Received: by 2002:a6b:500f:0:0:0:0:0 with SMTP id e15csp2362519iob; Fri, 6 May 2022 00:31:43 -0700 (PDT) X-Google-Smtp-Source: ABdhPJyHgNzKqRSTmyMJr0wpAgZgNJv/TnL/4OiNP66St8Cmfp7p5JnCWRY6GvQYJLF3FXPKQAsc X-Received: by 2002:a63:1907:0:b0:39d:4f3:6dd8 with SMTP id z7-20020a631907000000b0039d04f36dd8mr1684720pgl.447.1651822303030; Fri, 06 May 2022 00:31:43 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1651822303; cv=none; d=google.com; s=arc-20160816; b=G45uDr2xc2kK7BqH1rTIfw742i74kYWDw4bTvVUr5Xxc/RtlaUiMRj4Oxrqfw4r1JU Uz8Fq7nUPA1xalqF6LU7iXhOiSAmad7ANUq8yZEhvyhb+POC+4+Hf6Qhu1m4N5gEHK7j D7MfN38E5Dz8Dbvw0L9VBLtfHcXof+pz9/DO9ddxJbUwOSxWFlvfPD01XsNfAGgW8yEP TAVdVDa3TC6p8bBg/f0kCE6cLyEN9XQq3g7FJsPPXDJdCN7nDGigGrFXNvvxMiNAFhC6 fnMa2KSNX9ILzO7jFS42rqqY+X5NH5vbZ4Wwp+KtofrWnjsIwqCHgX/2Ok9gLWGiX8gm 4vGA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=VQBCz/Th1njBGlyOZiADRFRs2RcrzO6Shx3cCp5mOcg=; b=qiiBqRAVh0HgIS6oI4Ve1buXdPb6DuQnd1XiJ2q1XzIR5nuUDP2JriPE9w8CjhLrU4 nawWO37IR/2ASU0Y6RSiAV8PBRGfF9GA83OVSy793dwf+EweagXE8BJ45PWle5DIP1yb khP/oYpHykMDAXSBI8j/g5q0xlwmoTS30/PMHUyPIJqTRVUzZ9p/qX3IDF0Pzz+uOP0J 12DuLXb9a+IKQfHrhHDGef7b+V47XB5sdNcErm/6mP9/eXXl0KSjwVaOtX6pKNrWCbOm prcDQxXjP1SLSrHJ4+MT5p47U+E0Jhzt8GpfCser+Q5iztCkI4f6iAWC17r1wgpxSjn1 bPww== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b=kJYkWjbP; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id j12-20020a170903024c00b0015e850db0ebsi1599930plh.494.2022.05.06.00.31.27; Fri, 06 May 2022 00:31:43 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b=kJYkWjbP; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1384360AbiEES3R (ORCPT + 99 others); Thu, 5 May 2022 14:29:17 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:36396 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1383173AbiEESTl (ORCPT ); Thu, 5 May 2022 14:19:41 -0400 Received: from mga06.intel.com (mga06b.intel.com [134.134.136.31]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id D682819C33; Thu, 5 May 2022 11:15:49 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1651774549; x=1683310549; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=ApxzvG9f2c2buqwxf9g/IY+QsPLdO7qoBpdMaSG3x0c=; b=kJYkWjbPjcQRcjLVIyMVwjS5dmLk3KGahqqYodr1btfC6P/0zZcHW3uL Zkmup/WEH72NC9lSGJ45/B57m7+fTV0XRvZS98iB8Km3y4MLlZVzOXn/L Q508/lo6/EBR1PeR2yLa7KMH3m5ZEvH61KkNU0IgABCmf3LGor6JGDI89 CJqqfBy1ufAVdLiaGn5q6jPxEeim0pVviZPVCQjXRwFZCBAplGYJ9LKHp 3b4y0/Yd8VRZTBWLHe9WhW92EsSr1PrZH7Crrwf6wVEiSb/MwbjpcD2mt Qb0aDO9CLeLf8DCvdxmn+KeyxrnfHteuzIjM0Q4xghcwCmzdMFxt9IIjv Q==; X-IronPort-AV: E=McAfee;i="6400,9594,10338"; a="328746251" X-IronPort-AV: E=Sophos;i="5.91,202,1647327600"; d="scan'208";a="328746251" Received: from fmsmga002.fm.intel.com ([10.253.24.26]) by orsmga104.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 05 May 2022 11:15:42 -0700 X-IronPort-AV: E=Sophos;i="5.91,202,1647327600"; d="scan'208";a="665083197" Received: from ls.sc.intel.com (HELO localhost) ([143.183.96.54]) by fmsmga002-auth.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 05 May 2022 11:15:42 -0700 From: isaku.yamahata@intel.com To: kvm@vger.kernel.org, linux-kernel@vger.kernel.org Cc: isaku.yamahata@intel.com, isaku.yamahata@gmail.com, Paolo Bonzini , erdemaktas@google.com, Sean Christopherson , Sagi Shahar Subject: [RFC PATCH v6 021/104] x86/cpu: Add helper functions to allocate/free TDX private host key id Date: Thu, 5 May 2022 11:14:15 -0700 Message-Id: <37cbab674de44e0563f81cbe147216a9031a1704.1651774250.git.isaku.yamahata@intel.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: References: MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Spam-Status: No, score=-3.4 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_LOW, SPF_HELO_NONE,SPF_NONE,T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org From: Isaku Yamahata TDX private host key id is assigned to guest TD. The memory controller encrypts guest TD memory with the assigned TDX private host key id (HIKD). Add helper functions to allocate/free TDX private host key id so that TDX KVM manage it. Also export the global TDX private host key id that is used to encrypt TDX module, its memory and some dynamic data (TDR). When VMM releasing encrypted page to reuse it, the page needs to be flushed with the used host key id. VMM needs the global TDX private host key id to flush such pages TDX module accesses with the global TDX private host key id. Signed-off-by: Isaku Yamahata --- arch/x86/include/asm/tdx.h | 7 +++++++ arch/x86/virt/vmx/tdx/tdx.c | 33 ++++++++++++++++++++++++++++++++- 2 files changed, 39 insertions(+), 1 deletion(-) diff --git a/arch/x86/include/asm/tdx.h b/arch/x86/include/asm/tdx.h index 3a4fb2844f66..7da43ed0e216 100644 --- a/arch/x86/include/asm/tdx.h +++ b/arch/x86/include/asm/tdx.h @@ -149,6 +149,10 @@ int tdx_detect(void); int tdx_init(void); bool platform_has_tdx(void); const struct tdsysinfo_struct *tdx_get_sysinfo(void); +u32 tdx_get_global_keyid(void); +int tdx_keyid_alloc(void); +void tdx_keyid_free(int keyid); + u64 __seamcall(u64 op, u64 rcx, u64 rdx, u64 r8, u64 r9, struct tdx_module_output *out); #else @@ -159,6 +163,9 @@ static inline int tdx_init(void) { return -ENODEV; } static inline bool platform_has_tdx(void) { return false; } struct tdsysinfo_struct; static inline const struct tdsysinfo_struct *tdx_get_sysinfo(void) { return NULL; } +static inline u32 tdx_get_global_keyid(void) { return 0; }; +static inline int tdx_keyid_alloc(void) { return -EOPNOTSUPP; } +static inline void tdx_keyid_free(int keyid) { } #endif /* CONFIG_INTEL_TDX_HOST */ #endif /* !__ASSEMBLY__ */ diff --git a/arch/x86/virt/vmx/tdx/tdx.c b/arch/x86/virt/vmx/tdx/tdx.c index 1ef22c445126..799a26e56f11 100644 --- a/arch/x86/virt/vmx/tdx/tdx.c +++ b/arch/x86/virt/vmx/tdx/tdx.c @@ -114,7 +114,13 @@ static int tdx_cmr_num; static struct tdsysinfo_struct tdx_sysinfo; /* TDX global KeyID to protect TDX metadata */ -static u32 tdx_global_keyid; +static u32 __read_mostly tdx_global_keyid; + +u32 tdx_get_global_keyid(void) +{ + return tdx_global_keyid; +} +EXPORT_SYMBOL_GPL(tdx_get_global_keyid); static bool enable_tdx_host; @@ -191,6 +197,31 @@ static void detect_seam(struct cpuinfo_x86 *c) detect_seam_ap(c); } +/* TDX KeyID pool */ +static DEFINE_IDA(tdx_keyid_pool); + +int tdx_keyid_alloc(void) +{ + if (WARN_ON_ONCE(!tdx_keyid_start || !tdx_keyid_num)) + return -EINVAL; + + /* The first keyID is reserved for the global key. */ + return ida_alloc_range(&tdx_keyid_pool, tdx_keyid_start + 1, + tdx_keyid_start + tdx_keyid_num - 1, + GFP_KERNEL); +} +EXPORT_SYMBOL_GPL(tdx_keyid_alloc); + +void tdx_keyid_free(int keyid) +{ + /* keyid = 0 is reserved. */ + if (!keyid || keyid <= 0) + return; + + ida_free(&tdx_keyid_pool, keyid); +} +EXPORT_SYMBOL_GPL(tdx_keyid_free); + static void detect_tdx_keyids_bsp(struct cpuinfo_x86 *c) { u64 keyid_part; -- 2.25.1