Received: by 2002:a05:6602:2086:0:0:0:0 with SMTP id a6csp4389408ioa; Wed, 27 Apr 2022 02:45:53 -0700 (PDT) X-Google-Smtp-Source: ABdhPJwRxTDwbWAzrt/1rRI3vIrvZz1lh9SI5reOXaSKWRvCMMdFyAaKj0R+XsFgMk5hcnG3SAvo X-Received: by 2002:a17:902:9b92:b0:158:57d8:3a20 with SMTP id y18-20020a1709029b9200b0015857d83a20mr27822356plp.34.1651052753610; Wed, 27 Apr 2022 02:45:53 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1651052753; cv=none; d=google.com; s=arc-20160816; b=W13eHOe3h95JSqBoCdEgSxQdL8gSM+lcr5KL5QZwcz1YCI95zWumVCh/KNWBJC9EZa +kPFVD7+3+lu8GMsZhqYQQFxAfH4dXhgCMVRA/VakldinQRnPF9oyeTFIDeFgUw0fAYU +mx5ldZXLmdeorayjO8rcILmIcAPqiwbJmvz99a8Gbvx4bTS/zSV4ahRWJfYF6vMHKQq UCFc7J8nZrIeLl+6K1tsTISOlpmPnzxoo8Me9xTi1Qo4XEnXMTRLWLZncFuqa9udyWqF /di8QqNe87eyuuAoGxhIGJ13HExSFCyAlTfht89rNMvhovxAd8q6ozWWyA1BBrL6YhMF q6ug== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :user-agent:references:in-reply-to:date:cc:to:from:subject :message-id:dkim-signature; bh=7F7J+9C+HGexc2VwbCwtz+tjAMb+YYEhHvXoJg8xJJw=; b=ogFOVC69mSQcbcdu7bOkyU7+h7Or/fzI0lHBGJKOY+4/XKMg6mVMWAT8tJt5QCJCS6 S9dZZ/TTmhZRDjnVcPnYynkzPSkYXFi/ut6jP8A4hJfLBF4IYQvA41fsnh2ZM9zVO6Og ctJMclMU9BXxkbQp2hr2fwXWZFQNJ01OQWn9pQKwy+mq1ezpqSR8mP8WO0+aMKAIflkY XYhZDgCIDPxZnAE8zLtK4blvniCbJMQrgW5R7ZUqQ/mTE8By79iun9+s60dw6rIncYli 448vI8MDiO/rex4tyHHKofpQt4YYsdDDGheSPg7R8eOzCIQTIJwjbf5kI/8gBna4dA43 Znzg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b="MpX0z/QO"; spf=softfail (google.com: domain of transitioning linux-kernel-owner@vger.kernel.org does not designate 23.128.96.19 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Return-Path: Received: from lindbergh.monkeyblade.net (lindbergh.monkeyblade.net. [23.128.96.19]) by mx.google.com with ESMTPS id f5-20020a056a00228500b0050aca65bc3dsi913766pfe.169.2022.04.27.02.45.53 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 27 Apr 2022 02:45:53 -0700 (PDT) Received-SPF: softfail (google.com: domain of transitioning linux-kernel-owner@vger.kernel.org does not designate 23.128.96.19 as permitted sender) client-ip=23.128.96.19; Authentication-Results: mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b="MpX0z/QO"; spf=softfail (google.com: domain of transitioning linux-kernel-owner@vger.kernel.org does not designate 23.128.96.19 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: from out1.vger.email (out1.vger.email [IPv6:2620:137:e000::1:20]) by lindbergh.monkeyblade.net (Postfix) with ESMTP id D457C28B108; Wed, 27 Apr 2022 02:19:51 -0700 (PDT) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1356008AbiDZXPU (ORCPT + 99 others); Tue, 26 Apr 2022 19:15:20 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:52022 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231200AbiDZXPR (ORCPT ); Tue, 26 Apr 2022 19:15:17 -0400 Received: from mga14.intel.com (mga14.intel.com [192.55.52.115]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 9A94747AC9; Tue, 26 Apr 2022 16:12:08 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1651014728; x=1682550728; h=message-id:subject:from:to:cc:date:in-reply-to: references:mime-version:content-transfer-encoding; bh=iLHhhxf0Dc+okFVyuwZr8sSvhXFcAUs/7g7/BsVGLjw=; b=MpX0z/QOWuZNkat1zij6ytnUa7ZnoQIlADeOToxL8lixgmPJJ37pOwwN /m6atAL2Cana6+hNkPrjqTxkxp63VV6WkQCftM02xbYkAozMl9mCQHHOp HANwWk4Hpoe+nQrcHeaHxZIA1tirSGehrvxB8m2pe7UThmaRtRdDYXYw6 YnB1copO5kYO7dwBxvlLK2sz0dXny6xwtPu1CWyZGAIOggRkIsxI9vrYS jqqqDsbuRWAaaVaVaNb1esqJ7F4KF74fzFOwqTF/5nMil+8awbuePkGkf 9lxtNoDLhun149YIm16/GFwe+8bD82SKiyC8NdvS+ejM4z+/ru2iWWiDr Q==; X-IronPort-AV: E=McAfee;i="6400,9594,10329"; a="265913903" X-IronPort-AV: E=Sophos;i="5.90,292,1643702400"; d="scan'208";a="265913903" Received: from fmsmga002.fm.intel.com ([10.253.24.26]) by fmsmga103.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 26 Apr 2022 16:12:08 -0700 X-IronPort-AV: E=Sophos;i="5.90,292,1643702400"; d="scan'208";a="660925377" Received: from ssaride-mobl.amr.corp.intel.com (HELO khuang2-desk.gar.corp.intel.com) ([10.254.0.221]) by fmsmga002-auth.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 26 Apr 2022 16:12:05 -0700 Message-ID: Subject: Re: [PATCH v3 01/21] x86/virt/tdx: Detect SEAM From: Kai Huang To: Dave Hansen , linux-kernel@vger.kernel.org, kvm@vger.kernel.org Cc: seanjc@google.com, pbonzini@redhat.com, len.brown@intel.com, tony.luck@intel.com, rafael.j.wysocki@intel.com, reinette.chatre@intel.com, dan.j.williams@intel.com, peterz@infradead.org, ak@linux.intel.com, kirill.shutemov@linux.intel.com, sathyanarayanan.kuppuswamy@linux.intel.com, isaku.yamahata@intel.com Date: Wed, 27 Apr 2022 11:12:03 +1200 In-Reply-To: <334c4b90-52c4-cffc-f3e2-4bd6a987eb69@intel.com> References: <334c4b90-52c4-cffc-f3e2-4bd6a987eb69@intel.com> Content-Type: text/plain; charset="UTF-8" User-Agent: Evolution 3.42.4 (3.42.4-1.fc35) MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Spam-Status: No, score=-2.5 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS, MAILING_LIST_MULTI,RDNS_NONE,SPF_HELO_NONE autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Hi Dave, Thanks for review! On Tue, 2022-04-26 at 13:21 -0700, Dave Hansen wrote: > > +config INTEL_TDX_HOST > > + bool "Intel Trust Domain Extensions (TDX) host support" > > + default n > > + depends on CPU_SUP_INTEL > > + depends on X86_64 > > + help > > + Intel Trust Domain Extensions (TDX) protects guest VMs from > > malicious > > + host and certain physical attacks. This option enables necessary > > TDX > > + support in host kernel to run protected VMs. > > + > > + If unsure, say N. > > Nothing about KVM? I'll add KVM into the context. How about below? "Intel Trust Domain Extensions (TDX) protects guest VMs from malicious host and certain physical attacks. This option enables necessary TDX support in host kernel to allow KVM to run protected VMs called Trust Domains (TD)." > > ... > > diff --git a/arch/x86/virt/vmx/tdx/tdx.c b/arch/x86/virt/vmx/tdx/tdx.c > > new file mode 100644 > > index 000000000000..03f35c75f439 > > --- /dev/null > > +++ b/arch/x86/virt/vmx/tdx/tdx.c > > @@ -0,0 +1,102 @@ > > +// SPDX-License-Identifier: GPL-2.0 > > +/* > > + * Copyright(c) 2022 Intel Corporation. > > + * > > + * Intel Trusted Domain Extensions (TDX) support > > + */ > > + > > +#define pr_fmt(fmt) "tdx: " fmt > > + > > +#include > > +#include > > +#include > > +#include > > +#include > > +#include > > +#include > > + > > +/* Support Intel Secure Arbitration Mode Range Registers (SEAMRR) */ > > +#define MTRR_CAP_SEAMRR BIT(15) > > + > > +/* Core-scope Intel SEAMRR base and mask registers. */ > > +#define MSR_IA32_SEAMRR_PHYS_BASE 0x00001400 > > +#define MSR_IA32_SEAMRR_PHYS_MASK 0x00001401 > > + > > +#define SEAMRR_PHYS_BASE_CONFIGURED BIT_ULL(3) > > +#define SEAMRR_PHYS_MASK_ENABLED BIT_ULL(11) > > +#define SEAMRR_PHYS_MASK_LOCKED BIT_ULL(10) > > + > > +#define SEAMRR_ENABLED_BITS \ > > + (SEAMRR_PHYS_MASK_ENABLED | SEAMRR_PHYS_MASK_LOCKED) > > + > > +/* BIOS must configure SEAMRR registers for all cores consistently */ > > +static u64 seamrr_base, seamrr_mask; > > + > > +static bool __seamrr_enabled(void) > > +{ > > + return (seamrr_mask & SEAMRR_ENABLED_BITS) == SEAMRR_ENABLED_BITS; > > +} > > But there's no case where seamrr_mask is non-zero and where > _seamrr_enabled(). Why bother checking the SEAMRR_ENABLED_BITS? seamrr_mask will only be non-zero when SEAMRR is enabled by BIOS, otherwise it is 0. It will also be cleared when BIOS mis-configuration is detected on any AP. SEAMRR_ENABLED_BITS is used to check whether SEAMRR is enabled. > > > +static void detect_seam_bsp(struct cpuinfo_x86 *c) > > +{ > > + u64 mtrrcap, base, mask; > > + > > + /* SEAMRR is reported via MTRRcap */ > > + if (!boot_cpu_has(X86_FEATURE_MTRR)) > > + return; > > + > > + rdmsrl(MSR_MTRRcap, mtrrcap); > > + if (!(mtrrcap & MTRR_CAP_SEAMRR)) > > + return; > > + > > + rdmsrl(MSR_IA32_SEAMRR_PHYS_BASE, base); > > + if (!(base & SEAMRR_PHYS_BASE_CONFIGURED)) { > > + pr_info("SEAMRR base is not configured by BIOS\n"); > > + return; > > + } > > + > > + rdmsrl(MSR_IA32_SEAMRR_PHYS_MASK, mask); > > + if ((mask & SEAMRR_ENABLED_BITS) != SEAMRR_ENABLED_BITS) { > > + pr_info("SEAMRR is not enabled by BIOS\n"); > > + return; > > + } > > + > > + seamrr_base = base; > > + seamrr_mask = mask; > > +} > > Comment, please. > > /* > * Stash the boot CPU's MSR values so that AP values > * can can be checked for consistency. > */ > Thanks. Will add. > > > +static void detect_seam_ap(struct cpuinfo_x86 *c) > > +{ > > + u64 base, mask; > > + > > + /* > > + * Don't bother to detect this AP if SEAMRR is not > > + * enabled after earlier detections. > > + */ > > + if (!__seamrr_enabled()) > > + return; > > + > > + rdmsrl(MSR_IA32_SEAMRR_PHYS_BASE, base); > > + rdmsrl(MSR_IA32_SEAMRR_PHYS_MASK, mask); > > + > > This is the place for a comment about why the values have to be equal. I'll add below: /* BIOS must configure SEAMRR consistently across all cores */ > > > + if (base == seamrr_base && mask == seamrr_mask) > > + return; > > + > > + pr_err("Inconsistent SEAMRR configuration by BIOS\n"); > > + /* Mark SEAMRR as disabled. */ > > + seamrr_base = 0; > > + seamrr_mask = 0; > > +} > > + > > +static void detect_seam(struct cpuinfo_x86 *c) > > +{ > > + if (c == &boot_cpu_data) > > + detect_seam_bsp(c); > > + else > > + detect_seam_ap(c); > > +} > > + > > +void tdx_detect_cpu(struct cpuinfo_x86 *c) > > +{ > > + detect_seam(c); > > +} > > The extra function looks a bit silly here now. Maybe this gets filled > out later, but it's goofy-looking here. Thomas suggested to put all TDX detection related in one function call, so I added tdx_detect_cpu(). I'll move this to the next patch when detecting TDX KeyIDs.