Received: by 2002:a05:6a10:af89:0:0:0:0 with SMTP id iu9csp3525547pxb; Mon, 24 Jan 2022 11:24:22 -0800 (PST) X-Google-Smtp-Source: ABdhPJzovhnl2YBXahs3mzp6NO4VG/jANFoohKumgMApDVvATGdmmpcucn8Xv0DwVsDlSNazR7W8 X-Received: by 2002:a62:78d3:0:b0:4bb:cbd7:c556 with SMTP id t202-20020a6278d3000000b004bbcbd7c556mr12960609pfc.26.1643052261947; Mon, 24 Jan 2022 11:24:21 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1643052261; cv=none; d=google.com; s=arc-20160816; b=YkucvwWAblAzy9BelFwDlxd+XDFtlm2Cho3AG9XQzOLI3PBRxZCuXkult1XdO6ahIH Ze5iBLAOwZhr4jNMRgIcGvaqfqaKXmZYk9HHt8x9h5O7GDZXWRTahTC9HmlEz2TUu8B8 ouWcLI3vMOWYnPWNG4duVRD52ElBgdi69uBYzRuVQQeUkSC93/cqtftlhqy/URp5JjDc KD+G7G3GHvMaqC6eKL4NcE6QZyh1vVH9MbXvZtj8QPZnuwzUU9Fct+AeZ4+JjiYKmAYQ ubfNiYWhhFRjtdx72aC7ZuUGUNYhsUnTHtxLL/UOw44OCeRaDy1XHYkzZnuxBtd+XhXt QZkQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=XCYWbt1ZK2kAKhoVEPtsJghG084voAanvYDFBWjbd0Q=; b=jgyBMnA/uMSmhNm9tAXWkzZ0NUuK1ykdjHEcz55auqmNzLBu4umxotZRZFu9sBhfpa u1+Ispe3374/Sqy49mDH7GckbzLPwa87khdj4gvDa8TjxdPoQ5dBfnl8kK3R3kZk4J9H 0mM35SCkAun+rRoKEkc9yz36pRn2DOZmdTSCSSGARNZeAXRbY7v06puwXXbmUIynSKPy uXO6Rzv6gEQmQawjp97O6OvDxCeMXLnUAA1OI+sLUeGq5ClCwCjqsQ/BzO5FNFV3lnON /ZUyLdboQcG8f6HD/sEWVaPW57ayCvotLfocS5spnkb3iRijBof6yeQEnnlW3JyS7E2n /Vxg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b=NSXkfMRx; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id s8si13039027plp.15.2022.01.24.11.24.06; Mon, 24 Jan 2022 11:24:21 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b=NSXkfMRx; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S240115AbiAXPCn (ORCPT + 99 others); Mon, 24 Jan 2022 10:02:43 -0500 Received: from mga17.intel.com ([192.55.52.151]:63901 "EHLO mga17.intel.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S239990AbiAXPCX (ORCPT ); Mon, 24 Jan 2022 10:02:23 -0500 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1643036542; x=1674572542; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=U2RBFvSabGQbSWUrVUR6IfnDqFHD0udYc5VGLJl32RM=; b=NSXkfMRxa1RHY8y7cNxbPAetjes42o8pspNcJTYAhtIYIyaF368uXRhx fmpU0Ax75ORWokI+Y+HWTPPO4YAQAYWBCqWhlfCIWqtX3v+UXjEaVHK1s V8QlBpcdq7o119+FPPBLcn9COqDVKwreIgW9AGrLemk8KJFAzQh4c7Q06 e8XK4C8/nv+PrZgSRCFFa4KCTGyBsbmbU8yiw2Eounetwo2L87dTZRehC wlQElrzTLJZS0oJZ9ktURxsDI8UbC2/nncLPAzFcYKiSZHvkOP5aBsIPd BJiuNtLduD+bEQJs2cbwbckHmPXhrPXQLtezj36cVD2Dr1LUqIotmhRIB g==; X-IronPort-AV: E=McAfee;i="6200,9189,10236"; a="226734674" X-IronPort-AV: E=Sophos;i="5.88,311,1635231600"; d="scan'208";a="226734674" Received: from orsmga001.jf.intel.com ([10.7.209.18]) by fmsmga107.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 24 Jan 2022 07:02:22 -0800 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.88,311,1635231600"; d="scan'208";a="562680192" Received: from black.fi.intel.com ([10.237.72.28]) by orsmga001.jf.intel.com with ESMTP; 24 Jan 2022 07:02:16 -0800 Received: by black.fi.intel.com (Postfix, from userid 1000) id 07CADA03; Mon, 24 Jan 2022 17:02:20 +0200 (EET) From: "Kirill A. Shutemov" To: tglx@linutronix.de, mingo@redhat.com, bp@alien8.de, dave.hansen@intel.com, luto@kernel.org, peterz@infradead.org Cc: sathyanarayanan.kuppuswamy@linux.intel.com, aarcange@redhat.com, ak@linux.intel.com, dan.j.williams@intel.com, david@redhat.com, hpa@zytor.com, jgross@suse.com, jmattson@google.com, joro@8bytes.org, jpoimboe@redhat.com, knsathya@kernel.org, pbonzini@redhat.com, sdeep@vmware.com, seanjc@google.com, tony.luck@intel.com, vkuznets@redhat.com, wanpengli@tencent.com, x86@kernel.org, linux-kernel@vger.kernel.org, "Kirill A . Shutemov" Subject: [PATCHv2 14/29] x86/tdx: Early boot handling of port I/O Date: Mon, 24 Jan 2022 18:02:00 +0300 Message-Id: <20220124150215.36893-15-kirill.shutemov@linux.intel.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20220124150215.36893-1-kirill.shutemov@linux.intel.com> References: <20220124150215.36893-1-kirill.shutemov@linux.intel.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org From: Andi Kleen TDX guests cannot do port I/O directly. The TDX module triggers a #VE exception to let the guest kernel emulate port I/O, by converting them into TDCALLs to call the host. But before IDT handlers are set up, port I/O cannot be emulated using normal kernel #VE handlers. To support the #VE-based emulation during this boot window, add a minimal early #VE handler support in early exception handlers. This is similar to what AMD SEV does. This is mainly to support earlyprintk's serial driver, as well as potentially the VGA driver (although it is expected not to be used). The early handler only supports I/O-related #VE exceptions. Unhandled or failed exceptions will be handled via early_fixup_exceptions() (like normal exception failures). This early handler enables the use of normal in*/out* macros without patching them for every driver. Since there is no expectation that early port I/O is performance-critical, the #VE emulation cost is worth the simplicity benefit of not patching the port I/O usage in early code. There are also no concerns with nesting, since there should be no NMIs or interrupts this early. Signed-off-by: Andi Kleen Reviewed-by: Dan Williams Signed-off-by: Kuppuswamy Sathyanarayanan Signed-off-by: Kirill A. Shutemov --- arch/x86/include/asm/tdx.h | 4 ++++ arch/x86/kernel/head64.c | 3 +++ arch/x86/kernel/tdx.c | 17 +++++++++++++++++ 3 files changed, 24 insertions(+) diff --git a/arch/x86/include/asm/tdx.h b/arch/x86/include/asm/tdx.h index 27eb4ab2fdd2..8013686192fd 100644 --- a/arch/x86/include/asm/tdx.h +++ b/arch/x86/include/asm/tdx.h @@ -53,12 +53,16 @@ bool tdx_handle_virt_exception(struct pt_regs *regs, struct ve_info *ve); void tdx_safe_halt(void); +bool tdx_early_handle_ve(struct pt_regs *regs); + #else static inline void tdx_early_init(void) { }; static inline bool is_tdx_guest(void) { return false; } static inline void tdx_safe_halt(void) { }; +static inline bool tdx_early_handle_ve(struct pt_regs *regs) { return false; } + #endif /* CONFIG_INTEL_TDX_GUEST */ #endif /* _ASM_X86_TDX_H */ diff --git a/arch/x86/kernel/head64.c b/arch/x86/kernel/head64.c index 1cb6346ec3d1..76d298ddfe75 100644 --- a/arch/x86/kernel/head64.c +++ b/arch/x86/kernel/head64.c @@ -417,6 +417,9 @@ void __init do_early_exception(struct pt_regs *regs, int trapnr) trapnr == X86_TRAP_VC && handle_vc_boot_ghcb(regs)) return; + if (trapnr == X86_TRAP_VE && tdx_early_handle_ve(regs)) + return; + early_fixup_exception(regs, trapnr); } diff --git a/arch/x86/kernel/tdx.c b/arch/x86/kernel/tdx.c index e73af22a4c11..ebb29dfb3ad4 100644 --- a/arch/x86/kernel/tdx.c +++ b/arch/x86/kernel/tdx.c @@ -302,6 +302,23 @@ static bool tdx_handle_io(struct pt_regs *regs, u32 exit_qual) return !ret; } +/* + * Early #VE exception handler. Only handles a subset of port I/O. + * Intended only for earlyprintk. If failed, return false. + */ +__init bool tdx_early_handle_ve(struct pt_regs *regs) +{ + struct ve_info ve; + + if (tdx_get_ve_info(&ve)) + return false; + + if (ve.exit_reason != EXIT_REASON_IO_INSTRUCTION) + return false; + + return tdx_handle_io(regs, ve.exit_qual); +} + bool tdx_get_ve_info(struct ve_info *ve) { struct tdx_module_output out; -- 2.34.1