Received: by 2002:a05:6a10:9afc:0:0:0:0 with SMTP id t28csp1752388pxm; Thu, 24 Feb 2022 08:43:25 -0800 (PST) X-Google-Smtp-Source: ABdhPJzqY2gneqtAlVctov7DUlLgkspxB+LqFHbyEhRc+GzLejTKHoVSy1FVu38EGcolZzN3bw7x X-Received: by 2002:a17:90b:1054:b0:1bb:fc13:73ab with SMTP id gq20-20020a17090b105400b001bbfc1373abmr3618265pjb.241.1645721005459; Thu, 24 Feb 2022 08:43:25 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1645721005; cv=none; d=google.com; s=arc-20160816; b=CdqVb2mD06bMGBBlrqc4bUdWkQmT0Sr9VXXUjABLPVN3Ph5e61xe14h2FxlimCyKhh sb/fXlgkjmEE4rNncF7WUk66cEjMrosK1d81IhkYDVQl9f/A6Gjh/yD31YoqA2xB3FvC aLSLNMthgXF1LRFI6SRjzqfZ8U+MLdlqRl2yclO0kBor8g1+ZjCg3vil72kif1zZ/htk /thcV6aL3w3NwsZ8IRBKuxJJ6ppr6el6WZG1vrtQIeDa3COIQSzugqKJPYcLnHfHoaQm YjLsfD6EbwyYOSjm/peVeMz4Q9s2KCGjsHy4cH0sdexS/DV+XVXwdM3lyGSzS1PUA3ed vp8A== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=pPr35hVOIBWepVAc2XKlnaaJqsW624v9MY8S279G6bA=; b=arRUnfEs9MeHNLyJ5LXRV4HdSQh+7EJvGBA38cAcRcwfLXWs0Zl7jbJlQCJCIAunoa istnfo0h/UyZL6ShlDJVXfGE7cKuiDW4HQ2O7ld5OfBWGr57/RWrZeK71c7P8bKlX/VU 4dyWtXOkb7iLF8Eu7po1WTk+KOsmo1le0hKM+yge+1WbbvXUXHp2dXHE4nVvavPNX+uC TiMJl5+Vkq29dhnEO3SBngVVio3lidQWtreiybgmSBratrM4cqJG3ts6A0Cb7x8NldZD bkYARTWgj+9AXt5RlZ4iPKz/gDY221qrrGQtn9hZSeDBu9/yz4/3VOuZnUgY8mQ6OVDH gWyw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b="L2+R/oxf"; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Return-Path: Received: from lindbergh.monkeyblade.net (lindbergh.monkeyblade.net. [2620:137:e000::1:18]) by mx.google.com with ESMTPS id y13si3032018plg.132.2022.02.24.08.43.25 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 24 Feb 2022 08:43:25 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:18 as permitted sender) client-ip=2620:137:e000::1:18; Authentication-Results: mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b="L2+R/oxf"; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by lindbergh.monkeyblade.net (Postfix) with ESMTP id B23231A9494; Thu, 24 Feb 2022 08:22:59 -0800 (PST) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S236771AbiBXP6n (ORCPT + 99 others); Thu, 24 Feb 2022 10:58:43 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:43836 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S236858AbiBXP5t (ORCPT ); Thu, 24 Feb 2022 10:57:49 -0500 Received: from mga07.intel.com (mga07.intel.com [134.134.136.100]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 0E3A2DE2EE for ; Thu, 24 Feb 2022 07:57:02 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1645718222; x=1677254222; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=sqplZ36NTUAxVKTVx8J9Prykr0H/GFG/xm0iD1t8jgc=; b=L2+R/oxfKnpqWHhYafWYN6DhXfvYV4hfNGyQ6OkUWjv/eyPpChaKhXJ0 tRX/a75cN6OVOWc3j775LT2Uw1i4ntQ56yIBtCbyd2Y54nqWVhUjeUZe7 kX6S0HiYdlaCkRQc6GhCUhrk55biWLQ4Qyj6DK/YwPyDApORQf3ZKMDIq SqWOL18jrQ3pdL1MXWnDHEq+T/PeLlPMv3rRdF+x5TXJz//lYj6QT5NDR IfwUB7hqSDLCrQpUg+NWY22bju/KnXoyo/2c33ExS7/9CSUhCytAoUa+k byLy56G5fz928mlDq8dk8O9+2cpSOuYnRQIx6ltGKI/59Qi/QfsBbPICx w==; X-IronPort-AV: E=McAfee;i="6200,9189,10268"; a="315487666" X-IronPort-AV: E=Sophos;i="5.90,134,1643702400"; d="scan'208";a="315487666" Received: from fmsmga004.fm.intel.com ([10.253.24.48]) by orsmga105.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 24 Feb 2022 07:56:31 -0800 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.90,134,1643702400"; d="scan'208";a="607458056" Received: from black.fi.intel.com ([10.237.72.28]) by fmsmga004.fm.intel.com with ESMTP; 24 Feb 2022 07:56:24 -0800 Received: by black.fi.intel.com (Postfix, from userid 1000) id 68B3D763; Thu, 24 Feb 2022 17:56:34 +0200 (EET) From: "Kirill A. Shutemov" To: tglx@linutronix.de, mingo@redhat.com, bp@alien8.de, dave.hansen@intel.com, luto@kernel.org, peterz@infradead.org Cc: sathyanarayanan.kuppuswamy@linux.intel.com, aarcange@redhat.com, ak@linux.intel.com, dan.j.williams@intel.com, david@redhat.com, hpa@zytor.com, jgross@suse.com, jmattson@google.com, joro@8bytes.org, jpoimboe@redhat.com, knsathya@kernel.org, pbonzini@redhat.com, sdeep@vmware.com, seanjc@google.com, tony.luck@intel.com, vkuznets@redhat.com, wanpengli@tencent.com, thomas.lendacky@amd.com, brijesh.singh@amd.com, x86@kernel.org, linux-kernel@vger.kernel.org, "Kirill A. Shutemov" Subject: [PATCHv4 05/30] x86/tdx: Extend the confidential computing API to support TDX guests Date: Thu, 24 Feb 2022 18:56:05 +0300 Message-Id: <20220224155630.52734-6-kirill.shutemov@linux.intel.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20220224155630.52734-1-kirill.shutemov@linux.intel.com> References: <20220224155630.52734-1-kirill.shutemov@linux.intel.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,HEADER_FROM_DIFFERENT_DOMAINS, MAILING_LIST_MULTI,RDNS_NONE,SPF_HELO_NONE,T_SCC_BODY_TEXT_LINE autolearn=no autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Confidential Computing (CC) features (like string I/O unroll support, memory encryption/decryption support, etc) are conditionally enabled in the kernel using cc_platform_has() API. Since TDX guests also need to use these CC features, extend cc_platform_has() API and add TDX guest-specific CC attributes support. Like AMD SME/SEV, TDX uses a bit in the page table entry to indicate encryption status of the page, but the polarity of the mask is opposite to AMD: if the bit is set the page is accessible to VMM. Details about which bit in the page table entry to be used to indicate shared/private state can be determined by using the TDINFO TDCALL. Signed-off-by: Kirill A. Shutemov --- arch/x86/Kconfig | 1 + arch/x86/coco/core.c | 4 ++++ arch/x86/coco/tdx.c | 43 +++++++++++++++++++++++++++++++++++++++++++ 3 files changed, 48 insertions(+) diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig index c346d66b51fc..93e67842e369 100644 --- a/arch/x86/Kconfig +++ b/arch/x86/Kconfig @@ -884,6 +884,7 @@ config INTEL_TDX_GUEST bool "Intel TDX (Trust Domain Extensions) - Guest Support" depends on X86_64 && CPU_SUP_INTEL depends on X86_X2APIC + select ARCH_HAS_CC_PLATFORM help Support running as a guest under Intel TDX. Without this support, the guest kernel can not boot or run under TDX. diff --git a/arch/x86/coco/core.c b/arch/x86/coco/core.c index fc1365dd927e..9113baebbfd2 100644 --- a/arch/x86/coco/core.c +++ b/arch/x86/coco/core.c @@ -90,6 +90,8 @@ u64 cc_mkenc(u64 val) switch (vendor) { case CC_VENDOR_AMD: return val | cc_mask; + case CC_VENDOR_INTEL: + return val & ~cc_mask; default: return val; } @@ -100,6 +102,8 @@ u64 cc_mkdec(u64 val) switch (vendor) { case CC_VENDOR_AMD: return val & ~cc_mask; + case CC_VENDOR_INTEL: + return val | cc_mask; default: return val; } diff --git a/arch/x86/coco/tdx.c b/arch/x86/coco/tdx.c index 17365fd40ba2..74c6e68dd1b3 100644 --- a/arch/x86/coco/tdx.c +++ b/arch/x86/coco/tdx.c @@ -5,8 +5,17 @@ #define pr_fmt(fmt) "tdx: " fmt #include +#include #include +/* TDX module Call Leaf IDs */ +#define TDX_GET_INFO 1 + +static struct { + unsigned int gpa_width; + unsigned long attributes; +} td_info __ro_after_init; + /* * Wrapper for standard use of __tdx_hypercall with no output aside from * return code. @@ -25,6 +34,30 @@ static inline u64 _tdx_hypercall(u64 fn, u64 r12, u64 r13, u64 r14, u64 r15) return __tdx_hypercall(&args, 0); } +static inline void tdx_module_call(u64 fn, u64 rcx, u64 rdx, u64 r8, u64 r9, + struct tdx_module_output *out) +{ + if (__tdx_module_call(fn, rcx, rdx, r8, r9, out)) + panic("TDCALL %lld failed (Buggy TDX module!)\n", fn); +} + +static void get_info(void) +{ + struct tdx_module_output out; + + /* + * TDINFO TDX module call is used to get the TD execution environment + * information like GPA width, number of available vcpus, debug mode + * information, etc. More details about the ABI can be found in TDX + * Guest-Host-Communication Interface (GHCI), section 2.4.2 TDCALL + * [TDG.VP.INFO]. + */ + tdx_module_call(TDX_GET_INFO, 0, 0, 0, 0, &out); + + td_info.gpa_width = out.rcx & GENMASK(5, 0); + td_info.attributes = out.rdx; +} + void __init tdx_early_init(void) { u32 eax, sig[3]; @@ -37,5 +70,15 @@ void __init tdx_early_init(void) setup_force_cpu_cap(X86_FEATURE_TDX_GUEST); + get_info(); + + cc_set_vendor(CC_VENDOR_INTEL); + + /* + * The highest bit of a guest physical address is the "sharing" bit. + * Set it for shared pages and clear it for private pages. + */ + cc_set_mask(BIT_ULL(td_info.gpa_width - 1)); + pr_info("Guest detected\n"); } -- 2.34.1