Received: by 2002:a05:6a10:2726:0:0:0:0 with SMTP id ib38csp1022042pxb; Wed, 6 Apr 2022 06:57:41 -0700 (PDT) X-Google-Smtp-Source: ABdhPJz8j7iQpkVNHk9UZM1cMw8M1JULx6W9RJ4PiC/2hco3yiq0CEZS2eWAB5KJ0h3JpKarOIX9 X-Received: by 2002:a63:9d08:0:b0:398:9129:ccbd with SMTP id i8-20020a639d08000000b003989129ccbdmr7249150pgd.298.1649253461698; Wed, 06 Apr 2022 06:57:41 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1649253461; cv=none; d=google.com; s=arc-20160816; b=0HvcDyYXD6+ut61ri9JC5rWC5WnsZ/PQYxhUgBVDpV/L72jaQsEE7JWtSTTQqiEqH0 ymxViB7FUeSNNbOitWSAWZPhla936d9euu1seS+moL9F02ao6oCWB1GxyapTmd3/XpQ6 KvnwZ0zloZzfL8Pd3OBSLRNSqhNv3rWHT6ee77hVJeSMtf8bWtTYPiEF/Aa9Wp8NEbPe 2npHI1go3UTDaUfT2qDIPKWB3LVpciRzxfNJJjx0poAv2ectgxS4K3F+8dBs6xHvV9nu dz1Xl/d2A5fesH5lmq+tVxGm8avdnvpOxdxHUv2Alos102WnRpYBIiNze6giI8N8KEt7 UkPQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=WebAi+69xhs9oMTXlmPV0qDKUlNrBrOUXJ3gTwl2b/c=; b=VJLYolaTT4CGI5nxmc/JYhQtcjUht4tKkxj/ZR5tFuEAtdl2Zhh7r71MAS3+n5XlQE s+5eTQz1grAzNedEjGkkgGrcXEeWcbZ3nw8ilbRNVtnnVy9hBQk2Bt2XW/Yc5qXQySin I8SUjt/Q1qkFv+yN19GD78BW5iUclJBO0cT008AEnmih25EZ/ZpYDxZ0+8Xkv6cW4AaH J1lie8WjHCgskXH4424K5Y4VeUo9sMDmSzkcyUP9id7Ik+2Xk8h4rg144IHBZHrU78ZU sniiRGngKMGxMbMtqxnWf6qBx+4HFWGUsPhIqXwKkWUhUTqiCgjl92i4IfCBkyfLPniB 5/cA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b=WgP5884S; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Return-Path: Received: from lindbergh.monkeyblade.net (lindbergh.monkeyblade.net. [2620:137:e000::1:18]) by mx.google.com with ESMTPS id x7-20020a656aa7000000b003816043f15csi14647606pgu.849.2022.04.06.06.57.41 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 06 Apr 2022 06:57:41 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:18 as permitted sender) client-ip=2620:137:e000::1:18; Authentication-Results: mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b=WgP5884S; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by lindbergh.monkeyblade.net (Postfix) with ESMTP id 2DE532689B3; Wed, 6 Apr 2022 04:50:17 -0700 (PDT) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1343903AbiDFHLY (ORCPT + 99 others); Wed, 6 Apr 2022 03:11:24 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:56518 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1456892AbiDFGor (ORCPT ); Wed, 6 Apr 2022 02:44:47 -0400 Received: from mga18.intel.com (mga18.intel.com [134.134.136.126]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 33A15D39B1; Tue, 5 Apr 2022 21:51:04 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1649220664; x=1680756664; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=9gK6ukJipXBNl/xV9In8MOBFfm49FnqwURztoNRxISs=; b=WgP5884SOAmV69zoKxAFLYLOdoAGQ0pcE1NwgB2kX6cP47lqv1jDRCai gBt0LyaecNdTGwBKhA+PuIlRpnXcsrhl8KstAdL7+sY57hfjYdZXDHCG5 NmeZIDLITW/iz6dj/h0iUiaW1HmvAubv+l+Lx54QAN3LB5Sv1LFj7KhP6 ABtmoQOrTz9ZTrxEM2DP+2wjobVZweSUlmFFaXQIF0SDD+lYuxOvdvoGA Yo4rrMH1fqdJoS2wH5MiwNkMnrz548rJmcMceKG1q3jr5+ybeEOphjRFQ XQ19NO+6PIp1f/cEuuxVWv1U6oTdm61vFHi6HKnYZpc4T870DAnoqgoVr A==; X-IronPort-AV: E=McAfee;i="6200,9189,10308"; a="243089923" X-IronPort-AV: E=Sophos;i="5.90,239,1643702400"; d="scan'208";a="243089923" Received: from orsmga006.jf.intel.com ([10.7.209.51]) by orsmga106.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 05 Apr 2022 21:51:03 -0700 X-IronPort-AV: E=Sophos;i="5.90,239,1643702400"; d="scan'208";a="524302499" Received: from dchang1-mobl3.amr.corp.intel.com (HELO khuang2-desk.gar.corp.intel.com) ([10.254.29.17]) by orsmga006-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 05 Apr 2022 21:51:00 -0700 From: Kai Huang To: linux-kernel@vger.kernel.org, kvm@vger.kernel.org Cc: seanjc@google.com, pbonzini@redhat.com, dave.hansen@intel.com, len.brown@intel.com, tony.luck@intel.com, rafael.j.wysocki@intel.com, reinette.chatre@intel.com, dan.j.williams@intel.com, peterz@infradead.org, ak@linux.intel.com, kirill.shutemov@linux.intel.com, sathyanarayanan.kuppuswamy@linux.intel.com, isaku.yamahata@intel.com, kai.huang@intel.com Subject: [PATCH v3 20/21] x86/virt/tdx: Add kernel command line to opt-in TDX host support Date: Wed, 6 Apr 2022 16:49:32 +1200 Message-Id: <0d50d13e5f9bd590ee97ff150f1393c4d99a8fa0.1649219184.git.kai.huang@intel.com> X-Mailer: git-send-email 2.35.1 In-Reply-To: References: MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Spam-Status: No, score=-2.0 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS, MAILING_LIST_MULTI,RDNS_NONE,SPF_HELO_NONE,T_SCC_BODY_TEXT_LINE autolearn=no autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Enabling TDX consumes additional memory (used by TDX as metadata) and additional initialization time. Introduce a kernel command line to allow to opt-in TDX host kernel support when user truly wants to use TDX. Signed-off-by: Kai Huang --- Documentation/admin-guide/kernel-parameters.txt | 6 ++++++ arch/x86/virt/vmx/tdx/tdx.c | 14 ++++++++++++++ 2 files changed, 20 insertions(+) diff --git a/Documentation/admin-guide/kernel-parameters.txt b/Documentation/admin-guide/kernel-parameters.txt index 3f1cc5e317ed..cfa5b36890ea 100644 --- a/Documentation/admin-guide/kernel-parameters.txt +++ b/Documentation/admin-guide/kernel-parameters.txt @@ -5790,6 +5790,12 @@ tdfx= [HW,DRM] + tdx_host= [X86-64, TDX] + Format: {on|off} + on: Enable TDX host kernel support + off: Disable TDX host kernel support + Default is off. + test_suspend= [SUSPEND][,N] Specify "mem" (for Suspend-to-RAM) or "standby" (for standby suspend) or "freeze" (for suspend type freeze) diff --git a/arch/x86/virt/vmx/tdx/tdx.c b/arch/x86/virt/vmx/tdx/tdx.c index 031af7b83cea..fee243cd454f 100644 --- a/arch/x86/virt/vmx/tdx/tdx.c +++ b/arch/x86/virt/vmx/tdx/tdx.c @@ -116,6 +116,16 @@ static struct tdsysinfo_struct tdx_sysinfo; /* TDX global KeyID to protect TDX metadata */ static u32 tdx_global_keyid; +static bool enable_tdx_host; + +static int __init tdx_host_setup(char *s) +{ + if (!strcmp(s, "on")) + enable_tdx_host = true; + return 1; +} +__setup("tdx_host=", tdx_host_setup); + static bool __seamrr_enabled(void) { return (seamrr_mask & SEAMRR_ENABLED_BITS) == SEAMRR_ENABLED_BITS; @@ -500,6 +510,10 @@ static int detect_p_seamldr(void) static int __tdx_detect(void) { + /* Disabled by kernel command line */ + if (!enable_tdx_host) + goto no_tdx_module; + /* The TDX module is not loaded if SEAMRR is disabled */ if (!seamrr_enabled()) { pr_info("SEAMRR not enabled.\n"); -- 2.35.1