Received: by 2002:a05:6a10:206:0:0:0:0 with SMTP id 6csp227163pxj; Wed, 26 May 2021 21:26:18 -0700 (PDT) X-Google-Smtp-Source: ABdhPJzwuUVREmRdb3jQqSeq/dA1XBX7hvCbKw7gcCo9MAt/yfZldro6DQ5+GNZpVP/xTToGu2v+ X-Received: by 2002:a05:6602:2e82:: with SMTP id m2mr1276954iow.190.1622089578089; Wed, 26 May 2021 21:26:18 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1622089578; cv=none; d=google.com; s=arc-20160816; b=xECsJzDEIrDrDOeQLED1ZDb0JSIk2/6K9a/er2feooSXpC2JWlsHtcL6HPKbvF9yIW vwRLjzdo7exJpnkKqvJOuyuwofbhs96Sxu6Nw6FXJIWcNF7NKeHSYK+GjZG2vgvlZcU4 nVBuukFr866LnZ3mJBkjIJCM02LLdRE52b2dmdpm5DP0hGOVanBgvkNPgRhkuq9daAhv h5IjY7HvBVHa5G+8S4ZTYeopihOkOg2X91i9DVbTb8S2uavor+JiEK8u4XYYtvgqQfyp U0YfTZ0cuEvbQo2f/YnevRv9u+m1LiVIymeLo3sRsYaoXHkwp801JbhdTBLw2/M5K43P Tj/A== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :ironport-sdr:ironport-sdr; bh=W5fhfP0BLkKpr78LfRAqZuo4G773XATo5Ees0bYnnEU=; b=QkqGsJZx6IB/ZfrsPSOfGGUOzi6f3eGKL/TUoilvRiLni69K6SIZ09k6QzUdLtQIa2 YgNo2nXsNaF49HXNkZ9+tg+vaSHV/th0VrUGR6aNal4e+GMXAMfZrET27n1OHt2hjxpt SdBP/jmdKoGUqtUUGn7tplOR0aBYHCicZJkt5f+2EfvKonDrB80nFSbDpjwt7v+43mIU t3kuI0YSDnDwa44VcNqA/yhv/QplMXkfVzneg0oEGupTijFXPBa87eE3vd9r7qo9GBh2 sqeieJjEqoafgcbvTDr7grHe06QGZWY+3ZBTZFN0rclRlZBR4SqXpl2k+QpOALjAxDRh JrjQ== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id 10si1090189ill.111.2021.05.26.21.26.04; Wed, 26 May 2021 21:26:18 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229872AbhE0EZ5 (ORCPT + 99 others); Thu, 27 May 2021 00:25:57 -0400 Received: from mga17.intel.com ([192.55.52.151]:56123 "EHLO mga17.intel.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229746AbhE0EZr (ORCPT ); Thu, 27 May 2021 00:25:47 -0400 IronPort-SDR: +eSYvFUtvzTJIQkRIHuXWXSTmjidRttxKXc7f9dG5DhRI3DnLfUzhJjtQ3uZNTLMEgk07IKqOB yrdPUfm6ts4w== X-IronPort-AV: E=McAfee;i="6200,9189,9996"; a="182979646" X-IronPort-AV: E=Sophos;i="5.82,333,1613462400"; d="scan'208";a="182979646" Received: from fmsmga002.fm.intel.com ([10.253.24.26]) by fmsmga107.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 26 May 2021 21:24:14 -0700 IronPort-SDR: zKVaPURvm/X0WU5Mnhex0fTF/SE4TKGkCpsX0sFV3gPsSMspcZUZgTACU8qwNVKfeGjjUxcOOW dBWC6T04u03g== X-IronPort-AV: E=Sophos;i="5.82,333,1613462400"; d="scan'208";a="480391410" Received: from skgangad-mobl.amr.corp.intel.com (HELO skuppusw-desk1.amr.corp.intel.com) ([10.254.33.45]) by fmsmga002-auth.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 26 May 2021 21:24:12 -0700 From: Kuppuswamy Sathyanarayanan To: Peter Zijlstra , Andy Lutomirski , Dave Hansen , Tony Luck , Dan Williams Cc: Andi Kleen , Kirill Shutemov , Kuppuswamy Sathyanarayanan , Raj Ashok , Sean Christopherson , Kuppuswamy Sathyanarayanan , linux-kernel@vger.kernel.org Subject: [RFC v2-fix-v1 1/3] tdx: Introduce generic protected_guest abstraction Date: Wed, 26 May 2021 21:23:54 -0700 Message-Id: <20210527042356.3983284-2-sathyanarayanan.kuppuswamy@linux.intel.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20210527042356.3983284-1-sathyanarayanan.kuppuswamy@linux.intel.com> References: <20210527042356.3983284-1-sathyanarayanan.kuppuswamy@linux.intel.com> MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Add a generic way to check if we run with an encrypted guest, without requiring x86 specific ifdefs. This can then be used in non architecture specific code.  is_protected_guest() helper function can be implemented using arch specific CPU feature flags. protected_guest_has() is used to check for protected guest feature flags. Originally-by: Andi Kleen Signed-off-by: Kuppuswamy Sathyanarayanan --- arch/Kconfig | 3 +++ arch/x86/Kconfig | 1 + arch/x86/include/asm/protected_guest.h | 24 ++++++++++++++++++++++++ arch/x86/include/asm/tdx.h | 7 +++++++ arch/x86/kernel/tdx.c | 18 ++++++++++++++++++ include/linux/protected_guest.h | 23 +++++++++++++++++++++++ 6 files changed, 76 insertions(+) create mode 100644 arch/x86/include/asm/protected_guest.h create mode 100644 include/linux/protected_guest.h diff --git a/arch/Kconfig b/arch/Kconfig index ecfd3520b676..98c30312555b 100644 --- a/arch/Kconfig +++ b/arch/Kconfig @@ -956,6 +956,9 @@ config HAVE_ARCH_NVRAM_OPS config ISA_BUS_API def_bool ISA +config ARCH_HAS_PROTECTED_GUEST + bool + # # ABI hall of shame # diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig index 15e66a99dd41..fc588a64d1a0 100644 --- a/arch/x86/Kconfig +++ b/arch/x86/Kconfig @@ -878,6 +878,7 @@ config INTEL_TDX_GUEST select PARAVIRT_XL select X86_X2APIC select SECURITY_LOCKDOWN_LSM + select ARCH_HAS_PROTECTED_GUEST help Provide support for running in a trusted domain on Intel processors equipped with Trusted Domain eXtenstions. TDX is a new Intel diff --git a/arch/x86/include/asm/protected_guest.h b/arch/x86/include/asm/protected_guest.h new file mode 100644 index 000000000000..b2838e58ce94 --- /dev/null +++ b/arch/x86/include/asm/protected_guest.h @@ -0,0 +1,24 @@ +/* SPDX-License-Identifier: GPL-2.0 */ +/* Copyright (C) 2020 Intel Corporation */ +#ifndef _ASM_PROTECTED_GUEST +#define _ASM_PROTECTED_GUEST 1 + +#include +#include + +/* Only include through linux/protected_guest.h */ + +static inline bool is_protected_guest(void) +{ + return boot_cpu_has(X86_FEATURE_TDX_GUEST); +} + +static inline bool protected_guest_has(unsigned long flag) +{ + if (boot_cpu_has(X86_FEATURE_TDX_GUEST)) + return tdx_protected_guest_has(flag); + + return false; +} + +#endif diff --git a/arch/x86/include/asm/tdx.h b/arch/x86/include/asm/tdx.h index 597a3e1663d7..53f844200909 100644 --- a/arch/x86/include/asm/tdx.h +++ b/arch/x86/include/asm/tdx.h @@ -71,6 +71,8 @@ u64 __tdx_module_call(u64 fn, u64 rcx, u64 rdx, u64 r8, u64 r9, u64 __tdx_hypercall(u64 fn, u64 r12, u64 r13, u64 r14, u64 r15, struct tdx_hypercall_output *out); +bool tdx_protected_guest_has(unsigned long flag); + #else // !CONFIG_INTEL_TDX_GUEST static inline bool is_tdx_guest(void) @@ -80,6 +82,11 @@ static inline bool is_tdx_guest(void) static inline void tdx_early_init(void) { }; +static inline bool tdx_protected_guest_has(unsigned long flag) +{ + return false; +} + #endif /* CONFIG_INTEL_TDX_GUEST */ #ifdef CONFIG_INTEL_TDX_GUEST_KVM diff --git a/arch/x86/kernel/tdx.c b/arch/x86/kernel/tdx.c index 17725646eb30..858e7f3d8f36 100644 --- a/arch/x86/kernel/tdx.c +++ b/arch/x86/kernel/tdx.c @@ -7,6 +7,7 @@ #include #include +#include /* TDX Module call Leaf IDs */ #define TDINFO 1 @@ -75,6 +76,23 @@ bool is_tdx_guest(void) } EXPORT_SYMBOL_GPL(is_tdx_guest); +bool tdx_protected_guest_has(unsigned long flag) +{ + if (!is_tdx_guest()) + return false; + + switch (flag) { + case VM_MEM_ENCRYPT: + case VM_MEM_ENCRYPT_ACTIVE: + case VM_UNROLL_STRING_IO: + case VM_HOST_MEM_ENCRYPT: + return true; + } + + return false; +} +EXPORT_SYMBOL_GPL(tdx_protected_guest_has); + static void tdg_get_info(void) { u64 ret; diff --git a/include/linux/protected_guest.h b/include/linux/protected_guest.h new file mode 100644 index 000000000000..f362eea39bd8 --- /dev/null +++ b/include/linux/protected_guest.h @@ -0,0 +1,23 @@ +/* SPDX-License-Identifier: GPL-2.0-only */ +#ifndef _LINUX_PROTECTED_GUEST_H +#define _LINUX_PROTECTED_GUEST_H 1 + +/* Protected Guest Feature Flags (leave 0-0xff for arch specific flags) */ + +/* Support for guest encryption */ +#define VM_MEM_ENCRYPT 0x100 +/* Encryption support is active */ +#define VM_MEM_ENCRYPT_ACTIVE 0x101 +/* Support for unrolled string IO */ +#define VM_UNROLL_STRING_IO 0x102 +/* Support for host memory encryption */ +#define VM_HOST_MEM_ENCRYPT 0x103 + +#ifdef CONFIG_ARCH_HAS_PROTECTED_GUEST +#include +#else +static inline bool is_protected_guest(void) { return false; } +static inline bool protected_guest_has(unsigned long flag) { return false; } +#endif + +#endif -- 2.25.1