diff mbox series

[v4,17/22] x86/virt/tdx: Reserve TDX module global KeyID

Message ID	75a338a8625d42f4090c4e60aee59cb977ebabb4.1654025431.git.kai.huang@intel.com (mailing list archive)
State	New, archived
Headers	show Return-Path: <kvm-owner@kernel.org> From: Kai Huang <kai.huang@intel.com> To: linux-kernel@vger.kernel.org, kvm@vger.kernel.org Cc: seanjc@google.com, pbonzini@redhat.com, dave.hansen@intel.com, len.brown@intel.com, tony.luck@intel.com, rafael.j.wysocki@intel.com, reinette.chatre@intel.com, dan.j.williams@intel.com, peterz@infradead.org, ak@linux.intel.com, kirill.shutemov@linux.intel.com, sathyanarayanan.kuppuswamy@linux.intel.com, isaku.yamahata@intel.com, kai.huang@intel.com Subject: [PATCH v4 17/22] x86/virt/tdx: Reserve TDX module global KeyID Date: Wed, 1 Jun 2022 07:39:40 +1200 Message-Id: <75a338a8625d42f4090c4e60aee59cb977ebabb4.1654025431.git.kai.huang@intel.com> In-Reply-To: <cover.1654025430.git.kai.huang@intel.com> References: <cover.1654025430.git.kai.huang@intel.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Precedence: bulk
Series	TDX host kernel support \| expand [v4,00/22] TDX host kernel support [v4,01/22] x86/virt/tdx: Detect TDX during kernel boot [v4,02/22] cc_platform: Add new attribute to prevent ACPI CPU hotplug [v4,03/22] cc_platform: Add new attribute to prevent ACPI memory hotplug [v4,04/22] x86/virt/tdx: Prevent ACPI CPU hotplug and ACPI memory hotplug [v4,05/22] x86/virt/tdx: Prevent hot-add driver managed memory [v4,06/22] x86/virt/tdx: Add skeleton to initialize TDX on demand [v4,07/22] x86/virt/tdx: Implement SEAMCALL function [v4,08/22] x86/virt/tdx: Shut down TDX module in case of error [v4,09/22] x86/virt/tdx: Detect TDX module by doing module global initialization [v4,10/22] x86/virt/tdx: Do logical-cpu scope TDX module initialization [v4,11/22] x86/virt/tdx: Get information about TDX module and TDX-capable memory [v4,12/22] x86/virt/tdx: Convert all memory regions in memblock to TDX memory [v4,13/22] x86/virt/tdx: Add placeholder to construct TDMRs based on memblock [v4,14/22] x86/virt/tdx: Create TDMRs to cover all memblock memory regions [v4,15/22] x86/virt/tdx: Allocate and set up PAMTs for TDMRs [v4,16/22] x86/virt/tdx: Set up reserved areas for all TDMRs [v4,17/22] x86/virt/tdx: Reserve TDX module global KeyID [v4,18/22] x86/virt/tdx: Configure TDX module with TDMRs and global KeyID [v4,19/22] x86/virt/tdx: Configure global KeyID on all packages [v4,20/22] x86/virt/tdx: Initialize all TDMRs [v4,21/22] x86/virt/tdx: Support kexec() [v4,22/22] Documentation/x86: Add documentation for TDX host support

Commit Message

Huang, Kai May 31, 2022, 7:39 p.m. UTC

TDX module initialization requires to use one TDX private KeyID as the
global KeyID to protect the TDX module metadata.  The global KeyID is
configured to the TDX module along with TDMRs.

Just reserve the first TDX private KeyID as the global KeyID.  Keep the
global KeyID as a static variable as KVM will need to use it too.

Signed-off-by: Kai Huang <kai.huang@intel.com>
---
 arch/x86/virt/vmx/tdx/tdx.c | 9 +++++++++
 1 file changed, 9 insertions(+)

diff mbox series

Patch

diff --git a/arch/x86/virt/vmx/tdx/tdx.c b/arch/x86/virt/vmx/tdx/tdx.c
index 8d1a9ff7e7b5..7e5f685139fe 100644
--- a/arch/x86/virt/vmx/tdx/tdx.c
+++ b/arch/x86/virt/vmx/tdx/tdx.c
@@ -55,6 +55,9 @@  static struct tdsysinfo_struct tdx_sysinfo;
 static struct cmr_info tdx_cmr_array[MAX_CMRS] __aligned(CMR_INFO_ARRAY_ALIGNMENT);
 static int tdx_cmr_num;
 
+/* TDX module global KeyID.  Used in TDH.SYS.CONFIG ABI. */
+static u32 tdx_global_keyid;
+
 /* Detect whether CPU supports SEAM */
 static int detect_seam(void)
 {
@@ -996,6 +999,12 @@  static int init_tdx_module(void)
 	if (ret)
 		goto out_free_tdmrs;
 
+	/*
+	 * Reserve the first TDX KeyID as global KeyID to protect
+	 * TDX module metadata.
+	 */
+	tdx_global_keyid = tdx_keyid_start;
+
 	/*
 	 * Return -EINVAL until all steps of TDX module initialization
 	 * process are done.