Received: by 2002:a05:6358:a55:b0:ec:fcf4:3ecf with SMTP id 21csp559395rwb; Thu, 12 Jan 2023 09:18:38 -0800 (PST) X-Google-Smtp-Source: AMrXdXtfDP4LWSp9ab8sltJ2qJMC5VQic9tYjlDdI6LhKlOyifqlu315ka74HsKjfzZcUivXs4Gt X-Received: by 2002:a17:907:a485:b0:7c0:e23f:17ca with SMTP id vp5-20020a170907a48500b007c0e23f17camr65249073ejc.34.1673543917675; Thu, 12 Jan 2023 09:18:37 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1673543917; cv=none; d=google.com; s=arc-20160816; b=Ona8urP2fQMx9TNQhWjxv4SNb2xVIzVk/R9hqlfWYz6SnWWNtfslnF5yOStgw14q9P Pfcj3CLZNC2zhq0XF2jFmxIVGUrYxHvTg4ZLV3R+3apuNXoJMXgqtgQnU9J3yy2CauZv uhPule/pNhFq/ZeTir9Ly7AQ9IgfEid+Lzl2hy3Woy7aoUBhQpGbgRpwGHAWrzrp+Kyj 2otdB7f093O+cJV/n+Z4KJd+FHA73IOsKzD5aPnG/5b11Hw9m+UGWAFkE8hf3AmfCx17 Rxt/7wg1ySRJKDpOAp6+eOCjUfG/OYHCkqIRNzhacgsNYP7peIA8eHJewxoKLOxBXVKY vTzA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=V5wscnhXYUCFydDLxTPOBgjqWKQeY8uBrmpivvvpWtc=; b=AAWKxkhee2O2XpNKxUciDtGmMQmswy3qhdPPEdB9MmM1hl9a2cVmDHlI7Jggoqqlhu br5YWo1w+5x+zUHdf94BE9TKrJSeLx1wjdLS8faH+d4s9TID7pd6quxjqy67yXr23+bs JXDfRl6odDALeQzsxI8iOAvR94NfkCG1c4zZE/kES6jzY9CRQ3nY84+1NgG6bPfjWiRZ RWFpV5jXq0s6VFfxrZISL6X4JgZudWjhoaEJQ0ZEGxPTQapkkmDg2QVdtjs0S6L/nJPP Eo3Fo3JchUB5yMp/33tL4CVaL8MQbnZij9ZIlciN9e7Jri6qdHgDcV9dnb6Kuq2gGbJE 3xyw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b=XZhGKF8K; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id xe6-20020a170907318600b00780488c11bbsi18806483ejb.388.2023.01.12.09.18.25; Thu, 12 Jan 2023 09:18:37 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b=XZhGKF8K; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S240696AbjALQmF (ORCPT + 50 others); Thu, 12 Jan 2023 11:42:05 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:40892 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S233861AbjALQha (ORCPT ); Thu, 12 Jan 2023 11:37:30 -0500 Received: from mga14.intel.com (mga14.intel.com [192.55.52.115]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id DA4D2DF26; Thu, 12 Jan 2023 08:33:50 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1673541230; x=1705077230; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=ur0iVrVgekV+GtSIMp49n//zlwM3sDwgsV/JD39cVbY=; b=XZhGKF8Ki6WSPtIGwvH1ammU2ioET3nFS0mFZsj5bffY0m7IdLzw5lHF WpHJB4FAL3ooO1xi0lgR/03O+HtQi6h6zcY8DBqSrtQiv3kOWSeILKwxo YcboTEjszpTsbnemX+Swh7QG/lqLEnNDZ7ZE1hEuo3VutIrmN2PZu3Czb lBERv4kr4mH1EbmNT7+gKk3QKBv6NqP0bZ8hmPTV7rrzp2111PJGIbq9/ mnvkXfXN1csxbP8I8xcgl23o6/P2Ov+3YTsv+40svpqJifKevpqi+p1uz fvYhH77glvUiPWlgWvFqAOpWDvmD/zOBw62g+xUH6x40gUk+ZzZ/Kyfax Q==; X-IronPort-AV: E=McAfee;i="6500,9779,10588"; a="323811669" X-IronPort-AV: E=Sophos;i="5.97,211,1669104000"; d="scan'208";a="323811669" Received: from fmsmga008.fm.intel.com ([10.253.24.58]) by fmsmga103.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 12 Jan 2023 08:33:20 -0800 X-IronPort-AV: E=McAfee;i="6500,9779,10588"; a="721151641" X-IronPort-AV: E=Sophos;i="5.97,211,1669104000"; d="scan'208";a="721151641" Received: from ls.sc.intel.com (HELO localhost) ([143.183.96.54]) by fmsmga008-auth.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 12 Jan 2023 08:33:20 -0800 From: isaku.yamahata@intel.com To: kvm@vger.kernel.org, linux-kernel@vger.kernel.org Cc: isaku.yamahata@intel.com, isaku.yamahata@gmail.com, Paolo Bonzini , erdemaktas@google.com, Sean Christopherson , Sagi Shahar , David Matlack Subject: [PATCH v11 006/113] KVM: TDX: Make TDX VM type supported Date: Thu, 12 Jan 2023 08:31:14 -0800 Message-Id: <6def82bac5d52bd729cd06f39e9e59f0409e32f8.1673539699.git.isaku.yamahata@intel.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: References: MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Spam-Status: No, score=-4.4 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_MED, SPF_HELO_NONE,SPF_NONE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org From: Isaku Yamahata NOTE: This patch is in position of the patch series for developers to be able to test codes during the middle of the patch series although this patch series doesn't provide functional features until the all the patches of this patch series. When merging this patch series, this patch can be moved to the end. As first step TDX VM support, return that TDX VM type supported to device model, e.g. qemu. The callback to create guest TD is vm_init callback for KVM_CREATE_VM. Signed-off-by: Isaku Yamahata --- arch/x86/kvm/vmx/main.c | 18 ++++++++++++++++-- arch/x86/kvm/vmx/tdx.c | 6 ++++++ arch/x86/kvm/vmx/vmx.c | 5 ----- arch/x86/kvm/vmx/x86_ops.h | 3 ++- 4 files changed, 24 insertions(+), 8 deletions(-) diff --git a/arch/x86/kvm/vmx/main.c b/arch/x86/kvm/vmx/main.c index 3b24e32077d6..e3c5e9250990 100644 --- a/arch/x86/kvm/vmx/main.c +++ b/arch/x86/kvm/vmx/main.c @@ -10,6 +10,12 @@ static bool enable_tdx __ro_after_init = IS_ENABLED(CONFIG_INTEL_TDX_HOST); module_param_named(tdx, enable_tdx, bool, 0444); +static bool vt_is_vm_type_supported(unsigned long type) +{ + return type == KVM_X86_DEFAULT_VM || + (enable_tdx && tdx_is_vm_type_supported(type)); +} + static __init int vt_hardware_setup(void) { int ret; @@ -23,6 +29,14 @@ static __init int vt_hardware_setup(void) return 0; } +static int vt_vm_init(struct kvm *kvm) +{ + if (is_td(kvm)) + return -EOPNOTSUPP; /* Not ready to create guest TD yet. */ + + return vmx_vm_init(kvm); +} + struct kvm_x86_ops vt_x86_ops __initdata = { .name = KBUILD_MODNAME, @@ -34,9 +48,9 @@ struct kvm_x86_ops vt_x86_ops __initdata = { .hardware_disable = vmx_hardware_disable, .has_emulated_msr = vmx_has_emulated_msr, - .is_vm_type_supported = vmx_is_vm_type_supported, + .is_vm_type_supported = vt_is_vm_type_supported, .vm_size = sizeof(struct kvm_vmx), - .vm_init = vmx_vm_init, + .vm_init = vt_vm_init, .vm_destroy = vmx_vm_destroy, .vcpu_precreate = vmx_vcpu_precreate, diff --git a/arch/x86/kvm/vmx/tdx.c b/arch/x86/kvm/vmx/tdx.c index d7a276118940..6c7d9ec53046 100644 --- a/arch/x86/kvm/vmx/tdx.c +++ b/arch/x86/kvm/vmx/tdx.c @@ -25,6 +25,12 @@ static int __init tdx_module_setup(void) return 0; } +bool tdx_is_vm_type_supported(unsigned long type) +{ + /* enable_tdx check is done by the caller. */ + return type == KVM_X86_TDX_VM; +} + int __init tdx_hardware_setup(struct kvm_x86_ops *x86_ops) { int r; diff --git a/arch/x86/kvm/vmx/vmx.c b/arch/x86/kvm/vmx/vmx.c index f1dea386d6c2..5dc7687dcf16 100644 --- a/arch/x86/kvm/vmx/vmx.c +++ b/arch/x86/kvm/vmx/vmx.c @@ -7501,11 +7501,6 @@ int vmx_vcpu_create(struct kvm_vcpu *vcpu) return err; } -bool vmx_is_vm_type_supported(unsigned long type) -{ - return type == KVM_X86_DEFAULT_VM; -} - #define L1TF_MSG_SMT "L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details.\n" #define L1TF_MSG_L1D "L1TF CPU bug present and virtualization mitigation disabled, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details.\n" diff --git a/arch/x86/kvm/vmx/x86_ops.h b/arch/x86/kvm/vmx/x86_ops.h index 6980126bc32a..8fd34842a06b 100644 --- a/arch/x86/kvm/vmx/x86_ops.h +++ b/arch/x86/kvm/vmx/x86_ops.h @@ -32,7 +32,6 @@ void vmx_hardware_unsetup(void); int vmx_check_processor_compat(void); int vmx_hardware_enable(void); void vmx_hardware_disable(void); -bool vmx_is_vm_type_supported(unsigned long type); int vmx_vm_init(struct kvm *kvm); void vmx_vm_destroy(struct kvm *kvm); int vmx_vcpu_precreate(struct kvm *kvm); @@ -140,8 +139,10 @@ void vmx_setup_mce(struct kvm_vcpu *vcpu); #ifdef CONFIG_INTEL_TDX_HOST int __init tdx_hardware_setup(struct kvm_x86_ops *x86_ops); +bool tdx_is_vm_type_supported(unsigned long type); #else static inline int tdx_hardware_setup(struct kvm_x86_ops *x86_ops) { return 0; } +static inline bool tdx_is_vm_type_supported(unsigned long type) { return false; } #endif #endif /* __KVM_X86_VMX_X86_OPS_H */ -- 2.25.1