From patchwork Mon Feb 13 11:59:10 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Huang, Kai" X-Patchwork-Id: 13138318 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 9C591C636D4 for ; Mon, 13 Feb 2023 12:01:03 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230395AbjBMMBC (ORCPT ); Mon, 13 Feb 2023 07:01:02 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:36818 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230473AbjBMMAn (ORCPT ); Mon, 13 Feb 2023 07:00:43 -0500 Received: from mga01.intel.com (mga01.intel.com [192.55.52.88]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 698A31A65F; Mon, 13 Feb 2023 04:00:29 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1676289629; x=1707825629; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=6hl+bXXiRVGiGthCtAdZGGt9ykL2zfBjTabiMcyXn8o=; b=mD3snYve//FUv6cMYCTebvax4y0Evwyql0JA1zdLudf/0vkBGw3qDmRR SsWndmmZ//w9FlHD5F2IG7KA6BDXX8dVrpD8pEGDFXGg/C73geAHEC0zh WEHvTbXymT1gMEsRONXsLPh0SNfZRYeam4EY6WZ94UaXcR7YWSVSAdtNZ Lj/Zvr+rjYpq33W608xoqrcCUWyTWejYgIk/KwWqvepeHf8zu4Dn3SX6+ RgCCmWS16bM/OtqKErm/vjHvPOrkAD3Wai38wESjCsw8KtLLno9ssOrcc dgIBg5FchGRzS6xZmvyDneQ1YQ4+yhED7TLK+bbG+QjQKtbTGzsQKIneN w==; X-IronPort-AV: E=McAfee;i="6500,9779,10619"; a="358283091" X-IronPort-AV: E=Sophos;i="5.97,293,1669104000"; d="scan'208";a="358283091" Received: from orsmga001.jf.intel.com ([10.7.209.18]) by fmsmga101.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 13 Feb 2023 04:00:28 -0800 X-IronPort-AV: E=McAfee;i="6500,9779,10619"; a="701243202" X-IronPort-AV: E=Sophos;i="5.97,293,1669104000"; d="scan'208";a="701243202" Received: from wonger-mobl.amr.corp.intel.com (HELO khuang2-desk.gar.corp.intel.com) ([10.209.188.34]) by orsmga001-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 13 Feb 2023 04:00:22 -0800 From: Kai Huang To: linux-kernel@vger.kernel.org, kvm@vger.kernel.org Cc: linux-mm@kvack.org, dave.hansen@intel.com, peterz@infradead.org, tglx@linutronix.de, seanjc@google.com, pbonzini@redhat.com, dan.j.williams@intel.com, rafael.j.wysocki@intel.com, kirill.shutemov@linux.intel.com, ying.huang@intel.com, reinette.chatre@intel.com, len.brown@intel.com, tony.luck@intel.com, ak@linux.intel.com, isaku.yamahata@intel.com, chao.gao@intel.com, sathyanarayanan.kuppuswamy@linux.intel.com, david@redhat.com, bagasdotme@gmail.com, sagis@google.com, imammedo@redhat.com, kai.huang@intel.com Subject: [PATCH v9 03/18] x86/virt/tdx: Make INTEL_TDX_HOST depend on X86_X2APIC Date: Tue, 14 Feb 2023 00:59:10 +1300 Message-Id: <5b4de9199779c07e2d432d1ea9aadafd0894503a.1676286526.git.kai.huang@intel.com> X-Mailer: git-send-email 2.39.1 In-Reply-To: References: MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: kvm@vger.kernel.org TDX capable platforms are locked to X2APIC mode and cannot fall back to the legacy xAPIC mode when TDX is enabled by the BIOS. TDX host support requires x2APIC. Make INTEL_TDX_HOST depend on X86_X2APIC. Link: https://lore.kernel.org/lkml/ba80b303-31bf-d44a-b05d-5c0f83038798@intel.com/ Signed-off-by: Kai Huang Reviewed-by: Dave Hansen --- v8 -> v9: - Added Dave's Reviewed-by. v7 -> v8: (Dave) - Only make INTEL_TDX_HOST depend on X86_X2APIC but removed other code - Rewrote the changelog. v6 -> v7: - Changed to use "Link" for the two lore links to get rid of checkpatch warning. --- arch/x86/Kconfig | 1 + 1 file changed, 1 insertion(+) diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig index fc010973a6ff..6dd5d5586099 100644 --- a/arch/x86/Kconfig +++ b/arch/x86/Kconfig @@ -1957,6 +1957,7 @@ config INTEL_TDX_HOST depends on CPU_SUP_INTEL depends on X86_64 depends on KVM_INTEL + depends on X86_X2APIC help Intel Trust Domain Extensions (TDX) protects guest VMs from malicious host and certain physical attacks. This option enables necessary TDX