Received: by 2002:a05:6a10:9afc:0:0:0:0 with SMTP id t28csp1752182pxm; Thu, 24 Feb 2022 08:43:09 -0800 (PST) X-Google-Smtp-Source: ABdhPJwzbySXg8EfAORHABq7PtkBbcBnO95GxbZfkmFZqDNUYgcjbD/8OLeZAbTkDOp9gmh67skG X-Received: by 2002:a63:950a:0:b0:375:64a3:f98c with SMTP id p10-20020a63950a000000b0037564a3f98cmr3043249pgd.22.1645720989014; Thu, 24 Feb 2022 08:43:09 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1645720989; cv=none; d=google.com; s=arc-20160816; b=etpD1nP0UoWQXL5DqhIH/YfWyRYGPW2yY0irAOkWOL4DorSqkP5ALtgoTYdPBkr9z3 VGkRMGARsB3FFfwWab/teIqcd78Iybe/mWKjecY6yXp/utTZh4xaL1c7Wp98dORQyPV9 9Ai2/6DePRBjbGCgfs4AkxwH5MD/yjs0WtZVwiF4x9GYRr77XsY9zVNmIV6AlA9m5W2X BA8BcwpF1IRXMF/stdDgrVRqRPUYoTY4EhpHWQjET2ISEbuWTrpj+nD1CfERH44sc0o1 scE8YjxohS0emGWtiPnVwR7AEjOI8+tdH1PdHNlPT1cldGHcrkPZ9hp1KX0ud8NkuiMp MO5A== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=k1fF3ijzpset0Xte60GLS3qZ64lCXq+7iAJzaa2IquA=; b=cDE1fT1va/OUHJbuORIByl/Sag/Wpcan/Jc0knrN5hKrNiQdT4vekBRAv8yB4aJIsN KnyDgSZ0PaPVtA6nf3qd5sz3XIHG4gIPxlcCv5DoaOSloFiQkOd9CsZdFEn68VqJMxts iWMLyMgvQyr+y3aDFwQGPjEzL5gcfFtzeNZ9ah/pI7afDvy3iJ4zFDlclthBZ4TmrS02 cjgG0FMZjhVVnn/T/29ZbXGcPni7sR+LNeU0O2ydFVIkmkQtd5wCTTUUeRkG8CeNwQj7 xYp67SrnS85RLuGL/XASWKun2Lsjg/MISdeUfIm7N9ZMK/axknEqfFagJlZ1vbYp3lfr 7kNA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b=CNVf3jf0; spf=softfail (google.com: domain of transitioning linux-kernel-owner@vger.kernel.org does not designate 23.128.96.19 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Return-Path: Received: from lindbergh.monkeyblade.net (lindbergh.monkeyblade.net. [23.128.96.19]) by mx.google.com with ESMTPS id z24si2617046pgv.228.2022.02.24.08.43.08 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 24 Feb 2022 08:43:09 -0800 (PST) Received-SPF: softfail (google.com: domain of transitioning linux-kernel-owner@vger.kernel.org does not designate 23.128.96.19 as permitted sender) client-ip=23.128.96.19; Authentication-Results: mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b=CNVf3jf0; spf=softfail (google.com: domain of transitioning linux-kernel-owner@vger.kernel.org does not designate 23.128.96.19 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by lindbergh.monkeyblade.net (Postfix) with ESMTP id E8F5318E3E2; Thu, 24 Feb 2022 08:22:45 -0800 (PST) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S233009AbiBXP6v (ORCPT + 99 others); Thu, 24 Feb 2022 10:58:51 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:45968 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S236866AbiBXP5t (ORCPT ); Thu, 24 Feb 2022 10:57:49 -0500 Received: from mga07.intel.com (mga07.intel.com [134.134.136.100]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 715DCFABD6 for ; Thu, 24 Feb 2022 07:57:03 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1645718224; x=1677254224; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=Roqm3vxXsDrqlJjxy74QcX0NceV5nOJOiJIuEZDgIS0=; b=CNVf3jf0OIXrvGyzejs9weXuO5ZYwvNdYFywIqloLO1K4AJpgjb3iOhU jB2ylgFp4ShienMUmpGmekaZlGiQmjs+FVjy0huNcG1k/8x47IZnltf2e qFnVgjjqrHbg2NeGdkgKqYAvqrOkaJdk7M8XRwYbQqxW7bwjyUDakV/le l9froTGTVsiBkpbzdsrqvt1zFmCIedcVVAxS+5K8kzkRlfctmaAgQous+ KTaYKr5TTcj+jDwhuZf1VlhyotqhySBKvAsyk0Mx6PynCzERzbTegQa1c 8E3NAx1W0zrXul6Vz7JLIrkgKSyTEp8gD2vaTIl+5Txinq/dZlOedsbuB g==; X-IronPort-AV: E=McAfee;i="6200,9189,10268"; a="315487662" X-IronPort-AV: E=Sophos;i="5.90,134,1643702400"; d="scan'208";a="315487662" Received: from orsmga005.jf.intel.com ([10.7.209.41]) by orsmga105.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 24 Feb 2022 07:56:31 -0800 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.90,134,1643702400"; d="scan'208";a="707500677" Received: from black.fi.intel.com ([10.237.72.28]) by orsmga005.jf.intel.com with ESMTP; 24 Feb 2022 07:56:24 -0800 Received: by black.fi.intel.com (Postfix, from userid 1000) id 761CC772; Thu, 24 Feb 2022 17:56:34 +0200 (EET) From: "Kirill A. Shutemov" To: tglx@linutronix.de, mingo@redhat.com, bp@alien8.de, dave.hansen@intel.com, luto@kernel.org, peterz@infradead.org Cc: sathyanarayanan.kuppuswamy@linux.intel.com, aarcange@redhat.com, ak@linux.intel.com, dan.j.williams@intel.com, david@redhat.com, hpa@zytor.com, jgross@suse.com, jmattson@google.com, joro@8bytes.org, jpoimboe@redhat.com, knsathya@kernel.org, pbonzini@redhat.com, sdeep@vmware.com, seanjc@google.com, tony.luck@intel.com, vkuznets@redhat.com, wanpengli@tencent.com, thomas.lendacky@amd.com, brijesh.singh@amd.com, x86@kernel.org, linux-kernel@vger.kernel.org, "Kirill A. Shutemov" Subject: [PATCHv4 06/30] x86/tdx: Exclude shared bit from __PHYSICAL_MASK Date: Thu, 24 Feb 2022 18:56:06 +0300 Message-Id: <20220224155630.52734-7-kirill.shutemov@linux.intel.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20220224155630.52734-1-kirill.shutemov@linux.intel.com> References: <20220224155630.52734-1-kirill.shutemov@linux.intel.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,HEADER_FROM_DIFFERENT_DOMAINS, MAILING_LIST_MULTI,RDNS_NONE,SPF_HELO_NONE,T_SCC_BODY_TEXT_LINE autolearn=no autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org In TDX guests, by default memory is protected from host access. If a guest needs to communicate with the VMM (like the I/O use case), it uses a single bit in the physical address to communicate the protected/shared attribute of the given page. In the x86 ARCH code, __PHYSICAL_MASK macro represents the width of the physical address in the given architecture. It is used in creating physical PAGE_MASK for address bits in the kernel. Since in TDX guest, a single bit is used as metadata, it needs to be excluded from valid physical address bits to avoid using incorrect addresses bits in the kernel. Enable DYNAMIC_PHYSICAL_MASK to support updating the __PHYSICAL_MASK. Co-developed-by: Kuppuswamy Sathyanarayanan Signed-off-by: Kuppuswamy Sathyanarayanan Reviewed-by: Andi Kleen Reviewed-by: Tony Luck Signed-off-by: Kirill A. Shutemov Reviewed-by: Thomas Gleixner --- arch/x86/Kconfig | 1 + arch/x86/coco/tdx.c | 8 ++++++++ 2 files changed, 9 insertions(+) diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig index 93e67842e369..d2f45e58e846 100644 --- a/arch/x86/Kconfig +++ b/arch/x86/Kconfig @@ -885,6 +885,7 @@ config INTEL_TDX_GUEST depends on X86_64 && CPU_SUP_INTEL depends on X86_X2APIC select ARCH_HAS_CC_PLATFORM + select DYNAMIC_PHYSICAL_MASK help Support running as a guest under Intel TDX. Without this support, the guest kernel can not boot or run under TDX. diff --git a/arch/x86/coco/tdx.c b/arch/x86/coco/tdx.c index 74c6e68dd1b3..14c085930b5f 100644 --- a/arch/x86/coco/tdx.c +++ b/arch/x86/coco/tdx.c @@ -74,6 +74,14 @@ void __init tdx_early_init(void) cc_set_vendor(CC_VENDOR_INTEL); + /* + * All bits above GPA width are reserved and kernel treats shared bit + * as flag, not as part of physical address. + * + * Adjust physical mask to only cover valid GPA bits. + */ + physical_mask &= GENMASK_ULL(td_info.gpa_width - 2, 0); + /* * The highest bit of a guest physical address is the "sharing" bit. * Set it for shared pages and clear it for private pages. -- 2.34.1