From patchwork Mon Oct 28 12:41:03 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Huang, Kai" X-Patchwork-Id: 13853428 Received: from mgamail.intel.com (mgamail.intel.com [192.198.163.13]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id F33DB1D9598; Mon, 28 Oct 2024 12:41:30 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=192.198.163.13 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1730119293; cv=none; b=Gmbp/MB83YOCPESOtoWpaHic+meZwLm23XWD/zD2AusRMb02q1VQG+f2YzPBU8n+JhbQAN0u7mY5F4cXRoN9rU21SqWtOkm6n613cYSb+K9n+B805ljPYcF8awaRn2t6oTTAJvP6yFg8DDykAxazhDHLNOfDbBl/qEBPzvK74Ko= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1730119293; c=relaxed/simple; bh=iJrknpuZDTQn1my2KbzFpSYQx081vYUCNcNifeNVA2E=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=nGOyT3/9Y9JgOtDGPrszhOYaTyi/VyP+FQVY4+gZbdvqKURgM9s2rtIIn4QuvHRxTY7c+rMOndjAbm6V48VrHG/EqmWp2ovcIXASMypOSKyFIf1TdR2D5JsVm8mdd62HibKIVDnS/sSNGXrHmPSrb/hEZH9ZlA9ZGoyF7E1gHKk= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=intel.com; spf=pass smtp.mailfrom=intel.com; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b=AZKIGymG; arc=none smtp.client-ip=192.198.163.13 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=intel.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=intel.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b="AZKIGymG" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1730119291; x=1761655291; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=iJrknpuZDTQn1my2KbzFpSYQx081vYUCNcNifeNVA2E=; b=AZKIGymGtoPnfjY54X3Su1VoFXUC+jt2/EehZICD9SIuYofqnbFDJvfh Z+LWnHk4lElRT8IFGpIL+wbpyjYjFVIMA+/Hn/mudmx37ESM8zEs9TibI s16PxzyaxjQNjwN+iApgB96cfDorT4OB+VpLU/NFb2EvWiS1rGKneQaLZ 5BZro636BrW65aTalgIiolGVBJbdtU2gHdbS8dLInos9UWdstDs6npzOx jzWsvx1xkpVs6ipCnkVKfq15bZm6DNMdAnhzzcMw9Fh+spI6c+Sw4CxSz kQ2x9D+PdvxrPImK6XxgD/2tuR/yB4lR8SsWgbEmfTB+CU6iHhso62XqU w==; X-CSE-ConnectionGUID: 3xTZ/BKsTnScGbOcjysweA== X-CSE-MsgGUID: Cj1f+GgiRjyvpa4tYeon0Q== X-IronPort-AV: E=McAfee;i="6700,10204,11238"; a="32575222" X-IronPort-AV: E=Sophos;i="6.11,239,1725346800"; d="scan'208";a="32575222" Received: from orviesa008.jf.intel.com ([10.64.159.148]) by fmvoesa107.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 28 Oct 2024 05:41:30 -0700 X-CSE-ConnectionGUID: qS8JXm2qR9OEb9TfbeqnEQ== X-CSE-MsgGUID: MGKO70BhTYGDySanEutVzw== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="6.11,239,1725346800"; d="scan'208";a="82420867" Received: from gargmani-mobl1.amr.corp.intel.com (HELO khuang2-desk.gar.corp.intel.com) ([10.124.222.169]) by orviesa008-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 28 Oct 2024 05:41:26 -0700 From: Kai Huang To: dave.hansen@intel.com, kirill.shutemov@linux.intel.com, tglx@linutronix.de, bp@alien8.de, peterz@infradead.org, mingo@redhat.com, hpa@zytor.com, dan.j.williams@intel.com, seanjc@google.com, pbonzini@redhat.com Cc: x86@kernel.org, linux-kernel@vger.kernel.org, kvm@vger.kernel.org, rick.p.edgecombe@intel.com, isaku.yamahata@intel.com, adrian.hunter@intel.com, nik.borisov@suse.com, kai.huang@intel.com Subject: [PATCH v6 01/10] x86/virt/tdx: Rename 'struct tdx_tdmr_sysinfo' to reflect the spec better Date: Tue, 29 Oct 2024 01:41:03 +1300 Message-ID: <9e870c22df3f2b05cdfac378a4dc655594a0b461.1730118186.git.kai.huang@intel.com> X-Mailer: git-send-email 2.46.2 In-Reply-To: References: Precedence: bulk X-Mailing-List: kvm@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 The TDX module provides a set of "Global Metadata Fields". They report things like TDX module version, supported features, and fields related to create/run TDX guests and so on. TDX organizes those metadata fields by "Classes" based on the meaning of those fields. E.g., for now the kernel only reads "TD Memory Region" (TDMR) related fields for module initialization. Those fields are defined under class "TDMR Info". There are both immediate needs to read more metadata fields for module initialization and near-future needs for other kernel components like KVM to run TDX guests. To meet all those requirements, the idea is the TDX host core-kernel to provide a centralized, canonical, and read-only structure for the global metadata that comes out from the TDX module for all kernel components to use. More specifically, the target is to end up with something like: struct tdx_sys_info { struct tdx_sys_info_classA a; struct tdx_sys_info_classB b; ... }; Currently the kernel organizes all fields under "TDMR Info" class in 'struct tdx_tdmr_sysinfo'. To prepare for the above target, rename the structure to 'struct tdx_sys_info_tdmr' to follow the class name better. No functional change intended. Signed-off-by: Kai Huang Reviewed-by: Adrian Hunter Reviewed-by: Dan Williams --- arch/x86/virt/vmx/tdx/tdx.c | 36 ++++++++++++++++++------------------ arch/x86/virt/vmx/tdx/tdx.h | 2 +- 2 files changed, 19 insertions(+), 19 deletions(-) diff --git a/arch/x86/virt/vmx/tdx/tdx.c b/arch/x86/virt/vmx/tdx/tdx.c index 4e2b2e2ac9f9..e979bf442929 100644 --- a/arch/x86/virt/vmx/tdx/tdx.c +++ b/arch/x86/virt/vmx/tdx/tdx.c @@ -272,7 +272,7 @@ static int read_sys_metadata_field(u64 field_id, u64 *data) static int read_sys_metadata_field16(u64 field_id, int offset, - struct tdx_tdmr_sysinfo *ts) + struct tdx_sys_info_tdmr *ts) { u16 *ts_member = ((void *)ts) + offset; u64 tmp; @@ -298,9 +298,9 @@ struct field_mapping { #define TD_SYSINFO_MAP(_field_id, _offset) \ { .field_id = MD_FIELD_ID_##_field_id, \ - .offset = offsetof(struct tdx_tdmr_sysinfo, _offset) } + .offset = offsetof(struct tdx_sys_info_tdmr, _offset) } -/* Map TD_SYSINFO fields into 'struct tdx_tdmr_sysinfo': */ +/* Map TD_SYSINFO fields into 'struct tdx_sys_info_tdmr': */ static const struct field_mapping fields[] = { TD_SYSINFO_MAP(MAX_TDMRS, max_tdmrs), TD_SYSINFO_MAP(MAX_RESERVED_PER_TDMR, max_reserved_per_tdmr), @@ -309,16 +309,16 @@ static const struct field_mapping fields[] = { TD_SYSINFO_MAP(PAMT_1G_ENTRY_SIZE, pamt_entry_size[TDX_PS_1G]), }; -static int get_tdx_tdmr_sysinfo(struct tdx_tdmr_sysinfo *tdmr_sysinfo) +static int get_tdx_sys_info_tdmr(struct tdx_sys_info_tdmr *sysinfo_tdmr) { int ret; int i; - /* Populate 'tdmr_sysinfo' fields using the mapping structure above: */ + /* Populate 'sysinfo_tdmr' fields using the mapping structure above: */ for (i = 0; i < ARRAY_SIZE(fields); i++) { ret = read_sys_metadata_field16(fields[i].field_id, fields[i].offset, - tdmr_sysinfo); + sysinfo_tdmr); if (ret) return ret; } @@ -342,13 +342,13 @@ static int tdmr_size_single(u16 max_reserved_per_tdmr) } static int alloc_tdmr_list(struct tdmr_info_list *tdmr_list, - struct tdx_tdmr_sysinfo *tdmr_sysinfo) + struct tdx_sys_info_tdmr *sysinfo_tdmr) { size_t tdmr_sz, tdmr_array_sz; void *tdmr_array; - tdmr_sz = tdmr_size_single(tdmr_sysinfo->max_reserved_per_tdmr); - tdmr_array_sz = tdmr_sz * tdmr_sysinfo->max_tdmrs; + tdmr_sz = tdmr_size_single(sysinfo_tdmr->max_reserved_per_tdmr); + tdmr_array_sz = tdmr_sz * sysinfo_tdmr->max_tdmrs; /* * To keep things simple, allocate all TDMRs together. @@ -367,7 +367,7 @@ static int alloc_tdmr_list(struct tdmr_info_list *tdmr_list, * at a given index in the TDMR list. */ tdmr_list->tdmr_sz = tdmr_sz; - tdmr_list->max_tdmrs = tdmr_sysinfo->max_tdmrs; + tdmr_list->max_tdmrs = sysinfo_tdmr->max_tdmrs; tdmr_list->nr_consumed_tdmrs = 0; return 0; @@ -921,11 +921,11 @@ static int tdmrs_populate_rsvd_areas_all(struct tdmr_info_list *tdmr_list, /* * Construct a list of TDMRs on the preallocated space in @tdmr_list * to cover all TDX memory regions in @tmb_list based on the TDX module - * TDMR global information in @tdmr_sysinfo. + * TDMR global information in @sysinfo_tdmr. */ static int construct_tdmrs(struct list_head *tmb_list, struct tdmr_info_list *tdmr_list, - struct tdx_tdmr_sysinfo *tdmr_sysinfo) + struct tdx_sys_info_tdmr *sysinfo_tdmr) { int ret; @@ -934,12 +934,12 @@ static int construct_tdmrs(struct list_head *tmb_list, return ret; ret = tdmrs_set_up_pamt_all(tdmr_list, tmb_list, - tdmr_sysinfo->pamt_entry_size); + sysinfo_tdmr->pamt_entry_size); if (ret) return ret; ret = tdmrs_populate_rsvd_areas_all(tdmr_list, tmb_list, - tdmr_sysinfo->max_reserved_per_tdmr); + sysinfo_tdmr->max_reserved_per_tdmr); if (ret) tdmrs_free_pamt_all(tdmr_list); @@ -1098,7 +1098,7 @@ static int init_tdmrs(struct tdmr_info_list *tdmr_list) static int init_tdx_module(void) { - struct tdx_tdmr_sysinfo tdmr_sysinfo; + struct tdx_sys_info_tdmr sysinfo_tdmr; int ret; /* @@ -1117,17 +1117,17 @@ static int init_tdx_module(void) if (ret) goto out_put_tdxmem; - ret = get_tdx_tdmr_sysinfo(&tdmr_sysinfo); + ret = get_tdx_sys_info_tdmr(&sysinfo_tdmr); if (ret) goto err_free_tdxmem; /* Allocate enough space for constructing TDMRs */ - ret = alloc_tdmr_list(&tdx_tdmr_list, &tdmr_sysinfo); + ret = alloc_tdmr_list(&tdx_tdmr_list, &sysinfo_tdmr); if (ret) goto err_free_tdxmem; /* Cover all TDX-usable memory regions in TDMRs */ - ret = construct_tdmrs(&tdx_memlist, &tdx_tdmr_list, &tdmr_sysinfo); + ret = construct_tdmrs(&tdx_memlist, &tdx_tdmr_list, &sysinfo_tdmr); if (ret) goto err_free_tdmrs; diff --git a/arch/x86/virt/vmx/tdx/tdx.h b/arch/x86/virt/vmx/tdx/tdx.h index b701f69485d3..148f9b4d1140 100644 --- a/arch/x86/virt/vmx/tdx/tdx.h +++ b/arch/x86/virt/vmx/tdx/tdx.h @@ -100,7 +100,7 @@ struct tdx_memblock { }; /* "TDMR info" part of "Global Scope Metadata" for constructing TDMRs */ -struct tdx_tdmr_sysinfo { +struct tdx_sys_info_tdmr { u16 max_tdmrs; u16 max_reserved_per_tdmr; u16 pamt_entry_size[TDX_PS_NR]; From patchwork Mon Oct 28 12:41:04 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Huang, Kai" X-Patchwork-Id: 13853429 Received: from mgamail.intel.com (mgamail.intel.com [192.198.163.13]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id C8EDE1DA631; Mon, 28 Oct 2024 12:41:34 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=192.198.163.13 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1730119297; cv=none; b=aUW/tevnJICd2WnEUj9Cmw1Trr+F/JYkNRiANukHIm+kJhO++9gaDvYwElwwjddtE2TNXKoi2E1tm9Wdn7NrNQ6AWpz4AO05iEoR/T1Z8Y2S/l1kr/qDhUoKVO+yyfbDeeOrAwfoG4VHMTn2aHyKz2eivwVFhSJVoBexH8WKnSo= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1730119297; c=relaxed/simple; bh=pYi7OIDoJ46CKm4Mw+eRhen0urbKuTZSrqUBZnHH8ag=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=mc7qf2kuk3d/rBx5WNKW7Mc3l9OpuPkCnKWWusG0o8DAPRKRNWEKpR0IGEUKMnd5pCJ6Nbti+ewlL3Omj36ksLrOm1sl33pF37vkbvSOZhYyV6Q8SNiPCK36NrQJTAr4kWplK4QCSE6ekGrspY9jjD3HAbBBXTWxN//+2ZJ1/YQ= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=intel.com; spf=pass smtp.mailfrom=intel.com; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b=T6EGaXOp; arc=none smtp.client-ip=192.198.163.13 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=intel.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=intel.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b="T6EGaXOp" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1730119295; x=1761655295; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=pYi7OIDoJ46CKm4Mw+eRhen0urbKuTZSrqUBZnHH8ag=; b=T6EGaXOpnutmpkqgprrb+qBqAu66zhsrs1YED2EpzmNXwtfVR5E2tbEl firB+h+PJQJRiNowXEe+iQa6hg0L+23BMitipFBUtGKP4RBE04jgU4Efj ieJjZ/ua6VrAsyiqhCczFsfNWcvSCpN18Lj2jRmINFYCB6auXYNI+jJKk ntzU0MQRNuO1cr3t4Sf6DIQfdC2xREnPO1/1FB2H9r69kGFHyVPWKOTmL z/np6qI3v+Lr2Eku1Au03tyUinD9lrrNfvi0qKPz8fQ8oPkRfNQgSaaxV D5PUgmXQBMeRSjpAY7KLX5sLkj5oYuXbqcFBrO/5rfORGJT6wylIdQYqv g==; X-CSE-ConnectionGUID: sxkkmFOmRcyMbW/PlKE51Q== X-CSE-MsgGUID: nTkPq76eQ7iVYljPh/QMPg== X-IronPort-AV: E=McAfee;i="6700,10204,11238"; a="32575238" X-IronPort-AV: E=Sophos;i="6.11,239,1725346800"; d="scan'208";a="32575238" Received: from orviesa008.jf.intel.com ([10.64.159.148]) by fmvoesa107.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 28 Oct 2024 05:41:34 -0700 X-CSE-ConnectionGUID: U9gC8a2BQVqpOUNGKlCqsA== X-CSE-MsgGUID: IoAm5Sm1QT29zfypvjo2Lw== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="6.11,239,1725346800"; d="scan'208";a="82420884" Received: from gargmani-mobl1.amr.corp.intel.com (HELO khuang2-desk.gar.corp.intel.com) ([10.124.222.169]) by orviesa008-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 28 Oct 2024 05:41:30 -0700 From: Kai Huang To: dave.hansen@intel.com, kirill.shutemov@linux.intel.com, tglx@linutronix.de, bp@alien8.de, peterz@infradead.org, mingo@redhat.com, hpa@zytor.com, dan.j.williams@intel.com, seanjc@google.com, pbonzini@redhat.com Cc: x86@kernel.org, linux-kernel@vger.kernel.org, kvm@vger.kernel.org, rick.p.edgecombe@intel.com, isaku.yamahata@intel.com, adrian.hunter@intel.com, nik.borisov@suse.com, kai.huang@intel.com Subject: [PATCH v6 02/10] x86/virt/tdx: Start to track all global metadata in one structure Date: Tue, 29 Oct 2024 01:41:04 +1300 Message-ID: X-Mailer: git-send-email 2.46.2 In-Reply-To: References: Precedence: bulk X-Mailing-List: kvm@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 The TDX module provides a set of "Global Metadata Fields". They report things like TDX module version, supported features, and fields related to create/run TDX guests and so on. Currently the kernel only reads "TD Memory Region" (TDMR) related fields for module initialization. There are immediate needs which require the TDX module initialization to read more global metadata including module version, supported features and "Convertible Memory Regions" (CMRs). Also, KVM will need to read more metadata fields to support baseline TDX guests. In the longer term, other TDX features like TDX Connect (which supports assigning trusted IO devices to TDX guest) may also require other kernel components such as pci/vt-d to access global metadata. To meet all those requirements, the idea is the TDX host core-kernel to to provide a centralized, canonical, and read-only structure for the global metadata that comes out from the TDX module for all kernel components to use. As the first step, introduce a new 'struct tdx_sys_info' to track all global metadata fields. TDX categories global metadata fields into different "Classes". E.g., the TDMR related fields are under class "TDMR Info". Instead of making 'struct tdx_sys_info' a plain structure to contain all metadata fields, organize them in smaller structures based on the "Class". This allows those metadata fields to be used in finer granularity thus makes the code more clear. E.g., the construct_tdmr() can just take the structure which contains "TDMR Info" metadata fields. Add a new function get_tdx_sys_info() as the placeholder to read all metadata fields, and call it at the beginning of init_tdx_module(). For now it only calls get_tdx_sys_info_tdmr() to read TDMR related fields. Note there is a functional change: get_tdx_sys_info_tdmr() is moved from after build_tdx_memlist() to before it, but it is fine to do so. Signed-off-by: Kai Huang Reviewed-by: Adrian Hunter Reviewed-by: Dan Williams --- arch/x86/virt/vmx/tdx/tdx.c | 19 ++++++++++++------- arch/x86/virt/vmx/tdx/tdx.h | 19 ++++++++++++------- 2 files changed, 24 insertions(+), 14 deletions(-) diff --git a/arch/x86/virt/vmx/tdx/tdx.c b/arch/x86/virt/vmx/tdx/tdx.c index e979bf442929..7a2f979092e7 100644 --- a/arch/x86/virt/vmx/tdx/tdx.c +++ b/arch/x86/virt/vmx/tdx/tdx.c @@ -326,6 +326,11 @@ static int get_tdx_sys_info_tdmr(struct tdx_sys_info_tdmr *sysinfo_tdmr) return 0; } +static int get_tdx_sys_info(struct tdx_sys_info *sysinfo) +{ + return get_tdx_sys_info_tdmr(&sysinfo->tdmr); +} + /* Calculate the actual TDMR size */ static int tdmr_size_single(u16 max_reserved_per_tdmr) { @@ -1098,9 +1103,13 @@ static int init_tdmrs(struct tdmr_info_list *tdmr_list) static int init_tdx_module(void) { - struct tdx_sys_info_tdmr sysinfo_tdmr; + struct tdx_sys_info sysinfo; int ret; + ret = get_tdx_sys_info(&sysinfo); + if (ret) + return ret; + /* * To keep things simple, assume that all TDX-protected memory * will come from the page allocator. Make sure all pages in the @@ -1117,17 +1126,13 @@ static int init_tdx_module(void) if (ret) goto out_put_tdxmem; - ret = get_tdx_sys_info_tdmr(&sysinfo_tdmr); - if (ret) - goto err_free_tdxmem; - /* Allocate enough space for constructing TDMRs */ - ret = alloc_tdmr_list(&tdx_tdmr_list, &sysinfo_tdmr); + ret = alloc_tdmr_list(&tdx_tdmr_list, &sysinfo.tdmr); if (ret) goto err_free_tdxmem; /* Cover all TDX-usable memory regions in TDMRs */ - ret = construct_tdmrs(&tdx_memlist, &tdx_tdmr_list, &sysinfo_tdmr); + ret = construct_tdmrs(&tdx_memlist, &tdx_tdmr_list, &sysinfo.tdmr); if (ret) goto err_free_tdmrs; diff --git a/arch/x86/virt/vmx/tdx/tdx.h b/arch/x86/virt/vmx/tdx/tdx.h index 148f9b4d1140..2600ec3752f5 100644 --- a/arch/x86/virt/vmx/tdx/tdx.h +++ b/arch/x86/virt/vmx/tdx/tdx.h @@ -80,6 +80,18 @@ struct tdmr_info { DECLARE_FLEX_ARRAY(struct tdmr_reserved_area, reserved_areas); } __packed __aligned(TDMR_INFO_ALIGNMENT); +/* Class "TDMR info" */ +struct tdx_sys_info_tdmr { + u16 max_tdmrs; + u16 max_reserved_per_tdmr; + u16 pamt_entry_size[TDX_PS_NR]; +}; + +/* Kernel used global metadata fields */ +struct tdx_sys_info { + struct tdx_sys_info_tdmr tdmr; +}; + /* * Do not put any hardware-defined TDX structure representations below * this comment! @@ -99,13 +111,6 @@ struct tdx_memblock { int nid; }; -/* "TDMR info" part of "Global Scope Metadata" for constructing TDMRs */ -struct tdx_sys_info_tdmr { - u16 max_tdmrs; - u16 max_reserved_per_tdmr; - u16 pamt_entry_size[TDX_PS_NR]; -}; - /* Warn if kernel has less than TDMR_NR_WARN TDMRs after allocation */ #define TDMR_NR_WARN 4 From patchwork Mon Oct 28 12:41:05 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Huang, Kai" X-Patchwork-Id: 13853430 Received: from mgamail.intel.com (mgamail.intel.com [192.198.163.13]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id CBE301DC739; Mon, 28 Oct 2024 12:41:38 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=192.198.163.13 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1730119301; cv=none; b=c75UWSDebAxL0GTZCquWKmHQc2BD2C2HtvjstlGJt7tkYLbnl6lxMYlqgTxIMim/aUt09FllzX0lfOyyBBin1mQx2ljdJRklYXA4wIugrfdndPbcXIX8fgDjJ9Axnab21TGH4dD1w6YiTSWIERu/gzDKRy5G4iqYmPwOEO7wpNQ= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1730119301; c=relaxed/simple; bh=ca6gBoErvIwSnOkcvuqYsb31q9cZSpjDurgrrHmwuoU=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=MlGcArszdapeg/JO/dy7BOYwzPPuT6DYa7uxalN1r+cvTHoyF9BO1wtVPaUAmRXMiFxWDoXEgBjQoH8c5V52/DKU3udsoWTC64lP7cqG4AYP358BiiD+O7Jlb/9N/iRP8NttaSKpO0/KHugY9JoUFxMeSvpF1i7llnHbH4b354E= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=intel.com; spf=pass smtp.mailfrom=intel.com; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b=YIzCjgR1; arc=none smtp.client-ip=192.198.163.13 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=intel.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=intel.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b="YIzCjgR1" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1730119299; x=1761655299; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=ca6gBoErvIwSnOkcvuqYsb31q9cZSpjDurgrrHmwuoU=; b=YIzCjgR1Kv+RUhfWeSkqnXdWcjbvxa8AxMH0EFIRLDdiib50FGHf+uum rz6d1zwGtjBgzXOyGNvOdFczGv79zd1EBDMPVojE9Vjl0Lq6LmB3XGs5b EnCfelLw8e08eFKTvkULkxkzVbVDXw71hXdBwivdiirxG9KzOb0ndq6Pc t2o1KckY7WiGVD+6kXA1YsyuvTLj7WKqKMCcv9h8jo+dW4lTs9EWSm83/ wvn7ti+0FZzdGdv9FbiqGgOz68SMt22ya/o0MAT1wEPEsVw1fRWQv26jB IpX6GMQ8R/bYvSjTM3YrGUa57LBJHcl5TaGOHxwHMdJ52YE3OJd9abf4A w==; X-CSE-ConnectionGUID: udoBBDT2SZynD9kwWHDjog== X-CSE-MsgGUID: m+U1tYgMRISyS3AkB7VUsQ== X-IronPort-AV: E=McAfee;i="6700,10204,11238"; a="32575259" X-IronPort-AV: E=Sophos;i="6.11,239,1725346800"; d="scan'208";a="32575259" Received: from orviesa008.jf.intel.com ([10.64.159.148]) by fmvoesa107.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 28 Oct 2024 05:41:38 -0700 X-CSE-ConnectionGUID: FjU2ZWj/Qz+TiUQsWhfnCw== X-CSE-MsgGUID: IoQREz8YQb+Aw7yz4rJJTw== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="6.11,239,1725346800"; d="scan'208";a="82420899" Received: from gargmani-mobl1.amr.corp.intel.com (HELO khuang2-desk.gar.corp.intel.com) ([10.124.222.169]) by orviesa008-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 28 Oct 2024 05:41:34 -0700 From: Kai Huang To: dave.hansen@intel.com, kirill.shutemov@linux.intel.com, tglx@linutronix.de, bp@alien8.de, peterz@infradead.org, mingo@redhat.com, hpa@zytor.com, dan.j.williams@intel.com, seanjc@google.com, pbonzini@redhat.com Cc: x86@kernel.org, linux-kernel@vger.kernel.org, kvm@vger.kernel.org, rick.p.edgecombe@intel.com, isaku.yamahata@intel.com, adrian.hunter@intel.com, nik.borisov@suse.com, kai.huang@intel.com Subject: [PATCH v6 03/10] x86/virt/tdx: Use auto-generated code to read global metadata Date: Tue, 29 Oct 2024 01:41:05 +1300 Message-ID: <8955c0e6f0ae801a8166c920b669746da037bccd.1730118186.git.kai.huang@intel.com> X-Mailer: git-send-email 2.46.2 In-Reply-To: References: Precedence: bulk X-Mailing-List: kvm@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 From: Paolo Bonzini The TDX module provides a set of "Global Metadata Fields". Currently the kernel only reads "TD Memory Region" (TDMR) related fields for module initialization. There are needs to read more global metadata fields including TDX module version [1], supported features [2] and "Convertible Memory Regions" (CMRs) to fix a module initialization failure [3]. Future changes to support KVM TDX and other features like TDX Connect will need to read more. The current global metadata reading code has limitations (e.g., it only has a primitive helper to read metadata field with 16-bit element size, while TDX supports 8/16/32/64 bits metadata element sizes). It needs tweaks in order to read more metadata fields. But even with the tweaks, when new code is added to read a new field, the reviewers will still need to review against the spec to make sure the new code doesn't screw up things like using the wrong metadata field ID (each metadata field is associated with a unique field ID, which is a TDX-defined u64 constant) etc. TDX documents all global metadata fields in a 'global_metadata.json' file as part of TDX spec [4]. JSON format is machine readable. Instead of tweaking the metadata reading code, use a script [5] to generate the code so that: 1) Using the generated C is simple. 2) Adding a field is dirty simple, e.g., the script just pulls the field ID out of the JSON for a given field thus no manual review is needed. Specifically, to match the layout of the 'struct tdx_sys_info' and its sub-structures, the script uses a table with each entry containing the the name of the sub-structures (which reflects the "Class") and the "Field Name" of all its fields, and auto-generate: 1) The 'struct tdx_sys_info' and all 'struct tdx_sys_info_xx' sub-structures in 'tdx_global_metadata.h' 2) The main function 'get_tdx_sys_info()' which reads all metadata to 'struct tdx_sys_info' and the 'get_tdx_sys_info_xx()' functions which read 'struct tdx_sys_info_xx()' in 'tdx_global_metadata.c'. Using the generated C is simple: 1) include "tdx_global_metadata.h" to the local "tdx.h"; 2) explicitly include "tdx_global_metadata.c" to the local "tdx.c" after the read_sys_metadata_field() primitive (which is a wrapper of TDH.SYS.RD SEAMCALL to read global metadata). Adding a field is also simple: 1) just add the new field to an existing structure, or add it with a new structure; 2) re-run the script to generate the new code; 3) update the existing tdx_global_metadata.{hc} with the new ones. For now, use the auto-generated code to read the aforesaid metadata fields: 1) TDX module version; 2) supported features; 3) CMRs. Reading CMRs is more complicated than reading a simple field, since there are two arrays containing the "CMR_BASE" and "CMR_SIZE" for each CMR respectively. TDX spec [3] section "Metadata Access Interface", sub-section "Arrays of Metadata Fields" defines the way to read metadata fields in an array. There's a "Base field ID" (say, X) for the array and the field ID for entry array[i] is X + i. For CMRs, the field "NUM_CMRS" reports the number of CMR entries that can be read, and the code needs to use the value reported via "NUM_CMRS" to loop despite the JSON file says the "Num Fields" of both "CMR_BASE" and "CMR_SIZE" are 32. The tdx_global_metadata.{hc} can be generated by running below: #python tdx.py global_metadata.json tdx_global_metadata.h \ tdx_global_metadata.c .. where tdx.py can be found in [5] and global_metadata.json can be fetched from [4]. Link: https://lore.kernel.org/lkml/4b3adb59-50ea-419e-ad02-e19e8ca20dee@intel.com/ [1] Link: https://lore.kernel.org/all/fc0e8ab7-86d4-4428-be31-82e1ece6dd21@intel.com/ [2] Link: https://github.com/canonical/tdx/issues/135 [3] Link: https://cdrdv2.intel.com/v1/dl/getContent/795381 [4] Link: https://lore.kernel.org/kvm/0853b155ec9aac09c594caa60914ed6ea4dc0a71.camel@intel.com/ [5] Signed-off-by: Paolo Bonzini Co-developed-by: Kai Huang Signed-off-by: Kai Huang Reviewed-by: Dan Williams --- arch/x86/virt/vmx/tdx/tdx_global_metadata.c | 89 +++++++++++++++++++++ arch/x86/virt/vmx/tdx/tdx_global_metadata.h | 42 ++++++++++ 2 files changed, 131 insertions(+) create mode 100644 arch/x86/virt/vmx/tdx/tdx_global_metadata.c create mode 100644 arch/x86/virt/vmx/tdx/tdx_global_metadata.h diff --git a/arch/x86/virt/vmx/tdx/tdx_global_metadata.c b/arch/x86/virt/vmx/tdx/tdx_global_metadata.c new file mode 100644 index 000000000000..2fe57e084453 --- /dev/null +++ b/arch/x86/virt/vmx/tdx/tdx_global_metadata.c @@ -0,0 +1,89 @@ +// SPDX-License-Identifier: GPL-2.0 +/* + * Automatically generated functions to read TDX global metadata. + * + * This file doesn't compile on its own as it lacks of inclusion + * of SEAMCALL wrapper primitive which reads global metadata. + * Include this file to other C file instead. + */ + +static int get_tdx_sys_info_version(struct tdx_sys_info_version *sysinfo_version) +{ + int ret = 0; + u64 val; + + if (!ret && !(ret = read_sys_metadata_field(0x8800000200000001, &val))) + sysinfo_version->build_date = val; + if (!ret && !(ret = read_sys_metadata_field(0x8800000100000002, &val))) + sysinfo_version->build_num = val; + if (!ret && !(ret = read_sys_metadata_field(0x0800000100000003, &val))) + sysinfo_version->minor_version = val; + if (!ret && !(ret = read_sys_metadata_field(0x0800000100000004, &val))) + sysinfo_version->major_version = val; + if (!ret && !(ret = read_sys_metadata_field(0x0800000100000005, &val))) + sysinfo_version->update_version = val; + if (!ret && !(ret = read_sys_metadata_field(0x0800000100000006, &val))) + sysinfo_version->internal_version = val; + + return ret; +} + +static int get_tdx_sys_info_features(struct tdx_sys_info_features *sysinfo_features) +{ + int ret = 0; + u64 val; + + if (!ret && !(ret = read_sys_metadata_field(0x0A00000300000008, &val))) + sysinfo_features->tdx_features0 = val; + + return ret; +} + +static int get_tdx_sys_info_tdmr(struct tdx_sys_info_tdmr *sysinfo_tdmr) +{ + int ret = 0; + u64 val; + + if (!ret && !(ret = read_sys_metadata_field(0x9100000100000008, &val))) + sysinfo_tdmr->max_tdmrs = val; + if (!ret && !(ret = read_sys_metadata_field(0x9100000100000009, &val))) + sysinfo_tdmr->max_reserved_per_tdmr = val; + if (!ret && !(ret = read_sys_metadata_field(0x9100000100000010, &val))) + sysinfo_tdmr->pamt_4k_entry_size = val; + if (!ret && !(ret = read_sys_metadata_field(0x9100000100000011, &val))) + sysinfo_tdmr->pamt_2m_entry_size = val; + if (!ret && !(ret = read_sys_metadata_field(0x9100000100000012, &val))) + sysinfo_tdmr->pamt_1g_entry_size = val; + + return ret; +} + +static int get_tdx_sys_info_cmr(struct tdx_sys_info_cmr *sysinfo_cmr) +{ + int ret = 0; + u64 val; + int i; + + if (!ret && !(ret = read_sys_metadata_field(0x9000000100000000, &val))) + sysinfo_cmr->num_cmrs = val; + for (i = 0; i < sysinfo_cmr->num_cmrs; i++) + if (!ret && !(ret = read_sys_metadata_field(0x9000000300000080 + i, &val))) + sysinfo_cmr->cmr_base[i] = val; + for (i = 0; i < sysinfo_cmr->num_cmrs; i++) + if (!ret && !(ret = read_sys_metadata_field(0x9000000300000100 + i, &val))) + sysinfo_cmr->cmr_size[i] = val; + + return ret; +} + +static int get_tdx_sys_info(struct tdx_sys_info *sysinfo) +{ + int ret = 0; + + ret = ret ?: get_tdx_sys_info_version(&sysinfo->version); + ret = ret ?: get_tdx_sys_info_features(&sysinfo->features); + ret = ret ?: get_tdx_sys_info_tdmr(&sysinfo->tdmr); + ret = ret ?: get_tdx_sys_info_cmr(&sysinfo->cmr); + + return ret; +} diff --git a/arch/x86/virt/vmx/tdx/tdx_global_metadata.h b/arch/x86/virt/vmx/tdx/tdx_global_metadata.h new file mode 100644 index 000000000000..fde370b855f1 --- /dev/null +++ b/arch/x86/virt/vmx/tdx/tdx_global_metadata.h @@ -0,0 +1,42 @@ +/* SPDX-License-Identifier: GPL-2.0 */ +/* Automatically generated TDX global metadata structures. */ +#ifndef _X86_VIRT_TDX_AUTO_GENERATED_TDX_GLOBAL_METADATA_H +#define _X86_VIRT_TDX_AUTO_GENERATED_TDX_GLOBAL_METADATA_H + +#include + +struct tdx_sys_info_version { + u32 build_date; + u16 build_num; + u16 minor_version; + u16 major_version; + u16 update_version; + u16 internal_version; +}; + +struct tdx_sys_info_features { + u64 tdx_features0; +}; + +struct tdx_sys_info_tdmr { + u16 max_tdmrs; + u16 max_reserved_per_tdmr; + u16 pamt_4k_entry_size; + u16 pamt_2m_entry_size; + u16 pamt_1g_entry_size; +}; + +struct tdx_sys_info_cmr { + u16 num_cmrs; + u64 cmr_base[32]; + u64 cmr_size[32]; +}; + +struct tdx_sys_info { + struct tdx_sys_info_version version; + struct tdx_sys_info_features features; + struct tdx_sys_info_tdmr tdmr; + struct tdx_sys_info_cmr cmr; +}; + +#endif From patchwork Mon Oct 28 12:41:06 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Huang, Kai" X-Patchwork-Id: 13853431 Received: from mgamail.intel.com (mgamail.intel.com [192.198.163.13]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 6916D1DCB30; Mon, 28 Oct 2024 12:41:42 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=192.198.163.13 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1730119304; cv=none; b=Ez1HZD9pKXpbxM904oTjBiihqs1yU1nJxlI63FZKk2WzTXk2NCr8+r0NLtcVbPElf3fesbqA1oPkN8o/eMjq0El7EuoaTeVbtM33Z/OkMkca+gO87FvhP0GUw/8Mcd1s5jqLG4pd3zqPS/EOsmAOUXzgd6u+BIX8A7fYItn2DYg= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1730119304; c=relaxed/simple; bh=yZMoNSnCsjA2eku7horWjp5e7QExJ6tYxIH3z7yRPKQ=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=uxxU4yBI+tCqH7MCx648xRwVw/dySmEmqs/hrRc4VIPPMIcjYCIZaSLkoM+GJWL9806kZ6+UjVbN/yyEAkUZCFcXWqB/umEc2xzyP7dOve3HdeYKZ/UB0YaIU1IPq5E/b6QVM4l/qk81tnvrv9MKXpQdyL19cd33Q7vU0yIvP2I= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=intel.com; spf=pass smtp.mailfrom=intel.com; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b=lIsjyDFa; arc=none smtp.client-ip=192.198.163.13 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=intel.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=intel.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b="lIsjyDFa" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1730119302; x=1761655302; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=yZMoNSnCsjA2eku7horWjp5e7QExJ6tYxIH3z7yRPKQ=; b=lIsjyDFah3EgSqQ5fgl5oeeVuGutOGX8BGdW3y0y5FdCYjXDMmKLMumr 29zfcgitf3CPQ/r/y0Q75WjY8s/39wT27RLnL2rVa9yhWKcfFOZiD7GVD dnWG7DJOpljKfuKKQOBvg0/1TdYqUA/XckbcV+VLm6fjBMGxGLJl9uNwl JcBe4wcvT7EsSJB+d1lgsPR8etIM/DCBOZH8ho8PhT3oYxWshN9iOjLiV 5EQiuiIMSJemU9Zlm3M5HlEzfXSv7l08DmooWgRZ1hgvraBgL3+sGP2kG MXigz8nUqtOkCzuYQsPNPzitro6M8TviRjx69prqqd5DnUibTkMoViPHl w==; X-CSE-ConnectionGUID: VAXCeNpoQbCKBzIXoHC8Jw== X-CSE-MsgGUID: pGoik0QuRVmp5tin7kHpjQ== X-IronPort-AV: E=McAfee;i="6700,10204,11238"; a="32575271" X-IronPort-AV: E=Sophos;i="6.11,239,1725346800"; d="scan'208";a="32575271" Received: from orviesa008.jf.intel.com ([10.64.159.148]) by fmvoesa107.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 28 Oct 2024 05:41:42 -0700 X-CSE-ConnectionGUID: eVE5GG6zSdyMo1CcSrlSWQ== X-CSE-MsgGUID: TU+JTy81Sv6cS8Ub5ltUXw== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="6.11,239,1725346800"; d="scan'208";a="82420910" Received: from gargmani-mobl1.amr.corp.intel.com (HELO khuang2-desk.gar.corp.intel.com) ([10.124.222.169]) by orviesa008-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 28 Oct 2024 05:41:38 -0700 From: Kai Huang To: dave.hansen@intel.com, kirill.shutemov@linux.intel.com, tglx@linutronix.de, bp@alien8.de, peterz@infradead.org, mingo@redhat.com, hpa@zytor.com, dan.j.williams@intel.com, seanjc@google.com, pbonzini@redhat.com Cc: x86@kernel.org, linux-kernel@vger.kernel.org, kvm@vger.kernel.org, rick.p.edgecombe@intel.com, isaku.yamahata@intel.com, adrian.hunter@intel.com, nik.borisov@suse.com, kai.huang@intel.com Subject: [PATCH v6 04/10] x86/virt/tdx: Use dedicated struct members for PAMT entry sizes Date: Tue, 29 Oct 2024 01:41:06 +1300 Message-ID: X-Mailer: git-send-email 2.46.2 In-Reply-To: References: Precedence: bulk X-Mailing-List: kvm@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Currently, the 'struct tdmr_sys_info_tdmr' which includes TDMR related fields defines the PAMT entry sizes for TDX supported page sizes (4KB, 2MB and 1GB) as an array: struct tdx_sys_info_tdmr { ... u16 pamt_entry_sizes[TDX_PS_NR]; }; PAMT entry sizes are needed when allocating PAMTs for each TDMR. Using the array to contain PAMT entry sizes reduces the number of arguments that need to be passed when calling tdmr_set_up_pamt(). It also makes the code pattern like below clearer: for (pgsz = TDX_PS_4K; pgsz < TDX_PS_NR; pgsz++) { pamt_size[pgsz] = tdmr_get_pamt_sz(tdmr, pgsz, pamt_entry_size[pgsz]); tdmr_pamt_size += pamt_size[pgsz]; } However, the auto-generated metadata reading code generates a structure member for each field. The 'global_metadata.json' has a dedicated field for each PAMT entry size, and the new 'struct tdx_sys_info_tdmr' looks like: struct tdx_sys_info_tdmr { ... u16 pamt_4k_entry_size; u16 pamt_2m_entry_size; u16 pamt_1g_entry_size; }; To prepare to use the auto-generated code, make the existing 'struct tdx_sys_info_tdmr' look like the generated one. But when passing to tdmrs_set_up_pamt_all(), build a local array of PAMT entry sizes from the structure so the code to allocate PAMTs can stay the same. Signed-off-by: Kai Huang Reviewed-by: Nikolay Borisov Reviewed-by: Dan Williams --- arch/x86/virt/vmx/tdx/tdx.c | 14 +++++++++----- arch/x86/virt/vmx/tdx/tdx.h | 4 +++- 2 files changed, 12 insertions(+), 6 deletions(-) diff --git a/arch/x86/virt/vmx/tdx/tdx.c b/arch/x86/virt/vmx/tdx/tdx.c index 7a2f979092e7..28537a6c47fc 100644 --- a/arch/x86/virt/vmx/tdx/tdx.c +++ b/arch/x86/virt/vmx/tdx/tdx.c @@ -304,9 +304,9 @@ struct field_mapping { static const struct field_mapping fields[] = { TD_SYSINFO_MAP(MAX_TDMRS, max_tdmrs), TD_SYSINFO_MAP(MAX_RESERVED_PER_TDMR, max_reserved_per_tdmr), - TD_SYSINFO_MAP(PAMT_4K_ENTRY_SIZE, pamt_entry_size[TDX_PS_4K]), - TD_SYSINFO_MAP(PAMT_2M_ENTRY_SIZE, pamt_entry_size[TDX_PS_2M]), - TD_SYSINFO_MAP(PAMT_1G_ENTRY_SIZE, pamt_entry_size[TDX_PS_1G]), + TD_SYSINFO_MAP(PAMT_4K_ENTRY_SIZE, pamt_4k_entry_size), + TD_SYSINFO_MAP(PAMT_2M_ENTRY_SIZE, pamt_2m_entry_size), + TD_SYSINFO_MAP(PAMT_1G_ENTRY_SIZE, pamt_1g_entry_size), }; static int get_tdx_sys_info_tdmr(struct tdx_sys_info_tdmr *sysinfo_tdmr) @@ -932,14 +932,18 @@ static int construct_tdmrs(struct list_head *tmb_list, struct tdmr_info_list *tdmr_list, struct tdx_sys_info_tdmr *sysinfo_tdmr) { + u16 pamt_entry_size[TDX_PS_NR] = { + sysinfo_tdmr->pamt_4k_entry_size, + sysinfo_tdmr->pamt_2m_entry_size, + sysinfo_tdmr->pamt_1g_entry_size, + }; int ret; ret = fill_out_tdmrs(tmb_list, tdmr_list); if (ret) return ret; - ret = tdmrs_set_up_pamt_all(tdmr_list, tmb_list, - sysinfo_tdmr->pamt_entry_size); + ret = tdmrs_set_up_pamt_all(tdmr_list, tmb_list, pamt_entry_size); if (ret) return ret; diff --git a/arch/x86/virt/vmx/tdx/tdx.h b/arch/x86/virt/vmx/tdx/tdx.h index 2600ec3752f5..ec879d54eb5c 100644 --- a/arch/x86/virt/vmx/tdx/tdx.h +++ b/arch/x86/virt/vmx/tdx/tdx.h @@ -84,7 +84,9 @@ struct tdmr_info { struct tdx_sys_info_tdmr { u16 max_tdmrs; u16 max_reserved_per_tdmr; - u16 pamt_entry_size[TDX_PS_NR]; + u16 pamt_4k_entry_size; + u16 pamt_2m_entry_size; + u16 pamt_1g_entry_size; }; /* Kernel used global metadata fields */ From patchwork Mon Oct 28 12:41:07 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Huang, Kai" X-Patchwork-Id: 13853432 Received: from mgamail.intel.com (mgamail.intel.com [192.198.163.13]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 614B51DAC9B; Mon, 28 Oct 2024 12:41:46 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=192.198.163.13 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1730119308; cv=none; b=SI3Cpfx5EBvpvwmRR29f9meaU9+NhK952bBr297UiaoGJxIygv+Xh37C/1r7rfMi9eefIQ4Omrf0EFBO1KTwPFVRiXUPmS4EDGFhDxHjFW9dFMStwOicOULrhzB1m5LSahgcfZm4NePUp7lkOcaeDw8J9OlFDWInlZNvYVChd9U= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1730119308; c=relaxed/simple; bh=4ONvF2I7OrjaYkXyRNDV3GuLYBaHROdWabfoSR9X7lI=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=Dw8cXv8NyHp6jBWT0957AYL1AnxRr3AjIkRAoogodqFjRA1wwuwwkQPu5fP9Sj7+SqsOgabHRrLgGsGZQQ4vcVrIxI9QNpYUQ0JZaSSwsbd3NcnyWDjEcfDHHRWh5XBBRr+Pf0CEkCsKZv+Y1n8l1X/BqvBa4fUdoujcLjcKSag= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=intel.com; spf=pass smtp.mailfrom=intel.com; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b=WTDpBQ/5; arc=none smtp.client-ip=192.198.163.13 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=intel.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=intel.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b="WTDpBQ/5" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1730119306; x=1761655306; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=4ONvF2I7OrjaYkXyRNDV3GuLYBaHROdWabfoSR9X7lI=; b=WTDpBQ/5GNwOkKI11mbuB452pY8ArzIwnrwUzvGwf8n+oGM3SI1LzaXG dQaeZVA0fSM8WTrw/hbZezWFMq9PxLuo0JIfEAehv6fJpjEBB8W+3bo/I 83t2YgQQFDnuWxHp3jCBKz8CjFx3TAgMcKzzpTD6kUSC4RL/gc86NELbo xCsO/hw9BG5C26yxHa68MGPB5OZiLE2kc4BF3bKcCVcAQaQhiVIv11+Cc oLzphv95xm6vyBmuYW3kdNVU0QoO09Et9KOqsDCz7qt/Dh8IyPs4s0Vba Z5r6guackC2PcarLJh2JR2//N7YzRLVkIv8qMA+QiG6vpVq5RTtHXZD84 w==; X-CSE-ConnectionGUID: hexqLRDDTcO6Z24U6hnW7g== X-CSE-MsgGUID: Rh7yY9a8T8emJETM0Gie9A== X-IronPort-AV: E=McAfee;i="6700,10204,11238"; a="32575283" X-IronPort-AV: E=Sophos;i="6.11,239,1725346800"; d="scan'208";a="32575283" Received: from orviesa008.jf.intel.com ([10.64.159.148]) by fmvoesa107.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 28 Oct 2024 05:41:46 -0700 X-CSE-ConnectionGUID: YYi/k7GeQ+OqpL4Hyvz6yA== X-CSE-MsgGUID: NhmYR+1pQrCeH/UFZxcYXg== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="6.11,239,1725346800"; d="scan'208";a="82420919" Received: from gargmani-mobl1.amr.corp.intel.com (HELO khuang2-desk.gar.corp.intel.com) ([10.124.222.169]) by orviesa008-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 28 Oct 2024 05:41:42 -0700 From: Kai Huang To: dave.hansen@intel.com, kirill.shutemov@linux.intel.com, tglx@linutronix.de, bp@alien8.de, peterz@infradead.org, mingo@redhat.com, hpa@zytor.com, dan.j.williams@intel.com, seanjc@google.com, pbonzini@redhat.com Cc: x86@kernel.org, linux-kernel@vger.kernel.org, kvm@vger.kernel.org, rick.p.edgecombe@intel.com, isaku.yamahata@intel.com, adrian.hunter@intel.com, nik.borisov@suse.com, kai.huang@intel.com Subject: [PATCH v6 05/10] x86/virt/tdx: Add missing header file inclusion to local tdx.h Date: Tue, 29 Oct 2024 01:41:07 +1300 Message-ID: <3f268f096b7427ffbf39358d8559d884c85bec88.1730118186.git.kai.huang@intel.com> X-Mailer: git-send-email 2.46.2 In-Reply-To: References: Precedence: bulk X-Mailing-List: kvm@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Compiler attributes __packed and __aligned, and DECLARE_FLEX_ARRAY() are currently used in arch/x86/virt/vmx/tdx/tdx.h, but the relevant headers are not included explicitly. There's no build issue in the current code since this "tdx.h" is only included by arch/x86/virt/vmx/tdx/tdx.c and it includes bunch of other before including "tdx.h". But for the better explicitly include the relevant headers to "tdx.h". Also include for basic variable types like u16. Signed-off-by: Kai Huang Reviewed-by: Nikolay Borisov Reviewed-by: Dan Williams --- arch/x86/virt/vmx/tdx/tdx.h | 3 +++ 1 file changed, 3 insertions(+) diff --git a/arch/x86/virt/vmx/tdx/tdx.h b/arch/x86/virt/vmx/tdx/tdx.h index ec879d54eb5c..b1d705c3ab2a 100644 --- a/arch/x86/virt/vmx/tdx/tdx.h +++ b/arch/x86/virt/vmx/tdx/tdx.h @@ -2,6 +2,9 @@ #ifndef _X86_VIRT_TDX_H #define _X86_VIRT_TDX_H +#include +#include +#include #include /* From patchwork Mon Oct 28 12:41:08 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Huang, Kai" X-Patchwork-Id: 13853433 Received: from mgamail.intel.com (mgamail.intel.com [192.198.163.13]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 696951DD88F; Mon, 28 Oct 2024 12:41:50 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=192.198.163.13 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1730119312; cv=none; b=cX9QZJfKecSEf3L/kkGPPKCU+S0cViS7RgBxNtrcKKtTw/M9qUea9enYI//VyHlmMrq1R5Ql3bWRj2aoa5v6irhb1EDJufyFewrCeBQEtl3FuyADUp0VDkmscDrPpBPg4TE336dwp9VyzWtPlxOxUh/FqyhKFaEje7j7DqENDDI= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1730119312; c=relaxed/simple; bh=X8PJeFZaZMWrGhqDp0QDC1zBg/lEysrTSsrCDJufiZc=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=etbDMi3u2X0Alw1O5OJ1ql4F0gZYhYu/rd/ttXY6f0kuW6e67aNV/j8NNfUO/4pRmD6IxAvuwqywp5aMJ0Jem/GgqUIFP/q5qp/5XjZCwodlX/c8CIj7y3EwTTBNvJUMad1PJI3ZxcdnrC8GSaBha9sYUATXry8ZaoguNOuqGwg= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=intel.com; spf=pass smtp.mailfrom=intel.com; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b=gW52PwuS; arc=none smtp.client-ip=192.198.163.13 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=intel.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=intel.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b="gW52PwuS" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1730119310; x=1761655310; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=X8PJeFZaZMWrGhqDp0QDC1zBg/lEysrTSsrCDJufiZc=; b=gW52PwuS4toxo8lrG9h87EjXaX0EcdvTnxiZRTAhhmL7f3qx/hqRXf/u gDRejgslKRlLaFeGM6a5et0iy4amWgT3+21iPIN1eDrHgqfA2V79zuWMc q2l3SgWU50DD7uCMQITiGwnIVcL6efxy9uxgjhwva7Tu95ITePb8af+L5 LfZo2o3Fo+F3QlBFTyG33p2PMl0p7ZLmBtJAvZ9Ij/G9GR+/OIROHEFDY if4OVPOI6Bb/34zIwTNl3LGdo860oSwA8FrZpWrTCBRyM1upYKkD5JKnA 9WQWpAj6b4pv0WBZugJwGzIOCJ7OvEMju0VDlbnsGgxt0e4GZeqgEvbuR w==; X-CSE-ConnectionGUID: HTlW77xGSzKoFnZBDWTwRw== X-CSE-MsgGUID: i6CmZmpaQ4G3nBimCWfXPw== X-IronPort-AV: E=McAfee;i="6700,10204,11238"; a="32575294" X-IronPort-AV: E=Sophos;i="6.11,239,1725346800"; d="scan'208";a="32575294" Received: from orviesa008.jf.intel.com ([10.64.159.148]) by fmvoesa107.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 28 Oct 2024 05:41:50 -0700 X-CSE-ConnectionGUID: k0PH3NDDT8WmmqPepANj+A== X-CSE-MsgGUID: RuM0cbalQhWKdLZ4u3fdug== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="6.11,239,1725346800"; d="scan'208";a="82420926" Received: from gargmani-mobl1.amr.corp.intel.com (HELO khuang2-desk.gar.corp.intel.com) ([10.124.222.169]) by orviesa008-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 28 Oct 2024 05:41:46 -0700 From: Kai Huang To: dave.hansen@intel.com, kirill.shutemov@linux.intel.com, tglx@linutronix.de, bp@alien8.de, peterz@infradead.org, mingo@redhat.com, hpa@zytor.com, dan.j.williams@intel.com, seanjc@google.com, pbonzini@redhat.com Cc: x86@kernel.org, linux-kernel@vger.kernel.org, kvm@vger.kernel.org, rick.p.edgecombe@intel.com, isaku.yamahata@intel.com, adrian.hunter@intel.com, nik.borisov@suse.com, kai.huang@intel.com Subject: [PATCH v6 06/10] x86/virt/tdx: Switch to use auto-generated global metadata reading code Date: Tue, 29 Oct 2024 01:41:08 +1300 Message-ID: <7382397ef94470c8a2b074bbdf507581b1b9db7e.1730118186.git.kai.huang@intel.com> X-Mailer: git-send-email 2.46.2 In-Reply-To: References: Precedence: bulk X-Mailing-List: kvm@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Now the caller to read global metadata has been tweaked to be ready to use auto-generated metadata reading code. Switch to use it. Signed-off-by: Kai Huang Reviewed-by: Nikolay Borisov Reviewed-by: Dan Williams --- arch/x86/virt/vmx/tdx/tdx.c | 61 +------------------------------------ arch/x86/virt/vmx/tdx/tdx.h | 45 +-------------------------- 2 files changed, 2 insertions(+), 104 deletions(-) diff --git a/arch/x86/virt/vmx/tdx/tdx.c b/arch/x86/virt/vmx/tdx/tdx.c index 28537a6c47fc..43ec56db5084 100644 --- a/arch/x86/virt/vmx/tdx/tdx.c +++ b/arch/x86/virt/vmx/tdx/tdx.c @@ -270,66 +270,7 @@ static int read_sys_metadata_field(u64 field_id, u64 *data) return 0; } -static int read_sys_metadata_field16(u64 field_id, - int offset, - struct tdx_sys_info_tdmr *ts) -{ - u16 *ts_member = ((void *)ts) + offset; - u64 tmp; - int ret; - - if (WARN_ON_ONCE(MD_FIELD_ID_ELE_SIZE_CODE(field_id) != - MD_FIELD_ID_ELE_SIZE_16BIT)) - return -EINVAL; - - ret = read_sys_metadata_field(field_id, &tmp); - if (ret) - return ret; - - *ts_member = tmp; - - return 0; -} - -struct field_mapping { - u64 field_id; - int offset; -}; - -#define TD_SYSINFO_MAP(_field_id, _offset) \ - { .field_id = MD_FIELD_ID_##_field_id, \ - .offset = offsetof(struct tdx_sys_info_tdmr, _offset) } - -/* Map TD_SYSINFO fields into 'struct tdx_sys_info_tdmr': */ -static const struct field_mapping fields[] = { - TD_SYSINFO_MAP(MAX_TDMRS, max_tdmrs), - TD_SYSINFO_MAP(MAX_RESERVED_PER_TDMR, max_reserved_per_tdmr), - TD_SYSINFO_MAP(PAMT_4K_ENTRY_SIZE, pamt_4k_entry_size), - TD_SYSINFO_MAP(PAMT_2M_ENTRY_SIZE, pamt_2m_entry_size), - TD_SYSINFO_MAP(PAMT_1G_ENTRY_SIZE, pamt_1g_entry_size), -}; - -static int get_tdx_sys_info_tdmr(struct tdx_sys_info_tdmr *sysinfo_tdmr) -{ - int ret; - int i; - - /* Populate 'sysinfo_tdmr' fields using the mapping structure above: */ - for (i = 0; i < ARRAY_SIZE(fields); i++) { - ret = read_sys_metadata_field16(fields[i].field_id, - fields[i].offset, - sysinfo_tdmr); - if (ret) - return ret; - } - - return 0; -} - -static int get_tdx_sys_info(struct tdx_sys_info *sysinfo) -{ - return get_tdx_sys_info_tdmr(&sysinfo->tdmr); -} +#include "tdx_global_metadata.c" /* Calculate the actual TDMR size */ static int tdmr_size_single(u16 max_reserved_per_tdmr) diff --git a/arch/x86/virt/vmx/tdx/tdx.h b/arch/x86/virt/vmx/tdx/tdx.h index b1d705c3ab2a..0128b963b723 100644 --- a/arch/x86/virt/vmx/tdx/tdx.h +++ b/arch/x86/virt/vmx/tdx/tdx.h @@ -5,7 +5,7 @@ #include #include #include -#include +#include "tdx_global_metadata.h" /* * This file contains both macros and data structures defined by the TDX @@ -29,35 +29,6 @@ #define PT_NDA 0x0 #define PT_RSVD 0x1 -/* - * Global scope metadata field ID. - * - * See Table "Global Scope Metadata", TDX module 1.5 ABI spec. - */ -#define MD_FIELD_ID_MAX_TDMRS 0x9100000100000008ULL -#define MD_FIELD_ID_MAX_RESERVED_PER_TDMR 0x9100000100000009ULL -#define MD_FIELD_ID_PAMT_4K_ENTRY_SIZE 0x9100000100000010ULL -#define MD_FIELD_ID_PAMT_2M_ENTRY_SIZE 0x9100000100000011ULL -#define MD_FIELD_ID_PAMT_1G_ENTRY_SIZE 0x9100000100000012ULL - -/* - * Sub-field definition of metadata field ID. - * - * See Table "MD_FIELD_ID (Metadata Field Identifier / Sequence Header) - * Definition", TDX module 1.5 ABI spec. - * - * - Bit 33:32: ELEMENT_SIZE_CODE -- size of a single element of metadata - * - * 0: 8 bits - * 1: 16 bits - * 2: 32 bits - * 3: 64 bits - */ -#define MD_FIELD_ID_ELE_SIZE_CODE(_field_id) \ - (((_field_id) & GENMASK_ULL(33, 32)) >> 32) - -#define MD_FIELD_ID_ELE_SIZE_16BIT 1 - struct tdmr_reserved_area { u64 offset; u64 size; @@ -83,20 +54,6 @@ struct tdmr_info { DECLARE_FLEX_ARRAY(struct tdmr_reserved_area, reserved_areas); } __packed __aligned(TDMR_INFO_ALIGNMENT); -/* Class "TDMR info" */ -struct tdx_sys_info_tdmr { - u16 max_tdmrs; - u16 max_reserved_per_tdmr; - u16 pamt_4k_entry_size; - u16 pamt_2m_entry_size; - u16 pamt_1g_entry_size; -}; - -/* Kernel used global metadata fields */ -struct tdx_sys_info { - struct tdx_sys_info_tdmr tdmr; -}; - /* * Do not put any hardware-defined TDX structure representations below * this comment! From patchwork Mon Oct 28 12:41:09 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Huang, Kai" X-Patchwork-Id: 13853434 Received: from mgamail.intel.com (mgamail.intel.com [192.198.163.13]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 8283B1DDA3D; Mon, 28 Oct 2024 12:41:54 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=192.198.163.13 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1730119316; cv=none; b=G0X9yLc7JRTA5/emfxEeAOdE4gwZy+gQsOua7Pb8+HQfxO2y4lV/8gS3kPyVRRNvRSUOZJ3pT7W/J8hj9X+3/mhPM8FpCXiVVaAN8wJVcoZKs9D4KP49bljz8zu5weaBNvtFgnwxqq43xS+212Gr9h8jeR/pUFbrAVlF/X08S5Q= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1730119316; c=relaxed/simple; bh=dbEwOeZLWbtfj3Idsrbh8dS2ndV48vJaSFF7rAbMt00=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=a5DnWHs/E11nXbsNjhqtM5NSAx/R8eXDuMx8u3PoEdVL5BFAWlEXL1R1zBdJTQGFTTFnBzqU/QTqRXzRsLJozlkm7NJCO0JogPuQEp+6h4/4HjLOongMgLV/ecOmUxHerQrviCi3Bk7SSmYAI2odT/ffxV/LnVoWwFUftzKKwEQ= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=intel.com; spf=pass smtp.mailfrom=intel.com; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b=Zsr6xoHs; arc=none smtp.client-ip=192.198.163.13 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=intel.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=intel.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b="Zsr6xoHs" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1730119314; x=1761655314; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=dbEwOeZLWbtfj3Idsrbh8dS2ndV48vJaSFF7rAbMt00=; b=Zsr6xoHsM/gqpMz1f9tga6TwDWWKam6V9q8aAjDeAEhtnvv3wmnBeZ3E QmzTr9RhhXkR3Z7SyTMs31vfnvb9ruMvJbD/KpMshsDxrRqe+9s831L6W nTEeHHm8rSaMfrnexk0ebCVAMYSgnKCiI5Vs7cN8TsxkA8wY8incHvoyc jMSem7bFEn+urx4FN5stbLItEJdGZfYjOPaJVioHVB0DaKccDQxvewwgl or8W3bYMoYXmh87gDROaa/LhP3suUywWbto9iRx6qY0pfPboaBecihjz2 WdhuQFhssvHit/sQydjDANb6OHFp3sOsboyRjtrjY9wbVxEh3EkNbN9/6 w==; X-CSE-ConnectionGUID: Cs6Rg1DbSo6T5woxc2sFfg== X-CSE-MsgGUID: mK8+tJFDTym81/ihRM93IA== X-IronPort-AV: E=McAfee;i="6700,10204,11238"; a="32575306" X-IronPort-AV: E=Sophos;i="6.11,239,1725346800"; d="scan'208";a="32575306" Received: from orviesa008.jf.intel.com ([10.64.159.148]) by fmvoesa107.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 28 Oct 2024 05:41:54 -0700 X-CSE-ConnectionGUID: ybLgAxg8RcGNcMT0EOwAZg== X-CSE-MsgGUID: Ur7js3MBQgy7mBqHvo/pXw== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="6.11,239,1725346800"; d="scan'208";a="82420933" Received: from gargmani-mobl1.amr.corp.intel.com (HELO khuang2-desk.gar.corp.intel.com) ([10.124.222.169]) by orviesa008-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 28 Oct 2024 05:41:50 -0700 From: Kai Huang To: dave.hansen@intel.com, kirill.shutemov@linux.intel.com, tglx@linutronix.de, bp@alien8.de, peterz@infradead.org, mingo@redhat.com, hpa@zytor.com, dan.j.williams@intel.com, seanjc@google.com, pbonzini@redhat.com Cc: x86@kernel.org, linux-kernel@vger.kernel.org, kvm@vger.kernel.org, rick.p.edgecombe@intel.com, isaku.yamahata@intel.com, adrian.hunter@intel.com, nik.borisov@suse.com, kai.huang@intel.com Subject: [PATCH v6 07/10] x86/virt/tdx: Trim away tail null CMRs Date: Tue, 29 Oct 2024 01:41:09 +1300 Message-ID: <03e8e509f8a6c298807af771ebf1a37a82660565.1730118186.git.kai.huang@intel.com> X-Mailer: git-send-email 2.46.2 In-Reply-To: References: Precedence: bulk X-Mailing-List: kvm@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 TDX architecturally supports up to 32 CMRs. The global metadata field "NUM_CMRS" reports the number of CMR entries that can be read by the kernel. However, that field may just report the maximum number of CMRs albeit the actual number of CMRs is smaller, in which case there are tail null CMRs (size is 0). Trim away those null CMRs, and print valid CMRs since they are useful at least to developers. More information about CMR can be found at "Intel TDX ISA Background: Convertible Memory Ranges (CMRs)" in TDX 1.5 base spec [1], and "CMR_INFO" in TDX 1.5 ABI spec [2]. Now get_tdx_sys_info() just reads kernel-needed global metadata to kernel structure, and it is auto-generated. Add a wrapper function init_tdx_sys_info() to invoke get_tdx_sys_info() and provide room to do additional things like dealing with CMRs. Link: https://cdrdv2.intel.com/v1/dl/getContent/733575 [1] Link: https://cdrdv2.intel.com/v1/dl/getContent/733579 [2] Signed-off-by: Kai Huang Reviewed-by: Dan Williams --- arch/x86/virt/vmx/tdx/tdx.c | 56 ++++++++++++++++++++++++++++++++++++- 1 file changed, 55 insertions(+), 1 deletion(-) diff --git a/arch/x86/virt/vmx/tdx/tdx.c b/arch/x86/virt/vmx/tdx/tdx.c index 43ec56db5084..e81bdcfc20bf 100644 --- a/arch/x86/virt/vmx/tdx/tdx.c +++ b/arch/x86/virt/vmx/tdx/tdx.c @@ -272,6 +272,60 @@ static int read_sys_metadata_field(u64 field_id, u64 *data) #include "tdx_global_metadata.c" +/* Update the @sysinfo_cmr->num_cmrs to trim tail null CMRs */ +static void trim_null_tail_cmrs(struct tdx_sys_info_cmr *sysinfo_cmr) +{ + int i; + + /* + * The TDX module may report the maximum number of CMRs that + * TDX architecturally supports as the actual number of CMRs, + * despite the latter is smaller. In this case some tail + * CMR(s) will be null (size is 0). Trim them away. + * + * Note the CMRs are generated by the BIOS, but the MCHECK + * verifies CMRs before enabling TDX on hardware. Skip other + * sanity checks (e.g., verify CMR is 4KB aligned) but trust + * MCHECK to work properly. + * + * The spec doesn't say whether it's legal to have null CMRs + * in the middle of valid CMRs. For now assume no sane BIOS + * would do that (even MCHECK allows). + */ + for (i = 0; i < sysinfo_cmr->num_cmrs; i++) + if (!sysinfo_cmr->cmr_size[i]) + break; + + sysinfo_cmr->num_cmrs = i; +} + +static void print_cmrs(struct tdx_sys_info_cmr *sysinfo_cmr) +{ + int i; + + for (i = 0; i < sysinfo_cmr->num_cmrs; i++) { + u64 cmr_base = sysinfo_cmr->cmr_base[i]; + u64 cmr_size = sysinfo_cmr->cmr_size[i]; + + pr_info("CMR[%d]: [0x%llx, 0x%llx)\n", i, cmr_base, + cmr_base + cmr_size); + } +} + +static int init_tdx_sys_info(struct tdx_sys_info *sysinfo) +{ + int ret; + + ret = get_tdx_sys_info(sysinfo); + if (ret) + return ret; + + trim_null_tail_cmrs(&sysinfo->cmr); + print_cmrs(&sysinfo->cmr); + + return 0; +} + /* Calculate the actual TDMR size */ static int tdmr_size_single(u16 max_reserved_per_tdmr) { @@ -1051,7 +1105,7 @@ static int init_tdx_module(void) struct tdx_sys_info sysinfo; int ret; - ret = get_tdx_sys_info(&sysinfo); + ret = init_tdx_sys_info(&sysinfo); if (ret) return ret; From patchwork Mon Oct 28 12:41:10 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Huang, Kai" X-Patchwork-Id: 13853435 Received: from mgamail.intel.com (mgamail.intel.com [192.198.163.13]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 9B9B51DD88F; Mon, 28 Oct 2024 12:41:58 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=192.198.163.13 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1730119321; cv=none; b=NQxSxY4HHgxqqjXVwflPHUTwlU+70SwRjEFGGfnIasFGU1LAgIr02H8WGhWJmkQu98PxTLZcjzTB15Fo3Og7AkFFFwXwLXeCSMHF3lXr+2iYFWnZr3xuX5FNIbIZWVrTs869gU0vAwAnIna2z0tAtZfmbj977znFsA4ZHuBZD0M= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1730119321; c=relaxed/simple; bh=hfzixhlFvX2/oRSbHXeYOUlbsEzot5XO1Fc5YbXmcWc=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=EuWAdCDL60fqVwq1fKERQuqamAwm9dfXIYEmoF48IRV/kK6gTpdQa4sbjLh6qoGJFlQCjRyNdhBzpVXzEmwVPERDCnubQ5RRUiTM9+O1C2QD+VeBFjbBMCT18fOPXAoU+Qcg90dneTXOzOK6P4GHPUl0j+1rQesOkryYX7X2rkY= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=intel.com; spf=pass smtp.mailfrom=intel.com; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b=emMVgtHT; arc=none smtp.client-ip=192.198.163.13 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=intel.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=intel.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b="emMVgtHT" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1730119319; x=1761655319; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=hfzixhlFvX2/oRSbHXeYOUlbsEzot5XO1Fc5YbXmcWc=; b=emMVgtHT+M0kAtyAGFL4yeJMzz6AkCsM4SGM+/T8ecNecZ/4ZwN7z+Qz M9ijrgE9d58IA7APcvd8bssL6TNwyQ/4EcCKTSp+xsOYAj6ObjBwD8Q/J UxaTGL69OoYp5kUG7lnX+3OalR0tW5CXakddSMZMxO8UKiwy2gCr8+NUd O7qb1nLuPIg7jm32oVoxm5vZ+Kc+kpODkBSjH7hZ1A/Uqt/osuWMTt0w5 o7h98lvIzjMG6sABkEseEzse6XF/CLi8wxw34z2Jc7E9Aa4GtOTcaOSuj Ti4bafwhdfqSp78X6nBTP8Tn5NtJH1kZANWBouPcr9hVv5YEseDAyIrwa g==; X-CSE-ConnectionGUID: LSgzI9JZQG2uSCbhhul6Eg== X-CSE-MsgGUID: xAk64FWqTcO8KeOSKLbI2A== X-IronPort-AV: E=McAfee;i="6700,10204,11238"; a="32575322" X-IronPort-AV: E=Sophos;i="6.11,239,1725346800"; d="scan'208";a="32575322" Received: from orviesa008.jf.intel.com ([10.64.159.148]) by fmvoesa107.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 28 Oct 2024 05:41:58 -0700 X-CSE-ConnectionGUID: gHELiwkPRIOilX9WpSfz0Q== X-CSE-MsgGUID: sJZ1MIo9R/GOACDOJBPv7Q== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="6.11,239,1725346800"; d="scan'208";a="82420943" Received: from gargmani-mobl1.amr.corp.intel.com (HELO khuang2-desk.gar.corp.intel.com) ([10.124.222.169]) by orviesa008-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 28 Oct 2024 05:41:54 -0700 From: Kai Huang To: dave.hansen@intel.com, kirill.shutemov@linux.intel.com, tglx@linutronix.de, bp@alien8.de, peterz@infradead.org, mingo@redhat.com, hpa@zytor.com, dan.j.williams@intel.com, seanjc@google.com, pbonzini@redhat.com Cc: x86@kernel.org, linux-kernel@vger.kernel.org, kvm@vger.kernel.org, rick.p.edgecombe@intel.com, isaku.yamahata@intel.com, adrian.hunter@intel.com, nik.borisov@suse.com, kai.huang@intel.com Subject: [PATCH v6 08/10] x86/virt/tdx: Reduce TDMR's reserved areas by using CMRs to find memory holes Date: Tue, 29 Oct 2024 01:41:10 +1300 Message-ID: X-Mailer: git-send-email 2.46.2 In-Reply-To: References: Precedence: bulk X-Mailing-List: kvm@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 A TDX module initialization failure was reported on a Emerald Rapids platform [*]: virt/tdx: initialization failed: TDMR [0x0, 0x80000000): reserved areas exhausted. virt/tdx: module initialization failed (-28) As part of initializing the TDX module, the kernel informs the TDX module of all "TDX-usable memory regions" using an array of TDX defined structure "TD Memory Region" (TDMR). Each TDMR must be in 1GB aligned and in 1GB granularity, and all "non-TDX-usable memory holes" within a given TDMR are marked as "reserved areas". The TDX module reports a maximum number of reserved areas that can be supported per TDMR (16). The kernel builds the "TDX-usable memory regions" based on memblocks (which reflects e820), and uses this list to find all "reserved areas" for each TDMR. It turns out that the kernel's view of memory holes is too fine grained and sometimes exceeds the number of holes that the TDX module can track per TDMR [1], resulting in the above failure. Thankfully the module also lists memory that is potentially convertible in a list of "Convertible Memory Regions" (CMRs). That coarser grained CMR list tends to track usable memory in the memory map even if it might be reserved for host usage like 'ACPI data' [2]. Use that list to relax what the kernel considers unusable memory. If it falls in a CMR no need to instantiate a hole, and rely on the fact that kernel will keep what it considers 'reserved' out of the page allocator. [1] BIOS-E820 table of the problematic platform: BIOS-e820: [mem 0x0000000000000000-0x000000000009efff] usable BIOS-e820: [mem 0x000000000009f000-0x00000000000fffff] reserved BIOS-e820: [mem 0x0000000000100000-0x000000005d168fff] usable BIOS-e820: [mem 0x000000005d169000-0x000000005d22afff] ACPI data BIOS-e820: [mem 0x000000005d22b000-0x000000005d3cefff] usable BIOS-e820: [mem 0x000000005d3cf000-0x000000005d469fff] reserved BIOS-e820: [mem 0x000000005d46a000-0x000000005e5b2fff] usable BIOS-e820: [mem 0x000000005e5b3000-0x000000005e5c2fff] reserved BIOS-e820: [mem 0x000000005e5c3000-0x000000005e5d2fff] usable BIOS-e820: [mem 0x000000005e5d3000-0x000000005e5e4fff] reserved BIOS-e820: [mem 0x000000005e5e5000-0x000000005eb57fff] usable BIOS-e820: [mem 0x000000005eb58000-0x0000000061357fff] ACPI NVS BIOS-e820: [mem 0x0000000061358000-0x000000006172afff] usable BIOS-e820: [mem 0x000000006172b000-0x0000000061794fff] ACPI data BIOS-e820: [mem 0x0000000061795000-0x00000000617fefff] usable BIOS-e820: [mem 0x00000000617ff000-0x0000000061912fff] ACPI data BIOS-e820: [mem 0x0000000061913000-0x0000000061998fff] usable BIOS-e820: [mem 0x0000000061999000-0x00000000619dffff] ACPI data BIOS-e820: [mem 0x00000000619e0000-0x00000000619e1fff] usable BIOS-e820: [mem 0x00000000619e2000-0x00000000619e9fff] reserved BIOS-e820: [mem 0x00000000619ea000-0x0000000061a26fff] usable BIOS-e820: [mem 0x0000000061a27000-0x0000000061baefff] ACPI data BIOS-e820: [mem 0x0000000061baf000-0x00000000623c2fff] usable BIOS-e820: [mem 0x00000000623c3000-0x0000000062471fff] reserved BIOS-e820: [mem 0x0000000062472000-0x0000000062823fff] usable BIOS-e820: [mem 0x0000000062824000-0x0000000063a24fff] reserved BIOS-e820: [mem 0x0000000063a25000-0x0000000063d57fff] usable BIOS-e820: [mem 0x0000000063d58000-0x0000000064157fff] reserved BIOS-e820: [mem 0x0000000064158000-0x0000000064158fff] usable BIOS-e820: [mem 0x0000000064159000-0x0000000064194fff] reserved BIOS-e820: [mem 0x0000000064195000-0x000000006e9cefff] usable BIOS-e820: [mem 0x000000006e9cf000-0x000000006eccefff] reserved BIOS-e820: [mem 0x000000006eccf000-0x000000006f6fefff] ACPI NVS BIOS-e820: [mem 0x000000006f6ff000-0x000000006f7fefff] ACPI data BIOS-e820: [mem 0x000000006f7ff000-0x000000006f7fffff] usable BIOS-e820: [mem 0x000000006f800000-0x000000008fffffff] reserved ...... [2] Convertible Memory Regions of the problematic platform: virt/tdx: CMR: [0x100000, 0x6f800000) virt/tdx: CMR: [0x100000000, 0x107a000000) virt/tdx: CMR: [0x1080000000, 0x207c000000) virt/tdx: CMR: [0x2080000000, 0x307c000000) virt/tdx: CMR: [0x3080000000, 0x407c000000) Link: https://github.com/canonical/tdx/issues/135 [*] Fixes: dde3b60d572c ("x86/virt/tdx: Designate reserved areas for all TDMRs") Signed-off-by: Kai Huang Reviewed-by: Dan Williams --- arch/x86/virt/vmx/tdx/tdx.c | 33 +++++++++++++++++---------------- 1 file changed, 17 insertions(+), 16 deletions(-) diff --git a/arch/x86/virt/vmx/tdx/tdx.c b/arch/x86/virt/vmx/tdx/tdx.c index e81bdcfc20bf..9acb12c75e9b 100644 --- a/arch/x86/virt/vmx/tdx/tdx.c +++ b/arch/x86/virt/vmx/tdx/tdx.c @@ -747,29 +747,28 @@ static int tdmr_add_rsvd_area(struct tdmr_info *tdmr, int *p_idx, u64 addr, } /* - * Go through @tmb_list to find holes between memory areas. If any of + * Go through all CMRs in @sysinfo_cmr to find memory holes. If any of * those holes fall within @tdmr, set up a TDMR reserved area to cover * the hole. */ -static int tdmr_populate_rsvd_holes(struct list_head *tmb_list, +static int tdmr_populate_rsvd_holes(struct tdx_sys_info_cmr *sysinfo_cmr, struct tdmr_info *tdmr, int *rsvd_idx, u16 max_reserved_per_tdmr) { - struct tdx_memblock *tmb; u64 prev_end; - int ret; + int i, ret; /* * Start looking for reserved blocks at the * beginning of the TDMR. */ prev_end = tdmr->base; - list_for_each_entry(tmb, tmb_list, list) { + for (i = 0; i < sysinfo_cmr->num_cmrs; i++) { u64 start, end; - start = PFN_PHYS(tmb->start_pfn); - end = PFN_PHYS(tmb->end_pfn); + start = sysinfo_cmr->cmr_base[i]; + end = start + sysinfo_cmr->cmr_size[i]; /* Break if this region is after the TDMR */ if (start >= tdmr_end(tdmr)) @@ -870,16 +869,16 @@ static int rsvd_area_cmp_func(const void *a, const void *b) /* * Populate reserved areas for the given @tdmr, including memory holes - * (via @tmb_list) and PAMTs (via @tdmr_list). + * (via @sysinfo_cmr) and PAMTs (via @tdmr_list). */ static int tdmr_populate_rsvd_areas(struct tdmr_info *tdmr, - struct list_head *tmb_list, + struct tdx_sys_info_cmr *sysinfo_cmr, struct tdmr_info_list *tdmr_list, u16 max_reserved_per_tdmr) { int ret, rsvd_idx = 0; - ret = tdmr_populate_rsvd_holes(tmb_list, tdmr, &rsvd_idx, + ret = tdmr_populate_rsvd_holes(sysinfo_cmr, tdmr, &rsvd_idx, max_reserved_per_tdmr); if (ret) return ret; @@ -898,10 +897,10 @@ static int tdmr_populate_rsvd_areas(struct tdmr_info *tdmr, /* * Populate reserved areas for all TDMRs in @tdmr_list, including memory - * holes (via @tmb_list) and PAMTs. + * holes (via @sysinfo_cmr) and PAMTs. */ static int tdmrs_populate_rsvd_areas_all(struct tdmr_info_list *tdmr_list, - struct list_head *tmb_list, + struct tdx_sys_info_cmr *sysinfo_cmr, u16 max_reserved_per_tdmr) { int i; @@ -910,7 +909,7 @@ static int tdmrs_populate_rsvd_areas_all(struct tdmr_info_list *tdmr_list, int ret; ret = tdmr_populate_rsvd_areas(tdmr_entry(tdmr_list, i), - tmb_list, tdmr_list, max_reserved_per_tdmr); + sysinfo_cmr, tdmr_list, max_reserved_per_tdmr); if (ret) return ret; } @@ -925,7 +924,8 @@ static int tdmrs_populate_rsvd_areas_all(struct tdmr_info_list *tdmr_list, */ static int construct_tdmrs(struct list_head *tmb_list, struct tdmr_info_list *tdmr_list, - struct tdx_sys_info_tdmr *sysinfo_tdmr) + struct tdx_sys_info_tdmr *sysinfo_tdmr, + struct tdx_sys_info_cmr *sysinfo_cmr) { u16 pamt_entry_size[TDX_PS_NR] = { sysinfo_tdmr->pamt_4k_entry_size, @@ -942,7 +942,7 @@ static int construct_tdmrs(struct list_head *tmb_list, if (ret) return ret; - ret = tdmrs_populate_rsvd_areas_all(tdmr_list, tmb_list, + ret = tdmrs_populate_rsvd_areas_all(tdmr_list, sysinfo_cmr, sysinfo_tdmr->max_reserved_per_tdmr); if (ret) tdmrs_free_pamt_all(tdmr_list); @@ -1131,7 +1131,8 @@ static int init_tdx_module(void) goto err_free_tdxmem; /* Cover all TDX-usable memory regions in TDMRs */ - ret = construct_tdmrs(&tdx_memlist, &tdx_tdmr_list, &sysinfo.tdmr); + ret = construct_tdmrs(&tdx_memlist, &tdx_tdmr_list, &sysinfo.tdmr, + &sysinfo.cmr); if (ret) goto err_free_tdmrs; From patchwork Mon Oct 28 12:41:11 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Huang, Kai" X-Patchwork-Id: 13853436 Received: from mgamail.intel.com (mgamail.intel.com [192.198.163.13]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id A09731DB928; Mon, 28 Oct 2024 12:42:02 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=192.198.163.13 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1730119324; cv=none; b=C0cEHbliFB7FysBE2+Ipe+pa16e8dDqi/w+BZHs+OWQEA346RhZSxhgu4H/AlJuua/pHTwxeLKimzA9Nj+rb0jZU+Kt/twWCiAsTlSx4gzRPmknfUlaT6O3Zg1SMryrf903JwF02m9W8gciMp1y1jCjne4nM7ixIdyz4qf8EJsg= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1730119324; c=relaxed/simple; bh=ABw0Iwtci0YbpGCDFcIVRoTXAdbHHIpdCy45me/TrPo=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=MjeIo539hQz+mAXjpppAT6gPAQjDgwPy3rLCy/SDLvWm475q8ygH/+Wq6Jdm0xrKfp6s6cviaxLflRQ9wFMFJeH6et17tnZNGF034+midR0fdDzQcQo3gRSsjbUmtSgsiRTGixmdGodNV9QOJQ52pkCaBeFGMvJyBFWNsMS2ixA= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=intel.com; spf=pass smtp.mailfrom=intel.com; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b=Lj0PLHMx; arc=none smtp.client-ip=192.198.163.13 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=intel.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=intel.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b="Lj0PLHMx" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1730119323; x=1761655323; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=ABw0Iwtci0YbpGCDFcIVRoTXAdbHHIpdCy45me/TrPo=; b=Lj0PLHMxfjokHNxG4+DmgzdKKFCk1bPAF6AqvJThS+6u/cfWXVNDb2Ci pQSIQW/toRJCIG7lHVEvCod7WUXF7vwQ6Zn/SAcdVGGiqCP71p60e4nRJ E5Q1fVqh+8n0Lc1TuY1PdVHPCMpWX2gCoRoc0Ysu7dHFqBphVD9KKYWek f5Im7Wo00QFcxFFODUpkkWw7mqNKrjpbJpvFGayLo/UrN3/QH3vEi/qQ2 likI89tgYsq1+Ald6hGZ5d2s7Ksu8wVmOlOUuxtyLfiwgXTGlYG4Bn2DT nFyHgqZHDQRlDNQ7pYtjdYw0uSet0lAMdhet2dUrlIoGNeC8b7A0ypnEN A==; X-CSE-ConnectionGUID: +EfKZGilS4KPyMop9lcN0w== X-CSE-MsgGUID: ioqMaLKwRECycv90sCZK2A== X-IronPort-AV: E=McAfee;i="6700,10204,11238"; a="32575335" X-IronPort-AV: E=Sophos;i="6.11,239,1725346800"; d="scan'208";a="32575335" Received: from orviesa008.jf.intel.com ([10.64.159.148]) by fmvoesa107.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 28 Oct 2024 05:42:02 -0700 X-CSE-ConnectionGUID: 66w5aZ4qTGOKVEEqOSbLbQ== X-CSE-MsgGUID: IOy+vvxyQyGJElHyBj9r8g== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="6.11,239,1725346800"; d="scan'208";a="82420951" Received: from gargmani-mobl1.amr.corp.intel.com (HELO khuang2-desk.gar.corp.intel.com) ([10.124.222.169]) by orviesa008-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 28 Oct 2024 05:41:58 -0700 From: Kai Huang To: dave.hansen@intel.com, kirill.shutemov@linux.intel.com, tglx@linutronix.de, bp@alien8.de, peterz@infradead.org, mingo@redhat.com, hpa@zytor.com, dan.j.williams@intel.com, seanjc@google.com, pbonzini@redhat.com Cc: x86@kernel.org, linux-kernel@vger.kernel.org, kvm@vger.kernel.org, rick.p.edgecombe@intel.com, isaku.yamahata@intel.com, adrian.hunter@intel.com, nik.borisov@suse.com, kai.huang@intel.com Subject: [PATCH v6 09/10] x86/virt/tdx: Require the module to assert it has the NO_RBP_MOD mitigation Date: Tue, 29 Oct 2024 01:41:11 +1300 Message-ID: X-Mailer: git-send-email 2.46.2 In-Reply-To: References: Precedence: bulk X-Mailing-List: kvm@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Old TDX modules can clobber RBP in the TDH.VP.ENTER SEAMCALL. However RBP is used as frame pointer in the x86_64 calling convention, and clobbering RBP could result in bad things like being unable to unwind the stack if any non-maskable exceptions (NMI, #MC etc) happens in that gap. A new "NO_RBP_MOD" feature was introduced to more recent TDX modules to not clobber RBP. This feature is reported in the TDX_FEATURES0 global metadata field via bit 18. Don't initialize the TDX module if this feature is not supported [1]. Note the bit definitions of TDX_FEATURES0 are not auto-generated in tdx_global_metadata.h. Manually define a macro for it in "tdx.h". Link: https://lore.kernel.org/all/fc0e8ab7-86d4-4428-be31-82e1ece6dd21@intel.com/ [1] Signed-off-by: Kai Huang Reviewed-by: Nikolay Borisov Reviewed-by: Adrian Hunter Reviewed-by: Dan Williams --- arch/x86/virt/vmx/tdx/tdx.c | 17 +++++++++++++++++ arch/x86/virt/vmx/tdx/tdx.h | 4 ++++ 2 files changed, 21 insertions(+) diff --git a/arch/x86/virt/vmx/tdx/tdx.c b/arch/x86/virt/vmx/tdx/tdx.c index 9acb12c75e9b..9bc827a6cee8 100644 --- a/arch/x86/virt/vmx/tdx/tdx.c +++ b/arch/x86/virt/vmx/tdx/tdx.c @@ -326,6 +326,18 @@ static int init_tdx_sys_info(struct tdx_sys_info *sysinfo) return 0; } +static int check_features(struct tdx_sys_info *sysinfo) +{ + u64 tdx_features0 = sysinfo->features.tdx_features0; + + if (!(tdx_features0 & TDX_FEATURES0_NO_RBP_MOD)) { + pr_err("frame pointer (RBP) clobber bug present, upgrade TDX module\n"); + return -EINVAL; + } + + return 0; +} + /* Calculate the actual TDMR size */ static int tdmr_size_single(u16 max_reserved_per_tdmr) { @@ -1109,6 +1121,11 @@ static int init_tdx_module(void) if (ret) return ret; + /* Check whether the kernel can support this module */ + ret = check_features(&sysinfo); + if (ret) + return ret; + /* * To keep things simple, assume that all TDX-protected memory * will come from the page allocator. Make sure all pages in the diff --git a/arch/x86/virt/vmx/tdx/tdx.h b/arch/x86/virt/vmx/tdx/tdx.h index 0128b963b723..c8be00f6b15a 100644 --- a/arch/x86/virt/vmx/tdx/tdx.h +++ b/arch/x86/virt/vmx/tdx/tdx.h @@ -5,6 +5,7 @@ #include #include #include +#include #include "tdx_global_metadata.h" /* @@ -54,6 +55,9 @@ struct tdmr_info { DECLARE_FLEX_ARRAY(struct tdmr_reserved_area, reserved_areas); } __packed __aligned(TDMR_INFO_ALIGNMENT); +/* Bit definitions of TDX_FEATURES0 metadata field */ +#define TDX_FEATURES0_NO_RBP_MOD BIT(18) + /* * Do not put any hardware-defined TDX structure representations below * this comment! From patchwork Mon Oct 28 12:41:12 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Huang, Kai" X-Patchwork-Id: 13853437 Received: from mgamail.intel.com (mgamail.intel.com [192.198.163.13]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id ABE641DB928; Mon, 28 Oct 2024 12:42:12 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=192.198.163.13 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1730119334; cv=none; b=uNkPJ5zgU9htjIQUIfM/Z6mAhp11Gm13X5tsKzY18EkewzhLC7SrwcW6dRG4r4fhExMCvfQfN887no6j2CNobDVGqtUi2QB8md1GWUpVjN5PFY+nKetWyx7hd76bkozdIFMs/ErxL2mdlQxt9V5GBOyzMi+R6+R0mW4oDLqp6+4= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1730119334; c=relaxed/simple; bh=URmEjMJeWmPfaZ7ekc/vyFJ1i248/g1nmASADfGoXeY=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=UbJ9tmxk2ZXc2xCUYUr9BSh4MdZu2y2NBXjmxLqCTSHVvfzbBOTS0Tjct21phSWw2OJ/ocH6aR3WAS9XWkP0cF6ccY2HxzCkwG1JNwyoQuoh/saSqT4aqSk4aMjpZyUatW9EzjRADAMPSe91LZixfgTmgRFt4HMxr4aJkh1ELqU= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=intel.com; spf=pass smtp.mailfrom=intel.com; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b=SJADRT44; arc=none smtp.client-ip=192.198.163.13 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=intel.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=intel.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b="SJADRT44" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1730119333; x=1761655333; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=URmEjMJeWmPfaZ7ekc/vyFJ1i248/g1nmASADfGoXeY=; b=SJADRT44HUDwDp7Wwkqb5POl5nW3RyzUBzzZSvjqA7gmWnZD+eNoLhsV ZpJHYRBwtLqhyMC2fDiLhLwKypc1IyTDM7GnG8nAZa6HWrebcMZu/qCDk 1/Kg94+ol03HibSpUw51EJ87y153pGsb1lPMDnXIwxCSfUuHhlBWQWupc avX0QQj9PGz1f+ygBDL891i/MM0cHXgRHVOHyOks0V4UpCGIEnvbQ3fDI w0utX1iS/h5vQ496NTM/EthdC4C6jjNG8uSwKeyOLkzf44I/HS+PT4RnJ CBgil11FkdO/UbekHp5t8UeWqaDYZozAwaDG9hGpUwDEsHt8GU0EiF7Ug g==; X-CSE-ConnectionGUID: MwN0k7neSMugMP3AQXgsrQ== X-CSE-MsgGUID: LF3/VYIEQn2kmceVx6ggZw== X-IronPort-AV: E=McAfee;i="6700,10204,11238"; a="32575345" X-IronPort-AV: E=Sophos;i="6.11,239,1725346800"; d="scan'208";a="32575345" Received: from orviesa008.jf.intel.com ([10.64.159.148]) by fmvoesa107.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 28 Oct 2024 05:42:12 -0700 X-CSE-ConnectionGUID: 16UT0wELThuvJ8OP+tYWYQ== X-CSE-MsgGUID: vTK4IaBcQcOuodK6CdP5KQ== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="6.11,239,1725346800"; d="scan'208";a="82420960" Received: from gargmani-mobl1.amr.corp.intel.com (HELO khuang2-desk.gar.corp.intel.com) ([10.124.222.169]) by orviesa008-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 28 Oct 2024 05:42:02 -0700 From: Kai Huang To: dave.hansen@intel.com, kirill.shutemov@linux.intel.com, tglx@linutronix.de, bp@alien8.de, peterz@infradead.org, mingo@redhat.com, hpa@zytor.com, dan.j.williams@intel.com, seanjc@google.com, pbonzini@redhat.com Cc: x86@kernel.org, linux-kernel@vger.kernel.org, kvm@vger.kernel.org, rick.p.edgecombe@intel.com, isaku.yamahata@intel.com, adrian.hunter@intel.com, nik.borisov@suse.com, kai.huang@intel.com Subject: [PATCH v6 10/10] x86/virt/tdx: Print TDX module version Date: Tue, 29 Oct 2024 01:41:12 +1300 Message-ID: <57eaa1b17429315f8b5207774307f3c1dd40cf37.1730118186.git.kai.huang@intel.com> X-Mailer: git-send-email 2.46.2 In-Reply-To: References: Precedence: bulk X-Mailing-List: kvm@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Currently the kernel doesn't print any TDX module version information. In practice such information is useful, especially to the developers. For instance: 1) When something goes wrong around using TDX, the module version is normally the first information the users want to know [1]. 2) The users want to quickly know module version to see whether the loaded module is the expected one. Dump TDX module version. The actual dmesg will look like: virt/tdx: module version: 1.5.00.00.0481 (build_date 20230323). And dump right after reading global metadata, so that this information is printed no matter whether module initialization fails or not. Link: https://lore.kernel.org/lkml/4b3adb59-50ea-419e-ad02-e19e8ca20dee@intel.com/ [1] Signed-off-by: Kai Huang Reviewed-by: Dan Williams --- arch/x86/virt/vmx/tdx/tdx.c | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) diff --git a/arch/x86/virt/vmx/tdx/tdx.c b/arch/x86/virt/vmx/tdx/tdx.c index 9bc827a6cee8..6982e100536d 100644 --- a/arch/x86/virt/vmx/tdx/tdx.c +++ b/arch/x86/virt/vmx/tdx/tdx.c @@ -312,6 +312,23 @@ static void print_cmrs(struct tdx_sys_info_cmr *sysinfo_cmr) } } +static void print_module_version(struct tdx_sys_info_version *version) +{ + /* + * TDX module version encoding: + * + * .... + * + * When printed as text, and are 1-digit, + * and are 2-digits and + * is 4-digits. + */ + pr_info("module version: %u.%u.%02u.%02u.%04u (build_date %u).\n", + version->major_version, version->minor_version, + version->update_version, version->internal_version, + version->build_num, version->build_date); +} + static int init_tdx_sys_info(struct tdx_sys_info *sysinfo) { int ret; @@ -322,6 +339,7 @@ static int init_tdx_sys_info(struct tdx_sys_info *sysinfo) trim_null_tail_cmrs(&sysinfo->cmr); print_cmrs(&sysinfo->cmr); + print_module_version(&sysinfo->version); return 0; }