Received: by 2002:a05:6358:3188:b0:123:57c1:9b43 with SMTP id q8csp16272830rwd; Mon, 26 Jun 2023 07:57:37 -0700 (PDT) X-Google-Smtp-Source: ACHHUZ7o7GBTVRwrijvUyuASKjnPfGNI/AGAgZseJ6wmgnSRv0JdzRozo4+kV+A39fxaf1ATqcgz X-Received: by 2002:a05:6a20:151:b0:125:d34f:e905 with SMTP id 17-20020a056a20015100b00125d34fe905mr5193921pzs.37.1687791456841; Mon, 26 Jun 2023 07:57:36 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1687791456; cv=none; d=google.com; s=arc-20160816; b=aEjW7pefr9jA0fAirRXUqFKs4hjZYim9QIBP47TwSa7IhZSOYGgKIbNl1lzZSlQrrL 2xWuXJeqzRhSQ0y2D3z9T7xmcmyY6eCaN6f1OGX7cJKIgrTFT9URYEOhcpKHV/CzYN2S QsUxkQLm396C+v2uHd5hE4ZR81i69fFS3kNAw5f3eFfbAXEpNwslPqmTIov5zAhfU2qp ip4XPTOnmOy7S5bWrCAFS89Xfr+pW6rB4gbyDEdehOLRKsd0xnqIe5WNA03K2E+HxsM5 h4Z5q205S0vQtMQOOVOXse4Zgo3zLNv2DX3+LmLfZxuIp5rmy18FznINL/zUjRH6WcJk +yIw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=lLk/wGSPaSTrkTCZinr9eKY69DPzWrg3cyLMgeX4MGo=; fh=6HfxY0KVNaGJjlkZjh3Hzm5TphdbqQTBO+53/7gNlSk=; b=dEmpwpWtLzp/0Q2JvQsnzS5dFwMCaY0GM5M6W0rCdnEa0PPZfGV7R/DVl5zCZ2hKCr nlth3fs2d2sMwn1o2GnSoRyEdI5GYtvkf/szc5qn9cPf46Lzu1ybND0djV7FU4cz+wbE 0KBX5vlsYEwxTL3SncBo6tnTNzi5eZUc1NxcuGrMbko2dG72+86dddZRFB/fZAD7RbEr rKqVtm9m1E3K4QS/EB5+T2ZnQkNKPNoU9dUd3lagCLaPG6PHHnv2v4bqX2o9r1u6m67U 8JTfDzSnUuuKIiICnId4yezgbDQwj46PXv6yEi4bs8Ot9PE010o/VmHLFY/XKgQuBDkb KwxQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b=O2H8PF4Y; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id j23-20020a63ec17000000b00543bfe3eaffsi5017774pgh.762.2023.06.26.07.56.55; Mon, 26 Jun 2023 07:57:36 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b=O2H8PF4Y; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231443AbjFZOQq (ORCPT + 99 others); Mon, 26 Jun 2023 10:16:46 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:35214 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231363AbjFZOQT (ORCPT ); Mon, 26 Jun 2023 10:16:19 -0400 Received: from mga18.intel.com (mga18.intel.com [134.134.136.126]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id AAFA910F4; Mon, 26 Jun 2023 07:15:47 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1687788947; x=1719324947; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=5sc34Yqc1vOr6HaopE/2pjCFoh8PgsgrPLKdaoJpmO4=; b=O2H8PF4Y79YERx5w2xkdoavKvK3ANI2b1INB97GqT4hFV9rrDI/LS4gf hGKlg5QqOCXbY7gL0egbe8zC69F7V1qe6ROGQfjRuVFlsYR5rKHOywn9c iupJveqAnnGCMHoVZ2DBWur/vPPvpy1JOYVppdcleu5KqZnBt19NmtAD8 2olBVFoY6IDIusGyfKZPP5cHu1Mb0KQoQFUM+M9O5eehd+jSZ9jVwuZrs t3YGzAzH2yJ/09hpBJEchvyGa/DUpoHqy1Om3bU81W9ORAig4EAa2iZ8Z XrY6qULiC2z+adCLsjZ3O5zEphXryd+zAB1uNQB4aLOetCYEVfRrW6dzh g==; X-IronPort-AV: E=McAfee;i="6600,9927,10753"; a="346034024" X-IronPort-AV: E=Sophos;i="6.01,159,1684825200"; d="scan'208";a="346034024" Received: from orsmga005.jf.intel.com ([10.7.209.41]) by orsmga106.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 26 Jun 2023 07:15:22 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=McAfee;i="6600,9927,10753"; a="890292427" X-IronPort-AV: E=Sophos;i="6.01,159,1684825200"; d="scan'208";a="890292427" Received: from smithau-mobl1.amr.corp.intel.com (HELO khuang2-desk.gar.corp.intel.com) ([10.213.179.223]) by orsmga005-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 26 Jun 2023 07:15:16 -0700 From: Kai Huang To: linux-kernel@vger.kernel.org, kvm@vger.kernel.org Cc: linux-mm@kvack.org, x86@kernel.org, dave.hansen@intel.com, kirill.shutemov@linux.intel.com, tony.luck@intel.com, peterz@infradead.org, tglx@linutronix.de, bp@alien8.de, mingo@redhat.com, hpa@zytor.com, seanjc@google.com, pbonzini@redhat.com, david@redhat.com, dan.j.williams@intel.com, rafael.j.wysocki@intel.com, ashok.raj@intel.com, reinette.chatre@intel.com, len.brown@intel.com, ak@linux.intel.com, isaku.yamahata@intel.com, ying.huang@intel.com, chao.gao@intel.com, sathyanarayanan.kuppuswamy@linux.intel.com, nik.borisov@suse.com, bagasdotme@gmail.com, sagis@google.com, imammedo@redhat.com, kai.huang@intel.com Subject: [PATCH v12 16/22] x86/virt/tdx: Initialize all TDMRs Date: Tue, 27 Jun 2023 02:12:46 +1200 Message-Id: X-Mailer: git-send-email 2.40.1 In-Reply-To: References: MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,SPF_HELO_NONE, SPF_NONE,T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org After the global KeyID has been configured on all packages, initialize all TDMRs to make all TDX-usable memory regions that are passed to the TDX module become usable. This is the last step of initializing the TDX module. Initializing TDMRs can be time consuming on large memory systems as it involves initializing all metadata entries for all pages that can be used by TDX guests. Initializing different TDMRs can be parallelized. For now to keep it simple, just initialize all TDMRs one by one. It can be enhanced in the future. Signed-off-by: Kai Huang Reviewed-by: Isaku Yamahata Reviewed-by: Kirill A. Shutemov --- v11 -> v12: - Added Kirill's tag v10 -> v11: - No update v9 -> v10: - Code change due to change static 'tdx_tdmr_list' to local 'tdmr_list'. v8 -> v9: - Improved changlog to explain why initializing TDMRs can take long time (Dave). - Improved comments around 'next-to-initialize' address (Dave). v7 -> v8: (Dave) - Changelog: - explicitly call out this is the last step of TDX module initialization. - Trimed down changelog by removing SEAMCALL name and details. - Removed/trimmed down unnecessary comments. - Other changes due to 'struct tdmr_info_list'. v6 -> v7: - Removed need_resched() check. -- Andi. --- arch/x86/virt/vmx/tdx/tdx.c | 60 ++++++++++++++++++++++++++++++++----- arch/x86/virt/vmx/tdx/tdx.h | 1 + 2 files changed, 53 insertions(+), 8 deletions(-) diff --git a/arch/x86/virt/vmx/tdx/tdx.c b/arch/x86/virt/vmx/tdx/tdx.c index f5d4dbc11aee..52b7267ea226 100644 --- a/arch/x86/virt/vmx/tdx/tdx.c +++ b/arch/x86/virt/vmx/tdx/tdx.c @@ -994,6 +994,56 @@ static int config_global_keyid(void) return ret; } +static int init_tdmr(struct tdmr_info *tdmr) +{ + u64 next; + + /* + * Initializing a TDMR can be time consuming. To avoid long + * SEAMCALLs, the TDX module may only initialize a part of the + * TDMR in each call. + */ + do { + struct tdx_module_output out; + int ret; + + /* All 0's are unused parameters, they mean nothing. */ + ret = seamcall(TDH_SYS_TDMR_INIT, tdmr->base, 0, 0, 0, NULL, + &out); + if (ret) + return ret; + /* + * RDX contains 'next-to-initialize' address if + * TDH.SYS.TDMR.INIT did not fully complete and + * should be retried. + */ + next = out.rdx; + cond_resched(); + /* Keep making SEAMCALLs until the TDMR is done */ + } while (next < tdmr->base + tdmr->size); + + return 0; +} + +static int init_tdmrs(struct tdmr_info_list *tdmr_list) +{ + int i; + + /* + * This operation is costly. It can be parallelized, + * but keep it simple for now. + */ + for (i = 0; i < tdmr_list->nr_consumed_tdmrs; i++) { + int ret; + + ret = init_tdmr(tdmr_entry(tdmr_list, i)); + if (ret) + return ret; + } + + return 0; +} + static int init_tdx_module(void) { struct tdsysinfo_struct *sysinfo; @@ -1067,14 +1117,8 @@ static int init_tdx_module(void) if (ret) goto out_reset_pamts; - /* - * TODO: - * - * - Initialize all TDMRs. - * - * Return error before all steps are done. - */ - ret = -EINVAL; + /* Initialize TDMRs to complete the TDX module initialization */ + ret = init_tdmrs(&tdmr_list); out_reset_pamts: if (ret) { /* diff --git a/arch/x86/virt/vmx/tdx/tdx.h b/arch/x86/virt/vmx/tdx/tdx.h index a0438513bec0..f6b4e153890d 100644 --- a/arch/x86/virt/vmx/tdx/tdx.h +++ b/arch/x86/virt/vmx/tdx/tdx.h @@ -25,6 +25,7 @@ #define TDH_SYS_INFO 32 #define TDH_SYS_INIT 33 #define TDH_SYS_LP_INIT 35 +#define TDH_SYS_TDMR_INIT 36 #define TDH_SYS_CONFIG 45 struct cmr_info { -- 2.40.1