Received: by 2002:a05:6358:3188:b0:123:57c1:9b43 with SMTP id q8csp2652820rwd; Sun, 28 May 2023 21:22:28 -0700 (PDT) X-Google-Smtp-Source: ACHHUZ4dpDF7bbQCju8ExrwfDaahCW3c96O8DD08jmWQmI1FDSvV/+PfrQUF6mynxtsx4LqcqqYH X-Received: by 2002:a17:902:e890:b0:1a5:22a6:4e6a with SMTP id w16-20020a170902e89000b001a522a64e6amr11038489plg.51.1685334148545; Sun, 28 May 2023 21:22:28 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1685334148; cv=none; d=google.com; s=arc-20160816; b=s99uBcxmFx1+XLsnGiOe2hThhgzmOnnGW6c77MjRKhoL8aLU56JFeFrK+dEGaclKFa V2AY2/OGDKJ1YrTVnZYh+6qPGhP3adxVrPzIVyyiHbxkU6b6jG/Qy9qtfGswL3SBiJND mH5FaSC2uEF4J9xojF9ccZ/y+ouibuN2w2vPDoK6v5yV1PfJjFHPk51Xd6IZ1+ZjmWso 8poZTWNPJhMgKIwMVVHp0eXJcJV7abZEaMzo62iNgw7XZAGoWW6HqHUsO0JyJ+Wxp9lg kh65zv54Wpez1XgvVT+0Op3AILUe7Ou1pPAzotwUGW+UFcL8T/vq3pdK/v4N4E5Boyjc Mpkw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=EqDnvbxx3N0fBRo54YQiHSs3dVO2EQ9LyQfO/iPEUv8=; b=IueW/hqOSD8ipbe+Kfke4XSv1hkeOnMDZvpULHEz1MVjcgnctUUkHzccgqNlH7roNj v7zQ+byJ3dPAsaBcaqUf7Hb2Cc5WWai4SyRBgltiAdFUaWRhHfkJ60k/IVN8Fz9a4GUt CgHuOHcEmX6UWKm1I5njNvwGcdZ+ejkZ+0fQNj2koFFyhdDb34FLf7HfBdOg9/duEgaj kMl8k16Pff2bnueGc/33dHBsSJs/KnTY5wnMAqGsw/ATWWAsMojVuBoYhLqhagZv8hOF +3aGy26+jQ+S3GbFhQuGVVLKMQSKgeOlW+FRR4HRR3qx/SzPp52F5Opjy1JSYGT1dtZz Y7Sg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b="KDpqigL/"; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id ja1-20020a170902efc100b001ab1fb8cc83si1166648plb.161.2023.05.28.21.22.14; Sun, 28 May 2023 21:22:28 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b="KDpqigL/"; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231517AbjE2EVT (ORCPT + 99 others); Mon, 29 May 2023 00:21:19 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:43662 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231352AbjE2EUu (ORCPT ); Mon, 29 May 2023 00:20:50 -0400 Received: from mga06.intel.com (mga06b.intel.com [134.134.136.31]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id A458BBB; Sun, 28 May 2023 21:20:48 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1685334048; x=1716870048; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=9aVVj+C7fHML2udTPXKS9puppzHdj2MrfArkAhz4ink=; b=KDpqigL/mLoYVw1LVhbqiHGhYJBV+ohMSbe5l1E0SFz8AVC5NBJmPMlw kP/m1PAdApTqBGSBZ0rrhTZiGibAsp+AmO+o++bHph1njTX/wvWiWbxub 4H9gLRT1n9kTXCbRB8IU9c3kbf7o8uyk8jgT9MUGjAk1OTtpMe/XlvBeT 5ALAWMusulJSk1/mYRYrzdg3UbXlkeQ0hWH4C4NgjGj/1O2qMvayOeuo+ Qs9zw/y7/m7sN6sBX235wWx9lAzyMNhk3zqUilOHAw237vjMwr5CRA6Y1 MuhHUU9iGJ+Ws/4ZH62SM6jYHYE4MUx65RDf3D1Hf6Ng7NvTKW4Hrb3e8 A==; X-IronPort-AV: E=McAfee;i="6600,9927,10724"; a="418094264" X-IronPort-AV: E=Sophos;i="6.00,200,1681196400"; d="scan'208";a="418094264" Received: from orsmga006.jf.intel.com ([10.7.209.51]) by orsmga104.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 28 May 2023 21:20:46 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=McAfee;i="6600,9927,10724"; a="683419304" X-IronPort-AV: E=Sophos;i="6.00,200,1681196400"; d="scan'208";a="683419304" Received: from ls.sc.intel.com (HELO localhost) ([172.25.112.31]) by orsmga006-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 28 May 2023 21:20:46 -0700 From: isaku.yamahata@intel.com To: kvm@vger.kernel.org, linux-kernel@vger.kernel.org Cc: isaku.yamahata@intel.com, isaku.yamahata@gmail.com, Paolo Bonzini , erdemaktas@google.com, Sean Christopherson , Sagi Shahar , David Matlack , Kai Huang , Zhi Wang , chen.bo@intel.com Subject: [PATCH v14 007/113] KVM: TDX: Make TDX VM type supported Date: Sun, 28 May 2023 21:18:49 -0700 Message-Id: <142ce2b2e7e570395973c3e22a0f12d48eacd366.1685333727.git.isaku.yamahata@intel.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: References: MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Spam-Status: No, score=-4.6 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_MED, SPF_HELO_NONE,SPF_NONE,T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org From: Isaku Yamahata NOTE: This patch is in position of the patch series for developers to be able to test codes during the middle of the patch series although this patch series doesn't provide functional features until the all the patches of this patch series. When merging this patch series, this patch can be moved to the end. As first step TDX VM support, return that TDX VM type supported to device model, e.g. qemu. The callback to create guest TD is vm_init callback for KVM_CREATE_VM. Signed-off-by: Isaku Yamahata --- arch/x86/kvm/vmx/main.c | 18 ++++++++++++++++-- arch/x86/kvm/vmx/tdx.c | 6 ++++++ arch/x86/kvm/vmx/vmx.c | 5 ----- arch/x86/kvm/vmx/x86_ops.h | 3 ++- 4 files changed, 24 insertions(+), 8 deletions(-) diff --git a/arch/x86/kvm/vmx/main.c b/arch/x86/kvm/vmx/main.c index 19bba6d05f45..2c7c84a8187a 100644 --- a/arch/x86/kvm/vmx/main.c +++ b/arch/x86/kvm/vmx/main.c @@ -10,6 +10,12 @@ static bool enable_tdx __ro_after_init; module_param_named(tdx, enable_tdx, bool, 0444); +static bool vt_is_vm_type_supported(unsigned long type) +{ + return type == KVM_X86_DEFAULT_VM || + (enable_tdx && tdx_is_vm_type_supported(type)); +} + static int vt_hardware_enable(void) { int ret; @@ -37,6 +43,14 @@ static __init int vt_hardware_setup(void) return 0; } +static int vt_vm_init(struct kvm *kvm) +{ + if (is_td(kvm)) + return -EOPNOTSUPP; /* Not ready to create guest TD yet. */ + + return vmx_vm_init(kvm); +} + #define VMX_REQUIRED_APICV_INHIBITS \ ( \ BIT(APICV_INHIBIT_REASON_DISABLE)| \ @@ -59,9 +73,9 @@ struct kvm_x86_ops vt_x86_ops __initdata = { .hardware_disable = vmx_hardware_disable, .has_emulated_msr = vmx_has_emulated_msr, - .is_vm_type_supported = vmx_is_vm_type_supported, + .is_vm_type_supported = vt_is_vm_type_supported, .vm_size = sizeof(struct kvm_vmx), - .vm_init = vmx_vm_init, + .vm_init = vt_vm_init, .vm_destroy = vmx_vm_destroy, .vcpu_precreate = vmx_vcpu_precreate, diff --git a/arch/x86/kvm/vmx/tdx.c b/arch/x86/kvm/vmx/tdx.c index 19d5656b9cb0..af045b182146 100644 --- a/arch/x86/kvm/vmx/tdx.c +++ b/arch/x86/kvm/vmx/tdx.c @@ -24,6 +24,12 @@ static int __init tdx_module_setup(void) return 0; } +bool tdx_is_vm_type_supported(unsigned long type) +{ + /* enable_tdx check is done by the caller. */ + return type == KVM_X86_PROTECTED_VM; +} + static void __init vmx_tdx_on(void *info) { atomic_t *err = info; diff --git a/arch/x86/kvm/vmx/vmx.c b/arch/x86/kvm/vmx/vmx.c index b423b2e58b53..9e4def64495b 100644 --- a/arch/x86/kvm/vmx/vmx.c +++ b/arch/x86/kvm/vmx/vmx.c @@ -7459,11 +7459,6 @@ int vmx_vcpu_create(struct kvm_vcpu *vcpu) return err; } -bool vmx_is_vm_type_supported(unsigned long type) -{ - return type == KVM_X86_DEFAULT_VM; -} - #define L1TF_MSG_SMT "L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details.\n" #define L1TF_MSG_L1D "L1TF CPU bug present and virtualization mitigation disabled, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details.\n" diff --git a/arch/x86/kvm/vmx/x86_ops.h b/arch/x86/kvm/vmx/x86_ops.h index b96048828745..a8cb2d94fe1b 100644 --- a/arch/x86/kvm/vmx/x86_ops.h +++ b/arch/x86/kvm/vmx/x86_ops.h @@ -30,7 +30,6 @@ void vmx_hardware_unsetup(void); int vmx_check_processor_compat(void); int vmx_hardware_enable(void); void vmx_hardware_disable(void); -bool vmx_is_vm_type_supported(unsigned long type); int vmx_vm_init(struct kvm *kvm); void vmx_vm_destroy(struct kvm *kvm); int vmx_vcpu_precreate(struct kvm *kvm); @@ -138,8 +137,10 @@ void vmx_setup_mce(struct kvm_vcpu *vcpu); #ifdef CONFIG_INTEL_TDX_HOST int __init tdx_hardware_setup(struct kvm_x86_ops *x86_ops); +bool tdx_is_vm_type_supported(unsigned long type); #else static inline int tdx_hardware_setup(struct kvm_x86_ops *x86_ops) { return -ENOSYS; } +static inline bool tdx_is_vm_type_supported(unsigned long type) { return false; } #endif #endif /* __KVM_X86_VMX_X86_OPS_H */ -- 2.25.1