Received: by 2002:a05:6a10:2726:0:0:0:0 with SMTP id ib38csp988797pxb; Wed, 6 Apr 2022 06:08:10 -0700 (PDT) X-Google-Smtp-Source: ABdhPJz5ApJEKWmXvOiMWZR1mmwnAxbxZOgol7zRYQ0TP0l/1ITVtshtPuT1rh4AgfnirMTBBWol X-Received: by 2002:a02:ca04:0:b0:321:2e99:b080 with SMTP id i4-20020a02ca04000000b003212e99b080mr4235463jak.149.1649250489937; Wed, 06 Apr 2022 06:08:09 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1649250489; cv=none; d=google.com; s=arc-20160816; b=q81njDkR2smO5Zt1eWx/wwU73UqNigBdxBgKKfB6h1fKKVeij5TVRAqLWdl7cXpr8M VJaLsoBWr6SC5tOq04sAaMnSr3lZr1jExpb+jo+SEIsoihRWCfz0YNkvk8FIAa12lvPf 9WjOMtrDpMURsoDymCvYoGl4rgBZ8Hqdf/QBAvzBMFP8GNKoI1oRWtPZW77TxWz5kRSv dLxzwtj2IEeGAZg4XztxeHkLdO+T/eJv8Vt3IuSELNhkfrvFcl5OgzabRHQnl5ld8opx 5cGu2m8eEM6c8+56FFRJKCT+ZBOMxbgM1atJk+pJLEF+ekeFNE4MqwllnIz513rP6Bbz CGtA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=SkB0zN0OtQukE9VZhinp2E0cbl4Te6y78Z3BsKdf5gM=; b=pBm7nDB7SuUCXMXWHubQKxnOf+d5B8bQ8+13XHH6F9RJi91vMaEFQLZvpAo6dEwScZ okE4f+gvA5bz2cV0+YoeU3QccLlk8Fa+QmOQ1JjwE7ApEuU7wHEhVhaCHgsQJZGQn314 XeVGmZ6u5EZbR2QrlxH8jv4bwFReU3L5/3IkVDOyuf/+V0XgukfitDCzPn3L5nuxxmKh /1x4ARG25uqfmCOsSRZRWEkDk9LJcM29wd75CfwVmUKEBj8MRtB8GGfdbfZG/AjutHtZ wMJ6dKdZtzxxJGIRYjnPOGuUzGcvOXSzIL2AaEe80VTXX5x6OPm87ZSgr6ApaYRP4QSQ XVPA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b=OqTxAPjb; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Return-Path: Received: from lindbergh.monkeyblade.net (lindbergh.monkeyblade.net. [2620:137:e000::1:18]) by mx.google.com with ESMTPS id h10-20020a056e021b8a00b002c805256058si10110360ili.102.2022.04.06.06.08.09 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 06 Apr 2022 06:08:09 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:18 as permitted sender) client-ip=2620:137:e000::1:18; Authentication-Results: mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b=OqTxAPjb; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by lindbergh.monkeyblade.net (Postfix) with ESMTP id 1984D475499; Wed, 6 Apr 2022 03:30:57 -0700 (PDT) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S2359856AbiDFDWx (ORCPT + 99 others); Tue, 5 Apr 2022 23:22:53 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:35324 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1847203AbiDFCQn (ORCPT ); Tue, 5 Apr 2022 22:16:43 -0400 Received: from mga04.intel.com (mga04.intel.com [192.55.52.120]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id A95CF1B48D3 for ; Tue, 5 Apr 2022 16:35:36 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1649201736; x=1680737736; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=4LHsjXlztt/qRFD3I/NHvKb8wxEx5He5RP0YawqBBu0=; b=OqTxAPjbw2x2WqX38WCcGglsJ/vZForj8LM2Sn2UpdCrvOqjbdDv+rhJ XMr6iQlfKj/0GiAceFBe+lpnpg0oULqh6xoaQSHZz96VIf9ACl7yDtFrw KNmvoDH+4t/SqbD1FejZLIwcx8osLuTEjBbKeb484rLsTRbepL3QBTxFG OV4666q8WZYC+XK7WywvwwfhqOIfVwH6wapRGUd6nBLXNYlIwemAXLMvM 8hNG9TlWnb4DV7SG7dlNEddT425nkieWL45oTry98xpJ2jGxiOC+LDqxR QAYIwtsTv3a8pJhRhliCcgWo/fZARQrB0UqFuU9H4c0FvoZCVql396PCL g==; X-IronPort-AV: E=McAfee;i="6200,9189,10308"; a="259721569" X-IronPort-AV: E=Sophos;i="5.90,238,1643702400"; d="scan'208";a="259721569" Received: from orsmga007.jf.intel.com ([10.7.209.58]) by fmsmga104.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 05 Apr 2022 16:34:56 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.90,238,1643702400"; d="scan'208";a="549273519" Received: from black.fi.intel.com ([10.237.72.28]) by orsmga007.jf.intel.com with ESMTP; 05 Apr 2022 16:34:48 -0700 Received: by black.fi.intel.com (Postfix, from userid 1000) id 7A01AC32; Wed, 6 Apr 2022 02:29:46 +0300 (EEST) From: "Kirill A. Shutemov" To: tglx@linutronix.de, mingo@redhat.com, bp@alien8.de, dave.hansen@intel.com, luto@kernel.org, peterz@infradead.org Cc: sathyanarayanan.kuppuswamy@linux.intel.com, aarcange@redhat.com, ak@linux.intel.com, dan.j.williams@intel.com, david@redhat.com, hpa@zytor.com, jgross@suse.com, jmattson@google.com, joro@8bytes.org, jpoimboe@redhat.com, knsathya@kernel.org, pbonzini@redhat.com, sdeep@vmware.com, seanjc@google.com, tony.luck@intel.com, vkuznets@redhat.com, wanpengli@tencent.com, thomas.lendacky@amd.com, brijesh.singh@amd.com, x86@kernel.org, linux-kernel@vger.kernel.org, "Kirill A . Shutemov" Subject: [PATCHv8 19/30] x86/tdx: Wire up KVM hypercalls Date: Wed, 6 Apr 2022 02:29:28 +0300 Message-Id: <20220405232939.73860-20-kirill.shutemov@linux.intel.com> X-Mailer: git-send-email 2.35.1 In-Reply-To: <20220405232939.73860-1-kirill.shutemov@linux.intel.com> References: <20220405232939.73860-1-kirill.shutemov@linux.intel.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,HEADER_FROM_DIFFERENT_DOMAINS, MAILING_LIST_MULTI,RDNS_NONE,SPF_HELO_NONE,T_SCC_BODY_TEXT_LINE autolearn=no autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org From: Kuppuswamy Sathyanarayanan KVM hypercalls use the VMCALL or VMMCALL instructions. Although the ABI is similar, those instructions no longer function for TDX guests. Make vendor-specific TDVMCALLs instead of VMCALL. This enables TDX guests to run with KVM acting as the hypervisor. Among other things, KVM hypercall is used to send IPIs. Since the KVM driver can be built as a kernel module, export tdx_kvm_hypercall() to make the symbols visible to kvm.ko. Signed-off-by: Kuppuswamy Sathyanarayanan Signed-off-by: Kirill A. Shutemov Reviewed-by: Thomas Gleixner --- arch/x86/coco/tdx/tdx.c | 17 +++++++++++++++++ arch/x86/include/asm/kvm_para.h | 22 ++++++++++++++++++++++ arch/x86/include/asm/tdx.h | 11 +++++++++++ 3 files changed, 50 insertions(+) diff --git a/arch/x86/coco/tdx/tdx.c b/arch/x86/coco/tdx/tdx.c index cc14b7c0c157..f50f530aff5f 100644 --- a/arch/x86/coco/tdx/tdx.c +++ b/arch/x86/coco/tdx/tdx.c @@ -64,6 +64,23 @@ static u64 hcall_func(u64 exit_reason) return exit_reason; } +#ifdef CONFIG_KVM_GUEST +long tdx_kvm_hypercall(unsigned int nr, unsigned long p1, unsigned long p2, + unsigned long p3, unsigned long p4) +{ + struct tdx_hypercall_args args = { + .r10 = nr, + .r11 = p1, + .r12 = p2, + .r13 = p3, + .r14 = p4, + }; + + return __tdx_hypercall(&args, 0); +} +EXPORT_SYMBOL_GPL(tdx_kvm_hypercall); +#endif + /* * Used for TDX guests to make calls directly to the TD module. This * should only be used for calls that have no legitimate reason to fail diff --git a/arch/x86/include/asm/kvm_para.h b/arch/x86/include/asm/kvm_para.h index 56935ebb1dfe..57bc74e112f2 100644 --- a/arch/x86/include/asm/kvm_para.h +++ b/arch/x86/include/asm/kvm_para.h @@ -7,6 +7,8 @@ #include #include +#include + #ifdef CONFIG_KVM_GUEST bool kvm_check_and_clear_guest_paused(void); #else @@ -32,6 +34,10 @@ static inline bool kvm_check_and_clear_guest_paused(void) static inline long kvm_hypercall0(unsigned int nr) { long ret; + + if (cpu_feature_enabled(X86_FEATURE_TDX_GUEST)) + return tdx_kvm_hypercall(nr, 0, 0, 0, 0); + asm volatile(KVM_HYPERCALL : "=a"(ret) : "a"(nr) @@ -42,6 +48,10 @@ static inline long kvm_hypercall0(unsigned int nr) static inline long kvm_hypercall1(unsigned int nr, unsigned long p1) { long ret; + + if (cpu_feature_enabled(X86_FEATURE_TDX_GUEST)) + return tdx_kvm_hypercall(nr, p1, 0, 0, 0); + asm volatile(KVM_HYPERCALL : "=a"(ret) : "a"(nr), "b"(p1) @@ -53,6 +63,10 @@ static inline long kvm_hypercall2(unsigned int nr, unsigned long p1, unsigned long p2) { long ret; + + if (cpu_feature_enabled(X86_FEATURE_TDX_GUEST)) + return tdx_kvm_hypercall(nr, p1, p2, 0, 0); + asm volatile(KVM_HYPERCALL : "=a"(ret) : "a"(nr), "b"(p1), "c"(p2) @@ -64,6 +78,10 @@ static inline long kvm_hypercall3(unsigned int nr, unsigned long p1, unsigned long p2, unsigned long p3) { long ret; + + if (cpu_feature_enabled(X86_FEATURE_TDX_GUEST)) + return tdx_kvm_hypercall(nr, p1, p2, p3, 0); + asm volatile(KVM_HYPERCALL : "=a"(ret) : "a"(nr), "b"(p1), "c"(p2), "d"(p3) @@ -76,6 +94,10 @@ static inline long kvm_hypercall4(unsigned int nr, unsigned long p1, unsigned long p4) { long ret; + + if (cpu_feature_enabled(X86_FEATURE_TDX_GUEST)) + return tdx_kvm_hypercall(nr, p1, p2, p3, p4); + asm volatile(KVM_HYPERCALL : "=a"(ret) : "a"(nr), "b"(p1), "c"(p2), "d"(p3), "S"(p4) diff --git a/arch/x86/include/asm/tdx.h b/arch/x86/include/asm/tdx.h index 9ffd0d2e6e0f..020c81a7c729 100644 --- a/arch/x86/include/asm/tdx.h +++ b/arch/x86/include/asm/tdx.h @@ -76,5 +76,16 @@ static inline bool tdx_early_handle_ve(struct pt_regs *regs) { return false; } #endif /* CONFIG_INTEL_TDX_GUEST */ +#if defined(CONFIG_KVM_GUEST) && defined(CONFIG_INTEL_TDX_GUEST) +long tdx_kvm_hypercall(unsigned int nr, unsigned long p1, unsigned long p2, + unsigned long p3, unsigned long p4); +#else +static inline long tdx_kvm_hypercall(unsigned int nr, unsigned long p1, + unsigned long p2, unsigned long p3, + unsigned long p4) +{ + return -ENODEV; +} +#endif /* CONFIG_INTEL_TDX_GUEST && CONFIG_KVM_GUEST */ #endif /* !__ASSEMBLY__ */ #endif /* _ASM_X86_TDX_H */ -- 2.35.1