Received: by 2002:a05:6a10:eb17:0:0:0:0 with SMTP id hx23csp666022pxb; Fri, 3 Sep 2021 10:30:35 -0700 (PDT) X-Google-Smtp-Source: ABdhPJzVNodfkoPxxUvsxPCMv6PmK/A/N/ZJoeYfXvEmoJF9HfHmaeOX81pvdpOQBhb2+nOqwod+ X-Received: by 2002:a6b:7710:: with SMTP id n16mr44195iom.101.1630690235270; Fri, 03 Sep 2021 10:30:35 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1630690235; cv=none; d=google.com; s=arc-20160816; b=0c6+e00yVc3al1ksgealbB/4iLCPIcDzw/IEq07PTATIm/kNRoUTEhjPmUu8B4pacy gEjTEDz/GB26uVG8YVV4vBBkR/e+maGj46UDMqYLDHNWAPZP/c1AUnJa2/wPFPqMTUyR fcUiemu/xdD1ayNKHnQbbC0rRtJVVFwT1JnMAWHbyuLiJokQWYDTv/62H+2gpSGFfPsm liTbLI8xpD6HnAqXMYDv7+p3TuHeyIATSJR8cjijkgURfDUs4FK4GcNmJzlEggf0soXs XXQLl6UHZ/WGgwXxJ3RWbJPnGobz5S8iecm6DUV3zsK7eX+ILkgbnVFJphEX6ufoAWnM k/cg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from; bh=ms2fYMmKlT58ZSgUSP51B8qK9tbMTaonnwfZOl99j8c=; b=ccTy6J4fxHazUBaM396T38dl2GsoQsj6SXlhPtvI1L+Ek6u01sVF5uGJ+lfAucpkJL DGH83ZoqtUDAs6HJPh4Du4aL/4MJt797cVbEv6wPRNQmzteSAW7G8U1NeKKS6t4g51Qz 2IZHJjW5PKYX3JGLsaVFg4TPNQF24aht0U4I7hLjZ+EAvIW7de/KKc6sihLhLRzqWwqp FupUNoRZPR9FqMYoTt1mTDtOl2dGPr45MWhLy3Ri/oJCVdL/YMntRN2EgUq4YOA/x0LO fPR6H8Gk5DhVmxVn/3VSFNfaWtyebi9BmiH3WdL/EPv5exdZMJyMIhkg6KSoqL5q+brA mkow== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id 6si7584983ilx.104.2021.09.03.10.30.22; Fri, 03 Sep 2021 10:30:35 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1350285AbhICR3m (ORCPT + 99 others); Fri, 3 Sep 2021 13:29:42 -0400 Received: from mga01.intel.com ([192.55.52.88]:33543 "EHLO mga01.intel.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1350264AbhICR3d (ORCPT ); Fri, 3 Sep 2021 13:29:33 -0400 X-IronPort-AV: E=McAfee;i="6200,9189,10096"; a="241760105" X-IronPort-AV: E=Sophos;i="5.85,265,1624345200"; d="scan'208";a="241760105" Received: from fmsmga003.fm.intel.com ([10.253.24.29]) by fmsmga101.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 03 Sep 2021 10:28:32 -0700 X-IronPort-AV: E=Sophos;i="5.85,265,1624345200"; d="scan'208";a="534222286" Received: from dlinsen-mobl.amr.corp.intel.com (HELO skuppusw-desk1.amr.corp.intel.com) ([10.254.56.172]) by fmsmga003-auth.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 03 Sep 2021 10:28:31 -0700 From: Kuppuswamy Sathyanarayanan To: Thomas Gleixner , Ingo Molnar , Borislav Petkov , x86@kernel.org, Paolo Bonzini , Juergen Gross , Deep Shah , VMware Inc , Vitaly Kuznetsov , Wanpeng Li , Jim Mattson , Joerg Roedel Cc: Peter H Anvin , Dave Hansen , Tony Luck , Dan Williams , Andi Kleen , Kirill Shutemov , Sean Christopherson , Kuppuswamy Sathyanarayanan , linux-kernel@vger.kernel.org Subject: [PATCH v6 10/11] x86/tdx: Don't write CSTAR MSR on Intel Date: Fri, 3 Sep 2021 10:28:11 -0700 Message-Id: <20210903172812.1097643-11-sathyanarayanan.kuppuswamy@linux.intel.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20210903172812.1097643-1-sathyanarayanan.kuppuswamy@linux.intel.com> References: <20210903172812.1097643-1-sathyanarayanan.kuppuswamy@linux.intel.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org From: Andi Kleen On Intel CPUs writing the CSTAR MSR is not really needed. Syscalls from 32bit work using SYSENTER and 32bit SYSCALL is an illegal opcode. But the kernel did write it anyways even though it was ignored by the CPU. Inside a TDX guest this actually leads to a #VE which in turn will trigger ve_raise_fault() due to failed MSR write. Inside ve_raise_fault() before it recovers from this error, it prints an ugly message at boot. Since such warning message is pointless for CSTAR MSR write failure, add exception to skip CSTAR msr write on Intel CPUs. Signed-off-by: Andi Kleen --- Changes since v5: * Fixed commit log as per review comments. arch/x86/kernel/cpu/common.c | 11 +++++++++-- 1 file changed, 9 insertions(+), 2 deletions(-) diff --git a/arch/x86/kernel/cpu/common.c b/arch/x86/kernel/cpu/common.c index 64b805bd6a54..d936f0e4ec51 100644 --- a/arch/x86/kernel/cpu/common.c +++ b/arch/x86/kernel/cpu/common.c @@ -1752,7 +1752,13 @@ void syscall_init(void) wrmsrl(MSR_LSTAR, (unsigned long)entry_SYSCALL_64); #ifdef CONFIG_IA32_EMULATION - wrmsrl(MSR_CSTAR, (unsigned long)entry_SYSCALL_compat); + /* + * CSTAR is not needed on Intel because it doesn't support + * 32bit SYSCALL, but only SYSENTER. On a TDX guest + * it leads to a #GP. + */ + if (boot_cpu_data.x86_vendor != X86_VENDOR_INTEL) + wrmsrl(MSR_CSTAR, (unsigned long)entry_SYSCALL_compat); /* * This only works on Intel CPUs. * On AMD CPUs these MSRs are 32-bit, CPU truncates MSR_IA32_SYSENTER_EIP. @@ -1764,7 +1770,8 @@ void syscall_init(void) (unsigned long)(cpu_entry_stack(smp_processor_id()) + 1)); wrmsrl_safe(MSR_IA32_SYSENTER_EIP, (u64)entry_SYSENTER_compat); #else - wrmsrl(MSR_CSTAR, (unsigned long)ignore_sysret); + if (boot_cpu_data.x86_vendor != X86_VENDOR_INTEL) + wrmsrl(MSR_CSTAR, (unsigned long)ignore_sysret); wrmsrl_safe(MSR_IA32_SYSENTER_CS, (u64)GDT_ENTRY_INVALID_SEG); wrmsrl_safe(MSR_IA32_SYSENTER_ESP, 0ULL); wrmsrl_safe(MSR_IA32_SYSENTER_EIP, 0ULL); -- 2.25.1