Received: by 2002:a05:6a10:d5a5:0:0:0:0 with SMTP id gn37csp4185229pxb; Mon, 4 Oct 2021 19:55:49 -0700 (PDT) X-Google-Smtp-Source: ABdhPJwunmmcjjkgKjJMY8UICZ5Mp+l7eOaM4AuI2y+nljwPb8m/1H+nLE2b4YWkvaO7+Mt/B414 X-Received: by 2002:a17:906:681:: with SMTP id u1mr21254324ejb.499.1633402548805; Mon, 04 Oct 2021 19:55:48 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1633402548; cv=none; d=google.com; s=arc-20160816; b=XBAkUCq5D7gxr+/SaDuRZ2ey0wGTKhcCaOzJsIusBfK3k34dSf6MbK7CYgu4sSZrg/ 2wrA4FiHEojB4Y8GOPIrTY6RCD9UvfwcDi/Fbl7dTawv/QfepsB+y8FVUVjcyyyl4G36 p8BpBMz5HObGrFvX2OOdR57ympZws1AEErJp38ksUcyy3gnvjE2FIMByOjcva304E21y TghPX94M50iV1j6GfQcM09z/F+tD+qCgyiirnLYrX+DJF5yrROjN+q1UGx0A38H7sK5r Rt6z4dHoC9K0qeV/4XXoKbB60o9lZ4+scY7a+vJ+KMxWq9BJch0mEBfVs10wUH6ayxyj yrpw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from; bh=kGdbb9MiuohtPBjpMLgB+T9WP+bQD2rO22e5V4y8lP0=; b=BOi3uN5ZaAF20p+Wxg7f2ZbwS7eOpYQBk7msuvPjF/5NkuAx0mM7+T0orI4CPObg0T FQ5bT67PPltgdp5ZyoDX0kJjmU5EnC0FnPukfbZbZ61rUSYqPCL5zSl0G4/rRUAcubCW Kq2aCgCFoz7PYESgRp0qzYdX/cCfQpSW/W1eKMHi4hDnufycHJbSATkzDeh1ghZolL/d DkwyRS7aM8VBZ/Gsi9Pf1uhVpJU3B59ThpuIwt2h8lNhG2dCxv11LzGFFSnsReej0kvZ BhYXlblMzqY6efIxE7NjQDCxvAm0V1KYAVor0Psg95TiINVkRnEn61cEBaFeyKDun44P HPQw== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id dt16si27450137ejc.762.2021.10.04.19.55.25; Mon, 04 Oct 2021 19:55:48 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232193AbhJECym (ORCPT + 99 others); Mon, 4 Oct 2021 22:54:42 -0400 Received: from mga01.intel.com ([192.55.52.88]:43315 "EHLO mga01.intel.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231552AbhJECyX (ORCPT ); Mon, 4 Oct 2021 22:54:23 -0400 X-IronPort-AV: E=McAfee;i="6200,9189,10127"; a="248894665" X-IronPort-AV: E=Sophos;i="5.85,347,1624345200"; d="scan'208";a="248894665" Received: from fmsmga007.fm.intel.com ([10.253.24.52]) by fmsmga101.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 04 Oct 2021 19:52:33 -0700 X-IronPort-AV: E=Sophos;i="5.85,347,1624345200"; d="scan'208";a="483409137" Received: from asaini1-mobl1.amr.corp.intel.com (HELO skuppusw-desk1.amr.corp.intel.com) ([10.251.138.96]) by fmsmga007-auth.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 04 Oct 2021 19:52:32 -0700 From: Kuppuswamy Sathyanarayanan To: Thomas Gleixner , Ingo Molnar , Borislav Petkov , x86@kernel.org, Paolo Bonzini , David Hildenbrand , Andrea Arcangeli , Josh Poimboeuf , Juergen Gross , Deep Shah , VMware Inc , Vitaly Kuznetsov , Wanpeng Li , Jim Mattson , Joerg Roedel Cc: Peter H Anvin , Dave Hansen , Tony Luck , Dan Williams , Andi Kleen , Kirill Shutemov , Sean Christopherson , Kuppuswamy Sathyanarayanan , linux-kernel@vger.kernel.org Subject: [PATCH v8 10/11] x86/tdx: Don't write CSTAR MSR on Intel Date: Mon, 4 Oct 2021 19:52:04 -0700 Message-Id: <20211005025205.1784480-11-sathyanarayanan.kuppuswamy@linux.intel.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20211005025205.1784480-1-sathyanarayanan.kuppuswamy@linux.intel.com> References: <20211005025205.1784480-1-sathyanarayanan.kuppuswamy@linux.intel.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org From: Andi Kleen On Intel CPUs writing the CSTAR MSR is not really needed. Syscalls from 32bit work using SYSENTER and 32bit SYSCALL is an illegal opcode. But the kernel did write it anyways even though it was ignored by the CPU. Inside a TDX guest this actually leads to a #VE which in turn will trigger ve_raise_fault() due to failed MSR write. Inside ve_raise_fault() before it recovers from this error, it prints an ugly message at boot. Since such warning message is pointless for CSTAR MSR write failure, add exception to skip CSTAR msr write on Intel CPUs. Signed-off-by: Andi Kleen --- Changes since v7: * None. Changes since v6: * None. Changes since v5: * Fixed commit log as per review comments. arch/x86/kernel/cpu/common.c | 11 +++++++++-- 1 file changed, 9 insertions(+), 2 deletions(-) diff --git a/arch/x86/kernel/cpu/common.c b/arch/x86/kernel/cpu/common.c index 0f8885949e8c..fd10f1044157 100644 --- a/arch/x86/kernel/cpu/common.c +++ b/arch/x86/kernel/cpu/common.c @@ -1758,7 +1758,13 @@ void syscall_init(void) wrmsrl(MSR_LSTAR, (unsigned long)entry_SYSCALL_64); #ifdef CONFIG_IA32_EMULATION - wrmsrl(MSR_CSTAR, (unsigned long)entry_SYSCALL_compat); + /* + * CSTAR is not needed on Intel because it doesn't support + * 32bit SYSCALL, but only SYSENTER. On a TDX guest + * it leads to a #GP. + */ + if (boot_cpu_data.x86_vendor != X86_VENDOR_INTEL) + wrmsrl(MSR_CSTAR, (unsigned long)entry_SYSCALL_compat); /* * This only works on Intel CPUs. * On AMD CPUs these MSRs are 32-bit, CPU truncates MSR_IA32_SYSENTER_EIP. @@ -1770,7 +1776,8 @@ void syscall_init(void) (unsigned long)(cpu_entry_stack(smp_processor_id()) + 1)); wrmsrl_safe(MSR_IA32_SYSENTER_EIP, (u64)entry_SYSENTER_compat); #else - wrmsrl(MSR_CSTAR, (unsigned long)ignore_sysret); + if (boot_cpu_data.x86_vendor != X86_VENDOR_INTEL) + wrmsrl(MSR_CSTAR, (unsigned long)ignore_sysret); wrmsrl_safe(MSR_IA32_SYSENTER_CS, (u64)GDT_ENTRY_INVALID_SEG); wrmsrl_safe(MSR_IA32_SYSENTER_ESP, 0ULL); wrmsrl_safe(MSR_IA32_SYSENTER_EIP, 0ULL); -- 2.25.1