Received: by 2002:a19:f614:0:0:0:0:0 with SMTP id x20csp65146lfe;
        Fri, 15 Apr 2022 19:45:23 -0700 (PDT)
X-Google-Smtp-Source: ABdhPJxTuxv4nf4AtmqkJ8fV4p5jfPl09ncx4Ux2bgJd9yM9wLgcbjPka2HPtEYC1wr4g6B86qak
X-Received: by 2002:a17:902:728f:b0:156:24d3:ae1a with SMTP id d15-20020a170902728f00b0015624d3ae1amr1840337pll.9.1650077123506;
        Fri, 15 Apr 2022 19:45:23 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1650077123; cv=none;
        d=google.com; s=arc-20160816;
        b=sf4ER1AVNq0ZJwIykYxTgSV6gKZ3etmwfSBQE3QMLVT+GgCSR+uVac2l3Fj1jnA0+r
         ZEXmGZXoSZKPgs/Da+1Me/teE3XDhmvNDRtpEuiRhEyHRCxxV5VKmhRoCuud+GDK0DjZ
         1mb6YdAuB30/e1pu2JjRWCeVi8dmAeciJOhboM6UUBhg1TGTPEJIdXOkAvfoYvv4Pgiw
         5vh75Peff+gj8iZ9pcZ2oxQGxB1geo539LoDc/iuqLdTcDiyEZxszw7Sr/rfFK34OVgP
         2nvV/FfqzOCVuMfqPLnZwybBxIpsUbVKkZUSl3EQC2iT5oZFDOBV+QPVYaIZpN1TPTSX
         BCOQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:content-transfer-encoding:in-reply-to:from
         :references:cc:to:content-language:subject:user-agent:mime-version
         :date:message-id:sender:dkim-signature;
        bh=y9bMKIoMA4ZWyNr76PabwIny+psaRVtbI7l3QYKzBGY=;
        b=lmExUhKA+hqbxiDs3Ff1FX6N9DjGXbLqHZZqyCA+TeovbxFPLvjQk/RsmYIrHmro7a
         98JXCLC9hkXR6DN0rjOkhzrTPGRDdPPdYsaj9geGIFYRbwgVtZh4NdwUa2pdkXD83wS5
         nZaGPmglk+94tcJM/G9V0ZADOO4FGiNaya6CybBJJAC7S/UDIguj87b+vJ8n8PsxmlJc
         eyrpMGl7KhN2T4wIAzPZavJhpcZe0OoWlT90ymr+JI6Sw8LYoVQwWzAZLCKom6Tj9uJZ
         LK9q5cDpvG6kSH0iZQoVp2dBjelJApSAv6hFsmOD9kAlrg5X7ecXvkCyxj00ljA8ijaW
         UZEw==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@gmail.com header.s=20210112 header.b=WrfxT9w7;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=redhat.com
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from lindbergh.monkeyblade.net (lindbergh.monkeyblade.net. [2620:137:e000::1:18])
        by mx.google.com with ESMTPS id b7-20020a056a00114700b005059288dd41si3042347pfm.271.2022.04.15.19.45.23
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Fri, 15 Apr 2022 19:45:23 -0700 (PDT)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:18 as permitted sender) client-ip=2620:137:e000::1:18;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@gmail.com header.s=20210112 header.b=WrfxT9w7;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=redhat.com
Received: from vger.kernel.org (vger.kernel.org [23.128.96.18])
	by lindbergh.monkeyblade.net (Postfix) with ESMTP id 73C10197AFE;
	Fri, 15 Apr 2022 18:52:40 -0700 (PDT)
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1354158AbiDONyu (ORCPT <rfc822;42.hyeyoo@gmail.com> + 99 others);
        Fri, 15 Apr 2022 09:54:50 -0400
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:59400 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1354157AbiDONyt (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Fri, 15 Apr 2022 09:54:49 -0400
Received: from mail-ej1-x634.google.com (mail-ej1-x634.google.com [IPv6:2a00:1450:4864:20::634])
        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 8442DBC856;
        Fri, 15 Apr 2022 06:52:20 -0700 (PDT)
Received: by mail-ej1-x634.google.com with SMTP id i27so15466357ejd.9;
        Fri, 15 Apr 2022 06:52:20 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20210112;
        h=sender:message-id:date:mime-version:user-agent:subject
         :content-language:to:cc:references:from:in-reply-to
         :content-transfer-encoding;
        bh=y9bMKIoMA4ZWyNr76PabwIny+psaRVtbI7l3QYKzBGY=;
        b=WrfxT9w7Xdhji7RtpZX1oY7/s8uJg2kgLfnL3b6m8oCjCAI71ddOuNXAYx/YQpt+46
         QSVQhfHGmfh+BJRtMzLFXhE+23lJfpf3/8mE59bikRDPbUzYp37yynqVA0cOsnduKfkf
         Vdj4BHMWS6MkLiuSI8AUTwQfdzZInroEwhfSXmmMmMSda4JTUzanJDWfhIm1JrqzTlo0
         GWMMjDbG9su97cr30EVxDw7rQCtt0/9ay4l6NOLMHRf14mp5Tw5bOzyYHnbqSj3Tp3sm
         oksZnGQVbzJ7UVNJ11e/UAImQelQf+B6GuimWIea5h7geVMl7k/bvrAzQq8JWCLKRYlM
         HqxA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20210112;
        h=x-gm-message-state:sender:message-id:date:mime-version:user-agent
         :subject:content-language:to:cc:references:from:in-reply-to
         :content-transfer-encoding;
        bh=y9bMKIoMA4ZWyNr76PabwIny+psaRVtbI7l3QYKzBGY=;
        b=ausbNNtMRk22RAOkdpaWcQ2+UljbUlQ1TzaRpKfZ1z0evpHLyVkcmP+T7h/t3HNt17
         Mvjx0BjwAz7fOTHt9Od7LtB3KAze9Vgnx2ZjSpJ1YdtRmFdLCch5Qe026QWQw7mmbzl2
         gNf1OPx7T+FboXEQA9ZhPwq1+pR0F+M2aNjR0aqiorLUh10rc0IyO4zTG4nJ7714TLH2
         v9LwGWlwfIdRqnMRa9k9qxAg6AzQ3/GmzLpopFD3phg78duYIpfiKZGMybPNX4zW6wbZ
         3SiJT/wfr8o8/qVlEKVeXDn+J9FgaRNgUG40lbc3ArcsPdf1/EOIqpV5zdv3WZN8Ep3w
         Bo/w==
X-Gm-Message-State: AOAM531UTUCe/b0Iq8EXHOuFRsCZ5pABPMrFBV/RZx+n+FSNnDoL8d3Z
        EginXjVkgmcaeRNfqOsA9oBieUlrjZQpEQ==
X-Received: by 2002:a17:907:3da5:b0:6e8:c2c8:1f18 with SMTP id he37-20020a1709073da500b006e8c2c81f18mr6298391ejc.728.1650030738952;
        Fri, 15 Apr 2022 06:52:18 -0700 (PDT)
Received: from ?IPV6:2001:b07:add:ec09:c399:bc87:7b6c:fb2a? ([2001:b07:add:ec09:c399:bc87:7b6c:fb2a])
        by smtp.googlemail.com with ESMTPSA id r29-20020a50c01d000000b00415fb0dc793sm2781482edb.47.2022.04.15.06.52.15
        (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128);
        Fri, 15 Apr 2022 06:52:18 -0700 (PDT)
Sender: Paolo Bonzini <paolo.bonzini@gmail.com>
Message-ID: <d95791fc-a278-9002-2f12-6aeaa1d1e47f@redhat.com>
Date:   Fri, 15 Apr 2022 15:52:14 +0200
MIME-Version: 1.0
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:91.0) Gecko/20100101
 Thunderbird/91.7.0
Subject: Re: [RFC PATCH v5 061/104] KVM: TDX: Finalize VM initialization
Content-Language: en-US
To:     isaku.yamahata@intel.com, kvm@vger.kernel.org,
        linux-kernel@vger.kernel.org
Cc:     isaku.yamahata@gmail.com, Jim Mattson <jmattson@google.com>,
        erdemaktas@google.com, Connor Kuehl <ckuehl@redhat.com>,
        Sean Christopherson <seanjc@google.com>
References: <cover.1646422845.git.isaku.yamahata@intel.com>
 <83768bf0f786d24f49d9b698a45ba65441ef5ef0.1646422845.git.isaku.yamahata@intel.com>
From:   Paolo Bonzini <pbonzini@redhat.com>
In-Reply-To: <83768bf0f786d24f49d9b698a45ba65441ef5ef0.1646422845.git.isaku.yamahata@intel.com>
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 7bit
X-Spam-Status: No, score=-5.7 required=5.0 tests=BAYES_00,DKIM_SIGNED,
	DKIM_VALID,HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI,
	NICE_REPLY_A,RDNS_NONE,SPF_HELO_NONE,T_SCC_BODY_TEXT_LINE
	autolearn=unavailable autolearn_force=no version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on
	lindbergh.monkeyblade.net
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On 3/4/22 20:49, isaku.yamahata@intel.com wrote:
> From: Isaku Yamahata <isaku.yamahata@intel.com>
> 
> To protect the initial contents of the guest TD, the TDX module measures
> the guest TD during the build process as SHA-384 measurement.  The
> measurement of the guest TD contents needs to be completed to make the
> guest TD ready to run.
> 
> Add a new subcommand, KVM_TDX_FINALIZE_VM, for VM-scoped
> KVM_MEMORY_ENCRYPT_OP to finalize the measurement and mark the TDX VM ready
> to run.
> 
> Signed-off-by: Isaku Yamahata <isaku.yamahata@intel.com>
> ---
>   arch/x86/include/uapi/asm/kvm.h       |  1 +
>   arch/x86/kvm/vmx/tdx.c                | 21 +++++++++++++++++++++
>   tools/arch/x86/include/uapi/asm/kvm.h |  1 +
>   3 files changed, 23 insertions(+)
> 
> diff --git a/arch/x86/include/uapi/asm/kvm.h b/arch/x86/include/uapi/asm/kvm.h
> index 77f46260d868..943219a08fcd 100644
> --- a/arch/x86/include/uapi/asm/kvm.h
> +++ b/arch/x86/include/uapi/asm/kvm.h
> @@ -534,6 +534,7 @@ enum kvm_tdx_cmd_id {
>   	KVM_TDX_INIT_VM,
>   	KVM_TDX_INIT_VCPU,
>   	KVM_TDX_INIT_MEM_REGION,
> +	KVM_TDX_FINALIZE_VM,
>   
>   	KVM_TDX_CMD_NR_MAX,
>   };
> diff --git a/arch/x86/kvm/vmx/tdx.c b/arch/x86/kvm/vmx/tdx.c
> index cd726c41d362..85d5f961d97e 100644
> --- a/arch/x86/kvm/vmx/tdx.c
> +++ b/arch/x86/kvm/vmx/tdx.c
> @@ -1103,6 +1103,24 @@ static int tdx_init_mem_region(struct kvm *kvm, struct kvm_tdx_cmd *cmd)
>   	return ret;
>   }
>   
> +static int tdx_td_finalizemr(struct kvm *kvm)
> +{
> +	struct kvm_tdx *kvm_tdx = to_kvm_tdx(kvm);
> +	u64 err;
> +
> +	if (!is_td_initialized(kvm) || is_td_finalized(kvm_tdx))
> +		return -EINVAL;
> +
> +	err = tdh_mr_finalize(kvm_tdx->tdr.pa);
> +	if (WARN_ON_ONCE(err)) {
> +		pr_tdx_error(TDH_MR_FINALIZE, err, NULL);
> +		return -EIO;
> +	}
> +
> +	kvm_tdx->finalized = true;
> +	return 0;
> +}
> +
>   int tdx_vm_ioctl(struct kvm *kvm, void __user *argp)
>   {
>   	struct kvm_tdx_cmd tdx_cmd;
> @@ -1123,6 +1141,9 @@ int tdx_vm_ioctl(struct kvm *kvm, void __user *argp)
>   	case KVM_TDX_INIT_MEM_REGION:
>   		r = tdx_init_mem_region(kvm, &tdx_cmd);
>   		break;
> +	case KVM_TDX_FINALIZE_VM:
> +		r = tdx_td_finalizemr(kvm);
> +		break;
>   	default:
>   		r = -EINVAL;
>   		goto out;
> diff --git a/tools/arch/x86/include/uapi/asm/kvm.h b/tools/arch/x86/include/uapi/asm/kvm.h
> index 77f46260d868..943219a08fcd 100644
> --- a/tools/arch/x86/include/uapi/asm/kvm.h
> +++ b/tools/arch/x86/include/uapi/asm/kvm.h
> @@ -534,6 +534,7 @@ enum kvm_tdx_cmd_id {
>   	KVM_TDX_INIT_VM,
>   	KVM_TDX_INIT_VCPU,
>   	KVM_TDX_INIT_MEM_REGION,
> +	KVM_TDX_FINALIZE_VM,
>   
>   	KVM_TDX_CMD_NR_MAX,
>   };

Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>

Note however that errors should be passed back in the struct.

Paolo