Received: by 2002:a05:6520:2586:b029:fa:41f3:c225 with SMTP id u6csp27222lky; Wed, 9 Jun 2021 14:53:16 -0700 (PDT) X-Google-Smtp-Source: ABdhPJywhJHMaemrtDb65yTKDzGOW9M+SWyF1onNfQI44FGiNFTOid8DeaogifH5lIqd0KXCcVPM X-Received: by 2002:a17:906:c2d6:: with SMTP id ch22mr1656307ejb.227.1623275596503; Wed, 09 Jun 2021 14:53:16 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1623275596; cv=none; d=google.com; s=arc-20160816; b=DSgIxc66tUpp0ukgNhSVpyU4cxdPj8IayqpqIk5vWiuOcolfdoZDlGc5mpfbskUzYg cQaGxpv9xa98cZHTLgR9zQzml8hl9N51OGnAUYvnxJwCxJWpl4zzDseXb2AJTmYj6J4z IC7eMKJbxNCeLSH2NbLu7eoygGkdaDDHnyn1fT/4EBUIDShhxKfoDB7DpjCBgYNaPXZv O8qgWiTCww9SBfh5wyrNXCFoWVZhtG6rrVHc8yaubFJdGh+fuLG7sHVVF+VNzKTGMsYt kNoY1ADL0xEKJiVP1yL1PZqCbFOT9zpfSLg4owqMqOOXnjqOtHOJUnSivhBdiDci7jRb bSgA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :message-id:date:subject:cc:to:from:ironport-sdr:ironport-sdr; bh=MlhAMXabneyQowl2uVDomlwIW/j41kgqXjxZEjNxrmk=; b=K159WLB8FHjKd9sFCSZ614fdpZs5Uk3bz+mpEHoamVrnv4rjBEU8Vr2nHTaJyiPlPN Ilm+gLG3ckA7oyCBMtXEaIODMEmcJL56KR4GO6crp9xiZ8bQf1P2WFqC/4NoKnOgE49e /Hzf37VKvYtzJ2x/fyo7zSxQ8fIHzfJPU5ldlASoSf0P5OyEsH0ocsZ9lQUYjlsruLqs FVK/VMLiIa/FUxh6Mrp3ZI/QswkkHvDS2s9yNd32F8uaxKHzqgH2WvwIWYeO3yklpidG 7PCDCa8Ixk8vlYtzYJRAfEiNRehJ891KNAOS7UUGz1cnaNkoizAnKFmmDeOzWFwk64TT pGLA== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id b8si667543edy.432.2021.06.09.14.52.53; Wed, 09 Jun 2021 14:53:16 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229715AbhFIVxC (ORCPT + 99 others); Wed, 9 Jun 2021 17:53:02 -0400 Received: from mga03.intel.com ([134.134.136.65]:1471 "EHLO mga03.intel.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229535AbhFIVxB (ORCPT ); Wed, 9 Jun 2021 17:53:01 -0400 IronPort-SDR: OsXVNpRSdfrejsDEAyZSgkM0SdHMXtkQa+zn0ShZM9nlxVpkYX7dn0tE/GK+Miwz+FtAGatBl2 tmlRHqN9IGfw== X-IronPort-AV: E=McAfee;i="6200,9189,10010"; a="205207598" X-IronPort-AV: E=Sophos;i="5.83,261,1616482800"; d="scan'208";a="205207598" Received: from orsmga001.jf.intel.com ([10.7.209.18]) by orsmga103.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 09 Jun 2021 14:51:05 -0700 IronPort-SDR: uT5jtL7f4VmrzRISlENRz/OUlJtMQEK0Q4G318WSpMHyt5YoY0lZR2cjuPCQtH8fVNzdDkaiG0 tujgEaRSINeQ== X-IronPort-AV: E=Sophos;i="5.83,261,1616482800"; d="scan'208";a="482553385" Received: from qwang4-mobl1.ccr.corp.intel.com (HELO skuppusw-desk1.amr.corp.intel.com) ([10.254.35.228]) by orsmga001-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 09 Jun 2021 14:51:04 -0700 From: Kuppuswamy Sathyanarayanan To: Thomas Gleixner , Ingo Molnar , Borislav Petkov , Peter Zijlstra , Andy Lutomirski Cc: Peter H Anvin , Dave Hansen , Tony Luck , Dan Williams , Andi Kleen , Kirill Shutemov , Sean Christopherson , Kuppuswamy Sathyanarayanan , x86@kernel.org, linux-kernel@vger.kernel.org Subject: [PATCH v1 0/5] Add TDX Guest Support (boot fixes) Date: Wed, 9 Jun 2021 14:50:42 -0700 Message-Id: <20210609215047.1955866-1-sathyanarayanan.kuppuswamy@linux.intel.com> X-Mailer: git-send-email 2.25.1 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Hi All, Intel's Trust Domain Extensions (TDX) protect guest VMs from malicious hosts and some physical attacks. This series adds boot code support and some additional fixes required for successful boot of TDX guest. This series is the continuation of the patch series titled "Add TDX Guest Support (Initial support)" and "Add TDX Guest Support (#VE handler support )", which added initial support and #VE handler support for TDX guests. You can find the related patchsets in the following links. https://lore.kernel.org/patchwork/project/lkml/list/?series=502143 https://lore.kernel.org/patchwork/project/lkml/list/?series=503701 Also please note that this series alone is not necessarily fully functional. You can find TDX related documents in the following link. https://software.intel.com/content/www/br/pt/develop/articles/intel-trust-domain-extensions.html Kuppuswamy Sathyanarayanan (2): x86/topology: Disable CPU online/offline control for TDX guest x86: Skip WBINVD instruction for VM guest Sean Christopherson (3): x86/boot: Add a trampoline for APs booting in 64-bit mode x86/boot: Avoid #VE during boot for TDX platforms x86/tdx: Forcefully disable legacy PIC for TDX guests arch/x86/boot/compressed/head_64.S | 16 +++++-- arch/x86/boot/compressed/pgtable.h | 2 +- arch/x86/include/asm/acenv.h | 7 ++- arch/x86/include/asm/realmode.h | 11 +++++ arch/x86/kernel/head_64.S | 20 +++++++- arch/x86/kernel/smpboot.c | 2 +- arch/x86/kernel/tdx.c | 17 +++++++ arch/x86/kernel/topology.c | 3 +- arch/x86/realmode/rm/header.S | 1 + arch/x86/realmode/rm/trampoline_64.S | 59 ++++++++++++++++++++++-- arch/x86/realmode/rm/trampoline_common.S | 12 ++++- 11 files changed, 136 insertions(+), 14 deletions(-) -- 2.25.1