Received: by 2002:a05:6358:d09b:b0:dc:cd0c:909e with SMTP id jc27csp7149299rwb; Wed, 23 Nov 2022 02:55:51 -0800 (PST) X-Google-Smtp-Source: AA0mqf7t5vS6lNio2gOsfBWgcNS8Uj0u47d+ZzEzy1cqnKUrgHL9mRj01qKyE7L+uUvrg404Q1Jb X-Received: by 2002:aa7:c587:0:b0:469:3d58:20a5 with SMTP id g7-20020aa7c587000000b004693d5820a5mr9520828edq.136.1669200950960; Wed, 23 Nov 2022 02:55:50 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1669200950; cv=none; d=google.com; s=arc-20160816; b=Athdgh65MrVtwcpdZrFaI4vLXXFZfgBBCPgBnXVdAQdVI8RgfEtYOivOnQrjjye0yD WCf0adGwJ6C2QPGyw+OnsiBEdkW5rwMn7UDKSXgg3UH2ONJ6MXXOwoI8lcvettEGqzGI MUqbkG3TqLDSW6/Nf52C4urfsyHYoA6fpzxi8UYcA2/L7cMHQ6ZeFJHJPn6W2UueRkux rwA2NzNXTGrRdmnHUJKo2XC684toRBWXOBmlzWz+qdqYdTE5l/SCw5y3FYA7AGKm5yMT zhREnuXslwUGkLp8SLP91NLfRYX0gh9xF2pSHXde/MxP8lVdepFde3MOKJa3jRcVCP6T WInQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:subject:cc:to:date:from :dkim-signature; bh=jJPLqeQj0GrEBh1zsO9U4DPAemzj7HCMiVvwQQPeYf0=; b=n1CjDlUQoehj5yDmbXSIW5+65ann5MeDsnKISzR1ENYHusjCC4Iutpk4paUfyRYXWQ s8myyWUoka2vfo1WOx81io77ikOJ0JWiOeiVS15VqIcThDhqY3s+6CNNjs7cZtqiwvS8 jD7kjxCZ4sVIzjqWeTABYekHzXLeOe+dXExex16ySHqjThiFKrK9nNBOnJVZnKU2zChX 5wIANc4W/Cf3LDNwVIH9krmcv/nREQb57J9Z3thMk283y+3Poqxt6jFlWOTrqvMB5wj1 l0fIapnk7JQApSwG9TORPqW6OSVAzIPL11JNhQk1FTCAJqAFQ9wwmhdrzn1inX83Pxcf DOVA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@gmail.com header.s=20210112 header.b=gN3yWRSQ; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id j27-20020a170906279b00b0073155abc1b8si10292567ejc.154.2022.11.23.02.55.28; Wed, 23 Nov 2022 02:55:50 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@gmail.com header.s=20210112 header.b=gN3yWRSQ; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S236748AbiKWKMK (ORCPT + 88 others); Wed, 23 Nov 2022 05:12:10 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:39560 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S236683AbiKWKL0 (ORCPT ); Wed, 23 Nov 2022 05:11:26 -0500 Received: from mail-lf1-x133.google.com (mail-lf1-x133.google.com [IPv6:2a00:1450:4864:20::133]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 4A28E9FD2; Wed, 23 Nov 2022 02:00:54 -0800 (PST) Received: by mail-lf1-x133.google.com with SMTP id g12so27438962lfh.3; Wed, 23 Nov 2022 02:00:54 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:subject:cc:to:date:from:from:to:cc:subject:date :message-id:reply-to; bh=jJPLqeQj0GrEBh1zsO9U4DPAemzj7HCMiVvwQQPeYf0=; b=gN3yWRSQ76Vj45ACuHEW+VIsj6LFa1+amg+pNftOeV41XeNGJBEeLL/gRI6z642A7V Yi6ac9grKs0ywoITtwhYSgGIrHQA9IWKiSarIlGOpdSMJdzc7UnC7lVUFLvruAkfUOv9 uPkex/yPbtenAd4F6O9mhBAMhmG4ep5BDZS9WDZM84NU9zywJD9bKEjfVK2fuzshuQEl bnV5+l2uP9bbvhPl7ee9WMokl5VRTmwGxajzBqS9MDIPBGDPJ8VgQeXDx/TY5C7KJyOl vHsLpzwzOdW640VzILFbFsjr1eVXQsi+kAftGR5q2Xhw72HRyCpNJ9mcKz85i4gEVylq qKvQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:subject:cc:to:date:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=jJPLqeQj0GrEBh1zsO9U4DPAemzj7HCMiVvwQQPeYf0=; b=GYMptQjO1uhKoByBDIAcciC39r4TLjXv2oZEs5BQ52qJK9aWyNphX4GvXNdK27riIm xJ8qqj8l75aZy+oC45BpGIS1MoDvRZnm0XZaZLx2JKxhgVJeA75EHK1n/KyWFaq16uDP I7d+zy+1xd4VJb60v2F6E7qqjLgDpqaSBT572R1jydUUP/tguKo0btLwwGMJ0BHdAIyD D+UQ3uld96qJIOlHxfEIWww5XaDO1MclXAfaNQwaQLxvX5SCuKtBWBE7d+Cn+pKrektG 3B/baw7JIj1c6bmTxG178J4ZbxLHk9lkQGQ4cAo7Hm3ToLSLh/enlcT1OcUiNOJOaOK7 UFPw== X-Gm-Message-State: ANoB5pmmpQVDvLuonepKdV8GVwfLexyahFts8eYGvS3vHbrHrvOBE1d6 cfNUZn43uirxCl8+CaUH8QU= X-Received: by 2002:a05:6512:3e6:b0:4aa:f1f2:ad77 with SMTP id n6-20020a05651203e600b004aaf1f2ad77mr5862582lfq.171.1669197652453; Wed, 23 Nov 2022 02:00:52 -0800 (PST) Received: from localhost (88-115-161-74.elisa-laajakaista.fi. [88.115.161.74]) by smtp.gmail.com with ESMTPSA id q3-20020a056512210300b004a8b9c68728sm2857935lfr.105.2022.11.23.02.00.52 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 23 Nov 2022 02:00:52 -0800 (PST) From: Zhi Wang X-Google-Original-From: Zhi Wang Date: Wed, 23 Nov 2022 12:00:47 +0200 To: isaku.yamahata@intel.com Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org, isaku.yamahata@gmail.com, Paolo Bonzini , erdemaktas@google.com, Sean Christopherson , Sagi Shahar , David Matlack , Sean Christopherson , zhi.a.wang@intel.com Subject: Re: [PATCH v10 011/108] KVM: TDX: Add C wrapper functions for SEAMCALLs to the TDX module Message-ID: <20221123120047.00001a9d@gmail.com> In-Reply-To: <5f1a80e9ab037fa88d8821a6548638d282070f1d.1667110240.git.isaku.yamahata@intel.com> References: <5f1a80e9ab037fa88d8821a6548638d282070f1d.1667110240.git.isaku.yamahata@intel.com> X-Mailer: Claws Mail 4.1.0 (GTK 3.24.33; x86_64-w64-mingw32) MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,FREEMAIL_FROM, RCVD_IN_DNSWL_NONE,SPF_HELO_NONE,SPF_PASS autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Sat, 29 Oct 2022 23:22:12 -0700 isaku.yamahata@intel.com wrote: > From: Isaku Yamahata > > A VMM interacts with the TDX module using a new instruction > (SEAMCALL). A TDX VMM uses SEAMCALLs where a VMX VMM would have > directly interacted with VMX instructions. For instance, a TDX VMM > does not have full access to the VM control structure corresponding > to VMX VMCS. Instead, a VMM induces the TDX module to act on behalf > via SEAMCALLs. > > Export __seamcall and define C wrapper functions for SEAMCALLs for > readability. Some SEAMCALL APIs donates pages to TDX module or guest > TD. The pages are encrypted with TDX private host key id set in high It seems a little bit confusing here. I guess you are talking about the host pages donated to TDX module will be encrypted with TDX module global key id, which is used to encrypted the pages only used by TDX module. For pages donated to the TD guest, the pages are encrypted with TD guest prviate key id? It might be better that you can talk about the actual reaason instead of the key id stuff. For example Some SEMCALL APIs will zap or write the pages donated by VMM via MOVDIR64B, which requires the VMM to flush the cachelines. > bits of physical address. If any modified cache lines may exit for typo exit->exist > these pages, flush them to memory by clflush_cache_range(). > > Signed-off-by: Sean Christopherson > Signed-off-by: Isaku Yamahata > --- > arch/x86/include/asm/tdx.h | 2 + > arch/x86/kvm/vmx/tdx_ops.h | 185 > +++++++++++++++++++++++++++++++ arch/x86/virt/vmx/tdx/seamcall.S | > 2 + 3 files changed, 189 insertions(+) > create mode 100644 arch/x86/kvm/vmx/tdx_ops.h > > diff --git a/arch/x86/include/asm/tdx.h b/arch/x86/include/asm/tdx.h > index 5cff7ed5b11e..ba2e4c69fb9f 100644 > --- a/arch/x86/include/asm/tdx.h > +++ b/arch/x86/include/asm/tdx.h > @@ -186,6 +186,8 @@ struct tdsysinfo_struct { > const struct tdsysinfo_struct *tdx_get_sysinfo(void); > bool platform_tdx_enabled(void); > int tdx_enable(void); > +u64 __seamcall(u64 op, u64 rcx, u64 rdx, u64 r8, u64 r9, > + struct tdx_module_output *out); > #else /* !CONFIG_INTEL_TDX_HOST */ > struct tdsysinfo_struct; > static inline const struct tdsysinfo_struct *tdx_get_sysinfo(void) { > return NULL; } diff --git a/arch/x86/kvm/vmx/tdx_ops.h > b/arch/x86/kvm/vmx/tdx_ops.h new file mode 100644 > index 000000000000..85adbf49c277 > --- /dev/null > +++ b/arch/x86/kvm/vmx/tdx_ops.h > @@ -0,0 +1,185 @@ > +/* SPDX-License-Identifier: GPL-2.0 */ > +/* constants/data definitions for TDX SEAMCALLs */ > + > +#ifndef __KVM_X86_TDX_OPS_H > +#define __KVM_X86_TDX_OPS_H > + > +#include > + > +#include > +#include > +#include > + > +#include "tdx_errno.h" > +#include "tdx_arch.h" > + > +#ifdef CONFIG_INTEL_TDX_HOST > + > +static inline u64 tdh_mng_addcx(hpa_t tdr, hpa_t addr) > +{ > + clflush_cache_range(__va(addr), PAGE_SIZE); > + return __seamcall(TDH_MNG_ADDCX, addr, tdr, 0, 0, NULL); > +} > + > +static inline u64 tdh_mem_page_add(hpa_t tdr, gpa_t gpa, hpa_t hpa, > hpa_t source, > + struct tdx_module_output *out) > +{ > + clflush_cache_range(__va(hpa), PAGE_SIZE); > + return __seamcall(TDH_MEM_PAGE_ADD, gpa, tdr, hpa, source, > out); +} > + > +static inline u64 tdh_mem_sept_add(hpa_t tdr, gpa_t gpa, int level, > hpa_t page, > + struct tdx_module_output *out) > +{ > + clflush_cache_range(__va(page), PAGE_SIZE); > + return __seamcall(TDH_MEM_SEPT_ADD, gpa | level, tdr, page, > 0, out); +} > + > +static inline u64 tdh_mem_sept_remove(hpa_t tdr, gpa_t gpa, int > level, > + struct tdx_module_output *out) > +{ > + return __seamcall(TDH_MEM_SEPT_REMOVE, gpa | level, tdr, 0, > 0, out); +} > + > +static inline u64 tdh_vp_addcx(hpa_t tdvpr, hpa_t addr) > +{ > + clflush_cache_range(__va(addr), PAGE_SIZE); > + return __seamcall(TDH_VP_ADDCX, addr, tdvpr, 0, 0, NULL); > +} > + > +static inline u64 tdh_mem_page_relocate(hpa_t tdr, gpa_t gpa, hpa_t > hpa, > + struct tdx_module_output > *out) +{ > + clflush_cache_range(__va(hpa), PAGE_SIZE); > + return __seamcall(TDH_MEM_PAGE_RELOCATE, gpa, tdr, hpa, 0, > out); +} > + > +static inline u64 tdh_mem_page_aug(hpa_t tdr, gpa_t gpa, hpa_t hpa, > + struct tdx_module_output *out) > +{ > + clflush_cache_range(__va(hpa), PAGE_SIZE); > + return __seamcall(TDH_MEM_PAGE_AUG, gpa, tdr, hpa, 0, out); > +} > + > +static inline u64 tdh_mem_range_block(hpa_t tdr, gpa_t gpa, int > level, > + struct tdx_module_output *out) > +{ > + return __seamcall(TDH_MEM_RANGE_BLOCK, gpa | level, tdr, 0, > 0, out); +} > + > +static inline u64 tdh_mng_key_config(hpa_t tdr) > +{ > + return __seamcall(TDH_MNG_KEY_CONFIG, tdr, 0, 0, 0, NULL); > +} > + > +static inline u64 tdh_mng_create(hpa_t tdr, int hkid) > +{ > + clflush_cache_range(__va(tdr), PAGE_SIZE); > + return __seamcall(TDH_MNG_CREATE, tdr, hkid, 0, 0, NULL); > +} > + > +static inline u64 tdh_vp_create(hpa_t tdr, hpa_t tdvpr) > +{ > + clflush_cache_range(__va(tdvpr), PAGE_SIZE); > + return __seamcall(TDH_VP_CREATE, tdvpr, tdr, 0, 0, NULL); > +} > + > +static inline u64 tdh_mng_rd(hpa_t tdr, u64 field, struct > tdx_module_output *out) +{ > + return __seamcall(TDH_MNG_RD, tdr, field, 0, 0, out); > +} > + > +static inline u64 tdh_mr_extend(hpa_t tdr, gpa_t gpa, > + struct tdx_module_output *out) > +{ > + return __seamcall(TDH_MR_EXTEND, gpa, tdr, 0, 0, out); > +} > + > +static inline u64 tdh_mr_finalize(hpa_t tdr) > +{ > + return __seamcall(TDH_MR_FINALIZE, tdr, 0, 0, 0, NULL); > +} > + > +static inline u64 tdh_vp_flush(hpa_t tdvpr) > +{ > + return __seamcall(TDH_VP_FLUSH, tdvpr, 0, 0, 0, NULL); > +} > + > +static inline u64 tdh_mng_vpflushdone(hpa_t tdr) > +{ > + return __seamcall(TDH_MNG_VPFLUSHDONE, tdr, 0, 0, 0, NULL); > +} > + > +static inline u64 tdh_mng_key_freeid(hpa_t tdr) > +{ > + return __seamcall(TDH_MNG_KEY_FREEID, tdr, 0, 0, 0, NULL); > +} > + > +static inline u64 tdh_mng_init(hpa_t tdr, hpa_t td_params, > + struct tdx_module_output *out) > +{ > + return __seamcall(TDH_MNG_INIT, tdr, td_params, 0, 0, out); > +} > + > +static inline u64 tdh_vp_init(hpa_t tdvpr, u64 rcx) > +{ > + return __seamcall(TDH_VP_INIT, tdvpr, rcx, 0, 0, NULL); > +} > + > +static inline u64 tdh_vp_rd(hpa_t tdvpr, u64 field, > + struct tdx_module_output *out) > +{ > + return __seamcall(TDH_VP_RD, tdvpr, field, 0, 0, out); > +} > + > +static inline u64 tdh_mng_key_reclaimid(hpa_t tdr) > +{ > + return __seamcall(TDH_MNG_KEY_RECLAIMID, tdr, 0, 0, 0, NULL); > +} > + > +static inline u64 tdh_phymem_page_reclaim(hpa_t page, > + struct tdx_module_output > *out) +{ > + return __seamcall(TDH_PHYMEM_PAGE_RECLAIM, page, 0, 0, 0, > out); +} > + > +static inline u64 tdh_mem_page_remove(hpa_t tdr, gpa_t gpa, int > level, > + struct tdx_module_output *out) > +{ > + return __seamcall(TDH_MEM_PAGE_REMOVE, gpa | level, tdr, 0, > 0, out); +} > + > +static inline u64 tdh_sys_lp_shutdown(void) > +{ > + return __seamcall(TDH_SYS_LP_SHUTDOWN, 0, 0, 0, 0, NULL); > +} > + > +static inline u64 tdh_mem_track(hpa_t tdr) > +{ > + return __seamcall(TDH_MEM_TRACK, tdr, 0, 0, 0, NULL); > +} > + > +static inline u64 tdh_mem_range_unblock(hpa_t tdr, gpa_t gpa, int > level, > + struct tdx_module_output > *out) +{ > + return __seamcall(TDH_MEM_RANGE_UNBLOCK, gpa | level, tdr, > 0, 0, out); +} > + > +static inline u64 tdh_phymem_cache_wb(bool resume) > +{ > + return __seamcall(TDH_PHYMEM_CACHE_WB, resume ? 1 : 0, 0, 0, > 0, NULL); +} > + > +static inline u64 tdh_phymem_page_wbinvd(hpa_t page) > +{ > + return __seamcall(TDH_PHYMEM_PAGE_WBINVD, page, 0, 0, 0, > NULL); +} > + > +static inline u64 tdh_vp_wr(hpa_t tdvpr, u64 field, u64 val, u64 > mask, > + struct tdx_module_output *out) > +{ > + return __seamcall(TDH_VP_WR, tdvpr, field, val, mask, out); > +} > +#endif /* CONFIG_INTEL_TDX_HOST */ > + > +#endif /* __KVM_X86_TDX_OPS_H */ > diff --git a/arch/x86/virt/vmx/tdx/seamcall.S > b/arch/x86/virt/vmx/tdx/seamcall.S index f81be6b9c133..b90a7fe05494 > 100644 --- a/arch/x86/virt/vmx/tdx/seamcall.S > +++ b/arch/x86/virt/vmx/tdx/seamcall.S > @@ -1,5 +1,6 @@ > /* SPDX-License-Identifier: GPL-2.0 */ > #include > +#include > #include > > #include "tdxcall.S" > @@ -50,3 +51,4 @@ SYM_FUNC_START(__seamcall) > FRAME_END > RET > SYM_FUNC_END(__seamcall) > +EXPORT_SYMBOL_GPL(__seamcall)