linux-kernel@vger.kernel.org>; Tue, 28 Oct 2025 21:21:02 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org;
 arc=none smtp.client-ip=209.85.166.74
ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;
	t=1761686464; cv=none;
 b=GxtYhY5X8/vmIZOoDx8kiUDmIo11Rh+o1U78VKXPpKsuurfeKxxjjHHHO3EGrWVMywDut8kduF7YyY35FZHfs2nPWwjC+lDPVBAmuSXhizehvWX44mzZPKF7J8q0T6794s8nIo2O8fWUUeSqR/iYPDr4ILXe9oknsjg/PbW9nCA=
ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org;
	s=arc-20240116; t=1761686464; c=relaxed/simple;
	bh=xgvBeAilvuR1wMxMA2IgvQnx8mA6bQkEXXA41ECFhcY=;
	h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From:
	 To:Cc:Content-Type;
 b=m1wkBXJZ3q/Ff4k3epgK4fWYr8XfJ50AM1q+9zIGBAj+Ookb+3BJ317IxoP5eIZOOwQpJdnWlQt2woSIwTPbGSP2ukXt+83OvOZqOOAi8QQWasNBNqQx5P0xlQIRr3R+muMQYHNWLQKiRWSLOS/v3eRYlbYpbsAATAIgA/CXJII=
ARC-Authentication-Results: i=1; smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com;
 spf=pass smtp.mailfrom=flex--sagis.bounces.google.com;
 dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b=pllzVKH6; arc=none smtp.client-ip=209.85.166.74
Authentication-Results: smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com
Authentication-Results: smtp.subspace.kernel.org;
 spf=pass smtp.mailfrom=flex--sagis.bounces.google.com
Authentication-Results: smtp.subspace.kernel.org;
	dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b="pllzVKH6"
Received: by mail-io1-f74.google.com with SMTP id
 ca18e2360f4ac-940f9efd090so2079310639f.3
        for <linux-kernel@vger.kernel.org>;
 Tue, 28 Oct 2025 14:21:02 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=google.com; s=20230601; t=1761686462; x=1762291262;
 darn=vger.kernel.org;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:from:to:cc:subject:date:message-id:reply-to;
        bh=Iwnkeaw5xTHA537xvr1qbvrkFbFprtxqChvd3RhJpBM=;
        b=pllzVKH6+E9xifzxMJoOSM30piruYsMfOEnGGHvTZ5eIodgIXAtD8Gy7D1vzTKFRZJ
         xURUwI0sLUxClhmVXPQCX8a5TvGgh68BPiq0yHc1E0S2JhLjXzCKX8ldwJ3DGxB595wO
         1T2rU5Odr8A2XTRCY+Z/M8B2n3CJp+Euo+KTgGwg0yTcjEgsEtKWFWgu/vI5nyW4o9wJ
         /wvgq/kKgDluSyUiBTvBdYwaOM6HkemRToDwR4BnSfpqwTAcHk43+iR72u9wE7GdgNwM
         XIBRaxOIqGbKwJ1yp/lkpBvW0aKNh9FwnfefvUO+5pfIQBD6xvZxeddC3++KmiQRqU+b
         kq9w==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1761686462; x=1762291262;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to;
        bh=Iwnkeaw5xTHA537xvr1qbvrkFbFprtxqChvd3RhJpBM=;
        b=xAVIWu+GGluVnGfBi0BaffYK/5CxXqv9zRg/pl0jNng30cG22FvqzM3Ees8ZNWzPUr
         Papz25t/LMsMw3PPnwjN+e4DHvXMC3iQtgVtmm4K5w0ktPdCJ9SES7gmkHWVU/vf9Npa
         fRBTToZtNk0w/JlaLQcQFWv25WYL3Tj4OtEtMVILwguEYqiH2wbhzJthDnwb3tW6VVL5
         TVfo/vPUqnoou8aWwv9we6GAZti0EeJXAQDZZ5OzPvXnJy6YfBUVd1mEWTHdUlrFAT99
         fENtHZIpBgFjTJ10xz8CCTWTmIAQR19lrmAsjhrSrQxLQ9dNaIGy8ldZj6+Ar7Wzp0d5
         tcng==
X-Gm-Message-State: AOJu0YyacBJN5Rym9WiUANPx2Pcdp/qrAdSTx+ekqxJTSV+Elv0FxtgD
	IlgiCEc7UJsHYaUewv2zL+2v1rO8RwnW3Po6cEUEbUMJ0bKCXYg3ja3SZArv9H828357ckJiTVj
	Z2w==
X-Google-Smtp-Source: 
 AGHT+IEN3PgPSnkwVy0W1+8Dw44bu1h3INTGMoIy4zBd51QD+vZlneDPokuppUvG2xB3FVMgGelzQJssJg==
X-Received: from iobel10.prod.google.com
 ([2002:a05:6602:3e8a:b0:936:faee:15c])
 (user=sagis job=prod-delivery.src-stubby-dispatcher) by
 2002:a05:6602:14ce:b0:93e:7883:89a6
 with SMTP id ca18e2360f4ac-945c98a8aa9mr141227139f.16.1761686462162; Tue, 28
 Oct 2025 14:21:02 -0700 (PDT)
Date: Tue, 28 Oct 2025 21:20:33 +0000
In-Reply-To: <20251028212052.200523-1-sagis@google.com>
Precedence: bulk
X-Mailing-List: linux-kernel@vger.kernel.org
List-Id: <linux-kernel.vger.kernel.org>
List-Subscribe: <mailto:linux-kernel+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:linux-kernel+unsubscribe@vger.kernel.org>
Mime-Version: 1.0
References: <20251028212052.200523-1-sagis@google.com>
X-Mailer: git-send-email 2.51.1.851.g4ebd6896fd-goog
Message-ID: <20251028212052.200523-8-sagis@google.com>
Subject: [PATCH v12 07/23] KVM: selftests: Add kbuild definitons
From: Sagi Shahar <sagis@google.com>
To: linux-kselftest@vger.kernel.org, Paolo Bonzini <pbonzini@redhat.com>,
	Shuah Khan <shuah@kernel.org>, Sean Christopherson <seanjc@google.com>,
	Ackerley Tng <ackerleytng@google.com>, Ryan Afranji <afranji@google.com>,
	Andrew Jones <ajones@ventanamicro.com>,
 Isaku Yamahata <isaku.yamahata@intel.com>,
	Erdem Aktas <erdemaktas@google.com>,
 Rick Edgecombe <rick.p.edgecombe@intel.com>,
	Sagi Shahar <sagis@google.com>, Roger Wang <runanwang@google.com>,
	Binbin Wu <binbin.wu@linux.intel.com>, Oliver Upton <oliver.upton@linux.dev>,
	"Pratik R. Sampat" <pratikrajesh.sampat@amd.com>,
 Reinette Chatre <reinette.chatre@intel.com>,
	Ira Weiny <ira.weiny@intel.com>, Chao Gao <chao.gao@intel.com>,
	Chenyi Qiang <chenyi.qiang@intel.com>
Cc: linux-kernel@vger.kernel.org, kvm@vger.kernel.org
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain; charset="utf-8"

Add kbuild.h that can be used by files under tools/

Definitions are taken from the original definitions at
include/linux/kbuild.h

This is needed to expose values from c code to assembly code.

Signed-off-by: Sagi Shahar <sagis@google.com>
Reviewed-by: Ira Weiny <ira.weiny@intel.com>
---
 tools/include/linux/kbuild.h | 18 ++++++++++++++++++
 1 file changed, 18 insertions(+)
 create mode 100644 tools/include/linux/kbuild.h

diff --git a/tools/include/linux/kbuild.h b/tools/include/linux/kbuild.h
new file mode 100644
index 000000000000..62e20ba9380e
--- /dev/null
+++ b/tools/include/linux/kbuild.h
@@ -0,0 +1,18 @@
+/* SPDX-License-Identifier: GPL-2.0 */
+#ifndef __TOOLS_LINUX_KBUILD_H
+#define __TOOLS_LINUX_KBUILD_H
+
+#include <stddef.h>
+
+#define DEFINE(sym, val) \
+	asm volatile("\n.ascii \"->" #sym " %0 " #val "\"" : : "i" (val))
+
+#define BLANK() asm volatile("\n.ascii \"->\"" : : )
+
+#define OFFSET(sym, str, mem) \
+	DEFINE(sym, offsetof(struct str, mem))
+
+#define COMMENT(x) \
+	asm volatile("\n.ascii \"->#" x "\"")
+
+#endif /* __TOOLS_LINUX_KBUILD_H */
--=20
2.51.1.851.g4ebd6896fd-goog
From nobody Wed Dec 17 10:41:48 2025
Received: from mail-ot1-f73.google.com (mail-ot1-f73.google.com
 [209.85.210.73])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id 158AF3557FE
	for <linux-kernel@vger.kernel.org>; Tue, 28 Oct 2025 21:21:03 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org;
 arc=none smtp.client-ip=209.85.210.73
ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;
	t=1761686466; cv=none;
 b=q6GcXZzsYcAPUvylUwNCZVL5auWGInZKomufeJ+TZhDi7aLPRyqKPoo9pNshNi3NDwf4MwVF7hf0vtFmTIOPhE9CqfSB3m184/7hG1F65O/CqhStCZw9YxALXWsZ11YddRwlPid9s1FUeb5k/dSBmq561VJmA1OlPll+NU853EE=
ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org;
	s=arc-20240116; t=1761686466; c=relaxed/simple;
	bh=1pFhFcxcWb6H73VV7nWvHIQIecGrbGn1xVkopoQFDws=;
	h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From:
	 To:Cc:Content-Type;
 b=sCoMog7F6jMx1Bei3Tm6RleXCf/Ns6YuYtqEnHrhE1XHEyJp0Y+01Kl8sOrDPLRjzvfHAaKxpxybsXUIBmswAtOpKMRjOBB0f9T2FpdnrKWHtjWHuQDUyhbogNEeQnlWduGo4QMOgOmd/13Gxb9tTZ0ZpX5COs/0AYJdtc+bxJI=
ARC-Authentication-Results: i=1; smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com;
 spf=pass smtp.mailfrom=flex--sagis.bounces.google.com;
 dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b=HN76BPW4; arc=none smtp.client-ip=209.85.210.73
Authentication-Results: smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com
Authentication-Results: smtp.subspace.kernel.org;
 spf=pass smtp.mailfrom=flex--sagis.bounces.google.com
Authentication-Results: smtp.subspace.kernel.org;
	dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b="HN76BPW4"
Received: by mail-ot1-f73.google.com with SMTP id
 46e09a7af769-7c53030704dso7766522a34.1
        for <linux-kernel@vger.kernel.org>;
 Tue, 28 Oct 2025 14:21:03 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=google.com; s=20230601; t=1761686463; x=1762291263;
 darn=vger.kernel.org;
        h=content-transfer-encoding:cc:to:from:subject:message-id:references
         :mime-version:in-reply-to:date:from:to:cc:subject:date:message-id
         :reply-to;
        bh=9afY0QTIDk71MMQfwJiwQWcpoO0hDRu8Jah9GndkX2I=;
        b=HN76BPW4MsyvwV29yjqtwtsky0Ht9BERVKpoAQJ42oabUxIw0JWZS38ayl/bTHphxb
         NF6e3v4se1vBpPVd/+Bsnz/dYKkfUO9XnpoouvWJlYmRS0uSG5eHZSgBiIG99yi1HwdH
         3bh1DZqFq5uMYmQ5ZuzLxYurxTzI5kKh1RwueOpjHvYDZkxYHJ2JIvapYYgWWcs5SRd/
         WLXLbhkU7AKWee10I5lFQIzzy18HY058N8zdGagstQ7nWHaWW9MAUW0LvTv1R75+49Ue
         kbDBaWzuSFiupfXLTitHB0GsHueygAuOcYek9zDEwz2kZ+rGnCfruhyQ07djaTk2S10F
         XdLA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1761686463; x=1762291263;
        h=content-transfer-encoding:cc:to:from:subject:message-id:references
         :mime-version:in-reply-to:date:x-gm-message-state:from:to:cc:subject
         :date:message-id:reply-to;
        bh=9afY0QTIDk71MMQfwJiwQWcpoO0hDRu8Jah9GndkX2I=;
        b=hsAgh7lrW+sK/+viTe+U2oHuEk+0ZEmSYU5FU4dJsMmeoOejCZVmLcLMpiaMTFMpli
         F2ATHc7OQ8uBVvlBrBDT6BYND5Yj8YVYutHZR33myee2med6WU7TSn/o7OU9lpoOfNKC
         W3rKPZzPxQ1oen7AYWLZXTbKZfhl3fpwzW5pAqKQoeUVJmtrw8Z4o4Em0pDJ1ojrkrxo
         jOlNagXXAteBs/VGaXowGbs6mEQ8rwQYBOrSKWDUl8xjYBYbUUS1uMUNyTjYC1eoI41E
         2reJVYcIXlXSHi+wZtsWn37k6/J3noebNddMKpqfMuRGyMyoAzAtie04yqtDKmuvVXFS
         qpuw==
X-Gm-Message-State: AOJu0Yx0Z2BgV6gY1hFsKuXN7gp6pMm7JlZsxd7Ko2E9gTAtHEd3tz4n
	qQxZCr7jZ6Aqu5E9vqejwa2hOg6K0TKwzeQfENSlf6SSEPFPAqUPels5X2e/e+OlUfSpKHWp2Ig
	cPw==
X-Google-Smtp-Source: 
 AGHT+IHl/b16hj3J2TqA3wFZ2Y7a2bBoYwoEq0S++TA6ohiqPUzOF/4wHSzUC2JZ+xQVjNTQKb+DTE0UQg==
X-Received: from oiky14.prod.google.com
 ([2002:a05:6808:c08e:b0:44d:bb41:de3f])
 (user=sagis job=prod-delivery.src-stubby-dispatcher) by
 2002:a05:6808:1829:b0:44f:6d6e:14af
 with SMTP id 5614622812f47-44f7a420012mr525641b6e.12.1761686463193; Tue, 28
 Oct 2025 14:21:03 -0700 (PDT)
Date: Tue, 28 Oct 2025 21:20:34 +0000
In-Reply-To: <20251028212052.200523-1-sagis@google.com>
Precedence: bulk
X-Mailing-List: linux-kernel@vger.kernel.org
List-Id: <linux-kernel.vger.kernel.org>
List-Subscribe: <mailto:linux-kernel+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:linux-kernel+unsubscribe@vger.kernel.org>
Mime-Version: 1.0
References: <20251028212052.200523-1-sagis@google.com>
X-Mailer: git-send-email 2.51.1.851.g4ebd6896fd-goog
Message-ID: <20251028212052.200523-9-sagis@google.com>
Subject: [PATCH v12 08/23] KVM: selftests: Define structs to pass parameters
 to TDX boot code
From: Sagi Shahar <sagis@google.com>
To: linux-kselftest@vger.kernel.org, Paolo Bonzini <pbonzini@redhat.com>,
	Shuah Khan <shuah@kernel.org>, Sean Christopherson <seanjc@google.com>,
	Ackerley Tng <ackerleytng@google.com>, Ryan Afranji <afranji@google.com>,
	Andrew Jones <ajones@ventanamicro.com>,
 Isaku Yamahata <isaku.yamahata@intel.com>,
	Erdem Aktas <erdemaktas@google.com>,
 Rick Edgecombe <rick.p.edgecombe@intel.com>,
	Sagi Shahar <sagis@google.com>, Roger Wang <runanwang@google.com>,
	Binbin Wu <binbin.wu@linux.intel.com>, Oliver Upton <oliver.upton@linux.dev>,
	"Pratik R. Sampat" <pratikrajesh.sampat@amd.com>,
 Reinette Chatre <reinette.chatre@intel.com>,
	Ira Weiny <ira.weiny@intel.com>, Chao Gao <chao.gao@intel.com>,
	Chenyi Qiang <chenyi.qiang@intel.com>
Cc: linux-kernel@vger.kernel.org, kvm@vger.kernel.org
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain; charset="utf-8"

TDX registers are inaccessible to KVM. Therefore we need a different
mechanism to load boot parameters for TDX code. TDX boot code will read
the registers values from memory and set the registers manually.

This patch defines the data structures used to communicate between c
code and the TDX assembly boot code which will be added in a later
patch.

Use kbuild.h to expose the offsets into the structs from c code to
assembly code.

Reviewed-by: Binbin Wu <binbin.wu@linux.intel.com>
Co-developed-by: Ackerley Tng <ackerleytng@google.com>
Signed-off-by: Ackerley Tng <ackerleytng@google.com>
Signed-off-by: Sagi Shahar <sagis@google.com>
---
 tools/testing/selftests/kvm/Makefile.kvm      | 18 +++++
 .../selftests/kvm/include/x86/tdx/td_boot.h   | 69 +++++++++++++++++++
 .../kvm/lib/x86/tdx/td_boot_offsets.c         | 21 ++++++
 3 files changed, 108 insertions(+)
 create mode 100644 tools/testing/selftests/kvm/include/x86/tdx/td_boot.h
 create mode 100644 tools/testing/selftests/kvm/lib/x86/tdx/td_boot_offsets=
.c

diff --git a/tools/testing/selftests/kvm/Makefile.kvm b/tools/testing/selft=
ests/kvm/Makefile.kvm
index 148d427ff24b..5e809064ff1c 100644
--- a/tools/testing/selftests/kvm/Makefile.kvm
+++ b/tools/testing/selftests/kvm/Makefile.kvm
@@ -19,6 +19,8 @@ LIBKVM +=3D lib/userfaultfd_util.c
=20
 LIBKVM_STRING +=3D lib/string_override.c
=20
+LIBKVM_ASM_DEFS +=3D lib/x86/tdx/td_boot_offsets.c
+
 LIBKVM_x86 +=3D lib/x86/apic.c
 LIBKVM_x86 +=3D lib/x86/handlers.S
 LIBKVM_x86 +=3D lib/x86/hyperv.c
@@ -239,6 +241,10 @@ OVERRIDE_TARGETS =3D 1
 include ../lib.mk
 include ../cgroup/lib/libcgroup.mk
=20
+# Enable Kbuild tools.
+include $(top_srcdir)/scripts/Kbuild.include
+include $(top_srcdir)/scripts/Makefile.lib
+
 INSTALL_HDR_PATH =3D $(top_srcdir)/usr
 LINUX_HDR_PATH =3D $(INSTALL_HDR_PATH)/include/
 LINUX_TOOL_INCLUDE =3D $(top_srcdir)/tools/include
@@ -291,6 +297,7 @@ LIBKVM_S :=3D $(filter %.S,$(LIBKVM))
 LIBKVM_C_OBJ :=3D $(patsubst %.c, $(OUTPUT)/%.o, $(LIBKVM_C))
 LIBKVM_S_OBJ :=3D $(patsubst %.S, $(OUTPUT)/%.o, $(LIBKVM_S))
 LIBKVM_STRING_OBJ :=3D $(patsubst %.c, $(OUTPUT)/%.o, $(LIBKVM_STRING))
+LIBKVM_ASM_DEFS_OBJ +=3D $(patsubst %.c, $(OUTPUT)/%.s, $(LIBKVM_ASM_DEFS))
 LIBKVM_OBJS =3D $(LIBKVM_C_OBJ) $(LIBKVM_S_OBJ) $(LIBKVM_STRING_OBJ) $(LIB=
CGROUP_O)
 SPLIT_TEST_GEN_PROGS :=3D $(patsubst %, $(OUTPUT)/%, $(SPLIT_TESTS))
 SPLIT_TEST_GEN_OBJ :=3D $(patsubst %, $(OUTPUT)/$(ARCH)/%.o, $(SPLIT_TESTS=
))
@@ -317,6 +324,7 @@ $(SPLIT_TEST_GEN_OBJ): $(OUTPUT)/$(ARCH)/%.o: $(ARCH)/%=
.c
=20
 EXTRA_CLEAN +=3D $(GEN_HDRS) \
 	       $(LIBKVM_OBJS) \
+	       $(LIBKVM_ASM_DEFS_OBJ) \
 	       $(SPLIT_TEST_GEN_OBJ) \
 	       $(TEST_DEP_FILES) \
 	       $(TEST_GEN_OBJ) \
@@ -328,18 +336,28 @@ $(LIBKVM_C_OBJ): $(OUTPUT)/%.o: %.c $(GEN_HDRS)
 $(LIBKVM_S_OBJ): $(OUTPUT)/%.o: %.S $(GEN_HDRS)
 	$(CC) $(CFLAGS) $(CPPFLAGS) $(TARGET_ARCH) -c $< -o $@
=20
+$(LIBKVM_ASM_DEFS_OBJ): $(OUTPUT)/%.s: %.c FORCE
+	$(CC) $(CFLAGS) $(CPPFLAGS) $(TARGET_ARCH) -S $< -o $@
+
 # Compile the string overrides as freestanding to prevent the compiler from
 # generating self-referential code, e.g. without "freestanding" the compil=
er may
 # "optimize" memcmp() by invoking memcmp(), thus causing infinite recursio=
n.
 $(LIBKVM_STRING_OBJ): $(OUTPUT)/%.o: %.c
 	$(CC) $(CFLAGS) $(CPPFLAGS) $(TARGET_ARCH) -c -ffreestanding $< -o $@
=20
+$(OUTPUT)/include/x86/tdx/td_boot_offsets.h: $(OUTPUT)/lib/x86/tdx/td_boot=
_offsets.s FORCE
+	$(call filechk,offsets,__TDX_BOOT_OFFSETS_H__)
+
+EXTRA_CLEAN +=3D $(OUTPUT)/include/x86/tdx/td_boot_offsets.h
+
 $(shell mkdir -p $(sort $(dir $(TEST_GEN_PROGS))))
 $(SPLIT_TEST_GEN_OBJ): $(GEN_HDRS)
 $(TEST_GEN_PROGS): $(LIBKVM_OBJS)
 $(TEST_GEN_PROGS_EXTENDED): $(LIBKVM_OBJS)
 $(TEST_GEN_OBJ): $(GEN_HDRS)
=20
+FORCE:
+
 cscope: include_paths =3D $(LINUX_TOOL_INCLUDE) $(LINUX_HDR_PATH) include =
lib ..
 cscope:
 	$(RM) cscope.*
diff --git a/tools/testing/selftests/kvm/include/x86/tdx/td_boot.h b/tools/=
testing/selftests/kvm/include/x86/tdx/td_boot.h
new file mode 100644
index 000000000000..32631645fe13
--- /dev/null
+++ b/tools/testing/selftests/kvm/include/x86/tdx/td_boot.h
@@ -0,0 +1,69 @@
+/* SPDX-License-Identifier: GPL-2.0-only */
+#ifndef SELFTEST_TDX_TD_BOOT_H
+#define SELFTEST_TDX_TD_BOOT_H
+
+#include <stdint.h>
+
+#include <linux/compiler.h>
+#include <linux/sizes.h>
+
+/*
+ * Layout for boot section (not to scale)
+ *
+ *                                   GPA
+ * _________________________________ 0x1_0000_0000 (4GB)
+ * |   Boot code trampoline    |
+ * |___________________________|____ 0x0_ffff_fff0: Reset vector (16B belo=
w 4GB)
+ * |   Boot code               |
+ * |___________________________|____ td_boot will be copied here, so that =
the
+ * |                           |     jmp to td_boot is exactly at the rese=
t vector
+ * |   Empty space             |
+ * |                           |
+ * |=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=
=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=
=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=
=94=80=E2=94=80=E2=94=80|
+ * |                           |
+ * |                           |
+ * |   Boot parameters         |
+ * |                           |
+ * |                           |
+ * |___________________________|____ 0x0_ffff_0000: TD_BOOT_PARAMETERS_GPA
+ */
+#define FOUR_GIGABYTES_GPA (SZ_4G)
+
+/*
+ * The exact memory layout for LGDT or LIDT instructions.
+ */
+struct __packed td_boot_parameters_dtr {
+	uint16_t limit;
+	uint32_t base;
+};
+
+/*
+ * Allows each vCPU to be initialized with different rip and esp.
+ */
+struct td_per_vcpu_parameters {
+	uint32_t esp_gva;
+	uint64_t guest_code;
+};
+
+/*
+ * Boot parameters for the TD.
+ *
+ * Unlike a regular VM, KVM cannot set registers such as esp, eip, etc
+ * before boot, so to run selftests, these registers' values have to be
+ * initialized by the TD.
+ *
+ * This struct is loaded in TD private memory at TD_BOOT_PARAMETERS_GPA.
+ *
+ * The TD boot code will read off parameters from this struct and set up t=
he
+ * vCPU for executing selftests.
+ */
+struct td_boot_parameters {
+	uint32_t cr0;
+	uint32_t cr3;
+	uint32_t cr4;
+	struct td_boot_parameters_dtr gdtr;
+	struct td_boot_parameters_dtr idtr;
+	struct td_per_vcpu_parameters per_vcpu[];
+};
+
+#endif /* SELFTEST_TDX_TD_BOOT_H */
diff --git a/tools/testing/selftests/kvm/lib/x86/tdx/td_boot_offsets.c b/to=
ols/testing/selftests/kvm/lib/x86/tdx/td_boot_offsets.c
new file mode 100644
index 000000000000..7f76a3585b99
--- /dev/null
+++ b/tools/testing/selftests/kvm/lib/x86/tdx/td_boot_offsets.c
@@ -0,0 +1,21 @@
+// SPDX-License-Identifier: GPL-2.0
+#define COMPILE_OFFSETS
+
+#include <linux/kbuild.h>
+
+#include "tdx/td_boot.h"
+
+static void __attribute__((used)) common(void)
+{
+	OFFSET(TD_BOOT_PARAMETERS_CR0, td_boot_parameters, cr0);
+	OFFSET(TD_BOOT_PARAMETERS_CR3, td_boot_parameters, cr3);
+	OFFSET(TD_BOOT_PARAMETERS_CR4, td_boot_parameters, cr4);
+	OFFSET(TD_BOOT_PARAMETERS_GDT, td_boot_parameters, gdtr);
+	OFFSET(TD_BOOT_PARAMETERS_IDT, td_boot_parameters, idtr);
+	OFFSET(TD_BOOT_PARAMETERS_PER_VCPU, td_boot_parameters, per_vcpu);
+	OFFSET(TD_PER_VCPU_PARAMETERS_ESP_GVA, td_per_vcpu_parameters, esp_gva);
+	OFFSET(TD_PER_VCPU_PARAMETERS_GUEST_CODE, td_per_vcpu_parameters,
+	       guest_code);
+	DEFINE(SIZEOF_TD_PER_VCPU_PARAMETERS,
+	       sizeof(struct td_per_vcpu_parameters));
+}
--=20
2.51.1.851.g4ebd6896fd-goog
From nobody Wed Dec 17 10:41:48 2025
Received: from mail-io1-f74.google.com (mail-io1-f74.google.com
 [209.85.166.74])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id 1511B3563E9
	for <linux-kernel@vger.kernel.org>; Tue, 28 Oct 2025 21:21:04 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org;
 arc=none smtp.client-ip=209.85.166.74
ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;
	t=1761686468; cv=none;
 b=eV2sEhSeW8ZqUXXI1Du/njIe0nkYPDbtt52a9jo+De0NWAKqSKCSQh2DaPcz5/sWdVvn5yhNjDB/IrmJmBi6+dfk/t16oSO244jtQkAvf30BtBpYi/gBdNL4ZnZrEU/5DZbrdAIc6chMsK5XCohwnDsbqAXHnFdB8+dmipM65pA=
ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org;
	s=arc-20240116; t=1761686468; c=relaxed/simple;
	bh=voe8DXuHKE9cE7MWV2sCFTdDE9fpRk6WUVa5YwQQKXk=;
	h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From:
	 To:Cc:Content-Type;
 b=NIdKgqf8tKOWG46xmf7RVmuNBFszcIhIYTdnzWcCWCVH2kaZD6AuYA9SVghCo0QNM7+xdgEu6U/R4fZ9IhZKHmuc9sJRQtxLURJHr6AmmJ9w70Be0fkKyby1Hsx939DnPhtwurYLl7o9h+z2ijE8KwT8s5Oy23Sr+SCDh0OKdmw=
ARC-Authentication-Results: i=1; smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com;
 spf=pass smtp.mailfrom=flex--sagis.bounces.google.com;
 dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b=suTK4rMd; arc=none smtp.client-ip=209.85.166.74
Authentication-Results: smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com
Authentication-Results: smtp.subspace.kernel.org;
 spf=pass smtp.mailfrom=flex--sagis.bounces.google.com
Authentication-Results: smtp.subspace.kernel.org;
	dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b="suTK4rMd"
Received: by mail-io1-f74.google.com with SMTP id
 ca18e2360f4ac-93e8839f138so661402839f.2
        for <linux-kernel@vger.kernel.org>;
 Tue, 28 Oct 2025 14:21:04 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=google.com; s=20230601; t=1761686464; x=1762291264;
 darn=vger.kernel.org;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:from:to:cc:subject:date:message-id:reply-to;
        bh=kIU4cueO192T/pB64Yc16iN1G4DGUXeOkWT12niAWVM=;
        b=suTK4rMd0CuZEAafne5YQ3RaFUa3qIr11euwutSLTeV6a0aJZUVfuvUtEZYiMhRzpd
         kDop/tBKYTDK9hYS386CfXb4n9wt3Nfme5+JTuxN8hz9cwTuAWPz4PAipWsdfOlXTRAK
         kjzkb8Z0GA8GKpiO8IKqNqT5ZhZ1ejSvo2HnUjUwOHAYEkFF9UN74QYfpBNTFoE1T5+v
         5CDtysz5f1EFEETchdM4V1R8WE2nsHs4ET3iE2AM3rxe81/CxBnWgLUx4pIka12XyCjV
         bMXvsd3rbjJiEpP3M1Gu7hf/nUCQ0QSZIvb75ZfVmESuaxpc8CMoHxw/f/Mj0O5MYS7T
         Expw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1761686464; x=1762291264;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to;
        bh=kIU4cueO192T/pB64Yc16iN1G4DGUXeOkWT12niAWVM=;
        b=GYpLBDswTDt29niBeAV7jM33MDawO9BB3pOjkwvxxlEG5tm/30Za1xZ8sRx52El9bk
         27h22ONgyoW1t47CSDzg/SchA54CxCfhygllxCcLDCfnwwlOtZ9wIbY9tPBUhr/vQrJh
         spA1GQpUn/7hbuHKHHHzGsNWqwU1bL3vSbcDZvoGBkxLpabhXyhXOG0H1PFU1Uos4v6f
         qvQmpavGN/CqPbsHVZ432McE+64TPxjm3HUj/q3II6i9Dv2LszSCXshBqhDdSZU/0rkI
         LLaELGVntcNKd04N/RlOI1v2wC/s/QFc4JIzFHzZbjszBfQbe9DytSRzf4L7kYoiXhnZ
         ORPA==
X-Gm-Message-State: AOJu0YwBpxC5Dz4C6TTbpPlC1djHnY1Exw0u32ZoL7P9m56nJreP59tt
	IGg8UF5zLSiSgUo3v+o15hJjowvAoDvCcAJ1QbXldTwvuK8VlItiKrQqA7GwNgC917dpg9IkKi6
	c5Q==
X-Google-Smtp-Source: 
 AGHT+IEJybJXoSWfIBh9ze8mWyE1ogXIiAlaHqhgCpX9fGOHL/bHgNXJ06h84BI23sTfLe26Wq4/Osd1jg==
X-Received: from iobjj10.prod.google.com
 ([2002:a05:6602:6cca:b0:93e:7268:9432])
 (user=sagis job=prod-delivery.src-stubby-dispatcher) by
 2002:a05:6602:15c3:b0:945:cbd9:55cc
 with SMTP id ca18e2360f4ac-945cbd956e3mr61054939f.15.1761686463904; Tue, 28
 Oct 2025 14:21:03 -0700 (PDT)
Date: Tue, 28 Oct 2025 21:20:35 +0000
In-Reply-To: <20251028212052.200523-1-sagis@google.com>
Precedence: bulk
X-Mailing-List: linux-kernel@vger.kernel.org
List-Id: <linux-kernel.vger.kernel.org>
List-Subscribe: <mailto:linux-kernel+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:linux-kernel+unsubscribe@vger.kernel.org>
Mime-Version: 1.0
References: <20251028212052.200523-1-sagis@google.com>
X-Mailer: git-send-email 2.51.1.851.g4ebd6896fd-goog
Message-ID: <20251028212052.200523-10-sagis@google.com>
Subject: [PATCH v12 09/23] KVM: selftests: Add TDX boot code
From: Sagi Shahar <sagis@google.com>
To: linux-kselftest@vger.kernel.org, Paolo Bonzini <pbonzini@redhat.com>,
	Shuah Khan <shuah@kernel.org>, Sean Christopherson <seanjc@google.com>,
	Ackerley Tng <ackerleytng@google.com>, Ryan Afranji <afranji@google.com>,
	Andrew Jones <ajones@ventanamicro.com>,
 Isaku Yamahata <isaku.yamahata@intel.com>,
	Erdem Aktas <erdemaktas@google.com>,
 Rick Edgecombe <rick.p.edgecombe@intel.com>,
	Sagi Shahar <sagis@google.com>, Roger Wang <runanwang@google.com>,
	Binbin Wu <binbin.wu@linux.intel.com>, Oliver Upton <oliver.upton@linux.dev>,
	"Pratik R. Sampat" <pratikrajesh.sampat@amd.com>,
 Reinette Chatre <reinette.chatre@intel.com>,
	Ira Weiny <ira.weiny@intel.com>, Chao Gao <chao.gao@intel.com>,
	Chenyi Qiang <chenyi.qiang@intel.com>
Cc: linux-kernel@vger.kernel.org, kvm@vger.kernel.org
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain; charset="utf-8"

From: Erdem Aktas <erdemaktas@google.com>

Add code to boot a TDX test VM. Since TDX registers are inaccessible to
KVM, the boot code loads the relevant values from memory into the
registers before jumping to the guest code.

Reviewed-by: Binbin Wu <binbin.wu@linux.intel.com>
Signed-off-by: Erdem Aktas <erdemaktas@google.com>
Co-developed-by: Ackerley Tng <ackerleytng@google.com>
Signed-off-by: Ackerley Tng <ackerleytng@google.com>
Co-developed-by: Sagi Shahar <sagis@google.com>
Signed-off-by: Sagi Shahar <sagis@google.com>
---
 tools/testing/selftests/kvm/Makefile.kvm      |  3 +
 .../selftests/kvm/include/x86/tdx/td_boot.h   |  5 ++
 .../kvm/include/x86/tdx/td_boot_asm.h         | 16 +++++
 .../selftests/kvm/lib/x86/tdx/td_boot.S       | 60 +++++++++++++++++++
 4 files changed, 84 insertions(+)
 create mode 100644 tools/testing/selftests/kvm/include/x86/tdx/td_boot_asm=
.h
 create mode 100644 tools/testing/selftests/kvm/lib/x86/tdx/td_boot.S

diff --git a/tools/testing/selftests/kvm/Makefile.kvm b/tools/testing/selft=
ests/kvm/Makefile.kvm
index 5e809064ff1c..5c94e3afcd3a 100644
--- a/tools/testing/selftests/kvm/Makefile.kvm
+++ b/tools/testing/selftests/kvm/Makefile.kvm
@@ -31,6 +31,7 @@ LIBKVM_x86 +=3D lib/x86/sev.c
 LIBKVM_x86 +=3D lib/x86/svm.c
 LIBKVM_x86 +=3D lib/x86/ucall.c
 LIBKVM_x86 +=3D lib/x86/vmx.c
+LIBKVM_x86 +=3D lib/x86/tdx/td_boot.S
=20
 LIBKVM_arm64 +=3D lib/arm64/gic.c
 LIBKVM_arm64 +=3D lib/arm64/gic_v3.c
@@ -345,6 +346,8 @@ $(LIBKVM_ASM_DEFS_OBJ): $(OUTPUT)/%.s: %.c FORCE
 $(LIBKVM_STRING_OBJ): $(OUTPUT)/%.o: %.c
 	$(CC) $(CFLAGS) $(CPPFLAGS) $(TARGET_ARCH) -c -ffreestanding $< -o $@
=20
+$(OUTPUT)/lib/x86/tdx/td_boot.o: $(OUTPUT)/include/x86/tdx/td_boot_offsets=
.h
+
 $(OUTPUT)/include/x86/tdx/td_boot_offsets.h: $(OUTPUT)/lib/x86/tdx/td_boot=
_offsets.s FORCE
 	$(call filechk,offsets,__TDX_BOOT_OFFSETS_H__)
=20
diff --git a/tools/testing/selftests/kvm/include/x86/tdx/td_boot.h b/tools/=
testing/selftests/kvm/include/x86/tdx/td_boot.h
index 32631645fe13..a590516dd83c 100644
--- a/tools/testing/selftests/kvm/include/x86/tdx/td_boot.h
+++ b/tools/testing/selftests/kvm/include/x86/tdx/td_boot.h
@@ -66,4 +66,9 @@ struct td_boot_parameters {
 	struct td_per_vcpu_parameters per_vcpu[];
 };
=20
+void td_boot(void);
+void td_boot_code_end(void);
+
+#define TD_BOOT_CODE_SIZE (td_boot_code_end - td_boot)
+
 #endif /* SELFTEST_TDX_TD_BOOT_H */
diff --git a/tools/testing/selftests/kvm/include/x86/tdx/td_boot_asm.h b/to=
ols/testing/selftests/kvm/include/x86/tdx/td_boot_asm.h
new file mode 100644
index 000000000000..10b4b527595c
--- /dev/null
+++ b/tools/testing/selftests/kvm/include/x86/tdx/td_boot_asm.h
@@ -0,0 +1,16 @@
+/* SPDX-License-Identifier: GPL-2.0-only */
+#ifndef SELFTEST_TDX_TD_BOOT_ASM_H
+#define SELFTEST_TDX_TD_BOOT_ASM_H
+
+/*
+ * GPA where TD boot parameters will be loaded.
+ *
+ * TD_BOOT_PARAMETERS_GPA is arbitrarily chosen to
+ *
+ * + be within the 4GB address space
+ * + provide enough contiguous memory for the struct td_boot_parameters su=
ch
+ *   that there is one struct td_per_vcpu_parameters for KVM_MAX_VCPUS
+ */
+#define TD_BOOT_PARAMETERS_GPA 0xffff0000
+
+#endif  // SELFTEST_TDX_TD_BOOT_ASM_H
diff --git a/tools/testing/selftests/kvm/lib/x86/tdx/td_boot.S b/tools/test=
ing/selftests/kvm/lib/x86/tdx/td_boot.S
new file mode 100644
index 000000000000..7aa33caa9a78
--- /dev/null
+++ b/tools/testing/selftests/kvm/lib/x86/tdx/td_boot.S
@@ -0,0 +1,60 @@
+/* SPDX-License-Identifier: GPL-2.0-only */
+
+#include "tdx/td_boot_asm.h"
+#include "tdx/td_boot_offsets.h"
+#include "processor_asm.h"
+
+.code32
+
+.globl td_boot
+td_boot:
+	/* In this procedure, edi is used as a temporary register. */
+	cli
+
+	/* Paging is off. */
+
+	movl $TD_BOOT_PARAMETERS_GPA, %ebx
+
+	/*
+	 * Find the address of struct td_per_vcpu_parameters for this
+	 * vCPU based on esi (TDX spec: initialized with vCPU id). Put
+	 * struct address into register for indirect addressing.
+	 */
+	movl $SIZEOF_TD_PER_VCPU_PARAMETERS, %eax
+	mul %esi
+	leal TD_BOOT_PARAMETERS_PER_VCPU(%ebx), %edi
+	addl %edi, %eax
+
+	/* Setup stack. */
+	movl TD_PER_VCPU_PARAMETERS_ESP_GVA(%eax), %esp
+
+	/* Setup GDT. */
+	leal TD_BOOT_PARAMETERS_GDT(%ebx), %edi
+	lgdt (%edi)
+
+	/* Setup IDT. */
+	leal TD_BOOT_PARAMETERS_IDT(%ebx), %edi
+	lidt (%edi)
+
+	/*
+	 * Set up control registers (There are no instructions to mov from
+	 * memory to control registers, hence use edi as a scratch register).
+	 */
+	movl TD_BOOT_PARAMETERS_CR4(%ebx), %edi
+	movl %edi, %cr4
+	movl TD_BOOT_PARAMETERS_CR3(%ebx), %edi
+	movl %edi, %cr3
+	movl TD_BOOT_PARAMETERS_CR0(%ebx), %edi
+	movl %edi, %cr0
+
+	/* Switching to 64bit mode after ljmp and then jump to guest code */
+	ljmp $(KERNEL_CS),$1f
+1:
+	jmp *TD_PER_VCPU_PARAMETERS_GUEST_CODE(%eax)
+
+/* Leave marker so size of td_boot code can be computed. */
+.globl td_boot_code_end
+td_boot_code_end:
+
+/* Disable executable stack. */
+.section .note.GNU-stack,"",%progbits
--=20
2.51.1.851.g4ebd6896fd-goog
From nobody Wed Dec 17 10:41:48 2025
Received: from mail-il1-f201.google.com (mail-il1-f201.google.com
 [209.85.166.201])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id D7F953563C9
	for <linux-kernel@vger.kernel.org>; Tue, 28 Oct 2025 21:21:05 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org;
 arc=none smtp.client-ip=209.85.166.201
ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;
	t=1761686469; cv=none;
 b=RsCm5ZFxBkA9Y0bbHUfxzlkcNkijIaCf4EzrqILwtXqW6cwfyy7uZJmT25jYm29mWgxmgDprJxU/+Y8nZoti1yTCUbVTWrTuhqLdkMmQIckoao/xLoM3fTsbf2z1ItlHIXadPXOoGHa4bWIIeK+QiR9PSJMh/b18in0oJ2VcH0A=
ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org;
	s=arc-20240116; t=1761686469; c=relaxed/simple;
	bh=x85AGbqMQuM30E7OfpbcHxj2rx11JgYx/dEG7Zx7ZSI=;
	h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From:
	 To:Cc:Content-Type;
 b=CMJHnRGtyaQsPBTh3jwcarKoEGT1+f0zzVxFs7rDqQ3DnKvKFw7OFEabdrtR5YTjZ48qbzOvRkK0rzQiNRVWrNPhYCXhkNCJWr7xvzAfFkD863YMxxWYmVntoT6BIgQrOVx/1D4hxLHJwyTonh1Fy9kCDt7F4p12oE9s1H1IPFk=
ARC-Authentication-Results: i=1; smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com;
 spf=pass smtp.mailfrom=flex--sagis.bounces.google.com;
 dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b=rkYqs5Jh; arc=none smtp.client-ip=209.85.166.201
Authentication-Results: smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com
Authentication-Results: smtp.subspace.kernel.org;
 spf=pass smtp.mailfrom=flex--sagis.bounces.google.com
Authentication-Results: smtp.subspace.kernel.org;
	dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b="rkYqs5Jh"
Received: by mail-il1-f201.google.com with SMTP id
 e9e14a558f8ab-430e67e2427so89213625ab.2
        for <linux-kernel@vger.kernel.org>;
 Tue, 28 Oct 2025 14:21:05 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=google.com; s=20230601; t=1761686465; x=1762291265;
 darn=vger.kernel.org;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:from:to:cc:subject:date:message-id:reply-to;
        bh=Aol8JWbhvHQ0Y4NMgOYcXnVqKUY49+8bce+pOQJ30aM=;
        b=rkYqs5Jhb6wqBDgs/FR66erImpSJTxlM3HEW1yRUsw376tuFGYkZ80cQjvujeKc1HS
         wt1zV7y8Kk0ailb39l+0mkVl/40PweK2Fh3OxabnsFP9WhFEKWK0d0Hl6L42Bru7DSoA
         t3nXZFo5VCHGb84pvvg4HG8O4FXOkVOIZJzIHEp6rQ1SnTjwGkfFX+88rinSOGAHUNrz
         lcztbcuvAVaNJyimy4aDaAypnGH8FJhde+gNupNw+lwDuMcSF9EXzs7dw1/+FqAXYMwj
         lZ3cFW88G5Oy49aHkPyGSAvHFIi6/v1hHk5/xS5fAql7dZWzW0BL1BoAiU1g/Ivk1sy5
         6J7Q==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1761686465; x=1762291265;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to;
        bh=Aol8JWbhvHQ0Y4NMgOYcXnVqKUY49+8bce+pOQJ30aM=;
        b=NWrldwbP6re4wq94+mQRZkAk6Rd0+7tBDqJMuMs0C1lzlRwjLQBbU7HfGb+87YSQ4e
         SzlEc08j2OoEyRBZS3Seg1XGTmbfC3FMi++myI9u79nwWcnugw5nqKrVcItD3a8E2fBz
         xLR2SHmLGkki7gLq4APxkAV8bacm6A7EhKn2cZZGIH+M0FhKZX4XXS7TYHvfGHxkFm7V
         wz51AVunIEpMYrtc34qrr6RzbR5ogbOh+pL9mhuA70HBQ09v9HN5lKwKKLQAW6lCJhBe
         G+sstUSkiCg8XzQVivD0r42FgE1jva722OdRZIYm8avn30wiFWsoUGMNv1Tdx1OfGJdN
         Sswg==
X-Gm-Message-State: AOJu0YxmdJ9NwROokPhZbiOOjsPubFtleZOMyZfkXp65J/yzhzyRWI1+
	uX51xdsTE1BrDKykJXbIpYZs5QPbOZVF3KnP+l13Zd6JNXQaQaqz9ohHrD+ccXdQOIEUQm8WJ+X
	XXg==
X-Google-Smtp-Source: 
 AGHT+IEVLrCWBvCq+ZZnFLKxmdhDBAGkMvknZeQQTQOQUQehd1xeQRu0DtZg6MjC1npOpKY5i2fK+0sdsA==
X-Received: from iloz9.prod.google.com ([2002:a92:cb89:0:b0:42f:7f5b:11a6])
 (user=sagis job=prod-delivery.src-stubby-dispatcher) by
 2002:a05:6e02:154a:b0:431:d951:ab97
 with SMTP id e9e14a558f8ab-432f9028812mr9611735ab.15.1761686464982; Tue, 28
 Oct 2025 14:21:04 -0700 (PDT)
Date: Tue, 28 Oct 2025 21:20:36 +0000
In-Reply-To: <20251028212052.200523-1-sagis@google.com>
Precedence: bulk
X-Mailing-List: linux-kernel@vger.kernel.org
List-Id: <linux-kernel.vger.kernel.org>
List-Subscribe: <mailto:linux-kernel+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:linux-kernel+unsubscribe@vger.kernel.org>
Mime-Version: 1.0
References: <20251028212052.200523-1-sagis@google.com>
X-Mailer: git-send-email 2.51.1.851.g4ebd6896fd-goog
Message-ID: <20251028212052.200523-11-sagis@google.com>
Subject: [PATCH v12 10/23] KVM: selftests: Set up TDX boot code region
From: Sagi Shahar <sagis@google.com>
To: linux-kselftest@vger.kernel.org, Paolo Bonzini <pbonzini@redhat.com>,
	Shuah Khan <shuah@kernel.org>, Sean Christopherson <seanjc@google.com>,
	Ackerley Tng <ackerleytng@google.com>, Ryan Afranji <afranji@google.com>,
	Andrew Jones <ajones@ventanamicro.com>,
 Isaku Yamahata <isaku.yamahata@intel.com>,
	Erdem Aktas <erdemaktas@google.com>,
 Rick Edgecombe <rick.p.edgecombe@intel.com>,
	Sagi Shahar <sagis@google.com>, Roger Wang <runanwang@google.com>,
	Binbin Wu <binbin.wu@linux.intel.com>, Oliver Upton <oliver.upton@linux.dev>,
	"Pratik R. Sampat" <pratikrajesh.sampat@amd.com>,
 Reinette Chatre <reinette.chatre@intel.com>,
	Ira Weiny <ira.weiny@intel.com>, Chao Gao <chao.gao@intel.com>,
	Chenyi Qiang <chenyi.qiang@intel.com>
Cc: linux-kernel@vger.kernel.org, kvm@vger.kernel.org
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain; charset="utf-8"

Add memory for TDX boot code in a separate memslot.

Use virt_map() to get identity map in this memory region to allow for
seamless transition from paging disabled to paging enabled code.

Copy the boot code into the memory region and set up the reset vector
at this point. While it's possible to separate the memory allocation and
boot code initialization into separate functions, having all the
calculations for memory size and offsets in one place simplifies the
code and avoids duplications.

Handcode the reset vector as suggested by Sean Christopherson.

Reviewed-by: Binbin Wu <binbin.wu@linux.intel.com>
Suggested-by: Sean Christopherson <seanjc@google.com>
Co-developed-by: Erdem Aktas <erdemaktas@google.com>
Signed-off-by: Erdem Aktas <erdemaktas@google.com>
Signed-off-by: Sagi Shahar <sagis@google.com>
---
 tools/testing/selftests/kvm/Makefile.kvm      |  1 +
 .../selftests/kvm/include/x86/tdx/tdx_util.h  |  2 +
 .../selftests/kvm/lib/x86/tdx/tdx_util.c      | 54 +++++++++++++++++++
 3 files changed, 57 insertions(+)
 create mode 100644 tools/testing/selftests/kvm/lib/x86/tdx/tdx_util.c

diff --git a/tools/testing/selftests/kvm/Makefile.kvm b/tools/testing/selft=
ests/kvm/Makefile.kvm
index 5c94e3afcd3a..86fe629f2e81 100644
--- a/tools/testing/selftests/kvm/Makefile.kvm
+++ b/tools/testing/selftests/kvm/Makefile.kvm
@@ -31,6 +31,7 @@ LIBKVM_x86 +=3D lib/x86/sev.c
 LIBKVM_x86 +=3D lib/x86/svm.c
 LIBKVM_x86 +=3D lib/x86/ucall.c
 LIBKVM_x86 +=3D lib/x86/vmx.c
+LIBKVM_x86 +=3D lib/x86/tdx/tdx_util.c
 LIBKVM_x86 +=3D lib/x86/tdx/td_boot.S
=20
 LIBKVM_arm64 +=3D lib/arm64/gic.c
diff --git a/tools/testing/selftests/kvm/include/x86/tdx/tdx_util.h b/tools=
/testing/selftests/kvm/include/x86/tdx/tdx_util.h
index 286d5e3c24b1..ec05bcd59145 100644
--- a/tools/testing/selftests/kvm/include/x86/tdx/tdx_util.h
+++ b/tools/testing/selftests/kvm/include/x86/tdx/tdx_util.h
@@ -11,4 +11,6 @@ static inline bool is_tdx_vm(struct kvm_vm *vm)
 	return vm->type =3D=3D KVM_X86_TDX_VM;
 }
=20
+void vm_tdx_setup_boot_code_region(struct kvm_vm *vm);
+
 #endif // SELFTESTS_TDX_TDX_UTIL_H
diff --git a/tools/testing/selftests/kvm/lib/x86/tdx/tdx_util.c b/tools/tes=
ting/selftests/kvm/lib/x86/tdx/tdx_util.c
new file mode 100644
index 000000000000..a1cf12de9d56
--- /dev/null
+++ b/tools/testing/selftests/kvm/lib/x86/tdx/tdx_util.c
@@ -0,0 +1,54 @@
+// SPDX-License-Identifier: GPL-2.0-only
+
+#include <stdint.h>
+
+#include "kvm_util.h"
+#include "processor.h"
+#include "tdx/td_boot.h"
+#include "tdx/tdx_util.h"
+
+/* Arbitrarily selected to avoid overlaps with anything else */
+#define TD_BOOT_CODE_SLOT	20
+
+#define X86_RESET_VECTOR	0xfffffff0ul
+#define X86_RESET_VECTOR_SIZE	16
+
+void vm_tdx_setup_boot_code_region(struct kvm_vm *vm)
+{
+	size_t total_code_size =3D TD_BOOT_CODE_SIZE + X86_RESET_VECTOR_SIZE;
+	vm_paddr_t boot_code_gpa =3D X86_RESET_VECTOR - TD_BOOT_CODE_SIZE;
+	vm_paddr_t alloc_gpa =3D round_down(boot_code_gpa, PAGE_SIZE);
+	size_t nr_pages =3D DIV_ROUND_UP(total_code_size, PAGE_SIZE);
+	vm_paddr_t gpa;
+	uint8_t *hva;
+
+	vm_userspace_mem_region_add(vm, VM_MEM_SRC_ANONYMOUS,
+				    alloc_gpa,
+				    TD_BOOT_CODE_SLOT, nr_pages,
+				    KVM_MEM_GUEST_MEMFD);
+
+	gpa =3D vm_phy_pages_alloc(vm, nr_pages, alloc_gpa, TD_BOOT_CODE_SLOT);
+	TEST_ASSERT(gpa =3D=3D alloc_gpa, "Failed vm_phy_pages_alloc\n");
+
+	virt_map(vm, alloc_gpa, alloc_gpa, nr_pages);
+	hva =3D addr_gpa2hva(vm, boot_code_gpa);
+	memcpy(hva, td_boot, TD_BOOT_CODE_SIZE);
+
+	hva +=3D TD_BOOT_CODE_SIZE;
+	TEST_ASSERT(hva =3D=3D addr_gpa2hva(vm, X86_RESET_VECTOR),
+		    "Expected RESET vector at hva 0x%lx, got %lx",
+		    (unsigned long)addr_gpa2hva(vm, X86_RESET_VECTOR), (unsigned long)hv=
a);
+
+	/*
+	 * Handcode "JMP rel8" at the RESET vector to jump back to the TD boot
+	 * code, as there are only 16 bytes at the RESET vector before RIP will
+	 * wrap back to zero.  Insert a trailing int3 so that the vCPU crashes
+	 * in case the JMP somehow falls through.  Note!  The target address is
+	 * relative to the end of the instruction!
+	 */
+	TEST_ASSERT(TD_BOOT_CODE_SIZE + 2 <=3D 128,
+		    "TD boot code not addressable by 'JMP rel8'");
+	hva[0] =3D 0xeb;
+	hva[1] =3D 256 - 2 - TD_BOOT_CODE_SIZE;
+	hva[2] =3D 0xcc;
+}
--=20
2.51.1.851.g4ebd6896fd-goog
From nobody Wed Dec 17 10:41:48 2025
Received: from mail-io1-f73.google.com (mail-io1-f73.google.com
 [209.85.166.73])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id DE95A3570D4
	for <linux-kernel@vger.kernel.org>; Tue, 28 Oct 2025 21:21:06 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org;
 arc=none smtp.client-ip=209.85.166.73
ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;
	t=1761686469; cv=none;
 b=CW6WVQK7yxnsH7gybGrWnRXdfBzJbdeoI+LYHARd+QEirJYWU0C9hNCKHcE32QOk5o8gQs9Y9/JYZ9CodBYnw5YXNtGJgwcUj84zjn7fwcUsoRxL8NVV5zQxiCueogioFPVJF3O2Jao+Bfr6/bf0LBd4r3rFdshlwJ4VrS/46WQ=
ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org;
	s=arc-20240116; t=1761686469; c=relaxed/simple;
	bh=h+BtiPzVy2gWivSMFIqWnCmHMSFsal+CXe23zn8LbkQ=;
	h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From:
	 To:Cc:Content-Type;
 b=bs6g6mNwCAcejUYMNBK41ySIUWMff+al58lqZobHXZqh4hKw2kGU5u2WL03kMkbC9IjAXUl73Sz8V3/JbWSjFvngG17c5k0QUe+2TtCWPdEg1capPJNeJz/qtdhf+OY6Zc54hh2krmwYLR6c1bDOkwfktfPFp4B8Gu6GccExcZ8=
ARC-Authentication-Results: i=1; smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com;
 spf=pass smtp.mailfrom=flex--sagis.bounces.google.com;
 dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b=fdgVSBV+; arc=none smtp.client-ip=209.85.166.73
Authentication-Results: smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com
Authentication-Results: smtp.subspace.kernel.org;
 spf=pass smtp.mailfrom=flex--sagis.bounces.google.com
Authentication-Results: smtp.subspace.kernel.org;
	dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b="fdgVSBV+"
Received: by mail-io1-f73.google.com with SMTP id
 ca18e2360f4ac-940f9efd090so2079327039f.3
        for <linux-kernel@vger.kernel.org>;
 Tue, 28 Oct 2025 14:21:06 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=google.com; s=20230601; t=1761686466; x=1762291266;
 darn=vger.kernel.org;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:from:to:cc:subject:date:message-id:reply-to;
        bh=PnRis7314sxjOj0Rh6H340e0+BpA55H88Cr2h5cu4AY=;
        b=fdgVSBV+sJ+MOWLn4uBqBX9j7MuqNRnEuoi5NEstlqWtJJtx+oQHLiUNOEXr9h+kge
         vwAJGs1e9CYE9Ew/GNKwb5onQsxuM4Nmnwu86OivT4iIR3MskigPm6Ya5plxRPCyNaZP
         H3p0EmcTM1SNPSTBJj5hU6uxRV4ZY3WlZM1Gb1AMV6saBZlqfq9Uk3xhecuXkTAfKOi9
         1PvEpcsH6vrEpEAIo9srUq4F+rEhOzttM/irMvxBqkr5FDiYKSlzVfXyPSP+HwSulo2+
         uDaXFIrVZIp1d1BJoW6N73Nh6l//KnDd/39GQfC1Wyx4K99NLaYKUBt5jNNnym+KiNYV
         ewvg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1761686466; x=1762291266;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to;
        bh=PnRis7314sxjOj0Rh6H340e0+BpA55H88Cr2h5cu4AY=;
        b=CSwfyW6fUZqDlFetez63X11pLJOHkE3626iCLMbIQ43Qeg2qjG9Boe1eV+JtNSHgNW
         Edo/3IKojBYUcIdr6YiFnREE95MAnMc0KTR2Xcq5d8967PfVQRTlt90dbi4Ha/GtrLkB
         FDPEmvnPzAxG7PRmdcVcdvv2MT3B7oRrpXy86MopCuznUOt/w/FxQXzrVRZDNMAHowOp
         bBSngJ0mmswM/rfOuPy+QP35nv5UH/x36CCo6wTkQlEyshKkmZT/iFIRmOhPPyyUlVe+
         v1uFnCSfpmM8qg90otHjU7WpwX73WvKa6QWehqEPnDplT2zliXCY53RpVnlYs6X3i4Be
         ViMw==
X-Gm-Message-State: AOJu0YwhKbjoQO7I797bx0z5aS8AyuRBYXtg31Fb4C/XVXUSuv0zgkqK
	tiVGkhcZAyFDng/hqOfxmj8RC49tJTixpqCuwy9KnFxQJMhvYagDktfJe2Rbqx5EvL+U56mf2Pq
	c5w==
X-Google-Smtp-Source: 
 AGHT+IFFotzwJGtcAawKS1Bi4VJy5fzH8cXmMVxBeTy7ud7wRUCgQ0kdS8CGAINF03YwqDm76lS1B0wIdA==
X-Received: from iobby9.prod.google.com
 ([2002:a05:6602:3a09:b0:93e:ac34:407d])
 (user=sagis job=prod-delivery.src-stubby-dispatcher) by
 2002:a05:6602:134a:b0:940:df70:3a48
 with SMTP id ca18e2360f4ac-945c9841230mr147217139f.10.1761686465936; Tue, 28
 Oct 2025 14:21:05 -0700 (PDT)
Date: Tue, 28 Oct 2025 21:20:37 +0000
In-Reply-To: <20251028212052.200523-1-sagis@google.com>
Precedence: bulk
X-Mailing-List: linux-kernel@vger.kernel.org
List-Id: <linux-kernel.vger.kernel.org>
List-Subscribe: <mailto:linux-kernel+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:linux-kernel+unsubscribe@vger.kernel.org>
Mime-Version: 1.0
References: <20251028212052.200523-1-sagis@google.com>
X-Mailer: git-send-email 2.51.1.851.g4ebd6896fd-goog
Message-ID: <20251028212052.200523-12-sagis@google.com>
Subject: [PATCH v12 11/23] KVM: selftests: Set up TDX boot parameters region
From: Sagi Shahar <sagis@google.com>
To: linux-kselftest@vger.kernel.org, Paolo Bonzini <pbonzini@redhat.com>,
	Shuah Khan <shuah@kernel.org>, Sean Christopherson <seanjc@google.com>,
	Ackerley Tng <ackerleytng@google.com>, Ryan Afranji <afranji@google.com>,
	Andrew Jones <ajones@ventanamicro.com>,
 Isaku Yamahata <isaku.yamahata@intel.com>,
	Erdem Aktas <erdemaktas@google.com>,
 Rick Edgecombe <rick.p.edgecombe@intel.com>,
	Sagi Shahar <sagis@google.com>, Roger Wang <runanwang@google.com>,
	Binbin Wu <binbin.wu@linux.intel.com>, Oliver Upton <oliver.upton@linux.dev>,
	"Pratik R. Sampat" <pratikrajesh.sampat@amd.com>,
 Reinette Chatre <reinette.chatre@intel.com>,
	Ira Weiny <ira.weiny@intel.com>, Chao Gao <chao.gao@intel.com>,
	Chenyi Qiang <chenyi.qiang@intel.com>
Cc: linux-kernel@vger.kernel.org, kvm@vger.kernel.org
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain; charset="utf-8"

Allocate memory for TDX boot parameters and define the utility functions
necessary to fill this memory with the boot parameters.

Co-developed-by: Ackerley Tng <ackerleytng@google.com>
Signed-off-by: Ackerley Tng <ackerleytng@google.com>
Signed-off-by: Sagi Shahar <sagis@google.com>

---------------------------------------------

Changes from v10:
 * Removed code for setting up X86_CR4_OSXMMEXCPT bit. At least for now
   it is not needed and the test pass without it.
---
 .../selftests/kvm/include/x86/tdx/tdx_util.h  |  4 ++
 .../selftests/kvm/lib/x86/tdx/tdx_util.c      | 72 +++++++++++++++++++
 2 files changed, 76 insertions(+)

diff --git a/tools/testing/selftests/kvm/include/x86/tdx/tdx_util.h b/tools=
/testing/selftests/kvm/include/x86/tdx/tdx_util.h
index ec05bcd59145..dafdc7e46abe 100644
--- a/tools/testing/selftests/kvm/include/x86/tdx/tdx_util.h
+++ b/tools/testing/selftests/kvm/include/x86/tdx/tdx_util.h
@@ -12,5 +12,9 @@ static inline bool is_tdx_vm(struct kvm_vm *vm)
 }
=20
 void vm_tdx_setup_boot_code_region(struct kvm_vm *vm);
+void vm_tdx_setup_boot_parameters_region(struct kvm_vm *vm, uint32_t nr_ru=
nnable_vcpus);
+void vm_tdx_load_common_boot_parameters(struct kvm_vm *vm);
+void vm_tdx_load_vcpu_boot_parameters(struct kvm_vm *vm, struct kvm_vcpu *=
vcpu);
+void vm_tdx_set_vcpu_entry_point(struct kvm_vcpu *vcpu, void *guest_code);
=20
 #endif // SELFTESTS_TDX_TDX_UTIL_H
diff --git a/tools/testing/selftests/kvm/lib/x86/tdx/tdx_util.c b/tools/tes=
ting/selftests/kvm/lib/x86/tdx/tdx_util.c
index a1cf12de9d56..f3b69923e928 100644
--- a/tools/testing/selftests/kvm/lib/x86/tdx/tdx_util.c
+++ b/tools/testing/selftests/kvm/lib/x86/tdx/tdx_util.c
@@ -5,10 +5,12 @@
 #include "kvm_util.h"
 #include "processor.h"
 #include "tdx/td_boot.h"
+#include "tdx/td_boot_asm.h"
 #include "tdx/tdx_util.h"
=20
 /* Arbitrarily selected to avoid overlaps with anything else */
 #define TD_BOOT_CODE_SLOT	20
+#define TD_BOOT_PARAMETERS_SLOT	21
=20
 #define X86_RESET_VECTOR	0xfffffff0ul
 #define X86_RESET_VECTOR_SIZE	16
@@ -52,3 +54,73 @@ void vm_tdx_setup_boot_code_region(struct kvm_vm *vm)
 	hva[1] =3D 256 - 2 - TD_BOOT_CODE_SIZE;
 	hva[2] =3D 0xcc;
 }
+
+void vm_tdx_setup_boot_parameters_region(struct kvm_vm *vm, uint32_t nr_ru=
nnable_vcpus)
+{
+	size_t boot_params_size =3D
+		sizeof(struct td_boot_parameters) +
+		nr_runnable_vcpus * sizeof(struct td_per_vcpu_parameters);
+	int npages =3D DIV_ROUND_UP(boot_params_size, PAGE_SIZE);
+	vm_paddr_t gpa;
+
+	vm_userspace_mem_region_add(vm, VM_MEM_SRC_ANONYMOUS,
+				    TD_BOOT_PARAMETERS_GPA,
+				    TD_BOOT_PARAMETERS_SLOT, npages,
+				    KVM_MEM_GUEST_MEMFD);
+	gpa =3D vm_phy_pages_alloc(vm, npages, TD_BOOT_PARAMETERS_GPA, TD_BOOT_PA=
RAMETERS_SLOT);
+	TEST_ASSERT(gpa =3D=3D TD_BOOT_PARAMETERS_GPA, "Failed vm_phy_pages_alloc=
\n");
+
+	virt_map(vm, TD_BOOT_PARAMETERS_GPA, TD_BOOT_PARAMETERS_GPA, npages);
+}
+
+void vm_tdx_load_common_boot_parameters(struct kvm_vm *vm)
+{
+	struct td_boot_parameters *params =3D
+		addr_gpa2hva(vm, TD_BOOT_PARAMETERS_GPA);
+	uint32_t cr4;
+
+	TEST_ASSERT_EQ(vm->mode, VM_MODE_PXXV48_4K);
+
+	cr4 =3D kvm_get_default_cr4();
+
+	/* TDX spec 11.6.2: CR4 bit MCE is fixed to 1 */
+	cr4 |=3D X86_CR4_MCE;
+
+	/* TDX spec 11.6.2: CR4 bit VMXE and SMXE are fixed to 0 */
+	cr4 &=3D ~(X86_CR4_VMXE | X86_CR4_SMXE);
+
+	/* Set parameters! */
+	params->cr0 =3D kvm_get_default_cr0();
+	params->cr3 =3D vm->pgd;
+	params->cr4 =3D cr4;
+	params->idtr.base =3D vm->arch.idt;
+	params->idtr.limit =3D kvm_get_default_idt_limit();
+	params->gdtr.base =3D vm->arch.gdt;
+	params->gdtr.limit =3D kvm_get_default_gdt_limit();
+
+	TEST_ASSERT(params->cr0 !=3D 0, "cr0 should not be 0");
+	TEST_ASSERT(params->cr3 !=3D 0, "cr3 should not be 0");
+	TEST_ASSERT(params->cr4 !=3D 0, "cr4 should not be 0");
+	TEST_ASSERT(params->gdtr.base !=3D 0, "gdt base address should not be 0");
+	TEST_ASSERT(params->idtr.base !=3D 0, "idt base address should not be 0");
+}
+
+void vm_tdx_load_vcpu_boot_parameters(struct kvm_vm *vm, struct kvm_vcpu *=
vcpu)
+{
+	struct td_boot_parameters *params =3D
+		addr_gpa2hva(vm, TD_BOOT_PARAMETERS_GPA);
+	struct td_per_vcpu_parameters *vcpu_params =3D
+		&params->per_vcpu[vcpu->id];
+
+	vcpu_params->esp_gva =3D kvm_allocate_vcpu_stack(vm);
+}
+
+void vm_tdx_set_vcpu_entry_point(struct kvm_vcpu *vcpu, void *guest_code)
+{
+	struct td_boot_parameters *params =3D
+		addr_gpa2hva(vcpu->vm, TD_BOOT_PARAMETERS_GPA);
+	struct td_per_vcpu_parameters *vcpu_params =3D
+		&params->per_vcpu[vcpu->id];
+
+	vcpu_params->guest_code =3D (uint64_t)guest_code;
+}
--=20
2.51.1.851.g4ebd6896fd-goog
From nobody Wed Dec 17 10:41:48 2025
Received: from mail-io1-f74.google.com (mail-io1-f74.google.com
 [209.85.166.74])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id ABAF93563F6
	for <linux-kernel@vger.kernel.org>; Tue, 28 Oct 2025 21:21:07 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org;
 arc=none smtp.client-ip=209.85.166.74
ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;
	t=1761686469; cv=none;
 b=aoDNppyHyh3Oup664AOBhD/YEHDA5TTHv2iE2AVrEgXjQKdfyx8/tWMnOyZWQavGz8tiit1atOp5nXmbSl92l3UGBIjPvP2dhduKMs6WA4HtJuynU2jOTVovzexNpBJhUd/vn8uh/1OkpzNbIxtlgJbXGl3TfWP0ozuit2bAXqw=
ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org;
	s=arc-20240116; t=1761686469; c=relaxed/simple;
	bh=Gi7/8z3siwhpfL7OyMvxvnm6KsYsxHzKCabFXuLvNuw=;
	h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From:
	 To:Cc:Content-Type;
 b=VL34B9ZILcVhe4SpYmDqazTt3g5M1K+w2VbBxpgIyIGvNVfkLw0A8ocZ7eVlOWHVIfCLXYxxUKpQYNzOQS4d01/n4GH1qrl261WqzQM0Q27T/Cm0MOwuDHqIvTXWTRREPGN1SnsfVXn4lhjSQU7lDP/A3tHvJ0JQWB/ZqAiIEfI=
ARC-Authentication-Results: i=1; smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com;
 spf=pass smtp.mailfrom=flex--sagis.bounces.google.com;
 dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b=4tCOWyxM; arc=none smtp.client-ip=209.85.166.74
Authentication-Results: smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com
Authentication-Results: smtp.subspace.kernel.org;
 spf=pass smtp.mailfrom=flex--sagis.bounces.google.com
Authentication-Results: smtp.subspace.kernel.org;
	dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b="4tCOWyxM"
Received: by mail-io1-f74.google.com with SMTP id
 ca18e2360f4ac-93e8092427aso695902339f.0
        for <linux-kernel@vger.kernel.org>;
 Tue, 28 Oct 2025 14:21:07 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=google.com; s=20230601; t=1761686467; x=1762291267;
 darn=vger.kernel.org;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:from:to:cc:subject:date:message-id:reply-to;
        bh=0ulPvgfG0Y+r+D5t//1kV8qb0CClUAPZGriJ9NB4m8w=;
        b=4tCOWyxMPuYBhACKjabPmkHlqzypuX3jMMS8fF7cn98AYBkMGxCtseC3xcHt0OzpP2
         UqdhjcB2w/jY42XkwJh269t+zhytYbXYS/xCizwZhTSlusQJKM0oJ7aJ67v07w4aHYjX
         q/LXwe16osjR99Gg4SwQCv/kGZ9xsm1C7dOjz/b5ilfipNtR98QlQ/8+HzKajFimbU+y
         tCAl7+cXW/QKiMXw/MbrJfqgZ9qXDM/Pb3Fctl1ASD/Yds9uZKq+PEkR7HNTRT946idt
         EqsLWHnJQ524rfhcNox4qmy9kYcaFlMOJjc2HHh/L/vcBDSNFg9OI4XbLJQG7Fjh7syr
         j1zw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1761686467; x=1762291267;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to;
        bh=0ulPvgfG0Y+r+D5t//1kV8qb0CClUAPZGriJ9NB4m8w=;
        b=S2kigqSp5W8uwrQ6Iy+HX6eeQXW1tdDDkmqrBdvstSXLU1yqanIxy3RjTvLwNCFHxT
         SbfuQy79yPycB6ar/U1Gh0pXhJnU1/1KaMsPLFla0atCTfZPB5h6QEO8NdMhOPZI1i8A
         cdcuMujvWopAxCDdtkHfNX6rIGaVJkFn8w1NqOLm9U+UppBTR9JOWQPq0ECFG6dn7apT
         wub4WmYIbt+7V3MfBrDSCWJeKR+46SkvmdXbszX1kPeDRIr2hTmz7RMZayeFsXqAJ3Vh
         5zZFwlBV4iEMN+5fShGJh/fxdfnCzdl2o3ndAEOnMzya5g6MMjDFt8Q4MrM9xGaZtxZY
         JQaQ==
X-Gm-Message-State: AOJu0Yy32nWXdUDwTwhbGXq4oypb4WSNOOoaULQxgVxYv4Whj9yDHd6o
	X4EENccMs3yqD78K1cRxuemx9Po9LtmB+VT7JCPomP/rlNX7IYzCc+0OxP5W8rk3iG9xm/DZu6x
	qZw==
X-Google-Smtp-Source: 
 AGHT+IH+cljlkfIMY+ND7OCx0HPVgq0VipHvvwULcrZ0s3vwVUVzWtYvXfFkzzQNpiZK5iMW2kmPhZIX5Q==
X-Received: from iobbl14.prod.google.com
 ([2002:a05:6602:408e:b0:943:59e0:6b22])
 (user=sagis job=prod-delivery.src-stubby-dispatcher) by
 2002:a05:6602:608c:b0:945:adeb:f245
 with SMTP id ca18e2360f4ac-945c969a9c6mr129595639f.1.1761686466981; Tue, 28
 Oct 2025 14:21:06 -0700 (PDT)
Date: Tue, 28 Oct 2025 21:20:38 +0000
In-Reply-To: <20251028212052.200523-1-sagis@google.com>
Precedence: bulk
X-Mailing-List: linux-kernel@vger.kernel.org
List-Id: <linux-kernel.vger.kernel.org>
List-Subscribe: <mailto:linux-kernel+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:linux-kernel+unsubscribe@vger.kernel.org>
Mime-Version: 1.0
References: <20251028212052.200523-1-sagis@google.com>
X-Mailer: git-send-email 2.51.1.851.g4ebd6896fd-goog
Message-ID: <20251028212052.200523-13-sagis@google.com>
Subject: [PATCH v12 12/23] KVM: selftests: Add helper to initialize TDX VM
From: Sagi Shahar <sagis@google.com>
To: linux-kselftest@vger.kernel.org, Paolo Bonzini <pbonzini@redhat.com>,
	Shuah Khan <shuah@kernel.org>, Sean Christopherson <seanjc@google.com>,
	Ackerley Tng <ackerleytng@google.com>, Ryan Afranji <afranji@google.com>,
	Andrew Jones <ajones@ventanamicro.com>,
 Isaku Yamahata <isaku.yamahata@intel.com>,
	Erdem Aktas <erdemaktas@google.com>,
 Rick Edgecombe <rick.p.edgecombe@intel.com>,
	Sagi Shahar <sagis@google.com>, Roger Wang <runanwang@google.com>,
	Binbin Wu <binbin.wu@linux.intel.com>, Oliver Upton <oliver.upton@linux.dev>,
	"Pratik R. Sampat" <pratikrajesh.sampat@amd.com>,
 Reinette Chatre <reinette.chatre@intel.com>,
	Ira Weiny <ira.weiny@intel.com>, Chao Gao <chao.gao@intel.com>,
	Chenyi Qiang <chenyi.qiang@intel.com>
Cc: linux-kernel@vger.kernel.org, kvm@vger.kernel.org
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain; charset="utf-8"

KVM_TDX_INIT_VM needs to be called after KVM_CREATE_VM and before
creating any VCPUs, thus before KVM_SET_CPUID2. KVM_TDX_INIT_VM accepts
the CPUID values directly.

Since KVM_GET_CPUID2 can't be used at this point, calculate the CPUID
values manually by using kvm_get_supported_cpuid() and filter the
returned CPUIDs against the supported CPUID values read from the TDX
module.

Co-developed-by: Isaku Yamahata <isaku.yamahata@intel.com>
Signed-off-by: Isaku Yamahata <isaku.yamahata@intel.com>
Co-developed-by: Rick Edgecombe <rick.p.edgecombe@intel.com>
Signed-off-by: Rick Edgecombe <rick.p.edgecombe@intel.com>
Signed-off-by: Sagi Shahar <sagis@google.com>
Reviewed-by: Ira Weiny <ira.weiny@intel.com>
---
 .../selftests/kvm/include/x86/tdx/tdx_util.h  |  54 +++++++
 .../selftests/kvm/lib/x86/tdx/tdx_util.c      | 132 ++++++++++++++++++
 2 files changed, 186 insertions(+)

diff --git a/tools/testing/selftests/kvm/include/x86/tdx/tdx_util.h b/tools=
/testing/selftests/kvm/include/x86/tdx/tdx_util.h
index dafdc7e46abe..a2509959c7ce 100644
--- a/tools/testing/selftests/kvm/include/x86/tdx/tdx_util.h
+++ b/tools/testing/selftests/kvm/include/x86/tdx/tdx_util.h
@@ -11,6 +11,60 @@ static inline bool is_tdx_vm(struct kvm_vm *vm)
 	return vm->type =3D=3D KVM_X86_TDX_VM;
 }
=20
+/*
+ * TDX ioctls
+ */
+
+#define __vm_tdx_vm_ioctl(vm, cmd, metadata, arg)			\
+({									\
+	int r;								\
+									\
+	union {								\
+		struct kvm_tdx_cmd c;					\
+		unsigned long raw;					\
+	} tdx_cmd =3D { .c =3D {						\
+		.id =3D (cmd),						\
+		.flags =3D (uint32_t)(metadata),				\
+		.data =3D (uint64_t)(arg),				\
+	} };								\
+									\
+	r =3D __vm_ioctl(vm, KVM_MEMORY_ENCRYPT_OP, &tdx_cmd.raw);	\
+	r ?: tdx_cmd.c.hw_error;					\
+})
+
+#define vm_tdx_vm_ioctl(vm, cmd, flags, arg)				\
+({									\
+	int ret =3D __vm_tdx_vm_ioctl(vm, cmd, flags, arg);		\
+									\
+	__TEST_ASSERT_VM_VCPU_IOCTL(!ret, #cmd,	ret, vm);		\
+})
+
+#define __vm_tdx_vcpu_ioctl(vcpu, cmd, metadata, arg)			\
+({									\
+	int r;								\
+									\
+	union {								\
+		struct kvm_tdx_cmd c;					\
+		unsigned long raw;					\
+	} tdx_cmd =3D { .c =3D {						\
+		.id =3D (cmd),						\
+		.flags =3D (uint32_t)(metadata),				\
+		.data =3D (uint64_t)(arg),				\
+	} };								\
+									\
+	r =3D __vcpu_ioctl(vcpu, KVM_MEMORY_ENCRYPT_OP, &tdx_cmd.raw);	\
+	r ?: tdx_cmd.c.hw_error;					\
+})
+
+#define vm_tdx_vcpu_ioctl(vcpu, cmd, flags, arg)			\
+({									\
+	int ret =3D __vm_tdx_vcpu_ioctl(vcpu, cmd, flags, arg);		\
+									\
+	__TEST_ASSERT_VM_VCPU_IOCTL(!ret, #cmd, ret, (vcpu)->vm);	\
+})
+
+void vm_tdx_init_vm(struct kvm_vm *vm, uint64_t attributes);
+
 void vm_tdx_setup_boot_code_region(struct kvm_vm *vm);
 void vm_tdx_setup_boot_parameters_region(struct kvm_vm *vm, uint32_t nr_ru=
nnable_vcpus);
 void vm_tdx_load_common_boot_parameters(struct kvm_vm *vm);
diff --git a/tools/testing/selftests/kvm/lib/x86/tdx/tdx_util.c b/tools/tes=
ting/selftests/kvm/lib/x86/tdx/tdx_util.c
index f3b69923e928..7a622b4810b1 100644
--- a/tools/testing/selftests/kvm/lib/x86/tdx/tdx_util.c
+++ b/tools/testing/selftests/kvm/lib/x86/tdx/tdx_util.c
@@ -124,3 +124,135 @@ void vm_tdx_set_vcpu_entry_point(struct kvm_vcpu *vcp=
u, void *guest_code)
=20
 	vcpu_params->guest_code =3D (uint64_t)guest_code;
 }
+
+static struct kvm_tdx_capabilities *tdx_read_capabilities(struct kvm_vm *v=
m)
+{
+	struct kvm_tdx_capabilities *tdx_cap =3D NULL;
+	int nr_cpuid_configs =3D 4;
+	int rc =3D -1;
+	int i;
+
+	do {
+		nr_cpuid_configs *=3D 2;
+
+		tdx_cap =3D realloc(tdx_cap, sizeof(*tdx_cap) +
+					   sizeof(tdx_cap->cpuid) +
+					   (sizeof(struct kvm_cpuid_entry2) * nr_cpuid_configs));
+		TEST_ASSERT(tdx_cap,
+			    "Could not allocate memory for tdx capability nr_cpuid_configs %d\n=
",
+			    nr_cpuid_configs);
+
+		tdx_cap->cpuid.nent =3D nr_cpuid_configs;
+		rc =3D __vm_tdx_vm_ioctl(vm, KVM_TDX_CAPABILITIES, 0, tdx_cap);
+	} while (rc < 0 && errno =3D=3D E2BIG);
+
+	TEST_ASSERT(rc =3D=3D 0, "KVM_TDX_CAPABILITIES failed: %d %d",
+		    rc, errno);
+
+	pr_debug("tdx_cap: supported_attrs: 0x%016llx\n"
+		 "tdx_cap: supported_xfam 0x%016llx\n",
+		 tdx_cap->supported_attrs, tdx_cap->supported_xfam);
+
+	for (i =3D 0; i < tdx_cap->cpuid.nent; i++) {
+		const struct kvm_cpuid_entry2 *config =3D &tdx_cap->cpuid.entries[i];
+
+		pr_debug("cpuid config[%d]: leaf 0x%x sub_leaf 0x%x eax 0x%08x ebx 0x%08=
x ecx 0x%08x edx 0x%08x\n",
+			 i, config->function, config->index,
+			 config->eax, config->ebx, config->ecx, config->edx);
+	}
+
+	return tdx_cap;
+}
+
+static struct kvm_cpuid_entry2 *tdx_find_cpuid_config(struct kvm_tdx_capab=
ilities *cap,
+						      uint32_t leaf, uint32_t sub_leaf)
+{
+	struct kvm_cpuid_entry2 *config;
+	uint32_t i;
+
+	for (i =3D 0; i < cap->cpuid.nent; i++) {
+		config =3D &cap->cpuid.entries[i];
+
+		if (config->function =3D=3D leaf && config->index =3D=3D sub_leaf)
+			return config;
+	}
+
+	return NULL;
+}
+
+/*
+ * Filter CPUID based on TDX supported capabilities
+ *
+ * Input Args:
+ *   vm - Virtual Machine
+ *   cpuid_data - CPUID fileds to filter
+ *
+ * Output Args: None
+ *
+ * Return: None
+ *
+ * For each CPUID leaf, filter out non-supported bits based on the capabil=
ities reported
+ * by the TDX module
+ */
+static void vm_tdx_filter_cpuid(struct kvm_vm *vm,
+				struct kvm_cpuid2 *cpuid_data)
+{
+	struct kvm_tdx_capabilities *tdx_cap;
+	struct kvm_cpuid_entry2 *config;
+	struct kvm_cpuid_entry2 *e;
+	int i;
+
+	tdx_cap =3D tdx_read_capabilities(vm);
+
+	i =3D 0;
+	while (i < cpuid_data->nent) {
+		e =3D cpuid_data->entries + i;
+		config =3D tdx_find_cpuid_config(tdx_cap, e->function, e->index);
+
+		if (!config) {
+			int left =3D cpuid_data->nent - i - 1;
+
+			if (left > 0)
+				memmove(cpuid_data->entries + i,
+					cpuid_data->entries + i + 1,
+					sizeof(*cpuid_data->entries) * left);
+			cpuid_data->nent--;
+			continue;
+		}
+
+		e->eax &=3D config->eax;
+		e->ebx &=3D config->ebx;
+		e->ecx &=3D config->ecx;
+		e->edx &=3D config->edx;
+
+		i++;
+	}
+
+	free(tdx_cap);
+}
+
+void vm_tdx_init_vm(struct kvm_vm *vm, uint64_t attributes)
+{
+	struct kvm_tdx_init_vm *init_vm;
+	const struct kvm_cpuid2 *tmp;
+	struct kvm_cpuid2 *cpuid;
+
+	tmp =3D kvm_get_supported_cpuid();
+
+	cpuid =3D allocate_kvm_cpuid2(MAX_NR_CPUID_ENTRIES);
+	memcpy(cpuid, tmp, kvm_cpuid2_size(tmp->nent));
+	vm_tdx_filter_cpuid(vm, cpuid);
+
+	init_vm =3D calloc(1, sizeof(*init_vm) +
+			 sizeof(init_vm->cpuid.entries[0]) * cpuid->nent);
+	TEST_ASSERT(init_vm, "init_vm allocation failed");
+
+	memcpy(&init_vm->cpuid, cpuid, kvm_cpuid2_size(cpuid->nent));
+	free(cpuid);
+
+	init_vm->attributes =3D attributes;
+
+	vm_tdx_vm_ioctl(vm, KVM_TDX_INIT_VM, 0, init_vm);
+
+	free(init_vm);
+}
--=20
2.51.1.851.g4ebd6896fd-goog
From nobody Wed Dec 17 10:41:48 2025
Received: from mail-io1-f73.google.com (mail-io1-f73.google.com
 [209.85.166.73])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id 3EA49357A31
	for <linux-kernel@vger.kernel.org>; Tue, 28 Oct 2025 21:21:08 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org;
 arc=none smtp.client-ip=209.85.166.73
ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;
	t=1761686472; cv=none;
 b=bzhIuhur7i7gm2AgXmlNzAuxcLlTAzMm9fb85h+t4LlF9J/8CSf3bOROMSPGy2SYm8UZSl8B0mowsHtym4tXKcn34V9BUy1eDwxzs7C4gfAcSGsnM0W4lTkuqki/JYAMwMxrK7BBkRI8KD84ZOurUHlzT6NYE31Wl+mt/JiEJDk=
ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org;
	s=arc-20240116; t=1761686472; c=relaxed/simple;
	bh=Beg5l5GnzctCJzgamlm3q3eIKOOQS9dc/q2TB/QjYmQ=;
	h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From:
	 To:Cc:Content-Type;
 b=l+qCKuTsIdncUlkTd7jExDRaRAuck70NumLXElnd/ThSRuYCaM1bTF0dyq9vX48zOkbbrBRneJ1u0csjdtqNaIlfYjj9fXtP2PXETfpgm1m+lKSGmeYJeIx5hq4P3PY2JiVYrpM1/EBHj77aTzwQ6W/g9qjjX5jTu3qIKNns5WM=
ARC-Authentication-Results: i=1; smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com;
 spf=pass smtp.mailfrom=flex--sagis.bounces.google.com;
 dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b=DEpEtK42; arc=none smtp.client-ip=209.85.166.73
Authentication-Results: smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com
Authentication-Results: smtp.subspace.kernel.org;
 spf=pass smtp.mailfrom=flex--sagis.bounces.google.com
Authentication-Results: smtp.subspace.kernel.org;
	dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b="DEpEtK42"
Received: by mail-io1-f73.google.com with SMTP id
 ca18e2360f4ac-940f9efd090so2079336939f.3
        for <linux-kernel@vger.kernel.org>;
 Tue, 28 Oct 2025 14:21:08 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=google.com; s=20230601; t=1761686468; x=1762291268;
 darn=vger.kernel.org;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:from:to:cc:subject:date:message-id:reply-to;
        bh=Aqk3ap2s1j8LuUHJMTA+8RH7bEkzoQ7jFIzEsK1w1ok=;
        b=DEpEtK42Arm29HypAab/BnkUq0Xs+bs6W3zLUJwz8FkooJI5FKswlGWpl2LQh0cZcy
         Yg4hF1Rph6E43CAZ58WMVCQ3RwOJU/qZpqP9+a3nu3+/2PLPAZ9+keDqwpPyIu0dGtKh
         +JO/RYvjQ3SIuVLYk6rlGLWtTa0rFJVsClxOskeYGwt4bjG+CgbIrzbpGhn+6MH4f25Q
         +bq/d0oVrVvafJXdSjCIJ+qurrwJFvk3o3LFOvTmuQB6uMgVmJRsLDwOgBpQcbZqlX9M
         NxyrFGFWTPeUZif27tzpNGNbb5SveymPo9saH/+ZThvJDExbOQ7rbZhFYrWUBWtQtbBn
         oA/w==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1761686468; x=1762291268;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to;
        bh=Aqk3ap2s1j8LuUHJMTA+8RH7bEkzoQ7jFIzEsK1w1ok=;
        b=k/QKk0ngUZkpRvwuf29vlTO1D+JCCSw5Y6dh83pF412BuHdnUiksPjFZNrMj0AyMzv
         0KEJzQIKM1WSm46ry4NrY6tmxzTmjLfGdvoUTeWraaA81wWl6gw+Cfu89P+TBG1raUtN
         cq0Qz/N6vWd9dVR2QIXUbwSaxGIA/m2dyXLtciX6w0p84pnCYu7elKA3PXykgCxKLUof
         UTeEqFZo5L+PSfp4FD1IR+NuTziBom/UHXc8TSe4PhOvfmkjjWOS9yhAXhOZ1uom8+uJ
         1NusEV+MAfvA4YGpGXM67sUAFkkqQ0M9KrzMM9ktoQEFbKDxIqm6+VunLxHGQBqfPn/X
         ZPJw==
X-Gm-Message-State: AOJu0YxyxfaLE9WrUpByNThi/a50SU6TW0AmiW6Wyg0QGelqKCh2L/z0
	Sq51bZe1paOdH41VRgL6Z3jvegD2VKWTIiIYWoDxKfdY4HApswwHKe8ay1Gb4ojLTj014eF4wAR
	+6g==
X-Google-Smtp-Source: 
 AGHT+IGP1JAiIsh896FE5wlZg5zutyX7tNi20B033WUKmmsMam0fKRXd2ZWfh/OEDsGDBnIKNMeiTc5PvQ==
X-Received: from iov16.prod.google.com ([2002:a05:6602:7510:b0:8d2:d755:be95])
 (user=sagis job=prod-delivery.src-stubby-dispatcher) by
 2002:a05:6602:3f85:b0:945:a27c:ab2a
 with SMTP id ca18e2360f4ac-945c986cc06mr128542839f.13.1761686467984; Tue, 28
 Oct 2025 14:21:07 -0700 (PDT)
Date: Tue, 28 Oct 2025 21:20:39 +0000
In-Reply-To: <20251028212052.200523-1-sagis@google.com>
Precedence: bulk
X-Mailing-List: linux-kernel@vger.kernel.org
List-Id: <linux-kernel.vger.kernel.org>
List-Subscribe: <mailto:linux-kernel+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:linux-kernel+unsubscribe@vger.kernel.org>
Mime-Version: 1.0
References: <20251028212052.200523-1-sagis@google.com>
X-Mailer: git-send-email 2.51.1.851.g4ebd6896fd-goog
Message-ID: <20251028212052.200523-14-sagis@google.com>
Subject: [PATCH v12 13/23] KVM: selftests: TDX: Use KVM_TDX_CAPABILITIES to
 validate TDs' attribute configuration
From: Sagi Shahar <sagis@google.com>
To: linux-kselftest@vger.kernel.org, Paolo Bonzini <pbonzini@redhat.com>,
	Shuah Khan <shuah@kernel.org>, Sean Christopherson <seanjc@google.com>,
	Ackerley Tng <ackerleytng@google.com>, Ryan Afranji <afranji@google.com>,
	Andrew Jones <ajones@ventanamicro.com>,
 Isaku Yamahata <isaku.yamahata@intel.com>,
	Erdem Aktas <erdemaktas@google.com>,
 Rick Edgecombe <rick.p.edgecombe@intel.com>,
	Sagi Shahar <sagis@google.com>, Roger Wang <runanwang@google.com>,
	Binbin Wu <binbin.wu@linux.intel.com>, Oliver Upton <oliver.upton@linux.dev>,
	"Pratik R. Sampat" <pratikrajesh.sampat@amd.com>,
 Reinette Chatre <reinette.chatre@intel.com>,
	Ira Weiny <ira.weiny@intel.com>, Chao Gao <chao.gao@intel.com>,
	Chenyi Qiang <chenyi.qiang@intel.com>
Cc: linux-kernel@vger.kernel.org, kvm@vger.kernel.org
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain; charset="utf-8"

From: Isaku Yamahata <isaku.yamahata@intel.com>

Make sure that all the attributes enabled by the test are reported as
supported by the TDX module.

This also exercises the KVM_TDX_CAPABILITIES ioctl.

Signed-off-by: Isaku Yamahata <isaku.yamahata@intel.com>
Co-developed-by: Sagi Shahar <sagis@google.com>
Signed-off-by: Sagi Shahar <sagis@google.com>
Reviewed-by: Binbin Wu <binbin.wu@linux.intel.com>
Reviewed-by: Ira Weiny <ira.weiny@intel.com>
---
 tools/testing/selftests/kvm/lib/x86/tdx/tdx_util.c | 14 ++++++++++++++
 1 file changed, 14 insertions(+)

diff --git a/tools/testing/selftests/kvm/lib/x86/tdx/tdx_util.c b/tools/tes=
ting/selftests/kvm/lib/x86/tdx/tdx_util.c
index 7a622b4810b1..2551b3eac8f8 100644
--- a/tools/testing/selftests/kvm/lib/x86/tdx/tdx_util.c
+++ b/tools/testing/selftests/kvm/lib/x86/tdx/tdx_util.c
@@ -231,6 +231,18 @@ static void vm_tdx_filter_cpuid(struct kvm_vm *vm,
 	free(tdx_cap);
 }
=20
+static void tdx_check_attributes(struct kvm_vm *vm, uint64_t attributes)
+{
+	struct kvm_tdx_capabilities *tdx_cap;
+
+	tdx_cap =3D tdx_read_capabilities(vm);
+
+	/* Make sure all the attributes are reported as supported */
+	TEST_ASSERT_EQ(attributes & tdx_cap->supported_attrs, attributes);
+
+	free(tdx_cap);
+}
+
 void vm_tdx_init_vm(struct kvm_vm *vm, uint64_t attributes)
 {
 	struct kvm_tdx_init_vm *init_vm;
@@ -250,6 +262,8 @@ void vm_tdx_init_vm(struct kvm_vm *vm, uint64_t attribu=
tes)
 	memcpy(&init_vm->cpuid, cpuid, kvm_cpuid2_size(cpuid->nent));
 	free(cpuid);
=20
+	tdx_check_attributes(vm, attributes);
+
 	init_vm->attributes =3D attributes;
=20
 	vm_tdx_vm_ioctl(vm, KVM_TDX_INIT_VM, 0, init_vm);
--=20
2.51.1.851.g4ebd6896fd-goog
From nobody Wed Dec 17 10:41:48 2025
Received: from mail-ot1-f74.google.com (mail-ot1-f74.google.com
 [209.85.210.74])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id 0864B350D75
	for <linux-kernel@vger.kernel.org>; Tue, 28 Oct 2025 21:21:09 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org;
 arc=none smtp.client-ip=209.85.210.74
ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;
	t=1761686471; cv=none;
 b=jcRdNRLbPkK5qN8ccbQ08Ss6Wx5gB4FXMe8zYlVb8lwBZanU4R6HbhGAcVN87ySxUO0YttFo7kFlda4frOAlO5ewimwAAtkxhGalQvt3YqpZQw2pouv9la2rxIhiMFsJm9LOCcEdE3pkyEsbaXpEevPasm1xuPbHKk659J511K8=
ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org;
	s=arc-20240116; t=1761686471; c=relaxed/simple;
	bh=vjcKoVxUyMFdBNpUH5EV0hEcZvuRzhIkP9civjlkuQo=;
	h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From:
	 To:Cc:Content-Type;
 b=f3LOuo40PpwxUNZeRgVD656tZSEeW8YCAYdRMSkewnGAU1iIz6vEy3CpAu1HSKNUdWgjFk6MNYsnKeiirUEZdsKempl51WgbHsd/hBDHEAjJh8qYLwo6CQMg2Lv+eIzGcLzNVQvrMkHw6N50LhVc0wZBUhqCi9CKWfC6n0JvbOU=
ARC-Authentication-Results: i=1; smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com;
 spf=pass smtp.mailfrom=flex--sagis.bounces.google.com;
 dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b=OYbwj55L; arc=none smtp.client-ip=209.85.210.74
Authentication-Results: smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com
Authentication-Results: smtp.subspace.kernel.org;
 spf=pass smtp.mailfrom=flex--sagis.bounces.google.com
Authentication-Results: smtp.subspace.kernel.org;
	dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b="OYbwj55L"
Received: by mail-ot1-f74.google.com with SMTP id
 46e09a7af769-7c285473877so3411336a34.3
        for <linux-kernel@vger.kernel.org>;
 Tue, 28 Oct 2025 14:21:09 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=google.com; s=20230601; t=1761686469; x=1762291269;
 darn=vger.kernel.org;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:from:to:cc:subject:date:message-id:reply-to;
        bh=0oc8rR4nuEc1GfIKeSsx9lUre37E4S8CP1H4USv00uM=;
        b=OYbwj55L3cQCBhbAVhG9X5w87LENn7YqY8ZNdyYxm8o6VyF9p2o/nqKcv7DapNH69N
         wf4ql7GjrUUc0NHfl2MTNy+52avztxPrvYkpmqhXqGGWX6rpeeQTAjRhlYIvdT6JX+ZX
         ncTXPCHgv+Mk9xM1pkSpAR4Sw655RG1s+UaxuxCBITbY0kV8K/zDons4jDmjA7d0JL0N
         sQYX+bA/tooOoQokEfecNbP9kicAs4+bz8bnbKaGC/STTr4uJjmW/1vPTNaeL4bVknnX
         jASnmqLAXFnYH8UbjwbYxHLZhlt3Lx8JzPCyiF9RYJkCZr9mOX4r26KSHHqnJftM4H5I
         HeGw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1761686469; x=1762291269;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to;
        bh=0oc8rR4nuEc1GfIKeSsx9lUre37E4S8CP1H4USv00uM=;
        b=cQvlBzs3eo/P4l53WofZUgeZWtIaRqCX5Aq7MBQOWUY7MYeWRwKSjz6Ak4FwEIXipC
         yu2w6Ff52C+3h4TXj8QCrlwa7vaOSHgP/g1OK2EhL4mPnwBEuyRNSSht7rFP4+AIRlRO
         UlLyyHfBiUP693ONc9prresLZpnZvZIQnsoCJaFYFleppLFj1DbPVlWbnwfGFImuQ7jF
         Wps2ZuaB+nIt7BJl+ELsqOZvP2wQUVdG7lT2pGWV4Jrw1rrLqO64VP3LavYC3Lf2I2mi
         RzGCYzqkbV8QTCMhXhzqjHJ/CkR0jN2voaBY7IrUzDvotH2zpEvh282/PEkFvSlP9LgG
         7vIw==
X-Gm-Message-State: AOJu0YxwBslbqzLXXuTuoO8SpY1s0zisOaPrNJrfWUMPLGxTWSCKIl/e
	pn/OgA2r8xKXbDygkwliqq5YQHcyKplIm2nDUE5720QZ3JY0lyS0LlhC2XBHTU/7K3+5/R3YZqN
	jWQ==
X-Google-Smtp-Source: 
 AGHT+IHZMCGdpKqrQt1Ndz8cUX7RM3WeHfxynrLZL3xwZ6VBiPV5P6FIbF6ZCFaX1uUWwjdSNsQwirMvAA==
X-Received: from oibb23-n1.prod.google.com
 ([2002:a05:6808:a597:10b0:44d:b42b:240a])
 (user=sagis job=prod-delivery.src-stubby-dispatcher) by
 2002:a05:6808:c169:b0:44d:baaa:c52e
 with SMTP id 5614622812f47-44f7a55580bmr384625b6e.46.1761686469038; Tue, 28
 Oct 2025 14:21:09 -0700 (PDT)
Date: Tue, 28 Oct 2025 21:20:40 +0000
In-Reply-To: <20251028212052.200523-1-sagis@google.com>
Precedence: bulk
X-Mailing-List: linux-kernel@vger.kernel.org
List-Id: <linux-kernel.vger.kernel.org>
List-Subscribe: <mailto:linux-kernel+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:linux-kernel+unsubscribe@vger.kernel.org>
Mime-Version: 1.0
References: <20251028212052.200523-1-sagis@google.com>
X-Mailer: git-send-email 2.51.1.851.g4ebd6896fd-goog
Message-ID: <20251028212052.200523-15-sagis@google.com>
Subject: [PATCH v12 14/23] KVM: selftests: Add helpers to init TDX memory and
 finalize VM
From: Sagi Shahar <sagis@google.com>
To: linux-kselftest@vger.kernel.org, Paolo Bonzini <pbonzini@redhat.com>,
	Shuah Khan <shuah@kernel.org>, Sean Christopherson <seanjc@google.com>,
	Ackerley Tng <ackerleytng@google.com>, Ryan Afranji <afranji@google.com>,
	Andrew Jones <ajones@ventanamicro.com>,
 Isaku Yamahata <isaku.yamahata@intel.com>,
	Erdem Aktas <erdemaktas@google.com>,
 Rick Edgecombe <rick.p.edgecombe@intel.com>,
	Sagi Shahar <sagis@google.com>, Roger Wang <runanwang@google.com>,
	Binbin Wu <binbin.wu@linux.intel.com>, Oliver Upton <oliver.upton@linux.dev>,
	"Pratik R. Sampat" <pratikrajesh.sampat@amd.com>,
 Reinette Chatre <reinette.chatre@intel.com>,
	Ira Weiny <ira.weiny@intel.com>, Chao Gao <chao.gao@intel.com>,
	Chenyi Qiang <chenyi.qiang@intel.com>
Cc: linux-kernel@vger.kernel.org, kvm@vger.kernel.org
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain; charset="utf-8"

From: Ackerley Tng <ackerleytng@google.com>

TDX protected memory needs to be measured and encrypted before it can be
used by the guest. Traverse the VM's memory regions and initialize all
the protected ranges by calling KVM_TDX_INIT_MEM_REGION.

Once all the memory is initialized, the VM can be finalized by calling
KVM_TDX_FINALIZE_VM.

Signed-off-by: Ackerley Tng <ackerleytng@google.com>
Co-developed-by: Erdem Aktas <erdemaktas@google.com>
Signed-off-by: Erdem Aktas <erdemaktas@google.com>
Co-developed-by: Sagi Shahar <sagis@google.com>
Signed-off-by: Sagi Shahar <sagis@google.com>
Reviewed-by: Binbin Wu <binbin.wu@linux.intel.com>
Reviewed-by: Ira Weiny <ira.weiny@intel.com>
---
 .../selftests/kvm/include/x86/tdx/tdx_util.h  |  2 +
 .../selftests/kvm/lib/x86/tdx/tdx_util.c      | 58 +++++++++++++++++++
 2 files changed, 60 insertions(+)

diff --git a/tools/testing/selftests/kvm/include/x86/tdx/tdx_util.h b/tools=
/testing/selftests/kvm/include/x86/tdx/tdx_util.h
index a2509959c7ce..2467b6c35557 100644
--- a/tools/testing/selftests/kvm/include/x86/tdx/tdx_util.h
+++ b/tools/testing/selftests/kvm/include/x86/tdx/tdx_util.h
@@ -71,4 +71,6 @@ void vm_tdx_load_common_boot_parameters(struct kvm_vm *vm=
);
 void vm_tdx_load_vcpu_boot_parameters(struct kvm_vm *vm, struct kvm_vcpu *=
vcpu);
 void vm_tdx_set_vcpu_entry_point(struct kvm_vcpu *vcpu, void *guest_code);
=20
+void vm_tdx_finalize(struct kvm_vm *vm);
+
 #endif // SELFTESTS_TDX_TDX_UTIL_H
diff --git a/tools/testing/selftests/kvm/lib/x86/tdx/tdx_util.c b/tools/tes=
ting/selftests/kvm/lib/x86/tdx/tdx_util.c
index 2551b3eac8f8..53cfadeff8de 100644
--- a/tools/testing/selftests/kvm/lib/x86/tdx/tdx_util.c
+++ b/tools/testing/selftests/kvm/lib/x86/tdx/tdx_util.c
@@ -270,3 +270,61 @@ void vm_tdx_init_vm(struct kvm_vm *vm, uint64_t attrib=
utes)
=20
 	free(init_vm);
 }
+
+static void tdx_init_mem_region(struct kvm_vm *vm, void *source_pages,
+				uint64_t gpa, uint64_t size)
+{
+	uint32_t metadata =3D KVM_TDX_MEASURE_MEMORY_REGION;
+	struct kvm_tdx_init_mem_region mem_region =3D {
+		.source_addr =3D (uint64_t)source_pages,
+		.gpa =3D gpa,
+		.nr_pages =3D size / PAGE_SIZE,
+	};
+	struct kvm_vcpu *vcpu;
+
+	vcpu =3D list_first_entry_or_null(&vm->vcpus, struct kvm_vcpu, list);
+
+	TEST_ASSERT((mem_region.nr_pages > 0) &&
+		    ((mem_region.nr_pages * PAGE_SIZE) =3D=3D size),
+		    "Cannot add partial pages to the guest memory.\n");
+	TEST_ASSERT(((uint64_t)source_pages & (PAGE_SIZE - 1)) =3D=3D 0,
+		    "Source memory buffer is not page aligned\n");
+	vm_tdx_vcpu_ioctl(vcpu, KVM_TDX_INIT_MEM_REGION, metadata, &mem_region);
+}
+
+static void load_td_private_memory(struct kvm_vm *vm)
+{
+	struct userspace_mem_region *region;
+	int ctr;
+
+	hash_for_each(vm->regions.slot_hash, ctr, region, slot_node) {
+		const struct sparsebit *protected_pages =3D region->protected_phy_pages;
+		const vm_paddr_t gpa_base =3D region->region.guest_phys_addr;
+		const uint64_t hva_base =3D region->region.userspace_addr;
+		const sparsebit_idx_t lowest_page_in_region =3D gpa_base >> vm->page_shi=
ft;
+		sparsebit_idx_t i, j;
+
+		if (!sparsebit_any_set(protected_pages))
+			continue;
+
+		TEST_ASSERT(region->region.guest_memfd !=3D -1,
+			    "TD private memory must be backed by guest_memfd");
+
+		sparsebit_for_each_set_range(protected_pages, i, j) {
+			const uint64_t size_to_load =3D (j - i + 1) * vm->page_size;
+			const uint64_t offset =3D
+				(i - lowest_page_in_region) * vm->page_size;
+			const uint64_t hva =3D hva_base + offset;
+			const uint64_t gpa =3D gpa_base + offset;
+
+			vm_mem_set_private(vm, gpa, size_to_load);
+			tdx_init_mem_region(vm, (void *)hva, gpa, size_to_load);
+		}
+	}
+}
+
+void vm_tdx_finalize(struct kvm_vm *vm)
+{
+	load_td_private_memory(vm);
+	vm_tdx_vm_ioctl(vm, KVM_TDX_FINALIZE_VM, 0, NULL);
+}
--=20
2.51.1.851.g4ebd6896fd-goog
From nobody Wed Dec 17 10:41:48 2025
Received: from mail-io1-f73.google.com (mail-io1-f73.google.com
 [209.85.166.73])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id 0DDBE357A4B
	for <linux-kernel@vger.kernel.org>; Tue, 28 Oct 2025 21:21:10 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org;
 arc=none smtp.client-ip=209.85.166.73
ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;
	t=1761686472; cv=none;
 b=X8gmIhIJi/ZMlqPQqiMz+s6se8NQCMieKY/PFKGA+eela9jAaF2qfVDyBIQmVXAWMBcdK/cswyLRehflC6+unY74cO02UKLSp+mhm644jd92bOF4wSY3TE/rHty6SQIqz10ziIthE6ZF3oHBwm6x+v1jdguJSb3gUQSEj9DCzd4=
ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org;
	s=arc-20240116; t=1761686472; c=relaxed/simple;
	bh=GD8RpuEVFGCL+XuV4adFosheQV6HDq3yOqYf0EYNM+E=;
	h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From:
	 To:Cc:Content-Type;
 b=XKPH8lQWKNjCeFXvWwZgx8q6BZlW5KxC9l3qrdnIRaXaBgpV3sg3Ro8/WgAiJRfxbWjP8+mhpSllnAgtu9FIjwHy3uUsBle1l0/4h8NWHLhSyZ1jPG7YRneDxmlJyao2aSAyUdE4mMXHaZezYHV3Xd+TuNua/02IQ+5haXKKDxo=
ARC-Authentication-Results: i=1; smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com;
 spf=pass smtp.mailfrom=flex--sagis.bounces.google.com;
 dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b=ZBjmAsmD; arc=none smtp.client-ip=209.85.166.73
Authentication-Results: smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com
Authentication-Results: smtp.subspace.kernel.org;
 spf=pass smtp.mailfrom=flex--sagis.bounces.google.com
Authentication-Results: smtp.subspace.kernel.org;
	dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b="ZBjmAsmD"
Received: by mail-io1-f73.google.com with SMTP id
 ca18e2360f4ac-945a4849260so1050300939f.3
        for <linux-kernel@vger.kernel.org>;
 Tue, 28 Oct 2025 14:21:10 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=google.com; s=20230601; t=1761686470; x=1762291270;
 darn=vger.kernel.org;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:from:to:cc:subject:date:message-id:reply-to;
        bh=CmNxfYa4zbG7utcl3tEiG2lWhptjnWh39yF9cxazXJA=;
        b=ZBjmAsmDscIFPArqdHX5XLZBjP1LA8Dkw2kg5FCrNZea82FNTor1SUwDG8SSJ5iDw2
         8OSaPilvIpCG6IB3TsCmBLAC7wq5zWcfUWKOZtsZAd6iH1Aqo4odW84R1/y2VgmgNJ3j
         LGzBqfrgxKVxPx0ggejgpDr0E4IzpZkzoyfk4M2Q5HOiva6vC1/xZf8sxXq1QoLl831r
         CMZ2A9KhZsVEpfjQ4/j6SddzkY9m7DQHOOg0nYqRWUCuYkrpADuL9NHRplUgqixzffKZ
         99mlvkrsoChk1vye5MycPVOxtQwpeq9pLsotHGtnuSClZAM7WIesUFkScakenv3olaQl
         kYqg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1761686470; x=1762291270;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to;
        bh=CmNxfYa4zbG7utcl3tEiG2lWhptjnWh39yF9cxazXJA=;
        b=Up6TOcZDuWFudouFe7frH4w4V51MSNrZ+rNRsn5NDVj0AvnMTJcb5UaeWfttgADBV5
         reZq0EgTmq0N2fHrgI6WlaiqKR6T/zl5aPROGuSqKE6K4wrZBAakNFiOqsBeTjWUJ1EX
         diEuRlfLjgaPWCvN/B6MndJ5uDFgUUtDZJw8aMrlvWyAMvELww7TLvJ1ekcHyLcxcvPR
         pakwj5d6qNjrHrbP18F1upNie5QdPaCO8DDqqi+81MD9FNUohcKUCtiJ6+ia9718FiHL
         qbtFq+Ss+EootS0MXbkh6FBbHImabr0u5Iaduk+ud6Y7EYKusTOn5QLQCQWJyAsbN2Vp
         yQSw==
X-Gm-Message-State: AOJu0YyIjMOHOLi1ej5HcRh82r9IOIHL3WZimkfC+uK/cSoxkBaEiGD0
	zTjjQl2zeMSCSJ35BMhdco7s3eHJ88AtkmzsHQ1DCai1t+zcmOisRJMaRIX1y9S+NbjljwZ2Uqe
	eTQ==
X-Google-Smtp-Source: 
 AGHT+IENgvHr4RL1+a3zLcwxL/tyV+1AiIQfR4t+3Nsc1jQj6XZAwYUcTnvjsmwnZ44L3G0mI/LMYjwpkQ==
X-Received: from iobbi12.prod.google.com
 ([2002:a05:6602:358c:b0:945:ab36:29ab])
 (user=sagis job=prod-delivery.src-stubby-dispatcher) by
 2002:a05:6602:6d04:b0:93e:8bfb:726a
 with SMTP id ca18e2360f4ac-945c9898ab3mr141556239f.18.1761686470077; Tue, 28
 Oct 2025 14:21:10 -0700 (PDT)
Date: Tue, 28 Oct 2025 21:20:41 +0000
In-Reply-To: <20251028212052.200523-1-sagis@google.com>
Precedence: bulk
X-Mailing-List: linux-kernel@vger.kernel.org
List-Id: <linux-kernel.vger.kernel.org>
List-Subscribe: <mailto:linux-kernel+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:linux-kernel+unsubscribe@vger.kernel.org>
Mime-Version: 1.0
References: <20251028212052.200523-1-sagis@google.com>
X-Mailer: git-send-email 2.51.1.851.g4ebd6896fd-goog
Message-ID: <20251028212052.200523-16-sagis@google.com>
Subject: [PATCH v12 15/23] KVM: selftests: Call TDX init when creating a new
 TDX vm
From: Sagi Shahar <sagis@google.com>
To: linux-kselftest@vger.kernel.org, Paolo Bonzini <pbonzini@redhat.com>,
	Shuah Khan <shuah@kernel.org>, Sean Christopherson <seanjc@google.com>,
	Ackerley Tng <ackerleytng@google.com>, Ryan Afranji <afranji@google.com>,
	Andrew Jones <ajones@ventanamicro.com>,
 Isaku Yamahata <isaku.yamahata@intel.com>,
	Erdem Aktas <erdemaktas@google.com>,
 Rick Edgecombe <rick.p.edgecombe@intel.com>,
	Sagi Shahar <sagis@google.com>, Roger Wang <runanwang@google.com>,
	Binbin Wu <binbin.wu@linux.intel.com>, Oliver Upton <oliver.upton@linux.dev>,
	"Pratik R. Sampat" <pratikrajesh.sampat@amd.com>,
 Reinette Chatre <reinette.chatre@intel.com>,
	Ira Weiny <ira.weiny@intel.com>, Chao Gao <chao.gao@intel.com>,
	Chenyi Qiang <chenyi.qiang@intel.com>
Cc: linux-kernel@vger.kernel.org, kvm@vger.kernel.org
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain; charset="utf-8"

TDX VMs need to issue the KVM_TDX_INIT_VM ioctl after VM creation to
initialize the TD. This ioctl also sets the cpuids and attributes for
the VM.

At this point we can also set the common boot parameters such as CR3,
CR4, etc. These parameters will get copied to the relevant registers by
the TD boot code trampoline.

Signed-off-by: Sagi Shahar <sagis@google.com>

---------------------------------------------

Changes from v10:
 * The call to vm_tdx_load_common_boot_parameters() was accidently
   dropped as part of the refactor from v9 to v10. I re-added it here.
---
 tools/testing/selftests/kvm/lib/x86/processor.c | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/tools/testing/selftests/kvm/lib/x86/processor.c b/tools/testin=
g/selftests/kvm/lib/x86/processor.c
index 5f75bd48623b..990f2769c5d8 100644
--- a/tools/testing/selftests/kvm/lib/x86/processor.c
+++ b/tools/testing/selftests/kvm/lib/x86/processor.c
@@ -676,6 +676,11 @@ void kvm_arch_vm_post_create(struct kvm_vm *vm, unsign=
ed int nr_vcpus)
 		vm_sev_ioctl(vm, KVM_SEV_INIT2, &init);
 	}
=20
+	if (is_tdx_vm(vm)) {
+		vm_tdx_init_vm(vm, 0);
+		vm_tdx_load_common_boot_parameters(vm);
+	}
+
 	r =3D __vm_ioctl(vm, KVM_GET_TSC_KHZ, NULL);
 	TEST_ASSERT(r > 0, "KVM_GET_TSC_KHZ did not provide a valid TSC frequency=
.");
 	guest_tsc_khz =3D r;
--=20
2.51.1.851.g4ebd6896fd-goog
From nobody Wed Dec 17 10:41:48 2025
Received: from mail-io1-f73.google.com (mail-io1-f73.google.com
 [209.85.166.73])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id E4D293587B1
	for <linux-kernel@vger.kernel.org>; Tue, 28 Oct 2025 21:21:11 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org;
 arc=none smtp.client-ip=209.85.166.73
ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;
	t=1761686473; cv=none;
 b=Ir1DKveK+UWhZeGOxr8N3fL1ZvPxCkfYfPH5PM9OF3TjykqFzZkVV6zNaUpqjMDjBnaW5rztL36JrdpMEw1uLjc7SlekWa/qE1IVY1a9zr9/ZmbigyClFJW36z8zLiixCv16sCQBGU3RNe3r5DBRFceIWk4k/hIyN2bNyFeunEo=
ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org;
	s=arc-20240116; t=1761686473; c=relaxed/simple;
	bh=SSju8hpgRQCCYa/WGy2Hfs2TSfVu9BNYRaRjeYxTtX4=;
	h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From:
	 To:Cc:Content-Type;
 b=AJmHQQI9/a8NomqPIBSAKFSOoeT4IqL+jyFfqOYUJ6yDf85ngEPAqtzO7d1vk6Zh+z2YnTOFzRfWEauzI8zCVDfrJclEUeDIbwrMq9ajR5J9O5JdYQ0YwCOTtu3eAH36Gxv12BQydSYkX1cDnUb4Vwne/NNo4hdg5MwTE1ewAwg=
ARC-Authentication-Results: i=1; smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com;
 spf=pass smtp.mailfrom=flex--sagis.bounces.google.com;
 dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b=PN3EpJhS; arc=none smtp.client-ip=209.85.166.73
Authentication-Results: smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com
Authentication-Results: smtp.subspace.kernel.org;
 spf=pass smtp.mailfrom=flex--sagis.bounces.google.com
Authentication-Results: smtp.subspace.kernel.org;
	dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b="PN3EpJhS"
Received: by mail-io1-f73.google.com with SMTP id
 ca18e2360f4ac-9435917adb9so450476139f.2
        for <linux-kernel@vger.kernel.org>;
 Tue, 28 Oct 2025 14:21:11 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=google.com; s=20230601; t=1761686471; x=1762291271;
 darn=vger.kernel.org;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:from:to:cc:subject:date:message-id:reply-to;
        bh=QBAte3bSxg2BqVPcwX5kZwUWKIXNaVBiblLvlrGYl+I=;
        b=PN3EpJhSz93SgWE/QgkZAghervIAL9XSnR9IcBr8s/H6juAoBlRXTF0JPhLBfI8xpj
         hsG19I+qSB2trM6gNHNDASSoUTqAaRERBheYztBE/bVwekLANafAEfFfnsoaUQP6Q/1w
         hBIERKBN2Hyq0P9Vw2yP9bT2MKoKZVW0YuaqIe8SYYmFmMLkqmeUYwydQifJUDYAgJNj
         da0AAeOap1yXo6iTRjKBSz80TapPysmD6WRwVZ9RyUh/s9JmN9yvp6mYSi28Bu5wKEzt
         e8xyB97M91cMKUWxaReN+Y+yaglPY2OaDnV7G51kRxIgP3lP9bS8aMd0zJhVL+93pPCz
         OxBA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1761686471; x=1762291271;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to;
        bh=QBAte3bSxg2BqVPcwX5kZwUWKIXNaVBiblLvlrGYl+I=;
        b=dnzPgySRt0Xdd6PS6JCIPxoI8/ozHR6UwTjAMTFGiV1agbxWT8J/p08jRxGY1T0u+R
         lEkUm/YKx/7EZu8K5WBy+7EQcu3EgFE4Gsb4x9HKCHzqIjEYkxJztc8XtuB+TMOgw4gX
         1dRtNGf7/9xcfMLi/HGpnzyQwruujIy9zAnhTqeuuFmupcK9h0AC7PYMF/nO2LqWhNcL
         141TRddE1QlMp7rOOTpHbLlUPcoW/4wo4sZxqX1J3JCQy13rYXnO/OwwjHx5b9Grf4FH
         w5pw7mKtcuXCcfIUaso2nF6GlifD+ZN8bOOyuefRsuOTmG/H9ErOiJKRfKn/QwAgyETg
         gHHQ==
X-Gm-Message-State: AOJu0YxoUzvLKsN283sbOKGVa/rKmCOvnN1uh0kblUAMUftcUfk0ymXd
	hFcGlhhPZawI+Wxy7zq64uWaBQUxjy1mfYXV+arEzcBOBJThQLkTcOw3L8J3vr/F6dTHRlJi25N
	LXw==
X-Google-Smtp-Source: 
 AGHT+IFVnL1JsXwsLvk50B/SKrEvdQC++PNX0X79tl9ZHtDXjwYj/yy71zzwBMqAzW19g/ROZBqxSRYz3g==
X-Received: from iobbh7.prod.google.com
 ([2002:a05:6602:3707:b0:941:eeba:3c0b])
 (user=sagis job=prod-delivery.src-stubby-dispatcher) by
 2002:a05:6602:6d84:b0:945:b097:7cf1
 with SMTP id ca18e2360f4ac-945c965dc0amr154513839f.3.1761686470850; Tue, 28
 Oct 2025 14:21:10 -0700 (PDT)
Date: Tue, 28 Oct 2025 21:20:42 +0000
In-Reply-To: <20251028212052.200523-1-sagis@google.com>
Precedence: bulk
X-Mailing-List: linux-kernel@vger.kernel.org
List-Id: <linux-kernel.vger.kernel.org>
List-Subscribe: <mailto:linux-kernel+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:linux-kernel+unsubscribe@vger.kernel.org>
Mime-Version: 1.0
References: <20251028212052.200523-1-sagis@google.com>
X-Mailer: git-send-email 2.51.1.851.g4ebd6896fd-goog
Message-ID: <20251028212052.200523-17-sagis@google.com>
Subject: [PATCH v12 16/23] KVM: selftests: Setup memory regions for TDX on vm
 creation
From: Sagi Shahar <sagis@google.com>
To: linux-kselftest@vger.kernel.org, Paolo Bonzini <pbonzini@redhat.com>,
	Shuah Khan <shuah@kernel.org>, Sean Christopherson <seanjc@google.com>,
	Ackerley Tng <ackerleytng@google.com>, Ryan Afranji <afranji@google.com>,
	Andrew Jones <ajones@ventanamicro.com>,
 Isaku Yamahata <isaku.yamahata@intel.com>,
	Erdem Aktas <erdemaktas@google.com>,
 Rick Edgecombe <rick.p.edgecombe@intel.com>,
	Sagi Shahar <sagis@google.com>, Roger Wang <runanwang@google.com>,
	Binbin Wu <binbin.wu@linux.intel.com>, Oliver Upton <oliver.upton@linux.dev>,
	"Pratik R. Sampat" <pratikrajesh.sampat@amd.com>,
 Reinette Chatre <reinette.chatre@intel.com>,
	Ira Weiny <ira.weiny@intel.com>, Chao Gao <chao.gao@intel.com>,
	Chenyi Qiang <chenyi.qiang@intel.com>
Cc: linux-kernel@vger.kernel.org, kvm@vger.kernel.org
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain; charset="utf-8"

Guest registers are inaccessible to kvm for TDX VMs. In order to set
register values for TDX we use a special boot code which loads the
register values from memory and write them into the appropriate
registers.

This patch sets up the memory regions used for the boot code and the
boot parameters for TDX.

Signed-off-by: Sagi Shahar <sagis@google.com>
---
 tools/testing/selftests/kvm/lib/kvm_util.c | 9 ++++++++-
 1 file changed, 8 insertions(+), 1 deletion(-)

diff --git a/tools/testing/selftests/kvm/lib/kvm_util.c b/tools/testing/sel=
ftests/kvm/lib/kvm_util.c
index 0e6a487ca7a4..086e8a2a4d99 100644
--- a/tools/testing/selftests/kvm/lib/kvm_util.c
+++ b/tools/testing/selftests/kvm/lib/kvm_util.c
@@ -4,6 +4,7 @@
  *
  * Copyright (C) 2018, Google LLC.
  */
+#include "tdx/tdx_util.h"
 #include "test_util.h"
 #include "kvm_util.h"
 #include "processor.h"
@@ -435,7 +436,7 @@ void kvm_set_files_rlimit(uint32_t nr_vcpus)
 static bool is_guest_memfd_required(struct vm_shape shape)
 {
 #ifdef __x86_64__
-	return shape.type =3D=3D KVM_X86_SNP_VM;
+	return (shape.type =3D=3D KVM_X86_SNP_VM || shape.type =3D=3D KVM_X86_TDX=
_VM);
 #else
 	return false;
 #endif
@@ -469,6 +470,12 @@ struct kvm_vm *__vm_create(struct vm_shape shape, uint=
32_t nr_runnable_vcpus,
 	for (i =3D 0; i < NR_MEM_REGIONS; i++)
 		vm->memslots[i] =3D 0;
=20
+	if (is_tdx_vm(vm)) {
+		/* Setup additional mem regions for TDX. */
+		vm_tdx_setup_boot_code_region(vm);
+		vm_tdx_setup_boot_parameters_region(vm, nr_runnable_vcpus);
+	}
+
 	kvm_vm_elf_load(vm, program_invocation_name);
=20
 	/*
--=20
2.51.1.851.g4ebd6896fd-goog
From nobody Wed Dec 17 10:41:48 2025
Received: from mail-io1-f73.google.com (mail-io1-f73.google.com
 [209.85.166.73])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id 95A323587C6
	for <linux-kernel@vger.kernel.org>; Tue, 28 Oct 2025 21:21:12 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org;
 arc=none smtp.client-ip=209.85.166.73
ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;
	t=1761686474; cv=none;
 b=TVbaNk5VkDkC3ZB9A4Cd3g9S0C90s9O+XCaQHPuhB44qMaAyVbRcI2WViaPM5pHdvfUJheoV5J1gVDwzP4N5W3bVhq5ojP/SJxwr4fymt9w2ZsetXV/l0IczGjhx/GJ6qXrEtoWFr6AaeiLx5qWUVO3h6fCaGZDkDasM5ogCx8U=
ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org;
	s=arc-20240116; t=1761686474; c=relaxed/simple;
	bh=FNuIYYaTDnExBaJlJLyltrsAwMmyaJqObjpLAPe8cjE=;
	h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From:
	 To:Cc:Content-Type;
 b=GDHgL+42zKhsMYweMCk6o/3q8nzsW2BaJjXzXkALTD6jCWxRTiohi9AU8O+EXsJPKNoM8o1aHzegILwTh2GEst4gEtwY7S7ikKLtUxQfMXdXgUaQZB8uiD9mxkQw7Aax8oNP9KWQ6MvH5N4XCaaUj8GeDs7YcQbspltZ+6yavjY=
ARC-Authentication-Results: i=1; smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com;
 spf=pass smtp.mailfrom=flex--sagis.bounces.google.com;
 dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b=pDez+d29; arc=none smtp.client-ip=209.85.166.73
Authentication-Results: smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com
Authentication-Results: smtp.subspace.kernel.org;
 spf=pass smtp.mailfrom=flex--sagis.bounces.google.com
Authentication-Results: smtp.subspace.kernel.org;
	dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b="pDez+d29"
Received: by mail-io1-f73.google.com with SMTP id
 ca18e2360f4ac-940d395fd10so1991961739f.1
        for <linux-kernel@vger.kernel.org>;
 Tue, 28 Oct 2025 14:21:12 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=google.com; s=20230601; t=1761686472; x=1762291272;
 darn=vger.kernel.org;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:from:to:cc:subject:date:message-id:reply-to;
        bh=wtNpCTnCzrMlYFhLw7qwZUR1YJujCF7DVHm7Qw4COQg=;
        b=pDez+d29ZUBLyQ2z+W4MxL17R9bxZzpkYFI+0uoSoAcHHhNmx3F6IL/QOVdQx+5jB6
         kwoFy1qMOQCOa+aZ1wuuooglZq+dy8ayyD9BXBiKD+PWiJCLQHD3ZCoSwhrFT6lM4iPR
         c4gWuiil9aBtofSQfHw4Lx7+OSSHoIctke40GBKXgdYHXAIxD+8lBHr4vLCxCTx8rJDk
         EfmzVBuDWqS04QdwdIAaBosmAV6V0xO4CLGwyVt/rJ2RFLB6ITfjCjLK96VftOMLpaj0
         a5YQcL8RChK4nlnxJJeaL1Qd4AT/29d7iU/4Dlwcmy1EK0rlCd1zI+tFq1MyQWU7RXCw
         gT2g==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1761686472; x=1762291272;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to;
        bh=wtNpCTnCzrMlYFhLw7qwZUR1YJujCF7DVHm7Qw4COQg=;
        b=EQag28OJvaoxp/n19TGODYyigsDA88u/LKkth4YSDsLTGeG/wRRFPAFDAtwlWFbDKy
         Bydz1s7GrLCAcOOZ25rr0xaKtTtc7FN+CLZFBOixbAirRMXrdnr6tbAuv4pvecPoJD7d
         RgRfPSnRh8ak8O1CC+mGE6nb4M7Ih+4dGVjxcC/cDshCqK6nL2cT6wkVulmcWLapdouI
         iCz8TgAf44mPmAzkWSlabBj4fr5/6MMUE+Emtjg95oBDReV8exYBcqxksdPycrfjjbLh
         R0BWlo27W8sIcwRR+3Fpe9yniaWl1RKwsIRP1SB6KM7gNyRY0loEE4C9owLlbWDt+lh2
         8YoA==
X-Gm-Message-State: AOJu0YxZ6n8tLfR4hFmwjgjKsiGhBZBvxNS/jIO+Z45xV0Il/x027lpc
	QNZU++SOfXgCcVEl+vBz8i9n5CB0ULmKIMcSoXWCFeJBldV7py+oTgDpxwJ8JU0mwXWaVzq1FOy
	vbw==
X-Google-Smtp-Source: 
 AGHT+IE4wigd+sbcojUz5qHvrr7kF5OQrUZWBBxs3tohiwBFRj7c0ff5ucgIVmL3YMeSBqq9v4qFKvnm5A==
X-Received: from iobhd10.prod.google.com
 ([2002:a05:6602:680a:b0:945:af6f:682e])
 (user=sagis job=prod-delivery.src-stubby-dispatcher) by
 2002:a05:6602:2d83:b0:945:abea:9f6a
 with SMTP id ca18e2360f4ac-945c9889dc5mr154675739f.19.1761686471591; Tue, 28
 Oct 2025 14:21:11 -0700 (PDT)
Date: Tue, 28 Oct 2025 21:20:43 +0000
In-Reply-To: <20251028212052.200523-1-sagis@google.com>
Precedence: bulk
X-Mailing-List: linux-kernel@vger.kernel.org
List-Id: <linux-kernel.vger.kernel.org>
List-Subscribe: <mailto:linux-kernel+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:linux-kernel+unsubscribe@vger.kernel.org>
Mime-Version: 1.0
References: <20251028212052.200523-1-sagis@google.com>
X-Mailer: git-send-email 2.51.1.851.g4ebd6896fd-goog
Message-ID: <20251028212052.200523-18-sagis@google.com>
Subject: [PATCH v12 17/23] KVM: selftests: Call KVM_TDX_INIT_VCPU when
 creating a new TDX vcpu
From: Sagi Shahar <sagis@google.com>
To: linux-kselftest@vger.kernel.org, Paolo Bonzini <pbonzini@redhat.com>,
	Shuah Khan <shuah@kernel.org>, Sean Christopherson <seanjc@google.com>,
	Ackerley Tng <ackerleytng@google.com>, Ryan Afranji <afranji@google.com>,
	Andrew Jones <ajones@ventanamicro.com>,
 Isaku Yamahata <isaku.yamahata@intel.com>,
	Erdem Aktas <erdemaktas@google.com>,
 Rick Edgecombe <rick.p.edgecombe@intel.com>,
	Sagi Shahar <sagis@google.com>, Roger Wang <runanwang@google.com>,
	Binbin Wu <binbin.wu@linux.intel.com>, Oliver Upton <oliver.upton@linux.dev>,
	"Pratik R. Sampat" <pratikrajesh.sampat@amd.com>,
 Reinette Chatre <reinette.chatre@intel.com>,
	Ira Weiny <ira.weiny@intel.com>, Chao Gao <chao.gao@intel.com>,
	Chenyi Qiang <chenyi.qiang@intel.com>
Cc: linux-kernel@vger.kernel.org, kvm@vger.kernel.org
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain; charset="utf-8"

TDX VMs need to issue the KVM_TDX_INIT_VCPU ioctl for each vcpu after
vcpu creation.

Since the cpuids for TD are managed by the TDX module, read the values
virtualized for the TD using KVM_TDX_GET_CPUID and set them in kvm using
KVM_SET_CPUID2 so that kvm has an accurate view of the VM cpuid values.

Signed-off-by: Sagi Shahar <sagis@google.com>
---
 .../testing/selftests/kvm/lib/x86/processor.c | 35 ++++++++++++++-----
 1 file changed, 27 insertions(+), 8 deletions(-)

diff --git a/tools/testing/selftests/kvm/lib/x86/processor.c b/tools/testin=
g/selftests/kvm/lib/x86/processor.c
index 990f2769c5d8..036875fe140f 100644
--- a/tools/testing/selftests/kvm/lib/x86/processor.c
+++ b/tools/testing/selftests/kvm/lib/x86/processor.c
@@ -722,6 +722,19 @@ vm_vaddr_t kvm_allocate_vcpu_stack(struct kvm_vm *vm)
 	return stack_vaddr;
 }
=20
+static void vm_tdx_vcpu_add(struct kvm_vm *vm, struct kvm_vcpu *vcpu)
+{
+	struct kvm_cpuid2 *cpuid;
+
+	cpuid =3D allocate_kvm_cpuid2(MAX_NR_CPUID_ENTRIES);
+	vm_tdx_vcpu_ioctl(vcpu, KVM_TDX_GET_CPUID, 0, cpuid);
+	vcpu_init_cpuid(vcpu, cpuid);
+	free(cpuid);
+	vm_tdx_vcpu_ioctl(vcpu, KVM_TDX_INIT_VCPU, 0, NULL);
+
+	vm_tdx_load_vcpu_boot_parameters(vm, vcpu);
+}
+
 struct kvm_vcpu *vm_arch_vcpu_add(struct kvm_vm *vm, uint32_t vcpu_id)
 {
 	struct kvm_mp_state mp_state;
@@ -729,15 +742,21 @@ struct kvm_vcpu *vm_arch_vcpu_add(struct kvm_vm *vm, =
uint32_t vcpu_id)
 	struct kvm_vcpu *vcpu;
=20
 	vcpu =3D __vm_vcpu_add(vm, vcpu_id);
-	vcpu_init_cpuid(vcpu, kvm_get_supported_cpuid());
-	vcpu_init_sregs(vm, vcpu);
-	vcpu_init_xcrs(vm, vcpu);
=20
-	/* Setup guest general purpose registers */
-	vcpu_regs_get(vcpu, &regs);
-	regs.rflags =3D regs.rflags | 0x2;
-	regs.rsp =3D kvm_allocate_vcpu_stack(vm);
-	vcpu_regs_set(vcpu, &regs);
+	if (is_tdx_vm(vm)) {
+		vm_tdx_vcpu_add(vm, vcpu);
+	} else {
+		vcpu_init_cpuid(vcpu, kvm_get_supported_cpuid());
+
+		vcpu_init_sregs(vm, vcpu);
+		vcpu_init_xcrs(vm, vcpu);
+
+		/* Setup guest general purpose registers */
+		vcpu_regs_get(vcpu, &regs);
+		regs.rflags =3D regs.rflags | 0x2;
+		regs.rsp =3D kvm_allocate_vcpu_stack(vm);
+		vcpu_regs_set(vcpu, &regs);
+	}
=20
 	/* Setup the MP state */
 	mp_state.mp_state =3D 0;
--=20
2.51.1.851.g4ebd6896fd-goog
From nobody Wed Dec 17 10:41:48 2025
Received: from mail-io1-f74.google.com (mail-io1-f74.google.com
 [209.85.166.74])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id 67B4F351FB6
	for <linux-kernel@vger.kernel.org>; Tue, 28 Oct 2025 21:21:13 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org;
 arc=none smtp.client-ip=209.85.166.74
ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;
	t=1761686475; cv=none;
 b=rsn43nKh9j96MU93ENh4qMQUpVo33t1SJ1nRNInRcfMyiKCXlwZkwJNcL1F8UNUQu5rlngO41x5BJ/ILxE1ddfppWoXNFvpQKwbsXVZctBE8eNqYHwroL/TzWJVeLN8Yp02wMe+wguW8baclihmQnBq3LMHJMebFIv+/AcWqFsg=
ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org;
	s=arc-20240116; t=1761686475; c=relaxed/simple;
	bh=XHCbxfrzoGdDsdrcY2rTVu1R1r7Is2Kmr5rE68Lc/fc=;
	h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From:
	 To:Cc:Content-Type;
 b=L7Y7L23bpWwOh3c3UIbvUqyFgvgX8k84bv65T1FL/tsRrDs/Vp9vBAdHs3JN4tzbJPDh/5s1fhh9O88GP1wZ9hoEf+ERG37tNSO6iDR8TiX4kiS0T9LZ8RgPlFaRW0vQ5A/gjPT7zQzpNRXJAvrK7xp4j+GHiuMT875k8A9hg2I=
ARC-Authentication-Results: i=1; smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com;
 spf=pass smtp.mailfrom=flex--sagis.bounces.google.com;
 dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b=Il+8Y5gG; arc=none smtp.client-ip=209.85.166.74
Authentication-Results: smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com
Authentication-Results: smtp.subspace.kernel.org;
 spf=pass smtp.mailfrom=flex--sagis.bounces.google.com
Authentication-Results: smtp.subspace.kernel.org;
	dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b="Il+8Y5gG"
Received: by mail-io1-f74.google.com with SMTP id
 ca18e2360f4ac-93e809242d0so1882174939f.0
        for <linux-kernel@vger.kernel.org>;
 Tue, 28 Oct 2025 14:21:13 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=google.com; s=20230601; t=1761686472; x=1762291272;
 darn=vger.kernel.org;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:from:to:cc:subject:date:message-id:reply-to;
        bh=t2hQEt8uzmZFMchmgXgqAe6OBZ69jvpk9KGj1/+J4M4=;
        b=Il+8Y5gG/63HMieFE4hhar35qiZkm375xu95AStbjxnRwj20fpdwMmbq2i+rTmhwf5
         yg8dMG3fCxj+wV4OvuJGF15mTnKHmNO48F7OFNp9y0BmMuRJI1Enhpn2kvdCpvg3vuFD
         xLRAXSSy6AogyiAE4f3cVt1OdJoKlPs8fhqv3fAjnsqTvvH7JBBiKKMYH98/N3nFDfdB
         ws0MsBpmZjJo3ZqlxL1QQAPTWL8lmZv/wsjoJSOzkKDv0TuTV0yxn+9aLI96FD5F9lwd
         3x3EWYD2AXUQ/kgsHjRBo3nF41Zotsb5p0NJPvFx3za2C09ncIOD7Xr1kA0yY9PclyYI
         OsqA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1761686472; x=1762291272;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to;
        bh=t2hQEt8uzmZFMchmgXgqAe6OBZ69jvpk9KGj1/+J4M4=;
        b=OvSRTzorS/1ilmj3cYbL5552o6MT+S0NUx4ozAwwPeibSrdtvJRMMgE2hrvADf5Xqr
         Vy+q0PVcwgTxcXcTmFeLA7JwKjuIE0MH7X/lgdif/ZWfPfUHra1AfFmZxbitOufaUnVR
         5wdVBtR5cVBH32FCZwKrq3s7oSRMzl3qSe7PTFVJXwic+wKArz416jg+PgcmGV2DNkT6
         mMOA9mGfxVpqU9oRJ0PEBiFzK4kqhNFHxA/RguFVzBiBQJ9D3Jq7/26qnD1s1II+hTqt
         K5l6T7NYcPTg7m6OFhDUZYhBRWHrZEZFemTD1/XCk40IBKG0nyrJer10uKN00JpYJbZ6
         bn1g==
X-Gm-Message-State: AOJu0YwgQRIBpnxkvrByy10hzjbacrVjX6pIJeijPDpqJdzo72fz1/zN
	fzqCXo8adDJ/PUex4MQLIF9OUg7kcXQyVwJbIW29T2eabjhKC/7WvHoC8CYirZZv3FryLEXbcj/
	P5w==
X-Google-Smtp-Source: 
 AGHT+IEOzmUxUr4Uek5ji2MKUZMUl92l7uF6agNUuaj4Psn+yNrqz6lfoiUMCy7WVJje2ATcgzv8NsTpag==
X-Received: from ios4.prod.google.com ([2002:a05:6602:7404:b0:945:a5b1:e0e6])
 (user=sagis job=prod-delivery.src-stubby-dispatcher) by
 2002:a05:6602:621a:b0:93e:7d6d:e0d0
 with SMTP id ca18e2360f4ac-945c9764ec3mr137130539f.6.1761686472375; Tue, 28
 Oct 2025 14:21:12 -0700 (PDT)
Date: Tue, 28 Oct 2025 21:20:44 +0000
In-Reply-To: <20251028212052.200523-1-sagis@google.com>
Precedence: bulk
X-Mailing-List: linux-kernel@vger.kernel.org
List-Id: <linux-kernel.vger.kernel.org>
List-Subscribe: <mailto:linux-kernel+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:linux-kernel+unsubscribe@vger.kernel.org>
Mime-Version: 1.0
References: <20251028212052.200523-1-sagis@google.com>
X-Mailer: git-send-email 2.51.1.851.g4ebd6896fd-goog
Message-ID: <20251028212052.200523-19-sagis@google.com>
Subject: [PATCH v12 18/23] KVM: selftests: Set entry point for TDX guest code
From: Sagi Shahar <sagis@google.com>
To: linux-kselftest@vger.kernel.org, Paolo Bonzini <pbonzini@redhat.com>,
	Shuah Khan <shuah@kernel.org>, Sean Christopherson <seanjc@google.com>,
	Ackerley Tng <ackerleytng@google.com>, Ryan Afranji <afranji@google.com>,
	Andrew Jones <ajones@ventanamicro.com>,
 Isaku Yamahata <isaku.yamahata@intel.com>,
	Erdem Aktas <erdemaktas@google.com>,
 Rick Edgecombe <rick.p.edgecombe@intel.com>,
	Sagi Shahar <sagis@google.com>, Roger Wang <runanwang@google.com>,
	Binbin Wu <binbin.wu@linux.intel.com>, Oliver Upton <oliver.upton@linux.dev>,
	"Pratik R. Sampat" <pratikrajesh.sampat@amd.com>,
 Reinette Chatre <reinette.chatre@intel.com>,
	Ira Weiny <ira.weiny@intel.com>, Chao Gao <chao.gao@intel.com>,
	Chenyi Qiang <chenyi.qiang@intel.com>
Cc: linux-kernel@vger.kernel.org, kvm@vger.kernel.org
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain; charset="utf-8"

Since the rip register is inaccessible for TDX VMs, we need a different
way to set the guest entry point for TDX VMs. This is done by writing
the guest code address to a predefined location in the guest memory and
loading it into rip as part of the TDX boot code.

Signed-off-by: Sagi Shahar <sagis@google.com>
---
 tools/testing/selftests/kvm/lib/x86/processor.c | 10 +++++++---
 1 file changed, 7 insertions(+), 3 deletions(-)

diff --git a/tools/testing/selftests/kvm/lib/x86/processor.c b/tools/testin=
g/selftests/kvm/lib/x86/processor.c
index 036875fe140f..17f5a381fe43 100644
--- a/tools/testing/selftests/kvm/lib/x86/processor.c
+++ b/tools/testing/selftests/kvm/lib/x86/processor.c
@@ -691,9 +691,13 @@ void vcpu_arch_set_entry_point(struct kvm_vcpu *vcpu, =
void *guest_code)
 {
 	struct kvm_regs regs;
=20
-	vcpu_regs_get(vcpu, &regs);
-	regs.rip =3D (unsigned long) guest_code;
-	vcpu_regs_set(vcpu, &regs);
+	if (is_tdx_vm(vcpu->vm))
+		vm_tdx_set_vcpu_entry_point(vcpu, guest_code);
+	else {
+		vcpu_regs_get(vcpu, &regs);
+		regs.rip =3D (unsigned long) guest_code;
+		vcpu_regs_set(vcpu, &regs);
+	}
 }
=20
 vm_vaddr_t kvm_allocate_vcpu_stack(struct kvm_vm *vm)
--=20
2.51.1.851.g4ebd6896fd-goog
From nobody Wed Dec 17 10:41:48 2025
Received: from mail-oi1-f201.google.com (mail-oi1-f201.google.com
 [209.85.167.201])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id 02148358D1D
	for <linux-kernel@vger.kernel.org>; Tue, 28 Oct 2025 21:21:13 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org;
 arc=none smtp.client-ip=209.85.167.201
ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;
	t=1761686475; cv=none;
 b=HxT5iyKTbrjYyZXHmVnpJrzM5pSOwsSdAL3et+KFnCXMtE0EqmQACsBXBCIGH/Bp7NV5MvbuICzjRJ0qnRDRGoRP43pcf0vw1ngBJl4ka020IElrCbCp20TINOOWsgeo/wxr9CwjelNivm1/h4Ip4rQuhES4JMIYrb68U/8WcbM=
ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org;
	s=arc-20240116; t=1761686475; c=relaxed/simple;
	bh=Z4cEH/EyFJtC+7YubXLF9stWj6X2tJBOoSAojvblL2I=;
	h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From:
	 To:Cc:Content-Type;
 b=SOR3Dooc8JTEGb1X7MLjaBD186KeXvhHYTZ3NyB+aRBjG5LI9P2outesaKBl+aMprA7n3nUyvA/dM2xZOeCZK/EhphrkFjKHBbaCwwP599wNJql43EjPdw0th9zUt1QKQxU6MwTtGD/HzdlOgdO1BiaOcRrXdI/hNhfA3YmRLlE=
ARC-Authentication-Results: i=1; smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com;
 spf=pass smtp.mailfrom=flex--sagis.bounces.google.com;
 dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b=RBgOfSXk; arc=none smtp.client-ip=209.85.167.201
Authentication-Results: smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com
Authentication-Results: smtp.subspace.kernel.org;
 spf=pass smtp.mailfrom=flex--sagis.bounces.google.com
Authentication-Results: smtp.subspace.kernel.org;
	dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b="RBgOfSXk"
Received: by mail-oi1-f201.google.com with SMTP id
 5614622812f47-44db0bfbd96so741910b6e.1
        for <linux-kernel@vger.kernel.org>;
 Tue, 28 Oct 2025 14:21:13 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=google.com; s=20230601; t=1761686473; x=1762291273;
 darn=vger.kernel.org;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:from:to:cc:subject:date:message-id:reply-to;
        bh=tG66zI1+tyqk2y+i/GC8wCSgfETT28ZitF9FwVU9vh4=;
        b=RBgOfSXknObZks+7DWFnq7bbTk1tHiWSXMyvz62RxHxcmGnkY/FFM7JQogFf4JVWMT
         Dy8ko3kpnLlLw0wtKv6Q/23ZqYHAmQWqE1lIddp6VZ1lzposKCEy+j/7bK352AuplSzi
         Xv5mMpOP2VnFlTIeP0H8qRQz6v0inh5NkJm9dv9Hz4hmhTMwt1cJ+Ondm7RoOyX6g+23
         qZc7SQdxuJyeYm577Ryv+cnectIa6Zu8tcT+67bQOWYU2jmuYKGplYdpfsrAf2ggp2ot
         KV3N43Npc1m5WhmCGw4XcWL6pUhqEldDPIcuWoU5AbuqPFkbHD+wOt3CgHBfxdS/PtCG
         WpBg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1761686473; x=1762291273;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to;
        bh=tG66zI1+tyqk2y+i/GC8wCSgfETT28ZitF9FwVU9vh4=;
        b=WQsc4qOm0AoTAcJGGlKZPU1UNS/BRJoVV14I0aFezuvyOsK1wN0uG2Vla3T5flS4Cq
         cvObMBdEhPEnozLZ4usF2zASxjTFMBsjldOsXM/1miDzlOjk667KEPVLz4ZpAf87h/3i
         KYJSC7VVjbUawz6U/wkkQHQFZBB9HzfIpFZ5Q/BOyv+THHZQjbhvY7lf3jI9Xk6BojrD
         h2iNsfUGUwa4G7BbNtgtvrGYQd0HGxPmtst7ZO/GWq9ugRJ2P0ECxjGzTVatBMwMXgD1
         8oVQ96ROQUHV1hAj9HaEAXLNW8QxY5B3j6RNLRRFH9rke1arfB+9vpzLJruqt0HzFBae
         qSyg==
X-Gm-Message-State: AOJu0YwFvibG8A+DvJOMR7/YfpBDJkZtZqntnYkmsGotPwjwrcvtSGfq
	d4fVfIzXfoDA3NZrxaohUQA6eCrgRgnMy5e1CqsWCZRwcMT77PsdSGiqcnqKQ+InBg8JEsivsUQ
	LPg==
X-Google-Smtp-Source: 
 AGHT+IEfjTcwiq0iGyeXz+L4N8OFRtJMWuG/A0eLPmPx9/8CzxaM1HhxaEpsbWAoy+R/iYIcBip4gWY4ZQ==
X-Received: from oibfc3.prod.google.com
 ([2002:a05:6808:2a83:b0:443:a4fe:d05c])
 (user=sagis job=prod-delivery.src-stubby-dispatcher) by
 2002:a05:6808:2f1b:b0:44d:ad7e:384b
 with SMTP id 5614622812f47-44f7a458e56mr434238b6e.22.1761686473114; Tue, 28
 Oct 2025 14:21:13 -0700 (PDT)
Date: Tue, 28 Oct 2025 21:20:45 +0000
In-Reply-To: <20251028212052.200523-1-sagis@google.com>
Precedence: bulk
X-Mailing-List: linux-kernel@vger.kernel.org
List-Id: <linux-kernel.vger.kernel.org>
List-Subscribe: <mailto:linux-kernel+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:linux-kernel+unsubscribe@vger.kernel.org>
Mime-Version: 1.0
References: <20251028212052.200523-1-sagis@google.com>
X-Mailer: git-send-email 2.51.1.851.g4ebd6896fd-goog
Message-ID: <20251028212052.200523-20-sagis@google.com>
Subject: [PATCH v12 19/23] KVM: selftests: Finalize TD memory as part of
 kvm_arch_vm_finalize_vcpus
From: Sagi Shahar <sagis@google.com>
To: linux-kselftest@vger.kernel.org, Paolo Bonzini <pbonzini@redhat.com>,
	Shuah Khan <shuah@kernel.org>, Sean Christopherson <seanjc@google.com>,
	Ackerley Tng <ackerleytng@google.com>, Ryan Afranji <afranji@google.com>,
	Andrew Jones <ajones@ventanamicro.com>,
 Isaku Yamahata <isaku.yamahata@intel.com>,
	Erdem Aktas <erdemaktas@google.com>,
 Rick Edgecombe <rick.p.edgecombe@intel.com>,
	Sagi Shahar <sagis@google.com>, Roger Wang <runanwang@google.com>,
	Binbin Wu <binbin.wu@linux.intel.com>, Oliver Upton <oliver.upton@linux.dev>,
	"Pratik R. Sampat" <pratikrajesh.sampat@amd.com>,
 Reinette Chatre <reinette.chatre@intel.com>,
	Ira Weiny <ira.weiny@intel.com>, Chao Gao <chao.gao@intel.com>,
	Chenyi Qiang <chenyi.qiang@intel.com>
Cc: linux-kernel@vger.kernel.org, kvm@vger.kernel.org
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain; charset="utf-8"

Call vm_tdx_finalize() as part of kvm_arch_vm_finalize_vcpus if this is
a TDX vm

Signed-off-by: Sagi Shahar <sagis@google.com>
Reviewed-by: Ira Weiny <ira.weiny@intel.com>
---
 tools/testing/selftests/kvm/lib/x86/processor.c | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/tools/testing/selftests/kvm/lib/x86/processor.c b/tools/testin=
g/selftests/kvm/lib/x86/processor.c
index 17f5a381fe43..09cc75ae8d26 100644
--- a/tools/testing/selftests/kvm/lib/x86/processor.c
+++ b/tools/testing/selftests/kvm/lib/x86/processor.c
@@ -1360,3 +1360,9 @@ bool kvm_arch_has_default_irqchip(void)
 {
 	return true;
 }
+
+void kvm_arch_vm_finalize_vcpus(struct kvm_vm *vm)
+{
+	if (is_tdx_vm(vm))
+		vm_tdx_finalize(vm);
+}
--=20
2.51.1.851.g4ebd6896fd-goog
From nobody Wed Dec 17 10:41:48 2025
Received: from mail-oa1-f73.google.com (mail-oa1-f73.google.com
 [209.85.160.73])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id 106DB3590AF
	for <linux-kernel@vger.kernel.org>; Tue, 28 Oct 2025 21:21:14 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org;
 arc=none smtp.client-ip=209.85.160.73
ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;
	t=1761686478; cv=none;
 b=nc7vhwgEvoxRPfLo1Rjbl+fE0MyBm1AvEWurFJmsxQDmKEKJkgi55vcYWU9DnvGdYZeZBcJgCcOqxSrW1A+pbQyKcPhflFmyinXJvjwNi1aAqZ6sghBO2wbxdco0gPrxcQl9X1tjZ6nyAQV1vJLX36C9DKnm4QyHRDXYREsnKT0=
ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org;
	s=arc-20240116; t=1761686478; c=relaxed/simple;
	bh=L0y6R+WsPKPBtxIntBUSrAiKk0vPEfUYjXqWnMLuwBk=;
	h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From:
	 To:Cc:Content-Type;
 b=DKx+60t5kuKoqhvtSjf0ziDNcfTcFhfhyr4udhBePrUwzrkpFN9sSARuvNajYLMDyG5JC9udpiy0x5yVOMYht+nnCBjoXy75RxratKFEecljwlJNoEwqnRQGsPgXHOXz6qZymtGGF/4M5JY10K5yK4/heHoRmNmZMInBLlnX6YU=
ARC-Authentication-Results: i=1; smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com;
 spf=pass smtp.mailfrom=flex--sagis.bounces.google.com;
 dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b=P9kagRqz; arc=none smtp.client-ip=209.85.160.73
Authentication-Results: smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com
Authentication-Results: smtp.subspace.kernel.org;
 spf=pass smtp.mailfrom=flex--sagis.bounces.google.com
Authentication-Results: smtp.subspace.kernel.org;
	dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b="P9kagRqz"
Received: by mail-oa1-f73.google.com with SMTP id
 586e51a60fabf-3c9a6b6caa8so8093773fac.0
        for <linux-kernel@vger.kernel.org>;
 Tue, 28 Oct 2025 14:21:14 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=google.com; s=20230601; t=1761686474; x=1762291274;
 darn=vger.kernel.org;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:from:to:cc:subject:date:message-id:reply-to;
        bh=RWiSKMHsCsObY85cOPgN5ZCBinR8ehpel+IU1V2UPag=;
        b=P9kagRqzlj36Yu6Aa8vNTMXrsz/bkMAlMMtwpdJ5gjdoHcQZRglBvjpR1l9LPrfDkE
         aQGDRUM9DM8al6bowtZJI7Nr7aubbb94W70EyV5aENcRCXda4Q7Nlk4uCxUaVcYjq1Ew
         L3D4sRBMTLjdC/nstj4YIAduO2SJ8tRd+ZfU6chmJ+SQz5ZM3mn6LjaBq8iOsxrufOzV
         nD0dy9frd7hIIyUcMvqWoO6McaoGIfsy4BRJpb401a1hxeM6MgZQRrC+gwdKFggK3ELI
         If5mQsFVoENseY3yXWQxGg8Q1agiRWP1Tjb1co7XqOaNE3SwfOrEs06wG2HBrOU2wnAR
         kzcQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1761686474; x=1762291274;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to;
        bh=RWiSKMHsCsObY85cOPgN5ZCBinR8ehpel+IU1V2UPag=;
        b=MFoN/Be8/fMSCM397v/r/MXadpbuBzHYwFpOoxm5+SRPqOZ0lF2faEeDnFqmRq2Qdt
         vj5ku7IcGsJ/cTvcrRZjYxS6U29y1S64P3LrJ8Xyu2ttxFL5yvrwhL2TWiihRTF4PZF1
         dH3lSwSKiJMo68C5XW374QTfrVrGj27/lf7b3DguUuXJ8ls2yR9XJ5cjFAgQKE8UJyHI
         sPtmXDhYul68OnjsHBpmldwQh8vYUAyiyhFSpGliI+VimJKq2uzNbJs9M4ikD/FwvRyU
         gS9suk2aikHNg2/5vADyVcb+4iLn4gDBUXxsjZK/Audur0YvC7oTf5l1uCNR81ttKHHd
         HPSg==
X-Gm-Message-State: AOJu0YxX/OOaMJ2HBJG9GWrM2Xi9qS+q24o1zAwtkrErV5c1pGV0+qTE
	qIfJwAS7TGGzJEYW8yTBqfHu9kmftJdccfnTJiQ3WhOSNjdgarYDIy9r6I9JaTXy1LFhfq0BuEu
	mug==
X-Google-Smtp-Source: 
 AGHT+IEQmyMt4li1I5sjcaDw4Fuaj+3Ib9FdsdVQWkSD+9K6fkIrYbGFhTwCWgRZCpr4/Hz6JzHHsM049Q==
X-Received: from oabkw32.prod.google.com
 ([2002:a05:6870:ac20:b0:3d1:c19b:7c01])
 (user=sagis job=prod-delivery.src-stubby-dispatcher) by
 2002:a05:6870:b419:b0:3d2:c44b:4d23
 with SMTP id 586e51a60fabf-3d745d993e1mr460823fac.6.1761686474093; Tue, 28
 Oct 2025 14:21:14 -0700 (PDT)
Date: Tue, 28 Oct 2025 21:20:46 +0000
In-Reply-To: <20251028212052.200523-1-sagis@google.com>
Precedence: bulk
X-Mailing-List: linux-kernel@vger.kernel.org
List-Id: <linux-kernel.vger.kernel.org>
List-Subscribe: <mailto:linux-kernel+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:linux-kernel+unsubscribe@vger.kernel.org>
Mime-Version: 1.0
References: <20251028212052.200523-1-sagis@google.com>
X-Mailer: git-send-email 2.51.1.851.g4ebd6896fd-goog
Message-ID: <20251028212052.200523-21-sagis@google.com>
Subject: [PATCH v12 20/23] KVM: selftests: Add support for TDX TDCALL from
 guest
From: Sagi Shahar <sagis@google.com>
To: linux-kselftest@vger.kernel.org, Paolo Bonzini <pbonzini@redhat.com>,
	Shuah Khan <shuah@kernel.org>, Sean Christopherson <seanjc@google.com>,
	Ackerley Tng <ackerleytng@google.com>, Ryan Afranji <afranji@google.com>,
	Andrew Jones <ajones@ventanamicro.com>,
 Isaku Yamahata <isaku.yamahata@intel.com>,
	Erdem Aktas <erdemaktas@google.com>,
 Rick Edgecombe <rick.p.edgecombe@intel.com>,
	Sagi Shahar <sagis@google.com>, Roger Wang <runanwang@google.com>,
	Binbin Wu <binbin.wu@linux.intel.com>, Oliver Upton <oliver.upton@linux.dev>,
	"Pratik R. Sampat" <pratikrajesh.sampat@amd.com>,
 Reinette Chatre <reinette.chatre@intel.com>,
	Ira Weiny <ira.weiny@intel.com>, Chao Gao <chao.gao@intel.com>,
	Chenyi Qiang <chenyi.qiang@intel.com>
Cc: linux-kernel@vger.kernel.org, kvm@vger.kernel.org
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain; charset="utf-8"

From: Erdem Aktas <erdemaktas@google.com>

Add support for TDX guests to issue TDCALLs to the TDX module.

Signed-off-by: Erdem Aktas <erdemaktas@google.com>
Co-developed-by: Sagi Shahar <sagis@google.com>
Signed-off-by: Sagi Shahar <sagis@google.com>
---
 tools/testing/selftests/kvm/Makefile.kvm      |  8 ++
 .../selftests/kvm/include/x86/tdx/tdcall.h    | 34 +++++++
 .../selftests/kvm/lib/x86/tdx/tdcall.S        | 93 +++++++++++++++++++
 .../kvm/lib/x86/tdx/tdcall_offsets.c          | 16 ++++
 4 files changed, 151 insertions(+)
 create mode 100644 tools/testing/selftests/kvm/include/x86/tdx/tdcall.h
 create mode 100644 tools/testing/selftests/kvm/lib/x86/tdx/tdcall.S
 create mode 100644 tools/testing/selftests/kvm/lib/x86/tdx/tdcall_offsets.c

diff --git a/tools/testing/selftests/kvm/Makefile.kvm b/tools/testing/selft=
ests/kvm/Makefile.kvm
index 86fe629f2e81..969338b66592 100644
--- a/tools/testing/selftests/kvm/Makefile.kvm
+++ b/tools/testing/selftests/kvm/Makefile.kvm
@@ -20,6 +20,7 @@ LIBKVM +=3D lib/userfaultfd_util.c
 LIBKVM_STRING +=3D lib/string_override.c
=20
 LIBKVM_ASM_DEFS +=3D lib/x86/tdx/td_boot_offsets.c
+LIBKVM_ASM_DEFS +=3D lib/x86/tdx/tdcall_offsets.c
=20
 LIBKVM_x86 +=3D lib/x86/apic.c
 LIBKVM_x86 +=3D lib/x86/handlers.S
@@ -33,6 +34,7 @@ LIBKVM_x86 +=3D lib/x86/ucall.c
 LIBKVM_x86 +=3D lib/x86/vmx.c
 LIBKVM_x86 +=3D lib/x86/tdx/tdx_util.c
 LIBKVM_x86 +=3D lib/x86/tdx/td_boot.S
+LIBKVM_x86 +=3D lib/x86/tdx/tdcall.S
=20
 LIBKVM_arm64 +=3D lib/arm64/gic.c
 LIBKVM_arm64 +=3D lib/arm64/gic_v3.c
@@ -352,7 +354,13 @@ $(OUTPUT)/lib/x86/tdx/td_boot.o: $(OUTPUT)/include/x86=
/tdx/td_boot_offsets.h
 $(OUTPUT)/include/x86/tdx/td_boot_offsets.h: $(OUTPUT)/lib/x86/tdx/td_boot=
_offsets.s FORCE
 	$(call filechk,offsets,__TDX_BOOT_OFFSETS_H__)
=20
+$(OUTPUT)/lib/x86/tdx/tdcall.o: $(OUTPUT)/include/x86/tdx/tdcall_offsets.h
+
+$(OUTPUT)/include/x86/tdx/tdcall_offsets.h: $(OUTPUT)/lib/x86/tdx/tdcall_o=
ffsets.s FORCE
+	$(call filechk,offsets,__TDCALL__OFFSETS_H__)
+
 EXTRA_CLEAN +=3D $(OUTPUT)/include/x86/tdx/td_boot_offsets.h
+EXTRA_CLEAN +=3D $(OUTPUT)/include/x86/tdx/tdcall_offsets.h
=20
 $(shell mkdir -p $(sort $(dir $(TEST_GEN_PROGS))))
 $(SPLIT_TEST_GEN_OBJ): $(GEN_HDRS)
diff --git a/tools/testing/selftests/kvm/include/x86/tdx/tdcall.h b/tools/t=
esting/selftests/kvm/include/x86/tdx/tdcall.h
new file mode 100644
index 000000000000..60c70646f876
--- /dev/null
+++ b/tools/testing/selftests/kvm/include/x86/tdx/tdcall.h
@@ -0,0 +1,34 @@
+/* SPDX-License-Identifier: GPL-2.0-only */
+/* Adapted from arch/x86/include/asm/shared/tdx.h */
+
+#ifndef SELFTESTS_TDX_TDCALL_H
+#define SELFTESTS_TDX_TDCALL_H
+
+#include <linux/bits.h>
+
+#define TDX_TDCALL_HAS_OUTPUT BIT(0)
+
+#ifndef __ASSEMBLY__
+
+#include <linux/types.h>
+
+/*
+ * Used in __tdx_tdcall() to pass down and get back registers' values of
+ * the TDCALL instruction when requesting services from the VMM.
+ *
+ * This is a software only structure and not part of the TDX module/VMM AB=
I.
+ */
+struct tdx_tdcall_args {
+	u64 r10;
+	u64 r11;
+	u64 r12;
+	u64 r13;
+	u64 r14;
+	u64 r15;
+};
+
+/* Used to request services from the VMM */
+u64 __tdx_tdcall(struct tdx_tdcall_args *args, unsigned long flags);
+
+#endif // __ASSEMBLY__
+#endif // SELFTESTS_TDX_TDCALL_H
diff --git a/tools/testing/selftests/kvm/lib/x86/tdx/tdcall.S b/tools/testi=
ng/selftests/kvm/lib/x86/tdx/tdcall.S
new file mode 100644
index 000000000000..05869e86b9d8
--- /dev/null
+++ b/tools/testing/selftests/kvm/lib/x86/tdx/tdcall.S
@@ -0,0 +1,93 @@
+/* SPDX-License-Identifier: GPL-2.0-only */
+/* Adapted from arch/x86/virt/vmx/tdx/tdxcall.S */
+
+#ifndef __ASSEMBLY__
+#define __ASSEMBLY__
+#endif
+
+#include <linux/bits.h>
+#include "tdx/tdcall.h"
+#include "tdx/tdcall_offsets.h"
+
+/*
+ * TDCALL is supported in Binutils >=3D 2.36, add it for older version.
+ */
+#define tdcall		.byte 0x66,0x0f,0x01,0xcc
+
+/*
+ * Bitmasks of exposed registers (with VMM).
+ */
+#define TDX_R10		BIT(10)
+#define TDX_R11		BIT(11)
+#define TDX_R12		BIT(12)
+#define TDX_R13		BIT(13)
+#define TDX_R14		BIT(14)
+#define TDX_R15		BIT(15)
+
+/*
+ * These registers are clobbered to hold arguments for each
+ * TDVMCALL. They are safe to expose to the VMM.
+ * Each bit in this mask represents a register ID. Bit field
+ * details can be found in TDX GHCI specification, section
+ * titled "TDCALL [TDG.VP.VMCALL] leaf".
+ */
+#define TDVMCALL_EXPOSE_REGS_MASK    \
+         (TDX_R10 | TDX_R11 | TDX_R12 | TDX_R13 | TDX_R14 | TDX_R15)
+
+.code64
+.section .text
+
+.globl __tdx_tdcall
+.type __tdx_tdcall, @function
+__tdx_tdcall:
+	/* Set up stack frame */
+	push %rbp
+	movq %rsp, %rbp
+
+	/* Save callee-saved GPRs as mandated by the x86_64 ABI */
+	push %r15
+	push %r14
+	push %r13
+	push %r12
+
+	/* Mangle function call ABI into TDCALL ABI: */
+	/* Set TDCALL leaf ID (TDVMCALL (0)) in RAX */
+	xor %eax, %eax
+
+	/* Copy tdcall registers from arg struct: */
+	movq TDX_TDCALL_R10(%rdi), %r10
+	movq TDX_TDCALL_R11(%rdi), %r11
+	movq TDX_TDCALL_R12(%rdi), %r12
+	movq TDX_TDCALL_R13(%rdi), %r13
+	movq TDX_TDCALL_R14(%rdi), %r14
+	movq TDX_TDCALL_R15(%rdi), %r15
+
+	movl $TDVMCALL_EXPOSE_REGS_MASK, %ecx
+
+	tdcall
+
+	/* TDVMCALL leaf return code is in R10 */
+	movq %r10, %rax
+
+	/* Copy tdcall result registers to arg struct if needed */
+	testq $TDX_TDCALL_HAS_OUTPUT, %rsi
+	jz .Lout
+
+	movq %r10, TDX_TDCALL_R10(%rdi)
+	movq %r11, TDX_TDCALL_R11(%rdi)
+	movq %r12, TDX_TDCALL_R12(%rdi)
+	movq %r13, TDX_TDCALL_R13(%rdi)
+	movq %r14, TDX_TDCALL_R14(%rdi)
+	movq %r15, TDX_TDCALL_R15(%rdi)
+.Lout:
+	/* Restore callee-saved GPRs as mandated by the x86_64 ABI */
+	pop %r12
+	pop %r13
+	pop %r14
+	pop %r15
+
+	pop %rbp
+	ret
+
+/* Disable executable stack */
+.section .note.GNU-stack,"",%progbits
diff --git a/tools/testing/selftests/kvm/lib/x86/tdx/tdcall_offsets.c b/too=
ls/testing/selftests/kvm/lib/x86/tdx/tdcall_offsets.c
new file mode 100644
index 000000000000..dcd4457be6e5
--- /dev/null
+++ b/tools/testing/selftests/kvm/lib/x86/tdx/tdcall_offsets.c
@@ -0,0 +1,16 @@
+// SPDX-License-Identifier: GPL-2.0
+#define COMPILE_OFFSETS
+
+#include <linux/kbuild.h>
+
+#include "tdx/tdcall.h"
+
+static void __attribute__((used)) common(void)
+{
+	OFFSET(TDX_TDCALL_R10, tdx_tdcall_args, r10);
+	OFFSET(TDX_TDCALL_R11, tdx_tdcall_args, r11);
+	OFFSET(TDX_TDCALL_R12, tdx_tdcall_args, r12);
+	OFFSET(TDX_TDCALL_R13, tdx_tdcall_args, r13);
+	OFFSET(TDX_TDCALL_R14, tdx_tdcall_args, r14);
+	OFFSET(TDX_TDCALL_R15, tdx_tdcall_args, r15);
+}
--=20
2.51.1.851.g4ebd6896fd-goog
From nobody Wed Dec 17 10:41:48 2025
Received: from mail-io1-f73.google.com (mail-io1-f73.google.com
 [209.85.166.73])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id CEA433590D0
	for <linux-kernel@vger.kernel.org>; Tue, 28 Oct 2025 21:21:15 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org;
 arc=none smtp.client-ip=209.85.166.73
ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;
	t=1761686477; cv=none;
 b=Egwnslzm2bYaV42dYdpfa1gNnyhXRuLA6q8NQQb/uBf4Bl1tHVYaHrQYoNFdoyBn4qirqmsxXVQ7AWVbCHMgw/+Fb/W5oIEzb2hiqVxwWA1sZXt4rfBT5ccU703lWRNtTtKqs19C4Gvqy238nMc7xT+zr0icV+HyQIU+9AM8fuA=
ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org;
	s=arc-20240116; t=1761686477; c=relaxed/simple;
	bh=iSEEdrLiLmqcw9R7W8cvdfSlfMoFs/dHBaP7FgEu694=;
	h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From:
	 To:Cc:Content-Type;
 b=Z+Xdc9ckeuXzGnUsCQyo7J/mKfZmgKr7sNan3AVE5Gq3EdpbatOnhv5m1qzBekZygFIbbX7mEXH0f8Cwyi94C0Z57IWae4318IjdAZmD0C9TeGAmAma4Od+9vZSH/l9W+qu9QQ1qCr7ru9lC8Sj+mi1VdrLJuYPxUL/0oUmf9gg=
ARC-Authentication-Results: i=1; smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com;
 spf=pass smtp.mailfrom=flex--sagis.bounces.google.com;
 dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b=fu75H0Dk; arc=none smtp.client-ip=209.85.166.73
Authentication-Results: smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com
Authentication-Results: smtp.subspace.kernel.org;
 spf=pass smtp.mailfrom=flex--sagis.bounces.google.com
Authentication-Results: smtp.subspace.kernel.org;
	dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b="fu75H0Dk"
Received: by mail-io1-f73.google.com with SMTP id
 ca18e2360f4ac-886e347d2afso683736539f.3
        for <linux-kernel@vger.kernel.org>;
 Tue, 28 Oct 2025 14:21:15 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=google.com; s=20230601; t=1761686475; x=1762291275;
 darn=vger.kernel.org;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:from:to:cc:subject:date:message-id:reply-to;
        bh=9cMMlxlKXtL0VXA8L0h89s2s0Us0y8kGMwGXpa8RPm0=;
        b=fu75H0DkvxBHgjB4QkgYDB6nkKMb1rPkIs2AXI40H0+vzQoXYbMmDPebp0UgXzv4fh
         2V2hL4+p084OUGpQy0YG5hjjYXZev3D0729ri677u/SRR7mltX62BQ1I35QXi/sfDp3m
         NpQdq9aSIHuxcBYb0/CQaG6sLIQ16ECLkFTRP1GxTtMh7vYjExCi4f17bcLyn/Z6eBBx
         zhE0RC3rrZVrXS17aclhl53aAPUfwtlAbOjuJEP453MG9ZGFhkQ7uQi9nOzTOon9k7qf
         rW2sdGXEWtEQ7rR3JvhXTp0v7vJ4ikfyDxfX0g/pp33WFHLe8J/dFLpTPMOcVOZPiCdC
         EJPw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1761686475; x=1762291275;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to;
        bh=9cMMlxlKXtL0VXA8L0h89s2s0Us0y8kGMwGXpa8RPm0=;
        b=ZL5fcQu/ty77ri3zLXjjrU2zykGMeYvZ7KSH3EBXbrJerlOWenaUg1yApj6E1CBt1D
         GAW9RtoN93i1GbHclx0otZT7dY/3d1+kZLFvdPe5qyeLGMkP0EcbKUvOMKURtXG77h7x
         rYqmCJouR/OzZ+muuFnE4lS6kMADplP3tfAsbHTmhK59kwGq7KA1K35th/otiVRYnV0G
         w6flgKyicvqaCyYzLm+HkZs4Hlh7A8g50mzcEHL1v1rae1zJks7Uq8ZMS4Prf0bHDqGK
         wIyzv787VSwr4eeAP2Qb6en2qUJUQhIM5HkKKYqKfD0tGzGDsjOo0TcDn24snT/5s9RM
         ftJw==
X-Gm-Message-State: AOJu0YzZ3fi3IQknEvO9x7Q6Lvihbn272mKzwfFYgnmgIA5mbJ0tibr8
	bZZSJ3gtPudGc8S5uw7TGkDm/RbXNcKmlP9rHjcUMRWnqDVj8JZH/OBWi2FLnTWvT0qwnuaZH2q
	iHg==
X-Google-Smtp-Source: 
 AGHT+IGeXWSnPReZTOd3BW/1Br2ITY0QeYz/8fcks7dNKFTMkhzfS1nQHUJfmshL3eo+QhycTnHG4IpefQ==
X-Received: from iobeh6.prod.google.com
 ([2002:a05:6602:4a06:b0:940:d830:481e])
 (user=sagis job=prod-delivery.src-stubby-dispatcher) by
 2002:a05:6602:1581:b0:93e:897a:78f
 with SMTP id ca18e2360f4ac-945c965df7dmr154836339f.2.1761686474855; Tue, 28
 Oct 2025 14:21:14 -0700 (PDT)
Date: Tue, 28 Oct 2025 21:20:47 +0000
In-Reply-To: <20251028212052.200523-1-sagis@google.com>
Precedence: bulk
X-Mailing-List: linux-kernel@vger.kernel.org
List-Id: <linux-kernel.vger.kernel.org>
List-Subscribe: <mailto:linux-kernel+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:linux-kernel+unsubscribe@vger.kernel.org>
Mime-Version: 1.0
References: <20251028212052.200523-1-sagis@google.com>
X-Mailer: git-send-email 2.51.1.851.g4ebd6896fd-goog
Message-ID: <20251028212052.200523-22-sagis@google.com>
Subject: [PATCH v12 21/23] KVM: selftests: Add wrapper for TDX MMIO from guest
From: Sagi Shahar <sagis@google.com>
To: linux-kselftest@vger.kernel.org, Paolo Bonzini <pbonzini@redhat.com>,
	Shuah Khan <shuah@kernel.org>, Sean Christopherson <seanjc@google.com>,
	Ackerley Tng <ackerleytng@google.com>, Ryan Afranji <afranji@google.com>,
	Andrew Jones <ajones@ventanamicro.com>,
 Isaku Yamahata <isaku.yamahata@intel.com>,
	Erdem Aktas <erdemaktas@google.com>,
 Rick Edgecombe <rick.p.edgecombe@intel.com>,
	Sagi Shahar <sagis@google.com>, Roger Wang <runanwang@google.com>,
	Binbin Wu <binbin.wu@linux.intel.com>, Oliver Upton <oliver.upton@linux.dev>,
	"Pratik R. Sampat" <pratikrajesh.sampat@amd.com>,
 Reinette Chatre <reinette.chatre@intel.com>,
	Ira Weiny <ira.weiny@intel.com>, Chao Gao <chao.gao@intel.com>,
	Chenyi Qiang <chenyi.qiang@intel.com>
Cc: linux-kernel@vger.kernel.org, kvm@vger.kernel.org
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain; charset="utf-8"

Add utility function to issue MMIO TDCALL from TDX guests.

Signed-off-by: Sagi Shahar <sagis@google.com>
---
 tools/testing/selftests/kvm/Makefile.kvm      |  1 +
 .../selftests/kvm/include/x86/tdx/tdx.h       | 14 +++++++++++
 tools/testing/selftests/kvm/lib/x86/tdx/tdx.c | 23 +++++++++++++++++++
 3 files changed, 38 insertions(+)
 create mode 100644 tools/testing/selftests/kvm/include/x86/tdx/tdx.h
 create mode 100644 tools/testing/selftests/kvm/lib/x86/tdx/tdx.c

diff --git a/tools/testing/selftests/kvm/Makefile.kvm b/tools/testing/selft=
ests/kvm/Makefile.kvm
index 969338b66592..b7a518d62098 100644
--- a/tools/testing/selftests/kvm/Makefile.kvm
+++ b/tools/testing/selftests/kvm/Makefile.kvm
@@ -35,6 +35,7 @@ LIBKVM_x86 +=3D lib/x86/vmx.c
 LIBKVM_x86 +=3D lib/x86/tdx/tdx_util.c
 LIBKVM_x86 +=3D lib/x86/tdx/td_boot.S
 LIBKVM_x86 +=3D lib/x86/tdx/tdcall.S
+LIBKVM_x86 +=3D lib/x86/tdx/tdx.c
=20
 LIBKVM_arm64 +=3D lib/arm64/gic.c
 LIBKVM_arm64 +=3D lib/arm64/gic_v3.c
diff --git a/tools/testing/selftests/kvm/include/x86/tdx/tdx.h b/tools/test=
ing/selftests/kvm/include/x86/tdx/tdx.h
new file mode 100644
index 000000000000..22b096402998
--- /dev/null
+++ b/tools/testing/selftests/kvm/include/x86/tdx/tdx.h
@@ -0,0 +1,14 @@
+/* SPDX-License-Identifier: GPL-2.0-only */
+#ifndef SELFTESTS_TDX_TDX_H
+#define SELFTESTS_TDX_TDX_H
+
+#include <stdint.h>
+
+/* MMIO direction */
+#define MMIO_READ	0
+#define MMIO_WRITE	1
+
+uint64_t tdg_vp_vmcall_ve_request_mmio_write(uint64_t address, uint64_t si=
ze,
+					     uint64_t data_in);
+
+#endif // SELFTESTS_TDX_TDX_H
diff --git a/tools/testing/selftests/kvm/lib/x86/tdx/tdx.c b/tools/testing/=
selftests/kvm/lib/x86/tdx/tdx.c
new file mode 100644
index 000000000000..f9c1acd5b30c
--- /dev/null
+++ b/tools/testing/selftests/kvm/lib/x86/tdx/tdx.c
@@ -0,0 +1,23 @@
+// SPDX-License-Identifier: GPL-2.0-only
+
+#include "tdx/tdcall.h"
+#include "tdx/tdx.h"
+
+#define TDG_VP_VMCALL 0
+
+#define TDG_VP_VMCALL_VE_REQUEST_MMIO	48
+
+uint64_t tdg_vp_vmcall_ve_request_mmio_write(uint64_t address, uint64_t si=
ze,
+					     uint64_t data_in)
+{
+	struct tdx_tdcall_args args =3D {
+		.r10 =3D TDG_VP_VMCALL,
+		.r11 =3D TDG_VP_VMCALL_VE_REQUEST_MMIO,
+		.r12 =3D size,
+		.r13 =3D MMIO_WRITE,
+		.r14 =3D address,
+		.r15 =3D data_in,
+	};
+
+	return __tdx_tdcall(&args, 0);
+}
--=20
2.51.1.851.g4ebd6896fd-goog
From nobody Wed Dec 17 10:41:48 2025
Received: from mail-io1-f73.google.com (mail-io1-f73.google.com
 [209.85.166.73])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id 8AB873596F5
	for <linux-kernel@vger.kernel.org>; Tue, 28 Oct 2025 21:21:16 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org;
 arc=none smtp.client-ip=209.85.166.73
ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;
	t=1761686478; cv=none;
 b=lZ/N++XoeIKz9eN0ArH1LLjBIU+FqjouGZrjtNKtF8QOoISRnh4oh9B3FN6GZFaUAGKcjf0lSb+5Ck6QA9XKSf9yuswax2ZfChLm0BR/Qnr/Yuycz7yC1weQGt2B2j5txdCBLfbXqoSDcY3VpUBN6qC8/pWxgbtyVcKnXZ4lmwA=
ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org;
	s=arc-20240116; t=1761686478; c=relaxed/simple;
	bh=UZLe6fcs4+2cK8KL7h1/WUe9mKZLLiYYT3kkeeT5kbE=;
	h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From:
	 To:Cc:Content-Type;
 b=e3W9mDGkYiUG4oweMeV6UpTqbRHA4t+MfiUVzjPMcvqoaQU8wKupd4B/vzRTVf3btYzP3OP4ds9ZmylMuDTAMgEiQtuYKWeHzUDEaML4+LY3VLPljvKaZ9MFxh8dKbFfLx1baq+pzYIF4l0uGBly5daNmOHX1OxsRTCqekc042g=
ARC-Authentication-Results: i=1; smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com;
 spf=pass smtp.mailfrom=flex--sagis.bounces.google.com;
 dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b=tZUifiMO; arc=none smtp.client-ip=209.85.166.73
Authentication-Results: smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com
Authentication-Results: smtp.subspace.kernel.org;
 spf=pass smtp.mailfrom=flex--sagis.bounces.google.com
Authentication-Results: smtp.subspace.kernel.org;
	dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b="tZUifiMO"
Received: by mail-io1-f73.google.com with SMTP id
 ca18e2360f4ac-9447edc234fso1203530339f.2
        for <linux-kernel@vger.kernel.org>;
 Tue, 28 Oct 2025 14:21:16 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=google.com; s=20230601; t=1761686476; x=1762291276;
 darn=vger.kernel.org;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:from:to:cc:subject:date:message-id:reply-to;
        bh=98xagRJ9cnultVeG0sA1nEIFICNJxv1IqATLZK1iFck=;
        b=tZUifiMOxHiwTL+UkOfrimFrhD+go5LJrcEYSIGB7f5p2u3yWRv2f9Wk23HDHGy70h
         4KOB3OC48OjvDyTl4aX6cYHZU+Dw4DqTtMhH7Qz9GV2Mn+liLdGnba2wlRTTBJ1ny59k
         ep4aAsuf/t7UQgvWtHbvDMr2KdF258TAdrIFE4ur7byguwKyt636EJDwPon9i0XbfeEU
         7Bl4wkJkDM8hMhRgG0w5B/pIoflua0I1ut/UjA145+EFQn6RdB5aimjWQNhSwjRuyHBp
         14LNG/wSM/CYlSbDAWnrpFHywTd7wJYBS/IMhJ/P57J0qyAbwpINojjykA+vYb0Le/qJ
         ro7g==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1761686476; x=1762291276;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to;
        bh=98xagRJ9cnultVeG0sA1nEIFICNJxv1IqATLZK1iFck=;
        b=N1so7tR/5J2PRkYa894xQ6T250EBf8t6aiJx868XKbZCtfe9iYH9lq+nOhZOK/EPe6
         XGGw25aW2++R7iLBzoQYbvnU5OjI74HG4E0LewFusiz2csOy4Sw8onnJt3uwlBnnH29w
         roz6CUmHaMeY7bneB4YCGubmJEMGtqjBYpqQYKVsBMkOVlJrWWSzp583VoG060btoNeS
         t2Na3Q3i4/yFrDBDFJjXYsOpUNg0OH5EwT2IwkRaQQR6kGuSpOA71fSHSeREbDYJw7Nj
         WKSI3DuEiR3Z4u7JMSvQdiikf7xJaeE6Q8ug0OPlyUAzDdgmT89qozpWvVT9c1C5W0CK
         fllQ==
X-Gm-Message-State: AOJu0YzdxV5vyTqVi+c6qRxH7HUg1IA27PnvJSf6Y9z9uZDhsSnZbZrl
	fxrzEKKhPx5dVm8vkK+cFQ5edPPPSeqlUSR1KionpirCuBVcpfViHHgANuGBDmBosgHwbRLCLph
	F8A==
X-Google-Smtp-Source: 
 AGHT+IGW9GSavDqWW1ubHmG0FcBgXUDwNg9Hu9nj4+LRBDxNjquSuhnf9Qh5SVD7+iQOAqNbxQDTayP9Wg==
X-Received: from iobeh12.prod.google.com
 ([2002:a05:6602:4a0c:b0:945:a1a1:3681])
 (user=sagis job=prod-delivery.src-stubby-dispatcher) by
 2002:a05:6602:2c8b:b0:892:f398:591
 with SMTP id ca18e2360f4ac-945c96e725amr155242039f.2.1761686475888; Tue, 28
 Oct 2025 14:21:15 -0700 (PDT)
Date: Tue, 28 Oct 2025 21:20:48 +0000
In-Reply-To: <20251028212052.200523-1-sagis@google.com>
Precedence: bulk
X-Mailing-List: linux-kernel@vger.kernel.org
List-Id: <linux-kernel.vger.kernel.org>
List-Subscribe: <mailto:linux-kernel+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:linux-kernel+unsubscribe@vger.kernel.org>
Mime-Version: 1.0
References: <20251028212052.200523-1-sagis@google.com>
X-Mailer: git-send-email 2.51.1.851.g4ebd6896fd-goog
Message-ID: <20251028212052.200523-23-sagis@google.com>
Subject: [PATCH v12 22/23] KVM: selftests: Add ucall support for TDX
From: Sagi Shahar <sagis@google.com>
To: linux-kselftest@vger.kernel.org, Paolo Bonzini <pbonzini@redhat.com>,
	Shuah Khan <shuah@kernel.org>, Sean Christopherson <seanjc@google.com>,
	Ackerley Tng <ackerleytng@google.com>, Ryan Afranji <afranji@google.com>,
	Andrew Jones <ajones@ventanamicro.com>,
 Isaku Yamahata <isaku.yamahata@intel.com>,
	Erdem Aktas <erdemaktas@google.com>,
 Rick Edgecombe <rick.p.edgecombe@intel.com>,
	Sagi Shahar <sagis@google.com>, Roger Wang <runanwang@google.com>,
	Binbin Wu <binbin.wu@linux.intel.com>, Oliver Upton <oliver.upton@linux.dev>,
	"Pratik R. Sampat" <pratikrajesh.sampat@amd.com>,
 Reinette Chatre <reinette.chatre@intel.com>,
	Ira Weiny <ira.weiny@intel.com>, Chao Gao <chao.gao@intel.com>,
	Chenyi Qiang <chenyi.qiang@intel.com>
Cc: linux-kernel@vger.kernel.org, kvm@vger.kernel.org
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain; charset="utf-8"

From: Ackerley Tng <ackerleytng@google.com>

ucalls for non-Coco VMs work by having the guest write to the rdi
register, then perform an io instruction to exit to the host. The host
then reads rdi using kvm_get_regs().

CPU registers can't be read using kvm_get_regs() for TDX, so TDX
guests use MMIO to pass the struct ucall's hva to the host. MMIO was
chosen because it is one of the simplest (hence unlikely to fail)
mechanisms that support passing 8 bytes from guest to host.

Signed-off-by: Ackerley Tng <ackerleytng@google.com>
Co-developed-by: Sagi Shahar <sagis@google.com>
Signed-off-by: Sagi Shahar <sagis@google.com>

----------------------------------------------

Changes from v10:
 * Removed ucall_arch_init() decleration from ucall.h.
 * Replace vm_type type check with is_tdx_vm().
 * Move mmio info initialization under is_tdx_vm() case.
---
 .../selftests/kvm/include/ucall_common.h      |  1 +
 .../testing/selftests/kvm/include/x86/ucall.h |  6 ---
 tools/testing/selftests/kvm/lib/x86/ucall.c   | 46 +++++++++++++++++--
 3 files changed, 42 insertions(+), 11 deletions(-)

diff --git a/tools/testing/selftests/kvm/include/ucall_common.h b/tools/tes=
ting/selftests/kvm/include/ucall_common.h
index d9d6581b8d4f..f5eebf690033 100644
--- a/tools/testing/selftests/kvm/include/ucall_common.h
+++ b/tools/testing/selftests/kvm/include/ucall_common.h
@@ -4,6 +4,7 @@
  */
 #ifndef SELFTEST_KVM_UCALL_COMMON_H
 #define SELFTEST_KVM_UCALL_COMMON_H
+#include "kvm_util.h"
 #include "test_util.h"
 #include "ucall.h"
=20
diff --git a/tools/testing/selftests/kvm/include/x86/ucall.h b/tools/testin=
g/selftests/kvm/include/x86/ucall.h
index d3825dcc3cd9..7e54ec2c1a45 100644
--- a/tools/testing/selftests/kvm/include/x86/ucall.h
+++ b/tools/testing/selftests/kvm/include/x86/ucall.h
@@ -2,12 +2,6 @@
 #ifndef SELFTEST_KVM_UCALL_H
 #define SELFTEST_KVM_UCALL_H
=20
-#include "kvm_util.h"
-
 #define UCALL_EXIT_REASON       KVM_EXIT_IO
=20
-static inline void ucall_arch_init(struct kvm_vm *vm, vm_paddr_t mmio_gpa)
-{
-}
-
 #endif
diff --git a/tools/testing/selftests/kvm/lib/x86/ucall.c b/tools/testing/se=
lftests/kvm/lib/x86/ucall.c
index 1265cecc7dd1..fae6f37b0bcd 100644
--- a/tools/testing/selftests/kvm/lib/x86/ucall.c
+++ b/tools/testing/selftests/kvm/lib/x86/ucall.c
@@ -5,11 +5,35 @@
  * Copyright (C) 2018, Red Hat, Inc.
  */
 #include "kvm_util.h"
+#include "tdx/tdx.h"
+#include "tdx/tdx_util.h"
=20
 #define UCALL_PIO_PORT ((uint16_t)0x1000)
=20
+static uint8_t vm_type;
+static vm_paddr_t host_ucall_mmio_gpa;
+static vm_paddr_t ucall_mmio_gpa;
+
+void ucall_arch_init(struct kvm_vm *vm, vm_paddr_t mmio_gpa)
+{
+	vm_type =3D vm->type;
+	sync_global_to_guest(vm, vm_type);
+
+	if (is_tdx_vm(vm)) {
+		host_ucall_mmio_gpa =3D ucall_mmio_gpa =3D mmio_gpa;
+		ucall_mmio_gpa |=3D vm->arch.s_bit;
+	}
+
+	sync_global_to_guest(vm, ucall_mmio_gpa);
+}
+
 void ucall_arch_do_ucall(vm_vaddr_t uc)
 {
+	if (vm_type =3D=3D KVM_X86_TDX_VM) {
+		tdg_vp_vmcall_ve_request_mmio_write(ucall_mmio_gpa, 8, uc);
+		return;
+	}
+
 	/*
 	 * FIXME: Revert this hack (the entire commit that added it) once nVMX
 	 * preserves L2 GPRs across a nested VM-Exit.  If a ucall from L2, e.g.
@@ -46,11 +70,23 @@ void *ucall_arch_get_ucall(struct kvm_vcpu *vcpu)
 {
 	struct kvm_run *run =3D vcpu->run;
=20
-	if (run->exit_reason =3D=3D KVM_EXIT_IO && run->io.port =3D=3D UCALL_PIO_=
PORT) {
-		struct kvm_regs regs;
+	switch (vm_type) {
+	case KVM_X86_TDX_VM:
+		if (vcpu->run->exit_reason =3D=3D KVM_EXIT_MMIO &&
+		    vcpu->run->mmio.phys_addr =3D=3D host_ucall_mmio_gpa &&
+		    vcpu->run->mmio.len =3D=3D 8 && vcpu->run->mmio.is_write) {
+			uint64_t data =3D *(uint64_t *)vcpu->run->mmio.data;
+
+			return (void *)data;
+		}
+		return NULL;
+	default:
+		if (run->exit_reason =3D=3D KVM_EXIT_IO && run->io.port =3D=3D UCALL_PIO=
_PORT) {
+			struct kvm_regs regs;
=20
-		vcpu_regs_get(vcpu, &regs);
-		return (void *)regs.rdi;
+			vcpu_regs_get(vcpu, &regs);
+			return (void *)regs.rdi;
+		}
+		return NULL;
 	}
-	return NULL;
 }
--=20
2.51.1.851.g4ebd6896fd-goog
From nobody Wed Dec 17 10:41:48 2025
Received: from mail-oa1-f73.google.com (mail-oa1-f73.google.com
 [209.85.160.73])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id C1D35359706
	for <linux-kernel@vger.kernel.org>; Tue, 28 Oct 2025 21:21:17 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org;
 arc=none smtp.client-ip=209.85.160.73
ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;
	t=1761686481; cv=none;
 b=eAD3uCOVzywMLFUw4Wy8A1hbysK1tOi4fFWBzW+05I91PIDcvFjN6s9LIq8ussex0ey0Pu07h1yss7eNCvvni6akrEBSeCrK0deHXI98qwHCtRsQXJMAq/kYC04ng9BJpW60GOsEzh/WQFozIpsYjQv917q0VA1NFs9gd9y6AWQ=
ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org;
	s=arc-20240116; t=1761686481; c=relaxed/simple;
	bh=qfaC2A7mPzRh1wHLGzIzthw0+fibjKOEou+mOk9ZG90=;
	h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From:
	 To:Cc:Content-Type;
 b=KHB3rIIaLnAdD5kphXDTdlvFh7YCXhpqBg9EkpEhBm5o8m6IMkego7S7R5vwVNkCXce9UsBQ8uHLxWtIOjHf9ER9ZeywsF8PT/qdxKyGs/cvHdkDXQFSMiEYexEEut4N133DGFZyAbuYeUKk5n3UzRgLeZQ73BtMzbbybiKd4fw=
ARC-Authentication-Results: i=1; smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com;
 spf=pass smtp.mailfrom=flex--sagis.bounces.google.com;
 dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b=WjIt/cYh; arc=none smtp.client-ip=209.85.160.73
Authentication-Results: smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com
Authentication-Results: smtp.subspace.kernel.org;
 spf=pass smtp.mailfrom=flex--sagis.bounces.google.com
Authentication-Results: smtp.subspace.kernel.org;
	dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b="WjIt/cYh"
Received: by mail-oa1-f73.google.com with SMTP id
 586e51a60fabf-3c96de7fdf3so9917928fac.1
        for <linux-kernel@vger.kernel.org>;
 Tue, 28 Oct 2025 14:21:17 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=google.com; s=20230601; t=1761686477; x=1762291277;
 darn=vger.kernel.org;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:from:to:cc:subject:date:message-id:reply-to;
        bh=CS0IWmflrx758IAyyWQq7DhPqTRvRcCDsa+nQ4BIQi4=;
        b=WjIt/cYhRMQxSZ5dj4nZMe59IdNEzIK3M2gwoVZnS9HaVvnNAUGW41Dmo9hvB18AWi
         HojWpk0TsgiKE9Siofje5YOY9lCbKVmsoAfORCdmYWcolEV9wKIxKm1gJY1M1mjOwk6f
         qTrECfQcbjFFWAADt08y1udDkHzuQMlVStg+W3wqGaRuGPrfF+Gd3DN5YwcUbHH1hD8s
         oOiC2v6GK9p5yXyIxMUGsdBfZnZYEBoWvAzVCtRNNCFpF3LSQlvgAwQpZHzKY8/B/Vq5
         TkBQTIgUmNXeAE15G5mIo2c4RWaklhfacDAlFNttebSREsUSU72ImvbyfFPcrPi2GkcA
         a0Iw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1761686477; x=1762291277;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to;
        bh=CS0IWmflrx758IAyyWQq7DhPqTRvRcCDsa+nQ4BIQi4=;
        b=rATqs5XrWY9l55K8TLKdU2fqSoL+6NH2975MYrGXn4fCk+bOieVNFe3J11ZPP4/GNw
         flScFQrCfyJRK5dYAFCm5e3Q3z+vRZfNmS4V84EIW+GKp4MfdHJl4W401TL2EjY+FHXB
         skd161Rrs/oyXJw8jbV4bJXHpQ90tEwrr66DjYFcjGgKeu07K4DqVJ77xGsy2/Ka37oZ
         ye/y3g+B5mtGcFFh80Z3VIUz2WdEI6L/yeMEB3+iJOnxtVpiRq03+jRMDNc2mnBoqGYJ
         eKF7krcFwg5GhWt+DAAT1Ss3VjiLqsFl7eCo6ly8DOSxT7H+2ra1RzNKVxo2jzmfjc2h
         NNEA==
X-Gm-Message-State: AOJu0YyII1MRjc6YhKuJTA3HBIyFqZYDHG5J0N6xPajv2ddM/lMJY6H9
	uUkIjcbxzVjwBfpHVvBcZ5E5lCqMECebXrrrYW5kv7ipUwyyo14XG7TXFJks4ReVYHwIxSPR5GD
	UdA==
X-Google-Smtp-Source: 
 AGHT+IH9FCcaXI/EKUJmw3moCTxbFHd52ZJluIjy8ghlVGUWeAZZptsgmg2AF7Kqcixt3CD2LMrRRymXIA==
X-Received: from oabcr6.prod.google.com
 ([2002:a05:6870:ebc6:b0:3c9:a56f:e0b7])
 (user=sagis job=prod-delivery.src-stubby-dispatcher) by
 2002:a05:6871:6081:b0:3d2:f13:698c
 with SMTP id 586e51a60fabf-3d74b26bce8mr402771fac.32.1761686476891; Tue, 28
 Oct 2025 14:21:16 -0700 (PDT)
Date: Tue, 28 Oct 2025 21:20:49 +0000
In-Reply-To: <20251028212052.200523-1-sagis@google.com>
Precedence: bulk
X-Mailing-List: linux-kernel@vger.kernel.org
List-Id: <linux-kernel.vger.kernel.org>
List-Subscribe: <mailto:linux-kernel+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:linux-kernel+unsubscribe@vger.kernel.org>
Mime-Version: 1.0
References: <20251028212052.200523-1-sagis@google.com>
X-Mailer: git-send-email 2.51.1.851.g4ebd6896fd-goog
Message-ID: <20251028212052.200523-24-sagis@google.com>
Subject: [PATCH v12 23/23] KVM: selftests: Add TDX lifecycle test
From: Sagi Shahar <sagis@google.com>
To: linux-kselftest@vger.kernel.org, Paolo Bonzini <pbonzini@redhat.com>,
	Shuah Khan <shuah@kernel.org>, Sean Christopherson <seanjc@google.com>,
	Ackerley Tng <ackerleytng@google.com>, Ryan Afranji <afranji@google.com>,
	Andrew Jones <ajones@ventanamicro.com>,
 Isaku Yamahata <isaku.yamahata@intel.com>,
	Erdem Aktas <erdemaktas@google.com>,
 Rick Edgecombe <rick.p.edgecombe@intel.com>,
	Sagi Shahar <sagis@google.com>, Roger Wang <runanwang@google.com>,
	Binbin Wu <binbin.wu@linux.intel.com>, Oliver Upton <oliver.upton@linux.dev>,
	"Pratik R. Sampat" <pratikrajesh.sampat@amd.com>,
 Reinette Chatre <reinette.chatre@intel.com>,
	Ira Weiny <ira.weiny@intel.com>, Chao Gao <chao.gao@intel.com>,
	Chenyi Qiang <chenyi.qiang@intel.com>
Cc: linux-kernel@vger.kernel.org, kvm@vger.kernel.org
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain; charset="utf-8"

Adding a test to verify TDX lifecycle by creating a simple TD.

Signed-off-by: Sagi Shahar <sagis@google.com>

---------------------------------------------

Changes from v11:
 * Removed vm_tdx_create_with_one_vcpu and replaced the call site with
   vm_create_shape_with_one_vcpu
---
 tools/testing/selftests/kvm/Makefile.kvm      |  1 +
 .../selftests/kvm/include/x86/processor.h     |  1 +
 .../selftests/kvm/include/x86/tdx/tdx_util.h  |  8 +++++
 tools/testing/selftests/kvm/x86/tdx_vm_test.c | 33 +++++++++++++++++++
 4 files changed, 43 insertions(+)
 create mode 100644 tools/testing/selftests/kvm/x86/tdx_vm_test.c

diff --git a/tools/testing/selftests/kvm/Makefile.kvm b/tools/testing/selft=
ests/kvm/Makefile.kvm
index b7a518d62098..2f49c8965df9 100644
--- a/tools/testing/selftests/kvm/Makefile.kvm
+++ b/tools/testing/selftests/kvm/Makefile.kvm
@@ -156,6 +156,7 @@ TEST_GEN_PROGS_x86 +=3D rseq_test
 TEST_GEN_PROGS_x86 +=3D steal_time
 TEST_GEN_PROGS_x86 +=3D system_counter_offset_test
 TEST_GEN_PROGS_x86 +=3D pre_fault_memory_test
+TEST_GEN_PROGS_x86 +=3D x86/tdx_vm_test
=20
 # Compiled outputs used by test targets
 TEST_GEN_PROGS_EXTENDED_x86 +=3D x86/nx_huge_pages_test
diff --git a/tools/testing/selftests/kvm/include/x86/processor.h b/tools/te=
sting/selftests/kvm/include/x86/processor.h
index dba2b3d558d1..7cd70ff15412 100644
--- a/tools/testing/selftests/kvm/include/x86/processor.h
+++ b/tools/testing/selftests/kvm/include/x86/processor.h
@@ -369,6 +369,7 @@ static inline unsigned int x86_model(unsigned int eax)
 #define VM_SHAPE_SEV		VM_TYPE(KVM_X86_SEV_VM)
 #define VM_SHAPE_SEV_ES		VM_TYPE(KVM_X86_SEV_ES_VM)
 #define VM_SHAPE_SNP		VM_TYPE(KVM_X86_SNP_VM)
+#define VM_SHAPE_TDX		VM_TYPE(KVM_X86_TDX_VM)
=20
 /* Page table bitfield declarations */
 #define PTE_PRESENT_MASK        BIT_ULL(0)
diff --git a/tools/testing/selftests/kvm/include/x86/tdx/tdx_util.h b/tools=
/testing/selftests/kvm/include/x86/tdx/tdx_util.h
index 2467b6c35557..f8e1c4d92a7a 100644
--- a/tools/testing/selftests/kvm/include/x86/tdx/tdx_util.h
+++ b/tools/testing/selftests/kvm/include/x86/tdx/tdx_util.h
@@ -11,6 +11,14 @@ static inline bool is_tdx_vm(struct kvm_vm *vm)
 	return vm->type =3D=3D KVM_X86_TDX_VM;
 }
=20
+/*
+ * Verify that TDX is supported by KVM.
+ */
+static inline bool is_tdx_enabled(void)
+{
+	return !!(kvm_check_cap(KVM_CAP_VM_TYPES) & BIT(KVM_X86_TDX_VM));
+}
+
 /*
  * TDX ioctls
  */
diff --git a/tools/testing/selftests/kvm/x86/tdx_vm_test.c b/tools/testing/=
selftests/kvm/x86/tdx_vm_test.c
new file mode 100644
index 000000000000..a37ab0fb2a97
--- /dev/null
+++ b/tools/testing/selftests/kvm/x86/tdx_vm_test.c
@@ -0,0 +1,33 @@
+// SPDX-License-Identifier: GPL-2.0-only
+
+#include "processor.h"
+#include "kvm_util.h"
+#include "tdx/tdx_util.h"
+#include "ucall_common.h"
+#include "kselftest_harness.h"
+
+static void guest_code_lifecycle(void)
+{
+	GUEST_DONE();
+}
+
+TEST(verify_td_lifecycle)
+{
+	struct kvm_vcpu *vcpu;
+	struct kvm_vm *vm;
+	struct ucall uc;
+
+	vm =3D vm_create_shape_with_one_vcpu(VM_SHAPE_TDX, &vcpu,
+					   guest_code_lifecycle);
+
+	vcpu_run(vcpu);
+	TEST_ASSERT_EQ(get_ucall(vcpu, &uc), UCALL_DONE);
+
+	kvm_vm_free(vm);
+}
+
+int main(int argc, char **argv)
+{
+	TEST_REQUIRE(is_tdx_enabled());
+	return test_harness_run(argc, argv);
+}
--=20
2.51.1.851.g4ebd6896fd-goog