Received: by 2002:a05:6a10:2726:0:0:0:0 with SMTP id ib38csp4934245pxb; Mon, 28 Mar 2022 05:52:06 -0700 (PDT) X-Google-Smtp-Source: ABdhPJymCK/zrX+FaHIFa/0W/9dM3sX3kph2O2DNA62st9w7bRlMjwksXiMr1+qNBWWjGKaL37Dj X-Received: by 2002:aca:905:0:b0:2ee:f62a:e08e with SMTP id 5-20020aca0905000000b002eef62ae08emr11366767oij.54.1648471926329; Mon, 28 Mar 2022 05:52:06 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1648471926; cv=none; d=google.com; s=arc-20160816; b=UyMFPKuCW1qzuCKy1RcOe765ANzu1KdyVtvgf78X16kHRmn5IYL2WYfb+zOfi2wY+A QljH7YLuA8osUAFGfMjXXH1cZy3PIObozuV0ANrwoMpxsixSZ5LZkPhaB3AX3f/vciau IXvJFaJaUg+r+GYQJJyB5ni0DcFGSuHG5s3RL7EQTuYesPEE0AVIHlQCccb11JLmD+od FkQ6yZRkdkLEanqXe7PcAe3uiwyDaVlPMubCXuSUBJrzZd4leB1jtl3FNann1AItq2za GBRjjjeZU7dSI7TvYXQa7E0F9gWbApgy1ntaSG9b0zPy7vJLy5tNsQOrmyhmEw0njMIm Tzxg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :user-agent:references:in-reply-to:date:cc:to:from:subject :message-id:dkim-signature; bh=vkzmSnEhhUVrDo7gG/ejB6amhzOsixCKjx3IMyDwSNc=; b=ZDRtiC0VInq2/rG1sAvXwq7SxHC9KUW9RjjnmXjIx13UXdW964aZyVROS6MQYM4yaZ a107ZXE7Ll0XRyRw/On1266+OyYpf5E+TWsJk4405oSDUR+z4WONM/2kOvt8OOftJ8Uz J61E3GW9jeWLTtYj88fLO1vO4d2RDavJn6ZTOGiXdwrTXQiEEctfKfshod7hskmffgii ww5zqZy/P2q4ckMk8e9MCoWJxL03NvHdqmAW97WTiMpph3aCqEVABaGPJWllcJEproPD nSeREk8ZwCJny9jckiMCI+6Ucjnw2NE00o9ICLOioOJ8pd6dk41496NpPt1ycHEROq3l picg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b=lqxdHVp0; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id w23-20020a4a7657000000b003244bc5df39si9065715ooe.53.2022.03.28.05.51.53; Mon, 28 Mar 2022 05:52:06 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b=lqxdHVp0; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S237311AbiC1BnS (ORCPT + 99 others); Sun, 27 Mar 2022 21:43:18 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:47578 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230002AbiC1BnR (ORCPT ); Sun, 27 Mar 2022 21:43:17 -0400 Received: from mga03.intel.com (mga03.intel.com [134.134.136.65]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 8CDC848895; Sun, 27 Mar 2022 18:41:38 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1648431698; x=1679967698; h=message-id:subject:from:to:cc:date:in-reply-to: references:mime-version:content-transfer-encoding; bh=jLSjB5TiH7kJ9GJHi06kkk1lwOsQ6eqXdeUcYlJC/LI=; b=lqxdHVp0l/IkoyG7QVEQcQfJoD+Xa+07d7gRe4Ie/ntro7W+zgQS2NJD pao0f8QFw8F6uc6B/1sXd1ewWwaj7IaYsfzzLstY1H8iCFutETrcKg/mF jUo8LQy6tG55hTaxj1WJltYVtSS/E8yo0BdQp/JjVwgG2hbXhCg+kNTie Km1tRUg/kd+DdBc2KNIIpnmxrORJl2VNFXkiJMzyMzIZGfOXQpCNklZci LsVxTSeBZZAzJxZUVVgA7LuSp7AggjpfCxojc2qh0zWg04woSJjIwHTG8 YMFlh4ScX5x8VTnVXe3J0YQnrO8DEH6t3Yh9TPt6vZJ4AH+FqZYtjp8Ci Q==; X-IronPort-AV: E=McAfee;i="6200,9189,10299"; a="258858639" X-IronPort-AV: E=Sophos;i="5.90,216,1643702400"; d="scan'208";a="258858639" Received: from orsmga003.jf.intel.com ([10.7.209.27]) by orsmga103.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 27 Mar 2022 18:41:38 -0700 X-IronPort-AV: E=Sophos;i="5.90,216,1643702400"; d="scan'208";a="502341505" Received: from stung2-mobl.gar.corp.intel.com (HELO khuang2-desk.gar.corp.intel.com) ([10.255.94.73]) by orsmga003-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 27 Mar 2022 18:41:35 -0700 Message-ID: <926af8966a2233574ee0e679d9fc3c8209477156.camel@intel.com> Subject: Re: [PATCH v2 03/21] x86/virt/tdx: Implement the SEAMCALL base function From: Kai Huang To: "Tian, Kevin" , "linux-kernel@vger.kernel.org" , "kvm@vger.kernel.org" Cc: "Hansen, Dave" , "Christopherson,, Sean" , "pbonzini@redhat.com" , "kirill.shutemov@linux.intel.com" , "sathyanarayanan.kuppuswamy@linux.intel.com" , "peterz@infradead.org" , "Luck, Tony" , "ak@linux.intel.com" , "Williams, Dan J" , "Yamahata, Isaku" Date: Mon, 28 Mar 2022 14:41:32 +1300 In-Reply-To: References: <269a053607357eedd9a1e8ddf0e7240ae0c3985c.1647167475.git.kai.huang@intel.com> Content-Type: text/plain; charset="UTF-8" User-Agent: Evolution 3.42.4 (3.42.4-1.fc35) MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Spam-Status: No, score=-2.8 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_LOW, SPF_HELO_NONE,SPF_NONE,T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Wed, 2022-03-23 at 16:35 +1300, Tian, Kevin wrote: > > From: Kai Huang > > Sent: Sunday, March 13, 2022 6:50 PM > > > > Secure Arbitration Mode (SEAM) is an extension of VMX architecture. It > > defines a new VMX root operation (SEAM VMX root) and a new VMX non- > > root > > operation (SEAM VMX non-root) which isolate from legacy VMX root and > > VMX > > non-root mode. > > s/isolate/are isolated/ OK thanks. > > > > > A CPU-attested software module (called the 'TDX module') runs in SEAM > > VMX root to manage the crypto protected VMs running in SEAM VMX non- > > root. > > SEAM VMX root is also used to host another CPU-attested software module > > (called the 'P-SEAMLDR') to load and update the TDX module. > > > > Host kernel transits to either the P-SEAMLDR or the TDX module via the > > new SEAMCALL instruction. SEAMCALLs are host-side interface functions > > defined by the P-SEAMLDR and the TDX module around the new SEAMCALL > > instruction. They are similar to a hypercall, except they are made by > > "SEAMCALLs are ... functions ... around the new SEAMCALL instruction" > > This is confusing. Probably just: May I ask why is it confusing? > > "SEAMCALL functions are defined and handled by the P-SEAMLDR and > the TDX module" > > > host kernel to the SEAM software. > > > > SEAMCALLs use an ABI different from the x86-64 system-v ABI. Instead, > > they share the same ABI with the TDCALL. %rax is used to carry both the > > SEAMCALL leaf function number (input) and the completion status code > > (output). Additional GPRs (%rcx, %rdx, %r8->%r11) may be further used > > as both input and output operands in individual leaf SEAMCALLs. > > > > Implement a C function __seamcall() to do SEAMCALL using the assembly > > macro used by __tdx_module_call() (the implementation of TDCALL). The > > only exception not covered here is TDENTER leaf function which takes > > all GPRs and XMM0-XMM15 as both input and output. The caller of TDENTER > > should implement its own logic to call TDENTER directly instead of using > > this function. > > > > SEAMCALL instruction is essentially a VMExit from VMX root to SEAM VMX > > root, and it can fail with VMfailInvalid, for instance, when the SEAM > > software module is not loaded. The C function __seamcall() returns > > TDX_SEAMCALL_VMFAILINVALID, which doesn't conflict with any actual error > > code of SEAMCALLs, to uniquely represent this case. > > SEAMCALL is TDX specific, is it? If yes, there is no need to have both > TDX and SEAMCALL in one macro, i.e. above can be SEAMCALL_VMFAILINVALID. This is defined in TDX guest series. I just use it. https://lore.kernel.org/lkml/20220324152415.grt6xvhblmd4uccu@black.fi.intel.com/T/#md0b1aa563bd003ab625de159612a0d07e3ded7cb -- Thanks, -Kai