From nobody Sun May 24 19:34:54 2026
Received: from mail-pg1-f202.google.com (mail-pg1-f202.google.com
 [209.85.215.202])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id 94C20344D9B
	for <linux-kernel@vger.kernel.org>; Thu, 21 May 2026 23:17:22 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org;
 arc=none smtp.client-ip=209.85.215.202
ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;
	t=1779405444; cv=none;
 b=CNCuX1jJ8e+dOFfZ+udh3EpsuX0YJYoDdq26L8vwoEDCA7OCzkJc60luH0IQsg7jTqXyh/wHqAuCnl3QegYvWOYWG1zE7pd3hyuDSuDsI71vWTyYbRvRJWymL8l20NF7sBNNq/e4W6/81oYiiujVByOYlIAeUYMG9gwH29T8thw=
ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org;
	s=arc-20240116; t=1779405444; c=relaxed/simple;
	bh=AJHof9uds57GJf3ZjkCCl1BuKyNY2FzZtq/u9G54vA0=;
	h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From:
	 To:Cc:Content-Type;
 b=Alcx3Fz22eN17tD6H2tTQkbTHYwleOHEutYoBR6a+x7W4lFNZcWX9s+HyBohRp+X0juuLednp6awBcg9V4HcMhThuGqSdOCrimClyLvqMmn1g5HOK7mpjO3x1CdJC/FwQSowmXHevU0G0JHrTjfFoJSHzh+iIqP5h8PyMReErvY=
ARC-Authentication-Results: i=1; smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com;
 spf=pass smtp.mailfrom=flex--wyihan.bounces.google.com;
 dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b=KSWubWy6; arc=none smtp.client-ip=209.85.215.202
Authentication-Results: smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com
Authentication-Results: smtp.subspace.kernel.org;
 spf=pass smtp.mailfrom=flex--wyihan.bounces.google.com
Authentication-Results: smtp.subspace.kernel.org;
	dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b="KSWubWy6"
Received: by mail-pg1-f202.google.com with SMTP id
 41be03b00d2f7-c850ff84ddfso2529502a12.2
        for <linux-kernel@vger.kernel.org>;
 Thu, 21 May 2026 16:17:22 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=google.com; s=20251104; t=1779405442; x=1780010242;
 darn=vger.kernel.org;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:from:to:cc:subject:date:message-id:reply-to;
        bh=7EAyw0PukGOP2yPXuj5NIxJuzEYzUJ0RUd3D3TdwN3s=;
        b=KSWubWy6/mEDifnIMrrd8lmaNdX4WZwG27qWHxLRHrIbWrpD6cjQWe2uOT6uddjb6H
         +opUliaSyB/99QeZs0u4uQUbjEWUI515VSxst9JtuX5UbNHyYvk8uzUCxBTyuXNdSX9V
         J4+yRwrVwU6BTquZKW5aKp8RmmLrbtHRZXWHJRo24O9t1OYHilwjt6JoAiKXf9rtqzEf
         eZP0m2tSGKoxa7A5iWpaT+12nMZXXeDsVmesb1mq9D6BU+f3uymHxjgxvLlST9AO7rGb
         RvQ1OGMU/P5GZXLIJ8FsYDX+J6F9r+9+iHBEPJ3VtYyKxlTYWRJ2cbB1fnUFZcbKGn0H
         OE0g==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20251104; t=1779405442; x=1780010242;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to;
        bh=7EAyw0PukGOP2yPXuj5NIxJuzEYzUJ0RUd3D3TdwN3s=;
        b=UllaxKlRGMSkICFK4NwjuDxP/X8wn1K12zpyFHlWF222AfgvyvIywJqJXD56JFaTD6
         8rDarDT20+Bq15UO58XwUqGZ+UAuJ75J14k/4OJUf3l/u4UvwtYwEe6zLhqVlBJq8/gX
         Fx02ICA/DXhuKYES83Sn+h6gYFld4tbCooXu6eDSLY0L4dU6BGBaWTIFL9v0TznB6IF0
         QmmnBXpBr7oLh6XDHGgarAgIgj3LKYLZmqQTCZcuCd9yjirw4cirFw+nmHYvJU4wDC3I
         haiWY3FYlWTVWfdPa+V9fCQi3II0S091FfggygwJNfSlgmBSES1xOijO1BI83S32nazx
         /lMw==
X-Forwarded-Encrypted: i=1;
 AFNElJ9nFim9pNODm/JGSB+WR617g5a1D5//cYcw+99Rz3NaUYJ2fq3Ap2f/45Ny8fYNAeGPIRYx7l6ABiLv9s8=@vger.kernel.org
X-Gm-Message-State: AOJu0Yy4+27DPLomvVeRuwdFSzerRa72TbDG7HL/hPzPH/4t2WWZi4Rb
	LxBUWUYubclsnNjsGXVSwMxL7S8htxfPd+q0g04cW1Ur4WnyPO3JbVsW7CgLeoTtTtPSYNf3XkS
	k6pUA/g==
X-Received: from pfbhu35.prod.google.com
 ([2002:a05:6a00:69a3:b0:82f:5b50:db30])
 (user=wyihan job=prod-delivery.src-stubby-dispatcher) by
 2002:a05:6a21:68f:b0:3b1:a9ce:5095
 with SMTP id adf61e73a8af0-3b328d940ebmr891980637.22.1779405441613; Thu, 21
 May 2026 16:17:21 -0700 (PDT)
Date: Thu, 21 May 2026 23:16:42 +0000
In-Reply-To: <20260521-tdx-selftests-v13-v13-0-6983ae4c3a4d@google.com>
Precedence: bulk
X-Mailing-List: linux-kernel@vger.kernel.org
List-Id: <linux-kernel.vger.kernel.org>
List-Subscribe: <mailto:linux-kernel+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:linux-kernel+unsubscribe@vger.kernel.org>
Mime-Version: 1.0
References: <20260521-tdx-selftests-v13-v13-0-6983ae4c3a4d@google.com>
X-Developer-Key: i=wyihan@google.com; a=ed25519;
 pk=cRi0fKzS5BMxlHyHY2pJv3w/1zcgfYKr6EYGYppdMYc=
X-Developer-Signature: v=1; a=ed25519-sha256; t=1779405439; l=7777;
 i=wyihan@google.com; s=20260319; h=from:subject:message-id;
 bh=JHkY9FocbRWshGCdU20jKcRRS7h6ChdXPCzwPWNDo2w=;
 b=U4JpKZtjKa5yNtiCQmT2R3/E9xKpYLAM51gEtsIpEWhCrEd8LCrGOisO0f7BzDpB4izrlQF0k
 Toz+ep7VWv8BPW523/aWQDZftn4jb58PMrPgjzV5ba2DTCmfa3u2PIi
X-Mailer: b4 0.14.3
Message-ID: <20260521-tdx-selftests-v13-v13-1-6983ae4c3a4d@google.com>
Subject: [PATCH  v13 01/22] KVM: selftests: Add macros to simplify creating VM
 shapes for non-default types
From: Lisa Wang <wyihan@google.com>
To: Andrew Jones <ajones@ventanamicro.com>,
 Ackerley Tng <ackerleytng@google.com>,
	Binbin Wu <binbin.wu@linux.intel.com>, Chao Gao <chao.gao@intel.com>,
	Chenyi Qiang <chenyi.qiang@intel.com>,
 Dave Hansen <dave.hansen@linux.intel.com>,
	Erdem Aktas <erdemaktas@google.com>, Ira Weiny <ira.weiny@intel.com>,
	Isaku Yamahata <isaku.yamahata@intel.com>, Kiryl Shutsemau <kas@kernel.org>,
	linux-kselftest@vger.kernel.org, Paolo Bonzini <pbonzini@redhat.com>,
	"Pratik R. Sampat" <pratikrajesh.sampat@amd.com>,
 Reinette Chatre <reinette.chatre@intel.com>,
	Rick Edgecombe <rick.p.edgecombe@intel.com>,
 Roger Wang <runanwang@google.com>,
	Ryan Afranji <afranji@google.com>, Sagi Shahar <sagis@google.com>,
	Sean Christopherson <seanjc@google.com>, Shuah Khan <shuah@kernel.org>,
 Oliver Upton <oupton@kernel.org>
Cc: Jeremiah McReynolds <jmcrey@google.com>, kvm@vger.kernel.org,
 linux-coco@lists.linux.dev,
	linux-kernel@vger.kernel.org, x86@kernel.org, Lisa Wang <wyihan@google.com>
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable

From: Sean Christopherson <seanjc@google.com>

Add VM_TYPE() and __VM_TYPE() macros to create a vm_shape structure given
a type (and mode), and use the macros to define VM_SHAPE_{SEV,SEV_ES,SNP}
shapes for x86's SEV family of VM shapes.  Providing common infrastructure
will avoid having to copy+paste vm_sev_create_with_one_vcpu() for TDX.

Use the new SEV+ shapes and drop vm_sev_create_with_one_vcpu().

No functional change intended.

Signed-off-by: Sean Christopherson <seanjc@google.com>
Signed-off-by: Sagi Shahar <sagis@google.com>
Reviewed-by: Binbin Wu <binbin.wu@linux.intel.com>
Reviewed-by: Ira Weiny <ira.weiny@intel.com>
Signed-off-by: Lisa Wang <wyihan@google.com>
---
 tools/testing/selftests/kvm/include/kvm_util.h     | 13 +++++++
 .../testing/selftests/kvm/include/x86/processor.h  |  4 +++
 tools/testing/selftests/kvm/include/x86/sev.h      |  2 --
 tools/testing/selftests/kvm/lib/x86/sev.c          | 16 ---------
 tools/testing/selftests/kvm/x86/sev_smoke_test.c   | 40 +++++++++++-------=
----
 5 files changed, 37 insertions(+), 38 deletions(-)

diff --git a/tools/testing/selftests/kvm/include/kvm_util.h b/tools/testing=
/selftests/kvm/include/kvm_util.h
index dc70c6da63fa..041bdbfb93f7 100644
--- a/tools/testing/selftests/kvm/include/kvm_util.h
+++ b/tools/testing/selftests/kvm/include/kvm_util.h
@@ -233,6 +233,19 @@ kvm_static_assert(sizeof(struct vm_shape) =3D=3D sizeo=
f(u64));
 	shape;					\
 })
=20
+#define __VM_TYPE(__mode, __type)		\
+({						\
+	struct vm_shape shape =3D {		\
+		.mode =3D (__mode),		\
+		.type =3D (__type)		\
+	};					\
+						\
+	shape;					\
+})
+
+#define VM_TYPE(__type)				\
+	__VM_TYPE(VM_MODE_DEFAULT, __type)
+
 extern enum vm_guest_mode vm_mode_default;
=20
 #if defined(__aarch64__)
diff --git a/tools/testing/selftests/kvm/include/x86/processor.h b/tools/te=
sting/selftests/kvm/include/x86/processor.h
index 77f576ee7789..0aa6eecfcbde 100644
--- a/tools/testing/selftests/kvm/include/x86/processor.h
+++ b/tools/testing/selftests/kvm/include/x86/processor.h
@@ -365,6 +365,10 @@ static inline unsigned int x86_model(unsigned int eax)
 	return ((eax >> 12) & 0xf0) | ((eax >> 4) & 0x0f);
 }
=20
+#define VM_SHAPE_SEV		VM_TYPE(KVM_X86_SEV_VM)
+#define VM_SHAPE_SEV_ES		VM_TYPE(KVM_X86_SEV_ES_VM)
+#define VM_SHAPE_SNP		VM_TYPE(KVM_X86_SNP_VM)
+
 #define PHYSICAL_PAGE_MASK      GENMASK_ULL(51, 12)
=20
 #define PAGE_SHIFT		12
diff --git a/tools/testing/selftests/kvm/include/x86/sev.h b/tools/testing/=
selftests/kvm/include/x86/sev.h
index 1af44c151d60..944c59dbe510 100644
--- a/tools/testing/selftests/kvm/include/x86/sev.h
+++ b/tools/testing/selftests/kvm/include/x86/sev.h
@@ -53,8 +53,6 @@ void snp_vm_launch_start(struct kvm_vm *vm, u64 policy);
 void snp_vm_launch_update(struct kvm_vm *vm);
 void snp_vm_launch_finish(struct kvm_vm *vm);
=20
-struct kvm_vm *vm_sev_create_with_one_vcpu(u32 type, void *guest_code,
-					   struct kvm_vcpu **cpu);
 void vm_sev_launch(struct kvm_vm *vm, u64 policy, u8 *measurement);
=20
 kvm_static_assert(SEV_RET_SUCCESS =3D=3D 0);
diff --git a/tools/testing/selftests/kvm/lib/x86/sev.c b/tools/testing/self=
tests/kvm/lib/x86/sev.c
index 93f916903461..95d8520eea34 100644
--- a/tools/testing/selftests/kvm/lib/x86/sev.c
+++ b/tools/testing/selftests/kvm/lib/x86/sev.c
@@ -158,22 +158,6 @@ void snp_vm_launch_finish(struct kvm_vm *vm)
 	vm_sev_ioctl(vm, KVM_SEV_SNP_LAUNCH_FINISH, &launch_finish);
 }
=20
-struct kvm_vm *vm_sev_create_with_one_vcpu(u32 type, void *guest_code,
-					   struct kvm_vcpu **cpu)
-{
-	struct vm_shape shape =3D {
-		.mode =3D VM_MODE_DEFAULT,
-		.type =3D type,
-	};
-	struct kvm_vm *vm;
-	struct kvm_vcpu *cpus[1];
-
-	vm =3D __vm_create_with_vcpus(shape, 1, 0, guest_code, cpus);
-	*cpu =3D cpus[0];
-
-	return vm;
-}
-
 void vm_sev_launch(struct kvm_vm *vm, u64 policy, u8 *measurement)
 {
 	if (is_sev_snp_vm(vm)) {
diff --git a/tools/testing/selftests/kvm/x86/sev_smoke_test.c b/tools/testi=
ng/selftests/kvm/x86/sev_smoke_test.c
index 1a49ee391586..fe2c438882ae 100644
--- a/tools/testing/selftests/kvm/x86/sev_smoke_test.c
+++ b/tools/testing/selftests/kvm/x86/sev_smoke_test.c
@@ -104,7 +104,7 @@ static void compare_xsave(u8 *from_host, u8 *from_guest)
 		abort();
 }
=20
-static void test_sync_vmsa(u32 type, u64 policy)
+static void test_sync_vmsa(struct vm_shape shape, u64 policy)
 {
 	struct kvm_vcpu *vcpu;
 	struct kvm_vm *vm;
@@ -114,7 +114,7 @@ static void test_sync_vmsa(u32 type, u64 policy)
 	double x87val =3D M_PI;
 	struct kvm_xsave __attribute__((aligned(64))) xsave =3D { 0 };
=20
-	vm =3D vm_sev_create_with_one_vcpu(type, guest_code_xsave, &vcpu);
+	vm =3D vm_create_shape_with_one_vcpu(shape, &vcpu, guest_code_xsave);
 	gva =3D vm_alloc_shared(vm, PAGE_SIZE, KVM_UTIL_MIN_VADDR,
 			      MEM_REGION_TEST_DATA);
 	hva =3D addr_gva2hva(vm, gva);
@@ -150,13 +150,13 @@ static void test_sync_vmsa(u32 type, u64 policy)
 	kvm_vm_free(vm);
 }
=20
-static void test_sev(void *guest_code, u32 type, u64 policy)
+static void test_sev(void *guest_code, struct vm_shape shape, u64 policy)
 {
 	struct kvm_vcpu *vcpu;
 	struct kvm_vm *vm;
 	struct ucall uc;
=20
-	vm =3D vm_sev_create_with_one_vcpu(type, guest_code, &vcpu);
+	vm =3D vm_create_shape_with_one_vcpu(shape, &vcpu, guest_code);
=20
 	/* TODO: Validate the measurement is as expected. */
 	vm_sev_launch(vm, policy, NULL);
@@ -201,12 +201,12 @@ static void guest_shutdown_code(void)
 	__asm__ __volatile__("ud2");
 }
=20
-static void test_sev_shutdown(u32 type, u64 policy)
+static void test_sev_shutdown(struct vm_shape shape, u64 policy)
 {
 	struct kvm_vcpu *vcpu;
 	struct kvm_vm *vm;
=20
-	vm =3D vm_sev_create_with_one_vcpu(type, guest_shutdown_code, &vcpu);
+	vm =3D vm_create_shape_with_one_vcpu(shape, &vcpu, guest_shutdown_code);
=20
 	vm_sev_launch(vm, policy, NULL);
=20
@@ -218,28 +218,28 @@ static void test_sev_shutdown(u32 type, u64 policy)
 	kvm_vm_free(vm);
 }
=20
-static void test_sev_smoke(void *guest, u32 type, u64 policy)
+static void test_sev_smoke(void *guest, struct vm_shape shape, u64 policy)
 {
 	const u64 xf_mask =3D XFEATURE_MASK_X87_AVX;
=20
-	if (type =3D=3D KVM_X86_SNP_VM)
-		test_sev(guest, type, policy | SNP_POLICY_DBG);
+	if (shape.type =3D=3D KVM_X86_SNP_VM)
+		test_sev(guest, shape, policy | SNP_POLICY_DBG);
 	else
-		test_sev(guest, type, policy | SEV_POLICY_NO_DBG);
-	test_sev(guest, type, policy);
+		test_sev(guest, shape, policy | SEV_POLICY_NO_DBG);
+	test_sev(guest, shape, policy);
=20
-	if (type =3D=3D KVM_X86_SEV_VM)
+	if (shape.type =3D=3D KVM_X86_SEV_VM)
 		return;
=20
-	test_sev_shutdown(type, policy);
+	test_sev_shutdown(shape, policy);
=20
 	if (kvm_has_cap(KVM_CAP_XCRS) &&
 	    (xgetbv(0) & kvm_cpu_supported_xcr0() & xf_mask) =3D=3D xf_mask) {
-		test_sync_vmsa(type, policy);
-		if (type =3D=3D KVM_X86_SNP_VM)
-			test_sync_vmsa(type, policy | SNP_POLICY_DBG);
+		test_sync_vmsa(shape, policy);
+		if (shape.type =3D=3D KVM_X86_SNP_VM)
+			test_sync_vmsa(shape, policy | SNP_POLICY_DBG);
 		else
-			test_sync_vmsa(type, policy | SEV_POLICY_NO_DBG);
+			test_sync_vmsa(shape, policy | SEV_POLICY_NO_DBG);
 	}
 }
=20
@@ -247,13 +247,13 @@ int main(int argc, char *argv[])
 {
 	TEST_REQUIRE(kvm_cpu_has(X86_FEATURE_SEV));
=20
-	test_sev_smoke(guest_sev_code, KVM_X86_SEV_VM, 0);
+	test_sev_smoke(guest_sev_code, VM_SHAPE_SEV, 0);
=20
 	if (kvm_cpu_has(X86_FEATURE_SEV_ES))
-		test_sev_smoke(guest_sev_es_code, KVM_X86_SEV_ES_VM, SEV_POLICY_ES);
+		test_sev_smoke(guest_sev_es_code, VM_SHAPE_SEV_ES, SEV_POLICY_ES);
=20
 	if (kvm_cpu_has(X86_FEATURE_SEV_SNP))
-		test_sev_smoke(guest_snp_code, KVM_X86_SNP_VM, snp_default_policy());
+		test_sev_smoke(guest_snp_code, VM_SHAPE_SNP, snp_default_policy());
=20
 	return 0;
 }

--=20
2.54.0.746.g67dd491aae-goog
From nobody Sun May 24 19:34:54 2026
Received: from mail-pl1-f202.google.com (mail-pl1-f202.google.com
 [209.85.214.202])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id 6CFE234EF1F
	for <linux-kernel@vger.kernel.org>; Thu, 21 May 2026 23:17:23 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org;
 arc=none smtp.client-ip=209.85.214.202
ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;
	t=1779405445; cv=none;
 b=Rs/sETuVBEMFW/LPVzF3/37QFcBd0EaKT2hRPdLTEthKAHcIdRDOlE9nzvt6LL65WFcP1mFPDJq0z3SDF4EdyJ8bhZPd4sQB/0n6vIMfuzAEljSCX8Yw1fHOs2Gx1zmZEaYsJtMldMAX7+M7N31LVPF/T46XKt30sH95Zhvfw0Y=
ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org;
	s=arc-20240116; t=1779405445; c=relaxed/simple;
	bh=Nb9n5Zfl6XHD24e+MfA5DCrPRrVV/vR/vu521DzOCmE=;
	h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From:
	 To:Cc:Content-Type;
 b=Op4L+8zHuezjfCK0wRLgyV8NNRcbNKQ7DP86jlZyU8wD2J4z7ibrdoRtprtP/eRqBHA6bSwbksizGmJXQYG2eWhYhOczuSQaad9PKS74GNYdqLhcsdb10xaPQOwoeRMLsGqe++QvntB2zxneEIv6pxo1p0gsHNsvwLV6/eSfaJw=
ARC-Authentication-Results: i=1; smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com;
 spf=pass smtp.mailfrom=flex--wyihan.bounces.google.com;
 dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b=WdL8vRhN; arc=none smtp.client-ip=209.85.214.202
Authentication-Results: smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com
Authentication-Results: smtp.subspace.kernel.org;
 spf=pass smtp.mailfrom=flex--wyihan.bounces.google.com
Authentication-Results: smtp.subspace.kernel.org;
	dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b="WdL8vRhN"
Received: by mail-pl1-f202.google.com with SMTP id
 d9443c01a7336-2be9e0905a9so17924325ad.3
        for <linux-kernel@vger.kernel.org>;
 Thu, 21 May 2026 16:17:23 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=google.com; s=20251104; t=1779405443; x=1780010243;
 darn=vger.kernel.org;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:from:to:cc:subject:date:message-id:reply-to;
        bh=9MlBPDYt2s87xgiEqgjzOOC/H+bt5La44h6DA7T2Yuc=;
        b=WdL8vRhN7iY5NS/H+TMSzaVQFNt/cF8DXJmQwKjK/GsxuP71bWqO2EIG16MJDp20tZ
         pflnFdaNBmWxypnYsrxMq25d8US9oX4hee9UoNUCd4XgRvXU+w3ZngfcT+x4+r7bhERf
         Li1Pj82FJU1OT9d8H5WWZ3/z2pbaAHkzxFjFDDMKQmdnscuUff2H5ItXFcjAlLUCxPm5
         RsebfeF4VJ/4wBJcHJhFHVVXz8V0rPWzWz3bbBbixfx5YgRqHeNcvsuPwUz3AidupsrN
         /hu8ST7Sc0GPnUihDaekXdbrA6lN122n9eKRfQnxFSX3UXMDSAAtAS7ZtP7pmS/3flFQ
         ZVAg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20251104; t=1779405443; x=1780010243;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to;
        bh=9MlBPDYt2s87xgiEqgjzOOC/H+bt5La44h6DA7T2Yuc=;
        b=ndu8Lw4Ms+eeekI+tl+dsFPhoCnVQ2Y/7OX8Yrgh7hm/5OsGfHgQBYo8iMElMrT3Ar
         u8Uy+xsa7BCLfYNo+qaq++Qzmd2CKAYiw08Rss8wYAinyFhBereNShoVSyXt1Sj0FOLB
         sBWrowzWLxAGg3EuMw373KcASuPU+qaQAh9NNZQPrpQgYHhqZkKYeBOKHFko8BgXoHxu
         k4z8sDmaDOCmUNw9ahncH2GmW/UOq2Y0NYTIdtnyfr5Vs2Jasf1rwswh094ZnBMcgvpC
         tEwXlt99AhkKi9plGXkipzH0vWpvvFqQ+nGIH4Sx0M5yl6cbwIq52cLAj2AIDSWvk1Mn
         Ti/g==
X-Forwarded-Encrypted: i=1;
 AFNElJ/ER99q94ChBtv9H2lqD9nwiU2AO1726b2xw4RxDctZWH+G2jEjGvnNKc2LdsWaXHK6xaxLxZKOQhXBxc4=@vger.kernel.org
X-Gm-Message-State: AOJu0Yxr2zmSTr4xFL1+xmhTzbRQR/Z4TphrBpIkJmJCi4rWDXEtSA8O
	jufOGYdOGdDdEt2S2pZBPVdD/kuyqeaA6C0OowX3lwNyzzQtyF3PTL/G8JOadrQlIuomtXOQNs2
	ACDUFOA==
X-Received: from plgx12.prod.google.com ([2002:a17:902:ec8c:b0:2bc:ac01:8af8])
 (user=wyihan job=prod-delivery.src-stubby-dispatcher) by
 2002:a17:902:d48e:b0:2ba:5a20:1d94
 with SMTP id d9443c01a7336-2beb059944cmr9240185ad.13.1779405442560; Thu, 21
 May 2026 16:17:22 -0700 (PDT)
Date: Thu, 21 May 2026 23:16:43 +0000
In-Reply-To: <20260521-tdx-selftests-v13-v13-0-6983ae4c3a4d@google.com>
Precedence: bulk
X-Mailing-List: linux-kernel@vger.kernel.org
List-Id: <linux-kernel.vger.kernel.org>
List-Subscribe: <mailto:linux-kernel+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:linux-kernel+unsubscribe@vger.kernel.org>
Mime-Version: 1.0
References: <20260521-tdx-selftests-v13-v13-0-6983ae4c3a4d@google.com>
X-Developer-Key: i=wyihan@google.com; a=ed25519;
 pk=cRi0fKzS5BMxlHyHY2pJv3w/1zcgfYKr6EYGYppdMYc=
X-Developer-Signature: v=1; a=ed25519-sha256; t=1779405439; l=2783;
 i=wyihan@google.com; s=20260319; h=from:subject:message-id;
 bh=75VEM4ux6bv2BMSA2rJTYBrB4tAAd8DHy97X2RY5WhE=;
 b=Pap4XfeqimmecoZJ/4z2V/ABOtYv7ILkzOaI2B/IHITplo1nVtl5507jg+jiIXu1rWzbs2Ygr
 d8P+nbFvBUhAdjCUGyN61J1VbP+964pHBMaHUdfkmOED3aRWwIFZA37
X-Mailer: b4 0.14.3
Message-ID: <20260521-tdx-selftests-v13-v13-2-6983ae4c3a4d@google.com>
Subject: [PATCH  v13 02/22] KVM: selftests: Update
 kvm_init_vm_address_properties()
 for TDX
From: Lisa Wang <wyihan@google.com>
To: Andrew Jones <ajones@ventanamicro.com>,
 Ackerley Tng <ackerleytng@google.com>,
	Binbin Wu <binbin.wu@linux.intel.com>, Chao Gao <chao.gao@intel.com>,
	Chenyi Qiang <chenyi.qiang@intel.com>,
 Dave Hansen <dave.hansen@linux.intel.com>,
	Erdem Aktas <erdemaktas@google.com>, Ira Weiny <ira.weiny@intel.com>,
	Isaku Yamahata <isaku.yamahata@intel.com>, Kiryl Shutsemau <kas@kernel.org>,
	linux-kselftest@vger.kernel.org, Paolo Bonzini <pbonzini@redhat.com>,
	"Pratik R. Sampat" <pratikrajesh.sampat@amd.com>,
 Reinette Chatre <reinette.chatre@intel.com>,
	Rick Edgecombe <rick.p.edgecombe@intel.com>,
 Roger Wang <runanwang@google.com>,
	Ryan Afranji <afranji@google.com>, Sagi Shahar <sagis@google.com>,
	Sean Christopherson <seanjc@google.com>, Shuah Khan <shuah@kernel.org>,
 Oliver Upton <oupton@kernel.org>
Cc: Jeremiah McReynolds <jmcrey@google.com>, kvm@vger.kernel.org,
 linux-coco@lists.linux.dev,
	linux-kernel@vger.kernel.org, x86@kernel.org, Lisa Wang <wyihan@google.com>,
	Adrian Hunter <adrian.hunter@intel.com>
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable

From: Isaku Yamahata <isaku.yamahata@intel.com>

Initialize the TDX S-bit and the GPA tag mask in
kvm_init_vm_address_properties() for TDX VMs, similar to how the C-bit
is initialized for SEV VMs.

The TDX S-bit is used to distinguish between shared and private guest
physical addresses. Its position is determined by the guest physical
address width, which is either 48 or 52 bits for current TDX
implementations.

Reviewed-by: Binbin Wu <binbin.wu@linux.intel.com>
Co-developed-by: Adrian Hunter <adrian.hunter@intel.com>
Signed-off-by: Adrian Hunter <adrian.hunter@intel.com>
Signed-off-by: Isaku Yamahata <isaku.yamahata@intel.com>
Co-developed-by: Sagi Shahar <sagis@google.com>
Signed-off-by: Sagi Shahar <sagis@google.com>
Reviewed-by: Ira Weiny <ira.weiny@intel.com>
Signed-off-by: Lisa Wang <wyihan@google.com>
---
 tools/testing/selftests/kvm/include/x86/tdx/tdx_util.h | 14 ++++++++++++++
 tools/testing/selftests/kvm/lib/x86/processor.c        | 12 ++++++++++--
 2 files changed, 24 insertions(+), 2 deletions(-)

diff --git a/tools/testing/selftests/kvm/include/x86/tdx/tdx_util.h b/tools=
/testing/selftests/kvm/include/x86/tdx/tdx_util.h
new file mode 100644
index 000000000000..f647e6ca6b34
--- /dev/null
+++ b/tools/testing/selftests/kvm/include/x86/tdx/tdx_util.h
@@ -0,0 +1,14 @@
+/* SPDX-License-Identifier: GPL-2.0-only */
+#ifndef SELFTESTS_TDX_TDX_UTIL_H
+#define SELFTESTS_TDX_TDX_UTIL_H
+
+#include <stdbool.h>
+
+#include "kvm_util.h"
+
+static inline bool is_tdx_vm(struct kvm_vm *vm)
+{
+	return vm->type =3D=3D KVM_X86_TDX_VM;
+}
+
+#endif /* SELFTESTS_TDX_TDX_UTIL_H */
diff --git a/tools/testing/selftests/kvm/lib/x86/processor.c b/tools/testin=
g/selftests/kvm/lib/x86/processor.c
index b51467d70f6e..b68ad1dc7e02 100644
--- a/tools/testing/selftests/kvm/lib/x86/processor.c
+++ b/tools/testing/selftests/kvm/lib/x86/processor.c
@@ -11,6 +11,7 @@
 #include "smm.h"
 #include "svm_util.h"
 #include "sev.h"
+#include "tdx/tdx_util.h"
 #include "vmx.h"
=20
 #ifndef NUM_INTERRUPTS
@@ -1311,12 +1312,19 @@ void kvm_get_cpu_address_width(unsigned int *pa_bit=
s, unsigned int *va_bits)
=20
 void kvm_init_vm_address_properties(struct kvm_vm *vm)
 {
+	u32 gpa_bits =3D kvm_cpu_property(X86_PROPERTY_GUEST_MAX_PHY_ADDR);
+
+	vm->arch.sev_fd =3D -1;
+
 	if (is_sev_vm(vm)) {
 		vm->arch.sev_fd =3D open_sev_dev_path_or_exit();
 		vm->arch.c_bit =3D BIT_ULL(this_cpu_property(X86_PROPERTY_SEV_C_BIT));
 		vm->gpa_tag_mask =3D vm->arch.c_bit;
-	} else {
-		vm->arch.sev_fd =3D -1;
+	} else if (is_tdx_vm(vm)) {
+		TEST_ASSERT(gpa_bits =3D=3D 48 || gpa_bits =3D=3D 52,
+			    "TDX: bad X86_PROPERTY_GUEST_MAX_PHY_ADDR value: %u", gpa_bits);
+		vm->arch.s_bit =3D BIT_ULL(gpa_bits - 1);
+		vm->gpa_tag_mask =3D vm->arch.s_bit;
 	}
 }
=20

--=20
2.54.0.746.g67dd491aae-goog
From nobody Sun May 24 19:34:54 2026
Received: from mail-pg1-f202.google.com (mail-pg1-f202.google.com
 [209.85.215.202])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id 045B536DA1B
	for <linux-kernel@vger.kernel.org>; Thu, 21 May 2026 23:17:24 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org;
 arc=none smtp.client-ip=209.85.215.202
ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;
	t=1779405447; cv=none;
 b=JT+OKrxzcrqtIBrucrw3sAsXkJsTRlk3ZiQd2fZJvK1wpEh+NGuGTjKWgP5Nea9Y5Ih53Mhupo4CfbjvR5IgMLLTtYk9CuDn/pfBBy+ofEc324ncbU784/3ZxOy79QXJt+J21A+aLcyWtEGm/nvwKVljXnYPH5hxLUfqsDEGz60=
ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org;
	s=arc-20240116; t=1779405447; c=relaxed/simple;
	bh=RIR1dGxcq4VEIfYiThYtlk/4kmxE7++RxDLWv+eCXrs=;
	h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From:
	 To:Cc:Content-Type;
 b=Ayh3B0o2+DBbc96DWbAjxb7Rt48W7z7ETybNZCOfVQpsNUagxQxBRtX0m4uDpjpztYJ5OGFJ4ib9fcB7MAt4mgf01pPLSk0ORadydZleKXloDNmk1jLk92OJCiso6XCpsxsS9YyAzYxcJKIL2qfeBnGU12Q+Cf6s9LIdxGMPy8g=
ARC-Authentication-Results: i=1; smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com;
 spf=pass smtp.mailfrom=flex--wyihan.bounces.google.com;
 dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b=URw65pb5; arc=none smtp.client-ip=209.85.215.202
Authentication-Results: smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com
Authentication-Results: smtp.subspace.kernel.org;
 spf=pass smtp.mailfrom=flex--wyihan.bounces.google.com
Authentication-Results: smtp.subspace.kernel.org;
	dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b="URw65pb5"
Received: by mail-pg1-f202.google.com with SMTP id
 41be03b00d2f7-c82c477290bso3509800a12.3
        for <linux-kernel@vger.kernel.org>;
 Thu, 21 May 2026 16:17:24 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=google.com; s=20251104; t=1779405444; x=1780010244;
 darn=vger.kernel.org;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:from:to:cc:subject:date:message-id:reply-to;
        bh=M90a7tnp7iacqS5P6uyhPKxrpu73J+iw0HSxj+ExSLc=;
        b=URw65pb5zU36PQ3q51XzlhIhKNFlvJIS5u98mCbH1HqFafXA8DZqnwlz5hua4cQZ8F
         D4xeSIToYnSlwrWnh+6BN5/1rJrHhuBAarizh0Te7QLIYt2EGWEId4Jini/O8zFhTxyP
         in8NfCYB2feHu7urt/SCM7v2TyEebMJkoQDnbxewhOCpS2sRjaR4O3vCV0v7Ix5B9DIw
         dfZBUf1Vlf8kwM8bf7q6Dko5x55QfzvHHUm/OgX3HfooRwoMZyymm3z5R6ktRh3eqZnp
         XxWhLnME9y4KGp804zf0P0yN1lIy+1dDglOXNaEkHfs41i6aQhANIbFsYM5RXFsldUJM
         Xyzg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20251104; t=1779405444; x=1780010244;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to;
        bh=M90a7tnp7iacqS5P6uyhPKxrpu73J+iw0HSxj+ExSLc=;
        b=KTh63xX5a1VXlj8R4mA2gvrAcrggWs9bk1/GRfnHpsZ3svJnbKbYjZyyPXY62wfEhu
         8oKf/1AV0i6X6cid8FTJlys2Y1yiyCx/AuRxATXyWHqk5NKQtR+C1uVP1ITd9ebyuPjO
         wg3MbYUsBFKBTX7vTEPUszCjiYPJbHpkur1HVOGRyabSiyUoVXk/xoXDu9IM6V39TG+j
         fBQEytd1qCCP4AXIYYeWadfPS4zTtm4ni3SxMcSoBfLtETW78rbdV+Fu0PHGxgc1V/Yj
         HXkNWVsRdCmKgsMhefwLSNQTwq7Ibci5RD3tt/GEbkWXgaYYnnsGhNKfxLYyHupoWGsk
         18xg==
X-Forwarded-Encrypted: i=1;
 AFNElJ/h5wIQ3Pxbm3f6kGk3JYANhgZAxODfPcDmHT04wRVcck7XGHM986bLgXjjB8ljTRvnRERojJ2lUkq/nkM=@vger.kernel.org
X-Gm-Message-State: AOJu0Yz2MRoy/Hr/yOvxyP9fZHc/muIIEYlOWLF6MYurCp8E9nzFQf+2
	nVk8msjjYLawgprF2MHxPwHEfIHFalXHbSOw3Q4hart56b4CnzNZhYg+B7nh041qO53m5/GsTke
	2eyKL1g==
X-Received: from pgn32.prod.google.com ([2002:a63:d60:0:b0:c85:123d:1ae0])
 (user=wyihan job=prod-delivery.src-stubby-dispatcher) by
 2002:a05:6a21:398a:b0:3a2:c683:fa84
 with SMTP id adf61e73a8af0-3b328e5a459mr965243637.27.1779405443980; Thu, 21
 May 2026 16:17:23 -0700 (PDT)
Date: Thu, 21 May 2026 23:16:44 +0000
In-Reply-To: <20260521-tdx-selftests-v13-v13-0-6983ae4c3a4d@google.com>
Precedence: bulk
X-Mailing-List: linux-kernel@vger.kernel.org
List-Id: <linux-kernel.vger.kernel.org>
List-Subscribe: <mailto:linux-kernel+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:linux-kernel+unsubscribe@vger.kernel.org>
Mime-Version: 1.0
References: <20260521-tdx-selftests-v13-v13-0-6983ae4c3a4d@google.com>
X-Developer-Key: i=wyihan@google.com; a=ed25519;
 pk=cRi0fKzS5BMxlHyHY2pJv3w/1zcgfYKr6EYGYppdMYc=
X-Developer-Signature: v=1; a=ed25519-sha256; t=1779405439; l=6985;
 i=wyihan@google.com; s=20260319; h=from:subject:message-id;
 bh=sZhbUwLmGA97CQa4ynmsZKv+RX+miGLowBebjw8z+ng=;
 b=GF1hqvSOdAuOldHXqofvpgbLnK2xrZnfLatmmXbbgAGecn10YoiPBVvpT7sQ0iaeb9KQVdbzO
 McP/21Cny9gBcWxCiSDvT0h1wwYF9yYVOQ5gqQ8IZ4GZnwPr4l9kKee
X-Mailer: b4 0.14.3
Message-ID: <20260521-tdx-selftests-v13-v13-3-6983ae4c3a4d@google.com>
Subject: [PATCH  v13 03/22] KVM: selftests: Initialize the TDX VM
From: Lisa Wang <wyihan@google.com>
To: Andrew Jones <ajones@ventanamicro.com>,
 Ackerley Tng <ackerleytng@google.com>,
	Binbin Wu <binbin.wu@linux.intel.com>, Chao Gao <chao.gao@intel.com>,
	Chenyi Qiang <chenyi.qiang@intel.com>,
 Dave Hansen <dave.hansen@linux.intel.com>,
	Erdem Aktas <erdemaktas@google.com>, Ira Weiny <ira.weiny@intel.com>,
	Isaku Yamahata <isaku.yamahata@intel.com>, Kiryl Shutsemau <kas@kernel.org>,
	linux-kselftest@vger.kernel.org, Paolo Bonzini <pbonzini@redhat.com>,
	"Pratik R. Sampat" <pratikrajesh.sampat@amd.com>,
 Reinette Chatre <reinette.chatre@intel.com>,
	Rick Edgecombe <rick.p.edgecombe@intel.com>,
 Roger Wang <runanwang@google.com>,
	Ryan Afranji <afranji@google.com>, Sagi Shahar <sagis@google.com>,
	Sean Christopherson <seanjc@google.com>, Shuah Khan <shuah@kernel.org>,
 Oliver Upton <oupton@kernel.org>
Cc: Jeremiah McReynolds <jmcrey@google.com>, kvm@vger.kernel.org,
 linux-coco@lists.linux.dev,
	linux-kernel@vger.kernel.org, x86@kernel.org, Lisa Wang <wyihan@google.com>
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable

From: Sagi Shahar <sagis@google.com>

Add tdx_init_vm() to handle the mandatory VM-level initialization
sequence required for Intel TDX.

For TDX, the guest's CPUID configuration must be "sealed" during
KVM_TDX_INIT_VM before any vCPUs are created. This is necessary because
the TDX hardware directly virtualizes CPUID and includes the
configuration in the guest's initial security measurement.

The helper calculates the required CPUID values by filtering the host-
supported bits (kvm_get_supported_cpuid) against the "directly
configurable" bits reported by KVM_TDX_CAPABILITIES, ensuring
compliance with the strict requirements of the TDH.MNG.INIT SEAMCALL.

Co-developed-by: Isaku Yamahata <isaku.yamahata@intel.com>
Signed-off-by: Isaku Yamahata <isaku.yamahata@intel.com>
Co-developed-by: Rick Edgecombe <rick.p.edgecombe@intel.com>
Signed-off-by: Rick Edgecombe <rick.p.edgecombe@intel.com>
Signed-off-by: Sagi Shahar <sagis@google.com>
Reviewed-by: Ira Weiny <ira.weiny@intel.com>
Signed-off-by: Lisa Wang <wyihan@google.com>
---
 .../selftests/kvm/include/x86/tdx/tdx_util.h       |  30 +++++
 tools/testing/selftests/kvm/lib/x86/processor.c    |   3 +
 tools/testing/selftests/kvm/lib/x86/tdx/tdx_util.c | 137 +++++++++++++++++=
++++
 3 files changed, 170 insertions(+)

diff --git a/tools/testing/selftests/kvm/include/x86/tdx/tdx_util.h b/tools=
/testing/selftests/kvm/include/x86/tdx/tdx_util.h
index f647e6ca6b34..48d4bd36c35b 100644
--- a/tools/testing/selftests/kvm/include/x86/tdx/tdx_util.h
+++ b/tools/testing/selftests/kvm/include/x86/tdx/tdx_util.h
@@ -11,4 +11,34 @@ static inline bool is_tdx_vm(struct kvm_vm *vm)
 	return vm->type =3D=3D KVM_X86_TDX_VM;
 }
=20
+/*
+ * TDX ioctls
+ * Use underscores to avoid collisions with struct member names.
+ */
+#define __tdx_vm_ioctl(vm, cmd, _flags, arg)				\
+({									\
+	int r;								\
+									\
+	union {								\
+		struct kvm_tdx_cmd c;					\
+		unsigned long raw;					\
+	} tdx_cmd =3D { .c =3D {						\
+		.id =3D (cmd),						\
+		.flags =3D (u32)(_flags),				\
+		.data =3D (u64)(arg),				\
+	} };								\
+									\
+	r =3D __vm_ioctl(vm, KVM_MEMORY_ENCRYPT_OP, &tdx_cmd.raw);	\
+	r ?: tdx_cmd.c.hw_error;					\
+})
+
+#define tdx_vm_ioctl(vm, cmd, flags, arg)				\
+({									\
+	int ret =3D __tdx_vm_ioctl(vm, cmd, flags, arg);			\
+									\
+	__TEST_ASSERT_VM_VCPU_IOCTL(!ret, #cmd,	ret, vm);		\
+})
+
+void tdx_init_vm(struct kvm_vm *vm, u64 attributes);
+
 #endif /* SELFTESTS_TDX_TDX_UTIL_H */
diff --git a/tools/testing/selftests/kvm/lib/x86/processor.c b/tools/testin=
g/selftests/kvm/lib/x86/processor.c
index b68ad1dc7e02..8d06e7186df1 100644
--- a/tools/testing/selftests/kvm/lib/x86/processor.c
+++ b/tools/testing/selftests/kvm/lib/x86/processor.c
@@ -802,6 +802,9 @@ void kvm_arch_vm_post_create(struct kvm_vm *vm, unsigne=
d int nr_vcpus)
 		vm_sev_ioctl(vm, KVM_SEV_INIT2, &init);
 	}
=20
+	if (is_tdx_vm(vm))
+		tdx_init_vm(vm, 0);
+
 	r =3D __vm_ioctl(vm, KVM_GET_TSC_KHZ, NULL);
 	TEST_ASSERT(r > 0, "KVM_GET_TSC_KHZ did not provide a valid TSC frequency=
.");
 	guest_tsc_khz =3D r;
diff --git a/tools/testing/selftests/kvm/lib/x86/tdx/tdx_util.c b/tools/tes=
ting/selftests/kvm/lib/x86/tdx/tdx_util.c
new file mode 100644
index 000000000000..868ff62e22f2
--- /dev/null
+++ b/tools/testing/selftests/kvm/lib/x86/tdx/tdx_util.c
@@ -0,0 +1,137 @@
+// SPDX-License-Identifier: GPL-2.0-only
+
+#include "kvm_util.h"
+#include "processor.h"
+#include "tdx/tdx_util.h"
+
+static struct kvm_tdx_capabilities *tdx_read_capabilities(struct kvm_vm *v=
m)
+{
+	struct kvm_tdx_capabilities *tdx_cap =3D NULL;
+	int nr_cpuid_configs =3D 4;
+	int rc =3D -1;
+	int i;
+
+	do {
+		nr_cpuid_configs *=3D 2;
+
+		tdx_cap =3D realloc(tdx_cap, sizeof(*tdx_cap) +
+					   sizeof(tdx_cap->cpuid) +
+					   (sizeof(struct kvm_cpuid_entry2) * nr_cpuid_configs));
+		TEST_ASSERT(tdx_cap,
+			    "Could not allocate memory for tdx capability nr_cpuid_configs %d\n=
",
+			    nr_cpuid_configs);
+
+		tdx_cap->cpuid.nent =3D nr_cpuid_configs;
+		rc =3D __tdx_vm_ioctl(vm, KVM_TDX_CAPABILITIES, 0, tdx_cap);
+	} while (rc < 0 && errno =3D=3D E2BIG);
+
+	TEST_ASSERT(rc =3D=3D 0, "KVM_TDX_CAPABILITIES failed: %d %d",
+		    rc, errno);
+
+	pr_debug("tdx_cap: supported_attrs: 0x%016llx\n"
+		 "tdx_cap: supported_xfam 0x%016llx\n",
+		 tdx_cap->supported_attrs, tdx_cap->supported_xfam);
+
+	for (i =3D 0; i < tdx_cap->cpuid.nent; i++) {
+		const struct kvm_cpuid_entry2 *config =3D &tdx_cap->cpuid.entries[i];
+
+		pr_debug("cpuid config[%d]: leaf 0x%x sub_leaf 0x%x eax 0x%08x ebx 0x%08=
x ecx 0x%08x edx 0x%08x\n",
+			 i, config->function, config->index,
+			 config->eax, config->ebx, config->ecx, config->edx);
+	}
+
+	return tdx_cap;
+}
+
+static struct kvm_cpuid_entry2 *tdx_find_cpuid_config(struct kvm_tdx_capab=
ilities *cap,
+						      u32 leaf, u32 sub_leaf)
+{
+	struct kvm_cpuid_entry2 *config;
+	u32 i;
+
+	for (i =3D 0; i < cap->cpuid.nent; i++) {
+		config =3D &cap->cpuid.entries[i];
+
+		if (config->function =3D=3D leaf && config->index =3D=3D sub_leaf)
+			return config;
+	}
+
+	return NULL;
+}
+
+/*
+ * Filter CPUID based on TDX supported capabilities
+ *
+ * Input Args:
+ *   vm - Virtual Machine
+ *   cpuid_data - CPUID fields to filter
+ *
+ * Output Args: None
+ *
+ * Return: None
+ *
+ * For each CPUID leaf, filter out non-supported bits based on the capabil=
ities reported
+ * by the TDX module
+ */
+static void tdx_filter_cpuid(struct kvm_vm *vm,
+			     struct kvm_cpuid2 *cpuid_data)
+{
+	struct kvm_tdx_capabilities *tdx_cap;
+	struct kvm_cpuid_entry2 *config;
+	struct kvm_cpuid_entry2 *e;
+	int i;
+
+	tdx_cap =3D tdx_read_capabilities(vm);
+
+	i =3D 0;
+	while (i < cpuid_data->nent) {
+		e =3D cpuid_data->entries + i;
+		config =3D tdx_find_cpuid_config(tdx_cap, e->function, e->index);
+
+		if (!config) {
+			int left =3D cpuid_data->nent - i - 1;
+
+			if (left > 0)
+				memmove(cpuid_data->entries + i,
+					cpuid_data->entries + i + 1,
+					sizeof(*cpuid_data->entries) * left);
+			cpuid_data->nent--;
+			continue;
+		}
+
+		e->eax &=3D config->eax;
+		e->ebx &=3D config->ebx;
+		e->ecx &=3D config->ecx;
+		e->edx &=3D config->edx;
+
+		i++;
+	}
+
+	free(tdx_cap);
+}
+
+void tdx_init_vm(struct kvm_vm *vm, u64 attributes)
+{
+	struct kvm_tdx_init_vm *init_vm;
+	const struct kvm_cpuid2 *tmp;
+	struct kvm_cpuid2 *cpuid;
+
+	tmp =3D kvm_get_supported_cpuid();
+
+	cpuid =3D allocate_kvm_cpuid2(tmp->nent);
+	memcpy(cpuid, tmp, kvm_cpuid2_size(tmp->nent));
+	tdx_filter_cpuid(vm, cpuid);
+
+	init_vm =3D calloc(1, sizeof(*init_vm) +
+			 sizeof(init_vm->cpuid.entries[0]) * cpuid->nent);
+	TEST_ASSERT(init_vm, "init_vm allocation failed");
+
+	memcpy(&init_vm->cpuid, cpuid, kvm_cpuid2_size(cpuid->nent));
+	free(cpuid);
+
+	init_vm->attributes =3D attributes;
+
+	tdx_vm_ioctl(vm, KVM_TDX_INIT_VM, 0, init_vm);
+
+	free(init_vm);
+}

--=20
2.54.0.746.g67dd491aae-goog
From nobody Sun May 24 19:34:54 2026
Received: from mail-pl1-f201.google.com (mail-pl1-f201.google.com
 [209.85.214.201])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id A210B365A1D
	for <linux-kernel@vger.kernel.org>; Thu, 21 May 2026 23:17:25 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org;
 arc=none smtp.client-ip=209.85.214.201
ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;
	t=1779405448; cv=none;
 b=q8dpqCYqszh2UAUdHbNHr/n/NJVHvOQFdahpEyZJAX2mIDBOr8GQ0cTabLI82NNivPE0oLuGxOX8cuOF8wcik4QlBjxTE+Yzcx35GIBfrxbQa1PbxokH8Essyn7QuxtXYrpcoatLznJQV26743itoRMAJjiYEwGOY7uRvJq/6/8=
ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org;
	s=arc-20240116; t=1779405448; c=relaxed/simple;
	bh=/ikqpmqE+DNbwk8ZasaSPnLDlqFFZVhzhj9NNBVLUKo=;
	h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From:
	 To:Cc:Content-Type;
 b=onTInnjTjO0dn632pr1yogzO/fXSrxFszpQEH95AA6pw0YOozob1ihun75SeV+NmmS+1rkfI3jDEhXdKOl7FtqbwxuJ5tjI5FzFws95LAY8C4pQptJ1fipqjogwJC7EeXzZ1RU7saqVyoeBnWnFUGlGlUKpwz5cT0AFoNiJULjk=
ARC-Authentication-Results: i=1; smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com;
 spf=pass smtp.mailfrom=flex--wyihan.bounces.google.com;
 dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b=SWpuakid; arc=none smtp.client-ip=209.85.214.201
Authentication-Results: smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com
Authentication-Results: smtp.subspace.kernel.org;
 spf=pass smtp.mailfrom=flex--wyihan.bounces.google.com
Authentication-Results: smtp.subspace.kernel.org;
	dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b="SWpuakid"
Received: by mail-pl1-f201.google.com with SMTP id
 d9443c01a7336-2bd1dbcccf6so110782885ad.2
        for <linux-kernel@vger.kernel.org>;
 Thu, 21 May 2026 16:17:25 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=google.com; s=20251104; t=1779405445; x=1780010245;
 darn=vger.kernel.org;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:from:to:cc:subject:date:message-id:reply-to;
        bh=kfsTBh74zO/72fegZAfmLQ14a37FMIV7nJgHfXozZ0I=;
        b=SWpuakidvxcRQZJyefwrTLoKhlCiAKea8TNjkw8zbDsbVnA2cM6H6hhz4Enl3C2mry
         wC2QhFwPpNke34E1cQWUK8wAG/BdDZGn1DTh3w3hvazH2WJAl901ItThvwarBTbxkl+j
         O2JneZydjt0ZGZlziasHMREaoaw8Riw5qCrBXaRp/3w25F+ID+eoDSMZaAl5ILMms+jN
         qFDYP4XvRoOgebyQzgkieZZHXdFAmDg5YNszPh2I2NUGFnsd4E7DQZDZN1zpetJWTQRg
         a6+WxUrlpWoNKd5Ws8Ky4Bjbn4Tt3sJycZFzFRKPit804raL49YJRJMZbWpEFr+ff6Br
         bPgQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20251104; t=1779405445; x=1780010245;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to;
        bh=kfsTBh74zO/72fegZAfmLQ14a37FMIV7nJgHfXozZ0I=;
        b=A/BCw/n8aURS1HGc56yKea0CWOgdOsZF8pN01pWO4YtOh+2sxY0A3u8SL7OsWuDWC2
         FjfQo6CNkpMvjuc4x65Jw3K6HM+XsC3/MT6M2oEweT7pcHOF19eT5R+QTVM9flMHmEq3
         VqRpj+ZBzgc/Au1qv6r1LK8fLh9wkoAdevQSbFYSVo9aFcO3vh1ecKt4YnEeCqq2gSWX
         9sEJN42FvtmpHbSbC9QW1KmyeHsR2gFIMtgPhL9Xog6OWO7iJW58GFiZ+EGurp3Qrkbu
         QBK/Oh/dvpwh3opGyCpPvE1bSL6/WXZYwY4j41hIzVlzdQN2o8iIC/pLD5rhqQR1uEBu
         aKiA==
X-Forwarded-Encrypted: i=1;
 AFNElJ9bKRP0lupZD3b/5yWxdxWH8xkiv9lILKIIPesl9t5syjAXzGRGgkxrcGojNLz32P3jjREJpf/Zoudlv3U=@vger.kernel.org
X-Gm-Message-State: AOJu0YzzIuUBOxV9Y0/cM53keeKgPV1ioHq463dIUDH8r+GFq/gLV6Rk
	+ZDZ1zcFEFp/NHu5clPUP8jJxfBVDAm6GhtPS4rRH3YDxMnR2ZojDyPrPOASpFXDu3wrpnGlGZK
	WqNTuAw==
X-Received: from plfn12.prod.google.com ([2002:a17:902:e54c:b0:2bd:2711:a0d3])
 (user=wyihan job=prod-delivery.src-stubby-dispatcher) by
 2002:a17:903:3b8b:b0:2b4:63c8:ce18
 with SMTP id d9443c01a7336-2beb05a4cd9mr9918675ad.12.1779405444904; Thu, 21
 May 2026 16:17:24 -0700 (PDT)
Date: Thu, 21 May 2026 23:16:45 +0000
In-Reply-To: <20260521-tdx-selftests-v13-v13-0-6983ae4c3a4d@google.com>
Precedence: bulk
X-Mailing-List: linux-kernel@vger.kernel.org
List-Id: <linux-kernel.vger.kernel.org>
List-Subscribe: <mailto:linux-kernel+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:linux-kernel+unsubscribe@vger.kernel.org>
Mime-Version: 1.0
References: <20260521-tdx-selftests-v13-v13-0-6983ae4c3a4d@google.com>
X-Developer-Key: i=wyihan@google.com; a=ed25519;
 pk=cRi0fKzS5BMxlHyHY2pJv3w/1zcgfYKr6EYGYppdMYc=
X-Developer-Signature: v=1; a=ed25519-sha256; t=1779405439; l=1755;
 i=wyihan@google.com; s=20260319; h=from:subject:message-id;
 bh=/MQdgEc/h7i+uzxsvqrPX6CKbZfIx+FZ7QuCfWgiUcM=;
 b=zYqPKl+0PgIvqPdDBBtRymGcofvU8gAR4TrOXAPOM8BmRvbWUfMGwj0bzxV7hqNZ548vHmcsB
 dh012449LQTBUi2V/D6kMZO8+C0pOlo7VqJm5OW7mceFC2nAQeLc5VE
X-Mailer: b4 0.14.3
Message-ID: <20260521-tdx-selftests-v13-v13-4-6983ae4c3a4d@google.com>
Subject: [PATCH  v13 04/22] KVM: selftests: TDX: Use KVM_TDX_CAPABILITIES to
 validate TDs' attribute configuration
From: Lisa Wang <wyihan@google.com>
To: Andrew Jones <ajones@ventanamicro.com>,
 Ackerley Tng <ackerleytng@google.com>,
	Binbin Wu <binbin.wu@linux.intel.com>, Chao Gao <chao.gao@intel.com>,
	Chenyi Qiang <chenyi.qiang@intel.com>,
 Dave Hansen <dave.hansen@linux.intel.com>,
	Erdem Aktas <erdemaktas@google.com>, Ira Weiny <ira.weiny@intel.com>,
	Isaku Yamahata <isaku.yamahata@intel.com>, Kiryl Shutsemau <kas@kernel.org>,
	linux-kselftest@vger.kernel.org, Paolo Bonzini <pbonzini@redhat.com>,
	"Pratik R. Sampat" <pratikrajesh.sampat@amd.com>,
 Reinette Chatre <reinette.chatre@intel.com>,
	Rick Edgecombe <rick.p.edgecombe@intel.com>,
 Roger Wang <runanwang@google.com>,
	Ryan Afranji <afranji@google.com>, Sagi Shahar <sagis@google.com>,
	Sean Christopherson <seanjc@google.com>, Shuah Khan <shuah@kernel.org>,
 Oliver Upton <oupton@kernel.org>
Cc: Jeremiah McReynolds <jmcrey@google.com>, kvm@vger.kernel.org,
 linux-coco@lists.linux.dev,
	linux-kernel@vger.kernel.org, x86@kernel.org, Lisa Wang <wyihan@google.com>
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable

From: Isaku Yamahata <isaku.yamahata@intel.com>

Make sure that all the attributes enabled by the test are reported as
supported by both the TDX module and KVM. KVM filters out the attributes
not supported by itself.

This also exercises the KVM_TDX_CAPABILITIES ioctl.

Signed-off-by: Isaku Yamahata <isaku.yamahata@intel.com>
Co-developed-by: Sagi Shahar <sagis@google.com>
Signed-off-by: Sagi Shahar <sagis@google.com>
Reviewed-by: Binbin Wu <binbin.wu@linux.intel.com>
Reviewed-by: Ira Weiny <ira.weiny@intel.com>
Signed-off-by: Lisa Wang <wyihan@google.com>
---
 tools/testing/selftests/kvm/lib/x86/tdx/tdx_util.c | 14 ++++++++++++++
 1 file changed, 14 insertions(+)

diff --git a/tools/testing/selftests/kvm/lib/x86/tdx/tdx_util.c b/tools/tes=
ting/selftests/kvm/lib/x86/tdx/tdx_util.c
index 868ff62e22f2..e5c998874a0d 100644
--- a/tools/testing/selftests/kvm/lib/x86/tdx/tdx_util.c
+++ b/tools/testing/selftests/kvm/lib/x86/tdx/tdx_util.c
@@ -110,6 +110,18 @@ static void tdx_filter_cpuid(struct kvm_vm *vm,
 	free(tdx_cap);
 }
=20
+static void tdx_check_attributes(struct kvm_vm *vm, u64 attributes)
+{
+	struct kvm_tdx_capabilities *tdx_cap;
+
+	tdx_cap =3D tdx_read_capabilities(vm);
+
+	/* Make sure all the attributes are reported as supported */
+	TEST_ASSERT_EQ(attributes & tdx_cap->supported_attrs, attributes);
+
+	free(tdx_cap);
+}
+
 void tdx_init_vm(struct kvm_vm *vm, u64 attributes)
 {
 	struct kvm_tdx_init_vm *init_vm;
@@ -129,6 +141,8 @@ void tdx_init_vm(struct kvm_vm *vm, u64 attributes)
 	memcpy(&init_vm->cpuid, cpuid, kvm_cpuid2_size(cpuid->nent));
 	free(cpuid);
=20
+	tdx_check_attributes(vm, attributes);
+
 	init_vm->attributes =3D attributes;
=20
 	tdx_vm_ioctl(vm, KVM_TDX_INIT_VM, 0, init_vm);

--=20
2.54.0.746.g67dd491aae-goog
From nobody Sun May 24 19:34:54 2026
Received: from mail-pj1-f74.google.com (mail-pj1-f74.google.com
 [209.85.216.74])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id 34622372686
	for <linux-kernel@vger.kernel.org>; Thu, 21 May 2026 23:17:27 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org;
 arc=none smtp.client-ip=209.85.216.74
ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;
	t=1779405448; cv=none;
 b=hVVU4ZeCxmeRJ1SRz/ZXGku7bUR4/jpCPr6wa/mqWkpJD8zy/jBIH2semQgYTd+km5+E2oAKpxghgEB//RZ5fMPkJ/9MMYZPdbb+7hJLzoZOFsbHFdVDU9zHDuVSCs1lcsq01Fe6MIWyF2hqb3af0ecBs8J+v8X0OS+mbEd52SE=
ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org;
	s=arc-20240116; t=1779405448; c=relaxed/simple;
	bh=Yqcf2ZtCL2pZ/li1Zx21CJVqksuqw+042UtUypJf2Os=;
	h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From:
	 To:Cc:Content-Type;
 b=iv8+KygZWi/ZKZSb7O80/jvyCBNOjjcMVJ7WISutEQR6uVGKAR9IW1xaxOc02sl3FJymAYkiK3nxo3QN7XS/AXk8PCWOwx8d8rKdffd1L6IcfMsmLPkR27BOQiXGIwKPGnGbV0CU9kI7Dp4g5knT4BPDIaDxI/+frCe5S2amRJI=
ARC-Authentication-Results: i=1; smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com;
 spf=pass smtp.mailfrom=flex--wyihan.bounces.google.com;
 dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b=jJv+7U3m; arc=none smtp.client-ip=209.85.216.74
Authentication-Results: smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com
Authentication-Results: smtp.subspace.kernel.org;
 spf=pass smtp.mailfrom=flex--wyihan.bounces.google.com
Authentication-Results: smtp.subspace.kernel.org;
	dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b="jJv+7U3m"
Received: by mail-pj1-f74.google.com with SMTP id
 98e67ed59e1d1-368ac44b26dso5713314a91.2
        for <linux-kernel@vger.kernel.org>;
 Thu, 21 May 2026 16:17:27 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=google.com; s=20251104; t=1779405446; x=1780010246;
 darn=vger.kernel.org;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:from:to:cc:subject:date:message-id:reply-to;
        bh=iTXdOOSDiQ937nyHyL9uNvA+3VdhPmcIfYckAt3V7kM=;
        b=jJv+7U3mRTHXoSPW5VEHNeVi1Z6E5BN7nFUfNUwTHUJW1TFbUTD/gQ9CyDOBxqidY4
         7Lt3d6fXTb+MNi019POO4AV8lneWp4nLTMLpI/KNVJPp5aidQKElitBbDdz+6CWIO1Pn
         sRv3oLIMs22TNobZNq8hMKk3v9rEphWlF/kzd++jlHIl6+VCQ7bjFTN69QNkJ0sRxMQ3
         q4+bEtTBGRIazfGQKlP0ahg6dxarlY3Nwkf4g1jYcjTyTM0ucQkBDadmeqpBk5+myUPq
         CD+VSVruTnhQOsYbbL8AA86YNUoQ/zAPY/hZcT7mbW4OYCBcpu1QDY0BXWcjBxD6g6Wb
         rJ6Q==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20251104; t=1779405446; x=1780010246;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to;
        bh=iTXdOOSDiQ937nyHyL9uNvA+3VdhPmcIfYckAt3V7kM=;
        b=TfFDfFZhWCKJu6ARNqABLhYfnBHRFsmxb21A0CvMkVpE15SFl5udLkEixGplypn5Iq
         O6a8QlfmAwchm1MWjy481XqQOM2FtMCj0ZbsoDlhqUEAj7IEuoQ/ZT4mvGWufzWXxJu6
         t/MC/fAlAwXovR1UH2MD3yWgkgLIXJ6jfQG/ykXunsnDRBlyn3XCodXri0jG3ln+TKlH
         1aXsM0f7cWa/F72eO8qboWWBZysW2nWNbvFqfzHtlihTsJMOtM3K/pigNMdYp56YrJHy
         r/oZ1pnnEtgeK2jfpzTSmhvrTwCz3R9s7mCqoK06z9WHCXP12dhgfU/xd2JY+d4/AE5W
         BLMA==
X-Forwarded-Encrypted: i=1;
 AFNElJ92cmhmCsNG2gOO0LCb1VNZDzPz6cUdJW7/bdE089L1wm41ys6ykL/8H1Z1di3UICZzCE83/CxE6LZ1G6E=@vger.kernel.org
X-Gm-Message-State: AOJu0YzeGX95Jo5YxhjSC6mIsNAv32sTwoc4/4L14y7c0JkXecSHt9VA
	RyBFOG/jUaCNDFz5mGkDemIqrgiJmIwXMaA8a68C3UU5HtCptsB8YySP5NnNZRaMch0Lf3qx5we
	BmRkyGQ==
X-Received: from pjwo16.prod.google.com ([2002:a17:90a:d250:b0:366:337f:cac4])
 (user=wyihan job=prod-delivery.src-stubby-dispatcher) by
 2002:a17:90b:33c1:b0:366:decb:d119
 with SMTP id 98e67ed59e1d1-36a677303ccmr1032725a91.11.1779405446261; Thu, 21
 May 2026 16:17:26 -0700 (PDT)
Date: Thu, 21 May 2026 23:16:46 +0000
In-Reply-To: <20260521-tdx-selftests-v13-v13-0-6983ae4c3a4d@google.com>
Precedence: bulk
X-Mailing-List: linux-kernel@vger.kernel.org
List-Id: <linux-kernel.vger.kernel.org>
List-Subscribe: <mailto:linux-kernel+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:linux-kernel+unsubscribe@vger.kernel.org>
Mime-Version: 1.0
References: <20260521-tdx-selftests-v13-v13-0-6983ae4c3a4d@google.com>
X-Developer-Key: i=wyihan@google.com; a=ed25519;
 pk=cRi0fKzS5BMxlHyHY2pJv3w/1zcgfYKr6EYGYppdMYc=
X-Developer-Signature: v=1; a=ed25519-sha256; t=1779405439; l=1790;
 i=wyihan@google.com; s=20260319; h=from:subject:message-id;
 bh=pxBlg+u/5Mh8rNUdINlNPKZ9pQQ3gd4AFGSpLoMweI0=;
 b=Bhksl8BuA6r5EzGVF65bM234+KYyAdsEIT0gj8ZWD1p9EpBD2PbIucsQYkWtl2COstjYpuhFW
 PYodxxinzNRB5VxjznB2EXAsa/cKUXAna9cBfvV9ognTQJCAi9LGoN0
X-Mailer: b4 0.14.3
Message-ID: <20260521-tdx-selftests-v13-v13-5-6983ae4c3a4d@google.com>
Subject: [PATCH  v13 05/22] KVM: selftests: Expose segment definitions to
 assembly files
From: Lisa Wang <wyihan@google.com>
To: Andrew Jones <ajones@ventanamicro.com>,
 Ackerley Tng <ackerleytng@google.com>,
	Binbin Wu <binbin.wu@linux.intel.com>, Chao Gao <chao.gao@intel.com>,
	Chenyi Qiang <chenyi.qiang@intel.com>,
 Dave Hansen <dave.hansen@linux.intel.com>,
	Erdem Aktas <erdemaktas@google.com>, Ira Weiny <ira.weiny@intel.com>,
	Isaku Yamahata <isaku.yamahata@intel.com>, Kiryl Shutsemau <kas@kernel.org>,
	linux-kselftest@vger.kernel.org, Paolo Bonzini <pbonzini@redhat.com>,
	"Pratik R. Sampat" <pratikrajesh.sampat@amd.com>,
 Reinette Chatre <reinette.chatre@intel.com>,
	Rick Edgecombe <rick.p.edgecombe@intel.com>,
 Roger Wang <runanwang@google.com>,
	Ryan Afranji <afranji@google.com>, Sagi Shahar <sagis@google.com>,
	Sean Christopherson <seanjc@google.com>, Shuah Khan <shuah@kernel.org>,
 Oliver Upton <oupton@kernel.org>
Cc: Jeremiah McReynolds <jmcrey@google.com>, kvm@vger.kernel.org,
 linux-coco@lists.linux.dev,
	linux-kernel@vger.kernel.org, x86@kernel.org, Lisa Wang <wyihan@google.com>
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable

From: Sagi Shahar <sagis@google.com>

Move kernel segment definitions to a separate file which can be included
from assembly files.

Reviewed-by: Ira Weiny <ira.weiny@intel.com>
Reviewed-by: Binbin Wu <binbin.wu@linux.intel.com>
Signed-off-by: Sagi Shahar <sagis@google.com>
Signed-off-by: Lisa Wang <wyihan@google.com>
---
 tools/testing/selftests/kvm/include/x86/processor_asm.h | 12 ++++++++++++
 tools/testing/selftests/kvm/lib/x86/processor.c         |  5 +----
 2 files changed, 13 insertions(+), 4 deletions(-)

diff --git a/tools/testing/selftests/kvm/include/x86/processor_asm.h b/tool=
s/testing/selftests/kvm/include/x86/processor_asm.h
new file mode 100644
index 000000000000..713b6bc0aeb7
--- /dev/null
+++ b/tools/testing/selftests/kvm/include/x86/processor_asm.h
@@ -0,0 +1,12 @@
+/* SPDX-License-Identifier: GPL-2.0-only */
+/*
+ * Used for storing defines used by both c and assembly code.
+ */
+#ifndef SELFTEST_KVM_PROCESSOR_ASM_H
+#define SELFTEST_KVM_PROCESSOR_ASM_H
+
+#define KERNEL_CS	0x8
+#define KERNEL_DS	0x10
+#define KERNEL_TSS	0x18
+
+#endif  /* SELFTEST_KVM_PROCESSOR_ASM_H */
diff --git a/tools/testing/selftests/kvm/lib/x86/processor.c b/tools/testin=
g/selftests/kvm/lib/x86/processor.c
index 8d06e7186df1..62abfe27fe3a 100644
--- a/tools/testing/selftests/kvm/lib/x86/processor.c
+++ b/tools/testing/selftests/kvm/lib/x86/processor.c
@@ -8,6 +8,7 @@
 #include "kvm_util.h"
 #include "pmu.h"
 #include "processor.h"
+#include "processor_asm.h"
 #include "smm.h"
 #include "svm_util.h"
 #include "sev.h"
@@ -18,10 +19,6 @@
 #define NUM_INTERRUPTS 256
 #endif
=20
-#define KERNEL_CS	0x8
-#define KERNEL_DS	0x10
-#define KERNEL_TSS	0x18
-
 gva_t exception_handlers;
 bool host_cpu_is_amd;
 bool host_cpu_is_intel;

--=20
2.54.0.746.g67dd491aae-goog
From nobody Sun May 24 19:34:54 2026
Received: from mail-pg1-f201.google.com (mail-pg1-f201.google.com
 [209.85.215.201])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id 2468636D51F
	for <linux-kernel@vger.kernel.org>; Thu, 21 May 2026 23:17:28 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org;
 arc=none smtp.client-ip=209.85.215.201
ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;
	t=1779405451; cv=none;
 b=tqzOM6cdijsSLEg1pn7hSQSSgOTCutK4NOkulr8n2Ys+iQ2tlhn6eg1eiCAeqa7kgJbB94M2H3C3uRP6VHrQ2FcmGajtHC2P/OysmHgbUp99Ym28NHP32AtwBopwMhwtHxfOLD5IP1h66k6DLsI+XhgqmFZItFpSaxFFdEJXavQ=
ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org;
	s=arc-20240116; t=1779405451; c=relaxed/simple;
	bh=UoU3vO2bIrWrWLGZciBGOXIHOLrMeb/5nWjFU6hbO/Y=;
	h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From:
	 To:Cc:Content-Type;
 b=mBfn2BfpCN0Ke3bcfNr6+tmWlcSdNJMA+WKQ96obhPm5FANFQ3TgY8rAR24iPwccYkbniG3C7Hdv47s76qQk43FmPCUnLVkhz3oufsCQaeHRHxYSOssmb5QwQl69IXRLOu7sYFAjWlq2D7nvXG5qOy1ykNknnkoOTRuSvumju0I=
ARC-Authentication-Results: i=1; smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com;
 spf=pass smtp.mailfrom=flex--wyihan.bounces.google.com;
 dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b=TfWw+g+J; arc=none smtp.client-ip=209.85.215.201
Authentication-Results: smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com
Authentication-Results: smtp.subspace.kernel.org;
 spf=pass smtp.mailfrom=flex--wyihan.bounces.google.com
Authentication-Results: smtp.subspace.kernel.org;
	dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b="TfWw+g+J"
Received: by mail-pg1-f201.google.com with SMTP id
 41be03b00d2f7-c8281d4cef8so3064034a12.2
        for <linux-kernel@vger.kernel.org>;
 Thu, 21 May 2026 16:17:28 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=google.com; s=20251104; t=1779405447; x=1780010247;
 darn=vger.kernel.org;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:from:to:cc:subject:date:message-id:reply-to;
        bh=9SBJUSguwXkjuFZof3MzgeP84JWJq09tcbehDxmN6+o=;
        b=TfWw+g+JbsJ9bZ54vM2ek3VDAIJ0hRfrQSRrxfT9dJ96QCyStVSpPQ8gPvj9POB7Hb
         2rptiktDihWWuqogeD2+PvO+0kTL9mkDbpCD/hX3xhCmQRdXJzpY6ayYH+3utRsHxOtQ
         DEFVmPyJZ7YikvLx48wJ0ODvd9LxNKHBEnHU40+5vOlX/9Wn+sfDvNlrbuzGHZsSBkbD
         PjlAHS7Gx40wVl5QloMnBezPiIJBqQ1qh7JdJaT4U/vmFeWIt+SjPrlwJ8rtylgmPy4K
         IBy1A2QfGH6HRLRQi5FZrKEd9dLEChN+7vzPoKZxaZ2OFs2vKhWrj1DTU41TOGEnpsv1
         Lvnw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20251104; t=1779405447; x=1780010247;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to;
        bh=9SBJUSguwXkjuFZof3MzgeP84JWJq09tcbehDxmN6+o=;
        b=L72Bl6JO5vv6WwnRhO1jQtcp/u8B9DSRbU+0sB6+ZNgat6t00F529wFMt81W94PfKo
         HjjG+8JPx8DtEbAKfMmHFKTuJPesfJ+wTKM8VcwH6oRYsmWRa+biN792IDm2LqIIT0Vt
         hTRe4sdNzhFFA4Tc7hSVU472jqQ6mZumDKMEz6rwHBIiAKIUXUpIqNDkY0WUAIkPFzNJ
         7+hk0weDI3UhjtCQlwK5OinXJNj7t6e1ct5iRrW97x145DhUA+tP4F8fcAPDFiDHIeng
         tBIEo5r81xNlBdCMSh7xl4Hc2vxyacHbGGk0n1hFeQhNJOiNa5d9cXqtSvScQQGqvRzj
         LLLA==
X-Forwarded-Encrypted: i=1;
 AFNElJ9CsjmWJFhwJqz4Ffdx0XJXfNOa/K1EnIxB3TPzooiwMlZFmt/kFQRcqr+iTnFKSbxVuFsqSvWAhqtHhJw=@vger.kernel.org
X-Gm-Message-State: AOJu0YxSdCZS0BO7KYFRRiY6vTaqVSLGpFNb0FEyV9hDpI0f/IiQnqQB
	BoWcSKZ2hN8TiQuWP1BE04yLjvcWwSrRwmC+Wx64Dq77kSnABZ7PuazaxN3Oi4X9qacZR7q9fkK
	J4dEGuA==
X-Received: from pghw18.prod.google.com ([2002:a63:f512:0:b0:c79:5fb7:acae])
 (user=wyihan job=prod-delivery.src-stubby-dispatcher) by
 2002:a05:6a20:12cd:b0:3a0:bc61:62e1
 with SMTP id adf61e73a8af0-3b328e580a0mr927322637.30.1779405447202; Thu, 21
 May 2026 16:17:27 -0700 (PDT)
Date: Thu, 21 May 2026 23:16:47 +0000
In-Reply-To: <20260521-tdx-selftests-v13-v13-0-6983ae4c3a4d@google.com>
Precedence: bulk
X-Mailing-List: linux-kernel@vger.kernel.org
List-Id: <linux-kernel.vger.kernel.org>
List-Subscribe: <mailto:linux-kernel+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:linux-kernel+unsubscribe@vger.kernel.org>
Mime-Version: 1.0
References: <20260521-tdx-selftests-v13-v13-0-6983ae4c3a4d@google.com>
X-Developer-Key: i=wyihan@google.com; a=ed25519;
 pk=cRi0fKzS5BMxlHyHY2pJv3w/1zcgfYKr6EYGYppdMYc=
X-Developer-Signature: v=1; a=ed25519-sha256; t=1779405439; l=1502;
 i=wyihan@google.com; s=20260319; h=from:subject:message-id;
 bh=gspyrFHq1LK9qs66fQWDyiAFVJSplHon4JiLLfr1Jwk=;
 b=q1/LQNXPgWNW8jiLdj0PNdtABbwpED3/smBdUQCgKtemvqmXSqbYb/KFV2kIHfk8qWeAG49hT
 MO3Eh1crUamDlXg3WSBDFEAChoCqupVdeiwG2SrMIXZmb5MnKDzp6VV
X-Mailer: b4 0.14.3
Message-ID: <20260521-tdx-selftests-v13-v13-6-6983ae4c3a4d@google.com>
Subject: [PATCH  v13 06/22] tools: include: Add kbuild.h for assembly
 structure offsets
From: Lisa Wang <wyihan@google.com>
To: Andrew Jones <ajones@ventanamicro.com>,
 Ackerley Tng <ackerleytng@google.com>,
	Binbin Wu <binbin.wu@linux.intel.com>, Chao Gao <chao.gao@intel.com>,
	Chenyi Qiang <chenyi.qiang@intel.com>,
 Dave Hansen <dave.hansen@linux.intel.com>,
	Erdem Aktas <erdemaktas@google.com>, Ira Weiny <ira.weiny@intel.com>,
	Isaku Yamahata <isaku.yamahata@intel.com>, Kiryl Shutsemau <kas@kernel.org>,
	linux-kselftest@vger.kernel.org, Paolo Bonzini <pbonzini@redhat.com>,
	"Pratik R. Sampat" <pratikrajesh.sampat@amd.com>,
 Reinette Chatre <reinette.chatre@intel.com>,
	Rick Edgecombe <rick.p.edgecombe@intel.com>,
 Roger Wang <runanwang@google.com>,
	Ryan Afranji <afranji@google.com>, Sagi Shahar <sagis@google.com>,
	Sean Christopherson <seanjc@google.com>, Shuah Khan <shuah@kernel.org>,
 Oliver Upton <oupton@kernel.org>
Cc: Jeremiah McReynolds <jmcrey@google.com>, kvm@vger.kernel.org,
 linux-coco@lists.linux.dev,
	linux-kernel@vger.kernel.org, x86@kernel.org, Lisa Wang <wyihan@google.com>
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable

From: Sagi Shahar <sagis@google.com>

Add the Kbuild macros needed to enable the filechk_offsets mechanism to
generate C header files containing structure member offset information.

Tools depending on assembly code that operate on structures have to
hardcode the offsets of structure members. The Kbuild infrastructure
can instead generate C header files with these offsets automatically,
allowing them to be included in assembly code as symbolic constants.

For example, the TDX guest boot code requires access to parameters
passed in the C structure(struct td_boot_parameters). This header
provides the macros needed to extract these offsets from C code and
expose them to assembly, ensuring the two remain synchronized.

Signed-off-by: Sagi Shahar <sagis@google.com>
Reviewed-by: Ira Weiny <ira.weiny@intel.com>
Signed-off-by: Lisa Wang <wyihan@google.com>
---
 tools/include/linux/kbuild.h | 11 +++++++++++
 1 file changed, 11 insertions(+)

diff --git a/tools/include/linux/kbuild.h b/tools/include/linux/kbuild.h
new file mode 100644
index 000000000000..957fd55cd159
--- /dev/null
+++ b/tools/include/linux/kbuild.h
@@ -0,0 +1,11 @@
+/* SPDX-License-Identifier: GPL-2.0 */
+#ifndef __TOOLS_LINUX_KBUILD_H
+#define __TOOLS_LINUX_KBUILD_H
+
+#define DEFINE(sym, val) \
+	asm volatile("\n.ascii \"->" #sym " %0 " #val "\"" : : "i" (val))
+
+#define OFFSET(sym, str, mem) \
+	DEFINE(sym, __builtin_offsetof(struct str, mem))
+
+#endif /* __TOOLS_LINUX_KBUILD_H */

--=20
2.54.0.746.g67dd491aae-goog
From nobody Sun May 24 19:34:54 2026
Received: from mail-pl1-f202.google.com (mail-pl1-f202.google.com
 [209.85.214.202])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id 0675B376483
	for <linux-kernel@vger.kernel.org>; Thu, 21 May 2026 23:17:29 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org;
 arc=none smtp.client-ip=209.85.214.202
ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;
	t=1779405451; cv=none;
 b=gxkicfgkKxRIJKsTpNsO7rpMX3/P0PL71bVC7UGwBSqY2cDsglP1ciFAHID4FG/V2jmsN1dnPoAqsL8mpTWHKa9+terxPJKUjpIFWXQymdC6KgwQVFR3MfwhmKYeUkI12+oMjst1MUMjldjMB98j1HmBfFYCulqln5XLSwJ8qUY=
ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org;
	s=arc-20240116; t=1779405451; c=relaxed/simple;
	bh=NMvFXFsJ4XVQXpc0SEeVabXtCHJZfN1K9W0dcf3dxhk=;
	h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From:
	 To:Cc:Content-Type;
 b=buIjcLy6ZIg3U3VYIUYgBzlq5GSp4oVq7wHbie5MJXrQ7dxh30tSZvVBFVHnRRMg44CYYw1VA0wYc1qUTT+9VeglP6l403gzycQ36Ziqt5oirrMzR8WxxokWk8mJk0sXmbBtFk7Z+hBWCY3Ho4Ack2tHnE+GgDw4vvi18Pl6tdA=
ARC-Authentication-Results: i=1; smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com;
 spf=pass smtp.mailfrom=flex--wyihan.bounces.google.com;
 dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b=l2Xr6Dks; arc=none smtp.client-ip=209.85.214.202
Authentication-Results: smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com
Authentication-Results: smtp.subspace.kernel.org;
 spf=pass smtp.mailfrom=flex--wyihan.bounces.google.com
Authentication-Results: smtp.subspace.kernel.org;
	dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b="l2Xr6Dks"
Received: by mail-pl1-f202.google.com with SMTP id
 d9443c01a7336-2bdaf8567f3so46172685ad.1
        for <linux-kernel@vger.kernel.org>;
 Thu, 21 May 2026 16:17:29 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=google.com; s=20251104; t=1779405448; x=1780010248;
 darn=vger.kernel.org;
        h=content-transfer-encoding:cc:to:from:subject:message-id:references
         :mime-version:in-reply-to:date:from:to:cc:subject:date:message-id
         :reply-to;
        bh=XuT7Oa4jc09yaVnGJONiUjVx+++nAViPkDT406Nds6w=;
        b=l2Xr6DksN1sUmTC7BsyHxB0CF7zj1rtC6AUYXKYxv3wymOMMNWm3+X1mp185ph2wx5
         X2IxRXtKl/A88ih+bDtfEdrcB8cjTJVSsdmzYwVC0/fuLt7E8mlK1GhYVvhuF7bJdZMh
         0QqMcpIiFJtpLUg8+8i6ZXf931hZKnRYiS4vCIHWjkpvvZsb0xPPT9y0KfvTeZ+ewLlx
         rSJQSjKcElndHEhu267fgHaW7uqq4aTy7l9Zg5L5fG0Tp00Jl/DqM5L5aFGzy3ay2kBg
         pkJ9iflZdrNnVX7m3DDFhkn/uzj8Bpw73TVUwZW5+fHmBzy4Q66IIgZFTp5ilrYjCVC7
         5iTQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20251104; t=1779405448; x=1780010248;
        h=content-transfer-encoding:cc:to:from:subject:message-id:references
         :mime-version:in-reply-to:date:x-gm-message-state:from:to:cc:subject
         :date:message-id:reply-to;
        bh=XuT7Oa4jc09yaVnGJONiUjVx+++nAViPkDT406Nds6w=;
        b=MktGWt6M+Bc0z8Pe1vyVsbOckPeiA+DaB+np/QeGX/c/eALYLCpB3pdphIjQIW5SeG
         pr0MLzzsDfRdU7vXRDeOpZMGIvf0DVY2x3A+KCyz2Kdaskg78MNBENqJrb5+ZhBB0rXJ
         HQtriS75dePSwveRKApLXTG9OVIMsnix+Vrl9UmoWInbw3vJgkZZb5VrdMWe2ffm8WOd
         EBr1h7605BrXBndhGEpYTyBfdEpgNDsfQuH5fvxZEBMm4UgvxUHyfPnUUrvz6cTpgefC
         7n4PrDxGnd7q1eSTBwZ3DhCyGpNQLKvz8IuOVKrYIEJDeIXSSXmoNfBcPlaGmJ22KrQm
         oFpA==
X-Forwarded-Encrypted: i=1;
 AFNElJ+LbVnAmHCDwuWIlpFI2GDaSQNqU85iRra1gnPoLI9YzYGbuoBJ/Web6u/YvQKCg4iFjuOhOsmHxor+tbY=@vger.kernel.org
X-Gm-Message-State: AOJu0YzKQxQ/FGCqTXNMkXW9Z/lqlniqaYlAF199wwMYcjKIaw6Boc4E
	ocW4UEnYjNGDgJjixD8JRPTgcM9hiqMyGf8h3l4JxeaG6JEoPY/tViMRKpg+WXcnNahgOr7dt+h
	r47H6ow==
X-Received: from plbkh5.prod.google.com ([2002:a17:903:645:b0:2bd:8434:6d14])
 (user=wyihan job=prod-delivery.src-stubby-dispatcher) by
 2002:a17:902:d60d:b0:2ba:838b:bfae
 with SMTP id d9443c01a7336-2beb089e812mr6491055ad.18.1779405448141; Thu, 21
 May 2026 16:17:28 -0700 (PDT)
Date: Thu, 21 May 2026 23:16:48 +0000
In-Reply-To: <20260521-tdx-selftests-v13-v13-0-6983ae4c3a4d@google.com>
Precedence: bulk
X-Mailing-List: linux-kernel@vger.kernel.org
List-Id: <linux-kernel.vger.kernel.org>
List-Subscribe: <mailto:linux-kernel+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:linux-kernel+unsubscribe@vger.kernel.org>
Mime-Version: 1.0
References: <20260521-tdx-selftests-v13-v13-0-6983ae4c3a4d@google.com>
X-Developer-Key: i=wyihan@google.com; a=ed25519;
 pk=cRi0fKzS5BMxlHyHY2pJv3w/1zcgfYKr6EYGYppdMYc=
X-Developer-Signature: v=1; a=ed25519-sha256; t=1779405439; l=9025;
 i=wyihan@google.com; s=20260319; h=from:subject:message-id;
 bh=VJ5v/qCpIL1Nuw4X+jBr/p2Fwyd+Kv2GMLG00keGkJM=;
 b=UMxSbaugF7X01jUNc29+zrw8fB8Y7DSNknGwphV/QlC520pzkrVmszSpAwpMoAg8jD/m691HX
 Kzu+NSucTaoBjZ0ce9B0SerBIILGICmRzhvr6DljLfJxuOJveIgz1Cq
X-Mailer: b4 0.14.3
Message-ID: <20260521-tdx-selftests-v13-v13-7-6983ae4c3a4d@google.com>
Subject: [PATCH  v13 07/22] KVM: selftests: Introduce structures for TDX guest
 boot parameters
From: Lisa Wang <wyihan@google.com>
To: Andrew Jones <ajones@ventanamicro.com>,
 Ackerley Tng <ackerleytng@google.com>,
	Binbin Wu <binbin.wu@linux.intel.com>, Chao Gao <chao.gao@intel.com>,
	Chenyi Qiang <chenyi.qiang@intel.com>,
 Dave Hansen <dave.hansen@linux.intel.com>,
	Erdem Aktas <erdemaktas@google.com>, Ira Weiny <ira.weiny@intel.com>,
	Isaku Yamahata <isaku.yamahata@intel.com>, Kiryl Shutsemau <kas@kernel.org>,
	linux-kselftest@vger.kernel.org, Paolo Bonzini <pbonzini@redhat.com>,
	"Pratik R. Sampat" <pratikrajesh.sampat@amd.com>,
 Reinette Chatre <reinette.chatre@intel.com>,
	Rick Edgecombe <rick.p.edgecombe@intel.com>,
 Roger Wang <runanwang@google.com>,
	Ryan Afranji <afranji@google.com>, Sagi Shahar <sagis@google.com>,
	Sean Christopherson <seanjc@google.com>, Shuah Khan <shuah@kernel.org>,
 Oliver Upton <oupton@kernel.org>
Cc: Jeremiah McReynolds <jmcrey@google.com>, kvm@vger.kernel.org,
 linux-coco@lists.linux.dev,
	linux-kernel@vger.kernel.org, x86@kernel.org, Lisa Wang <wyihan@google.com>
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable

From: Sagi Shahar <sagis@google.com>

Introduce `td_boot_parameters` and `td_per_vcpu_parameters`, and export
their offsets to assembly via the kbuild infrastructure.

TDX guest registers are private and must be initialized by guest-side
assembly. These structures allow the assembly code to retrieve boot
parameters and index into per-vCPU data based on the vCPU ID, while
keeping host and guest definitions synchronized.

Use kbuild.h to expose the offsets into the structs from c code to
assembly code.

Reviewed-by: Binbin Wu <binbin.wu@linux.intel.com>
Co-developed-by: Ackerley Tng <ackerleytng@google.com>
Signed-off-by: Ackerley Tng <ackerleytng@google.com>
Signed-off-by: Sagi Shahar <sagis@google.com>
Co-developed-by: Lisa Wang <wyihan@google.com>
Signed-off-by: Lisa Wang <wyihan@google.com>
---
 tools/testing/selftests/kvm/.gitignore             |  3 +-
 tools/testing/selftests/kvm/Makefile.kvm           | 29 ++++++++-
 .../selftests/kvm/include/x86/tdx/td_boot.h        | 69 ++++++++++++++++++=
++++
 .../selftests/kvm/lib/x86/tdx/td_boot_offsets.c    | 21 +++++++
 4 files changed, 119 insertions(+), 3 deletions(-)

diff --git a/tools/testing/selftests/kvm/.gitignore b/tools/testing/selftes=
ts/kvm/.gitignore
index 1d41a046a7bf..eef6055242b2 100644
--- a/tools/testing/selftests/kvm/.gitignore
+++ b/tools/testing/selftests/kvm/.gitignore
@@ -9,4 +9,5 @@
 !config
 !settings
 !Makefile
-!Makefile.kvm
\ No newline at end of file
+!Makefile.kvm
+include/x86/**/*_offsets.h
\ No newline at end of file
diff --git a/tools/testing/selftests/kvm/Makefile.kvm b/tools/testing/selft=
ests/kvm/Makefile.kvm
index e5769268936a..02fad7b35eac 100644
--- a/tools/testing/selftests/kvm/Makefile.kvm
+++ b/tools/testing/selftests/kvm/Makefile.kvm
@@ -19,6 +19,8 @@ LIBKVM +=3D lib/userfaultfd_util.c
=20
 LIBKVM_STRING +=3D lib/string_override.c
=20
+LIBKVM_ASM_DEFS +=3D lib/x86/tdx/td_boot_offsets.c
+
 LIBKVM_x86 +=3D lib/x86/apic.c
 LIBKVM_x86 +=3D lib/x86/handlers.S
 LIBKVM_x86 +=3D lib/x86/hyperv.c
@@ -260,6 +262,10 @@ OVERRIDE_TARGETS =3D 1
 include ../lib.mk
 include ../cgroup/lib/libcgroup.mk
=20
+# Enable Kbuild tools.
+include $(top_srcdir)/scripts/Kbuild.include
+include $(top_srcdir)/scripts/Makefile.lib
+
 INSTALL_HDR_PATH =3D $(top_srcdir)/usr
 LINUX_HDR_PATH =3D $(INSTALL_HDR_PATH)/include/
 LINUX_TOOL_INCLUDE =3D $(top_srcdir)/tools/include
@@ -272,15 +278,24 @@ CFLAGS +=3D -Wall -Wstrict-prototypes -Wuninitialized=
 -O2 -g -std=3Dgnu99 \
 	-fno-stack-protector -fno-PIE -fno-strict-aliasing \
 	-I$(LINUX_TOOL_INCLUDE) -I$(LINUX_TOOL_ARCH_INCLUDE) \
 	-I$(LINUX_HDR_PATH) -Iinclude -I$(<D) -Iinclude/$(ARCH) \
-	-I ../rseq -I.. $(EXTRA_CFLAGS) $(KHDR_INCLUDES)
+	-I ../rseq -I.. -I$(OUTPUT)/include/$(ARCH) $(EXTRA_CFLAGS) $(KHDR_INCLUD=
ES)
 ifeq ($(ARCH),s390)
 	CFLAGS +=3D -march=3Dz10
 endif
+
 ifeq ($(ARCH),x86)
+
 ifeq ($(shell echo "void foo(void) { }" | $(CC) -march=3Dx86-64-v2 -x c - =
-c -o /dev/null 2>/dev/null; echo "$$?"),0)
 	CFLAGS +=3D -march=3Dx86-64-v2
 endif
+
+KVM_GEN_HDRS :=3D $(patsubst lib/x86/%.c, $(OUTPUT)/include/x86/%.h, $(fil=
ter lib/x86/%, $(LIBKVM_ASM_DEFS)))
+$(shell mkdir -p $(sort $(dir $(KVM_GEN_HDRS))))
+$(KVM_GEN_HDRS): GUARD =3D $(shell echo $(*F) | tr a-z A-Z | tr '.' '_')
+$(KVM_GEN_HDRS): $(OUTPUT)/include/x86/%.h: $(OUTPUT)/lib/x86/%.s FORCE
+	$(call filechk,offsets,__$(GUARD)_H__)
 endif
+
 ifeq ($(ARCH),arm64)
 tools_dir :=3D $(top_srcdir)/tools
 arm64_tools_dir :=3D $(tools_dir)/arch/arm64/tools/
@@ -313,6 +328,7 @@ LIBKVM_S :=3D $(filter %.S,$(LIBKVM))
 LIBKVM_C_OBJ :=3D $(patsubst %.c, $(OUTPUT)/%.o, $(LIBKVM_C))
 LIBKVM_S_OBJ :=3D $(patsubst %.S, $(OUTPUT)/%.o, $(LIBKVM_S))
 LIBKVM_STRING_OBJ :=3D $(patsubst %.c, $(OUTPUT)/%.o, $(LIBKVM_STRING))
+LIBKVM_ASM_DEFS_OBJ +=3D $(patsubst %.c, $(OUTPUT)/%.s, $(LIBKVM_ASM_DEFS))
 LIBKVM_OBJS =3D $(LIBKVM_C_OBJ) $(LIBKVM_S_OBJ) $(LIBKVM_STRING_OBJ) $(LIB=
CGROUP_O)
 SPLIT_TEST_GEN_PROGS :=3D $(patsubst %, $(OUTPUT)/%, $(SPLIT_TESTS))
 SPLIT_TEST_GEN_OBJ :=3D $(patsubst %, $(OUTPUT)/$(ARCH)/%.o, $(SPLIT_TESTS=
))
@@ -338,7 +354,9 @@ $(SPLIT_TEST_GEN_OBJ): $(OUTPUT)/$(ARCH)/%.o: $(ARCH)/%=
.c
 	$(CC) $(CFLAGS) $(CPPFLAGS) $(TARGET_ARCH) -c $< -o $@
=20
 EXTRA_CLEAN +=3D $(GEN_HDRS) \
+	       $(KVM_GEN_HDRS) \
 	       $(LIBKVM_OBJS) \
+	       $(LIBKVM_ASM_DEFS_OBJ) \
 	       $(SPLIT_TEST_GEN_OBJ) \
 	       $(TEST_DEP_FILES) \
 	       $(TEST_GEN_OBJ) \
@@ -350,6 +368,9 @@ $(LIBKVM_C_OBJ): $(OUTPUT)/%.o: %.c $(GEN_HDRS)
 $(LIBKVM_S_OBJ): $(OUTPUT)/%.o: %.S $(GEN_HDRS)
 	$(CC) $(CFLAGS) $(CPPFLAGS) $(TARGET_ARCH) -c $< -o $@
=20
+$(LIBKVM_ASM_DEFS_OBJ): $(OUTPUT)/%.s: %.c FORCE
+	$(CC) $(CFLAGS) $(CPPFLAGS) $(TARGET_ARCH) -S $< -o $@
+
 # Compile the string overrides as freestanding to prevent the compiler from
 # generating self-referential code, e.g. without "freestanding" the compil=
er may
 # "optimize" memcmp() by invoking memcmp(), thus causing infinite recursio=
n.
@@ -358,11 +379,15 @@ $(LIBKVM_STRING_OBJ): $(OUTPUT)/%.o: %.c
=20
 $(shell mkdir -p $(sort $(dir $(TEST_GEN_PROGS))))
 $(SPLIT_TEST_GEN_OBJ): $(GEN_HDRS)
+$(LIBKVM_OBJS): $(KVM_GEN_HDRS)
 $(TEST_GEN_PROGS): $(LIBKVM_OBJS)
 $(TEST_GEN_PROGS_EXTENDED): $(LIBKVM_OBJS)
 $(TEST_GEN_OBJ): $(GEN_HDRS)
=20
-cscope: include_paths =3D $(LINUX_TOOL_INCLUDE) $(LINUX_HDR_PATH) include =
lib ..
+FORCE:
+
+cscope: include_paths =3D $(LINUX_TOOL_INCLUDE) $(LINUX_HDR_PATH) include =
lib .. \
+			$(wildcard $(sort $(dir $(KVM_GEN_HDRS))))
 cscope:
 	$(RM) cscope.*
 	(find $(include_paths) -name '*.h' \
diff --git a/tools/testing/selftests/kvm/include/x86/tdx/td_boot.h b/tools/=
testing/selftests/kvm/include/x86/tdx/td_boot.h
new file mode 100644
index 000000000000..af4474dee387
--- /dev/null
+++ b/tools/testing/selftests/kvm/include/x86/tdx/td_boot.h
@@ -0,0 +1,69 @@
+/* SPDX-License-Identifier: GPL-2.0-only */
+#ifndef SELFTEST_TDX_TD_BOOT_H
+#define SELFTEST_TDX_TD_BOOT_H
+
+#include <stdint.h>
+
+#include <linux/compiler.h>
+#include <linux/sizes.h>
+
+/*
+ * Layout for boot section (not to scale)
+ *
+ *                                   GPA
+ * _________________________________ 0x1_0000_0000 (4GB)
+ * |   Boot code trampoline    |
+ * |___________________________|____ 0x0_ffff_fff0: Reset vector (16B belo=
w 4GB)
+ * |   Boot code               |
+ * |___________________________|____ td_boot will be copied here, so that =
the
+ * |                           |     jmp to td_boot is exactly at the rese=
t vector
+ * |   Empty space             |
+ * |                           |
+ * |=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=
=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=
=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=
=94=80=E2=94=80=E2=94=80|
+ * |                           |
+ * |                           |
+ * |   Boot parameters         |
+ * |                           |
+ * |                           |
+ * |___________________________|____ 0x0_ffff_0000: TD_BOOT_PARAMETERS_GPA
+ */
+#define FOUR_GIGABYTES_GPA (SZ_4G)
+
+/*
+ * The exact memory layout for LGDT or LIDT instructions.
+ */
+struct __packed td_boot_parameters_dtr {
+	u16 limit;
+	u32 base;
+};
+
+/*
+ * Allows each vCPU to be initialized with different rip and esp.
+ */
+struct td_per_vcpu_parameters {
+	u32 esp_gva;
+	u64 guest_code;
+};
+
+/*
+ * Boot parameters for the TD.
+ *
+ * Unlike a regular VM, KVM cannot set registers such as esp, eip, etc
+ * before boot, so to run selftests, these registers' values have to be
+ * initialized by the TD.
+ *
+ * This struct is loaded in TD private memory at TD_BOOT_PARAMETERS_GPA.
+ *
+ * The TD boot code will read off parameters from this struct and set up t=
he
+ * vCPU for executing selftests.
+ */
+struct td_boot_parameters {
+	u32 cr0;
+	u32 cr3;
+	u32 cr4;
+	struct td_boot_parameters_dtr gdtr;
+	struct td_boot_parameters_dtr idtr;
+	struct td_per_vcpu_parameters per_vcpu[];
+};
+
+#endif /* SELFTEST_TDX_TD_BOOT_H */
diff --git a/tools/testing/selftests/kvm/lib/x86/tdx/td_boot_offsets.c b/to=
ols/testing/selftests/kvm/lib/x86/tdx/td_boot_offsets.c
new file mode 100644
index 000000000000..7f76a3585b99
--- /dev/null
+++ b/tools/testing/selftests/kvm/lib/x86/tdx/td_boot_offsets.c
@@ -0,0 +1,21 @@
+// SPDX-License-Identifier: GPL-2.0
+#define COMPILE_OFFSETS
+
+#include <linux/kbuild.h>
+
+#include "tdx/td_boot.h"
+
+static void __attribute__((used)) common(void)
+{
+	OFFSET(TD_BOOT_PARAMETERS_CR0, td_boot_parameters, cr0);
+	OFFSET(TD_BOOT_PARAMETERS_CR3, td_boot_parameters, cr3);
+	OFFSET(TD_BOOT_PARAMETERS_CR4, td_boot_parameters, cr4);
+	OFFSET(TD_BOOT_PARAMETERS_GDT, td_boot_parameters, gdtr);
+	OFFSET(TD_BOOT_PARAMETERS_IDT, td_boot_parameters, idtr);
+	OFFSET(TD_BOOT_PARAMETERS_PER_VCPU, td_boot_parameters, per_vcpu);
+	OFFSET(TD_PER_VCPU_PARAMETERS_ESP_GVA, td_per_vcpu_parameters, esp_gva);
+	OFFSET(TD_PER_VCPU_PARAMETERS_GUEST_CODE, td_per_vcpu_parameters,
+	       guest_code);
+	DEFINE(SIZEOF_TD_PER_VCPU_PARAMETERS,
+	       sizeof(struct td_per_vcpu_parameters));
+}

--=20
2.54.0.746.g67dd491aae-goog
From nobody Sun May 24 19:34:54 2026
Received: from mail-pj1-f73.google.com (mail-pj1-f73.google.com
 [209.85.216.73])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id 1B18A344D9B
	for <linux-kernel@vger.kernel.org>; Thu, 21 May 2026 23:17:29 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org;
 arc=none smtp.client-ip=209.85.216.73
ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;
	t=1779405452; cv=none;
 b=qWZmuVEO576kwMh2K369gMVGmLdYtrrd4QwIxNdfmM9wxp8A8RyG14pbVKvp/fNgmzQmEu/sQY9KKo+B3NcNDveFx+amCwXSoshAmaKOI+/JJfkzvyjBptpLFiUNkhnb34m3YQRRDjXGU8TqnHuMQsq8EYLcozasL92p0TH1SAg=
ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org;
	s=arc-20240116; t=1779405452; c=relaxed/simple;
	bh=MkLem+PAEgibPPUwaSQc8AKoTt/5GBSYztKiGsziHKs=;
	h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From:
	 To:Cc:Content-Type;
 b=mWhh2a53UEl97lKZfTC3IdDT7eU9iSy6dWWFhB8wGOpJZbFLeJb3+I4P3ASimpCMPkLfEzv2QTG/3YIybhbvnnlAiJT40yGv4Fo17y0U7MXPT26WiyDffT26frOEAdNCbO25aKoRUHxesBT9ckpNwPwMHQCmOntGHnEKT+QnyRY=
ARC-Authentication-Results: i=1; smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com;
 spf=pass smtp.mailfrom=flex--wyihan.bounces.google.com;
 dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b=YpmVSKXk; arc=none smtp.client-ip=209.85.216.73
Authentication-Results: smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com
Authentication-Results: smtp.subspace.kernel.org;
 spf=pass smtp.mailfrom=flex--wyihan.bounces.google.com
Authentication-Results: smtp.subspace.kernel.org;
	dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b="YpmVSKXk"
Received: by mail-pj1-f73.google.com with SMTP id
 98e67ed59e1d1-365fc4636bbso14225929a91.2
        for <linux-kernel@vger.kernel.org>;
 Thu, 21 May 2026 16:17:29 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=google.com; s=20251104; t=1779405449; x=1780010249;
 darn=vger.kernel.org;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:from:to:cc:subject:date:message-id:reply-to;
        bh=yHGgQDGiS26Hfz1fPfs2Cuoyh6JW9ctfbTsvpAP5sNI=;
        b=YpmVSKXkfYE/Po2yeehWEqM/qRMcfeA/vUAlfheMVlKMSgeTAX92GG2umCxDplf3eq
         YEYlGNcukYQ0ejpSSdO338OuHdmb4EakBn/sagRyMtg8mqKQzs+0uWko+sxeDdf9G86o
         m3mfHANpuz9hFq0w4jd76Dljr96VvKZwPZ/GqnJHwwUJnvxmV5N/k9DJPIIbM13JiebA
         YJOBVJ1Uc6Yi5NfXBvObeP3OM8KWbhgN+vLHYk+KIUC9SgiXuylPXvkug+zIPv8tc9q7
         Dv49H2DMEWEDm5rMk/MD0DmAyYnoytbAg/0lOm5CkoRkrGBJo/4MmJMHvP1zcVhqlCFL
         ggzg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20251104; t=1779405449; x=1780010249;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to;
        bh=yHGgQDGiS26Hfz1fPfs2Cuoyh6JW9ctfbTsvpAP5sNI=;
        b=Du6R+KAgLkUxT1MS15bfAntkwgCYDkS1tVRkYgRRcS0ed06eVIilPUy35NOVXv5Y0S
         YtRgV6gz4KG1eo4QabHxqyBf/qSGtI/SjW/UKIardzMl3xp07rcHSYNFm/Y7tLCG418U
         2LyyLqPsH9Eeb5ln+mLpuD6FEvXslG1Et613EYDudLC+ZkMP5bmp9OBSPAWU1Gh77dia
         e+flC6GLaY7gO9xAbwhqQ9JxYJqY2mNNI32zfs/0iprzNivfLvLBM6N8MAULg5mLvc9Q
         O7fswiUtcWJcbzxtnxasMVC7Fd4syT5iDS1N15OttEGaHowXqFQAnFUz4DrDGwU+0KhZ
         mxLg==
X-Forwarded-Encrypted: i=1;
 AFNElJ/enWYRdD25K8/7kPm1LKcMvHG5IAxdh1uxfJj7fdAW7gdGF3NFB/UybrXKlLOsjVPcVLn1TxJcmMnCcKE=@vger.kernel.org
X-Gm-Message-State: AOJu0YyX6n/qDSUoAdjSwR3H85fpQ7LqKZj4hDHMKUkP0deR7Hs4B9+9
	ZS7F2uVoOq9hT6C8VGgLmeN99VlU3l4u3WZ8sYtFoTBpBn5yg7AleFIsVtsWWpfKJAptMFfKTQl
	hF4Cn0A==
X-Received: from pjbqi11.prod.google.com
 ([2002:a17:90b:274b:b0:369:4256:dcf6])
 (user=wyihan job=prod-delivery.src-stubby-dispatcher) by
 2002:a17:90b:3f8b:b0:35f:b987:4dac
 with SMTP id 98e67ed59e1d1-36a67454586mr1211256a91.12.1779405449045; Thu, 21
 May 2026 16:17:29 -0700 (PDT)
Date: Thu, 21 May 2026 23:16:49 +0000
In-Reply-To: <20260521-tdx-selftests-v13-v13-0-6983ae4c3a4d@google.com>
Precedence: bulk
X-Mailing-List: linux-kernel@vger.kernel.org
List-Id: <linux-kernel.vger.kernel.org>
List-Subscribe: <mailto:linux-kernel+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:linux-kernel+unsubscribe@vger.kernel.org>
Mime-Version: 1.0
References: <20260521-tdx-selftests-v13-v13-0-6983ae4c3a4d@google.com>
X-Developer-Key: i=wyihan@google.com; a=ed25519;
 pk=cRi0fKzS5BMxlHyHY2pJv3w/1zcgfYKr6EYGYppdMYc=
X-Developer-Signature: v=1; a=ed25519-sha256; t=1779405439; l=4572;
 i=wyihan@google.com; s=20260319; h=from:subject:message-id;
 bh=IhoHJ/jX64CspIIqMUpwyXCZfNHBAAb3GTEyszWVzpE=;
 b=U0RofNUk0xioIjzOFnN1C3j540KhGc5AJIJXakR5J0ns4MXE0HanliuG2Ze+lF7Hj6vtPq6fy
 uVIKr2NCAA9CUdSivCD4ZN+f8RjpehChKadWQAy1TRZQRoAvg7ObhRt
X-Mailer: b4 0.14.3
Message-ID: <20260521-tdx-selftests-v13-v13-8-6983ae4c3a4d@google.com>
Subject: [PATCH  v13 08/22] KVM: selftests: Add TDX boot code
From: Lisa Wang <wyihan@google.com>
To: Andrew Jones <ajones@ventanamicro.com>,
 Ackerley Tng <ackerleytng@google.com>,
	Binbin Wu <binbin.wu@linux.intel.com>, Chao Gao <chao.gao@intel.com>,
	Chenyi Qiang <chenyi.qiang@intel.com>,
 Dave Hansen <dave.hansen@linux.intel.com>,
	Erdem Aktas <erdemaktas@google.com>, Ira Weiny <ira.weiny@intel.com>,
	Isaku Yamahata <isaku.yamahata@intel.com>, Kiryl Shutsemau <kas@kernel.org>,
	linux-kselftest@vger.kernel.org, Paolo Bonzini <pbonzini@redhat.com>,
	"Pratik R. Sampat" <pratikrajesh.sampat@amd.com>,
 Reinette Chatre <reinette.chatre@intel.com>,
	Rick Edgecombe <rick.p.edgecombe@intel.com>,
 Roger Wang <runanwang@google.com>,
	Ryan Afranji <afranji@google.com>, Sagi Shahar <sagis@google.com>,
	Sean Christopherson <seanjc@google.com>, Shuah Khan <shuah@kernel.org>,
 Oliver Upton <oupton@kernel.org>
Cc: Jeremiah McReynolds <jmcrey@google.com>, kvm@vger.kernel.org,
 linux-coco@lists.linux.dev,
	linux-kernel@vger.kernel.org, x86@kernel.org, Lisa Wang <wyihan@google.com>
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable

From: Erdem Aktas <erdemaktas@google.com>

Add code to boot a TDX test VM. Since TDX registers are inaccessible to
KVM, the boot code loads the relevant values from memory into the
registers before jumping to the guest code.

Reviewed-by: Binbin Wu <binbin.wu@linux.intel.com>
Signed-off-by: Erdem Aktas <erdemaktas@google.com>
Co-developed-by: Ackerley Tng <ackerleytng@google.com>
Signed-off-by: Ackerley Tng <ackerleytng@google.com>
Co-developed-by: Sagi Shahar <sagis@google.com>
Signed-off-by: Sagi Shahar <sagis@google.com>
Signed-off-by: Lisa Wang <wyihan@google.com>
---
 tools/testing/selftests/kvm/Makefile.kvm           |  1 +
 .../selftests/kvm/include/x86/tdx/td_boot.h        |  5 ++
 .../selftests/kvm/include/x86/tdx/td_boot_asm.h    | 16 ++++++
 tools/testing/selftests/kvm/lib/x86/tdx/td_boot.S  | 60 ++++++++++++++++++=
++++
 4 files changed, 82 insertions(+)

diff --git a/tools/testing/selftests/kvm/Makefile.kvm b/tools/testing/selft=
ests/kvm/Makefile.kvm
index 02fad7b35eac..929965ca4b75 100644
--- a/tools/testing/selftests/kvm/Makefile.kvm
+++ b/tools/testing/selftests/kvm/Makefile.kvm
@@ -31,6 +31,7 @@ LIBKVM_x86 +=3D lib/x86/sev.c
 LIBKVM_x86 +=3D lib/x86/svm.c
 LIBKVM_x86 +=3D lib/x86/ucall.c
 LIBKVM_x86 +=3D lib/x86/vmx.c
+LIBKVM_x86 +=3D lib/x86/tdx/td_boot.S
=20
 LIBKVM_arm64 +=3D lib/arm64/gic.c
 LIBKVM_arm64 +=3D lib/arm64/gic_v3.c
diff --git a/tools/testing/selftests/kvm/include/x86/tdx/td_boot.h b/tools/=
testing/selftests/kvm/include/x86/tdx/td_boot.h
index af4474dee387..e5d54a20ed72 100644
--- a/tools/testing/selftests/kvm/include/x86/tdx/td_boot.h
+++ b/tools/testing/selftests/kvm/include/x86/tdx/td_boot.h
@@ -66,4 +66,9 @@ struct td_boot_parameters {
 	struct td_per_vcpu_parameters per_vcpu[];
 };
=20
+void td_boot(void);
+void td_boot_code_end(void);
+
+#define TD_BOOT_CODE_SIZE (td_boot_code_end - td_boot)
+
 #endif /* SELFTEST_TDX_TD_BOOT_H */
diff --git a/tools/testing/selftests/kvm/include/x86/tdx/td_boot_asm.h b/to=
ols/testing/selftests/kvm/include/x86/tdx/td_boot_asm.h
new file mode 100644
index 000000000000..10b4b527595c
--- /dev/null
+++ b/tools/testing/selftests/kvm/include/x86/tdx/td_boot_asm.h
@@ -0,0 +1,16 @@
+/* SPDX-License-Identifier: GPL-2.0-only */
+#ifndef SELFTEST_TDX_TD_BOOT_ASM_H
+#define SELFTEST_TDX_TD_BOOT_ASM_H
+
+/*
+ * GPA where TD boot parameters will be loaded.
+ *
+ * TD_BOOT_PARAMETERS_GPA is arbitrarily chosen to
+ *
+ * + be within the 4GB address space
+ * + provide enough contiguous memory for the struct td_boot_parameters su=
ch
+ *   that there is one struct td_per_vcpu_parameters for KVM_MAX_VCPUS
+ */
+#define TD_BOOT_PARAMETERS_GPA 0xffff0000
+
+#endif  // SELFTEST_TDX_TD_BOOT_ASM_H
diff --git a/tools/testing/selftests/kvm/lib/x86/tdx/td_boot.S b/tools/test=
ing/selftests/kvm/lib/x86/tdx/td_boot.S
new file mode 100644
index 000000000000..7aa33caa9a78
--- /dev/null
+++ b/tools/testing/selftests/kvm/lib/x86/tdx/td_boot.S
@@ -0,0 +1,60 @@
+/* SPDX-License-Identifier: GPL-2.0-only */
+
+#include "tdx/td_boot_asm.h"
+#include "tdx/td_boot_offsets.h"
+#include "processor_asm.h"
+
+.code32
+
+.globl td_boot
+td_boot:
+	/* In this procedure, edi is used as a temporary register. */
+	cli
+
+	/* Paging is off. */
+
+	movl $TD_BOOT_PARAMETERS_GPA, %ebx
+
+	/*
+	 * Find the address of struct td_per_vcpu_parameters for this
+	 * vCPU based on esi (TDX spec: initialized with vCPU id). Put
+	 * struct address into register for indirect addressing.
+	 */
+	movl $SIZEOF_TD_PER_VCPU_PARAMETERS, %eax
+	mul %esi
+	leal TD_BOOT_PARAMETERS_PER_VCPU(%ebx), %edi
+	addl %edi, %eax
+
+	/* Setup stack. */
+	movl TD_PER_VCPU_PARAMETERS_ESP_GVA(%eax), %esp
+
+	/* Setup GDT. */
+	leal TD_BOOT_PARAMETERS_GDT(%ebx), %edi
+	lgdt (%edi)
+
+	/* Setup IDT. */
+	leal TD_BOOT_PARAMETERS_IDT(%ebx), %edi
+	lidt (%edi)
+
+	/*
+	 * Set up control registers (There are no instructions to mov from
+	 * memory to control registers, hence use edi as a scratch register).
+	 */
+	movl TD_BOOT_PARAMETERS_CR4(%ebx), %edi
+	movl %edi, %cr4
+	movl TD_BOOT_PARAMETERS_CR3(%ebx), %edi
+	movl %edi, %cr3
+	movl TD_BOOT_PARAMETERS_CR0(%ebx), %edi
+	movl %edi, %cr0
+
+	/* Switching to 64bit mode after ljmp and then jump to guest code */
+	ljmp $(KERNEL_CS),$1f
+1:
+	jmp *TD_PER_VCPU_PARAMETERS_GUEST_CODE(%eax)
+
+/* Leave marker so size of td_boot code can be computed. */
+.globl td_boot_code_end
+td_boot_code_end:
+
+/* Disable executable stack. */
+.section .note.GNU-stack,"",%progbits

--=20
2.54.0.746.g67dd491aae-goog
From nobody Sun May 24 19:34:54 2026
Received: from mail-pj1-f74.google.com (mail-pj1-f74.google.com
 [209.85.216.74])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id 5818737186F
	for <linux-kernel@vger.kernel.org>; Thu, 21 May 2026 23:17:31 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org;
 arc=none smtp.client-ip=209.85.216.74
ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;
	t=1779405453; cv=none;
 b=i0YD/Dis/f/6+H8GEm1ox1b8fas14NIGfjMgij+2p0UsZUC3n76SiwF3pO05AqXp6ZutmQaB2+mq5xOXJpJ/IoVR2y0Mmd88YoW+QPJw7tmZDAgO23M8oaiL4Pvla2PV5oKmgueZ796mEFEVo/SLunopQjwW1NBbqYtKTg50l/M=
ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org;
	s=arc-20240116; t=1779405453; c=relaxed/simple;
	bh=Twi6LbeJb/qWz0kw5rs4LmRND6hdRFCsRXfOjFCgReU=;
	h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From:
	 To:Cc:Content-Type;
 b=PVvd2nOp5u4qtky/hI1QMQ1SMkChw3ShRjo7omSLJTu09thuzdl79COg/mTTQWRI/PbWZ+GswoXklI2GY2SzSM+l82D66w371FC8toJqKg64RIhE7pRORlCL29Mf4mamzCN+KnpAWvGbpHPOUniKcFpn58i2fq87wro2sYp/juw=
ARC-Authentication-Results: i=1; smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com;
 spf=pass smtp.mailfrom=flex--wyihan.bounces.google.com;
 dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b=v/vOMnoG; arc=none smtp.client-ip=209.85.216.74
Authentication-Results: smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com
Authentication-Results: smtp.subspace.kernel.org;
 spf=pass smtp.mailfrom=flex--wyihan.bounces.google.com
Authentication-Results: smtp.subspace.kernel.org;
	dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b="v/vOMnoG"
Received: by mail-pj1-f74.google.com with SMTP id
 98e67ed59e1d1-368b15eeb3bso13573554a91.2
        for <linux-kernel@vger.kernel.org>;
 Thu, 21 May 2026 16:17:31 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=google.com; s=20251104; t=1779405451; x=1780010251;
 darn=vger.kernel.org;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:from:to:cc:subject:date:message-id:reply-to;
        bh=inUMdvUCNu2M2y+Grbjs2dQB2rkNDqtn35hXxq+mv+8=;
        b=v/vOMnoGKrW3OxjCaKp107IRkAfhta7i8KVbPusETRl4ei7R/KWOY8uPzdzRLQhQis
         YLe7g0COw3tG//35D7LJsbIfl2qxUAhyVETRLI68PPT0zfe4OKQQ8RvjBrm3f7uTvnZl
         CKx8lJDi/gv/GbL42lUL9BMQTbY2yOBc/KNmS2pY6GsLVK8P/FhJzviSu0yepjVbui0o
         hDv7BjfYlluHwBfrMG3C5TZKZtjtqRbTWgK5jrwR6iTSC6tQysoyAxJZXL4xYFYdUnPs
         U+DHsPvUeLasBriSIXXz4GA327vpBfWzmzNmrmkDRQ1OkFvcvPfcwTwRVg0jtOCoJxCJ
         rE5w==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20251104; t=1779405451; x=1780010251;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to;
        bh=inUMdvUCNu2M2y+Grbjs2dQB2rkNDqtn35hXxq+mv+8=;
        b=iQXj/Co/Im0CvZHQbtcji+DmCCuQs8bT92U6rqUaobiwmOu3AmADXCNyZ1V3Jjl69J
         uIn/ZaWuGPbMDDdJcUVGVepWLSi5hZA1tPo/JGvKiT0b5AlgRXKStD5eEJPSsm+XB9NF
         9A5Hkmrhg7HwrDCLUXgoznpi6klVt2no0qRj0XUMiB+ExSsfbHtpGBOqmJX+SzkmEvKJ
         AAFC4Qr4xOnGVN1LRQ54cuOHA0GMohA91B0s3pThdTYDLZpvht/DR/kiSH67nRB1v0Nr
         RBmH/tm6VcBqT9svn9N7rptB3uSa6zDzvmGJPCkPruRrm3NIvFzv3m47PFksaz0OT17F
         et4A==
X-Forwarded-Encrypted: i=1;
 AFNElJ88pw06nUwFWNMUNAriP7APdkoAifNNYQvMaKQk0DtdnldYxhuNW8sxbSKfPe4ww3rfCG660DLoT2M4rkk=@vger.kernel.org
X-Gm-Message-State: AOJu0YxvNg4YRKKivV3JbMwvwN0wkIiRwlHaVEIqGl5+8EYQcyH7lM8w
	FsrPxXC8QPp8VZ14Fmf8WI6CN0JBG2H+44idnU5Bfu6TTCd9dPaX3njPOE8w7kL0WYEY03+13CF
	vrLycvQ==
X-Received: from pjbbk4.prod.google.com ([2002:a17:90b:804:b0:369:1a1a:82d5])
 (user=wyihan job=prod-delivery.src-stubby-dispatcher) by
 2002:a17:90b:5284:b0:35f:b7f5:9b3
 with SMTP id 98e67ed59e1d1-36a67420e95mr1028347a91.3.1779405450507; Thu, 21
 May 2026 16:17:30 -0700 (PDT)
Date: Thu, 21 May 2026 23:16:50 +0000
In-Reply-To: <20260521-tdx-selftests-v13-v13-0-6983ae4c3a4d@google.com>
Precedence: bulk
X-Mailing-List: linux-kernel@vger.kernel.org
List-Id: <linux-kernel.vger.kernel.org>
List-Subscribe: <mailto:linux-kernel+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:linux-kernel+unsubscribe@vger.kernel.org>
Mime-Version: 1.0
References: <20260521-tdx-selftests-v13-v13-0-6983ae4c3a4d@google.com>
X-Developer-Key: i=wyihan@google.com; a=ed25519;
 pk=cRi0fKzS5BMxlHyHY2pJv3w/1zcgfYKr6EYGYppdMYc=
X-Developer-Signature: v=1; a=ed25519-sha256; t=1779405439; l=3213;
 i=wyihan@google.com; s=20260319; h=from:subject:message-id;
 bh=YzcxNqD8InBoCzxGDzSUndemb08iklf9U0GqXNz3VQU=;
 b=20surOhD4fpUaOe9xSIctRm4Vjy3SYL4qB3WReCuRwhQNngpwUjkFV2A5i/tb/E9LKw8ys4fX
 L0TpMBGzsGeAzf1supT64zNI/9GaDxF6tC0cHq/KV43fM7x0SO3wAi4
X-Mailer: b4 0.14.3
Message-ID: <20260521-tdx-selftests-v13-v13-9-6983ae4c3a4d@google.com>
Subject: [PATCH  v13 09/22] KVM: selftests: Expose functions to get default
 sregs values
From: Lisa Wang <wyihan@google.com>
To: Andrew Jones <ajones@ventanamicro.com>,
 Ackerley Tng <ackerleytng@google.com>,
	Binbin Wu <binbin.wu@linux.intel.com>, Chao Gao <chao.gao@intel.com>,
	Chenyi Qiang <chenyi.qiang@intel.com>,
 Dave Hansen <dave.hansen@linux.intel.com>,
	Erdem Aktas <erdemaktas@google.com>, Ira Weiny <ira.weiny@intel.com>,
	Isaku Yamahata <isaku.yamahata@intel.com>, Kiryl Shutsemau <kas@kernel.org>,
	linux-kselftest@vger.kernel.org, Paolo Bonzini <pbonzini@redhat.com>,
	"Pratik R. Sampat" <pratikrajesh.sampat@amd.com>,
 Reinette Chatre <reinette.chatre@intel.com>,
	Rick Edgecombe <rick.p.edgecombe@intel.com>,
 Roger Wang <runanwang@google.com>,
	Ryan Afranji <afranji@google.com>, Sagi Shahar <sagis@google.com>,
	Sean Christopherson <seanjc@google.com>, Shuah Khan <shuah@kernel.org>,
 Oliver Upton <oupton@kernel.org>
Cc: Jeremiah McReynolds <jmcrey@google.com>, kvm@vger.kernel.org,
 linux-coco@lists.linux.dev,
	linux-kernel@vger.kernel.org, x86@kernel.org, Lisa Wang <wyihan@google.com>
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable

From: Sagi Shahar <sagis@google.com>

TDX can't set sregs values directly using KVM_SET_SREGS. Expose the
default values of certain sregs used by TDX VMs so they can be set
manually.

Reviewed-by: Binbin Wu <binbin.wu@linux.intel.com>
Signed-off-by: Sagi Shahar <sagis@google.com>
Reviewed-by: Ira Weiny <ira.weiny@intel.com>
Signed-off-by: Lisa Wang <wyihan@google.com>
---
 .../testing/selftests/kvm/include/x86/processor.h  | 33 ++++++++++++++++++=
++++
 tools/testing/selftests/kvm/lib/x86/processor.c    | 18 ++++--------
 2 files changed, 38 insertions(+), 13 deletions(-)

diff --git a/tools/testing/selftests/kvm/include/x86/processor.h b/tools/te=
sting/selftests/kvm/include/x86/processor.h
index 0aa6eecfcbde..1ebf161ec5d0 100644
--- a/tools/testing/selftests/kvm/include/x86/processor.h
+++ b/tools/testing/selftests/kvm/include/x86/processor.h
@@ -29,6 +29,10 @@ extern u64 guest_tsc_khz;
 #define MAX_NR_CPUID_ENTRIES 100
 #endif
=20
+#ifndef NUM_INTERRUPTS
+#define NUM_INTERRUPTS 256
+#endif
+
 #define NONCANONICAL 0xaaaaaaaaaaaaaaaaull
=20
 /* Forced emulation prefix, used to invoke the emulator unconditionally. */
@@ -1562,4 +1566,33 @@ u64 *tdp_get_pte(struct kvm_vm *vm, u64 l2_gpa);
=20
 bool sys_clocksource_is_based_on_tsc(void);
=20
+static inline u16 kvm_get_default_idt_limit(void)
+{
+	return NUM_INTERRUPTS * sizeof(struct idt_entry) - 1;
+}
+
+static inline u16 kvm_get_default_gdt_limit(void)
+{
+	return getpagesize() - 1;
+}
+
+static inline u64 kvm_get_default_cr0(void)
+{
+	return X86_CR0_PE | X86_CR0_NE | X86_CR0_PG;
+}
+
+static inline u64 kvm_get_default_cr4(void)
+{
+	u64 cr4 =3D X86_CR4_PAE | X86_CR4_OSFXSR;
+
+	if (kvm_cpu_has(X86_FEATURE_XSAVE))
+		cr4 |=3D X86_CR4_OSXSAVE;
+	return cr4;
+}
+
+static inline u64 kvm_get_default_efer(void)
+{
+	return EFER_LME | EFER_LMA | EFER_NX;
+}
+
 #endif /* SELFTEST_KVM_PROCESSOR_H */
diff --git a/tools/testing/selftests/kvm/lib/x86/processor.c b/tools/testin=
g/selftests/kvm/lib/x86/processor.c
index 62abfe27fe3a..5027411665bf 100644
--- a/tools/testing/selftests/kvm/lib/x86/processor.c
+++ b/tools/testing/selftests/kvm/lib/x86/processor.c
@@ -15,10 +15,6 @@
 #include "tdx/tdx_util.h"
 #include "vmx.h"
=20
-#ifndef NUM_INTERRUPTS
-#define NUM_INTERRUPTS 256
-#endif
-
 gva_t exception_handlers;
 bool host_cpu_is_amd;
 bool host_cpu_is_intel;
@@ -647,16 +643,12 @@ static void vcpu_init_sregs(struct kvm_vm *vm, struct=
 kvm_vcpu *vcpu)
 	vcpu_sregs_get(vcpu, &sregs);
=20
 	sregs.idt.base =3D vm->arch.idt;
-	sregs.idt.limit =3D NUM_INTERRUPTS * sizeof(struct idt_entry) - 1;
+	sregs.idt.limit =3D kvm_get_default_idt_limit();
 	sregs.gdt.base =3D vm->arch.gdt;
-	sregs.gdt.limit =3D getpagesize() - 1;
-
-	sregs.cr0 =3D X86_CR0_PE | X86_CR0_NE | X86_CR0_PG;
-	sregs.cr4 |=3D X86_CR4_PAE | X86_CR4_OSFXSR;
-	if (kvm_cpu_has(X86_FEATURE_XSAVE))
-		sregs.cr4 |=3D X86_CR4_OSXSAVE;
-	if (vm->mmu.pgtable_levels =3D=3D 5)
-		sregs.cr4 |=3D X86_CR4_LA57;
+	sregs.gdt.limit =3D kvm_get_default_gdt_limit();
+
+	sregs.cr0 =3D kvm_get_default_cr0();
+	sregs.cr4 |=3D kvm_get_default_cr4();
 	sregs.efer |=3D (EFER_LME | EFER_LMA | EFER_NX);
=20
 	kvm_seg_set_unusable(&sregs.ldt);

--=20
2.54.0.746.g67dd491aae-goog
From nobody Sun May 24 19:34:54 2026
Received: from mail-pl1-f202.google.com (mail-pl1-f202.google.com
 [209.85.214.202])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id 9C0D1370AC1
	for <linux-kernel@vger.kernel.org>; Thu, 21 May 2026 23:17:32 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org;
 arc=none smtp.client-ip=209.85.214.202
ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;
	t=1779405454; cv=none;
 b=twzykPl2vxZUgrcMtDSyHcQui76jHrBB5/62ywkK3fwDNLKbgOVhKnFg3Q8bs48jxmYPNY5bZkdCpW4tphPRlNWYEx0kUosg3baTT9+MViFG/WWxDZE29CDpLMbn2zWL7Hu3MU9TnMq0DLwqUwJWM1C8PXJI9CP2gvFh1QhE51o=
ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org;
	s=arc-20240116; t=1779405454; c=relaxed/simple;
	bh=K4hwKCmpJ4zUb3ehxRvkub2xtnkhXDMvgH5jB/vsl1k=;
	h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From:
	 To:Cc:Content-Type;
 b=PtdjZ35OPyN2cZ86SSw6yRVCgVpkIqP89O1M38AuK/ebA5IfGqg1C830RXq16G/QUWFWzPLhRByD0o7m66YRwCtphc5hljcmEQt/qdi9q9zknn2fow6GEVhplm9aR+B/Dt+hW48Df5okDkfVSrWmVKqPhCFJ4IjHB5JFxR05fB4=
ARC-Authentication-Results: i=1; smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com;
 spf=pass smtp.mailfrom=flex--wyihan.bounces.google.com;
 dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b=DleJw9WL; arc=none smtp.client-ip=209.85.214.202
Authentication-Results: smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com
Authentication-Results: smtp.subspace.kernel.org;
 spf=pass smtp.mailfrom=flex--wyihan.bounces.google.com
Authentication-Results: smtp.subspace.kernel.org;
	dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b="DleJw9WL"
Received: by mail-pl1-f202.google.com with SMTP id
 d9443c01a7336-2b4530a90fdso119176305ad.1
        for <linux-kernel@vger.kernel.org>;
 Thu, 21 May 2026 16:17:32 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=google.com; s=20251104; t=1779405452; x=1780010252;
 darn=vger.kernel.org;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:from:to:cc:subject:date:message-id:reply-to;
        bh=5Mb2Ccx0ioc20txfzoV9w8p95E3FoUg+tKOAAuRRnXo=;
        b=DleJw9WLRq168ab2EQ5KOwirVq97j2bfUQIsiafFxrSAYMbGXC/3GDX3o6W6R0naRs
         Fn2RABciHrgnaJCTXIvaTSMeHSnOpf1bYGSMeFtzWTQI78C2TvidTc7GucezyBrtg+bu
         eparxOus0DAHmvd2kKG/6E94P01LiflHytLWGZ4yW6UdEjpZzk62XceE0yTEqdImp92M
         vp4mbrsyEua3fsCsAHMZ8K9uG175xps46y1yVk25ZrfZ5YShKMOT11/Lwufnr3aSS3GX
         ik3U48amWGt+46IYRsekiSJpyqE/Yrf0VBRRC26/LwHrhfqWkbDC3/nORD0Kc326q1ng
         lKew==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20251104; t=1779405452; x=1780010252;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to;
        bh=5Mb2Ccx0ioc20txfzoV9w8p95E3FoUg+tKOAAuRRnXo=;
        b=MyBoyQ3N0iWbnpN0RgYp8lNALyyAn31vL0mWIb25NUggYjAc4QziwTgMrEUPIqa+8P
         lOuYzhGdpLyRj8qDVksGq8K32LjIyE2Bvaht1uGjCmjP1xMEG8dNSNheo4PidQfICdWT
         wKJLmziDLWrpl/wKJJ5ZzSIwNg4/JIfaF7eq8+sfEUVZqIotuNcWWG9FklulTKVGsyUm
         Zdw/r7cJMQy6xwwJbt2QQ9PejQXJA2JAffK+2TS8XkfYV1WVtAYkK4ovNTziakAwzuoW
         NBIaproDWdlY1NDeQ1i47CqU8gO6hnA7EDx5bG84pSUjCK+nJbGE3kcmL09v5zB1ndul
         XiwQ==
X-Forwarded-Encrypted: i=1;
 AFNElJ+0kZZJkLgrDz5mwskf6rAHIsEKb3it9idwjJPgLqKO247tYCa/e+OV737zbVtLIrITahRObKIY99FWPyU=@vger.kernel.org
X-Gm-Message-State: AOJu0YycjedDlZ2aEtK3kYOeL2tTBy0eY3cD4jsIsSCyUcwRso//ZjMx
	ICza883LgbLOaNG4fi/swL41bDiQb1yPo/6x9yUNNPKHA+2mj21obsa3kbAIpUW2lBaiuFM4DAD
	VUAh0iA==
X-Received: from plcc12.prod.google.com ([2002:a17:902:c1cc:b0:2b2:a715:a848])
 (user=wyihan job=prod-delivery.src-stubby-dispatcher) by
 2002:a17:903:2bce:b0:2b0:5923:5194
 with SMTP id d9443c01a7336-2beb0681ddbmr9498715ad.27.1779405451416; Thu, 21
 May 2026 16:17:31 -0700 (PDT)
Date: Thu, 21 May 2026 23:16:51 +0000
In-Reply-To: <20260521-tdx-selftests-v13-v13-0-6983ae4c3a4d@google.com>
Precedence: bulk
X-Mailing-List: linux-kernel@vger.kernel.org
List-Id: <linux-kernel.vger.kernel.org>
List-Subscribe: <mailto:linux-kernel+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:linux-kernel+unsubscribe@vger.kernel.org>
Mime-Version: 1.0
References: <20260521-tdx-selftests-v13-v13-0-6983ae4c3a4d@google.com>
X-Developer-Key: i=wyihan@google.com; a=ed25519;
 pk=cRi0fKzS5BMxlHyHY2pJv3w/1zcgfYKr6EYGYppdMYc=
X-Developer-Signature: v=1; a=ed25519-sha256; t=1779405439; l=5151;
 i=wyihan@google.com; s=20260319; h=from:subject:message-id;
 bh=b9tZ2eI2lRz0fRhaZB+tVbmNYmqq3B0jyqSz9uqzwwI=;
 b=z5L6sCi2HJBAV+Spu447OzHYRIjWLjEJD2HklaJC01nxBnhf+hah3PbRgGzSwbN33qQH0Xh2V
 LQfkboQYzSuAD2WIgc90UcDKqWeY/nNbYuni672CV/gpOI26Jv3MKpj
X-Mailer: b4 0.14.3
Message-ID: <20260521-tdx-selftests-v13-v13-10-6983ae4c3a4d@google.com>
Subject: [PATCH  v13 10/22] KVM: selftests: Set up TDX boot code region
From: Lisa Wang <wyihan@google.com>
To: Andrew Jones <ajones@ventanamicro.com>,
 Ackerley Tng <ackerleytng@google.com>,
	Binbin Wu <binbin.wu@linux.intel.com>, Chao Gao <chao.gao@intel.com>,
	Chenyi Qiang <chenyi.qiang@intel.com>,
 Dave Hansen <dave.hansen@linux.intel.com>,
	Erdem Aktas <erdemaktas@google.com>, Ira Weiny <ira.weiny@intel.com>,
	Isaku Yamahata <isaku.yamahata@intel.com>, Kiryl Shutsemau <kas@kernel.org>,
	linux-kselftest@vger.kernel.org, Paolo Bonzini <pbonzini@redhat.com>,
	"Pratik R. Sampat" <pratikrajesh.sampat@amd.com>,
 Reinette Chatre <reinette.chatre@intel.com>,
	Rick Edgecombe <rick.p.edgecombe@intel.com>,
 Roger Wang <runanwang@google.com>,
	Ryan Afranji <afranji@google.com>, Sagi Shahar <sagis@google.com>,
	Sean Christopherson <seanjc@google.com>, Shuah Khan <shuah@kernel.org>,
 Oliver Upton <oupton@kernel.org>
Cc: Jeremiah McReynolds <jmcrey@google.com>, kvm@vger.kernel.org,
 linux-coco@lists.linux.dev,
	linux-kernel@vger.kernel.org, x86@kernel.org, Lisa Wang <wyihan@google.com>
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable

From: Sagi Shahar <sagis@google.com>

Add memory for TDX boot code in a separate memslot.

Use virt_map() to get identity map in this memory region to allow for
seamless transition from paging disabled to paging enabled code.

Copy the boot code into the memory region and set up the reset vector
at this point. While it's possible to separate the memory allocation and
boot code initialization into separate functions, having all the
calculations for memory size and offsets in one place simplifies the
code and avoids duplications.

Handcode the reset vector as suggested by Sean Christopherson.

Reviewed-by: Binbin Wu <binbin.wu@linux.intel.com>
Suggested-by: Sean Christopherson <seanjc@google.com>
Co-developed-by: Erdem Aktas <erdemaktas@google.com>
Signed-off-by: Erdem Aktas <erdemaktas@google.com>
Signed-off-by: Sagi Shahar <sagis@google.com>
Signed-off-by: Lisa Wang <wyihan@google.com>
---
 tools/testing/selftests/kvm/Makefile.kvm           |  1 +
 .../selftests/kvm/include/x86/tdx/tdx_util.h       |  1 +
 tools/testing/selftests/kvm/lib/x86/processor.c    |  4 +-
 tools/testing/selftests/kvm/lib/x86/tdx/tdx_util.c | 47 ++++++++++++++++++=
++++
 4 files changed, 52 insertions(+), 1 deletion(-)

diff --git a/tools/testing/selftests/kvm/Makefile.kvm b/tools/testing/selft=
ests/kvm/Makefile.kvm
index 929965ca4b75..a651a876c522 100644
--- a/tools/testing/selftests/kvm/Makefile.kvm
+++ b/tools/testing/selftests/kvm/Makefile.kvm
@@ -31,6 +31,7 @@ LIBKVM_x86 +=3D lib/x86/sev.c
 LIBKVM_x86 +=3D lib/x86/svm.c
 LIBKVM_x86 +=3D lib/x86/ucall.c
 LIBKVM_x86 +=3D lib/x86/vmx.c
+LIBKVM_x86 +=3D lib/x86/tdx/tdx_util.c
 LIBKVM_x86 +=3D lib/x86/tdx/td_boot.S
=20
 LIBKVM_arm64 +=3D lib/arm64/gic.c
diff --git a/tools/testing/selftests/kvm/include/x86/tdx/tdx_util.h b/tools=
/testing/selftests/kvm/include/x86/tdx/tdx_util.h
index 48d4bd36c35b..d66ea7bc85f9 100644
--- a/tools/testing/selftests/kvm/include/x86/tdx/tdx_util.h
+++ b/tools/testing/selftests/kvm/include/x86/tdx/tdx_util.h
@@ -40,5 +40,6 @@ static inline bool is_tdx_vm(struct kvm_vm *vm)
 })
=20
 void tdx_init_vm(struct kvm_vm *vm, u64 attributes);
+void tdx_vm_setup_boot_code_region(struct kvm_vm *vm);
=20
 #endif /* SELFTESTS_TDX_TDX_UTIL_H */
diff --git a/tools/testing/selftests/kvm/lib/x86/processor.c b/tools/testin=
g/selftests/kvm/lib/x86/processor.c
index 5027411665bf..dfabdfd17976 100644
--- a/tools/testing/selftests/kvm/lib/x86/processor.c
+++ b/tools/testing/selftests/kvm/lib/x86/processor.c
@@ -791,8 +791,10 @@ void kvm_arch_vm_post_create(struct kvm_vm *vm, unsign=
ed int nr_vcpus)
 		vm_sev_ioctl(vm, KVM_SEV_INIT2, &init);
 	}
=20
-	if (is_tdx_vm(vm))
+	if (is_tdx_vm(vm)) {
 		tdx_init_vm(vm, 0);
+		tdx_vm_setup_boot_code_region(vm);
+	}
=20
 	r =3D __vm_ioctl(vm, KVM_GET_TSC_KHZ, NULL);
 	TEST_ASSERT(r > 0, "KVM_GET_TSC_KHZ did not provide a valid TSC frequency=
.");
diff --git a/tools/testing/selftests/kvm/lib/x86/tdx/tdx_util.c b/tools/tes=
ting/selftests/kvm/lib/x86/tdx/tdx_util.c
index e5c998874a0d..bbfaa9af9c60 100644
--- a/tools/testing/selftests/kvm/lib/x86/tdx/tdx_util.c
+++ b/tools/testing/selftests/kvm/lib/x86/tdx/tdx_util.c
@@ -2,8 +2,55 @@
=20
 #include "kvm_util.h"
 #include "processor.h"
+#include "tdx/td_boot.h"
 #include "tdx/tdx_util.h"
=20
+/* Arbitrarily selected to avoid overlaps with anything else */
+#define TD_BOOT_CODE_SLOT	20
+
+#define X86_RESET_VECTOR	0xfffffff0ul
+#define X86_RESET_VECTOR_SIZE	16
+
+void tdx_vm_setup_boot_code_region(struct kvm_vm *vm)
+{
+	size_t total_code_size =3D TD_BOOT_CODE_SIZE + X86_RESET_VECTOR_SIZE;
+	gpa_t boot_code_gpa =3D X86_RESET_VECTOR - TD_BOOT_CODE_SIZE;
+	gpa_t alloc_gpa =3D round_down(boot_code_gpa, PAGE_SIZE);
+	size_t nr_pages =3D DIV_ROUND_UP(total_code_size, PAGE_SIZE);
+	gpa_t gpa;
+	u8 *hva;
+
+	vm_userspace_mem_region_add(vm, VM_MEM_SRC_ANONYMOUS,
+				    alloc_gpa,
+				    TD_BOOT_CODE_SLOT, nr_pages,
+				    KVM_MEM_GUEST_MEMFD);
+
+	gpa =3D vm_phy_pages_alloc(vm, nr_pages, alloc_gpa, TD_BOOT_CODE_SLOT);
+	TEST_ASSERT(gpa =3D=3D alloc_gpa, "Failed vm_phy_pages_alloc\n");
+
+	virt_map(vm, alloc_gpa, alloc_gpa, nr_pages);
+	hva =3D addr_gpa2hva(vm, boot_code_gpa);
+	memcpy(hva, td_boot, TD_BOOT_CODE_SIZE);
+
+	hva +=3D TD_BOOT_CODE_SIZE;
+	TEST_ASSERT(hva =3D=3D addr_gpa2hva(vm, X86_RESET_VECTOR),
+		    "Expected RESET vector at hva 0x%lx, got %lx",
+		    (unsigned long)addr_gpa2hva(vm, X86_RESET_VECTOR), (unsigned long)hv=
a);
+
+	/*
+	 * Handcode "JMP rel8" at the RESET vector to jump back to the TD boot
+	 * code, as there are only 16 bytes at the RESET vector before RIP will
+	 * wrap back to zero.  Insert a trailing int3 so that the vCPU crashes
+	 * in case the JMP somehow falls through.  Note!  The target address is
+	 * relative to the end of the instruction!
+	 */
+	TEST_ASSERT(TD_BOOT_CODE_SIZE + 2 <=3D 128,
+		    "TD boot code not addressable by 'JMP rel8'");
+	hva[0] =3D 0xeb;
+	hva[1] =3D 256 - 2 - TD_BOOT_CODE_SIZE;
+	hva[2] =3D 0xcc;
+}
+
 static struct kvm_tdx_capabilities *tdx_read_capabilities(struct kvm_vm *v=
m)
 {
 	struct kvm_tdx_capabilities *tdx_cap =3D NULL;

--=20
2.54.0.746.g67dd491aae-goog
From nobody Sun May 24 19:34:54 2026
Received: from mail-pg1-f201.google.com (mail-pg1-f201.google.com
 [209.85.215.201])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id 83CCB37A4BC
	for <linux-kernel@vger.kernel.org>; Thu, 21 May 2026 23:17:33 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org;
 arc=none smtp.client-ip=209.85.215.201
ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;
	t=1779405455; cv=none;
 b=hnhvqi/ubjYx7i5Q1hR9HgkjjHqvcymGn8MbEHclTZEG9YUip4hNXWuFCcKKHcA9ru0+EfLpmFhZvLh9ASfGitIYx7ap1zrH28m9NuaGaAYd+RYUEtfIF65VxRN5/b2zeqLV3xBMjiR0nFdumIl1MxhAKR4828kOtpJhEc3dw2M=
ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org;
	s=arc-20240116; t=1779405455; c=relaxed/simple;
	bh=aD3HXwrZjvyRYUcRcwFGw0yeikfKSuTlbRJOfhgmGv0=;
	h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From:
	 To:Cc:Content-Type;
 b=ZToQ0qy5/rGMwBlo/GteAZG5roIUjhYlFhyvqJTvIrBa8z5RCffrW+m/IWQfbkih/C+kj66G8WPZZR8E8ulRQrgcGKaqA2D4iA7FnRSfZ4+AdSQu7pg1goTXi6EawmF8uN+GVzYe721wjDKCJfF/jeGr1Mv07jImY8T66z2lo9s=
ARC-Authentication-Results: i=1; smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com;
 spf=pass smtp.mailfrom=flex--wyihan.bounces.google.com;
 dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b=NpQ2J+0Q; arc=none smtp.client-ip=209.85.215.201
Authentication-Results: smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com
Authentication-Results: smtp.subspace.kernel.org;
 spf=pass smtp.mailfrom=flex--wyihan.bounces.google.com
Authentication-Results: smtp.subspace.kernel.org;
	dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b="NpQ2J+0Q"
Received: by mail-pg1-f201.google.com with SMTP id
 41be03b00d2f7-c828f0f5c23so3188331a12.1
        for <linux-kernel@vger.kernel.org>;
 Thu, 21 May 2026 16:17:33 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=google.com; s=20251104; t=1779405453; x=1780010253;
 darn=vger.kernel.org;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:from:to:cc:subject:date:message-id:reply-to;
        bh=t/YlviOZ+xjrC4BOAGoW0+eAq9T/F0XwYkP7ZCZ/m/M=;
        b=NpQ2J+0QFdQFjmTLPh1OQqDiBnGquBtPdVrTQlOXZGmOd55n9HMIalh+t/drqAHfq3
         FWiBvBZmmzvFD3ATUqRrHGd9Mzn85MpO9AsBhQPjrGOP12pJ5MLmFA0nYPTp6L5g97BK
         zQNTHMP0VztcpGKzn1nC0iBNUEzO48XK6hWido5gEpHB+wjXRdXYjnvVDYpbYqYXBsGX
         agJID+6ChO1DNYxZuywsk6IxZDCUtKlJ+IopLOaXuiPlsONDn6HZlXM6aqvAWiO5ES5o
         CQZDAHtiESC3C7Ki3qE0drTOGvToeLwjnN4n7iOCD8UhgbZuEiC1Djn6wumUyxsJ5Ksl
         qSvw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20251104; t=1779405453; x=1780010253;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to;
        bh=t/YlviOZ+xjrC4BOAGoW0+eAq9T/F0XwYkP7ZCZ/m/M=;
        b=r898lQcdw0tksdnKpY7fztEtsePmkDBRV0yabhpTee/mcuhwYOAaObebGTziF5mwtH
         mEbPZxux4rPfUM6b0i4QePW4OykOVif5gFSoVWlGu57Arlo6lfS3+zzJlCVQQ9zQ8DZ3
         jmyASZ1TmnzVnlQn7kNSscLciayUCNN4zAuuZUAOSGrHtMibwHJHz5fS+GT5vj0nGS1p
         Yyl1ttVuCmjwqW4RzogE2sFgJYaIYxK5ESq7ptC2XCTOzruPNLPkjeMYBQ3VMwsWaIg7
         hWRfpNTcT8RyTPBamAsU8IT+TGz+8qsKC3mVzrsDv7Z8hDaodXYg9OZMDTxxAKhWCZth
         wk7Q==
X-Forwarded-Encrypted: i=1;
 AFNElJ/aHxz5LJ+qcuoAN68UF6jl/uAkjcHGd/Jl7cO5s1j9Wmvbc20RQQfJhwVCAzMGvoKLTT2AGnm0O6GdTTQ=@vger.kernel.org
X-Gm-Message-State: AOJu0YykLoKC1J9+ZMeCZfBZivaleic99c+KK3MIgkCFgFRprSF9w3tV
	vGQHNzh3uUk3NLjr4X8C39qGInt3/P9lquuWoYPTf+KyAcu1RjabUhdyyYsMQnKHmVSMtiJg6V0
	pIKhZHQ==
X-Received: from pgbeq12.prod.google.com
 ([2002:a05:6a02:268c:b0:c80:23f0:ab71])
 (user=wyihan job=prod-delivery.src-stubby-dispatcher) by
 2002:a05:6a20:7289:b0:39b:89e0:2e37
 with SMTP id adf61e73a8af0-3b328cfdaacmr919032637.14.1779405452327; Thu, 21
 May 2026 16:17:32 -0700 (PDT)
Date: Thu, 21 May 2026 23:16:52 +0000
In-Reply-To: <20260521-tdx-selftests-v13-v13-0-6983ae4c3a4d@google.com>
Precedence: bulk
X-Mailing-List: linux-kernel@vger.kernel.org
List-Id: <linux-kernel.vger.kernel.org>
List-Subscribe: <mailto:linux-kernel+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:linux-kernel+unsubscribe@vger.kernel.org>
Mime-Version: 1.0
References: <20260521-tdx-selftests-v13-v13-0-6983ae4c3a4d@google.com>
X-Developer-Key: i=wyihan@google.com; a=ed25519;
 pk=cRi0fKzS5BMxlHyHY2pJv3w/1zcgfYKr6EYGYppdMYc=
X-Developer-Signature: v=1; a=ed25519-sha256; t=1779405439; l=4707;
 i=wyihan@google.com; s=20260319; h=from:subject:message-id;
 bh=BN33KsLCHuN/RaDg069+CrjelUstN+iG9teg2YCApZE=;
 b=loF/v83C5t/5hp0/ahmXFWBR+WYQZ874vo2GsRCiAyg2Tya7wLx7XnsShach+t2H4yPM2PTlv
 2JG44wiBlf8AX4pd48vxzI+01vl6kdEwlFYBV63GwdxY3S75xE8vHsr
X-Mailer: b4 0.14.3
Message-ID: <20260521-tdx-selftests-v13-v13-11-6983ae4c3a4d@google.com>
Subject: [PATCH  v13 11/22] KVM: selftests: Set up TDX boot parameters region
From: Lisa Wang <wyihan@google.com>
To: Andrew Jones <ajones@ventanamicro.com>,
 Ackerley Tng <ackerleytng@google.com>,
	Binbin Wu <binbin.wu@linux.intel.com>, Chao Gao <chao.gao@intel.com>,
	Chenyi Qiang <chenyi.qiang@intel.com>,
 Dave Hansen <dave.hansen@linux.intel.com>,
	Erdem Aktas <erdemaktas@google.com>, Ira Weiny <ira.weiny@intel.com>,
	Isaku Yamahata <isaku.yamahata@intel.com>, Kiryl Shutsemau <kas@kernel.org>,
	linux-kselftest@vger.kernel.org, Paolo Bonzini <pbonzini@redhat.com>,
	"Pratik R. Sampat" <pratikrajesh.sampat@amd.com>,
 Reinette Chatre <reinette.chatre@intel.com>,
	Rick Edgecombe <rick.p.edgecombe@intel.com>,
 Roger Wang <runanwang@google.com>,
	Ryan Afranji <afranji@google.com>, Sagi Shahar <sagis@google.com>,
	Sean Christopherson <seanjc@google.com>, Shuah Khan <shuah@kernel.org>,
 Oliver Upton <oupton@kernel.org>
Cc: Jeremiah McReynolds <jmcrey@google.com>, kvm@vger.kernel.org,
 linux-coco@lists.linux.dev,
	linux-kernel@vger.kernel.org, x86@kernel.org, Lisa Wang <wyihan@google.com>
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable

From: Sagi Shahar <sagis@google.com>

Allocate memory for TDX boot parameters and define the utility functions
necessary to fill this memory with the boot parameters.

Co-developed-by: Ackerley Tng <ackerleytng@google.com>
Signed-off-by: Ackerley Tng <ackerleytng@google.com>
Signed-off-by: Sagi Shahar <sagis@google.com>
Signed-off-by: Lisa Wang <wyihan@google.com>
---
 .../selftests/kvm/include/x86/tdx/tdx_util.h       |  2 +
 tools/testing/selftests/kvm/lib/x86/processor.c    |  2 +
 tools/testing/selftests/kvm/lib/x86/tdx/tdx_util.c | 56 ++++++++++++++++++=
++++
 3 files changed, 60 insertions(+)

diff --git a/tools/testing/selftests/kvm/include/x86/tdx/tdx_util.h b/tools=
/testing/selftests/kvm/include/x86/tdx/tdx_util.h
index d66ea7bc85f9..9660ea9d2f31 100644
--- a/tools/testing/selftests/kvm/include/x86/tdx/tdx_util.h
+++ b/tools/testing/selftests/kvm/include/x86/tdx/tdx_util.h
@@ -41,5 +41,7 @@ static inline bool is_tdx_vm(struct kvm_vm *vm)
=20
 void tdx_init_vm(struct kvm_vm *vm, u64 attributes);
 void tdx_vm_setup_boot_code_region(struct kvm_vm *vm);
+void tdx_vm_setup_boot_parameters_region(struct kvm_vm *vm, u32 nr_runnabl=
e_vcpus);
+void tdx_vm_load_common_boot_parameters(struct kvm_vm *vm);
=20
 #endif /* SELFTESTS_TDX_TDX_UTIL_H */
diff --git a/tools/testing/selftests/kvm/lib/x86/processor.c b/tools/testin=
g/selftests/kvm/lib/x86/processor.c
index dfabdfd17976..c7c4a37b3170 100644
--- a/tools/testing/selftests/kvm/lib/x86/processor.c
+++ b/tools/testing/selftests/kvm/lib/x86/processor.c
@@ -794,6 +794,8 @@ void kvm_arch_vm_post_create(struct kvm_vm *vm, unsigne=
d int nr_vcpus)
 	if (is_tdx_vm(vm)) {
 		tdx_init_vm(vm, 0);
 		tdx_vm_setup_boot_code_region(vm);
+		tdx_vm_setup_boot_parameters_region(vm, nr_vcpus);
+		tdx_vm_load_common_boot_parameters(vm);
 	}
=20
 	r =3D __vm_ioctl(vm, KVM_GET_TSC_KHZ, NULL);
diff --git a/tools/testing/selftests/kvm/lib/x86/tdx/tdx_util.c b/tools/tes=
ting/selftests/kvm/lib/x86/tdx/tdx_util.c
index bbfaa9af9c60..b16bf24f3ef1 100644
--- a/tools/testing/selftests/kvm/lib/x86/tdx/tdx_util.c
+++ b/tools/testing/selftests/kvm/lib/x86/tdx/tdx_util.c
@@ -3,10 +3,12 @@
 #include "kvm_util.h"
 #include "processor.h"
 #include "tdx/td_boot.h"
+#include "tdx/td_boot_asm.h"
 #include "tdx/tdx_util.h"
=20
 /* Arbitrarily selected to avoid overlaps with anything else */
 #define TD_BOOT_CODE_SLOT	20
+#define TD_BOOT_PARAMETERS_SLOT	21
=20
 #define X86_RESET_VECTOR	0xfffffff0ul
 #define X86_RESET_VECTOR_SIZE	16
@@ -51,6 +53,60 @@ void tdx_vm_setup_boot_code_region(struct kvm_vm *vm)
 	hva[2] =3D 0xcc;
 }
=20
+void tdx_vm_setup_boot_parameters_region(struct kvm_vm *vm, u32 nr_runnabl=
e_vcpus)
+{
+	size_t boot_params_size =3D
+		sizeof(struct td_boot_parameters) +
+		nr_runnable_vcpus * sizeof(struct td_per_vcpu_parameters);
+	int npages =3D DIV_ROUND_UP(boot_params_size, PAGE_SIZE);
+	gpa_t gpa;
+
+	vm_userspace_mem_region_add(vm, VM_MEM_SRC_ANONYMOUS,
+				    TD_BOOT_PARAMETERS_GPA,
+				    TD_BOOT_PARAMETERS_SLOT, npages,
+				    KVM_MEM_GUEST_MEMFD);
+	gpa =3D vm_phy_pages_alloc(vm, npages, TD_BOOT_PARAMETERS_GPA, TD_BOOT_PA=
RAMETERS_SLOT);
+	TEST_ASSERT(gpa =3D=3D TD_BOOT_PARAMETERS_GPA, "Failed vm_phy_pages_alloc=
\n");
+
+	virt_map(vm, TD_BOOT_PARAMETERS_GPA, TD_BOOT_PARAMETERS_GPA, npages);
+}
+
+void tdx_vm_load_common_boot_parameters(struct kvm_vm *vm)
+{
+	struct td_boot_parameters *params =3D
+		addr_gpa2hva(vm, TD_BOOT_PARAMETERS_GPA);
+	u32 cr4;
+
+	TEST_ASSERT_EQ(vm->mode, VM_MODE_PXXVYY_4K);
+
+	cr4 =3D kvm_get_default_cr4();
+	if (vm->mmu.pgtable_levels =3D=3D 5)
+		cr4 |=3D X86_CR4_LA57;
+
+	/* TDX spec 11.6.2: CR4 bit MCE is fixed to 1 */
+	cr4 |=3D X86_CR4_MCE;
+
+	/* TDX spec 11.6.2: CR4 bit VMXE and SMXE are fixed to 0 */
+	cr4 &=3D ~(X86_CR4_VMXE | X86_CR4_SMXE);
+
+	/* Set parameters! */
+	params->cr0 =3D kvm_get_default_cr0();
+	TEST_ASSERT(vm->mmu.pgd < (1ULL << 32),
+		    "PGD must be within 32-bit address space for 32-bit boot code");
+	params->cr3 =3D vm->mmu.pgd;
+	params->cr4 =3D cr4;
+	params->idtr.base =3D vm->arch.idt;
+	params->idtr.limit =3D kvm_get_default_idt_limit();
+	params->gdtr.base =3D vm->arch.gdt;
+	params->gdtr.limit =3D kvm_get_default_gdt_limit();
+
+	TEST_ASSERT(params->cr0 !=3D 0, "cr0 should not be 0");
+	TEST_ASSERT(params->cr3 !=3D 0, "cr3 should not be 0");
+	TEST_ASSERT(params->cr4 !=3D 0, "cr4 should not be 0");
+	TEST_ASSERT(params->gdtr.base !=3D 0, "gdt base address should not be 0");
+	TEST_ASSERT(params->idtr.base !=3D 0, "idt base address should not be 0");
+}
+
 static struct kvm_tdx_capabilities *tdx_read_capabilities(struct kvm_vm *v=
m)
 {
 	struct kvm_tdx_capabilities *tdx_cap =3D NULL;

--=20
2.54.0.746.g67dd491aae-goog
From nobody Sun May 24 19:34:54 2026
Received: from mail-pg1-f201.google.com (mail-pg1-f201.google.com
 [209.85.215.201])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id 5916C365A1D
	for <linux-kernel@vger.kernel.org>; Thu, 21 May 2026 23:17:34 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org;
 arc=none smtp.client-ip=209.85.215.201
ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;
	t=1779405456; cv=none;
 b=KMjHl0vo4p5rcNBi9K2l9fME20pEVYFQdbHFaYr3s4Htx6PDCGnH5s6pJea2/irIRRPyQ12HKaOp3OdVniPZpSjAFEjrnBxCmE0i8xQmP9NLxIoiLn1VHzBpriveGMLoleFt5Ri7viiS6VIqWMkhnC1lkZ3aV+73RG53wX9Tl9U=
ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org;
	s=arc-20240116; t=1779405456; c=relaxed/simple;
	bh=JnAB6QOxWpHlGcbP0fmoB+xvPSibMNTRiB0Xtn3yzBk=;
	h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From:
	 To:Cc:Content-Type;
 b=nI6PikAo/mel3gfHPhcZSjolYF1j1kPyyoQjY1f8Rz/0O/BePFL7KxoYHaHhRjI/knufYhEn1dOXGIFsVyqrTAayEl4Nd/VNWQxn9yvH5dybfFPMrkqfCCQN+Sf2P52OrvK9YO0U2aRAHsnoKnnEL2vEoHrcl5V097o6x8y2enQ=
ARC-Authentication-Results: i=1; smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com;
 spf=pass smtp.mailfrom=flex--wyihan.bounces.google.com;
 dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b=V3UFWyUW; arc=none smtp.client-ip=209.85.215.201
Authentication-Results: smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com
Authentication-Results: smtp.subspace.kernel.org;
 spf=pass smtp.mailfrom=flex--wyihan.bounces.google.com
Authentication-Results: smtp.subspace.kernel.org;
	dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b="V3UFWyUW"
Received: by mail-pg1-f201.google.com with SMTP id
 41be03b00d2f7-c82894155ceso9400962a12.1
        for <linux-kernel@vger.kernel.org>;
 Thu, 21 May 2026 16:17:34 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=google.com; s=20251104; t=1779405453; x=1780010253;
 darn=vger.kernel.org;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:from:to:cc:subject:date:message-id:reply-to;
        bh=CYqvejVJWhV6aW28w0DTqDCei/XyqM9XZYqN7Ny5D3U=;
        b=V3UFWyUW04PJpT9i8qgC0c8lCg2wod2J74mW8BigXkwTyZ2+F0aAWFeaxETIUK2h3D
         KJJp3AB79WHmaBoofvWdiLgOou3fKlkkwYo6OV1ynFib6LX1MymHIu+FkIVAssViSygI
         I9Fv5ozlsKrDcf7sj51nq0Q+e7ZHZzLF2vGDDaLeXs5OeR6y3FkHLhVXXxWkz14qQdte
         lWcFzzjLVHOzkD5+uCG88hcooiz+Nwu/ZZwzNt4PYFGuxkQ/vUM9DwfLC0t07Q2Ur53c
         lV4ct0LOJC+vk3Ne6BDKnA/HIEsknFhGPubNFKq9t+VyJUNt7nyrLVFt2FX338RKRrtU
         tTug==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20251104; t=1779405453; x=1780010253;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to;
        bh=CYqvejVJWhV6aW28w0DTqDCei/XyqM9XZYqN7Ny5D3U=;
        b=jKFn5j4/+DEeX9+7Uo3X0m1sggkg7Fpogs+WCdwvZNBS5zbY3qvRfapju4eLugEZEx
         QX+NteHTwgn6NnvGC8MWLiNhOHnbIN1iSNMFjve7u6STjhm8QQM2Ag+7QhPNkZb3O+9J
         l1wyLvsVw5cWi1vKpLunvc8Q4Zu/PQFM+QuPEA7j3AK0nxU++3pedeaDl0kA+2f2EQXF
         ZOYumF6OIFE+iEThVS2m+LNVlSUzh522xJU8F061VFFsiymNkWCGIH2hAvjbAXOwyOVx
         VEDwIHfOhHUEnpRB9EtE0WVBLIxlgXWdjMQNjGnItbZIEUo/ATamu3ksrMLdRDf6qCSJ
         n4Eg==
X-Forwarded-Encrypted: i=1;
 AFNElJ8eXS3XPWSH6YfET5/zne20uhurihRAz+iuIsYbXEKC3yPUXGw3HXZFfTChcuw2ci6YBHwmCP75V7ongfs=@vger.kernel.org
X-Gm-Message-State: AOJu0Yz4BaFbp2DpoRaidTMcXhR74lfw1UvuL50R04pbh/XoIgKl9tk/
	ai3AZWVicmEyZfEew/CwqNy/8v2ZEpYxzcKINfJ2njlBvqyzgz1HyvRsiZrW/K0kWOJaERGmZT1
	T0G9T+g==
X-Received: from pgjp8.prod.google.com ([2002:a63:e648:0:b0:c82:7805:9e3d])
 (user=wyihan job=prod-delivery.src-stubby-dispatcher) by
 2002:a05:6a20:d491:b0:3b2:8675:4866
 with SMTP id adf61e73a8af0-3b328ecda83mr927887637.31.1779405453357; Thu, 21
 May 2026 16:17:33 -0700 (PDT)
Date: Thu, 21 May 2026 23:16:53 +0000
In-Reply-To: <20260521-tdx-selftests-v13-v13-0-6983ae4c3a4d@google.com>
Precedence: bulk
X-Mailing-List: linux-kernel@vger.kernel.org
List-Id: <linux-kernel.vger.kernel.org>
List-Subscribe: <mailto:linux-kernel+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:linux-kernel+unsubscribe@vger.kernel.org>
Mime-Version: 1.0
References: <20260521-tdx-selftests-v13-v13-0-6983ae4c3a4d@google.com>
X-Developer-Key: i=wyihan@google.com; a=ed25519;
 pk=cRi0fKzS5BMxlHyHY2pJv3w/1zcgfYKr6EYGYppdMYc=
X-Developer-Signature: v=1; a=ed25519-sha256; t=1779405439; l=908;
 i=wyihan@google.com; s=20260319; h=from:subject:message-id;
 bh=JnAB6QOxWpHlGcbP0fmoB+xvPSibMNTRiB0Xtn3yzBk=;
 b=z6LbQDrkS1jrkTbATNNebtrydZtJzMJH8yWsyolcf7v1pujKmhYJXQuhs/aFvdKH8ZA4boOf4
 MnOUPP8sDlbDQkfmsmFlhEgnAVOmZXPDV7wEdqlxWWi4QEM78ca2YOR
X-Mailer: b4 0.14.3
Message-ID: <20260521-tdx-selftests-v13-v13-12-6983ae4c3a4d@google.com>
Subject: [PATCH  v13 12/22] KVM: selftests: Back the first memory region with
 guest_memfd for TDX
From: Lisa Wang <wyihan@google.com>
To: Andrew Jones <ajones@ventanamicro.com>,
 Ackerley Tng <ackerleytng@google.com>,
	Binbin Wu <binbin.wu@linux.intel.com>, Chao Gao <chao.gao@intel.com>,
	Chenyi Qiang <chenyi.qiang@intel.com>,
 Dave Hansen <dave.hansen@linux.intel.com>,
	Erdem Aktas <erdemaktas@google.com>, Ira Weiny <ira.weiny@intel.com>,
	Isaku Yamahata <isaku.yamahata@intel.com>, Kiryl Shutsemau <kas@kernel.org>,
	linux-kselftest@vger.kernel.org, Paolo Bonzini <pbonzini@redhat.com>,
	"Pratik R. Sampat" <pratikrajesh.sampat@amd.com>,
 Reinette Chatre <reinette.chatre@intel.com>,
	Rick Edgecombe <rick.p.edgecombe@intel.com>,
 Roger Wang <runanwang@google.com>,
	Ryan Afranji <afranji@google.com>, Sagi Shahar <sagis@google.com>,
	Sean Christopherson <seanjc@google.com>, Shuah Khan <shuah@kernel.org>,
 Oliver Upton <oupton@kernel.org>
Cc: Jeremiah McReynolds <jmcrey@google.com>, kvm@vger.kernel.org,
 linux-coco@lists.linux.dev,
	linux-kernel@vger.kernel.org, x86@kernel.org, Lisa Wang <wyihan@google.com>
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable

Force GUEST_MEMFD for the primary memory region of TDX VMs.

TDX must use guest_memfd for private pages as there is no alternative
mechanism supported by the TDX architecture.

Signed-off-by: Lisa Wang <wyihan@google.com>
---
 tools/testing/selftests/kvm/lib/kvm_util.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/tools/testing/selftests/kvm/lib/kvm_util.c b/tools/testing/sel=
ftests/kvm/lib/kvm_util.c
index d1befa3f4b30..9a29540fff40 100644
--- a/tools/testing/selftests/kvm/lib/kvm_util.c
+++ b/tools/testing/selftests/kvm/lib/kvm_util.c
@@ -472,7 +472,7 @@ void kvm_set_files_rlimit(u32 nr_vcpus)
 static bool is_guest_memfd_required(struct vm_shape shape)
 {
 #ifdef __x86_64__
-	return shape.type =3D=3D KVM_X86_SNP_VM;
+	return (shape.type =3D=3D KVM_X86_SNP_VM || shape.type =3D=3D KVM_X86_TDX=
_VM);
 #else
 	return false;
 #endif

--=20
2.54.0.746.g67dd491aae-goog
From nobody Sun May 24 19:34:54 2026
Received: from mail-pl1-f202.google.com (mail-pl1-f202.google.com
 [209.85.214.202])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id 26BFD37C91E
	for <linux-kernel@vger.kernel.org>; Thu, 21 May 2026 23:17:35 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org;
 arc=none smtp.client-ip=209.85.214.202
ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;
	t=1779405457; cv=none;
 b=RFpyRYEJH9byjAuqIchAAhybWzbRGVCiViMBAWKoBDNKY0C+7peb9m2O1GD37Q/CGiqH40rmm+yHyj8xoebPmPGBqZ2N6vNtgHT6Zsb3oWnTMoJVZJ9fn30lmD/yUVEYjPNscD4k/xKv6fT4Pw3gRm0JItNnPi6LzYEziMqKFPw=
ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org;
	s=arc-20240116; t=1779405457; c=relaxed/simple;
	bh=2vsQeSx+1A1q3XOu0xejVLQWVglIzn9/j5BiP/t6qxQ=;
	h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From:
	 To:Cc:Content-Type;
 b=uUpnfSnDGx2mVosLR02N6vTtpfIOsgaTaLKFtctz218Ru7C3/k0a28Ft4prZZaU99UafK5yPU/AdyRydn+17Dryrbe+tcQE0hycYoYqJQHMSTsNBW0U/Q1jRLcQz7+ZLnB7eRmnao08A3g+s1d1kgGcKhjgb/UQ6kXxLVYlWMfw=
ARC-Authentication-Results: i=1; smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com;
 spf=pass smtp.mailfrom=flex--wyihan.bounces.google.com;
 dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b=Q9xVHij6; arc=none smtp.client-ip=209.85.214.202
Authentication-Results: smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com
Authentication-Results: smtp.subspace.kernel.org;
 spf=pass smtp.mailfrom=flex--wyihan.bounces.google.com
Authentication-Results: smtp.subspace.kernel.org;
	dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b="Q9xVHij6"
Received: by mail-pl1-f202.google.com with SMTP id
 d9443c01a7336-2b9b8137828so67929605ad.0
        for <linux-kernel@vger.kernel.org>;
 Thu, 21 May 2026 16:17:35 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=google.com; s=20251104; t=1779405454; x=1780010254;
 darn=vger.kernel.org;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:from:to:cc:subject:date:message-id:reply-to;
        bh=ZMW2hzqKIiJOAnHmxoFNGrFaTnzCmmooxhb6UYQuxwA=;
        b=Q9xVHij680XJMG8zIDRGQWzk7VrZssf3d6QO+bX/s+QtwjvfmIL4Cc2qvWeMQY5aQA
         llI5AfKO7U28DISaJKkjFecIh9TcBqfz6Fke79RsJYK5tDV0Ttvd+e+NMZptwzuduuer
         TFfIjhr1o5PQ7yfuxmUR8CpRDu4l08St81X1cUTiQI6ikmk+DoN7ScurI2KcYrEYU/W4
         RIeEzPLW809y/c8Epdwx82QCyOfvTBXdaJTpCbairlHwM6KCgH7cQqkrY4hFdppo764Z
         KdlxwEUGdwUr2Tb+rysySj3n5IhLWNf1GvmZ7TpnXRQJBAAgJoSlB+lPevTXctTwnCVf
         XW9A==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20251104; t=1779405454; x=1780010254;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to;
        bh=ZMW2hzqKIiJOAnHmxoFNGrFaTnzCmmooxhb6UYQuxwA=;
        b=SNagXnB6ycWZoM2tLmIbpGKjljvx545AJZ+JluCiqkzQAgTc048MVUw/0Z1UE6QMl/
         BWcRB/s1j864Cf3qjcrVGJpcWlc4gHUIBjQknS4VXez5UqBsvQ5YKc0XaOlWw6zaprM8
         1SNl64hthB9TF5hF0lGShxX7c456Zrvwhi+qk6ULDXN0XpZenBIb77Jk0p7KZtCED8ku
         IJQ6B1Fclm2l2FmGj8OiPlOUuUfDkAaiMlzTtSkG529YZG41NqBMeRaFE5zNWlMOytZk
         67EuYtVDVQKa7/7HAjskvrxzsNY4uMfWr2foXcbZ/wXDEaQa3HQVAD9vYf6BrbvQCffP
         70lA==
X-Forwarded-Encrypted: i=1;
 AFNElJ9yIyOIj9D9ctaxyVRMzpk1txZU1/FOKIYq22Q6c/Q3et0qLI8lg6/bxi7FY7he2jFOL/ApM7dkTTT+jq0=@vger.kernel.org
X-Gm-Message-State: AOJu0Yw+DDQ1P2BTN8t6gSgsbegmaRawABwM4I0lxob9nHar3bHj+ALS
	m441Fh0SaoPG9G650ihe56Qgc3fl8h6WpRfhcVbrhreqCRignjgrwr1ihCpOejuuWMHFrjhrxOg
	QcchFbQ==
X-Received: from plbky6.prod.google.com ([2002:a17:902:f986:b0:2b0:b22a:e6ef])
 (user=wyihan job=prod-delivery.src-stubby-dispatcher) by
 2002:a17:903:2446:b0:2bd:2439:25e9
 with SMTP id d9443c01a7336-2beb073a217mr8724975ad.40.1779405454203; Thu, 21
 May 2026 16:17:34 -0700 (PDT)
Date: Thu, 21 May 2026 23:16:54 +0000
In-Reply-To: <20260521-tdx-selftests-v13-v13-0-6983ae4c3a4d@google.com>
Precedence: bulk
X-Mailing-List: linux-kernel@vger.kernel.org
List-Id: <linux-kernel.vger.kernel.org>
List-Subscribe: <mailto:linux-kernel+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:linux-kernel+unsubscribe@vger.kernel.org>
Mime-Version: 1.0
References: <20260521-tdx-selftests-v13-v13-0-6983ae4c3a4d@google.com>
X-Developer-Key: i=wyihan@google.com; a=ed25519;
 pk=cRi0fKzS5BMxlHyHY2pJv3w/1zcgfYKr6EYGYppdMYc=
X-Developer-Signature: v=1; a=ed25519-sha256; t=1779405439; l=2055;
 i=wyihan@google.com; s=20260319; h=from:subject:message-id;
 bh=2vsQeSx+1A1q3XOu0xejVLQWVglIzn9/j5BiP/t6qxQ=;
 b=QLbF+qF+jvwNKoJMNZqmTPEK2KUYuH4T+RynDV6W9IpZjfp4BqRXn02+mT8N0u1xqWIwrE4AK
 Ll2nxFt9Q87AQQ5+lKvY9Hhrh5YRujIkDXXeae0R0//OnF0iOaEKPOM
X-Mailer: b4 0.14.3
Message-ID: <20260521-tdx-selftests-v13-v13-13-6983ae4c3a4d@google.com>
Subject: [PATCH  v13 13/22] KVM: selftests: Set first memory region as shared
 if guest_memfd
From: Lisa Wang <wyihan@google.com>
To: Andrew Jones <ajones@ventanamicro.com>,
 Ackerley Tng <ackerleytng@google.com>,
	Binbin Wu <binbin.wu@linux.intel.com>, Chao Gao <chao.gao@intel.com>,
	Chenyi Qiang <chenyi.qiang@intel.com>,
 Dave Hansen <dave.hansen@linux.intel.com>,
	Erdem Aktas <erdemaktas@google.com>, Ira Weiny <ira.weiny@intel.com>,
	Isaku Yamahata <isaku.yamahata@intel.com>, Kiryl Shutsemau <kas@kernel.org>,
	linux-kselftest@vger.kernel.org, Paolo Bonzini <pbonzini@redhat.com>,
	"Pratik R. Sampat" <pratikrajesh.sampat@amd.com>,
 Reinette Chatre <reinette.chatre@intel.com>,
	Rick Edgecombe <rick.p.edgecombe@intel.com>,
 Roger Wang <runanwang@google.com>,
	Ryan Afranji <afranji@google.com>, Sagi Shahar <sagis@google.com>,
	Sean Christopherson <seanjc@google.com>, Shuah Khan <shuah@kernel.org>,
 Oliver Upton <oupton@kernel.org>
Cc: Jeremiah McReynolds <jmcrey@google.com>, kvm@vger.kernel.org,
 linux-coco@lists.linux.dev,
	linux-kernel@vger.kernel.org, x86@kernel.org, Lisa Wang <wyihan@google.com>
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable

Set the initial state of the first memory region as shared if it is
backed by guest_memfd, so that the KVM selftest framework functions can
populate mmap()-ed guest_memfd memory the same way memory from other
memory providers are populated.

For CoCo VMs, pages that need to be private are explicitly set to
private before executing the VM.

Signed-off-by: Lisa Wang <wyihan@google.com>
---
 tools/testing/selftests/kvm/lib/kvm_util.c | 16 ++++++++++------
 1 file changed, 10 insertions(+), 6 deletions(-)

diff --git a/tools/testing/selftests/kvm/lib/kvm_util.c b/tools/testing/sel=
ftests/kvm/lib/kvm_util.c
index 9a29540fff40..1bab7d76a59c 100644
--- a/tools/testing/selftests/kvm/lib/kvm_util.c
+++ b/tools/testing/selftests/kvm/lib/kvm_util.c
@@ -484,8 +484,10 @@ struct kvm_vm *__vm_create(struct vm_shape shape, u32 =
nr_runnable_vcpus,
 	u64 nr_pages =3D vm_nr_pages_required(shape.mode, nr_runnable_vcpus,
 						 nr_extra_pages);
 	struct userspace_mem_region *slot0;
+	u64 gmem_flags =3D 0;
 	struct kvm_vm *vm;
-	int i, flags;
+	int flags =3D 0;
+	int i;
=20
 	kvm_set_files_rlimit(nr_runnable_vcpus);
=20
@@ -495,14 +497,16 @@ struct kvm_vm *__vm_create(struct vm_shape shape, u32=
 nr_runnable_vcpus,
 	vm =3D ____vm_create(shape);
=20
 	/*
-	 * Force GUEST_MEMFD for the primary memory region if necessary, e.g.
-	 * for CoCo VMs that require GUEST_MEMFD backed private memory.
+	 * Force GUEST_MEMFD for the primary memory region if necessary, and
+	 * initialize it as shared so the selftest framework can populate it
+	 * exactly like other memory providers.
 	 */
-	flags =3D 0;
-	if (is_guest_memfd_required(shape))
+	if (is_guest_memfd_required(shape)) {
 		flags |=3D KVM_MEM_GUEST_MEMFD;
+		gmem_flags |=3D GUEST_MEMFD_FLAG_INIT_SHARED;
+	}
=20
-	vm_userspace_mem_region_add(vm, VM_MEM_SRC_ANONYMOUS, 0, 0, nr_pages, fla=
gs);
+	vm_mem_add(vm, VM_MEM_SRC_ANONYMOUS, 0, 0, nr_pages, flags, -1, 0, gmem_f=
lags);
 	for (i =3D 0; i < NR_MEM_REGIONS; i++)
 		vm->memslots[i] =3D 0;
=20

--=20
2.54.0.746.g67dd491aae-goog
From nobody Sun May 24 19:34:54 2026
Received: from mail-pj1-f74.google.com (mail-pj1-f74.google.com
 [209.85.216.74])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id 02E7637D13C
	for <linux-kernel@vger.kernel.org>; Thu, 21 May 2026 23:17:35 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org;
 arc=none smtp.client-ip=209.85.216.74
ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;
	t=1779405458; cv=none;
 b=tN8kkVQ9J9V9Leql9hzlMKrPMwnynBV/OZv3mxMaaPfHxT8EoES6epbKWSjNNNJNgaM5jVynLce/wsbR565tzsRa5Uj/WgHzoXwkxuVS04kQQ/whU0S+55e1yK3JFa/HOEPAELLbYQfN87PFghwgId3/LjNs4fyg2z84zJw+mE8=
ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org;
	s=arc-20240116; t=1779405458; c=relaxed/simple;
	bh=udDXvjbrsQgFgt7qVk8qtnNJ+IfXYTJzUuuEMBgUW3E=;
	h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From:
	 To:Cc:Content-Type;
 b=jJAma72Rc0tySNPSaE3eN4wHi0v92y/SXlOCy/Cag4vgxkzu5XY4qv6w9geDZ9LQDnWe5+8oRXhsHIg7b+RTklKVm1vicscJM4RYI4pZv9o6GTDlX8zcmCPEgHeeTSZRT6QHAY2W+o7IxIeev+lz+l4qWziZ3WLutVkJQSnolZY=
ARC-Authentication-Results: i=1; smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com;
 spf=pass smtp.mailfrom=flex--wyihan.bounces.google.com;
 dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b=mYHjI9LW; arc=none smtp.client-ip=209.85.216.74
Authentication-Results: smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com
Authentication-Results: smtp.subspace.kernel.org;
 spf=pass smtp.mailfrom=flex--wyihan.bounces.google.com
Authentication-Results: smtp.subspace.kernel.org;
	dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b="mYHjI9LW"
Received: by mail-pj1-f74.google.com with SMTP id
 98e67ed59e1d1-3692f395339so6697042a91.1
        for <linux-kernel@vger.kernel.org>;
 Thu, 21 May 2026 16:17:35 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=google.com; s=20251104; t=1779405455; x=1780010255;
 darn=vger.kernel.org;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:from:to:cc:subject:date:message-id:reply-to;
        bh=0ssngaACF1pPA6AFVRZmeIqOo2ZrmTp+xXxStiUyWOw=;
        b=mYHjI9LWJpnDzpSfKMNlKvENJLXBVMPjwzfLkvyG0NgMwb39x4VIguST3D853ZLs5S
         4x9pDt9ATfbHaGcCURxG+++Skoo3WCpeXInqNUYv1LZiiYfENCTZtJRK5NaRYcWFOM0c
         ekRKFTm5W5KpABMlMqmEBVVJerYsigr0gPsN8zz41pEJKWSI0Onq0fdvVb4sdpe4iaiU
         3kJPHhWccJitXy6gJ9hM0hQdxphR6DiZN/RaKd/4BOLxM6pZx4NpHVXtf1TxkX1fazzF
         MFkpJKE7rke5vu1NYr4xC5bhjKu787YjtHw16219xuM8i6q4t+hzsqGSE9cI2Wjwpiz8
         5HBg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20251104; t=1779405455; x=1780010255;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to;
        bh=0ssngaACF1pPA6AFVRZmeIqOo2ZrmTp+xXxStiUyWOw=;
        b=YzfwvkWN4PKqgLIAyg0uFnyOLVAxHvm4rQiawnV1Z19ajwMJfSSMJp6Wg4MunydwrY
         3HC7rneLN6viFCnJuL8hl4IppZ7SZRpQg1vyeHd5xJnUSGHRYEGTZ6hHfZsEHceBXRQv
         bkL6rc8Bfcw/KD7ulL/x93KfxJSafhM6NZlLH32jOTp764QiZJ1biBDUgPADpMw4aNbt
         h1arygtevbQe4RyUrsQjekMn9CXR2JKVroM4j8mf5hMAQI7dTd0SmpO/N/TKz36bYbbH
         RzuyIaMtAtfa1QqsPh4LjKT3fbouI0iQo58hT8ThXwqCvb+Cb1Z/cSq5mHQeSHgHiIDs
         YfUw==
X-Forwarded-Encrypted: i=1;
 AFNElJ8LI5707zIHK9idBcFLDqDcxCZMB7P+eunhZyD67q2/PIEB+hM6e/0cJ/AC9FLkY2DAe07ZP9OICBbp3PE=@vger.kernel.org
X-Gm-Message-State: AOJu0YwIA57tXbCC0BeV/g8eAN7AAB0CSsYXqJOBPsnLcty1d7dxP4ki
	SJ3B2dONkV3UZU5SzA66bQpzfAdri1GTwO5yMh3wDuKj5ljrvmZ+goVvkx6OMyt75Bk43k+CkvD
	2XvXcBQ==
X-Received: from plbmg4.prod.google.com ([2002:a17:903:3484:b0:2bd:4d9a:20b3])
 (user=wyihan job=prod-delivery.src-stubby-dispatcher) by
 2002:a17:903:4b48:b0:2bd:ba75:81c4
 with SMTP id d9443c01a7336-2beb05d9d4cmr9896875ad.13.1779405455121; Thu, 21
 May 2026 16:17:35 -0700 (PDT)
Date: Thu, 21 May 2026 23:16:55 +0000
In-Reply-To: <20260521-tdx-selftests-v13-v13-0-6983ae4c3a4d@google.com>
Precedence: bulk
X-Mailing-List: linux-kernel@vger.kernel.org
List-Id: <linux-kernel.vger.kernel.org>
List-Subscribe: <mailto:linux-kernel+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:linux-kernel+unsubscribe@vger.kernel.org>
Mime-Version: 1.0
References: <20260521-tdx-selftests-v13-v13-0-6983ae4c3a4d@google.com>
X-Developer-Key: i=wyihan@google.com; a=ed25519;
 pk=cRi0fKzS5BMxlHyHY2pJv3w/1zcgfYKr6EYGYppdMYc=
X-Developer-Signature: v=1; a=ed25519-sha256; t=1779405439; l=3023;
 i=wyihan@google.com; s=20260319; h=from:subject:message-id;
 bh=Ki6Ro/RympvdJQKZ3KpSyOqEmxDilEWNNZSaA2+PhPg=;
 b=jAtvfx/1WqUdQdC9BMuOORGL6WZjJo5rYK84U8hDNsisbvaK4Z0zLQYPqfV9EPP+ce1U4elTx
 q55psohvAkLCorHDAehIti+DZZ+gWYmB5aGGQuW0FdGP6VnRb+UOA5m
X-Mailer: b4 0.14.3
Message-ID: <20260521-tdx-selftests-v13-v13-14-6983ae4c3a4d@google.com>
Subject: [PATCH  v13 14/22] KVM: selftests: Expose function to allocate vCPU
 stack
From: Lisa Wang <wyihan@google.com>
To: Andrew Jones <ajones@ventanamicro.com>,
 Ackerley Tng <ackerleytng@google.com>,
	Binbin Wu <binbin.wu@linux.intel.com>, Chao Gao <chao.gao@intel.com>,
	Chenyi Qiang <chenyi.qiang@intel.com>,
 Dave Hansen <dave.hansen@linux.intel.com>,
	Erdem Aktas <erdemaktas@google.com>, Ira Weiny <ira.weiny@intel.com>,
	Isaku Yamahata <isaku.yamahata@intel.com>, Kiryl Shutsemau <kas@kernel.org>,
	linux-kselftest@vger.kernel.org, Paolo Bonzini <pbonzini@redhat.com>,
	"Pratik R. Sampat" <pratikrajesh.sampat@amd.com>,
 Reinette Chatre <reinette.chatre@intel.com>,
	Rick Edgecombe <rick.p.edgecombe@intel.com>,
 Roger Wang <runanwang@google.com>,
	Ryan Afranji <afranji@google.com>, Sagi Shahar <sagis@google.com>,
	Sean Christopherson <seanjc@google.com>, Shuah Khan <shuah@kernel.org>,
 Oliver Upton <oupton@kernel.org>
Cc: Jeremiah McReynolds <jmcrey@google.com>, kvm@vger.kernel.org,
 linux-coco@lists.linux.dev,
	linux-kernel@vger.kernel.org, x86@kernel.org, Lisa Wang <wyihan@google.com>
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable

From: Sagi Shahar <sagis@google.com>

Introduce kvm_allocate_vcpu_stack() to allocate a vCPU's stack
in preparation for TDX to allocate a vCPU's stack and initialize
its stack pointer.

TDX VMs' registers are protected state and cannot be initialized
using the KVM_SET_REGS ioctl() that is used for normal VMs. A TDX
vCPU's stack address will be a property of the TDX specific boot code
that initializes the vCPUs' stack pointers at boot.

Reviewed-by: Binbin Wu <binbin.wu@linux.intel.com>
Signed-off-by: Sagi Shahar <sagis@google.com>
Reviewed-by: Ira Weiny <ira.weiny@intel.com>
Signed-off-by: Lisa Wang <wyihan@google.com>
---
 tools/testing/selftests/kvm/include/x86/processor.h |  2 ++
 tools/testing/selftests/kvm/lib/x86/processor.c     | 16 +++++++++++-----
 2 files changed, 13 insertions(+), 5 deletions(-)

diff --git a/tools/testing/selftests/kvm/include/x86/processor.h b/tools/te=
sting/selftests/kvm/include/x86/processor.h
index 1ebf161ec5d0..ed9c031b77b8 100644
--- a/tools/testing/selftests/kvm/include/x86/processor.h
+++ b/tools/testing/selftests/kvm/include/x86/processor.h
@@ -1142,6 +1142,8 @@ static inline void vcpu_clear_cpuid_feature(struct kv=
m_vcpu *vcpu,
 	vcpu_set_or_clear_cpuid_feature(vcpu, feature, false);
 }
=20
+gva_t kvm_allocate_vcpu_stack(struct kvm_vm *vm);
+
 u64 vcpu_get_msr(struct kvm_vcpu *vcpu, u64 msr_index);
 int _vcpu_set_msr(struct kvm_vcpu *vcpu, u64 msr_index, u64 msr_value);
=20
diff --git a/tools/testing/selftests/kvm/lib/x86/processor.c b/tools/testin=
g/selftests/kvm/lib/x86/processor.c
index c7c4a37b3170..8b0aa64384a1 100644
--- a/tools/testing/selftests/kvm/lib/x86/processor.c
+++ b/tools/testing/selftests/kvm/lib/x86/processor.c
@@ -813,12 +813,9 @@ void vcpu_arch_set_entry_point(struct kvm_vcpu *vcpu, =
void *guest_code)
 	vcpu_regs_set(vcpu, &regs);
 }
=20
-struct kvm_vcpu *vm_arch_vcpu_add(struct kvm_vm *vm, u32 vcpu_id)
+gva_t kvm_allocate_vcpu_stack(struct kvm_vm *vm)
 {
-	struct kvm_mp_state mp_state;
-	struct kvm_regs regs;
 	gva_t stack_gva;
-	struct kvm_vcpu *vcpu;
=20
 	stack_gva =3D __vm_alloc(vm, DEFAULT_STACK_PGS * getpagesize(),
 			       DEFAULT_GUEST_STACK_VADDR_MIN, MEM_REGION_DATA);
@@ -838,6 +835,15 @@ struct kvm_vcpu *vm_arch_vcpu_add(struct kvm_vm *vm, u=
32 vcpu_id)
 		    "__vm_alloc() did not provide a page-aligned address");
 	stack_gva -=3D 8;
=20
+	return stack_gva;
+}
+
+struct kvm_vcpu *vm_arch_vcpu_add(struct kvm_vm *vm, u32 vcpu_id)
+{
+	struct kvm_mp_state mp_state;
+	struct kvm_vcpu *vcpu;
+	struct kvm_regs regs;
+
 	vcpu =3D __vm_vcpu_add(vm, vcpu_id);
 	vcpu_init_cpuid(vcpu, kvm_get_supported_cpuid());
 	vcpu_init_sregs(vm, vcpu);
@@ -846,7 +852,7 @@ struct kvm_vcpu *vm_arch_vcpu_add(struct kvm_vm *vm, u3=
2 vcpu_id)
 	/* Setup guest general purpose registers */
 	vcpu_regs_get(vcpu, &regs);
 	regs.rflags =3D regs.rflags | 0x2;
-	regs.rsp =3D stack_gva;
+	regs.rsp =3D kvm_allocate_vcpu_stack(vm);
 	vcpu_regs_set(vcpu, &regs);
=20
 	/* Setup the MP state */

--=20
2.54.0.746.g67dd491aae-goog
From nobody Sun May 24 19:34:55 2026
Received: from mail-pg1-f202.google.com (mail-pg1-f202.google.com
 [209.85.215.202])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id 2EBF237268D
	for <linux-kernel@vger.kernel.org>; Thu, 21 May 2026 23:17:36 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org;
 arc=none smtp.client-ip=209.85.215.202
ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;
	t=1779405459; cv=none;
 b=kLoeW4jmuMdzMzjiep3++bOeCUAeCEpBrGA6Rp+TJ83r2hehnM+03Y6tiJRbyTiMrzC5CaLb1+R10hS/jr0aFcn2Jit7Am82xBJeglBkH+DA1T0QyQTORIQ55JG03yYsj6+UbSn278+r5y1wznQe/rGQsmWuZ7LOHi2yTBpkgms=
ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org;
	s=arc-20240116; t=1779405459; c=relaxed/simple;
	bh=D9P4tE7ZCaYPM4Lo49MsNRm8+yLU+Sliee5dpTvJ25w=;
	h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From:
	 To:Cc:Content-Type;
 b=K3PnqunXg36YzSFkjCGgXDIjncknrb0nVwlIuoQywUHfppfLigTRoLBud8wfOYTkLDqPOlZloqVzsLWAXuKpM5AaJfvJcVSdcxv57wLHmDisgALtBqqyb8xtn+uKaZfVOCIxqDpllrZZWYgvfuRvPyut5HXMp4hxYpBk7plHqrQ=
ARC-Authentication-Results: i=1; smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com;
 spf=pass smtp.mailfrom=flex--wyihan.bounces.google.com;
 dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b=vYAqQt0M; arc=none smtp.client-ip=209.85.215.202
Authentication-Results: smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com
Authentication-Results: smtp.subspace.kernel.org;
 spf=pass smtp.mailfrom=flex--wyihan.bounces.google.com
Authentication-Results: smtp.subspace.kernel.org;
	dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b="vYAqQt0M"
Received: by mail-pg1-f202.google.com with SMTP id
 41be03b00d2f7-c850fcc89d1so922001a12.1
        for <linux-kernel@vger.kernel.org>;
 Thu, 21 May 2026 16:17:36 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=google.com; s=20251104; t=1779405456; x=1780010256;
 darn=vger.kernel.org;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:from:to:cc:subject:date:message-id:reply-to;
        bh=fal733LKjrF+aMDpk8cvZFYXhl0cvYkDiUzCCzsnAww=;
        b=vYAqQt0Mk94VQz23WYEyatsySoqYDAdB7B8YfsOQVWLpz+dL8XUNIIloUL1K3TgRR8
         6Gch7BiEr89MCamnGAdNY5a5snkGisc3X3l9twlCn1cGtWOzBKDwuFcUbn911MfFD72g
         P5iIPq+qndUFTW5QCUl7vpVKM2i5ulLztlArGTBvPhCA2rcX14JhApMObfuYFSH7+xIx
         uNULUSlRvb8NQQNtPtbww4F1Ie6Xy9Navr1eyNro2ha25i+KzgnCIclNXP+phBsPrjJj
         X/D4wHS9Djd2iBFGyMV2ASvRzw5/0I+lAjOGtXveHGg4eA+kNRl5ESnUmXzXBGVLmDBx
         nW5g==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20251104; t=1779405456; x=1780010256;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to;
        bh=fal733LKjrF+aMDpk8cvZFYXhl0cvYkDiUzCCzsnAww=;
        b=cLwMGLT1eRiSasyfmdw/WzKy8vvIjGe77xQloLCW7iO9yB1z8Qaz/ZrTEvt3rrLXi7
         hg0u3S1VtVUPv97STAbHkVgLA75pMSgikfsw95BXZ011p+yuomdqHaTnGlp8uQyGxacJ
         dn2ZESHF7aoW+kyZzrwLlcLkK3yRp69BTsH45tZlQWLMNiVUa6ES/I89I9HdiQ+0aQtl
         ERS9ARGbdg9N6lQWjGXCwvT4jXwIKOPWRDdob+99J1F9bUhTR59xFWqa9WKNho54TQaa
         cOet0uxzLI3VFOmAu9Nzrh0K09JAsHnf+WkpqLjMy1aObU0y0lNNMjsD3g3PLc8kMifR
         sbZA==
X-Forwarded-Encrypted: i=1;
 AFNElJ+tn6HGYyCVRehmT6l0NQgTGMb3pqTkCttj4HcsqJng7IdPW/K6xT9bc1tQ94BDNZzX4uGKtuVtQsJPXOI=@vger.kernel.org
X-Gm-Message-State: AOJu0YwNMCi0eZspLcId6uKndJKvgoBG5/xjidp7sYq1VeWGm/bSak3I
	JZH/PQcs6hHcNpRhOjhFVlH6z8vXAiaAD6W0Y9b0AjWHJy9kYeJKX+UzZgK4UeI54nv2Xw+ncXI
	NnV6EiQ==
X-Received: from pgjp8.prod.google.com ([2002:a63:e648:0:b0:c82:7805:9e3d])
 (user=wyihan job=prod-delivery.src-stubby-dispatcher) by
 2002:a05:6a21:d86:b0:3b3:2703:117
 with SMTP id adf61e73a8af0-3b3293ba4b1mr850267637.41.1779405456015; Thu, 21
 May 2026 16:17:36 -0700 (PDT)
Date: Thu, 21 May 2026 23:16:56 +0000
In-Reply-To: <20260521-tdx-selftests-v13-v13-0-6983ae4c3a4d@google.com>
Precedence: bulk
X-Mailing-List: linux-kernel@vger.kernel.org
List-Id: <linux-kernel.vger.kernel.org>
List-Subscribe: <mailto:linux-kernel+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:linux-kernel+unsubscribe@vger.kernel.org>
Mime-Version: 1.0
References: <20260521-tdx-selftests-v13-v13-0-6983ae4c3a4d@google.com>
X-Developer-Key: i=wyihan@google.com; a=ed25519;
 pk=cRi0fKzS5BMxlHyHY2pJv3w/1zcgfYKr6EYGYppdMYc=
X-Developer-Signature: v=1; a=ed25519-sha256; t=1779405439; l=3611;
 i=wyihan@google.com; s=20260319; h=from:subject:message-id;
 bh=E/2s/eNKzRwgdQCwtrmupmp2YCJsCjvR2i/0uIlmg2Q=;
 b=Swfurcg53BseZBzTaHEl3au1Y9oIM0oCuSEReJiWE4K0//Cc7hFlYPMq0rXNDoeKRNIgZIPoT
 NeEz6rKaTbfCT2pCI6J1SMuW7t1VBKiqv7rOlRakIJw9SUOF2RdHH6i
X-Mailer: b4 0.14.3
Message-ID: <20260521-tdx-selftests-v13-v13-15-6983ae4c3a4d@google.com>
Subject: [PATCH  v13 15/22] KVM: selftests: Call KVM_TDX_INIT_VCPU when
 creating a new TDX vcpu
From: Lisa Wang <wyihan@google.com>
To: Andrew Jones <ajones@ventanamicro.com>,
 Ackerley Tng <ackerleytng@google.com>,
	Binbin Wu <binbin.wu@linux.intel.com>, Chao Gao <chao.gao@intel.com>,
	Chenyi Qiang <chenyi.qiang@intel.com>,
 Dave Hansen <dave.hansen@linux.intel.com>,
	Erdem Aktas <erdemaktas@google.com>, Ira Weiny <ira.weiny@intel.com>,
	Isaku Yamahata <isaku.yamahata@intel.com>, Kiryl Shutsemau <kas@kernel.org>,
	linux-kselftest@vger.kernel.org, Paolo Bonzini <pbonzini@redhat.com>,
	"Pratik R. Sampat" <pratikrajesh.sampat@amd.com>,
 Reinette Chatre <reinette.chatre@intel.com>,
	Rick Edgecombe <rick.p.edgecombe@intel.com>,
 Roger Wang <runanwang@google.com>,
	Ryan Afranji <afranji@google.com>, Sagi Shahar <sagis@google.com>,
	Sean Christopherson <seanjc@google.com>, Shuah Khan <shuah@kernel.org>,
 Oliver Upton <oupton@kernel.org>
Cc: Jeremiah McReynolds <jmcrey@google.com>, kvm@vger.kernel.org,
 linux-coco@lists.linux.dev,
	linux-kernel@vger.kernel.org, x86@kernel.org, Lisa Wang <wyihan@google.com>
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable

From: Sagi Shahar <sagis@google.com>

TDX VMs need to issue the KVM_TDX_INIT_VCPU ioctl for each vcpu after
vcpu creation.

Since the cpuids for TD are managed by the TDX module, read the values
virtualized for the TD using KVM_TDX_GET_CPUID and set them in kvm using
KVM_SET_CPUID2 so that kvm has an accurate view of the VM cpuid values.

Signed-off-by: Sagi Shahar <sagis@google.com>
Signed-off-by: Lisa Wang <wyihan@google.com>
---
 .../selftests/kvm/include/x86/tdx/tdx_util.h       | 24 ++++++++++++++++
 tools/testing/selftests/kvm/lib/x86/processor.c    | 33 ++++++++++++++++--=
----
 2 files changed, 49 insertions(+), 8 deletions(-)

diff --git a/tools/testing/selftests/kvm/include/x86/tdx/tdx_util.h b/tools=
/testing/selftests/kvm/include/x86/tdx/tdx_util.h
index 9660ea9d2f31..4d01f806b37d 100644
--- a/tools/testing/selftests/kvm/include/x86/tdx/tdx_util.h
+++ b/tools/testing/selftests/kvm/include/x86/tdx/tdx_util.h
@@ -39,6 +39,30 @@ static inline bool is_tdx_vm(struct kvm_vm *vm)
 	__TEST_ASSERT_VM_VCPU_IOCTL(!ret, #cmd,	ret, vm);		\
 })
=20
+#define __tdx_vcpu_ioctl(vcpu, cmd, _flags, arg)			\
+({									\
+	int r;								\
+									\
+	union {								\
+		struct kvm_tdx_cmd c;					\
+		unsigned long raw;					\
+	} tdx_cmd =3D { .c =3D {						\
+		.id =3D (cmd),						\
+		.flags =3D (u32)(_flags),				\
+		.data =3D (u64)(arg),				\
+	} };								\
+									\
+	r =3D __vcpu_ioctl(vcpu, KVM_MEMORY_ENCRYPT_OP, &tdx_cmd.raw);	\
+	r ?: tdx_cmd.c.hw_error;					\
+})
+
+#define tdx_vcpu_ioctl(vcpu, cmd, flags, arg)				\
+({									\
+	int ret =3D __tdx_vcpu_ioctl(vcpu, cmd, flags, arg);		\
+									\
+	__TEST_ASSERT_VM_VCPU_IOCTL(!ret, #cmd,	ret, (vcpu)->vm);	\
+})
+
 void tdx_init_vm(struct kvm_vm *vm, u64 attributes);
 void tdx_vm_setup_boot_code_region(struct kvm_vm *vm);
 void tdx_vm_setup_boot_parameters_region(struct kvm_vm *vm, u32 nr_runnabl=
e_vcpus);
diff --git a/tools/testing/selftests/kvm/lib/x86/processor.c b/tools/testin=
g/selftests/kvm/lib/x86/processor.c
index 8b0aa64384a1..757da2295ba0 100644
--- a/tools/testing/selftests/kvm/lib/x86/processor.c
+++ b/tools/testing/selftests/kvm/lib/x86/processor.c
@@ -838,6 +838,17 @@ gva_t kvm_allocate_vcpu_stack(struct kvm_vm *vm)
 	return stack_gva;
 }
=20
+static void tdx_vcpu_init(struct kvm_vm *vm, struct kvm_vcpu *vcpu)
+{
+	struct kvm_cpuid2 *cpuid;
+
+	cpuid =3D allocate_kvm_cpuid2(MAX_NR_CPUID_ENTRIES);
+	tdx_vcpu_ioctl(vcpu, KVM_TDX_GET_CPUID, 0, cpuid);
+	vcpu_init_cpuid(vcpu, cpuid);
+	free(cpuid);
+	tdx_vcpu_ioctl(vcpu, KVM_TDX_INIT_VCPU, 0, NULL);
+}
+
 struct kvm_vcpu *vm_arch_vcpu_add(struct kvm_vm *vm, u32 vcpu_id)
 {
 	struct kvm_mp_state mp_state;
@@ -845,15 +856,21 @@ struct kvm_vcpu *vm_arch_vcpu_add(struct kvm_vm *vm, =
u32 vcpu_id)
 	struct kvm_regs regs;
=20
 	vcpu =3D __vm_vcpu_add(vm, vcpu_id);
-	vcpu_init_cpuid(vcpu, kvm_get_supported_cpuid());
-	vcpu_init_sregs(vm, vcpu);
-	vcpu_init_xcrs(vm, vcpu);
=20
-	/* Setup guest general purpose registers */
-	vcpu_regs_get(vcpu, &regs);
-	regs.rflags =3D regs.rflags | 0x2;
-	regs.rsp =3D kvm_allocate_vcpu_stack(vm);
-	vcpu_regs_set(vcpu, &regs);
+	if (is_tdx_vm(vm)) {
+		tdx_vcpu_init(vm, vcpu);
+	} else {
+		vcpu_init_cpuid(vcpu, kvm_get_supported_cpuid());
+
+		vcpu_init_sregs(vm, vcpu);
+		vcpu_init_xcrs(vm, vcpu);
+
+		/* Setup guest general purpose registers */
+		vcpu_regs_get(vcpu, &regs);
+		regs.rflags =3D regs.rflags | 0x2;
+		regs.rsp =3D kvm_allocate_vcpu_stack(vm);
+		vcpu_regs_set(vcpu, &regs);
+	}
=20
 	/* Setup the MP state */
 	mp_state.mp_state =3D 0;

--=20
2.54.0.746.g67dd491aae-goog
From nobody Sun May 24 19:34:55 2026
Received: from mail-pg1-f201.google.com (mail-pg1-f201.google.com
 [209.85.215.201])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id 1A13637FF5C
	for <linux-kernel@vger.kernel.org>; Thu, 21 May 2026 23:17:38 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org;
 arc=none smtp.client-ip=209.85.215.201
ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;
	t=1779405460; cv=none;
 b=nnryfTXWlWvlD3reTDq54NDcSNhxa6h4HhiWbNG3lqYkltpQdZYxx6/DSeN9CKXxA0syG9jJ7AaovLponoOzxj1XlvTNtW7eW0cojM5K0ikv1avcMCZkWKfdP6Z79dklSpGLmHET43Kk0TaQPIjfqK+WaAgydYJt6ljZigKxI8c=
ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org;
	s=arc-20240116; t=1779405460; c=relaxed/simple;
	bh=qt2LXBAAVSatCHk6qv+r+f44VcaymTYLSqG7UfqKo1s=;
	h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From:
	 To:Cc:Content-Type;
 b=NaBZztMFRcX2hlzE3XMM1rKuUtSZeyMIwbshnsl6eqY+fDedykwwqWOPhyf3n2AVKSo7hvIpZ1a3QQ3kjnBAEzzAKuY3lSfH2ofEwJeqEvBkRAqGQwETSYV/n2uyUHmp2kbcG6CJI9nK5UzzH5dm5sqwyLL71+Vr8/67Bmc1q6A=
ARC-Authentication-Results: i=1; smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com;
 spf=pass smtp.mailfrom=flex--wyihan.bounces.google.com;
 dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b=LLlGG9rh; arc=none smtp.client-ip=209.85.215.201
Authentication-Results: smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com
Authentication-Results: smtp.subspace.kernel.org;
 spf=pass smtp.mailfrom=flex--wyihan.bounces.google.com
Authentication-Results: smtp.subspace.kernel.org;
	dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b="LLlGG9rh"
Received: by mail-pg1-f201.google.com with SMTP id
 41be03b00d2f7-c8514f8ed5dso814920a12.3
        for <linux-kernel@vger.kernel.org>;
 Thu, 21 May 2026 16:17:37 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=google.com; s=20251104; t=1779405457; x=1780010257;
 darn=vger.kernel.org;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:from:to:cc:subject:date:message-id:reply-to;
        bh=kjYeydDvPiSOX/QiZPpD+8PAHMI/7cV8oLRW0sTcZdI=;
        b=LLlGG9rhHlYjTo0tTJyRYbdwbsCC9vDSsuWK5X8c2yToHy0jbSJy6Prh2oqkWrmAtM
         Bz4qcyB4vVBJVxHOcSN9mVtiOjUaPc+MDs384AGTgz9z0cDq54CAaAH+uayY1Rr3y8q0
         gCH6IvMoqNemwhgsKjGA+69F3FTlPPRIXoiMUga0X9KXgnMtiWWpRN0XdyASdBBVn2lB
         8e/OlmBYn62ev2ND1cVQxdRTsDkTD3/Kw84Jx50QhQQHwCf5F6tMAXQ/AE7xTk/P0QOi
         qDIJY6yp85tpmvU95nicwfV8lGfe4e1P4Es0hWjyJQ7rKYu3xtL9PaQB4rAObFmkwu0g
         LLYw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20251104; t=1779405457; x=1780010257;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to;
        bh=kjYeydDvPiSOX/QiZPpD+8PAHMI/7cV8oLRW0sTcZdI=;
        b=nrT13k2OBU2EupyicBKtT+756in+/6RaB4m+drtkucZ84uDS+Z01bZ3I/44eiFagG5
         hjnmkkHrSS5q7apSViLBKGIVGeJ9D0KBv+tWtyN/YWm7ZoqtgyetRo5z4Cjw1kQbaaT/
         8J3HiConQqcujeYj5Q9oD4bT4Igxe7LEkfC9GgnRQa0tWKP4pprOefoZ9Azaq1ERB7aF
         5iAg+U+nA1sD7b8WM1+gTQZ4pgmB0xGj9g+BO5lB3FtZUap623KORM6C+a6ttNlyaTXG
         t+Xiw+tQ+oTKACB0KEkBsprzlPJQxaUnW9hxu3wfL6tz2C3e4solQE7czhjos8umpArq
         Tt4w==
X-Forwarded-Encrypted: i=1;
 AFNElJ+PZjklEdrrkObcXlXDufMorTxGWwj2tZRmDRJ04JkSNeiesM3LYAxcVgHUZRbR3DDPrgYuZgCGr4/Rsg4=@vger.kernel.org
X-Gm-Message-State: AOJu0Yx+bLQquxFxdF6kxfSOWX4PnoTAV29b4QvOhyEwdvMjmE1c8jq7
	Ka/dw7Sj+6VFwt+22M7MdZ4GpYLfA+P+CRXRtAOPvNwuFDAylPEJNn5ymAxV6BK7Upzh7+yTkrQ
	CmcNwYw==
X-Received: from pgjq12.prod.google.com ([2002:a63:e94c:0:b0:c82:2d14:39c8])
 (user=wyihan job=prod-delivery.src-stubby-dispatcher) by
 2002:a05:6a21:600f:b0:35d:5d40:6d79
 with SMTP id adf61e73a8af0-3b329152a47mr703134637.12.1779405456963; Thu, 21
 May 2026 16:17:36 -0700 (PDT)
Date: Thu, 21 May 2026 23:16:57 +0000
In-Reply-To: <20260521-tdx-selftests-v13-v13-0-6983ae4c3a4d@google.com>
Precedence: bulk
X-Mailing-List: linux-kernel@vger.kernel.org
List-Id: <linux-kernel.vger.kernel.org>
List-Subscribe: <mailto:linux-kernel+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:linux-kernel+unsubscribe@vger.kernel.org>
Mime-Version: 1.0
References: <20260521-tdx-selftests-v13-v13-0-6983ae4c3a4d@google.com>
X-Developer-Key: i=wyihan@google.com; a=ed25519;
 pk=cRi0fKzS5BMxlHyHY2pJv3w/1zcgfYKr6EYGYppdMYc=
X-Developer-Signature: v=1; a=ed25519-sha256; t=1779405439; l=2770;
 i=wyihan@google.com; s=20260319; h=from:subject:message-id;
 bh=svONZOzYgvB9uLNw7Dd3f+OSjFLXcc689lDb5h7CPLY=;
 b=NDG/VNPc1LnSu8n/1kL7ViTe0ceOo5Dm6jNO1YYWzgar9WZierYah2T9zWdcmfQa5Gl+NCdoj
 6A/yqBz+EybAB51kiI5NezZ09lf6fMQ49/zfGREJnBtYM1EkZ056LCW
X-Mailer: b4 0.14.3
Message-ID: <20260521-tdx-selftests-v13-v13-16-6983ae4c3a4d@google.com>
Subject: [PATCH  v13 16/22] KVM: selftests: Load per-vCPU guest stack in TDX
 boot parameters
From: Lisa Wang <wyihan@google.com>
To: Andrew Jones <ajones@ventanamicro.com>,
 Ackerley Tng <ackerleytng@google.com>,
	Binbin Wu <binbin.wu@linux.intel.com>, Chao Gao <chao.gao@intel.com>,
	Chenyi Qiang <chenyi.qiang@intel.com>,
 Dave Hansen <dave.hansen@linux.intel.com>,
	Erdem Aktas <erdemaktas@google.com>, Ira Weiny <ira.weiny@intel.com>,
	Isaku Yamahata <isaku.yamahata@intel.com>, Kiryl Shutsemau <kas@kernel.org>,
	linux-kselftest@vger.kernel.org, Paolo Bonzini <pbonzini@redhat.com>,
	"Pratik R. Sampat" <pratikrajesh.sampat@amd.com>,
 Reinette Chatre <reinette.chatre@intel.com>,
	Rick Edgecombe <rick.p.edgecombe@intel.com>,
 Roger Wang <runanwang@google.com>,
	Ryan Afranji <afranji@google.com>, Sagi Shahar <sagis@google.com>,
	Sean Christopherson <seanjc@google.com>, Shuah Khan <shuah@kernel.org>,
 Oliver Upton <oupton@kernel.org>
Cc: Jeremiah McReynolds <jmcrey@google.com>, kvm@vger.kernel.org,
 linux-coco@lists.linux.dev,
	linux-kernel@vger.kernel.org, x86@kernel.org, Lisa Wang <wyihan@google.com>
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable

From: Sagi Shahar <sagis@google.com>

Allocate a guest stack for each vCPU and record the GVA in the TDX boot
parameters region to allow proper vCPU initialization.

Co-developed-by: Ackerley Tng <ackerleytng@google.com>
Signed-off-by: Ackerley Tng <ackerleytng@google.com>
Signed-off-by: Sagi Shahar <sagis@google.com>
Signed-off-by: Lisa Wang <wyihan@google.com>
---
 tools/testing/selftests/kvm/include/x86/tdx/tdx_util.h |  1 +
 tools/testing/selftests/kvm/lib/x86/processor.c        |  2 ++
 tools/testing/selftests/kvm/lib/x86/tdx/tdx_util.c     | 11 +++++++++++
 3 files changed, 14 insertions(+)

diff --git a/tools/testing/selftests/kvm/include/x86/tdx/tdx_util.h b/tools=
/testing/selftests/kvm/include/x86/tdx/tdx_util.h
index 4d01f806b37d..644de6bbec17 100644
--- a/tools/testing/selftests/kvm/include/x86/tdx/tdx_util.h
+++ b/tools/testing/selftests/kvm/include/x86/tdx/tdx_util.h
@@ -67,5 +67,6 @@ void tdx_init_vm(struct kvm_vm *vm, u64 attributes);
 void tdx_vm_setup_boot_code_region(struct kvm_vm *vm);
 void tdx_vm_setup_boot_parameters_region(struct kvm_vm *vm, u32 nr_runnabl=
e_vcpus);
 void tdx_vm_load_common_boot_parameters(struct kvm_vm *vm);
+void tdx_vcpu_load_boot_parameters(struct kvm_vm *vm, struct kvm_vcpu *vcp=
u);
=20
 #endif /* SELFTESTS_TDX_TDX_UTIL_H */
diff --git a/tools/testing/selftests/kvm/lib/x86/processor.c b/tools/testin=
g/selftests/kvm/lib/x86/processor.c
index 757da2295ba0..ba332f279f03 100644
--- a/tools/testing/selftests/kvm/lib/x86/processor.c
+++ b/tools/testing/selftests/kvm/lib/x86/processor.c
@@ -847,6 +847,8 @@ static void tdx_vcpu_init(struct kvm_vm *vm, struct kvm=
_vcpu *vcpu)
 	vcpu_init_cpuid(vcpu, cpuid);
 	free(cpuid);
 	tdx_vcpu_ioctl(vcpu, KVM_TDX_INIT_VCPU, 0, NULL);
+
+	tdx_vcpu_load_boot_parameters(vm, vcpu);
 }
=20
 struct kvm_vcpu *vm_arch_vcpu_add(struct kvm_vm *vm, u32 vcpu_id)
diff --git a/tools/testing/selftests/kvm/lib/x86/tdx/tdx_util.c b/tools/tes=
ting/selftests/kvm/lib/x86/tdx/tdx_util.c
index b16bf24f3ef1..f26d602501b8 100644
--- a/tools/testing/selftests/kvm/lib/x86/tdx/tdx_util.c
+++ b/tools/testing/selftests/kvm/lib/x86/tdx/tdx_util.c
@@ -107,6 +107,17 @@ void tdx_vm_load_common_boot_parameters(struct kvm_vm =
*vm)
 	TEST_ASSERT(params->idtr.base !=3D 0, "idt base address should not be 0");
 }
=20
+void tdx_vcpu_load_boot_parameters(struct kvm_vm *vm, struct kvm_vcpu *vcp=
u)
+{
+	struct td_boot_parameters *params =3D
+		addr_gpa2hva(vm, TD_BOOT_PARAMETERS_GPA);
+	struct td_per_vcpu_parameters *vcpu_params =3D
+		&params->per_vcpu[vcpu->id];
+
+	vcpu_params->esp_gva =3D kvm_allocate_vcpu_stack(vm);
+}
+
+
 static struct kvm_tdx_capabilities *tdx_read_capabilities(struct kvm_vm *v=
m)
 {
 	struct kvm_tdx_capabilities *tdx_cap =3D NULL;

--=20
2.54.0.746.g67dd491aae-goog
From nobody Sun May 24 19:34:55 2026
Received: from mail-pl1-f201.google.com (mail-pl1-f201.google.com
 [209.85.214.201])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id C0971380FE5
	for <linux-kernel@vger.kernel.org>; Thu, 21 May 2026 23:17:38 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org;
 arc=none smtp.client-ip=209.85.214.201
ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;
	t=1779405460; cv=none;
 b=Yaikh1pSYjcdchNb5ArnKmgXslcK6E6/K64g79C3v65PYzWXYfOvqcvHM4aMSUsYHdOF4SGyBDUFJ67vqUuNoGSCTnUWFoMvlsRN5/X8Gyv75IGBMFN/gwd8k8qzN6MUK5zU6rGNJEZvvy/Uv72g8E4pPtrlcGIXF/WoOpAJn1Q=
ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org;
	s=arc-20240116; t=1779405460; c=relaxed/simple;
	bh=DLAtbrHdvo5WvlVNUy3DYeBFnFMkg96Xemd+rnnf2bI=;
	h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From:
	 To:Cc:Content-Type;
 b=jFsglEA4DsQRQylDJCjX4Tw4XCjOOir42GB51tK3LgfVi1P5uengaE88/NEy5n0Rd1MsTcxewv4YqmPieAUuJLaEyUd/fHtgz7bZKs5rgh0g/+F2wagTWQGXlkzPjtsU/tjXX28lu4oKZweFbZlyK7QrvewMM9krzXdNMm8W5D4=
ARC-Authentication-Results: i=1; smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com;
 spf=pass smtp.mailfrom=flex--wyihan.bounces.google.com;
 dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b=tlj9E6dM; arc=none smtp.client-ip=209.85.214.201
Authentication-Results: smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com
Authentication-Results: smtp.subspace.kernel.org;
 spf=pass smtp.mailfrom=flex--wyihan.bounces.google.com
Authentication-Results: smtp.subspace.kernel.org;
	dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b="tlj9E6dM"
Received: by mail-pl1-f201.google.com with SMTP id
 d9443c01a7336-2bd04e4fe3dso119529195ad.3
        for <linux-kernel@vger.kernel.org>;
 Thu, 21 May 2026 16:17:38 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=google.com; s=20251104; t=1779405458; x=1780010258;
 darn=vger.kernel.org;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:from:to:cc:subject:date:message-id:reply-to;
        bh=FPS+sP3pre8chdLQaPvokk18FwKqoIxFKysij7DMlHI=;
        b=tlj9E6dMRJ64zAUsCjC0OrvL6s0rW+FkpXvtI9r4mSWZAPX4WGAgQNRREvZEv6/sdO
         yUIjc6SXs76ZoB3b7uCjNzK9n9P+TM4IhOUsjOwVY7ye50mX++Z9VD0pnf/gkbQDAHv8
         T4iQzqyI0nRMyzXKEf6+C/BMSwWoeCpgxlgQDCooAHQXN6OwGT3azqE7HYzvmvO1w7l7
         ebYocg7cZDk5RctkMk1hqCKRQ4QpmPtVNNidAWVC7FXFkE7AF0QyJBmmCYzHhzmsqnKd
         2694XshGytR91uY8Q7Aresa9+atz6/kJIhc1upuRJS8xY9LKJW+w9jPAM+yq6Ya8+cMo
         5FZA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20251104; t=1779405458; x=1780010258;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to;
        bh=FPS+sP3pre8chdLQaPvokk18FwKqoIxFKysij7DMlHI=;
        b=hpjpX5co7m7opRVFHF+XMSI5RhO0uTm+DVw91XdyhsviibECOLQ9iaWJ5Uwn+S803H
         wzymmUL1fZ9k/G/GNZw0M0hyqNYslHTJlTUX8zHSGv+Uuq4q3Fd4b3h7KKF96PmCmmJd
         703+9+OuQ43xfHFt0dyJY/PSW0rCllZz1N1oIX+OTTpBGBLv3F1/L6lk9yETe2a2tmI8
         5CWTHNermp/RWaofhRLC+hBH4ss+rfFPfmTwqnDtl6fe7P5TMiGgJWhuR/f7eBFxi5KX
         NeANs5/w41SWS3k9Pm7dE0KXXxzlJO08WIrur6BV56QX5IjfL6I/Nf7YtJcWiInI3bNo
         PLSA==
X-Forwarded-Encrypted: i=1;
 AFNElJ8/j1QqBAdmP9bhVQo77Lq9GLqaroSljNFCs2TiLqDp36eZlmpmv1ruxP3SbjND4Wm+3ovDGBZhzPZ6AlQ=@vger.kernel.org
X-Gm-Message-State: AOJu0YyobDeUJqZg86ujniInedFTpzqy6+WYd0G8t0i5Y/Y4w/yQ6d8T
	sOtPQ481axCCCr0PF42LXSkBbhvryV31d+E6A0RPCBqRXcTLLqiReTI5EGFqgtiakh6hl5w68QH
	vP+5E0w==
X-Received: from plrp5.prod.google.com ([2002:a17:902:b085:b0:2ba:3f4e:3d6])
 (user=wyihan job=prod-delivery.src-stubby-dispatcher) by
 2002:a17:902:e88e:b0:2ba:6ca2:bd9
 with SMTP id d9443c01a7336-2beb07032fbmr9695845ad.41.1779405457898; Thu, 21
 May 2026 16:17:37 -0700 (PDT)
Date: Thu, 21 May 2026 23:16:58 +0000
In-Reply-To: <20260521-tdx-selftests-v13-v13-0-6983ae4c3a4d@google.com>
Precedence: bulk
X-Mailing-List: linux-kernel@vger.kernel.org
List-Id: <linux-kernel.vger.kernel.org>
List-Subscribe: <mailto:linux-kernel+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:linux-kernel+unsubscribe@vger.kernel.org>
Mime-Version: 1.0
References: <20260521-tdx-selftests-v13-v13-0-6983ae4c3a4d@google.com>
X-Developer-Key: i=wyihan@google.com; a=ed25519;
 pk=cRi0fKzS5BMxlHyHY2pJv3w/1zcgfYKr6EYGYppdMYc=
X-Developer-Signature: v=1; a=ed25519-sha256; t=1779405439; l=2957;
 i=wyihan@google.com; s=20260319; h=from:subject:message-id;
 bh=75vtIEAl1dKIldzNzTlPnRhKHFkQqQMkW79OfZa3kcE=;
 b=Q9VYAySvG+mi4HBliB0DA/6YC8JFcHSxCIIS/IW7G4YvLcnSpO9YfF7Nkrfxpw+8eXtveLYYt
 Ty96nYghLlbDAvi+eunlB5g1VbkmceAis3Utdu3yMheAU2vWAYRm+sk
X-Mailer: b4 0.14.3
Message-ID: <20260521-tdx-selftests-v13-v13-17-6983ae4c3a4d@google.com>
Subject: [PATCH  v13 17/22] KVM: selftests: Set entry point for TDX guest code
From: Lisa Wang <wyihan@google.com>
To: Andrew Jones <ajones@ventanamicro.com>,
 Ackerley Tng <ackerleytng@google.com>,
	Binbin Wu <binbin.wu@linux.intel.com>, Chao Gao <chao.gao@intel.com>,
	Chenyi Qiang <chenyi.qiang@intel.com>,
 Dave Hansen <dave.hansen@linux.intel.com>,
	Erdem Aktas <erdemaktas@google.com>, Ira Weiny <ira.weiny@intel.com>,
	Isaku Yamahata <isaku.yamahata@intel.com>, Kiryl Shutsemau <kas@kernel.org>,
	linux-kselftest@vger.kernel.org, Paolo Bonzini <pbonzini@redhat.com>,
	"Pratik R. Sampat" <pratikrajesh.sampat@amd.com>,
 Reinette Chatre <reinette.chatre@intel.com>,
	Rick Edgecombe <rick.p.edgecombe@intel.com>,
 Roger Wang <runanwang@google.com>,
	Ryan Afranji <afranji@google.com>, Sagi Shahar <sagis@google.com>,
	Sean Christopherson <seanjc@google.com>, Shuah Khan <shuah@kernel.org>,
 Oliver Upton <oupton@kernel.org>
Cc: Jeremiah McReynolds <jmcrey@google.com>, kvm@vger.kernel.org,
 linux-coco@lists.linux.dev,
	linux-kernel@vger.kernel.org, x86@kernel.org, Lisa Wang <wyihan@google.com>
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable

From: Sagi Shahar <sagis@google.com>

Since the rip register is inaccessible for TDX VMs, we need a different
way to set the guest entry point for TDX VMs. This is done by writing
the guest code address to a predefined location in the guest memory and
loading it into rip as part of the TDX boot code.

Signed-off-by: Sagi Shahar <sagis@google.com>
Signed-off-by: Lisa Wang <wyihan@google.com>
---
 tools/testing/selftests/kvm/include/x86/tdx/tdx_util.h |  1 +
 tools/testing/selftests/kvm/lib/x86/processor.c        | 10 +++++++---
 tools/testing/selftests/kvm/lib/x86/tdx/tdx_util.c     | 10 ++++++++++
 3 files changed, 18 insertions(+), 3 deletions(-)

diff --git a/tools/testing/selftests/kvm/include/x86/tdx/tdx_util.h b/tools=
/testing/selftests/kvm/include/x86/tdx/tdx_util.h
index 644de6bbec17..efa4c7f7b1c1 100644
--- a/tools/testing/selftests/kvm/include/x86/tdx/tdx_util.h
+++ b/tools/testing/selftests/kvm/include/x86/tdx/tdx_util.h
@@ -68,5 +68,6 @@ void tdx_vm_setup_boot_code_region(struct kvm_vm *vm);
 void tdx_vm_setup_boot_parameters_region(struct kvm_vm *vm, u32 nr_runnabl=
e_vcpus);
 void tdx_vm_load_common_boot_parameters(struct kvm_vm *vm);
 void tdx_vcpu_load_boot_parameters(struct kvm_vm *vm, struct kvm_vcpu *vcp=
u);
+void tdx_vcpu_set_entry_point(struct kvm_vcpu *vcpu, void *guest_code);
=20
 #endif /* SELFTESTS_TDX_TDX_UTIL_H */
diff --git a/tools/testing/selftests/kvm/lib/x86/processor.c b/tools/testin=
g/selftests/kvm/lib/x86/processor.c
index ba332f279f03..d84c629a1945 100644
--- a/tools/testing/selftests/kvm/lib/x86/processor.c
+++ b/tools/testing/selftests/kvm/lib/x86/processor.c
@@ -808,9 +808,13 @@ void vcpu_arch_set_entry_point(struct kvm_vcpu *vcpu, =
void *guest_code)
 {
 	struct kvm_regs regs;
=20
-	vcpu_regs_get(vcpu, &regs);
-	regs.rip =3D (unsigned long) guest_code;
-	vcpu_regs_set(vcpu, &regs);
+	if (is_tdx_vm(vcpu->vm)) {
+		tdx_vcpu_set_entry_point(vcpu, guest_code);
+	} else {
+		vcpu_regs_get(vcpu, &regs);
+		regs.rip =3D (unsigned long)guest_code;
+		vcpu_regs_set(vcpu, &regs);
+	}
 }
=20
 gva_t kvm_allocate_vcpu_stack(struct kvm_vm *vm)
diff --git a/tools/testing/selftests/kvm/lib/x86/tdx/tdx_util.c b/tools/tes=
ting/selftests/kvm/lib/x86/tdx/tdx_util.c
index f26d602501b8..158cba1b95e3 100644
--- a/tools/testing/selftests/kvm/lib/x86/tdx/tdx_util.c
+++ b/tools/testing/selftests/kvm/lib/x86/tdx/tdx_util.c
@@ -117,6 +117,16 @@ void tdx_vcpu_load_boot_parameters(struct kvm_vm *vm, =
struct kvm_vcpu *vcpu)
 	vcpu_params->esp_gva =3D kvm_allocate_vcpu_stack(vm);
 }
=20
+void tdx_vcpu_set_entry_point(struct kvm_vcpu *vcpu, void *guest_code)
+{
+	struct td_boot_parameters *params =3D
+		addr_gpa2hva(vcpu->vm, TD_BOOT_PARAMETERS_GPA);
+	struct td_per_vcpu_parameters *vcpu_params =3D
+		&params->per_vcpu[vcpu->id];
+
+	vcpu_params->guest_code =3D (u64)guest_code;
+}
+
=20
 static struct kvm_tdx_capabilities *tdx_read_capabilities(struct kvm_vm *v=
m)
 {

--=20
2.54.0.746.g67dd491aae-goog
From nobody Sun May 24 19:34:55 2026
Received: from mail-pg1-f201.google.com (mail-pg1-f201.google.com
 [209.85.215.201])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id AA8A5382290
	for <linux-kernel@vger.kernel.org>; Thu, 21 May 2026 23:17:39 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org;
 arc=none smtp.client-ip=209.85.215.201
ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;
	t=1779405462; cv=none;
 b=JMM++xMQPqwW8nM18NHbrC83aEiknTghn53Hxdz33cNW4o2NLz82NrHgPlKcbXdw6rxfhz5uhUYPqIpOMLxFR760/vJx7eXJHvQXjiqKNiTW5el1II/LPPMbd0g6M78mvo9m6qly4xLHKvmI8MM7kdlSejxMa5F3sQyCPsT/vFo=
ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org;
	s=arc-20240116; t=1779405462; c=relaxed/simple;
	bh=eCQGEilrFzCSke04dBVK+Ehw7MktZ+9FE7KQ/w4+U38=;
	h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From:
	 To:Cc:Content-Type;
 b=jo6gPtmlwWWZIUbrVwvLLAo6w+GJ0RDYI4zWCFzu2ar3i+ZX1yp0i3STmSw/HslYZ+WeJUgriHQarnmhpOAcrp50eJQCSU91mXwYn9/fXgTSRPbEB09Bk+h4GjXa1a3YC7vONx+I2sE7KHsTZ+u9OA82HTWePDccj0PnPZ+p1us=
ARC-Authentication-Results: i=1; smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com;
 spf=pass smtp.mailfrom=flex--wyihan.bounces.google.com;
 dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b=esQr/2oJ; arc=none smtp.client-ip=209.85.215.201
Authentication-Results: smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com
Authentication-Results: smtp.subspace.kernel.org;
 spf=pass smtp.mailfrom=flex--wyihan.bounces.google.com
Authentication-Results: smtp.subspace.kernel.org;
	dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b="esQr/2oJ"
Received: by mail-pg1-f201.google.com with SMTP id
 41be03b00d2f7-c828cee4fcdso3276683a12.3
        for <linux-kernel@vger.kernel.org>;
 Thu, 21 May 2026 16:17:39 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=google.com; s=20251104; t=1779405459; x=1780010259;
 darn=vger.kernel.org;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:from:to:cc:subject:date:message-id:reply-to;
        bh=ppKjO62UQfdArPgp2kAo56nPWxnTEV/KCrnv6x28ZIU=;
        b=esQr/2oJ+YBUQy+AWIs622u0Pb88TKrRGPVAjmSN03q7AGIMgVl0dpTXwx076LFFVS
         Ar7HlvaxHkAIu9ygHypG8AI6cguZC5lxPKJpIXIhPgVEKy+x3hZa6xobVeOAA+9Q4F3l
         SgKp5arDJfOsU4Ef8j1y5Lpz3rf4Rs4D/EKDOWK24/yECOTX4rphnESrdzrt+YZfzMoj
         t1eKwIiRBif9jKCHZQq1CyOCIBu3PTfEBpzid71fY2Dph2ARyo6u55pr7w9ATJ0KiG3L
         wkiI8drr9Wtl+T5We5MNNAYYnmUsWifeXljNyB6U45w8mjVDI5i8PZE39U2AKrxRaXf1
         v1RQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20251104; t=1779405459; x=1780010259;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to;
        bh=ppKjO62UQfdArPgp2kAo56nPWxnTEV/KCrnv6x28ZIU=;
        b=XDb8f223RkWz5DYy+ZHLmv2sAaC8SH0b6vFSYEHSLE1AB05vPu4BgDiukMkYktLMcl
         Qwy/Wr7FRo4e6o1ogZohZIkAdDdFcX20GjL3H5/KV8oYZwMG2lLLEFjPbS8iyZvueqPa
         EKvO25Gx5vMAt/wDmOlRBmUQ9zBjIRQxxrNoCWAWHWgYDv2gldN68tHIAGj2C9pqSBlC
         JVK3Xhe6P+cCj/8igdLKZpag3MLc0d49PhgaltqyNZ0t+i7LLZaaFC+yy6/LWbcwjnVQ
         hTN2DRfqZ1PSAhXqhAsCsADZhgRo2bsREhehur7lbEGQPDRMWyz3wuA/r1l/TmCZ0njA
         mB0Q==
X-Forwarded-Encrypted: i=1;
 AFNElJ8UztGGzRbegVDEnm3r1iKf54cC0CSIbUURHRHr7mB89JQ2aVG2Qi7RGOPO0HNlVzGDKKYK8AWeXFEobMg=@vger.kernel.org
X-Gm-Message-State: AOJu0YyL2Yd0OChFt8qhvfEDdVusyXL5sm7nmqLSPenrxLxLAIG4SdBp
	eC9VikzaD5RMgZTGYEkGcQPGP2+JHOHbYy84ppTLWtD1DqixVE5uoz/SVBEJWJgqd1boe5FtWFx
	xa4SkUg==
X-Received: from pfbid5.prod.google.com
 ([2002:a05:6a00:8a85:b0:82f:7163:35c4])
 (user=wyihan job=prod-delivery.src-stubby-dispatcher) by
 2002:a05:6a00:aa09:b0:82f:3828:a01d
 with SMTP id d2e1a72fcca58-8415f32e98dmr1146332b3a.29.1779405458780; Thu, 21
 May 2026 16:17:38 -0700 (PDT)
Date: Thu, 21 May 2026 23:16:59 +0000
In-Reply-To: <20260521-tdx-selftests-v13-v13-0-6983ae4c3a4d@google.com>
Precedence: bulk
X-Mailing-List: linux-kernel@vger.kernel.org
List-Id: <linux-kernel.vger.kernel.org>
List-Subscribe: <mailto:linux-kernel+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:linux-kernel+unsubscribe@vger.kernel.org>
Mime-Version: 1.0
References: <20260521-tdx-selftests-v13-v13-0-6983ae4c3a4d@google.com>
X-Developer-Key: i=wyihan@google.com; a=ed25519;
 pk=cRi0fKzS5BMxlHyHY2pJv3w/1zcgfYKr6EYGYppdMYc=
X-Developer-Signature: v=1; a=ed25519-sha256; t=1779405439; l=3960;
 i=wyihan@google.com; s=20260319; h=from:subject:message-id;
 bh=DeOFHqEu6JwczUh+KlQMiTP7jszkBUMlOFVl56kapW0=;
 b=BaP70pJ0S+7VDjL6qRypKTMiI8DdNL0JFqXhlohgbR54il7ooFUZ1U0iS9vbludbI99TR2X+o
 vLvljCK28XHBC76b3d/J5CAI/2QR/2ABg1oQ/b9nrLlu9rmEgsWohUL
X-Mailer: b4 0.14.3
Message-ID: <20260521-tdx-selftests-v13-v13-18-6983ae4c3a4d@google.com>
Subject: [PATCH  v13 18/22] KVM: selftests: Add helpers to init TDX memory and
 finalize VM
From: Lisa Wang <wyihan@google.com>
To: Andrew Jones <ajones@ventanamicro.com>,
 Ackerley Tng <ackerleytng@google.com>,
	Binbin Wu <binbin.wu@linux.intel.com>, Chao Gao <chao.gao@intel.com>,
	Chenyi Qiang <chenyi.qiang@intel.com>,
 Dave Hansen <dave.hansen@linux.intel.com>,
	Erdem Aktas <erdemaktas@google.com>, Ira Weiny <ira.weiny@intel.com>,
	Isaku Yamahata <isaku.yamahata@intel.com>, Kiryl Shutsemau <kas@kernel.org>,
	linux-kselftest@vger.kernel.org, Paolo Bonzini <pbonzini@redhat.com>,
	"Pratik R. Sampat" <pratikrajesh.sampat@amd.com>,
 Reinette Chatre <reinette.chatre@intel.com>,
	Rick Edgecombe <rick.p.edgecombe@intel.com>,
 Roger Wang <runanwang@google.com>,
	Ryan Afranji <afranji@google.com>, Sagi Shahar <sagis@google.com>,
	Sean Christopherson <seanjc@google.com>, Shuah Khan <shuah@kernel.org>,
 Oliver Upton <oupton@kernel.org>
Cc: Jeremiah McReynolds <jmcrey@google.com>, kvm@vger.kernel.org,
 linux-coco@lists.linux.dev,
	linux-kernel@vger.kernel.org, x86@kernel.org, Lisa Wang <wyihan@google.com>
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable

From: Ackerley Tng <ackerleytng@google.com>

TDX protected memory needs to be measured and encrypted before it can be
used by the guest. Traverse the VM's memory regions and initialize all
the protected ranges by calling KVM_TDX_INIT_MEM_REGION.

Once all the memory is initialized, the VM can be finalized by calling
KVM_TDX_FINALIZE_VM.

Signed-off-by: Ackerley Tng <ackerleytng@google.com>
Co-developed-by: Erdem Aktas <erdemaktas@google.com>
Signed-off-by: Erdem Aktas <erdemaktas@google.com>
Co-developed-by: Sagi Shahar <sagis@google.com>
Signed-off-by: Sagi Shahar <sagis@google.com>
Reviewed-by: Binbin Wu <binbin.wu@linux.intel.com>
Reviewed-by: Ira Weiny <ira.weiny@intel.com>
Signed-off-by: Lisa Wang <wyihan@google.com>
---
 .../selftests/kvm/include/x86/tdx/tdx_util.h       |  2 +
 tools/testing/selftests/kvm/lib/x86/tdx/tdx_util.c | 59 ++++++++++++++++++=
++++
 2 files changed, 61 insertions(+)

diff --git a/tools/testing/selftests/kvm/include/x86/tdx/tdx_util.h b/tools=
/testing/selftests/kvm/include/x86/tdx/tdx_util.h
index efa4c7f7b1c1..8276622c50d2 100644
--- a/tools/testing/selftests/kvm/include/x86/tdx/tdx_util.h
+++ b/tools/testing/selftests/kvm/include/x86/tdx/tdx_util.h
@@ -70,4 +70,6 @@ void tdx_vm_load_common_boot_parameters(struct kvm_vm *vm=
);
 void tdx_vcpu_load_boot_parameters(struct kvm_vm *vm, struct kvm_vcpu *vcp=
u);
 void tdx_vcpu_set_entry_point(struct kvm_vcpu *vcpu, void *guest_code);
=20
+void tdx_vm_finalize(struct kvm_vm *vm);
+
 #endif /* SELFTESTS_TDX_TDX_UTIL_H */
diff --git a/tools/testing/selftests/kvm/lib/x86/tdx/tdx_util.c b/tools/tes=
ting/selftests/kvm/lib/x86/tdx/tdx_util.c
index 158cba1b95e3..584e6600b588 100644
--- a/tools/testing/selftests/kvm/lib/x86/tdx/tdx_util.c
+++ b/tools/testing/selftests/kvm/lib/x86/tdx/tdx_util.c
@@ -1,5 +1,7 @@
 // SPDX-License-Identifier: GPL-2.0-only
=20
+#include <linux/align.h>
+
 #include "kvm_util.h"
 #include "processor.h"
 #include "tdx/td_boot.h"
@@ -273,3 +275,60 @@ void tdx_init_vm(struct kvm_vm *vm, u64 attributes)
=20
 	free(init_vm);
 }
+
+static void tdx_init_mem_region(struct kvm_vm *vm, void *source_pages,
+				u64 gpa, u64 size)
+{
+	u32 flags =3D KVM_TDX_MEASURE_MEMORY_REGION;
+	struct kvm_tdx_init_mem_region mem_region =3D {
+		.source_addr =3D (u64)source_pages,
+		.gpa =3D gpa,
+		.nr_pages =3D size / PAGE_SIZE,
+	};
+	struct kvm_vcpu *vcpu;
+
+	vcpu =3D list_first_entry_or_null(&vm->vcpus, struct kvm_vcpu, list);
+
+	TEST_ASSERT(size && IS_ALIGNED(size, PAGE_SIZE),
+		"Cannot add partial pages to the guest memory.\n");
+	TEST_ASSERT(IS_ALIGNED((u64)source_pages, PAGE_SIZE),
+		"Source memory buffer is not page aligned\n");
+	tdx_vcpu_ioctl(vcpu, KVM_TDX_INIT_MEM_REGION, flags, &mem_region);
+}
+
+static void tdx_load_private_memory(struct kvm_vm *vm)
+{
+	struct userspace_mem_region *region;
+	int ctr;
+
+	hash_for_each(vm->regions.slot_hash, ctr, region, slot_node) {
+		const struct sparsebit *protected_pages =3D region->protected_phy_pages;
+		const gpa_t gpa_base =3D region->region.guest_phys_addr;
+		const u64 hva_base =3D region->region.userspace_addr;
+		const sparsebit_idx_t lowest_page_in_region =3D gpa_base >> vm->page_shi=
ft;
+		sparsebit_idx_t i, j;
+
+		if (!sparsebit_any_set(protected_pages))
+			continue;
+
+		TEST_ASSERT(region->region.guest_memfd !=3D -1,
+			    "TD private memory must be backed by guest_memfd");
+
+		sparsebit_for_each_set_range(protected_pages, i, j) {
+			const u64 size_to_load =3D (j - i + 1) * vm->page_size;
+			const u64 offset =3D
+				(i - lowest_page_in_region) * vm->page_size;
+			const u64 hva =3D hva_base + offset;
+			const u64 gpa =3D gpa_base + offset;
+
+			vm_mem_set_private(vm, gpa, size_to_load);
+			tdx_init_mem_region(vm, (void *)hva, gpa, size_to_load);
+		}
+	}
+}
+
+void tdx_vm_finalize(struct kvm_vm *vm)
+{
+	tdx_load_private_memory(vm);
+	tdx_vm_ioctl(vm, KVM_TDX_FINALIZE_VM, 0, NULL);
+}

--=20
2.54.0.746.g67dd491aae-goog
From nobody Sun May 24 19:34:55 2026
Received: from mail-pg1-f202.google.com (mail-pg1-f202.google.com
 [209.85.215.202])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id C4320383303
	for <linux-kernel@vger.kernel.org>; Thu, 21 May 2026 23:17:40 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org;
 arc=none smtp.client-ip=209.85.215.202
ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;
	t=1779405463; cv=none;
 b=dOANF151ji/35RPsGWUuZU1wty5Y05ZWIueufDYYwxSOqCscHkZrgP33ixE0XqCFu74/MAg0oJWn8VpO7R9RJgaI7NPImSk1rdFvLoTPoa6fCNU1+dJVMis8U++GAVMixea9uOter0abYcHQS77KPzzsN7ojPxDp57CSocc7X6Y=
ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org;
	s=arc-20240116; t=1779405463; c=relaxed/simple;
	bh=+rj8HdSHGEhojQ7IgQAe3od4Bm4zlB5m+0z7Vws2xRc=;
	h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From:
	 To:Cc:Content-Type;
 b=paBn1q96KtI/mJ1/9BRC1/aBlI1u+xS6K4ZEHhkr4/T1Ac7rZ382Y4VSN2vnno3FW/54Z2dDqhasYto7YN9ecEs0RWTMbEs4zG/gCiavKUVzDwHkq3RV+G15ruXAyUOw9abdl7+bqsostQr4t8O0iLqcmDmVL8aHmVaDzdkFd0I=
ARC-Authentication-Results: i=1; smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com;
 spf=pass smtp.mailfrom=flex--wyihan.bounces.google.com;
 dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b=bFmgJxAC; arc=none smtp.client-ip=209.85.215.202
Authentication-Results: smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com
Authentication-Results: smtp.subspace.kernel.org;
 spf=pass smtp.mailfrom=flex--wyihan.bounces.google.com
Authentication-Results: smtp.subspace.kernel.org;
	dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b="bFmgJxAC"
Received: by mail-pg1-f202.google.com with SMTP id
 41be03b00d2f7-c829586e894so3479583a12.2
        for <linux-kernel@vger.kernel.org>;
 Thu, 21 May 2026 16:17:40 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=google.com; s=20251104; t=1779405460; x=1780010260;
 darn=vger.kernel.org;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:from:to:cc:subject:date:message-id:reply-to;
        bh=jhGG2DtcnCiC+oKMx1JOkOpW3lOdHy6oBy4GULprYek=;
        b=bFmgJxACJRDZeR3oNBSDf86wGctjBX/ycFTGaI4QypixXcc8MESCXB+Bb4XN83cGsP
         90s6FJP258nnc5absq0R7G+9dbPURycfp5CZOrBtAB8XMZeJBxm1yO5Y8kSR8+l2FBMF
         7pTxmFSp7kQ9DfB+6ThMXXRP9qHwxjVdjQVZEiGAuiciEUMq6VNBZvg0tWSXdqe72mj0
         Vv25Fw7lN70X4QB+vpUshMQiylWTqEHPdil5grHrNBBv/CoT7EQXRO5av7NNaczk0Rk5
         +d3XmmafcD+CzCDZwXHzVqLBIBrjId0sVp1sD8R1iqsnpV/ixJDym/IfqbI0JvHAYrqu
         IN0w==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20251104; t=1779405460; x=1780010260;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to;
        bh=jhGG2DtcnCiC+oKMx1JOkOpW3lOdHy6oBy4GULprYek=;
        b=pJ7PdNESSmKYq6a7EXzoP3msHG6ON/W5IRo8rU2+O8VtBDlAE5xjjNBrdDdl9lGhG3
         BIaWgwYlpA980pLsspBLzWGJTfpVkgYHnFkch7B1BXlalLqJR6fRpo5Jqzq4sOa4w42B
         g2EixyGSJxSZwrdpSM2n4fN0h1TswsiiT8sK/P/VRRrcLrOp6vPXFHIodZXc4sIZGKxw
         kwhjSDG9X75hQPHR7nW7GSEzljwiAxv+WJDP6zDcQmQFlmtzg6geAgH7YRe001pNwbhP
         0y+3tn8M20NR63BX/J780LiE/f4QvpKcUnMXaVa6whzakSXa7J7HUR8iRHq6lGbN+tsC
         rsvQ==
X-Forwarded-Encrypted: i=1;
 AFNElJ+8z0doVYa2IQBbSIQdMK6KeghjTLXnawtNwyP8gkN/wHc3guOSwXqjfVgsEDY4B4qoXOk14SRwtfQ/kK4=@vger.kernel.org
X-Gm-Message-State: AOJu0YysqUpaMhkhAZANeDan5hXdnWjHYyGgPkjh6QfMZjwba4cUNY2n
	GoafHWljEu9Pav+KzLIw34USmGzOxhwrfH02hjM7A3dxWZAizS7f1gNEa5zqwg1FF2AK/TT9SXN
	GPSm6cg==
X-Received: from pgsb14.prod.google.com ([2002:a65:67ce:0:b0:c85:ee9:99c3])
 (user=wyihan job=prod-delivery.src-stubby-dispatcher) by
 2002:a05:6a21:710b:b0:3a0:67d:bba9
 with SMTP id adf61e73a8af0-3b328ee2ed7mr1019403637.45.1779405459717; Thu, 21
 May 2026 16:17:39 -0700 (PDT)
Date: Thu, 21 May 2026 23:17:00 +0000
In-Reply-To: <20260521-tdx-selftests-v13-v13-0-6983ae4c3a4d@google.com>
Precedence: bulk
X-Mailing-List: linux-kernel@vger.kernel.org
List-Id: <linux-kernel.vger.kernel.org>
List-Subscribe: <mailto:linux-kernel+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:linux-kernel+unsubscribe@vger.kernel.org>
Mime-Version: 1.0
References: <20260521-tdx-selftests-v13-v13-0-6983ae4c3a4d@google.com>
X-Developer-Key: i=wyihan@google.com; a=ed25519;
 pk=cRi0fKzS5BMxlHyHY2pJv3w/1zcgfYKr6EYGYppdMYc=
X-Developer-Signature: v=1; a=ed25519-sha256; t=1779405439; l=924;
 i=wyihan@google.com; s=20260319; h=from:subject:message-id;
 bh=ccR5ndGS6WaEGGKnDriFBQqfNdifwiO8tnHvq+Owx3g=;
 b=5LfgH9iFywMpz+YNeOHtbEmwTzX+pz7DIQLwELzaq4GRtVPAoB/4CQiStEg7wk3xvZ2lvPtff
 h7VGW9tRei2DOyJ2e+8GDbhY0R5t+W2EUeToVlbgyz7F53tcXI2BvZw
X-Mailer: b4 0.14.3
Message-ID: <20260521-tdx-selftests-v13-v13-19-6983ae4c3a4d@google.com>
Subject: [PATCH  v13 19/22] KVM: selftests: Finalize TD memory as part of
 kvm_arch_vm_finalize_vcpus
From: Lisa Wang <wyihan@google.com>
To: Andrew Jones <ajones@ventanamicro.com>,
 Ackerley Tng <ackerleytng@google.com>,
	Binbin Wu <binbin.wu@linux.intel.com>, Chao Gao <chao.gao@intel.com>,
	Chenyi Qiang <chenyi.qiang@intel.com>,
 Dave Hansen <dave.hansen@linux.intel.com>,
	Erdem Aktas <erdemaktas@google.com>, Ira Weiny <ira.weiny@intel.com>,
	Isaku Yamahata <isaku.yamahata@intel.com>, Kiryl Shutsemau <kas@kernel.org>,
	linux-kselftest@vger.kernel.org, Paolo Bonzini <pbonzini@redhat.com>,
	"Pratik R. Sampat" <pratikrajesh.sampat@amd.com>,
 Reinette Chatre <reinette.chatre@intel.com>,
	Rick Edgecombe <rick.p.edgecombe@intel.com>,
 Roger Wang <runanwang@google.com>,
	Ryan Afranji <afranji@google.com>, Sagi Shahar <sagis@google.com>,
	Sean Christopherson <seanjc@google.com>, Shuah Khan <shuah@kernel.org>,
 Oliver Upton <oupton@kernel.org>
Cc: Jeremiah McReynolds <jmcrey@google.com>, kvm@vger.kernel.org,
 linux-coco@lists.linux.dev,
	linux-kernel@vger.kernel.org, x86@kernel.org, Lisa Wang <wyihan@google.com>
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable

From: Sagi Shahar <sagis@google.com>

Finalize TDX VM after creation to make it runnable.

Signed-off-by: Sagi Shahar <sagis@google.com>
Reviewed-by: Ira Weiny <ira.weiny@intel.com>
Signed-off-by: Lisa Wang <wyihan@google.com>
---
 tools/testing/selftests/kvm/lib/x86/processor.c | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/tools/testing/selftests/kvm/lib/x86/processor.c b/tools/testin=
g/selftests/kvm/lib/x86/processor.c
index d84c629a1945..842cac168e99 100644
--- a/tools/testing/selftests/kvm/lib/x86/processor.c
+++ b/tools/testing/selftests/kvm/lib/x86/processor.c
@@ -1479,6 +1479,12 @@ bool kvm_arch_has_default_irqchip(void)
 	return true;
 }
=20
+void kvm_arch_vm_finalize_vcpus(struct kvm_vm *vm)
+{
+	if (is_tdx_vm(vm))
+		tdx_vm_finalize(vm);
+}
+
 void setup_smram(struct kvm_vm *vm, struct kvm_vcpu *vcpu, u64 smram_gpa,
 		 const void *smi_handler, size_t handler_size)
 {

--=20
2.54.0.746.g67dd491aae-goog
From nobody Sun May 24 19:34:55 2026
Received: from mail-pl1-f201.google.com (mail-pl1-f201.google.com
 [209.85.214.201])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id 8794E383C6B
	for <linux-kernel@vger.kernel.org>; Thu, 21 May 2026 23:17:41 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org;
 arc=none smtp.client-ip=209.85.214.201
ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;
	t=1779405463; cv=none;
 b=nqZcVuHjxRrMV2mr/AVrHTlcUtpBUS5DCmJPb7XIxCjxYLDO2ou4FFvem/8gOCVDJGCtgaGNA/iOMplxMUy/zP39ru+TenOkuwyQ1CpNirdmmb8U9ePXKDtNlt6VTnbLcjAH7ldhMZnpqF3JMCsxnFcDPB/xYTtAzyI2DYUvv6U=
ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org;
	s=arc-20240116; t=1779405463; c=relaxed/simple;
	bh=Od2lOEsB+1joQwPea9oDeM67Ytbja38l/nL7JwsRNZk=;
	h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From:
	 To:Cc:Content-Type;
 b=YpyR/wfCr3J/CLMKqQO/7taWbR98n2LUQk4EOVc4EA/zrIt4LxiCwyLtrsJLNkJ9ej7GG4DgfWqvvcltDqSCkNEjYOakb/06I/XlGdq1Za/0imWWbXtqEzIjpM8zdq9xgKdqZt4lfT+B5/0z+6yPgzufhd/iMkrTCSFpz5CkNbM=
ARC-Authentication-Results: i=1; smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com;
 spf=pass smtp.mailfrom=flex--wyihan.bounces.google.com;
 dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b=i6j9cvTl; arc=none smtp.client-ip=209.85.214.201
Authentication-Results: smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com
Authentication-Results: smtp.subspace.kernel.org;
 spf=pass smtp.mailfrom=flex--wyihan.bounces.google.com
Authentication-Results: smtp.subspace.kernel.org;
	dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b="i6j9cvTl"
Received: by mail-pl1-f201.google.com with SMTP id
 d9443c01a7336-2ba3245a43dso70139745ad.0
        for <linux-kernel@vger.kernel.org>;
 Thu, 21 May 2026 16:17:41 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=google.com; s=20251104; t=1779405461; x=1780010261;
 darn=vger.kernel.org;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:from:to:cc:subject:date:message-id:reply-to;
        bh=CxNtZ3nKj+c0vNDjFbCr6nNPXT0j5Pj4bcLBD9UZU8U=;
        b=i6j9cvTlIpVZ75ohyqHEGGG39SuNqyLQiDcR4CnXiKGkRSQg4I/uxjirzbf4SK9LS9
         MaGv8I8eyl463pBTFgqmIT/RXHmJl5zzwYtVXIqsE9VMKR+0aQO6GPiM2ES4D8p3CHWJ
         tmSF4LjbPi3b4gZQBZAbiUWdV6HdOMzxuEVAKQUtYdSEM5P+m2GlivZ1CoZ7vMIWD6vv
         UqRPhwX6gQIPkc7ADbzKsZrquhmuzWbFhqbf8rFnsnpx9C14ywhw5ZJ8ON4PGtVjuikZ
         gs7ogebB65pldsS207YZcI/mr7cOIofCYGU7UM4qITQb4uN0d8mmg2UPo5gb/icXlHX2
         NZ4Q==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20251104; t=1779405461; x=1780010261;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to;
        bh=CxNtZ3nKj+c0vNDjFbCr6nNPXT0j5Pj4bcLBD9UZU8U=;
        b=OhpRCQHicUEyl+CvUbs3v0exUUI1OXM9hMGwI82Lgspn6Tbd3qxj02t1FAZf/Jxha2
         RZg4jaNu2madGgULXugVjhi1BHsoXE9Y5WRHoPo6FY/s7rS9EtoB2zf3kz3CcILLU/Qb
         Z0zBcvSpRCa7kOFqlhITKIEO28MiUHaGsMRWUgRuNvjA4P/qoQjAMPIphtxYUXT/Eluu
         F5+oByuq+anMy1vwgc+y+RDCCb0Ev+CLSXa/dGNKtitz1p1MnR2XtTScdN219Dppilhw
         TFmlh2LxvrMKNaMH/J3lVZm8nunZty2H1kX6To8MsGXlXtdGGpQWvV2QRqGdIuoMsGVf
         4EWQ==
X-Forwarded-Encrypted: i=1;
 AFNElJ8QoaZkapI2oOs16uAWc+EEQA3cXoIXe/+ZTBV7ZFC8dT3fNN6SywGTq/zFCjcGDCIZBdjnom80PNuYam8=@vger.kernel.org
X-Gm-Message-State: AOJu0YzgoF4kVj1yfilSlhOlyIleulCmkGA3vpVsTvINEiRuBRwvmJcf
	Cq+cpppkNcKA9a79xQQkY0wNPxDhn9FGJxiULYidEoOahU5VOfeIAMkbMgdZYC2RO1rwuSheXkn
	aGtNC2Q==
X-Received: from plqu9.prod.google.com ([2002:a17:902:a609:b0:2b0:b92b:a3d4])
 (user=wyihan job=prod-delivery.src-stubby-dispatcher) by
 2002:a17:903:3c2d:b0:2b2:42b1:adac
 with SMTP id d9443c01a7336-2beb031af0bmr8989535ad.3.1779405460627; Thu, 21
 May 2026 16:17:40 -0700 (PDT)
Date: Thu, 21 May 2026 23:17:01 +0000
In-Reply-To: <20260521-tdx-selftests-v13-v13-0-6983ae4c3a4d@google.com>
Precedence: bulk
X-Mailing-List: linux-kernel@vger.kernel.org
List-Id: <linux-kernel.vger.kernel.org>
List-Subscribe: <mailto:linux-kernel+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:linux-kernel+unsubscribe@vger.kernel.org>
Mime-Version: 1.0
References: <20260521-tdx-selftests-v13-v13-0-6983ae4c3a4d@google.com>
X-Developer-Key: i=wyihan@google.com; a=ed25519;
 pk=cRi0fKzS5BMxlHyHY2pJv3w/1zcgfYKr6EYGYppdMYc=
X-Developer-Signature: v=1; a=ed25519-sha256; t=1779405439; l=3326;
 i=wyihan@google.com; s=20260319; h=from:subject:message-id;
 bh=qKY0lUOWtUNSXm/BjfbVqcxYSXkTBg8RPVAzh6yLWOo=;
 b=URs8dDmehMo1VZSWbN0pSVPY7GbA8Y6Sq36hGYK3E3c4Fw+X0ABwEs/lMt9RCIeoSJ4rbvLg/
 ptdm67VksemAEuYL1YDN1BHiXI6arOr9eaQCLlRigsPiQKTFxDroQIl
X-Mailer: b4 0.14.3
Message-ID: <20260521-tdx-selftests-v13-v13-20-6983ae4c3a4d@google.com>
Subject: [PATCH  v13 20/22] KVM: selftests: Implement MMIO WRITE for the TDX
 VM
From: Lisa Wang <wyihan@google.com>
To: Andrew Jones <ajones@ventanamicro.com>,
 Ackerley Tng <ackerleytng@google.com>,
	Binbin Wu <binbin.wu@linux.intel.com>, Chao Gao <chao.gao@intel.com>,
	Chenyi Qiang <chenyi.qiang@intel.com>,
 Dave Hansen <dave.hansen@linux.intel.com>,
	Erdem Aktas <erdemaktas@google.com>, Ira Weiny <ira.weiny@intel.com>,
	Isaku Yamahata <isaku.yamahata@intel.com>, Kiryl Shutsemau <kas@kernel.org>,
	linux-kselftest@vger.kernel.org, Paolo Bonzini <pbonzini@redhat.com>,
	"Pratik R. Sampat" <pratikrajesh.sampat@amd.com>,
 Reinette Chatre <reinette.chatre@intel.com>,
	Rick Edgecombe <rick.p.edgecombe@intel.com>,
 Roger Wang <runanwang@google.com>,
	Ryan Afranji <afranji@google.com>, Sagi Shahar <sagis@google.com>,
	Sean Christopherson <seanjc@google.com>, Shuah Khan <shuah@kernel.org>,
 Oliver Upton <oupton@kernel.org>
Cc: Jeremiah McReynolds <jmcrey@google.com>, kvm@vger.kernel.org,
 linux-coco@lists.linux.dev,
	linux-kernel@vger.kernel.org, x86@kernel.org, Lisa Wang <wyihan@google.com>
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable

From: Erdem Aktas <erdemaktas@google.com>

Implement the tdx_mmio_write() to allow TDX VMs to request MMIO
emulation.

Follow the Intel Guest-Hypervisor Communication Interface (GHCI) spec
to the minimum extent that a spec-abiding TDX module will pass the
request to KVM. Skip implementing the #VE handler as described in the
GHCI spec so selftests will not take a dependency on having a working

To perform emulated I/O, VMs use the TDG.VP.VMCALL instruction to
request MMIO.

Signed-off-by: Erdem Aktas <erdemaktas@google.com>
Co-developed-by: Sagi Shahar <sagis@google.com>
Signed-off-by: Sagi Shahar <sagis@google.com>
Co-developed-by: Lisa Wang <wyihan@google.com>
Signed-off-by: Lisa Wang <wyihan@google.com>
---
 tools/testing/selftests/kvm/Makefile.kvm          |  1 +
 tools/testing/selftests/kvm/include/x86/tdx/tdx.h | 16 ++++++++++++
 tools/testing/selftests/kvm/lib/x86/tdx/tdx.c     | 30 +++++++++++++++++++=
++++
 3 files changed, 47 insertions(+)

diff --git a/tools/testing/selftests/kvm/Makefile.kvm b/tools/testing/selft=
ests/kvm/Makefile.kvm
index a651a876c522..489324cecf83 100644
--- a/tools/testing/selftests/kvm/Makefile.kvm
+++ b/tools/testing/selftests/kvm/Makefile.kvm
@@ -33,6 +33,7 @@ LIBKVM_x86 +=3D lib/x86/ucall.c
 LIBKVM_x86 +=3D lib/x86/vmx.c
 LIBKVM_x86 +=3D lib/x86/tdx/tdx_util.c
 LIBKVM_x86 +=3D lib/x86/tdx/td_boot.S
+LIBKVM_x86 +=3D lib/x86/tdx/tdx.c
=20
 LIBKVM_arm64 +=3D lib/arm64/gic.c
 LIBKVM_arm64 +=3D lib/arm64/gic_v3.c
diff --git a/tools/testing/selftests/kvm/include/x86/tdx/tdx.h b/tools/test=
ing/selftests/kvm/include/x86/tdx/tdx.h
new file mode 100644
index 000000000000..810ca7423c84
--- /dev/null
+++ b/tools/testing/selftests/kvm/include/x86/tdx/tdx.h
@@ -0,0 +1,16 @@
+/* SPDX-License-Identifier: GPL-2.0-only */
+#ifndef SELFTESTS_TDX_TDX_H
+#define SELFTESTS_TDX_TDX_H
+
+#include <linux/types.h>
+
+enum mmio_size {
+	MMIO_SIZE_1B =3D 1,
+	MMIO_SIZE_2B =3D 2,
+	MMIO_SIZE_4B =3D 4,
+	MMIO_SIZE_8B =3D 8
+};
+
+u64 tdx_mmio_write(u64 address, enum mmio_size size, u64 data_in);
+
+#endif // SELFTESTS_TDX_TDX_H
diff --git a/tools/testing/selftests/kvm/lib/x86/tdx/tdx.c b/tools/testing/=
selftests/kvm/lib/x86/tdx/tdx.c
new file mode 100644
index 000000000000..f19be79fe11f
--- /dev/null
+++ b/tools/testing/selftests/kvm/lib/x86/tdx/tdx.c
@@ -0,0 +1,30 @@
+// SPDX-License-Identifier: GPL-2.0-only
+
+#include "tdx/tdx.h"
+
+#define TDG_VP_VMCALL 0
+#define TDG_VP_VMCALL_VE_REQUEST_MMIO    48
+#define TDVMCALL_MMIO_WRITE		  1
+#define TDVMCALL_EXPOSE_REGS_MASK    0xFC00
+
+u64 tdx_mmio_write(u64 address, enum mmio_size size, u64 data_in)
+{
+	register u64 r10_reg asm("r10") =3D TDG_VP_VMCALL;
+	register u64 r11_reg asm("r11") =3D TDG_VP_VMCALL_VE_REQUEST_MMIO;
+	register u64 r12_reg asm("r12") =3D size;
+	register u64 r13_reg asm("r13") =3D TDVMCALL_MMIO_WRITE;
+	register u64 r14_reg asm("r14") =3D address;
+	register u64 r15_reg asm("r15") =3D data_in;
+	register u64 rax_reg asm("rax") =3D TDG_VP_VMCALL;
+	register u64 rcx_reg asm("rcx") =3D TDVMCALL_EXPOSE_REGS_MASK;
+
+	asm volatile(
+	 ".byte 0x66,0x0f,0x01,0xcc" /* tdcall */
+	 : "+r" (r10_reg), "+r" (r11_reg)
+	 : "r" (r12_reg), "r" (r13_reg), "r" (r14_reg), "r" (r15_reg),
+	   "r" (rax_reg), "r" (rcx_reg)
+	 : "cc", "memory"
+	);
+
+	return r10_reg;
+}

--=20
2.54.0.746.g67dd491aae-goog
From nobody Sun May 24 19:34:55 2026
Received: from mail-pj1-f73.google.com (mail-pj1-f73.google.com
 [209.85.216.73])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id 5A86A385D93
	for <linux-kernel@vger.kernel.org>; Thu, 21 May 2026 23:17:42 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org;
 arc=none smtp.client-ip=209.85.216.73
ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;
	t=1779405464; cv=none;
 b=Hz7/AxfpGj5msmfa1FNKlIcjtPzwlx8ot+UzB+j90raJAyEI6aSAjteJ1zlXq5Bp+YF+C/kxTqp+EjJS/UoKG6xKJiJe+F+RLlKJBOpdYwpo8eLOgZL65JZ1B3qy1fLkTNZ/bhLS06Sy4L5EGfuVHGYsfRtadsc1ddzer1+C6IA=
ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org;
	s=arc-20240116; t=1779405464; c=relaxed/simple;
	bh=8ym0n79Mz6+GweMZSkeYy57YJ4KREmGpmy6oG1UrCOk=;
	h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From:
	 To:Cc:Content-Type;
 b=jdDRELaSRyxDAOrLNteio5bSgDQ1az4BrFUhGkpOT+gM0KvQ9iN7IirdXA3BvKTNi061gZcUpevSfH8tCUjYJDthF2SkcfGBJwZim0UWATi/te6XJUtKV1jvTK6EdQZIgGoO70wfZdspsaQ/BTia/qf4n6pI1EpoacBztF5v4A0=
ARC-Authentication-Results: i=1; smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com;
 spf=pass smtp.mailfrom=flex--wyihan.bounces.google.com;
 dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b=NyCJ9G3V; arc=none smtp.client-ip=209.85.216.73
Authentication-Results: smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com
Authentication-Results: smtp.subspace.kernel.org;
 spf=pass smtp.mailfrom=flex--wyihan.bounces.google.com
Authentication-Results: smtp.subspace.kernel.org;
	dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b="NyCJ9G3V"
Received: by mail-pj1-f73.google.com with SMTP id
 98e67ed59e1d1-368edd5fec4so7429535a91.0
        for <linux-kernel@vger.kernel.org>;
 Thu, 21 May 2026 16:17:42 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=google.com; s=20251104; t=1779405462; x=1780010262;
 darn=vger.kernel.org;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:from:to:cc:subject:date:message-id:reply-to;
        bh=YIjV3Fpz1AHb9XpyYS3cxfTD/+OUKDFYDMCz40m7qCY=;
        b=NyCJ9G3VGYAbKXukHPvJa6IlZoxlwdNzJDiAJMjL4jv3G87BkuptPzD38MH5VKpxxH
         6reYjxay0ueUDNDzaevbtkDZS+oHOi3Lo0/kIXb0Sw6QepRWQxZmBlw1CxW4kqLpepdj
         +FBar75eGhkj5qDSzF2ooTH1um95eQ56Iqc5+xOyZtAJurqk3XQzMhl6sWemc6eXFz++
         yXXSyNepsWPYb8zu55RegLt2DGB42n4rCzlU8AYUbuHCCPzCrrWzs6PesFx3ZOGGSZh5
         BOlMwoAJ9jyZ3EHstV9N/y91fRrleG6BFFALyjFIlvUyOXTTjKg6B122b/qtyETTDGRb
         rtyQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20251104; t=1779405462; x=1780010262;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to;
        bh=YIjV3Fpz1AHb9XpyYS3cxfTD/+OUKDFYDMCz40m7qCY=;
        b=ftDwmS/2+2cDUvi79sr5M71+MGU/xR7zTqmYCqbaweBE1pF99OcqIF31fj9bszE80s
         TPT3a62EV+SmwyDco4Mo6IWCdqyTXBbJvQ3UeAcHVBXYSwCf5G5VOPvzbR0yhyf2tISn
         H9iowH8Nj/+ytMG0bTUue3hWJhJqmKzWy1ArkLNwmiOM1dn3fNkjfB9gdUZIGaBAr4dA
         3eJyRHgHcHYxvyFOFi1vvQTtZi5t6yBFOhpiz2yF4dprVVXCPW/5cbFHYAo1QeDyhdN6
         /8gXgjGXPt1BTSferxm/CFDSSWgtq+iC9Cnwd/OuYhaXmC+7kop7xXaFQkd0VyLHGhhe
         XUbw==
X-Forwarded-Encrypted: i=1;
 AFNElJ+pZTZpZtDVflm2zLPrGSeirLffreBHYb1mh66MRrMOzQS5/ikV8hv2aWkBzTqw2rz7c3U/pzXOymkQj8U=@vger.kernel.org
X-Gm-Message-State: AOJu0Ywe4m132zIKKs1tlZJ1FYnyNT1tourbLCWLDbHiJoHbH06Wzobx
	xAk9pBzzfaMVeRTuqZAzEJW4ioGbfL8xxrGLcK89/WMKt6pac34fwmLq3lSt2EH7WhrqjvgNSmT
	PY2ZGlA==
X-Received: from pjbin12.prod.google.com
 ([2002:a17:90b:438c:b0:369:74c4:4855])
 (user=wyihan job=prod-delivery.src-stubby-dispatcher) by
 2002:a17:90b:4e84:b0:369:946d:32fa
 with SMTP id 98e67ed59e1d1-36a676ee27amr1240497a91.5.1779405461532; Thu, 21
 May 2026 16:17:41 -0700 (PDT)
Date: Thu, 21 May 2026 23:17:02 +0000
In-Reply-To: <20260521-tdx-selftests-v13-v13-0-6983ae4c3a4d@google.com>
Precedence: bulk
X-Mailing-List: linux-kernel@vger.kernel.org
List-Id: <linux-kernel.vger.kernel.org>
List-Subscribe: <mailto:linux-kernel+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:linux-kernel+unsubscribe@vger.kernel.org>
Mime-Version: 1.0
References: <20260521-tdx-selftests-v13-v13-0-6983ae4c3a4d@google.com>
X-Developer-Key: i=wyihan@google.com; a=ed25519;
 pk=cRi0fKzS5BMxlHyHY2pJv3w/1zcgfYKr6EYGYppdMYc=
X-Developer-Signature: v=1; a=ed25519-sha256; t=1779405439; l=3234;
 i=wyihan@google.com; s=20260319; h=from:subject:message-id;
 bh=j3tpvq/GgxXgc3htDFWvHIgX4JqpFWKTcGg78pPJQ9w=;
 b=QBwJx23Jf4cNjfCxhnsSUVVUpHdxsCGCy9Y0fv6Zbpv7mfqosATQ+ArS7j5s1SirdXatbWk81
 BfTl33UGbycCNYXAdZZkK3GiKX/gihkbJ9yLMSGgfE7KqIrePSUCh+C
X-Mailer: b4 0.14.3
Message-ID: <20260521-tdx-selftests-v13-v13-21-6983ae4c3a4d@google.com>
Subject: [PATCH  v13 21/22] KVM: selftests: Add ucall support for TDX
From: Lisa Wang <wyihan@google.com>
To: Andrew Jones <ajones@ventanamicro.com>,
 Ackerley Tng <ackerleytng@google.com>,
	Binbin Wu <binbin.wu@linux.intel.com>, Chao Gao <chao.gao@intel.com>,
	Chenyi Qiang <chenyi.qiang@intel.com>,
 Dave Hansen <dave.hansen@linux.intel.com>,
	Erdem Aktas <erdemaktas@google.com>, Ira Weiny <ira.weiny@intel.com>,
	Isaku Yamahata <isaku.yamahata@intel.com>, Kiryl Shutsemau <kas@kernel.org>,
	linux-kselftest@vger.kernel.org, Paolo Bonzini <pbonzini@redhat.com>,
	"Pratik R. Sampat" <pratikrajesh.sampat@amd.com>,
 Reinette Chatre <reinette.chatre@intel.com>,
	Rick Edgecombe <rick.p.edgecombe@intel.com>,
 Roger Wang <runanwang@google.com>,
	Ryan Afranji <afranji@google.com>, Sagi Shahar <sagis@google.com>,
	Sean Christopherson <seanjc@google.com>, Shuah Khan <shuah@kernel.org>,
 Oliver Upton <oupton@kernel.org>
Cc: Jeremiah McReynolds <jmcrey@google.com>, kvm@vger.kernel.org,
 linux-coco@lists.linux.dev,
	linux-kernel@vger.kernel.org, x86@kernel.org, Lisa Wang <wyihan@google.com>
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable

From: Ackerley Tng <ackerleytng@google.com>

Implement TDX ucall using TDCALL-based MMIO to pass the ucall address
from the VM to the host.

In standard KVM selftests, ucall uses a PIO instruction as a trigger
to exit to the host, which then retrieves the ucall address by reading
the guest's RDI register. This approach is incompatible with TDX
because the host cannot access guest registers.

Furthermore, PIO exits only expose 4 bytes of immediate data, which
is insufficient for a 8-byte ucall address. By using TDCALL-based MMIO,
the VM can share the full 8-byte address in a single exit without
refactoring the common ucall framework and other non-x86 architectures.

Signed-off-by: Ackerley Tng <ackerleytng@google.com>
Co-developed-by: Sagi Shahar <sagis@google.com>
Signed-off-by: Sagi Shahar <sagis@google.com>
Co-developed-by: Lisa Wang <wyihan@google.com>
Signed-off-by: Lisa Wang <wyihan@google.com>
---
 tools/testing/selftests/kvm/include/x86/ucall.h |  6 -----
 tools/testing/selftests/kvm/lib/x86/ucall.c     | 30 +++++++++++++++++++++=
++++
 2 files changed, 30 insertions(+), 6 deletions(-)

diff --git a/tools/testing/selftests/kvm/include/x86/ucall.h b/tools/testin=
g/selftests/kvm/include/x86/ucall.h
index 0e4950041e3e..7e54ec2c1a45 100644
--- a/tools/testing/selftests/kvm/include/x86/ucall.h
+++ b/tools/testing/selftests/kvm/include/x86/ucall.h
@@ -2,12 +2,6 @@
 #ifndef SELFTEST_KVM_UCALL_H
 #define SELFTEST_KVM_UCALL_H
=20
-#include "kvm_util.h"
-
 #define UCALL_EXIT_REASON       KVM_EXIT_IO
=20
-static inline void ucall_arch_init(struct kvm_vm *vm, gpa_t mmio_gpa)
-{
-}
-
 #endif
diff --git a/tools/testing/selftests/kvm/lib/x86/ucall.c b/tools/testing/se=
lftests/kvm/lib/x86/ucall.c
index e7dd5791959b..c8e3418d53af 100644
--- a/tools/testing/selftests/kvm/lib/x86/ucall.c
+++ b/tools/testing/selftests/kvm/lib/x86/ucall.c
@@ -5,11 +5,34 @@
  * Copyright (C) 2018, Red Hat, Inc.
  */
 #include "kvm_util.h"
+#include "tdx/tdx.h"
+#include "tdx/tdx_util.h"
=20
 #define UCALL_PIO_PORT ((u16)0x1000)
=20
+static u8 vm_type;
+static gpa_t host_ucall_mmio_gpa;
+static gpa_t ucall_mmio_gpa;
+
+void ucall_arch_init(struct kvm_vm *vm, gpa_t mmio_gpa)
+{
+	vm_type =3D vm->type;
+	sync_global_to_guest(vm, vm_type);
+
+	if (is_tdx_vm(vm)) {
+		host_ucall_mmio_gpa =3D ucall_mmio_gpa =3D mmio_gpa;
+		ucall_mmio_gpa |=3D vm->arch.s_bit;
+		sync_global_to_guest(vm, ucall_mmio_gpa);
+	}
+}
+
 void ucall_arch_do_ucall(gva_t uc)
 {
+	if (vm_type =3D=3D KVM_X86_TDX_VM) {
+		tdx_mmio_write(ucall_mmio_gpa, MMIO_SIZE_8B, uc);
+		return;
+	}
+
 	/*
 	 * FIXME: Revert this hack (the entire commit that added it) once nVMX
 	 * preserves L2 GPRs across a nested VM-Exit.  If a ucall from L2, e.g.
@@ -46,6 +69,13 @@ void *ucall_arch_get_ucall(struct kvm_vcpu *vcpu)
 {
 	struct kvm_run *run =3D vcpu->run;
=20
+	if (vm_type =3D=3D KVM_X86_TDX_VM) {
+		if (run->exit_reason =3D=3D KVM_EXIT_MMIO &&
+		    run->mmio.phys_addr =3D=3D host_ucall_mmio_gpa &&
+		    run->mmio.len =3D=3D MMIO_SIZE_8B && run->mmio.is_write)
+			return (void *)(*((u64 *)run->mmio.data));
+	}
+
 	if (run->exit_reason =3D=3D KVM_EXIT_IO && run->io.port =3D=3D UCALL_PIO_=
PORT) {
 		struct kvm_regs regs;
=20

--=20
2.54.0.746.g67dd491aae-goog
From nobody Sun May 24 19:34:55 2026
Received: from mail-pj1-f73.google.com (mail-pj1-f73.google.com
 [209.85.216.73])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id 5421638AC79
	for <linux-kernel@vger.kernel.org>; Thu, 21 May 2026 23:17:43 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org;
 arc=none smtp.client-ip=209.85.216.73
ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;
	t=1779405465; cv=none;
 b=UVex+5ghkZ7D2QOoBJ9ni5lv86+drKhyEUQaWAviYKxm5N8veOmFBUkqOfpznngcSmVr0jrVJYQZkG2Fxvw+Z+BMz6gbvBL3mYoa/8pKZY9FPvinHdJ0oBNTjMPYGtFCaZJYp6jsb2cAYgw0XUdlWH1Y6Vc/wkbGkUo8PEwmIec=
ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org;
	s=arc-20240116; t=1779405465; c=relaxed/simple;
	bh=g07zdxChitPTI9twOohppbiWhlIxXngRCSMr4LUrbCs=;
	h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From:
	 To:Cc:Content-Type;
 b=AOU0jOVXtDBADk+RHPIeNzW3mnSBbh0jd54eySrWQBOVbMTekYEPwhypFWyYcenm0JJ1+eNPmZRr2JTTlDt1FrEq14R87AAwpOWwsR4PjHTh0jJcACFSx2UVF94fiNnlxenshvW4E7VudusKS9LRXakV3A9IEFz6N/gd8s43Dlk=
ARC-Authentication-Results: i=1; smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com;
 spf=pass smtp.mailfrom=flex--wyihan.bounces.google.com;
 dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b=Dy2MwqiA; arc=none smtp.client-ip=209.85.216.73
Authentication-Results: smtp.subspace.kernel.org;
 dmarc=pass (p=reject dis=none) header.from=google.com
Authentication-Results: smtp.subspace.kernel.org;
 spf=pass smtp.mailfrom=flex--wyihan.bounces.google.com
Authentication-Results: smtp.subspace.kernel.org;
	dkim=pass (2048-bit key) header.d=google.com header.i=@google.com
 header.b="Dy2MwqiA"
Received: by mail-pj1-f73.google.com with SMTP id
 98e67ed59e1d1-3662668b825so13178911a91.3
        for <linux-kernel@vger.kernel.org>;
 Thu, 21 May 2026 16:17:43 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=google.com; s=20251104; t=1779405463; x=1780010263;
 darn=vger.kernel.org;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:from:to:cc:subject:date:message-id:reply-to;
        bh=NDuVHbbe9tFqK9kSIH2YOcoslIJRCEw3L/LE+oaB3CE=;
        b=Dy2MwqiAxd6eeeQP1ZZNdx7qQW7H7uTYry3Rl1EqFpOPCG6tZ0PSASjOM9nM2XwoBQ
         eEMCoboCeW2SoHH0iy6d5TSaDQPI2WRI0X1IgURORuU/fvWmoxvFXuiGgbaPw4zX88M1
         9IWb/cb/cOVA6y9C1cnyBcE5k3wSTGkEtbLYmPsQvJMqC2VDMFKTJdYnI0jsUSydS6IY
         6rrs9maHC+TGvle+5L4sXAQ05SrkHF3FBSORdPxlt1TX0gasGMubBwhbaQKcV8NDddHP
         z+BYu4ivQAVx4CdninSGApnMK2Az61JBWBrTAS3dDhNrQiIPqAJVjqfJdyvd7V3LWWp1
         HkTg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20251104; t=1779405463; x=1780010263;
        h=cc:to:from:subject:message-id:references:mime-version:in-reply-to
         :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to;
        bh=NDuVHbbe9tFqK9kSIH2YOcoslIJRCEw3L/LE+oaB3CE=;
        b=P0vJf52rVjB+kr/SKp78lTLtNG1Rfv24Zfito/mRQJnOmoIuspmmc744nFGJYZoPHR
         NYDtO++7D6PebxTCmwl5zma1GwF9IoNo6iaWOiK3WQ70IFjyHAIT1zccCTT6kelf9nFN
         /+zVUxoAi9osy985DZVXfeTeuxywZAUYxEnlE+3t59SK+wsBmRfdj6BwRmTxHVXrD722
         DMN4CcurOg3/REkAa3C9dzxosnKR4LoQVANKFnmAyfYeQdq7fQ1JQoLclJTjdRBczn1F
         JisLRKGYRO3BUQ7Msbywz6IozL3diIk6kiDNcX6TNde1evhgtL1KlnXrNsnEGIxAx3Gq
         ltCQ==
X-Forwarded-Encrypted: i=1;
 AFNElJ+dzB9PwYHJk7n3dxJLg++R+vDvaqisu+OHgOYjRssmwWVmzQec0PWIbyRoCE1FegSwYlT5KPJ6iXN4rnE=@vger.kernel.org
X-Gm-Message-State: AOJu0YzFqe9SkpGpvAHmpQ5Fwo7YhjC6ttBxQ790G+Hth8K66vpmPPfl
	83YKjsQEE6hqFvG+tMeYtEnu0nr4/2PJKvh2tZQA7AU6jlgsA8jrR10CEPXvkF+y/Sz4+ZN5fIB
	kUZpr5A==
X-Received: from pjbii14.prod.google.com
 ([2002:a17:90b:488e:b0:365:f319:9427])
 (user=wyihan job=prod-delivery.src-stubby-dispatcher) by
 2002:a17:90b:2e04:b0:359:1130:1047
 with SMTP id 98e67ed59e1d1-36a677c7a77mr1021731a91.17.1779405462422; Thu, 21
 May 2026 16:17:42 -0700 (PDT)
Date: Thu, 21 May 2026 23:17:03 +0000
In-Reply-To: <20260521-tdx-selftests-v13-v13-0-6983ae4c3a4d@google.com>
Precedence: bulk
X-Mailing-List: linux-kernel@vger.kernel.org
List-Id: <linux-kernel.vger.kernel.org>
List-Subscribe: <mailto:linux-kernel+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:linux-kernel+unsubscribe@vger.kernel.org>
Mime-Version: 1.0
References: <20260521-tdx-selftests-v13-v13-0-6983ae4c3a4d@google.com>
X-Developer-Key: i=wyihan@google.com; a=ed25519;
 pk=cRi0fKzS5BMxlHyHY2pJv3w/1zcgfYKr6EYGYppdMYc=
X-Developer-Signature: v=1; a=ed25519-sha256; t=1779405439; l=3221;
 i=wyihan@google.com; s=20260319; h=from:subject:message-id;
 bh=sRLiM6RbKoG5VddtAxKgLddQfa2cG3iSFQQYT2bdoPE=;
 b=LQ4+Mf9N/xXTNK6v12F5/Hub6eIZiXj/exJGFNQFy/wfFpW4Gkn2yokdKqIUWZEOB5CKda52Q
 Vl26TIS53DfA2JDT220jZpKa3XPSiQ8gKhVMwHGOs/gTm6xxUIFU6wy
X-Mailer: b4 0.14.3
Message-ID: <20260521-tdx-selftests-v13-v13-22-6983ae4c3a4d@google.com>
Subject: [PATCH  v13 22/22] KVM: selftests: Add TDX lifecycle test
From: Lisa Wang <wyihan@google.com>
To: Andrew Jones <ajones@ventanamicro.com>,
 Ackerley Tng <ackerleytng@google.com>,
	Binbin Wu <binbin.wu@linux.intel.com>, Chao Gao <chao.gao@intel.com>,
	Chenyi Qiang <chenyi.qiang@intel.com>,
 Dave Hansen <dave.hansen@linux.intel.com>,
	Erdem Aktas <erdemaktas@google.com>, Ira Weiny <ira.weiny@intel.com>,
	Isaku Yamahata <isaku.yamahata@intel.com>, Kiryl Shutsemau <kas@kernel.org>,
	linux-kselftest@vger.kernel.org, Paolo Bonzini <pbonzini@redhat.com>,
	"Pratik R. Sampat" <pratikrajesh.sampat@amd.com>,
 Reinette Chatre <reinette.chatre@intel.com>,
	Rick Edgecombe <rick.p.edgecombe@intel.com>,
 Roger Wang <runanwang@google.com>,
	Ryan Afranji <afranji@google.com>, Sagi Shahar <sagis@google.com>,
	Sean Christopherson <seanjc@google.com>, Shuah Khan <shuah@kernel.org>,
 Oliver Upton <oupton@kernel.org>
Cc: Jeremiah McReynolds <jmcrey@google.com>, kvm@vger.kernel.org,
 linux-coco@lists.linux.dev,
	linux-kernel@vger.kernel.org, x86@kernel.org, Lisa Wang <wyihan@google.com>
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable

From: Sagi Shahar <sagis@google.com>

Adding a test to verify TDX lifecycle by creating a simple TDX VM.

Signed-off-by: Sagi Shahar <sagis@google.com>
Signed-off-by: Lisa Wang <wyihan@google.com>
---
 tools/testing/selftests/kvm/Makefile.kvm           |  1 +
 .../testing/selftests/kvm/include/x86/processor.h  |  1 +
 .../selftests/kvm/include/x86/tdx/tdx_util.h       |  5 ++++
 tools/testing/selftests/kvm/x86/tdx_vm_test.c      | 33 ++++++++++++++++++=
++++
 4 files changed, 40 insertions(+)

diff --git a/tools/testing/selftests/kvm/Makefile.kvm b/tools/testing/selft=
ests/kvm/Makefile.kvm
index 489324cecf83..14db8eb2bf0d 100644
--- a/tools/testing/selftests/kvm/Makefile.kvm
+++ b/tools/testing/selftests/kvm/Makefile.kvm
@@ -167,6 +167,7 @@ TEST_GEN_PROGS_x86 +=3D rseq_test
 TEST_GEN_PROGS_x86 +=3D steal_time
 TEST_GEN_PROGS_x86 +=3D system_counter_offset_test
 TEST_GEN_PROGS_x86 +=3D pre_fault_memory_test
+TEST_GEN_PROGS_x86 +=3D x86/tdx_vm_test
=20
 # Compiled outputs used by test targets
 TEST_GEN_PROGS_EXTENDED_x86 +=3D x86/nx_huge_pages_test
diff --git a/tools/testing/selftests/kvm/include/x86/processor.h b/tools/te=
sting/selftests/kvm/include/x86/processor.h
index ed9c031b77b8..f65755482a97 100644
--- a/tools/testing/selftests/kvm/include/x86/processor.h
+++ b/tools/testing/selftests/kvm/include/x86/processor.h
@@ -372,6 +372,7 @@ static inline unsigned int x86_model(unsigned int eax)
 #define VM_SHAPE_SEV		VM_TYPE(KVM_X86_SEV_VM)
 #define VM_SHAPE_SEV_ES		VM_TYPE(KVM_X86_SEV_ES_VM)
 #define VM_SHAPE_SNP		VM_TYPE(KVM_X86_SNP_VM)
+#define VM_SHAPE_TDX		VM_TYPE(KVM_X86_TDX_VM)
=20
 #define PHYSICAL_PAGE_MASK      GENMASK_ULL(51, 12)
=20
diff --git a/tools/testing/selftests/kvm/include/x86/tdx/tdx_util.h b/tools=
/testing/selftests/kvm/include/x86/tdx/tdx_util.h
index 8276622c50d2..56538b1286f3 100644
--- a/tools/testing/selftests/kvm/include/x86/tdx/tdx_util.h
+++ b/tools/testing/selftests/kvm/include/x86/tdx/tdx_util.h
@@ -11,6 +11,11 @@ static inline bool is_tdx_vm(struct kvm_vm *vm)
 	return vm->type =3D=3D KVM_X86_TDX_VM;
 }
=20
+static inline bool is_tdx_supported(void)
+{
+	return !!(kvm_check_cap(KVM_CAP_VM_TYPES) & BIT(KVM_X86_TDX_VM));
+}
+
 /*
  * TDX ioctls
  * Use underscores to avoid collisions with struct member names.
diff --git a/tools/testing/selftests/kvm/x86/tdx_vm_test.c b/tools/testing/=
selftests/kvm/x86/tdx_vm_test.c
new file mode 100644
index 000000000000..7cdcaf33b585
--- /dev/null
+++ b/tools/testing/selftests/kvm/x86/tdx_vm_test.c
@@ -0,0 +1,33 @@
+// SPDX-License-Identifier: GPL-2.0-only
+
+#include "processor.h"
+#include "kvm_util.h"
+#include "tdx/tdx_util.h"
+#include "ucall_common.h"
+#include "kselftest_harness.h"
+
+static void guest_code_lifecycle(void)
+{
+	GUEST_DONE();
+}
+
+TEST(verify_td_lifecycle)
+{
+	struct kvm_vcpu *vcpu;
+	struct kvm_vm *vm;
+	struct ucall uc;
+
+	vm =3D vm_create_shape_with_one_vcpu(VM_SHAPE_TDX, &vcpu,
+					   guest_code_lifecycle);
+
+	vcpu_run(vcpu);
+	TEST_ASSERT_EQ(get_ucall(vcpu, &uc), UCALL_DONE);
+
+	kvm_vm_free(vm);
+}
+
+int main(int argc, char **argv)
+{
+	TEST_REQUIRE(is_tdx_supported());
+	return test_harness_run(argc, argv);
+}

--=20
2.54.0.746.g67dd491aae-goog