Received: by 2002:a05:6358:d09b:b0:dc:cd0c:909e with SMTP id jc27csp3593120rwb; Sun, 20 Nov 2022 17:46:44 -0800 (PST) X-Google-Smtp-Source: AA0mqf6MNbZKL30seOnWWpss6rbS13f6ywbCWIPCVW8/hr3sEBAex674D3YdHTR/CDgh5SORtjoV X-Received: by 2002:a17:906:8a4d:b0:7b5:73aa:9988 with SMTP id gx13-20020a1709068a4d00b007b573aa9988mr3741139ejc.597.1668995204689; Sun, 20 Nov 2022 17:46:44 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1668995204; cv=none; d=google.com; s=arc-20160816; b=EIcIGn2EphgUB1dJgKlYBLhwc+YbxfF9A2kWzLM7rM2n6ZRALkgIN7TwoC7vY/DSCB tnqR6pfbQbMEQOZ/9KO9NRgC/G0S6VlrPgepUWulwZKU3ipS9NmJk0j7nDT0ZYt1UqLl QqqzQvE08SwLnfiqiGcgQpRwsZl1ZRsFV3Ds3CBWZcyZVRpI4GqOWWkYkxxowFOIqEMd +kvGrkktCqVFczYdQMciN2fegMIJfMC2dXosjSHb4dZfOUBVQlVQy4hjxuRiNuqQFqXV +8I0octPZY0x3t6GiRB4/g4k3+iK4dtUDiuUP8cxakPdYe73Woocb70nfCGOKh5oMePI hKkg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=SQSQYIALcr7+N3KRl94Q53ldCN/jVs1SV6NgFtqbx8s=; b=jMxXAFRDJt2xbiPK4zdfrzVXKieSg+SIw4hZeNekipmCjDZpieOAiPrfWLYI0OxAFr h7BVTxahHxR8yyGo1xQSgMPj+Mbo9/cJ0DvL8hY6FduCyozK0RM5V4lloqxn6aIG1F8a aAZTUgWAFRM+c2rtEI7RBjk2s33JWZD+BprAOForOtPbYQvNH1WJMICkNUzCE5WZ8v0U +J8vrP7zX2zBekvOOCzgoVxeWgbqDr5BF0QzpFRifM/VYu9wH8HJ+rntWF1BgUL+gKZg +3q/Zc1JtLuW7mRvpBTuWB4lZ1uBGwbEUAOmJAL0OcHmBMHFo7U9FG3V9ci3yKXmbjb/ g1VQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b=hOxGimbe; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id ss28-20020a170907c01c00b0078b96068bc0si7155251ejc.79.2022.11.20.17.46.22; Sun, 20 Nov 2022 17:46:44 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b=hOxGimbe; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229960AbiKUA1t (ORCPT + 90 others); Sun, 20 Nov 2022 19:27:49 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:57672 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229924AbiKUA1T (ORCPT ); Sun, 20 Nov 2022 19:27:19 -0500 Received: from mga05.intel.com (mga05.intel.com [192.55.52.43]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 782212D1EE; Sun, 20 Nov 2022 16:27:10 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1668990430; x=1700526430; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=t7sPVkm/3UzeLP7VuUIOn/LR0Yeq7hatZzy8/VrnZkk=; b=hOxGimbe+IYDLQhr3uwKE5IFxlMBAttn9lWKxIlxaWliRhP2NxShVRvG gUUrmpMEsCy5fYVzeyrIh7ld9JrHQUCOAZDqfr1TtUviWAk73oWdj/JRd 8mr/iWYeNYlTd25FBXC3Ea3E/ZLtcEISYZnCRB7NtLzAoQaHLQ8YgwyuC 8ZjIQCaCj7CC9g08BBQZvjZfVV91p+JRmH8gOhRUEJUa+Anmt2+qG7O+4 ga/rHeXKuQMWD9hLgNWB0vzoJSyzKJ2xaHO4hHGBJrUrBT9Bdwh74Q1vf vlCnert/OlAyogkM2hPDV1uEKrVrkz88mEgeeoC4G+FbGFyh/vTQJftmo w==; X-IronPort-AV: E=McAfee;i="6500,9779,10537"; a="399732287" X-IronPort-AV: E=Sophos;i="5.96,180,1665471600"; d="scan'208";a="399732287" Received: from fmsmga003.fm.intel.com ([10.253.24.29]) by fmsmga105.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 20 Nov 2022 16:27:08 -0800 X-IronPort-AV: E=McAfee;i="6500,9779,10537"; a="729825206" X-IronPort-AV: E=Sophos;i="5.96,180,1665471600"; d="scan'208";a="729825206" Received: from tomnavar-mobl.amr.corp.intel.com (HELO khuang2-desk.gar.corp.intel.com) ([10.209.176.15]) by fmsmga003-auth.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 20 Nov 2022 16:27:04 -0800 From: Kai Huang To: linux-kernel@vger.kernel.org, kvm@vger.kernel.org Cc: linux-mm@kvack.org, seanjc@google.com, pbonzini@redhat.com, dave.hansen@intel.com, dan.j.williams@intel.com, rafael.j.wysocki@intel.com, kirill.shutemov@linux.intel.com, ying.huang@intel.com, reinette.chatre@intel.com, len.brown@intel.com, tony.luck@intel.com, peterz@infradead.org, ak@linux.intel.com, isaku.yamahata@intel.com, chao.gao@intel.com, sathyanarayanan.kuppuswamy@linux.intel.com, bagasdotme@gmail.com, sagis@google.com, imammedo@redhat.com, kai.huang@intel.com Subject: [PATCH v7 03/20] x86/virt/tdx: Disable TDX if X2APIC is not enabled Date: Mon, 21 Nov 2022 13:26:25 +1300 Message-Id: X-Mailer: git-send-email 2.38.1 In-Reply-To: References: MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Spam-Status: No, score=-4.4 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_MED, SPF_HELO_NONE,SPF_NONE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org The MMIO/xAPIC interface has some problems, most notably the APIC LEAK [1]. This bug allows an attacker to use the APIC MMIO interface to extract data from the SGX enclave. TDX is not immune from this either. Early check X2APIC and disable TDX if X2APIC is not enabled, and make INTEL_TDX_HOST depend on X86_X2APIC. [1]: https://aepicleak.com/aepicleak.pdf Link: https://lore.kernel.org/lkml/d6ffb489-7024-ff74-bd2f-d1e06573bb82@intel.com/ Link: https://lore.kernel.org/lkml/ba80b303-31bf-d44a-b05d-5c0f83038798@intel.com/ Signed-off-by: Kai Huang --- v6 -> v7: - Changed to use "Link" for the two lore links to get rid of checkpatch warning. --- arch/x86/Kconfig | 1 + arch/x86/virt/vmx/tdx/tdx.c | 11 +++++++++++ 2 files changed, 12 insertions(+) diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig index cced4ef3bfb2..dd333b46fafb 100644 --- a/arch/x86/Kconfig +++ b/arch/x86/Kconfig @@ -1958,6 +1958,7 @@ config INTEL_TDX_HOST depends on CPU_SUP_INTEL depends on X86_64 depends on KVM_INTEL + depends on X86_X2APIC help Intel Trust Domain Extensions (TDX) protects guest VMs from malicious host and certain physical attacks. This option enables necessary TDX diff --git a/arch/x86/virt/vmx/tdx/tdx.c b/arch/x86/virt/vmx/tdx/tdx.c index 982d9c453b6b..8d943bdc8335 100644 --- a/arch/x86/virt/vmx/tdx/tdx.c +++ b/arch/x86/virt/vmx/tdx/tdx.c @@ -12,6 +12,7 @@ #include #include #include +#include #include #include "tdx.h" @@ -81,6 +82,16 @@ static int __init tdx_init(void) goto no_tdx; } + /* + * TDX requires X2APIC being enabled to prevent potential data + * leak via APIC MMIO registers. Just disable TDX if not using + * X2APIC. + */ + if (!x2apic_enabled()) { + pr_info("Disable TDX as X2APIC is not enabled.\n"); + goto no_tdx; + } + return 0; no_tdx: clear_tdx(); -- 2.38.1