From patchwork Mon Nov 11 10:39:37 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Huang, Kai" X-Patchwork-Id: 13870566 Received: from mgamail.intel.com (mgamail.intel.com [198.175.65.11]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 55E3B18B46A; Mon, 11 Nov 2024 10:40:16 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=198.175.65.11 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1731321618; cv=none; b=MBct1bDxEOhhZygyjau6zVU5N1xC1iX8YnxntQlP9CkQYhVSgb9S0uU5bqPFIEo3t3arJBDcLGBDPnY0w34Gk54vA1XKcCTazEv2ZGueoOGv56AYZGh5pvfsEm3AakOTNwHvewt8BaWNNS+wDqooY2SbWeG/KnALsKmMqrcDoYM= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1731321618; c=relaxed/simple; bh=iJrknpuZDTQn1my2KbzFpSYQx081vYUCNcNifeNVA2E=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=WbstDdJNrsYdArelxDGItFv+2W1fiJ30ZUAFBc2CSQ+G/bV5uRsq65bjEH5bOn+6S2WD3sZ72rb6na8PR5h8clMf7lKZ5MX3348U+yfyoPOn6FzKc//yvI1ttnstMKAxII/xTtoGv+ekhNgcV1YQ6sezcxcTWkdDwvNsblMGylE= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=intel.com; spf=pass smtp.mailfrom=intel.com; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b=Gna16277; arc=none smtp.client-ip=198.175.65.11 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=intel.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=intel.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b="Gna16277" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1731321617; x=1762857617; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=iJrknpuZDTQn1my2KbzFpSYQx081vYUCNcNifeNVA2E=; b=Gna16277GnTm5xzw4EiT9hPljsTYlk3ivkiRmE/Cip6tigwNBLRpZLz1 w9w3m6K13hqpIHZg09JUnef/kFOS/AztP6Jy7GtL3dD95XbRjy45idk/D wxJnKWNWMHZku8oVzB1A0YsjMuv96m+ROId2DkPipgGuCG6YjHPO1tSxM H6NjMdIAh2RIixoaEn72nfExfyvysx8SPwQAfT4OvHDzS08No4ZYpJ4ZB 3T2dHzSkjZcrLLhDZoGP8R0gq75iueUrbXlTl0IVKEWLfBEtRo2DSFWq8 z/S9qlhCayaw7KAkVtvTsRzpXDqFz+6A2btFUS7cdsJOZ9dZ4JuBsFLGu w==; X-CSE-ConnectionGUID: meyLUSsbT12FjaLPlE3qqg== X-CSE-MsgGUID: 0vaCs/T9S6OJhju+rCl1cA== X-IronPort-AV: E=McAfee;i="6700,10204,11222"; a="41682599" X-IronPort-AV: E=Sophos;i="6.11,199,1725346800"; d="scan'208";a="41682599" Received: from orviesa002.jf.intel.com ([10.64.159.142]) by orvoesa103.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 11 Nov 2024 02:40:17 -0800 X-CSE-ConnectionGUID: +WyXE9gqQCSkc1MK+lKBug== X-CSE-MsgGUID: QZTZEme4TkWYfpeZO318iA== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="6.12,144,1728975600"; d="scan'208";a="117667090" Received: from uaeoff-desk2.amr.corp.intel.com (HELO khuang2-desk.gar.corp.intel.com) ([10.124.223.207]) by orviesa002-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 11 Nov 2024 02:40:12 -0800 From: Kai Huang To: dave.hansen@intel.com, kirill.shutemov@linux.intel.com, tglx@linutronix.de, bp@alien8.de, peterz@infradead.org, mingo@redhat.com, hpa@zytor.com, dan.j.williams@intel.com, seanjc@google.com, pbonzini@redhat.com Cc: x86@kernel.org, linux-kernel@vger.kernel.org, kvm@vger.kernel.org, rick.p.edgecombe@intel.com, isaku.yamahata@intel.com, adrian.hunter@intel.com, nik.borisov@suse.com, kai.huang@intel.com Subject: [PATCH v7 01/10] x86/virt/tdx: Rename 'struct tdx_tdmr_sysinfo' to reflect the spec better Date: Mon, 11 Nov 2024 23:39:37 +1300 Message-ID: <7d0dea29bc6abff051c45048d26547acb6f2a62b.1731318868.git.kai.huang@intel.com> X-Mailer: git-send-email 2.46.2 In-Reply-To: References: Precedence: bulk X-Mailing-List: kvm@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 The TDX module provides a set of "Global Metadata Fields". They report things like TDX module version, supported features, and fields related to create/run TDX guests and so on. TDX organizes those metadata fields by "Classes" based on the meaning of those fields. E.g., for now the kernel only reads "TD Memory Region" (TDMR) related fields for module initialization. Those fields are defined under class "TDMR Info". There are both immediate needs to read more metadata fields for module initialization and near-future needs for other kernel components like KVM to run TDX guests. To meet all those requirements, the idea is the TDX host core-kernel to provide a centralized, canonical, and read-only structure for the global metadata that comes out from the TDX module for all kernel components to use. More specifically, the target is to end up with something like: struct tdx_sys_info { struct tdx_sys_info_classA a; struct tdx_sys_info_classB b; ... }; Currently the kernel organizes all fields under "TDMR Info" class in 'struct tdx_tdmr_sysinfo'. To prepare for the above target, rename the structure to 'struct tdx_sys_info_tdmr' to follow the class name better. No functional change intended. Signed-off-by: Kai Huang Reviewed-by: Adrian Hunter Reviewed-by: Dan Williams --- arch/x86/virt/vmx/tdx/tdx.c | 36 ++++++++++++++++++------------------ arch/x86/virt/vmx/tdx/tdx.h | 2 +- 2 files changed, 19 insertions(+), 19 deletions(-) diff --git a/arch/x86/virt/vmx/tdx/tdx.c b/arch/x86/virt/vmx/tdx/tdx.c index 4e2b2e2ac9f9..e979bf442929 100644 --- a/arch/x86/virt/vmx/tdx/tdx.c +++ b/arch/x86/virt/vmx/tdx/tdx.c @@ -272,7 +272,7 @@ static int read_sys_metadata_field(u64 field_id, u64 *data) static int read_sys_metadata_field16(u64 field_id, int offset, - struct tdx_tdmr_sysinfo *ts) + struct tdx_sys_info_tdmr *ts) { u16 *ts_member = ((void *)ts) + offset; u64 tmp; @@ -298,9 +298,9 @@ struct field_mapping { #define TD_SYSINFO_MAP(_field_id, _offset) \ { .field_id = MD_FIELD_ID_##_field_id, \ - .offset = offsetof(struct tdx_tdmr_sysinfo, _offset) } + .offset = offsetof(struct tdx_sys_info_tdmr, _offset) } -/* Map TD_SYSINFO fields into 'struct tdx_tdmr_sysinfo': */ +/* Map TD_SYSINFO fields into 'struct tdx_sys_info_tdmr': */ static const struct field_mapping fields[] = { TD_SYSINFO_MAP(MAX_TDMRS, max_tdmrs), TD_SYSINFO_MAP(MAX_RESERVED_PER_TDMR, max_reserved_per_tdmr), @@ -309,16 +309,16 @@ static const struct field_mapping fields[] = { TD_SYSINFO_MAP(PAMT_1G_ENTRY_SIZE, pamt_entry_size[TDX_PS_1G]), }; -static int get_tdx_tdmr_sysinfo(struct tdx_tdmr_sysinfo *tdmr_sysinfo) +static int get_tdx_sys_info_tdmr(struct tdx_sys_info_tdmr *sysinfo_tdmr) { int ret; int i; - /* Populate 'tdmr_sysinfo' fields using the mapping structure above: */ + /* Populate 'sysinfo_tdmr' fields using the mapping structure above: */ for (i = 0; i < ARRAY_SIZE(fields); i++) { ret = read_sys_metadata_field16(fields[i].field_id, fields[i].offset, - tdmr_sysinfo); + sysinfo_tdmr); if (ret) return ret; } @@ -342,13 +342,13 @@ static int tdmr_size_single(u16 max_reserved_per_tdmr) } static int alloc_tdmr_list(struct tdmr_info_list *tdmr_list, - struct tdx_tdmr_sysinfo *tdmr_sysinfo) + struct tdx_sys_info_tdmr *sysinfo_tdmr) { size_t tdmr_sz, tdmr_array_sz; void *tdmr_array; - tdmr_sz = tdmr_size_single(tdmr_sysinfo->max_reserved_per_tdmr); - tdmr_array_sz = tdmr_sz * tdmr_sysinfo->max_tdmrs; + tdmr_sz = tdmr_size_single(sysinfo_tdmr->max_reserved_per_tdmr); + tdmr_array_sz = tdmr_sz * sysinfo_tdmr->max_tdmrs; /* * To keep things simple, allocate all TDMRs together. @@ -367,7 +367,7 @@ static int alloc_tdmr_list(struct tdmr_info_list *tdmr_list, * at a given index in the TDMR list. */ tdmr_list->tdmr_sz = tdmr_sz; - tdmr_list->max_tdmrs = tdmr_sysinfo->max_tdmrs; + tdmr_list->max_tdmrs = sysinfo_tdmr->max_tdmrs; tdmr_list->nr_consumed_tdmrs = 0; return 0; @@ -921,11 +921,11 @@ static int tdmrs_populate_rsvd_areas_all(struct tdmr_info_list *tdmr_list, /* * Construct a list of TDMRs on the preallocated space in @tdmr_list * to cover all TDX memory regions in @tmb_list based on the TDX module - * TDMR global information in @tdmr_sysinfo. + * TDMR global information in @sysinfo_tdmr. */ static int construct_tdmrs(struct list_head *tmb_list, struct tdmr_info_list *tdmr_list, - struct tdx_tdmr_sysinfo *tdmr_sysinfo) + struct tdx_sys_info_tdmr *sysinfo_tdmr) { int ret; @@ -934,12 +934,12 @@ static int construct_tdmrs(struct list_head *tmb_list, return ret; ret = tdmrs_set_up_pamt_all(tdmr_list, tmb_list, - tdmr_sysinfo->pamt_entry_size); + sysinfo_tdmr->pamt_entry_size); if (ret) return ret; ret = tdmrs_populate_rsvd_areas_all(tdmr_list, tmb_list, - tdmr_sysinfo->max_reserved_per_tdmr); + sysinfo_tdmr->max_reserved_per_tdmr); if (ret) tdmrs_free_pamt_all(tdmr_list); @@ -1098,7 +1098,7 @@ static int init_tdmrs(struct tdmr_info_list *tdmr_list) static int init_tdx_module(void) { - struct tdx_tdmr_sysinfo tdmr_sysinfo; + struct tdx_sys_info_tdmr sysinfo_tdmr; int ret; /* @@ -1117,17 +1117,17 @@ static int init_tdx_module(void) if (ret) goto out_put_tdxmem; - ret = get_tdx_tdmr_sysinfo(&tdmr_sysinfo); + ret = get_tdx_sys_info_tdmr(&sysinfo_tdmr); if (ret) goto err_free_tdxmem; /* Allocate enough space for constructing TDMRs */ - ret = alloc_tdmr_list(&tdx_tdmr_list, &tdmr_sysinfo); + ret = alloc_tdmr_list(&tdx_tdmr_list, &sysinfo_tdmr); if (ret) goto err_free_tdxmem; /* Cover all TDX-usable memory regions in TDMRs */ - ret = construct_tdmrs(&tdx_memlist, &tdx_tdmr_list, &tdmr_sysinfo); + ret = construct_tdmrs(&tdx_memlist, &tdx_tdmr_list, &sysinfo_tdmr); if (ret) goto err_free_tdmrs; diff --git a/arch/x86/virt/vmx/tdx/tdx.h b/arch/x86/virt/vmx/tdx/tdx.h index b701f69485d3..148f9b4d1140 100644 --- a/arch/x86/virt/vmx/tdx/tdx.h +++ b/arch/x86/virt/vmx/tdx/tdx.h @@ -100,7 +100,7 @@ struct tdx_memblock { }; /* "TDMR info" part of "Global Scope Metadata" for constructing TDMRs */ -struct tdx_tdmr_sysinfo { +struct tdx_sys_info_tdmr { u16 max_tdmrs; u16 max_reserved_per_tdmr; u16 pamt_entry_size[TDX_PS_NR]; From patchwork Mon Nov 11 10:39:38 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Huang, Kai" X-Patchwork-Id: 13870567 Received: from mgamail.intel.com (mgamail.intel.com [198.175.65.11]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 8F38517C7BD; Mon, 11 Nov 2024 10:40:22 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=198.175.65.11 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1731321624; cv=none; b=YXbeS9q9SvYVrjc1exft8c4JTgWN5vCFQEEuAfCZ9cvWHsTlcHfLYOxj4PI+09K5D7XZpN/4iGk2o0J14t0t17iBN4mXA+buIATfWxpet23QAaHTOkXOn3YBLPj6zLMdJCwH6AbVi5SYT3KDx+QSkFZOBHZq65azMeT/yYVtqyQ= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1731321624; c=relaxed/simple; bh=2IDZXwCDtWKg5ndNfy9hroXbFgjIWFer4PMCB8Dobdc=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=NyaJuYgVulEtrr63qYUNaGHnWDTHGfE4AJ5nOsciwSyRS5w/9qThkhFbLDnp64i8My+DiTWb1S/+4qOnoKNwYMBBySCD41l2p5GonXlbp7IHC2gEZM+Nr8HYAeLO89ysqyA5247cLO/aF0L8vDD+dzYzcwvhAnO7HL2XIEIE3PM= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=intel.com; spf=pass smtp.mailfrom=intel.com; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b=Ut4zkQFn; arc=none smtp.client-ip=198.175.65.11 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=intel.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=intel.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b="Ut4zkQFn" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1731321623; x=1762857623; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=2IDZXwCDtWKg5ndNfy9hroXbFgjIWFer4PMCB8Dobdc=; b=Ut4zkQFnejY6qgtYf+RmOhwUYua2pjxcKNzQoH3fSg7YXLN3whN4p09i rOHoVFGJt56ViqBmOweyEMWkm66CYRIdwnsCW5NFCwfsGcGAzX8a61ZT8 GytGf6Iqc2Z2aKSDWzyRco5iq3UJXfFCcfHyjZm32N8RFNQNH9tw0EP0O sFbJINzWbT6b/j5Em7bCM5RQwejOboqIZpSC8gfvnXi/IhQSk+C6YkkIl gtkr++YLDKJm0XXsbBHWq1KQ34UtOJtuaHMLJ6kHdrsS+hR94Hxf6f5bw bpsoUytBKEqfYaRsZLqIb71N9Fgq1XGzMXiKRjXygdBvwJv/G3/EbYmIW A==; X-CSE-ConnectionGUID: rdd3chZrRfW1kDBVVq2plw== X-CSE-MsgGUID: I2d4KB/yS3+N8P+a8qL7rw== X-IronPort-AV: E=McAfee;i="6700,10204,11222"; a="41682632" X-IronPort-AV: E=Sophos;i="6.11,199,1725346800"; d="scan'208";a="41682632" Received: from orviesa002.jf.intel.com ([10.64.159.142]) by orvoesa103.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 11 Nov 2024 02:40:22 -0800 X-CSE-ConnectionGUID: bh4npz3DRO+q3OcX/739Wg== X-CSE-MsgGUID: at8Gm3j+RM6IAFomt8x9xw== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="6.12,144,1728975600"; d="scan'208";a="117667107" Received: from uaeoff-desk2.amr.corp.intel.com (HELO khuang2-desk.gar.corp.intel.com) ([10.124.223.207]) by orviesa002-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 11 Nov 2024 02:40:16 -0800 From: Kai Huang To: dave.hansen@intel.com, kirill.shutemov@linux.intel.com, tglx@linutronix.de, bp@alien8.de, peterz@infradead.org, mingo@redhat.com, hpa@zytor.com, dan.j.williams@intel.com, seanjc@google.com, pbonzini@redhat.com Cc: x86@kernel.org, linux-kernel@vger.kernel.org, kvm@vger.kernel.org, rick.p.edgecombe@intel.com, isaku.yamahata@intel.com, adrian.hunter@intel.com, nik.borisov@suse.com, kai.huang@intel.com Subject: [PATCH v7 02/10] x86/virt/tdx: Start to track all global metadata in one structure Date: Mon, 11 Nov 2024 23:39:38 +1300 Message-ID: <0fd3b59a754f7f21d790ab2e9781badec293c0ff.1731318868.git.kai.huang@intel.com> X-Mailer: git-send-email 2.46.2 In-Reply-To: References: Precedence: bulk X-Mailing-List: kvm@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 The TDX module provides a set of "Global Metadata Fields". They report things like TDX module version, supported features, and fields related to create/run TDX guests and so on. Currently the kernel only reads "TD Memory Region" (TDMR) related fields for module initialization. There are immediate needs which require the TDX module initialization to read more global metadata including module version, supported features and "Convertible Memory Regions" (CMRs). Also, KVM will need to read more metadata fields to support baseline TDX guests. In the longer term, other TDX features like TDX Connect (which supports assigning trusted IO devices to TDX guest) may also require other kernel components such as pci/vt-d to access global metadata. To meet all those requirements, the idea is the TDX host core-kernel to to provide a centralized, canonical, and read-only structure for the global metadata that comes out from the TDX module for all kernel components to use. As the first step, introduce a new 'struct tdx_sys_info' to track all global metadata fields. TDX categories global metadata fields into different "Classes". E.g., the TDMR related fields are under class "TDMR Info". Instead of making 'struct tdx_sys_info' a plain structure to contain all metadata fields, organize them in smaller structures based on the "Class". This allows those metadata fields to be used in finer granularity thus makes the code more clear. E.g., the construct_tdmr() can just take the structure which contains "TDMR Info" metadata fields. Add a new function get_tdx_sys_info() as the placeholder to read all metadata fields, and call it at the beginning of init_tdx_module(). For now it only calls get_tdx_sys_info_tdmr() to read TDMR related fields. Note there is a functional change: get_tdx_sys_info_tdmr() is moved from after build_tdx_memlist() to before it, but it is fine to do so. Signed-off-by: Kai Huang Reviewed-by: Adrian Hunter Reviewed-by: Dan Williams --- arch/x86/virt/vmx/tdx/tdx.c | 19 ++++++++++++------- arch/x86/virt/vmx/tdx/tdx.h | 19 ++++++++++++------- 2 files changed, 24 insertions(+), 14 deletions(-) diff --git a/arch/x86/virt/vmx/tdx/tdx.c b/arch/x86/virt/vmx/tdx/tdx.c index e979bf442929..7a2f979092e7 100644 --- a/arch/x86/virt/vmx/tdx/tdx.c +++ b/arch/x86/virt/vmx/tdx/tdx.c @@ -326,6 +326,11 @@ static int get_tdx_sys_info_tdmr(struct tdx_sys_info_tdmr *sysinfo_tdmr) return 0; } +static int get_tdx_sys_info(struct tdx_sys_info *sysinfo) +{ + return get_tdx_sys_info_tdmr(&sysinfo->tdmr); +} + /* Calculate the actual TDMR size */ static int tdmr_size_single(u16 max_reserved_per_tdmr) { @@ -1098,9 +1103,13 @@ static int init_tdmrs(struct tdmr_info_list *tdmr_list) static int init_tdx_module(void) { - struct tdx_sys_info_tdmr sysinfo_tdmr; + struct tdx_sys_info sysinfo; int ret; + ret = get_tdx_sys_info(&sysinfo); + if (ret) + return ret; + /* * To keep things simple, assume that all TDX-protected memory * will come from the page allocator. Make sure all pages in the @@ -1117,17 +1126,13 @@ static int init_tdx_module(void) if (ret) goto out_put_tdxmem; - ret = get_tdx_sys_info_tdmr(&sysinfo_tdmr); - if (ret) - goto err_free_tdxmem; - /* Allocate enough space for constructing TDMRs */ - ret = alloc_tdmr_list(&tdx_tdmr_list, &sysinfo_tdmr); + ret = alloc_tdmr_list(&tdx_tdmr_list, &sysinfo.tdmr); if (ret) goto err_free_tdxmem; /* Cover all TDX-usable memory regions in TDMRs */ - ret = construct_tdmrs(&tdx_memlist, &tdx_tdmr_list, &sysinfo_tdmr); + ret = construct_tdmrs(&tdx_memlist, &tdx_tdmr_list, &sysinfo.tdmr); if (ret) goto err_free_tdmrs; diff --git a/arch/x86/virt/vmx/tdx/tdx.h b/arch/x86/virt/vmx/tdx/tdx.h index 148f9b4d1140..2600ec3752f5 100644 --- a/arch/x86/virt/vmx/tdx/tdx.h +++ b/arch/x86/virt/vmx/tdx/tdx.h @@ -80,6 +80,18 @@ struct tdmr_info { DECLARE_FLEX_ARRAY(struct tdmr_reserved_area, reserved_areas); } __packed __aligned(TDMR_INFO_ALIGNMENT); +/* Class "TDMR info" */ +struct tdx_sys_info_tdmr { + u16 max_tdmrs; + u16 max_reserved_per_tdmr; + u16 pamt_entry_size[TDX_PS_NR]; +}; + +/* Kernel used global metadata fields */ +struct tdx_sys_info { + struct tdx_sys_info_tdmr tdmr; +}; + /* * Do not put any hardware-defined TDX structure representations below * this comment! @@ -99,13 +111,6 @@ struct tdx_memblock { int nid; }; -/* "TDMR info" part of "Global Scope Metadata" for constructing TDMRs */ -struct tdx_sys_info_tdmr { - u16 max_tdmrs; - u16 max_reserved_per_tdmr; - u16 pamt_entry_size[TDX_PS_NR]; -}; - /* Warn if kernel has less than TDMR_NR_WARN TDMRs after allocation */ #define TDMR_NR_WARN 4 From patchwork Mon Nov 11 10:39:39 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Huang, Kai" X-Patchwork-Id: 13870568 Received: from mgamail.intel.com (mgamail.intel.com [198.175.65.11]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 8A0501990A8; Mon, 11 Nov 2024 10:40:24 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=198.175.65.11 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1731321626; cv=none; b=ptleNrCbEL0T5ykmE23c0+ydvRrc0HOiiuT1sg1gJhP2ZTc7nnVu17MQ+k9E8Ge/GI4rz2/BwA2ZYpSwlr+IBs9djQiDBMUc8l/Pz3kZrOY4gAkIfMfHbA1Nw99qhius8AnBIZnAgZaKcHX4Ex/BHtZdgBXN2uAd6qxkJwOVWjQ= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1731321626; c=relaxed/simple; bh=VAWncTV2X6H27WsHuc8Fo/M3JkMorsbuajvOQNvQgZk=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=tq9mRiBCYyvxXe0rwwCoTT0b1v9KO4VN+FZKd7f2GnK02mCd6Tz2kjULHy2y2i3qwB0M2kVoQx70wCfrsVJ3DTaTUb01qdOHC4tNVcZMMJSUBni9+EqCU+dkNdQHPH5qhD2Z1tlCRlScWk9xjRg4/BX7Kvsm0iK65NbkaEPBjcQ= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=intel.com; spf=pass smtp.mailfrom=intel.com; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b=FlQUtqjB; arc=none smtp.client-ip=198.175.65.11 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=intel.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=intel.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b="FlQUtqjB" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1731321625; x=1762857625; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=VAWncTV2X6H27WsHuc8Fo/M3JkMorsbuajvOQNvQgZk=; b=FlQUtqjBi2UoyjgJm7B3G+YvHVmf0xTxZsgBM520OSJox38EncTAK9Vg nrieoaqeRgPKdkBLTdXgwYni1YokqRmihTwhX+cNIQBsgXidUJarwMQcQ b8eNjoZvDxF2mnXnNwhEuJRblrnmDZZObWrigkqatldl/3CDmog2+LH1j kmBYYKx1Px2suD3X09WCZ5ztVemqmYhmRePMLegYYcz7LEbsWvAXwXztI 1hQQ90AwAiL6iosfGYKGprw6HlxkwvjP6fpl6SjoMh7fHR2V4YLmioHVX 7vbmS2j0ZHLW6uZxlg0WbGOqi1YQUl053f0UpD2+3+D+/7DvWliP/HsRk g==; X-CSE-ConnectionGUID: kzrE/yuJTXODgyThe8Dtnw== X-CSE-MsgGUID: bRrDOZ/XTjSXmqZLK8+vmA== X-IronPort-AV: E=McAfee;i="6700,10204,11222"; a="41682659" X-IronPort-AV: E=Sophos;i="6.11,199,1725346800"; d="scan'208";a="41682659" Received: from orviesa002.jf.intel.com ([10.64.159.142]) by orvoesa103.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 11 Nov 2024 02:40:25 -0800 X-CSE-ConnectionGUID: 3yZmEvwhRbiI0xHv3hrsYw== X-CSE-MsgGUID: Trz9OY0nQwetOmZw8vVDFA== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="6.12,144,1728975600"; d="scan'208";a="117667131" Received: from uaeoff-desk2.amr.corp.intel.com (HELO khuang2-desk.gar.corp.intel.com) ([10.124.223.207]) by orviesa002-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 11 Nov 2024 02:40:20 -0800 From: Kai Huang To: dave.hansen@intel.com, kirill.shutemov@linux.intel.com, tglx@linutronix.de, bp@alien8.de, peterz@infradead.org, mingo@redhat.com, hpa@zytor.com, dan.j.williams@intel.com, seanjc@google.com, pbonzini@redhat.com Cc: x86@kernel.org, linux-kernel@vger.kernel.org, kvm@vger.kernel.org, rick.p.edgecombe@intel.com, isaku.yamahata@intel.com, adrian.hunter@intel.com, nik.borisov@suse.com, kai.huang@intel.com Subject: [PATCH v7 03/10] x86/virt/tdx: Use auto-generated code to read global metadata Date: Mon, 11 Nov 2024 23:39:39 +1300 Message-ID: <695235e85bb990d8fe055acd21b6247dc0254ec0.1731318868.git.kai.huang@intel.com> X-Mailer: git-send-email 2.46.2 In-Reply-To: References: Precedence: bulk X-Mailing-List: kvm@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 From: Paolo Bonzini The TDX module provides a set of "Global Metadata Fields". Currently the kernel only reads "TD Memory Region" (TDMR) related fields for module initialization. There are needs to read more global metadata fields including TDX module version [1], supported features [2] and "Convertible Memory Regions" (CMRs) to fix a module initialization failure [3]. Future changes to support KVM TDX and other features like TDX Connect will need to read more. The current global metadata reading code has limitations (e.g., it only has a primitive helper to read metadata field with 16-bit element size, while TDX supports 8/16/32/64 bits metadata element sizes). It needs tweaks in order to read more metadata fields. But even with the tweaks, when new code is added to read a new field, the reviewers will still need to review against the spec to make sure the new code doesn't screw up things like using the wrong metadata field ID (each metadata field is associated with a unique field ID, which is a TDX-defined u64 constant) etc. TDX documents all global metadata fields in a 'global_metadata.json' file as part of TDX spec [4]. JSON format is machine readable. Instead of tweaking the metadata reading code, use a script [5] to generate the code so that: 1) Using the generated C is simple. 2) Adding a field is simple, e.g., the script just pulls the field ID out of the JSON for a given field thus no manual review is needed. Specifically, to match the layout of the 'struct tdx_sys_info' and its sub-structures, the script uses a table with each entry containing the the name of the sub-structures (which reflects the "Class") and the "Field Name" of all its fields, and auto-generate: 1) The 'struct tdx_sys_info' and all 'struct tdx_sys_info_xx' sub-structures in 'tdx_global_metadata.h' 2) The main function 'get_tdx_sys_info()' which reads all metadata to 'struct tdx_sys_info' and the 'get_tdx_sys_info_xx()' functions which read 'struct tdx_sys_info_xx()' in 'tdx_global_metadata.c'. Using the generated C is simple: 1) include "tdx_global_metadata.h" to the local "tdx.h"; 2) explicitly include "tdx_global_metadata.c" to the local "tdx.c" after the read_sys_metadata_field() primitive (which is a wrapper of TDH.SYS.RD SEAMCALL to read global metadata). Adding a field is also simple: 1) just add the new field to an existing structure, or add it with a new structure; 2) re-run the script to generate the new code; 3) update the existing tdx_global_metadata.{hc} with the new ones. For now, use the auto-generated code to read the aforesaid metadata fields: 1) TDX module version; 2) supported features; 3) CMRs. Reading CMRs is more complicated than reading a simple field, since there are two arrays containing the "CMR_BASE" and "CMR_SIZE" for each CMR respectively. TDX spec [3] section "Metadata Access Interface", sub-section "Arrays of Metadata Fields" defines the way to read metadata fields in an array. There's a "Base field ID" (say, X) for the array and the field ID for entry array[i] is X + i. For CMRs, the field "NUM_CMRS" reports the number of CMR entries that can be read, and the code needs to use the value reported via "NUM_CMRS" to loop despite the JSON file says the "Num Fields" of both "CMR_BASE" and "CMR_SIZE" are 32. The tdx_global_metadata.{hc} can be generated by running below: #python tdx_global_metadata.py global_metadata.json \ tdx_global_metadata.h tdx_global_metadata.c .. where the tdx_global_metadata.py can be found in [5] and the global_metadata.json can be fetched from [4]. Link: https://lore.kernel.org/4b3adb59-50ea-419e-ad02-e19e8ca20dee@intel.com/ [1] Link: https://lore.kernel.org/fc0e8ab7-86d4-4428-be31-82e1ece6dd21@intel.com/ [2] Link: https://github.com/canonical/tdx/issues/135 [3] Link: https://cdrdv2.intel.com/v1/dl/getContent/795381 [4] Link: https://lore.kernel.org/20241031104433.855336-1-kai.huang@intel.com/ [5] Signed-off-by: Paolo Bonzini Co-developed-by: Kai Huang Signed-off-by: Kai Huang Reviewed-by: Dan Williams --- arch/x86/virt/vmx/tdx/tdx_global_metadata.c | 89 +++++++++++++++++++++ arch/x86/virt/vmx/tdx/tdx_global_metadata.h | 42 ++++++++++ 2 files changed, 131 insertions(+) create mode 100644 arch/x86/virt/vmx/tdx/tdx_global_metadata.c create mode 100644 arch/x86/virt/vmx/tdx/tdx_global_metadata.h diff --git a/arch/x86/virt/vmx/tdx/tdx_global_metadata.c b/arch/x86/virt/vmx/tdx/tdx_global_metadata.c new file mode 100644 index 000000000000..2fe57e084453 --- /dev/null +++ b/arch/x86/virt/vmx/tdx/tdx_global_metadata.c @@ -0,0 +1,89 @@ +// SPDX-License-Identifier: GPL-2.0 +/* + * Automatically generated functions to read TDX global metadata. + * + * This file doesn't compile on its own as it lacks of inclusion + * of SEAMCALL wrapper primitive which reads global metadata. + * Include this file to other C file instead. + */ + +static int get_tdx_sys_info_version(struct tdx_sys_info_version *sysinfo_version) +{ + int ret = 0; + u64 val; + + if (!ret && !(ret = read_sys_metadata_field(0x8800000200000001, &val))) + sysinfo_version->build_date = val; + if (!ret && !(ret = read_sys_metadata_field(0x8800000100000002, &val))) + sysinfo_version->build_num = val; + if (!ret && !(ret = read_sys_metadata_field(0x0800000100000003, &val))) + sysinfo_version->minor_version = val; + if (!ret && !(ret = read_sys_metadata_field(0x0800000100000004, &val))) + sysinfo_version->major_version = val; + if (!ret && !(ret = read_sys_metadata_field(0x0800000100000005, &val))) + sysinfo_version->update_version = val; + if (!ret && !(ret = read_sys_metadata_field(0x0800000100000006, &val))) + sysinfo_version->internal_version = val; + + return ret; +} + +static int get_tdx_sys_info_features(struct tdx_sys_info_features *sysinfo_features) +{ + int ret = 0; + u64 val; + + if (!ret && !(ret = read_sys_metadata_field(0x0A00000300000008, &val))) + sysinfo_features->tdx_features0 = val; + + return ret; +} + +static int get_tdx_sys_info_tdmr(struct tdx_sys_info_tdmr *sysinfo_tdmr) +{ + int ret = 0; + u64 val; + + if (!ret && !(ret = read_sys_metadata_field(0x9100000100000008, &val))) + sysinfo_tdmr->max_tdmrs = val; + if (!ret && !(ret = read_sys_metadata_field(0x9100000100000009, &val))) + sysinfo_tdmr->max_reserved_per_tdmr = val; + if (!ret && !(ret = read_sys_metadata_field(0x9100000100000010, &val))) + sysinfo_tdmr->pamt_4k_entry_size = val; + if (!ret && !(ret = read_sys_metadata_field(0x9100000100000011, &val))) + sysinfo_tdmr->pamt_2m_entry_size = val; + if (!ret && !(ret = read_sys_metadata_field(0x9100000100000012, &val))) + sysinfo_tdmr->pamt_1g_entry_size = val; + + return ret; +} + +static int get_tdx_sys_info_cmr(struct tdx_sys_info_cmr *sysinfo_cmr) +{ + int ret = 0; + u64 val; + int i; + + if (!ret && !(ret = read_sys_metadata_field(0x9000000100000000, &val))) + sysinfo_cmr->num_cmrs = val; + for (i = 0; i < sysinfo_cmr->num_cmrs; i++) + if (!ret && !(ret = read_sys_metadata_field(0x9000000300000080 + i, &val))) + sysinfo_cmr->cmr_base[i] = val; + for (i = 0; i < sysinfo_cmr->num_cmrs; i++) + if (!ret && !(ret = read_sys_metadata_field(0x9000000300000100 + i, &val))) + sysinfo_cmr->cmr_size[i] = val; + + return ret; +} + +static int get_tdx_sys_info(struct tdx_sys_info *sysinfo) +{ + int ret = 0; + + ret = ret ?: get_tdx_sys_info_version(&sysinfo->version); + ret = ret ?: get_tdx_sys_info_features(&sysinfo->features); + ret = ret ?: get_tdx_sys_info_tdmr(&sysinfo->tdmr); + ret = ret ?: get_tdx_sys_info_cmr(&sysinfo->cmr); + + return ret; +} diff --git a/arch/x86/virt/vmx/tdx/tdx_global_metadata.h b/arch/x86/virt/vmx/tdx/tdx_global_metadata.h new file mode 100644 index 000000000000..fde370b855f1 --- /dev/null +++ b/arch/x86/virt/vmx/tdx/tdx_global_metadata.h @@ -0,0 +1,42 @@ +/* SPDX-License-Identifier: GPL-2.0 */ +/* Automatically generated TDX global metadata structures. */ +#ifndef _X86_VIRT_TDX_AUTO_GENERATED_TDX_GLOBAL_METADATA_H +#define _X86_VIRT_TDX_AUTO_GENERATED_TDX_GLOBAL_METADATA_H + +#include + +struct tdx_sys_info_version { + u32 build_date; + u16 build_num; + u16 minor_version; + u16 major_version; + u16 update_version; + u16 internal_version; +}; + +struct tdx_sys_info_features { + u64 tdx_features0; +}; + +struct tdx_sys_info_tdmr { + u16 max_tdmrs; + u16 max_reserved_per_tdmr; + u16 pamt_4k_entry_size; + u16 pamt_2m_entry_size; + u16 pamt_1g_entry_size; +}; + +struct tdx_sys_info_cmr { + u16 num_cmrs; + u64 cmr_base[32]; + u64 cmr_size[32]; +}; + +struct tdx_sys_info { + struct tdx_sys_info_version version; + struct tdx_sys_info_features features; + struct tdx_sys_info_tdmr tdmr; + struct tdx_sys_info_cmr cmr; +}; + +#endif From patchwork Mon Nov 11 10:39:40 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Huang, Kai" X-Patchwork-Id: 13870569 Received: from mgamail.intel.com (mgamail.intel.com [198.175.65.11]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 519ED17C7BD; Mon, 11 Nov 2024 10:40:28 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=198.175.65.11 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1731321629; cv=none; b=LSp7KL9qILJdQKo/2pn/7VEJ3GciS5snm0a7VAtMc3qZLUvwhf0/d3VghyYwOhAznykwTpl7IQZ6fdALjrPTJhyM4qfLHu6RZCjT6HA1UcQQB2yMUdUtEq9fiyjendTitMwMBDQTRLjCwjfSX5ICYbV8Q18B91ygMC0NbOxOyFA= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1731321629; c=relaxed/simple; bh=MiDuW3xv90eOoJn+KPKLwF+2gnSv91ApeTBM2COmSK8=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=olqzx9EfuQdgtkqi59NgKn/5+qYESZGGQ7DC0xuhrGr0ePUYVyDLBEoeuE7jXUUul0CuvXpYA5LMsJcCj5I/o/FSciBeQvHZrJ1V1kFvpoKjh7qW43+JwbALCMOjrzE4gAVwN2/+eGduh09khwz9ji/mgfRIwn4pSj8sUxo8IEs= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=intel.com; spf=pass smtp.mailfrom=intel.com; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b=Q8ssbYll; arc=none smtp.client-ip=198.175.65.11 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=intel.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=intel.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b="Q8ssbYll" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1731321629; x=1762857629; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=MiDuW3xv90eOoJn+KPKLwF+2gnSv91ApeTBM2COmSK8=; b=Q8ssbYllPTtEhnvFN3bUP+011iyvkLPPoIN5fR8Fxr0e4ObpWSLtYDmd ttNlPPX3s4sFJwSXxNt3AuZEsa8L0iFCip3YTGoMFp/8AkX/2jJiAZ9la rJWcXAz0Ts/eLgchvSwHP5onQe8mz9DfMPokxTcb84f8uwI/wU6CJ7Knp 26cBARHy8hQa+4n4tROPSyeij4TleMfRw5Fmf+5Ym9LCYVaSIS35bwTVA LHPswcPoeNRqj0cBjmPDXiZMQek/fuCFiUkyjT5n/j5ZvFu248jXRjsn+ hjxXb930RSoivNr3IJisFbu1mQzvfYAkyPrS3/aCmuYeNN16pogmixc89 Q==; X-CSE-ConnectionGUID: Vp6QI4hwRAqLV7sTsjQapw== X-CSE-MsgGUID: FOiJ/eTQTOGpwaMgiLDxIg== X-IronPort-AV: E=McAfee;i="6700,10204,11222"; a="41682674" X-IronPort-AV: E=Sophos;i="6.11,199,1725346800"; d="scan'208";a="41682674" Received: from orviesa002.jf.intel.com ([10.64.159.142]) by orvoesa103.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 11 Nov 2024 02:40:29 -0800 X-CSE-ConnectionGUID: 7xQ1lm3HQKWkpE2bHP46NQ== X-CSE-MsgGUID: wQi3sSrJQhOvMWejb3LA7A== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="6.12,144,1728975600"; d="scan'208";a="117667242" Received: from uaeoff-desk2.amr.corp.intel.com (HELO khuang2-desk.gar.corp.intel.com) ([10.124.223.207]) by orviesa002-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 11 Nov 2024 02:40:24 -0800 From: Kai Huang To: dave.hansen@intel.com, kirill.shutemov@linux.intel.com, tglx@linutronix.de, bp@alien8.de, peterz@infradead.org, mingo@redhat.com, hpa@zytor.com, dan.j.williams@intel.com, seanjc@google.com, pbonzini@redhat.com Cc: x86@kernel.org, linux-kernel@vger.kernel.org, kvm@vger.kernel.org, rick.p.edgecombe@intel.com, isaku.yamahata@intel.com, adrian.hunter@intel.com, nik.borisov@suse.com, kai.huang@intel.com Subject: [PATCH v7 04/10] x86/virt/tdx: Use dedicated struct members for PAMT entry sizes Date: Mon, 11 Nov 2024 23:39:40 +1300 Message-ID: <6ab90fd332bccdec7b64e5909cb4637732d6bb01.1731318868.git.kai.huang@intel.com> X-Mailer: git-send-email 2.46.2 In-Reply-To: References: Precedence: bulk X-Mailing-List: kvm@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Currently, the 'struct tdmr_sys_info_tdmr' which includes TDMR related fields defines the PAMT entry sizes for TDX supported page sizes (4KB, 2MB and 1GB) as an array: struct tdx_sys_info_tdmr { ... u16 pamt_entry_sizes[TDX_PS_NR]; }; PAMT entry sizes are needed when allocating PAMTs for each TDMR. Using the array to contain PAMT entry sizes reduces the number of arguments that need to be passed when calling tdmr_set_up_pamt(). It also makes the code pattern like below clearer: for (pgsz = TDX_PS_4K; pgsz < TDX_PS_NR; pgsz++) { pamt_size[pgsz] = tdmr_get_pamt_sz(tdmr, pgsz, pamt_entry_size[pgsz]); tdmr_pamt_size += pamt_size[pgsz]; } However, the auto-generated metadata reading code generates a structure member for each field. The 'global_metadata.json' has a dedicated field for each PAMT entry size, and the new 'struct tdx_sys_info_tdmr' looks like: struct tdx_sys_info_tdmr { ... u16 pamt_4k_entry_size; u16 pamt_2m_entry_size; u16 pamt_1g_entry_size; }; To prepare to use the auto-generated code, make the existing 'struct tdx_sys_info_tdmr' look like the generated one. But when passing to tdmrs_set_up_pamt_all(), build a local array of PAMT entry sizes from the structure so the code to allocate PAMTs can stay the same. Signed-off-by: Kai Huang Reviewed-by: Nikolay Borisov Reviewed-by: Dan Williams --- arch/x86/virt/vmx/tdx/tdx.c | 14 +++++++++----- arch/x86/virt/vmx/tdx/tdx.h | 4 +++- 2 files changed, 12 insertions(+), 6 deletions(-) diff --git a/arch/x86/virt/vmx/tdx/tdx.c b/arch/x86/virt/vmx/tdx/tdx.c index 7a2f979092e7..28537a6c47fc 100644 --- a/arch/x86/virt/vmx/tdx/tdx.c +++ b/arch/x86/virt/vmx/tdx/tdx.c @@ -304,9 +304,9 @@ struct field_mapping { static const struct field_mapping fields[] = { TD_SYSINFO_MAP(MAX_TDMRS, max_tdmrs), TD_SYSINFO_MAP(MAX_RESERVED_PER_TDMR, max_reserved_per_tdmr), - TD_SYSINFO_MAP(PAMT_4K_ENTRY_SIZE, pamt_entry_size[TDX_PS_4K]), - TD_SYSINFO_MAP(PAMT_2M_ENTRY_SIZE, pamt_entry_size[TDX_PS_2M]), - TD_SYSINFO_MAP(PAMT_1G_ENTRY_SIZE, pamt_entry_size[TDX_PS_1G]), + TD_SYSINFO_MAP(PAMT_4K_ENTRY_SIZE, pamt_4k_entry_size), + TD_SYSINFO_MAP(PAMT_2M_ENTRY_SIZE, pamt_2m_entry_size), + TD_SYSINFO_MAP(PAMT_1G_ENTRY_SIZE, pamt_1g_entry_size), }; static int get_tdx_sys_info_tdmr(struct tdx_sys_info_tdmr *sysinfo_tdmr) @@ -932,14 +932,18 @@ static int construct_tdmrs(struct list_head *tmb_list, struct tdmr_info_list *tdmr_list, struct tdx_sys_info_tdmr *sysinfo_tdmr) { + u16 pamt_entry_size[TDX_PS_NR] = { + sysinfo_tdmr->pamt_4k_entry_size, + sysinfo_tdmr->pamt_2m_entry_size, + sysinfo_tdmr->pamt_1g_entry_size, + }; int ret; ret = fill_out_tdmrs(tmb_list, tdmr_list); if (ret) return ret; - ret = tdmrs_set_up_pamt_all(tdmr_list, tmb_list, - sysinfo_tdmr->pamt_entry_size); + ret = tdmrs_set_up_pamt_all(tdmr_list, tmb_list, pamt_entry_size); if (ret) return ret; diff --git a/arch/x86/virt/vmx/tdx/tdx.h b/arch/x86/virt/vmx/tdx/tdx.h index 2600ec3752f5..ec879d54eb5c 100644 --- a/arch/x86/virt/vmx/tdx/tdx.h +++ b/arch/x86/virt/vmx/tdx/tdx.h @@ -84,7 +84,9 @@ struct tdmr_info { struct tdx_sys_info_tdmr { u16 max_tdmrs; u16 max_reserved_per_tdmr; - u16 pamt_entry_size[TDX_PS_NR]; + u16 pamt_4k_entry_size; + u16 pamt_2m_entry_size; + u16 pamt_1g_entry_size; }; /* Kernel used global metadata fields */ From patchwork Mon Nov 11 10:39:41 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Huang, Kai" X-Patchwork-Id: 13870570 Received: from mgamail.intel.com (mgamail.intel.com [198.175.65.11]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 377E419E7E0; Mon, 11 Nov 2024 10:40:32 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=198.175.65.11 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1731321633; cv=none; b=B/cWpp3Qy76AwdRQE4JN02XlW15AXC8uZD0Txtc6P4Ov8LFcaOlaYYUQ6lrVPgtkCq67D8gxFk7JYXgqE+CLWjRM6B4NfgQtwGuD6QwV4Jk0h9hSlavcs2fYLGg54A4Jjzciaz6eD//u8Df/FdN7xu1JNrssn8a0EEdp61sYTgQ= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1731321633; c=relaxed/simple; bh=l/tx6drXiAgelgHqBNwM3hv3iSO7tz9rpGpCDs4Ltsc=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=HYHlXK5I5oIiKJf1CuHrvuBzC3AcJGLl7q0GJkmI5QNxEC5B2jxIsaMvvmTk0R54BEUFgTfyUJYUgz2fvRFs2cVBfZ7yeRVKdJMj/FbTb7vqrOeOWpMRh8DbhUHz6SPD5KmaNpUwGB5qinalCcfUkQCnJVhSb1fHNDFrXUP1fH8= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=intel.com; spf=pass smtp.mailfrom=intel.com; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b=VqKTBahC; arc=none smtp.client-ip=198.175.65.11 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=intel.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=intel.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b="VqKTBahC" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1731321633; x=1762857633; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=l/tx6drXiAgelgHqBNwM3hv3iSO7tz9rpGpCDs4Ltsc=; b=VqKTBahCvnofaBi5/GEItgh/mUyaPIXPfh8nTH777GyBNckg7jAjDgQf sC0vAj5XJQRhr4EAP3Bi1rmZCCoYRGdggrKCFMNVjN+tBmHbtjucy+tTz p4lj++w1TgA4PkRQedXDgYanERUi6pbem8sK4Wcf0gLD0yaNzj/FDfnWQ HrAKrgWz8xnsJRPWUB9Zsw7IaKlvpgbXEKJ0psB2+zju9Qzcn0LP1iAKN MtLKT245/yVeTJVi+tkQCyXgilvFCVwY9UDkdFtLU4FwZZekK0/s6vAA3 77GRj7u4YgtVOwp+M7fFH0x1fPn6TReqWd2zPbuMtKD3RUyVGcOFmcQSy Q==; X-CSE-ConnectionGUID: pLHLFac7TzqloeIhAbVbpA== X-CSE-MsgGUID: A5mpHm2XS4anom5712Ud8Q== X-IronPort-AV: E=McAfee;i="6700,10204,11222"; a="41682685" X-IronPort-AV: E=Sophos;i="6.11,199,1725346800"; d="scan'208";a="41682685" Received: from orviesa002.jf.intel.com ([10.64.159.142]) by orvoesa103.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 11 Nov 2024 02:40:33 -0800 X-CSE-ConnectionGUID: OgUpB0wVQ2SR9+VPqqn6eQ== X-CSE-MsgGUID: 2icPPM8WRBuYG87YlPfnyQ== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="6.12,144,1728975600"; d="scan'208";a="117667411" Received: from uaeoff-desk2.amr.corp.intel.com (HELO khuang2-desk.gar.corp.intel.com) ([10.124.223.207]) by orviesa002-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 11 Nov 2024 02:40:28 -0800 From: Kai Huang To: dave.hansen@intel.com, kirill.shutemov@linux.intel.com, tglx@linutronix.de, bp@alien8.de, peterz@infradead.org, mingo@redhat.com, hpa@zytor.com, dan.j.williams@intel.com, seanjc@google.com, pbonzini@redhat.com Cc: x86@kernel.org, linux-kernel@vger.kernel.org, kvm@vger.kernel.org, rick.p.edgecombe@intel.com, isaku.yamahata@intel.com, adrian.hunter@intel.com, nik.borisov@suse.com, kai.huang@intel.com Subject: [PATCH v7 05/10] x86/virt/tdx: Add missing header file inclusion to local tdx.h Date: Mon, 11 Nov 2024 23:39:41 +1300 Message-ID: X-Mailer: git-send-email 2.46.2 In-Reply-To: References: Precedence: bulk X-Mailing-List: kvm@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Compiler attributes __packed and __aligned, and DECLARE_FLEX_ARRAY() are currently used in arch/x86/virt/vmx/tdx/tdx.h, but the relevant headers are not included explicitly. There's no build issue in the current code since this "tdx.h" is only included by arch/x86/virt/vmx/tdx/tdx.c and it includes bunch of other before including "tdx.h". But for the better explicitly include the relevant headers to "tdx.h". Also include for basic variable types like u16. Signed-off-by: Kai Huang Reviewed-by: Nikolay Borisov Reviewed-by: Dan Williams --- arch/x86/virt/vmx/tdx/tdx.h | 3 +++ 1 file changed, 3 insertions(+) diff --git a/arch/x86/virt/vmx/tdx/tdx.h b/arch/x86/virt/vmx/tdx/tdx.h index ec879d54eb5c..b1d705c3ab2a 100644 --- a/arch/x86/virt/vmx/tdx/tdx.h +++ b/arch/x86/virt/vmx/tdx/tdx.h @@ -2,6 +2,9 @@ #ifndef _X86_VIRT_TDX_H #define _X86_VIRT_TDX_H +#include +#include +#include #include /* From patchwork Mon Nov 11 10:39:42 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Huang, Kai" X-Patchwork-Id: 13870571 Received: from mgamail.intel.com (mgamail.intel.com [198.175.65.11]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id EE68D19E97B; Mon, 11 Nov 2024 10:40:35 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=198.175.65.11 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1731321637; cv=none; b=ZPfAaiBOTDddeHX+EpNmR/RfUsqqI2p5eipy0rE6M5eYvT6T6PxCAxstqYPZQYDEpqeGAzqZyA18ic82dWSDEvSvze/Jo2xacM+Y+7npScrWFpzuWiLx/BLdy+QUuBdQcqhLEGATo18GHYqdzzK6PWxl9NokdWFj2qhT3tkVjV8= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1731321637; c=relaxed/simple; bh=sZVhSxzA8SMiIDj3Do3YITjBswuCGDLqzgeSyO5HxQw=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=q0B02Kc0d00bVR1T2CsMBwdOlov1fiZulsoSZ/4kk0ENtv5u2O4HD3M9XofNfyhwVf6wONu5r1vTsbs02siwIDGqlwT6wC5V+VNDgT80LSLqlF9rEVS2MYg8JigR4D02FkubfNtSCvlUJyQn3sEa0DUWcNKtFrJGYlGWDpjaPgs= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=intel.com; spf=pass smtp.mailfrom=intel.com; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b=KFfG0+qo; arc=none smtp.client-ip=198.175.65.11 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=intel.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=intel.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b="KFfG0+qo" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1731321637; x=1762857637; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=sZVhSxzA8SMiIDj3Do3YITjBswuCGDLqzgeSyO5HxQw=; b=KFfG0+qorwcI3q7zs8SM0HRE6iDko883lf61yffOIExz515JvFYVbEbt jyUARcZS8gIpn+5gmTaTkcIA4aFZGp8Z7xyQ5eGgMxGJJ1TX74RDyz0bU xcRXDcJyd/zXAvfcKJb85OjxDUQ9kDtB3hK2ow4UGX8J4HsayvKbnJB9q HlW0e+Uk69tye4DGy5FgGsdvstTcC0ABHvC+Dn4upEePijMV/Au3w4irB nlDKcjkGfweONyBg49WOOqRXHsKyEZ5OPTrUesZfezdh+26shK1p712pq hpGony48DRHQlYn9SAHZyGzKUCWuHjE8hS3QMruVgx2HKBwvNTbt+sq82 w==; X-CSE-ConnectionGUID: CHj/6UCoQgWkbVgawCcJ0Q== X-CSE-MsgGUID: F9RoycdoSXWvjoKKCSb++A== X-IronPort-AV: E=McAfee;i="6700,10204,11222"; a="41682696" X-IronPort-AV: E=Sophos;i="6.11,199,1725346800"; d="scan'208";a="41682696" Received: from orviesa002.jf.intel.com ([10.64.159.142]) by orvoesa103.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 11 Nov 2024 02:40:36 -0800 X-CSE-ConnectionGUID: n21rhjUWTR67udJyV3TZFg== X-CSE-MsgGUID: I6JDnHdORE2jam7w4uqOLA== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="6.12,144,1728975600"; d="scan'208";a="117667509" Received: from uaeoff-desk2.amr.corp.intel.com (HELO khuang2-desk.gar.corp.intel.com) ([10.124.223.207]) by orviesa002-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 11 Nov 2024 02:40:32 -0800 From: Kai Huang To: dave.hansen@intel.com, kirill.shutemov@linux.intel.com, tglx@linutronix.de, bp@alien8.de, peterz@infradead.org, mingo@redhat.com, hpa@zytor.com, dan.j.williams@intel.com, seanjc@google.com, pbonzini@redhat.com Cc: x86@kernel.org, linux-kernel@vger.kernel.org, kvm@vger.kernel.org, rick.p.edgecombe@intel.com, isaku.yamahata@intel.com, adrian.hunter@intel.com, nik.borisov@suse.com, kai.huang@intel.com Subject: [PATCH v7 06/10] x86/virt/tdx: Switch to use auto-generated global metadata reading code Date: Mon, 11 Nov 2024 23:39:42 +1300 Message-ID: X-Mailer: git-send-email 2.46.2 In-Reply-To: References: Precedence: bulk X-Mailing-List: kvm@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Now the caller to read global metadata has been tweaked to be ready to use auto-generated metadata reading code. Switch to use it. Signed-off-by: Kai Huang Reviewed-by: Nikolay Borisov Reviewed-by: Dan Williams --- arch/x86/virt/vmx/tdx/tdx.c | 61 +------------------------------------ arch/x86/virt/vmx/tdx/tdx.h | 45 +-------------------------- 2 files changed, 2 insertions(+), 104 deletions(-) diff --git a/arch/x86/virt/vmx/tdx/tdx.c b/arch/x86/virt/vmx/tdx/tdx.c index 28537a6c47fc..43ec56db5084 100644 --- a/arch/x86/virt/vmx/tdx/tdx.c +++ b/arch/x86/virt/vmx/tdx/tdx.c @@ -270,66 +270,7 @@ static int read_sys_metadata_field(u64 field_id, u64 *data) return 0; } -static int read_sys_metadata_field16(u64 field_id, - int offset, - struct tdx_sys_info_tdmr *ts) -{ - u16 *ts_member = ((void *)ts) + offset; - u64 tmp; - int ret; - - if (WARN_ON_ONCE(MD_FIELD_ID_ELE_SIZE_CODE(field_id) != - MD_FIELD_ID_ELE_SIZE_16BIT)) - return -EINVAL; - - ret = read_sys_metadata_field(field_id, &tmp); - if (ret) - return ret; - - *ts_member = tmp; - - return 0; -} - -struct field_mapping { - u64 field_id; - int offset; -}; - -#define TD_SYSINFO_MAP(_field_id, _offset) \ - { .field_id = MD_FIELD_ID_##_field_id, \ - .offset = offsetof(struct tdx_sys_info_tdmr, _offset) } - -/* Map TD_SYSINFO fields into 'struct tdx_sys_info_tdmr': */ -static const struct field_mapping fields[] = { - TD_SYSINFO_MAP(MAX_TDMRS, max_tdmrs), - TD_SYSINFO_MAP(MAX_RESERVED_PER_TDMR, max_reserved_per_tdmr), - TD_SYSINFO_MAP(PAMT_4K_ENTRY_SIZE, pamt_4k_entry_size), - TD_SYSINFO_MAP(PAMT_2M_ENTRY_SIZE, pamt_2m_entry_size), - TD_SYSINFO_MAP(PAMT_1G_ENTRY_SIZE, pamt_1g_entry_size), -}; - -static int get_tdx_sys_info_tdmr(struct tdx_sys_info_tdmr *sysinfo_tdmr) -{ - int ret; - int i; - - /* Populate 'sysinfo_tdmr' fields using the mapping structure above: */ - for (i = 0; i < ARRAY_SIZE(fields); i++) { - ret = read_sys_metadata_field16(fields[i].field_id, - fields[i].offset, - sysinfo_tdmr); - if (ret) - return ret; - } - - return 0; -} - -static int get_tdx_sys_info(struct tdx_sys_info *sysinfo) -{ - return get_tdx_sys_info_tdmr(&sysinfo->tdmr); -} +#include "tdx_global_metadata.c" /* Calculate the actual TDMR size */ static int tdmr_size_single(u16 max_reserved_per_tdmr) diff --git a/arch/x86/virt/vmx/tdx/tdx.h b/arch/x86/virt/vmx/tdx/tdx.h index b1d705c3ab2a..0128b963b723 100644 --- a/arch/x86/virt/vmx/tdx/tdx.h +++ b/arch/x86/virt/vmx/tdx/tdx.h @@ -5,7 +5,7 @@ #include #include #include -#include +#include "tdx_global_metadata.h" /* * This file contains both macros and data structures defined by the TDX @@ -29,35 +29,6 @@ #define PT_NDA 0x0 #define PT_RSVD 0x1 -/* - * Global scope metadata field ID. - * - * See Table "Global Scope Metadata", TDX module 1.5 ABI spec. - */ -#define MD_FIELD_ID_MAX_TDMRS 0x9100000100000008ULL -#define MD_FIELD_ID_MAX_RESERVED_PER_TDMR 0x9100000100000009ULL -#define MD_FIELD_ID_PAMT_4K_ENTRY_SIZE 0x9100000100000010ULL -#define MD_FIELD_ID_PAMT_2M_ENTRY_SIZE 0x9100000100000011ULL -#define MD_FIELD_ID_PAMT_1G_ENTRY_SIZE 0x9100000100000012ULL - -/* - * Sub-field definition of metadata field ID. - * - * See Table "MD_FIELD_ID (Metadata Field Identifier / Sequence Header) - * Definition", TDX module 1.5 ABI spec. - * - * - Bit 33:32: ELEMENT_SIZE_CODE -- size of a single element of metadata - * - * 0: 8 bits - * 1: 16 bits - * 2: 32 bits - * 3: 64 bits - */ -#define MD_FIELD_ID_ELE_SIZE_CODE(_field_id) \ - (((_field_id) & GENMASK_ULL(33, 32)) >> 32) - -#define MD_FIELD_ID_ELE_SIZE_16BIT 1 - struct tdmr_reserved_area { u64 offset; u64 size; @@ -83,20 +54,6 @@ struct tdmr_info { DECLARE_FLEX_ARRAY(struct tdmr_reserved_area, reserved_areas); } __packed __aligned(TDMR_INFO_ALIGNMENT); -/* Class "TDMR info" */ -struct tdx_sys_info_tdmr { - u16 max_tdmrs; - u16 max_reserved_per_tdmr; - u16 pamt_4k_entry_size; - u16 pamt_2m_entry_size; - u16 pamt_1g_entry_size; -}; - -/* Kernel used global metadata fields */ -struct tdx_sys_info { - struct tdx_sys_info_tdmr tdmr; -}; - /* * Do not put any hardware-defined TDX structure representations below * this comment! From patchwork Mon Nov 11 10:39:43 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Huang, Kai" X-Patchwork-Id: 13870572 Received: from mgamail.intel.com (mgamail.intel.com [198.175.65.11]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id EA5B219F10A; Mon, 11 Nov 2024 10:40:39 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=198.175.65.11 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1731321641; cv=none; b=IpL83H69BtpoKvwEzijFNpn4q7s3ufM/oYmIzGBPSpPtZd0QK/f4G5S/6wBByKjAs36CWhLM8uJM/26RRWc3o6212Q9cCTI+fYgLufi6W2GXJIDFfmQn/8wStQ+J4TW5YP2QYWhU5Q1KaWHBwTPp88uMRdimwXYkiuFx3P+/6d4= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1731321641; c=relaxed/simple; bh=aZ8+f4GROkZqKaKg5wu8PQ8kGTjZHQoa0vIdMvSYgZU=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=oR6fvBjBdBrSHwwuugklFhfoMO4lp7LVrbRLr0BC58C+ZTN9eGHihYeTsYgWKHLIBIyOYj7Ypcj1xGDkum9kfDEB4t95L72mbsvYCNRHSgUjvb3MrLwgT+FbA03kXKHvgyYQcIKn2uLvMDQFjDHCSlkh2d6J1DgIKRi0LEai9yE= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=intel.com; spf=pass smtp.mailfrom=intel.com; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b=FeOE1+oe; arc=none smtp.client-ip=198.175.65.11 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=intel.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=intel.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b="FeOE1+oe" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1731321641; x=1762857641; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=aZ8+f4GROkZqKaKg5wu8PQ8kGTjZHQoa0vIdMvSYgZU=; b=FeOE1+oefrGUqr7E7Y4KUzC3HwNNg1On8BGSEhFmwrimZCyoTaPqJqmz IFylviw7EAO02XmwKuickhi5GcI0Kn+2pAX43HHfMif6dr7WyHu+u5hmM nHrx0mDIpgeavjG/fpEARtcZ/jkkfIXSshZwNyrg8fPcb+xXwm2CG4Frx c+EOGN2X/wEyr591qTrlCdVvb8NyFJWTre0UqmLfco2CxQFhOMABeeD8Q wvFc/RxLDC4JTTtHr0gLfJCgjopcliIdNR5t3JLT+shrxCRYKSbK4/2dc zMYH6n258xw3Ngnpz/tTCXoKybeYC4NvVUWYIvSXUpQy++090+AaiElRI A==; X-CSE-ConnectionGUID: OQM0cnwLSpekHPNVHZ9Kdw== X-CSE-MsgGUID: 4IlD9C3QSLO1xyMovugs8Q== X-IronPort-AV: E=McAfee;i="6700,10204,11222"; a="41682712" X-IronPort-AV: E=Sophos;i="6.11,199,1725346800"; d="scan'208";a="41682712" Received: from orviesa002.jf.intel.com ([10.64.159.142]) by orvoesa103.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 11 Nov 2024 02:40:40 -0800 X-CSE-ConnectionGUID: pK6plwuhS4WVakTI/nvndQ== X-CSE-MsgGUID: tWgoqvApTS+buOhb7UiBnw== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="6.12,144,1728975600"; d="scan'208";a="117667571" Received: from uaeoff-desk2.amr.corp.intel.com (HELO khuang2-desk.gar.corp.intel.com) ([10.124.223.207]) by orviesa002-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 11 Nov 2024 02:40:36 -0800 From: Kai Huang To: dave.hansen@intel.com, kirill.shutemov@linux.intel.com, tglx@linutronix.de, bp@alien8.de, peterz@infradead.org, mingo@redhat.com, hpa@zytor.com, dan.j.williams@intel.com, seanjc@google.com, pbonzini@redhat.com Cc: x86@kernel.org, linux-kernel@vger.kernel.org, kvm@vger.kernel.org, rick.p.edgecombe@intel.com, isaku.yamahata@intel.com, adrian.hunter@intel.com, nik.borisov@suse.com, kai.huang@intel.com Subject: [PATCH v7 07/10] x86/virt/tdx: Trim away tail null CMRs Date: Mon, 11 Nov 2024 23:39:43 +1300 Message-ID: X-Mailer: git-send-email 2.46.2 In-Reply-To: References: Precedence: bulk X-Mailing-List: kvm@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 TDX architecturally supports up to 32 CMRs. The global metadata field "NUM_CMRS" reports the number of CMR entries that can be read by the kernel. However, that field may just report the maximum number of CMRs albeit the actual number of CMRs is smaller, in which case there are tail null CMRs (size is 0). Trim away those null CMRs, and print valid CMRs since they are useful at least to developers. More information about CMR can be found at "Intel TDX ISA Background: Convertible Memory Ranges (CMRs)" in TDX 1.5 base spec [1], and "CMR_INFO" in TDX 1.5 ABI spec [2]. Now get_tdx_sys_info() just reads kernel-needed global metadata to kernel structure, and it is auto-generated. Add a wrapper function init_tdx_sys_info() to invoke get_tdx_sys_info() and provide room to do additional things like dealing with CMRs. Link: https://cdrdv2.intel.com/v1/dl/getContent/733575 [1] Link: https://cdrdv2.intel.com/v1/dl/getContent/733579 [2] Signed-off-by: Kai Huang Reviewed-by: Dan Williams Reviewed-by: Nikolay Borisov --- arch/x86/virt/vmx/tdx/tdx.c | 56 ++++++++++++++++++++++++++++++++++++- 1 file changed, 55 insertions(+), 1 deletion(-) diff --git a/arch/x86/virt/vmx/tdx/tdx.c b/arch/x86/virt/vmx/tdx/tdx.c index 43ec56db5084..e81bdcfc20bf 100644 --- a/arch/x86/virt/vmx/tdx/tdx.c +++ b/arch/x86/virt/vmx/tdx/tdx.c @@ -272,6 +272,60 @@ static int read_sys_metadata_field(u64 field_id, u64 *data) #include "tdx_global_metadata.c" +/* Update the @sysinfo_cmr->num_cmrs to trim tail null CMRs */ +static void trim_null_tail_cmrs(struct tdx_sys_info_cmr *sysinfo_cmr) +{ + int i; + + /* + * The TDX module may report the maximum number of CMRs that + * TDX architecturally supports as the actual number of CMRs, + * despite the latter is smaller. In this case some tail + * CMR(s) will be null (size is 0). Trim them away. + * + * Note the CMRs are generated by the BIOS, but the MCHECK + * verifies CMRs before enabling TDX on hardware. Skip other + * sanity checks (e.g., verify CMR is 4KB aligned) but trust + * MCHECK to work properly. + * + * The spec doesn't say whether it's legal to have null CMRs + * in the middle of valid CMRs. For now assume no sane BIOS + * would do that (even MCHECK allows). + */ + for (i = 0; i < sysinfo_cmr->num_cmrs; i++) + if (!sysinfo_cmr->cmr_size[i]) + break; + + sysinfo_cmr->num_cmrs = i; +} + +static void print_cmrs(struct tdx_sys_info_cmr *sysinfo_cmr) +{ + int i; + + for (i = 0; i < sysinfo_cmr->num_cmrs; i++) { + u64 cmr_base = sysinfo_cmr->cmr_base[i]; + u64 cmr_size = sysinfo_cmr->cmr_size[i]; + + pr_info("CMR[%d]: [0x%llx, 0x%llx)\n", i, cmr_base, + cmr_base + cmr_size); + } +} + +static int init_tdx_sys_info(struct tdx_sys_info *sysinfo) +{ + int ret; + + ret = get_tdx_sys_info(sysinfo); + if (ret) + return ret; + + trim_null_tail_cmrs(&sysinfo->cmr); + print_cmrs(&sysinfo->cmr); + + return 0; +} + /* Calculate the actual TDMR size */ static int tdmr_size_single(u16 max_reserved_per_tdmr) { @@ -1051,7 +1105,7 @@ static int init_tdx_module(void) struct tdx_sys_info sysinfo; int ret; - ret = get_tdx_sys_info(&sysinfo); + ret = init_tdx_sys_info(&sysinfo); if (ret) return ret; From patchwork Mon Nov 11 10:39:44 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Huang, Kai" X-Patchwork-Id: 13870573 Received: from mgamail.intel.com (mgamail.intel.com [198.175.65.11]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id BBEA419F422; Mon, 11 Nov 2024 10:40:43 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=198.175.65.11 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1731321645; cv=none; b=rQ4OOiwCZtlkLfNvkE7WHtstjEgb7PfPreRmh2i4QqtF/vn/UqF60ziFTGZZ/SeHIPrRLa2LwYIZL61QTqZDyj71gDDMspr2aiKuzGt9N22eTig2CXQbOandoVmoUlDDdjnR06tbZyc+ZW2X+52LnJXafdFlr+uEBDXiF5IzUvs= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1731321645; c=relaxed/simple; bh=IUC8GgE68aXhcFH7k045ajUd+NmIaRZy0nQ9IxUdvmA=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=VbDdkaZGL9k/ywLaUrl0wK7iv1sgzA3AIcrPvVvpBpYitCC2pDad+i0lapmWxNnUj8cc9YdHMC6QZOSQzH4XnCO2mYahO0tjgWSaKS4nmHUwtMzCN3FZxFqxkus5AUJmnCnZfqXBfvR3rqCOJYg1K9Rn9Xje7wtOxDybCacV4C4= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=intel.com; spf=pass smtp.mailfrom=intel.com; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b=G9wWuQ6V; arc=none smtp.client-ip=198.175.65.11 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=intel.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=intel.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b="G9wWuQ6V" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1731321644; x=1762857644; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=IUC8GgE68aXhcFH7k045ajUd+NmIaRZy0nQ9IxUdvmA=; b=G9wWuQ6VYgjd+1fo8m++B87clvxhsV4giJX3iZ7h6zJwLv73nwophp8k QW+7Azck2/QjywHp1Ldvkfa5g0S3up72CTm/h9ovZmu+ljXW9dQ49Qrxm O/RbbvYEAEMrEwYPUH7JeNcsX2XMVzn3fI2vjveuKz4ezEEQuklmpmg2X NflQSLLf3lpcun0+Y04I2fCbZs+ewFMlcsw9HFyu0h2vg1WaCaJet9iTa jWPxy0uIslfrTzoDAg0drGpPbjUpPpEuo21LdhCwZ1dEUywFe0XWGkBjR rwXChQ8mtoTBGvVYHiqvQFLcGp29H+P39Qh4dRLVYxJEQ+sU4g+svlp4I w==; X-CSE-ConnectionGUID: jfgVPXkOT2u5FaNZ/vG9SQ== X-CSE-MsgGUID: TJbQt7RqQ9CRJDYIpmue3w== X-IronPort-AV: E=McAfee;i="6700,10204,11222"; a="41682729" X-IronPort-AV: E=Sophos;i="6.11,199,1725346800"; d="scan'208";a="41682729" Received: from orviesa002.jf.intel.com ([10.64.159.142]) by orvoesa103.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 11 Nov 2024 02:40:44 -0800 X-CSE-ConnectionGUID: RNw6j1BXTsijzGyV3MXzHA== X-CSE-MsgGUID: h362xkbGRceI/56bKM0P+g== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="6.12,144,1728975600"; d="scan'208";a="117667622" Received: from uaeoff-desk2.amr.corp.intel.com (HELO khuang2-desk.gar.corp.intel.com) ([10.124.223.207]) by orviesa002-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 11 Nov 2024 02:40:40 -0800 From: Kai Huang To: dave.hansen@intel.com, kirill.shutemov@linux.intel.com, tglx@linutronix.de, bp@alien8.de, peterz@infradead.org, mingo@redhat.com, hpa@zytor.com, dan.j.williams@intel.com, seanjc@google.com, pbonzini@redhat.com Cc: x86@kernel.org, linux-kernel@vger.kernel.org, kvm@vger.kernel.org, rick.p.edgecombe@intel.com, isaku.yamahata@intel.com, adrian.hunter@intel.com, nik.borisov@suse.com, kai.huang@intel.com Subject: [PATCH v7 08/10] x86/virt/tdx: Reduce TDMR's reserved areas by using CMRs to find memory holes Date: Mon, 11 Nov 2024 23:39:44 +1300 Message-ID: X-Mailer: git-send-email 2.46.2 In-Reply-To: References: Precedence: bulk X-Mailing-List: kvm@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 A TDX module initialization failure was reported on a Emerald Rapids platform [*]: virt/tdx: initialization failed: TDMR [0x0, 0x80000000): reserved areas exhausted. virt/tdx: module initialization failed (-28) As part of initializing the TDX module, the kernel informs the TDX module of all "TDX-usable memory regions" using an array of TDX defined structure "TD Memory Region" (TDMR). Each TDMR must be in 1GB aligned and in 1GB granularity, and all "non-TDX-usable memory holes" within a given TDMR are marked as "reserved areas". The TDX module reports a maximum number of reserved areas that can be supported per TDMR (16). The kernel builds the "TDX-usable memory regions" based on memblocks (which reflects e820), and uses this list to find all "reserved areas" for each TDMR. It turns out that the kernel's view of memory holes is too fine grained and sometimes exceeds the number of holes that the TDX module can track per TDMR [1], resulting in the above failure. Thankfully the module also lists memory that is potentially convertible in a list of "Convertible Memory Regions" (CMRs). That coarser grained CMR list tends to track usable memory in the memory map even if it might be reserved for host usage like 'ACPI data' [2]. Use that list to relax what the kernel considers unusable memory. If it falls in a CMR no need to instantiate a hole, and rely on the fact that kernel will keep what it considers 'reserved' out of the page allocator. [1] BIOS-E820 table of the problematic platform: BIOS-e820: [mem 0x0000000000000000-0x000000000009efff] usable BIOS-e820: [mem 0x000000000009f000-0x00000000000fffff] reserved BIOS-e820: [mem 0x0000000000100000-0x000000005d168fff] usable BIOS-e820: [mem 0x000000005d169000-0x000000005d22afff] ACPI data BIOS-e820: [mem 0x000000005d22b000-0x000000005d3cefff] usable BIOS-e820: [mem 0x000000005d3cf000-0x000000005d469fff] reserved BIOS-e820: [mem 0x000000005d46a000-0x000000005e5b2fff] usable BIOS-e820: [mem 0x000000005e5b3000-0x000000005e5c2fff] reserved BIOS-e820: [mem 0x000000005e5c3000-0x000000005e5d2fff] usable BIOS-e820: [mem 0x000000005e5d3000-0x000000005e5e4fff] reserved BIOS-e820: [mem 0x000000005e5e5000-0x000000005eb57fff] usable BIOS-e820: [mem 0x000000005eb58000-0x0000000061357fff] ACPI NVS BIOS-e820: [mem 0x0000000061358000-0x000000006172afff] usable BIOS-e820: [mem 0x000000006172b000-0x0000000061794fff] ACPI data BIOS-e820: [mem 0x0000000061795000-0x00000000617fefff] usable BIOS-e820: [mem 0x00000000617ff000-0x0000000061912fff] ACPI data BIOS-e820: [mem 0x0000000061913000-0x0000000061998fff] usable BIOS-e820: [mem 0x0000000061999000-0x00000000619dffff] ACPI data BIOS-e820: [mem 0x00000000619e0000-0x00000000619e1fff] usable BIOS-e820: [mem 0x00000000619e2000-0x00000000619e9fff] reserved BIOS-e820: [mem 0x00000000619ea000-0x0000000061a26fff] usable BIOS-e820: [mem 0x0000000061a27000-0x0000000061baefff] ACPI data BIOS-e820: [mem 0x0000000061baf000-0x00000000623c2fff] usable BIOS-e820: [mem 0x00000000623c3000-0x0000000062471fff] reserved BIOS-e820: [mem 0x0000000062472000-0x0000000062823fff] usable BIOS-e820: [mem 0x0000000062824000-0x0000000063a24fff] reserved BIOS-e820: [mem 0x0000000063a25000-0x0000000063d57fff] usable BIOS-e820: [mem 0x0000000063d58000-0x0000000064157fff] reserved BIOS-e820: [mem 0x0000000064158000-0x0000000064158fff] usable BIOS-e820: [mem 0x0000000064159000-0x0000000064194fff] reserved BIOS-e820: [mem 0x0000000064195000-0x000000006e9cefff] usable BIOS-e820: [mem 0x000000006e9cf000-0x000000006eccefff] reserved BIOS-e820: [mem 0x000000006eccf000-0x000000006f6fefff] ACPI NVS BIOS-e820: [mem 0x000000006f6ff000-0x000000006f7fefff] ACPI data BIOS-e820: [mem 0x000000006f7ff000-0x000000006f7fffff] usable BIOS-e820: [mem 0x000000006f800000-0x000000008fffffff] reserved ...... [2] Convertible Memory Regions of the problematic platform: virt/tdx: CMR: [0x100000, 0x6f800000) virt/tdx: CMR: [0x100000000, 0x107a000000) virt/tdx: CMR: [0x1080000000, 0x207c000000) virt/tdx: CMR: [0x2080000000, 0x307c000000) virt/tdx: CMR: [0x3080000000, 0x407c000000) Link: https://github.com/canonical/tdx/issues/135 [*] Fixes: dde3b60d572c ("x86/virt/tdx: Designate reserved areas for all TDMRs") Signed-off-by: Kai Huang Reviewed-by: Dan Williams --- arch/x86/virt/vmx/tdx/tdx.c | 33 +++++++++++++++++---------------- 1 file changed, 17 insertions(+), 16 deletions(-) diff --git a/arch/x86/virt/vmx/tdx/tdx.c b/arch/x86/virt/vmx/tdx/tdx.c index e81bdcfc20bf..9acb12c75e9b 100644 --- a/arch/x86/virt/vmx/tdx/tdx.c +++ b/arch/x86/virt/vmx/tdx/tdx.c @@ -747,29 +747,28 @@ static int tdmr_add_rsvd_area(struct tdmr_info *tdmr, int *p_idx, u64 addr, } /* - * Go through @tmb_list to find holes between memory areas. If any of + * Go through all CMRs in @sysinfo_cmr to find memory holes. If any of * those holes fall within @tdmr, set up a TDMR reserved area to cover * the hole. */ -static int tdmr_populate_rsvd_holes(struct list_head *tmb_list, +static int tdmr_populate_rsvd_holes(struct tdx_sys_info_cmr *sysinfo_cmr, struct tdmr_info *tdmr, int *rsvd_idx, u16 max_reserved_per_tdmr) { - struct tdx_memblock *tmb; u64 prev_end; - int ret; + int i, ret; /* * Start looking for reserved blocks at the * beginning of the TDMR. */ prev_end = tdmr->base; - list_for_each_entry(tmb, tmb_list, list) { + for (i = 0; i < sysinfo_cmr->num_cmrs; i++) { u64 start, end; - start = PFN_PHYS(tmb->start_pfn); - end = PFN_PHYS(tmb->end_pfn); + start = sysinfo_cmr->cmr_base[i]; + end = start + sysinfo_cmr->cmr_size[i]; /* Break if this region is after the TDMR */ if (start >= tdmr_end(tdmr)) @@ -870,16 +869,16 @@ static int rsvd_area_cmp_func(const void *a, const void *b) /* * Populate reserved areas for the given @tdmr, including memory holes - * (via @tmb_list) and PAMTs (via @tdmr_list). + * (via @sysinfo_cmr) and PAMTs (via @tdmr_list). */ static int tdmr_populate_rsvd_areas(struct tdmr_info *tdmr, - struct list_head *tmb_list, + struct tdx_sys_info_cmr *sysinfo_cmr, struct tdmr_info_list *tdmr_list, u16 max_reserved_per_tdmr) { int ret, rsvd_idx = 0; - ret = tdmr_populate_rsvd_holes(tmb_list, tdmr, &rsvd_idx, + ret = tdmr_populate_rsvd_holes(sysinfo_cmr, tdmr, &rsvd_idx, max_reserved_per_tdmr); if (ret) return ret; @@ -898,10 +897,10 @@ static int tdmr_populate_rsvd_areas(struct tdmr_info *tdmr, /* * Populate reserved areas for all TDMRs in @tdmr_list, including memory - * holes (via @tmb_list) and PAMTs. + * holes (via @sysinfo_cmr) and PAMTs. */ static int tdmrs_populate_rsvd_areas_all(struct tdmr_info_list *tdmr_list, - struct list_head *tmb_list, + struct tdx_sys_info_cmr *sysinfo_cmr, u16 max_reserved_per_tdmr) { int i; @@ -910,7 +909,7 @@ static int tdmrs_populate_rsvd_areas_all(struct tdmr_info_list *tdmr_list, int ret; ret = tdmr_populate_rsvd_areas(tdmr_entry(tdmr_list, i), - tmb_list, tdmr_list, max_reserved_per_tdmr); + sysinfo_cmr, tdmr_list, max_reserved_per_tdmr); if (ret) return ret; } @@ -925,7 +924,8 @@ static int tdmrs_populate_rsvd_areas_all(struct tdmr_info_list *tdmr_list, */ static int construct_tdmrs(struct list_head *tmb_list, struct tdmr_info_list *tdmr_list, - struct tdx_sys_info_tdmr *sysinfo_tdmr) + struct tdx_sys_info_tdmr *sysinfo_tdmr, + struct tdx_sys_info_cmr *sysinfo_cmr) { u16 pamt_entry_size[TDX_PS_NR] = { sysinfo_tdmr->pamt_4k_entry_size, @@ -942,7 +942,7 @@ static int construct_tdmrs(struct list_head *tmb_list, if (ret) return ret; - ret = tdmrs_populate_rsvd_areas_all(tdmr_list, tmb_list, + ret = tdmrs_populate_rsvd_areas_all(tdmr_list, sysinfo_cmr, sysinfo_tdmr->max_reserved_per_tdmr); if (ret) tdmrs_free_pamt_all(tdmr_list); @@ -1131,7 +1131,8 @@ static int init_tdx_module(void) goto err_free_tdxmem; /* Cover all TDX-usable memory regions in TDMRs */ - ret = construct_tdmrs(&tdx_memlist, &tdx_tdmr_list, &sysinfo.tdmr); + ret = construct_tdmrs(&tdx_memlist, &tdx_tdmr_list, &sysinfo.tdmr, + &sysinfo.cmr); if (ret) goto err_free_tdmrs; From patchwork Mon Nov 11 10:39:45 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Huang, Kai" X-Patchwork-Id: 13870574 Received: from mgamail.intel.com (mgamail.intel.com [198.175.65.16]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 35C1219AD5C; Mon, 11 Nov 2024 10:40:54 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=198.175.65.16 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1731321655; cv=none; b=GOVmZ3ED9hOyQE96fmD0Rpjn6GQaqLrV6WSetpDuE6TGYUz99oUppXwNSFeCPUno8coz9Kqhn+BSBOq7ve4K/x0ffjcvwdgIt+GAFH+aW0priOyy3rJeLiofHB8XUgULJkNcSiwFEz6mb2bEYWf2/IJwMX8hv1kmu/VnOB5izmg= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1731321655; c=relaxed/simple; bh=QB6yVNsKPLPtF1p+makyEiGWRa8RHUWYNJibIIfK57c=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=hhHQlQWXS29qQtsov0YPUKb9ZXNV057CL3AIt9YXYWDacralxRNv+vZ04lHNCdjTkyGXl65lzijq5nn7BiMgmEfRxGVKgdDSFfTA5CGFRnMY7T8J8uCR2CcP/4AeK5PriQXqx9AlOJiPmEk8vRW95muP6Y+6AfC4u6FJi57WvD8= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=intel.com; spf=pass smtp.mailfrom=intel.com; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b=Apw+yThv; arc=none smtp.client-ip=198.175.65.16 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=intel.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=intel.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b="Apw+yThv" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1731321654; x=1762857654; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=QB6yVNsKPLPtF1p+makyEiGWRa8RHUWYNJibIIfK57c=; b=Apw+yThvKMs2+8cdQmmPL3rLGFtxKHGTGCxWQPGZp3HvzhXDrixGQnFU NUolAARXdCSPNxIECQqUlvDzi0hF+M4T0XJPmmyg+AiUiN7DsahqBBTR4 KOYfQcxcj0nEzlHGHhR0Wqb193kokqeqP7DgsTPTsw74kgZ76I82KUIIE CpMfbq3xVWSEJAlMDB3LPLPpfGrA1Wbum991EHlJygPmcX3UIwLyRR7Iy fDYbaOi6AWXWFDJiXcLp2Xi4nAqrGo58b1+A6xIvxridO398RoQqxxZlH 7XBbVt7fOy3tWP1M7Kfn6dFcR1EAmNeymh0ZOdmCUyaZUNK6lKIE9mTfN g==; X-CSE-ConnectionGUID: sKVMxs3VTWyHqiOJgdaeGQ== X-CSE-MsgGUID: toD/xpV5SvSsSPOxA3/oFQ== X-IronPort-AV: E=McAfee;i="6700,10204,11222"; a="31281430" X-IronPort-AV: E=Sophos;i="6.11,199,1725346800"; d="scan'208";a="31281430" Received: from orviesa002.jf.intel.com ([10.64.159.142]) by orvoesa108.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 11 Nov 2024 02:40:54 -0800 X-CSE-ConnectionGUID: cljPQjXlREKKLKgGNobagw== X-CSE-MsgGUID: npNIOfjjTMSbhi8iC8mhJw== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="6.12,144,1728975600"; d="scan'208";a="117667650" Received: from uaeoff-desk2.amr.corp.intel.com (HELO khuang2-desk.gar.corp.intel.com) ([10.124.223.207]) by orviesa002-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 11 Nov 2024 02:40:44 -0800 From: Kai Huang To: dave.hansen@intel.com, kirill.shutemov@linux.intel.com, tglx@linutronix.de, bp@alien8.de, peterz@infradead.org, mingo@redhat.com, hpa@zytor.com, dan.j.williams@intel.com, seanjc@google.com, pbonzini@redhat.com Cc: x86@kernel.org, linux-kernel@vger.kernel.org, kvm@vger.kernel.org, rick.p.edgecombe@intel.com, isaku.yamahata@intel.com, adrian.hunter@intel.com, nik.borisov@suse.com, kai.huang@intel.com Subject: [PATCH v7 09/10] x86/virt/tdx: Require the module to assert it has the NO_RBP_MOD mitigation Date: Mon, 11 Nov 2024 23:39:45 +1300 Message-ID: X-Mailer: git-send-email 2.46.2 In-Reply-To: References: Precedence: bulk X-Mailing-List: kvm@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Old TDX modules can clobber RBP in the TDH.VP.ENTER SEAMCALL. However RBP is used as frame pointer in the x86_64 calling convention, and clobbering RBP could result in bad things like being unable to unwind the stack if any non-maskable exceptions (NMI, #MC etc) happens in that gap. A new "NO_RBP_MOD" feature was introduced to more recent TDX modules to not clobber RBP. This feature is reported in the TDX_FEATURES0 global metadata field via bit 18. Don't initialize the TDX module if this feature is not supported [1]. Note the bit definitions of TDX_FEATURES0 are not auto-generated in tdx_global_metadata.h. Manually define a macro for it in "tdx.h". Link: https://lore.kernel.org/fc0e8ab7-86d4-4428-be31-82e1ece6dd21@intel.com/ [1] Signed-off-by: Kai Huang Reviewed-by: Nikolay Borisov Reviewed-by: Adrian Hunter Reviewed-by: Dan Williams --- arch/x86/virt/vmx/tdx/tdx.c | 17 +++++++++++++++++ arch/x86/virt/vmx/tdx/tdx.h | 4 ++++ 2 files changed, 21 insertions(+) diff --git a/arch/x86/virt/vmx/tdx/tdx.c b/arch/x86/virt/vmx/tdx/tdx.c index 9acb12c75e9b..9bc827a6cee8 100644 --- a/arch/x86/virt/vmx/tdx/tdx.c +++ b/arch/x86/virt/vmx/tdx/tdx.c @@ -326,6 +326,18 @@ static int init_tdx_sys_info(struct tdx_sys_info *sysinfo) return 0; } +static int check_features(struct tdx_sys_info *sysinfo) +{ + u64 tdx_features0 = sysinfo->features.tdx_features0; + + if (!(tdx_features0 & TDX_FEATURES0_NO_RBP_MOD)) { + pr_err("frame pointer (RBP) clobber bug present, upgrade TDX module\n"); + return -EINVAL; + } + + return 0; +} + /* Calculate the actual TDMR size */ static int tdmr_size_single(u16 max_reserved_per_tdmr) { @@ -1109,6 +1121,11 @@ static int init_tdx_module(void) if (ret) return ret; + /* Check whether the kernel can support this module */ + ret = check_features(&sysinfo); + if (ret) + return ret; + /* * To keep things simple, assume that all TDX-protected memory * will come from the page allocator. Make sure all pages in the diff --git a/arch/x86/virt/vmx/tdx/tdx.h b/arch/x86/virt/vmx/tdx/tdx.h index 0128b963b723..c8be00f6b15a 100644 --- a/arch/x86/virt/vmx/tdx/tdx.h +++ b/arch/x86/virt/vmx/tdx/tdx.h @@ -5,6 +5,7 @@ #include #include #include +#include #include "tdx_global_metadata.h" /* @@ -54,6 +55,9 @@ struct tdmr_info { DECLARE_FLEX_ARRAY(struct tdmr_reserved_area, reserved_areas); } __packed __aligned(TDMR_INFO_ALIGNMENT); +/* Bit definitions of TDX_FEATURES0 metadata field */ +#define TDX_FEATURES0_NO_RBP_MOD BIT(18) + /* * Do not put any hardware-defined TDX structure representations below * this comment! From patchwork Mon Nov 11 10:39:46 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Huang, Kai" X-Patchwork-Id: 13870575 Received: from mgamail.intel.com (mgamail.intel.com [198.175.65.16]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id C37DB1A0AF2; Mon, 11 Nov 2024 10:40:55 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=198.175.65.16 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1731321657; cv=none; b=LZMUlJRmKHt6JIdwI+HXm2z3OOiI6awjbztsrwfOOU/xQQIKXSEZLUVJ7yV7H6bbpKZYvl9NPtE3mIkZ27JNCUXMS5VDcn8F1yryZYT1ZbAcpVwqU6oclp/9gNFYUz5A9hX2gt38uRycOuG4eDq9dxLPhrob2Evu6BGI6IWO2ho= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1731321657; c=relaxed/simple; bh=WO0HYHGIIhSoO9GM+qLdMUDgHdtywJaoeUvB2JKTsDU=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=KerZ7IGfRvOTLZV8T42XRvSXfKI5cA1rEfZF/Bj68SnPAMvepwmaNrX/VAmY25sS9CdH5ve+7/gfOFT4nVANvyRIqGPIEs3J6kal3G4/dhjcl17BGBXgOEgSjiRTAMs7DZjgRYnlOa4HdT062LZySNByk3wXQS5jI2zzGffaZyU= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=intel.com; spf=pass smtp.mailfrom=intel.com; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b=QYzQQb/+; arc=none smtp.client-ip=198.175.65.16 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=intel.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=intel.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b="QYzQQb/+" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1731321656; x=1762857656; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=WO0HYHGIIhSoO9GM+qLdMUDgHdtywJaoeUvB2JKTsDU=; b=QYzQQb/+GXGI6anVV28j2K290lV4MV+EqPTLEYeqeHSPdA3mE0uZW6Mw DAqmdOOdxYv5U2SUpD2bhteQ32fgYlHeW1l0onFDnWjXLgf3vZ3WQelgF aedA5Saa1gINPeuvWRuf2D3ieayWHaMqmSPn/BseozfWpf8R+sCsSFBnN NlZiqd4todEusxWfAQQEVufAJgItX+eoa1pM8HdcrpHnchOOEHxhCjF48 1b1RaggMw/ZMr4FnloODdE7+WXZuWbhFj7zRsh/EYK5bIV9a673JAkxp6 E8XJA6nB4aOkyCiYVCUll8sG5G6eP0u7p2ibrECszu03ktdgPIe8dKZxd w==; X-CSE-ConnectionGUID: rRz1mqcaTDqLMzj5ZiRXvg== X-CSE-MsgGUID: JN7il901SkGiEDguWi0m1A== X-IronPort-AV: E=McAfee;i="6700,10204,11222"; a="31281445" X-IronPort-AV: E=Sophos;i="6.11,199,1725346800"; d="scan'208";a="31281445" Received: from orviesa002.jf.intel.com ([10.64.159.142]) by orvoesa108.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 11 Nov 2024 02:40:54 -0800 X-CSE-ConnectionGUID: OcNNUBwmQ4yr/dVU8S0xmQ== X-CSE-MsgGUID: 8+L7Bm+ERdiuGObakp2fMA== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="6.12,144,1728975600"; d="scan'208";a="117667684" Received: from uaeoff-desk2.amr.corp.intel.com (HELO khuang2-desk.gar.corp.intel.com) ([10.124.223.207]) by orviesa002-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 11 Nov 2024 02:40:48 -0800 From: Kai Huang To: dave.hansen@intel.com, kirill.shutemov@linux.intel.com, tglx@linutronix.de, bp@alien8.de, peterz@infradead.org, mingo@redhat.com, hpa@zytor.com, dan.j.williams@intel.com, seanjc@google.com, pbonzini@redhat.com Cc: x86@kernel.org, linux-kernel@vger.kernel.org, kvm@vger.kernel.org, rick.p.edgecombe@intel.com, isaku.yamahata@intel.com, adrian.hunter@intel.com, nik.borisov@suse.com, kai.huang@intel.com Subject: [PATCH v7 10/10] x86/virt/tdx: Print TDX module version Date: Mon, 11 Nov 2024 23:39:46 +1300 Message-ID: <6b5553756f56a8e3222bfc36d0bdb3e5192137b7.1731318868.git.kai.huang@intel.com> X-Mailer: git-send-email 2.46.2 In-Reply-To: References: Precedence: bulk X-Mailing-List: kvm@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Currently the kernel doesn't print any TDX module version information. In practice such information is useful, especially to the developers. For instance: 1) When something goes wrong around using TDX, the module version is normally the first information the users want to know [1]. 2) The users want to quickly know module version to see whether the loaded module is the expected one. Dump TDX module version. The actual dmesg will look like: virt/tdx: module version: 1.5.00.00.0481 (build_date 20230323). And dump right after reading global metadata, so that this information is printed no matter whether module initialization fails or not. Link: https://lore.kernel.org/4b3adb59-50ea-419e-ad02-e19e8ca20dee@intel.com/ [1] Signed-off-by: Kai Huang Reviewed-by: Dan Williams --- arch/x86/virt/vmx/tdx/tdx.c | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) diff --git a/arch/x86/virt/vmx/tdx/tdx.c b/arch/x86/virt/vmx/tdx/tdx.c index 9bc827a6cee8..6982e100536d 100644 --- a/arch/x86/virt/vmx/tdx/tdx.c +++ b/arch/x86/virt/vmx/tdx/tdx.c @@ -312,6 +312,23 @@ static void print_cmrs(struct tdx_sys_info_cmr *sysinfo_cmr) } } +static void print_module_version(struct tdx_sys_info_version *version) +{ + /* + * TDX module version encoding: + * + * .... + * + * When printed as text, and are 1-digit, + * and are 2-digits and + * is 4-digits. + */ + pr_info("module version: %u.%u.%02u.%02u.%04u (build_date %u).\n", + version->major_version, version->minor_version, + version->update_version, version->internal_version, + version->build_num, version->build_date); +} + static int init_tdx_sys_info(struct tdx_sys_info *sysinfo) { int ret; @@ -322,6 +339,7 @@ static int init_tdx_sys_info(struct tdx_sys_info *sysinfo) trim_null_tail_cmrs(&sysinfo->cmr); print_cmrs(&sysinfo->cmr); + print_module_version(&sysinfo->version); return 0; }