| Message ID | 167f8f7e9b19154d30c7fe8f733f947592eb244c.1708933498.git.isaku.yamahata@intel.com (mailing list archive) |
|---|---|
| State | New, archived |
| Headers | show |
| Series | [v19,001/130] x86/virt/tdx: Rename _offset to _member for TD_SYSINFO_MAP() macro | expand |
On 26/02/2024 9:25 pm, Yamahata, Isaku wrote: > From: Sean Christopherson <sean.j.christopherson@intel.com> > > Implement an ioctl to get system-wide parameters for TDX. Although the > function is systemwide, vm scoped mem_enc ioctl works for userspace VMM > like qemu and device scoped version is not define, re-use vm scoped > mem_enc. -EPARSE for the part starting from "and device scoped ...". Grammar check please. > > Signed-off-by: Sean Christopherson <sean.j.christopherson@intel.com> > Signed-off-by: Isaku Yamahata <isaku.yamahata@intel.com> > --- > v18: > - drop the use of tdhsysinfo_struct and TDH.SYS.INFO, use TDH.SYS.RD(). > For that, dynamically allocate/free tdx_info. > - drop the change of tools/arch/x86/include/uapi/asm/kvm.h. > > v14 -> v15: > - ABI change: added supported_gpaw and reserved area. > > Signed-off-by: Isaku Yamahata <isaku.yamahata@intel.com> > --- > arch/x86/include/uapi/asm/kvm.h | 17 ++++++++++ > arch/x86/kvm/vmx/tdx.c | 56 +++++++++++++++++++++++++++++++++ > arch/x86/kvm/vmx/tdx.h | 3 ++ > 3 files changed, 76 insertions(+) > > diff --git a/arch/x86/include/uapi/asm/kvm.h b/arch/x86/include/uapi/asm/kvm.h > index 9ea46d143bef..e28189c81691 100644 > --- a/arch/x86/include/uapi/asm/kvm.h > +++ b/arch/x86/include/uapi/asm/kvm.h > @@ -604,4 +604,21 @@ struct kvm_tdx_cpuid_config { > __u32 edx; > }; > > +/* supported_gpaw */ > +#define TDX_CAP_GPAW_48 (1 << 0) > +#define TDX_CAP_GPAW_52 (1 << 1) > + > +struct kvm_tdx_capabilities { > + __u64 attrs_fixed0; > + __u64 attrs_fixed1; > + __u64 xfam_fixed0; > + __u64 xfam_fixed1; > + __u32 supported_gpaw; > + __u32 padding; > + __u64 reserved[251]; > + > + __u32 nr_cpuid_configs; > + struct kvm_tdx_cpuid_config cpuid_configs[]; > +}; > + I think you should use __DECLARE_FLEX_ARRAY(). It's already used in existing KVM UAPI header: struct kvm_nested_state { ... union { __DECLARE_FLEX_ARRAY(struct kvm_vmx_nested_state_data, vmx); __DECLARE_FLEX_ARRAY(struct kvm_svm_nested_state_data, svm); } data; } > #endif /* _ASM_X86_KVM_H */ > diff --git a/arch/x86/kvm/vmx/tdx.c b/arch/x86/kvm/vmx/tdx.c > index 07a3f0f75f87..816ccdb4bc41 100644 > --- a/arch/x86/kvm/vmx/tdx.c > +++ b/arch/x86/kvm/vmx/tdx.c > @@ -6,6 +6,7 @@ > #include "capabilities.h" > #include "x86_ops.h" > #include "x86.h" > +#include "mmu.h" > #include "tdx_arch.h" > #include "tdx.h" > > @@ -55,6 +56,58 @@ struct tdx_info { > /* Info about the TDX module. */ > static struct tdx_info *tdx_info; > > +static int tdx_get_capabilities(struct kvm_tdx_cmd *cmd) > +{ > + struct kvm_tdx_capabilities __user *user_caps; > + struct kvm_tdx_capabilities *caps = NULL; > + int ret = 0; > + > + if (cmd->flags) > + return -EINVAL; Add a comment? /* flags is reserved for future use */ > + > + caps = kmalloc(sizeof(*caps), GFP_KERNEL); > + if (!caps) > + return -ENOMEM; > + > + user_caps = (void __user *)cmd->data; > + if (copy_from_user(caps, user_caps, sizeof(*caps))) { > + ret = -EFAULT; > + goto out; > + } > + > + if (caps->nr_cpuid_configs < tdx_info->num_cpuid_config) { > + ret = -E2BIG; > + goto out; > + } > + > + *caps = (struct kvm_tdx_capabilities) { > + .attrs_fixed0 = tdx_info->attributes_fixed0, > + .attrs_fixed1 = tdx_info->attributes_fixed1, > + .xfam_fixed0 = tdx_info->xfam_fixed0, > + .xfam_fixed1 = tdx_info->xfam_fixed1, > + .supported_gpaw = TDX_CAP_GPAW_48 | > + ((kvm_get_shadow_phys_bits() >= 52 && > + cpu_has_vmx_ept_5levels()) ? TDX_CAP_GPAW_52 : 0), > + .nr_cpuid_configs = tdx_info->num_cpuid_config, > + .padding = 0, > + }; > + > + if (copy_to_user(user_caps, caps, sizeof(*caps))) { > + ret = -EFAULT; > + goto out; > + } Add an empty line. > + if (copy_to_user(user_caps->cpuid_configs, &tdx_info->cpuid_configs, > + tdx_info->num_cpuid_config * > + sizeof(tdx_info->cpuid_configs[0]))) { > + ret = -EFAULT; > + } I think the '{ }' is needed here. > + > +out: > + /* kfree() accepts NULL. */ > + kfree(caps); > + return ret; > +} > + > int tdx_vm_ioctl(struct kvm *kvm, void __user *argp) > { > struct kvm_tdx_cmd tdx_cmd; > @@ -68,6 +121,9 @@ int tdx_vm_ioctl(struct kvm *kvm, void __user *argp) > mutex_lock(&kvm->lock); > > switch (tdx_cmd.id) { > + case KVM_TDX_CAPABILITIES: > + r = tdx_get_capabilities(&tdx_cmd); > + break; > default: > r = -EINVAL; > goto out; > diff --git a/arch/x86/kvm/vmx/tdx.h b/arch/x86/kvm/vmx/tdx.h > index 473013265bd8..22c0b57f69ca 100644 > --- a/arch/x86/kvm/vmx/tdx.h > +++ b/arch/x86/kvm/vmx/tdx.h > @@ -3,6 +3,9 @@ > #define __KVM_X86_TDX_H > > #ifdef CONFIG_INTEL_TDX_HOST > + > +#include "tdx_ops.h" > + It appears "tdx_ops.h" is used for making SEAMCALLs. I don't see this patch uses any SEAMCALL so I am wondering whether this chunk is needed here? > struct kvm_tdx { > struct kvm kvm; > /* TDX specific members follow. */
On Fri, Mar 22, 2024 at 11:26:17AM +1300, "Huang, Kai" <kai.huang@intel.com> wrote: > > diff --git a/arch/x86/include/uapi/asm/kvm.h b/arch/x86/include/uapi/asm/kvm.h > > index 9ea46d143bef..e28189c81691 100644 > > --- a/arch/x86/include/uapi/asm/kvm.h > > +++ b/arch/x86/include/uapi/asm/kvm.h > > @@ -604,4 +604,21 @@ struct kvm_tdx_cpuid_config { > > __u32 edx; > > }; > > +/* supported_gpaw */ > > +#define TDX_CAP_GPAW_48 (1 << 0) > > +#define TDX_CAP_GPAW_52 (1 << 1) > > + > > +struct kvm_tdx_capabilities { > > + __u64 attrs_fixed0; > > + __u64 attrs_fixed1; > > + __u64 xfam_fixed0; > > + __u64 xfam_fixed1; > > + __u32 supported_gpaw; > > + __u32 padding; > > + __u64 reserved[251]; > > + > > + __u32 nr_cpuid_configs; > > + struct kvm_tdx_cpuid_config cpuid_configs[]; > > +}; > > + > > I think you should use __DECLARE_FLEX_ARRAY(). > > It's already used in existing KVM UAPI header: > > struct kvm_nested_state { > ... > union { > __DECLARE_FLEX_ARRAY(struct kvm_vmx_nested_state_data, > vmx); > __DECLARE_FLEX_ARRAY(struct kvm_svm_nested_state_data, > svm); > } data; > } Yes, will use it. > > + if (copy_to_user(user_caps->cpuid_configs, &tdx_info->cpuid_configs, > > + tdx_info->num_cpuid_config * > > + sizeof(tdx_info->cpuid_configs[0]))) { > > + ret = -EFAULT; > > + } > > I think the '{ }' is needed here. Unnecessary? Will remove braces. > > + > > +out: > > + /* kfree() accepts NULL. */ > > + kfree(caps); > > + return ret; > > +} > > + > > int tdx_vm_ioctl(struct kvm *kvm, void __user *argp) > > { > > struct kvm_tdx_cmd tdx_cmd; > > @@ -68,6 +121,9 @@ int tdx_vm_ioctl(struct kvm *kvm, void __user *argp) > > mutex_lock(&kvm->lock); > > switch (tdx_cmd.id) { > > + case KVM_TDX_CAPABILITIES: > > + r = tdx_get_capabilities(&tdx_cmd); > > + break; > > default: > > r = -EINVAL; > > goto out; > > diff --git a/arch/x86/kvm/vmx/tdx.h b/arch/x86/kvm/vmx/tdx.h > > index 473013265bd8..22c0b57f69ca 100644 > > --- a/arch/x86/kvm/vmx/tdx.h > > +++ b/arch/x86/kvm/vmx/tdx.h > > @@ -3,6 +3,9 @@ > > #define __KVM_X86_TDX_H > > #ifdef CONFIG_INTEL_TDX_HOST > > + > > +#include "tdx_ops.h" > > + > > It appears "tdx_ops.h" is used for making SEAMCALLs. > > I don't see this patch uses any SEAMCALL so I am wondering whether this > chunk is needed here? Will remove it to move it to an appropriate patch
On 23/03/2024 1:28 pm, Yamahata, Isaku wrote: >>> + if (copy_to_user(user_caps->cpuid_configs, &tdx_info->cpuid_configs, >>> + tdx_info->num_cpuid_config * >>> + sizeof(tdx_info->cpuid_configs[0]))) { >>> + ret = -EFAULT; >>> + } >> I think the '{ }' is needed here. > Unnecessary? Will remove braces. Right. Sorry I didn't finish the 'isn't'.
On Mon, 2024-02-26 at 00:25 -0800, isaku.yamahata@intel.com wrote: > --- a/arch/x86/kvm/vmx/tdx.h > +++ b/arch/x86/kvm/vmx/tdx.h > @@ -3,6 +3,9 @@ > #define __KVM_X86_TDX_H > > #ifdef CONFIG_INTEL_TDX_HOST > + > +#include "tdx_ops.h" > + > struct kvm_tdx { > struct kvm kvm; > /* TDX specific members follow. */ I am consistently hitting build error for the middle patches in our internal tree, mostly because of this madness of header file inclusion. I found the above inclusion of "tdx_ops.h" in "tdx.h" just out of blue. We have - "tdx_arch.h" - "tdx_errno.h" - "tdx_ops.h" - "tdx.h" The first two can be included by the "tdx.h", so that we can have a rule for C files to just include "tdx.h", i.e., the C files should never need to include the first two explicitly. The "tdx_ops.h" is a little bit confusing. I _think_ the purpose of it is to only contain SEAMCALL wrappers. But I am not sure whether it can be included by any C file directly. Based on above code change, I _think_ the intention is to also embed it to "tdx.h", so the C files should just include "tdx.h". But based on Sean's comments, the SEAMCALL wrappers will be changed to take 'struct kvm_tdx *' and 'struct vcpu_tdx *', so they need the declaration of those structures which are in "tdx.h". I think we can just make a rule that, "tdx_ops.h" should never be directly included by any C file, instead, we include "tdx_ops.h" into "tdx.h" somewhere after declaration of 'struct kvm_tdx' and 'struct vcpu_tdx'. And such inclusion should happen when the "tdx_ops.h" is introduced. Am I missing anything?
diff --git a/arch/x86/include/uapi/asm/kvm.h b/arch/x86/include/uapi/asm/kvm.h index 9ea46d143bef..e28189c81691 100644 --- a/arch/x86/include/uapi/asm/kvm.h +++ b/arch/x86/include/uapi/asm/kvm.h @@ -604,4 +604,21 @@ struct kvm_tdx_cpuid_config { __u32 edx; }; +/* supported_gpaw */ +#define TDX_CAP_GPAW_48 (1 << 0) +#define TDX_CAP_GPAW_52 (1 << 1) + +struct kvm_tdx_capabilities { + __u64 attrs_fixed0; + __u64 attrs_fixed1; + __u64 xfam_fixed0; + __u64 xfam_fixed1; + __u32 supported_gpaw; + __u32 padding; + __u64 reserved[251]; + + __u32 nr_cpuid_configs; + struct kvm_tdx_cpuid_config cpuid_configs[]; +}; + #endif /* _ASM_X86_KVM_H */ diff --git a/arch/x86/kvm/vmx/tdx.c b/arch/x86/kvm/vmx/tdx.c index 07a3f0f75f87..816ccdb4bc41 100644 --- a/arch/x86/kvm/vmx/tdx.c +++ b/arch/x86/kvm/vmx/tdx.c @@ -6,6 +6,7 @@ #include "capabilities.h" #include "x86_ops.h" #include "x86.h" +#include "mmu.h" #include "tdx_arch.h" #include "tdx.h" @@ -55,6 +56,58 @@ struct tdx_info { /* Info about the TDX module. */ static struct tdx_info *tdx_info; +static int tdx_get_capabilities(struct kvm_tdx_cmd *cmd) +{ + struct kvm_tdx_capabilities __user *user_caps; + struct kvm_tdx_capabilities *caps = NULL; + int ret = 0; + + if (cmd->flags) + return -EINVAL; + + caps = kmalloc(sizeof(*caps), GFP_KERNEL); + if (!caps) + return -ENOMEM; + + user_caps = (void __user *)cmd->data; + if (copy_from_user(caps, user_caps, sizeof(*caps))) { + ret = -EFAULT; + goto out; + } + + if (caps->nr_cpuid_configs < tdx_info->num_cpuid_config) { + ret = -E2BIG; + goto out; + } + + *caps = (struct kvm_tdx_capabilities) { + .attrs_fixed0 = tdx_info->attributes_fixed0, + .attrs_fixed1 = tdx_info->attributes_fixed1, + .xfam_fixed0 = tdx_info->xfam_fixed0, + .xfam_fixed1 = tdx_info->xfam_fixed1, + .supported_gpaw = TDX_CAP_GPAW_48 | + ((kvm_get_shadow_phys_bits() >= 52 && + cpu_has_vmx_ept_5levels()) ? TDX_CAP_GPAW_52 : 0), + .nr_cpuid_configs = tdx_info->num_cpuid_config, + .padding = 0, + }; + + if (copy_to_user(user_caps, caps, sizeof(*caps))) { + ret = -EFAULT; + goto out; + } + if (copy_to_user(user_caps->cpuid_configs, &tdx_info->cpuid_configs, + tdx_info->num_cpuid_config * + sizeof(tdx_info->cpuid_configs[0]))) { + ret = -EFAULT; + } + +out: + /* kfree() accepts NULL. */ + kfree(caps); + return ret; +} + int tdx_vm_ioctl(struct kvm *kvm, void __user *argp) { struct kvm_tdx_cmd tdx_cmd; @@ -68,6 +121,9 @@ int tdx_vm_ioctl(struct kvm *kvm, void __user *argp) mutex_lock(&kvm->lock); switch (tdx_cmd.id) { + case KVM_TDX_CAPABILITIES: + r = tdx_get_capabilities(&tdx_cmd); + break; default: r = -EINVAL; goto out; diff --git a/arch/x86/kvm/vmx/tdx.h b/arch/x86/kvm/vmx/tdx.h index 473013265bd8..22c0b57f69ca 100644 --- a/arch/x86/kvm/vmx/tdx.h +++ b/arch/x86/kvm/vmx/tdx.h @@ -3,6 +3,9 @@ #define __KVM_X86_TDX_H #ifdef CONFIG_INTEL_TDX_HOST + +#include "tdx_ops.h" + struct kvm_tdx { struct kvm kvm; /* TDX specific members follow. */