Received: by 2002:a05:6358:3188:b0:123:57c1:9b43 with SMTP id q8csp2653198rwd;
        Sun, 28 May 2023 21:23:13 -0700 (PDT)
X-Google-Smtp-Source: ACHHUZ43opgxtLcjzMRJnxyr1hKCFXLtD7DjvqGuKHUNzjkeLGItssENQ/qw06FZGUo0s+PI2VYV
X-Received: by 2002:a05:6a00:218f:b0:64e:bada:2411 with SMTP id h15-20020a056a00218f00b0064ebada2411mr13926380pfi.25.1685334193097;
        Sun, 28 May 2023 21:23:13 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1685334193; cv=none;
        d=google.com; s=arc-20160816;
        b=IM3CnbleniqBwrwhsQ9PiTirH/L86ZQKOsvVDCHEEqBIVJjPBZSwt1EWG/5/kM9jbl
         XL5caCz6102+w3xdBK1GQtWbyN44u+G9ii1oWU7rXUsqYq+g+s1ZoMnKaUqTTA27PxQK
         NO+6kiDaRwW112sgOphVBS6qqIWc8ak0fG5GXOhhM7vhvt9C3SdQHFG6g8+wC7psztYT
         rBJgbFeRg7MSGywYlbOdoAZSjZs0hvh/LhlRVG0CbiJENsDUn5wbdw12dYIx0A/x9tH+
         7REodeZq52iufuBLBKJ12FREkEFZllSaKdwnGjZWn4jH3DRfEgJ6vcHapteyFNVXvKk7
         W5cg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:content-transfer-encoding:mime-version
         :references:in-reply-to:message-id:date:subject:cc:to:from
         :dkim-signature;
        bh=0iq8Ks/0pAiBsGOw3p43vTRatVpNQ0JvF3F6NQTBGxk=;
        b=qu2wLEOyDaZeaD91JIZn9d6dT71pzdQSVK38noHdmMK4fQMKik8ohnGWhBgNeK8VYK
         LZ/YvwVOglselsB0zVtKGUflA6R6CU/jS29wRmPIYcgvroKxXwS9avoJcsrCfsPlZZQU
         h7OF6/4yLjWUKLBM3DNCKZ4U3lzDjQN05Jo5Xw7Uvrd6Z0CCn1DhP7yX4WEy6y1me4Wu
         bIiSQqYHc8zL9z/T/TxByxU9yiQffrJ6vPdXfM8l/WKNX6XGHfTLHeyFuiXnRc00Kqwp
         M5PPrDlQGeymRnvAd8k3VmZNGS+5hQcJaYX4reJ8c6s7HONR+sy1YVMeZwaD/pXLQc3R
         ELjA==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@intel.com header.s=Intel header.b="YJ8W0l/W";
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20])
        by mx.google.com with ESMTP id i188-20020a6254c5000000b0064f9ce9ed58si6949829pfb.332.2023.05.28.21.22.58;
        Sun, 28 May 2023 21:23:13 -0700 (PDT)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@intel.com header.s=Intel header.b="YJ8W0l/W";
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S231599AbjE2EVy (ORCPT <rfc822;a839024@gmail.com> + 99 others);
        Mon, 29 May 2023 00:21:54 -0400
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:43732 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S231452AbjE2EUy (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Mon, 29 May 2023 00:20:54 -0400
Received: from mga06.intel.com (mga06b.intel.com [134.134.136.31])
        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id C19AFBE;
        Sun, 28 May 2023 21:20:53 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple;
  d=intel.com; i=@intel.com; q=dns/txt; s=Intel;
  t=1685334053; x=1716870053;
  h=from:to:cc:subject:date:message-id:in-reply-to:
   references:mime-version:content-transfer-encoding;
  bh=Z3BpG7MFQCaSR1q35ojQWXIr6fvolPF54fp90tzFCkE=;
  b=YJ8W0l/WQiMc/QqakSpW1KwNWVVCaqa2ckeG5M6WQwVjkoOjwx5jRexZ
   RizdekCod9LkkIc00j+6UkxUVKOLMSRNFn2GE/UfJo/yBKGDYEdchHfgX
   629lJTQ5E/nNstRYu3ZzW2ZZmVjhhcqMyx3updCprmKutYD8WIBhHQRcH
   tC20Wb+0fnNnDRbATY0SmRn2ZDU9W99DZsozoDzByB3AMMDIQ08w4Ig04
   KWL5K6qJlT9IVp1TwTEqLvQfnrCfS/LOpgghjjhGn3INrzvkDurygYDK6
   frkJLD0Hj03m0zZaf81kvXOH6toHG+tzEdJBKMX+9f2icAIjQqh3Z/tqC
   Q==;
X-IronPort-AV: E=McAfee;i="6600,9927,10724"; a="418094305"
X-IronPort-AV: E=Sophos;i="6.00,200,1681196400"; 
   d="scan'208";a="418094305"
Received: from orsmga006.jf.intel.com ([10.7.209.51])
  by orsmga104.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 28 May 2023 21:20:51 -0700
X-ExtLoop1: 1
X-IronPort-AV: E=McAfee;i="6600,9927,10724"; a="683419328"
X-IronPort-AV: E=Sophos;i="6.00,200,1681196400"; 
   d="scan'208";a="683419328"
Received: from ls.sc.intel.com (HELO localhost) ([172.25.112.31])
  by orsmga006-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 28 May 2023 21:20:50 -0700
From:   isaku.yamahata@intel.com
To:     kvm@vger.kernel.org, linux-kernel@vger.kernel.org
Cc:     isaku.yamahata@intel.com, isaku.yamahata@gmail.com,
        Paolo Bonzini <pbonzini@redhat.com>, erdemaktas@google.com,
        Sean Christopherson <seanjc@google.com>,
        Sagi Shahar <sagis@google.com>,
        David Matlack <dmatlack@google.com>,
        Kai Huang <kai.huang@intel.com>,
        Zhi Wang <zhi.wang.linux@gmail.com>, chen.bo@intel.com
Subject: [PATCH v14 014/113] x86/cpu: Add helper functions to allocate/free TDX private host key id
Date:   Sun, 28 May 2023 21:18:56 -0700
Message-Id: <cf947b2045c821aea497497b101a0db007663a01.1685333727.git.isaku.yamahata@intel.com>
X-Mailer: git-send-email 2.25.1
In-Reply-To: <cover.1685333727.git.isaku.yamahata@intel.com>
References: <cover.1685333727.git.isaku.yamahata@intel.com>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-Spam-Status: No, score=-4.6 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH,
        DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_MED,
        SPF_HELO_NONE,SPF_NONE,T_SCC_BODY_TEXT_LINE autolearn=ham
        autolearn_force=no version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on
        lindbergh.monkeyblade.net
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

From: Isaku Yamahata <isaku.yamahata@intel.com>

Add helper functions to allocate/free TDX private host key id (HKID), and
export the global TDX HKID.

The memory controller encrypts TDX memory with the assigned TDX HKIDs.  The
global TDX HKID is to encrypt the TDX module, its memory, and some dynamic
data (TDR).  The private TDX HKID is assigned to guest TD to encrypt guest
memory and the related data.  When VMM releases an encrypted page for
reuse, the page needs a cache flush with the used HKID.  VMM needs the
global TDX HKID and the private TDX HKIDs to flush encrypted pages.

Signed-off-by: Isaku Yamahata <isaku.yamahata@intel.com>
---
 arch/x86/include/asm/tdx.h  | 12 ++++++++++++
 arch/x86/virt/vmx/tdx/tdx.c | 28 +++++++++++++++++++++++++++-
 2 files changed, 39 insertions(+), 1 deletion(-)

diff --git a/arch/x86/include/asm/tdx.h b/arch/x86/include/asm/tdx.h
index 6c01ab572c1f..7d99a48a98cc 100644
--- a/arch/x86/include/asm/tdx.h
+++ b/arch/x86/include/asm/tdx.h
@@ -104,6 +104,16 @@ static inline long tdx_kvm_hypercall(unsigned int nr, unsigned long p1,
 bool platform_tdx_enabled(void);
 int tdx_cpu_enable(void);
 int tdx_enable(void);
+/*
+ * Key id globally used by TDX module: TDX module maps TDR with this TDX global
+ * key id.  TDR includes key id assigned to the TD.  Then TDX module maps other
+ * TD-related pages with the assigned key id.  TDR requires this TDX global key
+ * id for cache flush unlike other TD-related pages.
+ */
+extern u32 tdx_global_keyid __ro_after_init;
+int tdx_guest_keyid_alloc(void);
+void tdx_guest_keyid_free(int keyid);
+
 u64 __seamcall(u64 op, u64 rcx, u64 rdx, u64 r8, u64 r9,
 	       struct tdx_module_output *out);
 #else	/* !CONFIG_INTEL_TDX_HOST */
@@ -112,6 +122,8 @@ static inline int tdx_cpu_enable(void) { return -EINVAL; }
 static inline int tdx_enable(void)  { return -EINVAL; }
 static inline u64 __seamcall(u64 op, u64 rcx, u64 rdx, u64 r8, u64 r9,
 			     struct tdx_module_output *out) { return TDX_SEAMCALL_UD; };
+static inline int tdx_guest_keyid_alloc(void) { return -EOPNOTSUPP; }
+static inline void tdx_guest_keyid_free(int keyid) { }
 #endif	/* CONFIG_INTEL_TDX_HOST */
 
 #endif /* !__ASSEMBLY__ */
diff --git a/arch/x86/virt/vmx/tdx/tdx.c b/arch/x86/virt/vmx/tdx/tdx.c
index ee94a7327d93..511257086f02 100644
--- a/arch/x86/virt/vmx/tdx/tdx.c
+++ b/arch/x86/virt/vmx/tdx/tdx.c
@@ -33,7 +33,8 @@
 #include <asm/tdx.h>
 #include "tdx.h"
 
-static u32 tdx_global_keyid __ro_after_init;
+u32 tdx_global_keyid __ro_after_init;
+EXPORT_SYMBOL_GPL(tdx_global_keyid);
 static u32 tdx_guest_keyid_start __ro_after_init;
 static u32 tdx_nr_guest_keyids __ro_after_init;
 
@@ -138,6 +139,31 @@ static struct notifier_block tdx_memory_nb = {
 	.notifier_call = tdx_memory_notifier,
 };
 
+/* TDX KeyID pool */
+static DEFINE_IDA(tdx_guest_keyid_pool);
+
+int tdx_guest_keyid_alloc(void)
+{
+	if (WARN_ON_ONCE(!tdx_guest_keyid_start || !tdx_nr_guest_keyids))
+		return -EINVAL;
+
+	/* The first keyID is reserved for the global key. */
+	return ida_alloc_range(&tdx_guest_keyid_pool, tdx_guest_keyid_start + 1,
+			       tdx_guest_keyid_start + tdx_nr_guest_keyids - 1,
+			       GFP_KERNEL);
+}
+EXPORT_SYMBOL_GPL(tdx_guest_keyid_alloc);
+
+void tdx_guest_keyid_free(int keyid)
+{
+	/* keyid = 0 is reserved. */
+	if (WARN_ON_ONCE(keyid <= 0))
+		return;
+
+	ida_free(&tdx_guest_keyid_pool, keyid);
+}
+EXPORT_SYMBOL_GPL(tdx_guest_keyid_free);
+
 static int __init tdx_init(void)
 {
 	u32 tdx_keyid_start, nr_tdx_keyids;
-- 
2.25.1