Received: by 2002:a05:6a10:206:0:0:0:0 with SMTP id 6csp1405086pxj; Fri, 21 May 2021 13:27:24 -0700 (PDT) X-Google-Smtp-Source: ABdhPJxZzBtm1hybaCoGwA/b4Al/EdOepIIoE8YpR0MFnM0ntp4aV9/DRY/TcD7jjpFQo9QoNXBv X-Received: by 2002:a05:6e02:490:: with SMTP id b16mr670265ils.213.1621628844614; Fri, 21 May 2021 13:27:24 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1621628844; cv=none; d=google.com; s=arc-20160816; b=P5sXBDiEbb1I+x93yVSDSJsBGVOuZfaUyp8zw0Ujag4HCzgll1L/mxEdRi5711VuU9 tK2A/x9StcRJtow9sH/FICEcfrUMO2mLa7BBGHIRmtcWbLKNS90OMJ4x15KfeW7z6s12 h0lzmadsn1i3N0cGc7ErhjpPRd8bXLurqkFVbm239csIdy8NJ0lP4Fi6738prui0dplO sQ/c1JclAa0pJF/gXLLPsQadCO7hHfAZdFgzpat8fjUNOChvptWFh3zQJmvwa8BnA5z7 Q3BOkz3xmnJqpCt626d6VYeMSDgOI5RDv+Xbf7DhdbLEx4Q6nxT7uqbIjEAee1vAWBwy 9Vsg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:content-language :in-reply-to:mime-version:user-agent:date:message-id:from:references :cc:to:subject:ironport-sdr:ironport-sdr; bh=Ce5YPoTdcTuobTJFiKU+tOW5LQNINHTI4MU259rC9J0=; b=iXumGceKcl1EYK4MzlmdyjbKRFOK5+j6WB6R2Wq0LGProGE+7m0K7OgFmv00hj+k/f +ULJHRwS4vU5u1XemfJ6y/BOd/GzhJhd62YSSTUd1wdMNEVaaZ7Ya7etGpMVzTusBr7f CTxslhlp+l7dJTHJpy+Rne3AALbggm6AEGoVkUuCa3jKZkyPNwiD9WHMsb3TMocpGXnn Hpoi8yAAuJTbecGF1oGdqTFYQUrcD0Grxft3l47cJ1WWxgPZKmBuzsUTUHNjyPJQBFk4 63N8R/iUk18o3DTyn9vb/HnjMx0FAgGNHLd+OD4INNxiQvd3okpMIxYJWg2HhNgxFU2g eSlA== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id f7si6139041jat.71.2021.05.21.13.27.11; Fri, 21 May 2021 13:27:24 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S234661AbhEUSrE (ORCPT + 99 others); Fri, 21 May 2021 14:47:04 -0400 Received: from mga18.intel.com ([134.134.136.126]:48945 "EHLO mga18.intel.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230475AbhEUSrD (ORCPT ); Fri, 21 May 2021 14:47:03 -0400 IronPort-SDR: EMNIrF9KjjvYBBB7VPsJgSBwbF2hV21Cez5vQxBJ1P/87TBzfJydmdR0XQz6bbi3JSo6pNIhHk qstQo3GcOWpg== X-IronPort-AV: E=McAfee;i="6200,9189,9991"; a="188945231" X-IronPort-AV: E=Sophos;i="5.82,319,1613462400"; d="scan'208";a="188945231" Received: from fmsmga008.fm.intel.com ([10.253.24.58]) by orsmga106.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 21 May 2021 11:45:38 -0700 IronPort-SDR: zYtKor2tIH9weos2UI9ud325LLu8UaEUYPQjPmBo7Xw8lJTZjyB/HzMlPCrQE5mN1uIH7sMu8k 57wpSyhcfCMQ== X-IronPort-AV: E=Sophos;i="5.82,319,1613462400"; d="scan'208";a="441197292" Received: from orxpovpvmu02.amr.corp.intel.com (HELO skuppusw-mobl5.amr.corp.intel.com) ([10.213.181.51]) by fmsmga008-auth.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 21 May 2021 11:45:38 -0700 Subject: Re: [RFC v2-fix 1/1] x86/traps: Add #VE support for TDX guest To: Peter Zijlstra , Andy Lutomirski , Dave Hansen Cc: Tony Luck , Andi Kleen , Kirill Shutemov , Kuppuswamy Sathyanarayanan , Dan Williams , Raj Ashok , Sean Christopherson , linux-kernel@vger.kernel.org, Sean Christopherson References: <20210518000957.257869-1-sathyanarayanan.kuppuswamy@linux.intel.com> From: "Kuppuswamy, Sathyanarayanan" Message-ID: <3573599f-56bc-f21e-7a7e-0d441ab9d68e@linux.intel.com> Date: Fri, 21 May 2021 11:45:35 -0700 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101 Thunderbird/78.8.1 MIME-Version: 1.0 In-Reply-To: <20210518000957.257869-1-sathyanarayanan.kuppuswamy@linux.intel.com> Content-Type: text/plain; charset=utf-8; format=flowed Content-Language: en-US Content-Transfer-Encoding: 8bit Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Hi Dave, On 5/17/21 5:09 PM, Kuppuswamy Sathyanarayanan wrote: > From: "Kirill A. Shutemov" > > Virtualization Exceptions (#VE) are delivered to TDX guests due to > specific guest actions which may happen in either user space or the kernel: > >  * Specific instructions (WBINVD, for example) >  * Specific MSR accesses >  * Specific CPUID leaf accesses >  * Access to TD-shared memory, which includes MMIO > > In the settings that Linux will run in, virtual exceptions are never > generated on accesses to normal, TD-private memory that has been > accepted. > > The entry paths do not access TD-shared memory, MMIO regions or use > those specific MSRs, instructions, CPUID leaves that might generate #VE. > In addition, all interrupts including NMIs are blocked by the hardware > starting with #VE delivery until TDGETVEINFO is called.  This eliminates > the chance of a #VE during the syscall gap or paranoid entry paths and > simplifies #VE handling. > > After TDGETVEINFO #VE could happen in theory (e.g. through an NMI), > although we don't expect it to happen because we don't expect NMIs to > trigger #VEs. Another case where they could happen is if the #VE > exception panics, but in this case there are no guarantees on anything > anyways. > > If a guest kernel action which would normally cause a #VE occurs in the > interrupt-disabled region before TDGETVEINFO, a #DF is delivered to the > guest which will result in an oops (and should eventually be a panic, as > we would like to set panic_on_oops to 1 for TDX guests). > > Add basic infrastructure to handle any #VE which occurs in the kernel or > userspace.  Later patches will add handling for specific #VE scenarios. > > Convert unhandled #VE's (everything, until later in this series) so that > they appear just like a #GP by calling ve_raise_fault() directly. > ve_raise_fault() is similar to #GP handler and is responsible for > sending SIGSEGV to userspace and cpu die and notifying debuggers and > other die chain users. > > Co-developed-by: Sean Christopherson > Signed-off-by: Sean Christopherson > Signed-off-by: Kirill A. Shutemov > Reviewed-by: Andi Kleen > Signed-off-by: Kuppuswamy Sathyanarayanan > --- You have any other comments on this patch? If not, can you reply with your Reviewed-by tag? -- Sathyanarayanan Kuppuswamy Linux Kernel Developer