Received: by 2002:a05:6358:c692:b0:131:369:b2a3 with SMTP id fe18csp389416rwb; Tue, 25 Jul 2023 17:58:19 -0700 (PDT) X-Google-Smtp-Source: APBJJlFNGatX6e3hdM9AfIbmqL7dI6f8rE8w6A66q+zcuJgSLzFEI98OGKqXK6hhS5NlLpawnEn5 X-Received: by 2002:a17:902:830c:b0:1bb:83cd:ad83 with SMTP id bd12-20020a170902830c00b001bb83cdad83mr627025plb.28.1690333099578; Tue, 25 Jul 2023 17:58:19 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1690333099; cv=none; d=google.com; s=arc-20160816; b=QwHiljXN2fsp6td7nXy3lDR2iQTLNqLMbDLyStzSuVsFn1SpmIz9KTncYM1aXQnD0J EL2q1/00s7mf3/Wt6i7j7U4vwGfKCGs6vUzAtlwS8aKLCzXkGZzptqk30suFcweAQp4G d3r+wkjBHxmahi90V2S9p3JZ2ofWkpNOtCfF4BTmKTlCTTGrfcabtOVnmJL/Aa0xi6uQ HE/LDpem8Yd/cvtwsTz1zENEVr9WnmGL1upFE6b8f9IKTltJCGxfZkuzIwd1B5e4qdkY 2GgMSWlfjC/2PNrzIA2sdjvSTRvbVVaYVTD3pKpTeDFonVwP9esHD01uMdUIJvhofjuI GsyA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=GAtqaqY2VfW33i1tCmCh2acse9tVYPLzvk4uDolF1/Q=; fh=juxwNcA6iKwLISFgUCNwdoIYC0NKLUseq3xZdq25RR4=; b=tXfYUzDdb8oj1rw2+PUFLRVdDB8huJjENMhiLACGnuBhlZwnQGm2FQEc9VhpngkMkU 2r+4L/73DcRDUwUkIHbbZ/1A2JeB+ijigg6NhECm1hM4hBMFcrz3tuSywXyGz/Rt/m3i 5+Kmkig5YddqypD6U9Zf9M+7z0NzMqEkRR7WBsCmnBsd8KFPa0f2Z6ESzNfvTrtlaSKp TvTT6W2DxEDMlOk7PgwvUVi2Cx2JMsPTTAiX6l0gVGQsrM5wsVqbgZMiAQM3Dmqcan3z 053Zdd4kqcBxAyo7IS/gkVnGE8GH2pRShhMpMGwSXfIyPp8q2PCw+1YprIkv/8vMrB3T Kkzw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b=SyqGjzF7; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id p7-20020a170902ebc700b001bb29476f47si12140145plg.503.2023.07.25.17.58.07; Tue, 25 Jul 2023 17:58:19 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b=SyqGjzF7; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S233068AbjGYWZV (ORCPT + 99 others); Tue, 25 Jul 2023 18:25:21 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:39386 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S233036AbjGYWXV (ORCPT ); Tue, 25 Jul 2023 18:23:21 -0400 Received: from mga14.intel.com (mga14.intel.com [192.55.52.115]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 4044A55B8; Tue, 25 Jul 2023 15:18:41 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1690323521; x=1721859521; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=/ls1BzqS9FKY4HkJaupcxI2ZIkdzdAwcHI/XSkpQbg0=; b=SyqGjzF7TLfl/BvUJXcAGQCeogsNq9YkdRa/iry2rRk+9vODAQCaTS+O 82xDaYQTiXccEj4wDDAJKdZOteTiBr6BPX+50M0MQjk/CkQj6E/pRRUBP bJCA8WYYGoIX2z4mhWSIPM4EvqW+n5R4fBgAiVhObHZY33aMT+KHj+REZ 3JpcNE5ZC9uK3dxz6BePx4abE/Gzmj7RSCngY3n1kFUTAo5UI2T04YXUS gEKNQW0HdZyvbjKss8V75BTDweNczw6KQnr/PyvZxPBCDhzo5n1e2DJ7f aptoB+B9mWUWXec+aqhpJRcGyBzUoznmOO1Ayc+f8KQS9GMeY1pEpfGih A==; X-IronPort-AV: E=McAfee;i="6600,9927,10782"; a="367882732" X-IronPort-AV: E=Sophos;i="6.01,231,1684825200"; d="scan'208";a="367882732" Received: from fmsmga002.fm.intel.com ([10.253.24.26]) by fmsmga103.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 25 Jul 2023 15:16:06 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=McAfee;i="6600,9927,10782"; a="840001927" X-IronPort-AV: E=Sophos;i="6.01,231,1684825200"; d="scan'208";a="840001927" Received: from ls.sc.intel.com (HELO localhost) ([172.25.112.31]) by fmsmga002-auth.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 25 Jul 2023 15:16:05 -0700 From: isaku.yamahata@intel.com To: kvm@vger.kernel.org, linux-kernel@vger.kernel.org Cc: isaku.yamahata@intel.com, isaku.yamahata@gmail.com, Paolo Bonzini , erdemaktas@google.com, Sean Christopherson , Sagi Shahar , David Matlack , Kai Huang , Zhi Wang , chen.bo@intel.com, hang.yuan@intel.com, tina.zhang@intel.com Subject: [PATCH v15 099/115] KVM: TDX: Handle MSR IA32_FEAT_CTL MSR and IA32_MCG_EXT_CTL Date: Tue, 25 Jul 2023 15:14:50 -0700 Message-Id: X-Mailer: git-send-email 2.25.1 In-Reply-To: References: MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Spam-Status: No, score=-4.4 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_MED, SPF_HELO_NONE,SPF_NONE,T_SCC_BODY_TEXT_LINE,URIBL_BLOCKED autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org From: Isaku Yamahata MCE and MCA is advertised via cpuid based on the TDX module spec. Guest kernel can access IA32_FEAT_CTL for checking if LMCE is enabled by platform and IA32_MCG_EXT_CTL to enable LMCE. Make TDX KVM handle them. Otherwise guest MSR access to them with TDG.VP.VMCALL on VE results in GP in guest. Because LMCE is disabled with qemu by default, "-cpu lmce=on" to qemu command line is needed to reproduce it. Signed-off-by: Isaku Yamahata --- arch/x86/kvm/vmx/tdx.c | 20 ++++++++++++++++++++ 1 file changed, 20 insertions(+) diff --git a/arch/x86/kvm/vmx/tdx.c b/arch/x86/kvm/vmx/tdx.c index 3775db455f29..77052f49481a 100644 --- a/arch/x86/kvm/vmx/tdx.c +++ b/arch/x86/kvm/vmx/tdx.c @@ -1806,6 +1806,7 @@ bool tdx_has_emulated_msr(u32 index, bool write) default: return true; } + case MSR_IA32_FEAT_CTL: case MSR_IA32_APICBASE: case MSR_EFER: return !write; @@ -1820,6 +1821,20 @@ bool tdx_has_emulated_msr(u32 index, bool write) int tdx_get_msr(struct kvm_vcpu *vcpu, struct msr_data *msr) { switch (msr->index) { + case MSR_IA32_FEAT_CTL: + /* + * MCE and MCA are advertised via cpuid. guest kernel could + * check if LMCE is enabled or not. + */ + msr->data = FEAT_CTL_LOCKED; + if (vcpu->arch.mcg_cap & MCG_LMCE_P) + msr->data |= FEAT_CTL_LMCE_ENABLED; + return 0; + case MSR_IA32_MCG_EXT_CTL: + if (!msr->host_initiated && !(vcpu->arch.mcg_cap & MCG_LMCE_P)) + return 1; + msr->data = vcpu->arch.mcg_ext_ctl; + return 0; case MSR_MTRRcap: /* * Override kvm_mtrr_get_msr() which hardcodes the value. @@ -1838,6 +1853,11 @@ int tdx_get_msr(struct kvm_vcpu *vcpu, struct msr_data *msr) int tdx_set_msr(struct kvm_vcpu *vcpu, struct msr_data *msr) { switch (msr->index) { + case MSR_IA32_MCG_EXT_CTL: + if (!msr->host_initiated && !(vcpu->arch.mcg_cap & MCG_LMCE_P)) + return 1; + vcpu->arch.mcg_ext_ctl = msr->data; + return 0; case MSR_MTRRdefType: /* * Allow writeback only for all memory. -- 2.25.1