Received: by 2002:a05:7412:d8a:b0:e2:908c:2ebd with SMTP id b10csp2621740rdg; Mon, 16 Oct 2023 09:37:46 -0700 (PDT) X-Google-Smtp-Source: AGHT+IEqcg8r3a6Y6pu3i2J+KK5hvtZzKtHeFkRh/DvScVgn6hMdolxn4f2jN+dxPGgFfjgQVmX/ X-Received: by 2002:a17:903:2283:b0:1ca:4ad7:6878 with SMTP id b3-20020a170903228300b001ca4ad76878mr4814833plh.8.1697474265804; Mon, 16 Oct 2023 09:37:45 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1697474265; cv=none; d=google.com; s=arc-20160816; b=MvfpFdhvTuaBFXy1R1duw839e4DYSyG3rCvYR0ZaGzynbWqfexDb0h+nQYRsm95ZKA 8+K67TfoD77+s0VBSTQCFP6Hw21vZTeegN96xQlzy83lJgPw39mG8lA7fvP4iRv1FXsW Hz0VVyZBQ8kfr3YEOcUjLcrLkgV5FOvs6fveepxToD0aPQraoA2AVbpKa/muxd5SB+mJ 9uhHBosZxD1B8vd/TCwrYJrSzCaS8zFeyiIulCS827oDIhd15Xx5kgaBWUJWKMW2WWvY h3MpdIPBJ31Zz2tOsv/3/8ScxFAfb66pT+4mI33L1Oq6nJyvQIw1H9pmHIoUKJtQNp39 SpjQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=GXvFQPnz2eNs+ZEuDqZo2GDQlljGax5NW8PPMLSrUS8=; fh=lRdU2Q/1zx5DcPdZuWBjshA5VT5Oc9cEhB1tCFiV0Nw=; b=DYQfGYUcsMQSxCp4662tnZYojm/X1bCfAtmqxlx9GAqHSoQIW1sknhtIAyPC4EHFG5 CbgJdtVlRdYZXnOhdIiB05eNQ7qCjjXfv+DBmTn+UCHiSA1EySChvnD8TRpFbahuGuM7 4w63dbiRAX3soujoU+UOJ3D1/N6nhE8pLnJhsGmLmnbg4Av8I+tzdfJnh6kRCCUZCSX1 gtHFxkY0OIIfqm2rlj2X8yab2+j0Rj5AAgfMcQd+ejfoAnvu0zujOURK72i48tr8tdvc 0qHO24PkDUjWP/pJYY7y7Bp/K5R+Sc4yBjBkRs6QA8CTA+qgtuj27j8Az8RRW2Z9NRDE HNSQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b="eKQ8Zm4/"; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.38 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Return-Path: Received: from fry.vger.email (fry.vger.email. [23.128.96.38]) by mx.google.com with ESMTPS id jm7-20020a17090304c700b001c9b5e4be5fsi8578113plb.396.2023.10.16.09.37.45 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 16 Oct 2023 09:37:45 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.38 as permitted sender) client-ip=23.128.96.38; Authentication-Results: mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b="eKQ8Zm4/"; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.38 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: from out1.vger.email (depot.vger.email [IPv6:2620:137:e000::3:0]) by fry.vger.email (Postfix) with ESMTP id A1B048086828; Mon, 16 Oct 2023 09:37:42 -0700 (PDT) X-Virus-Status: Clean X-Virus-Scanned: clamav-milter 0.103.10 at fry.vger.email Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S234133AbjJPQg6 (ORCPT + 99 others); Mon, 16 Oct 2023 12:36:58 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:35492 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S233772AbjJPQf5 (ORCPT ); Mon, 16 Oct 2023 12:35:57 -0400 Received: from mgamail.intel.com (mgamail.intel.com [192.55.52.136]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 8A8096A57; Mon, 16 Oct 2023 09:21:56 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1697473316; x=1729009316; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=CKuSpPInfTsyQSZPtZYPThCgg90sYoCDCtZz1uDkXfI=; b=eKQ8Zm4/hLswAPWQwMAOnvxQSMWd4JUvqBh7iKECM/DDls/xDS7pfZPt pNhaZlVqVQUuwkG+guajHy2tQhv79kQGPVMFEo0mVmkrV4zAqAvM1Y2MT YWxUrnjNgyp3Z6TkTyVE8ZdHZnMlRTnGNpL/Ks0Y4NANw8Hp7gg/5LBEY zyK70h82iSn/MDM87yfwdGqAN1M5TKFyGnofovu0s1O1AFsVqPmlihAAR g/PqrANMSqfprjCVDXJFuOpJDtmPhoZ9a82NVKkLNfxp+03Uic9EEmaG2 T17J+FDoeB1z/Sjusvilu8Es2+mrE8Hd3JPUmKUKTiTmK2hcJg56yOAeB w==; X-IronPort-AV: E=McAfee;i="6600,9927,10865"; a="364922084" X-IronPort-AV: E=Sophos;i="6.03,229,1694761200"; d="scan'208";a="364922084" Received: from fmsmga003.fm.intel.com ([10.253.24.29]) by fmsmga106.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 16 Oct 2023 09:16:07 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=McAfee;i="6600,9927,10865"; a="846448332" X-IronPort-AV: E=Sophos;i="6.03,229,1694761200"; d="scan'208";a="846448332" Received: from ls.sc.intel.com (HELO localhost) ([172.25.112.31]) by fmsmga003-auth.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 16 Oct 2023 09:16:07 -0700 From: isaku.yamahata@intel.com To: kvm@vger.kernel.org, linux-kernel@vger.kernel.org Cc: isaku.yamahata@intel.com, isaku.yamahata@gmail.com, Paolo Bonzini , erdemaktas@google.com, Sean Christopherson , Sagi Shahar , David Matlack , Kai Huang , Zhi Wang , chen.bo@intel.com, hang.yuan@intel.com, tina.zhang@intel.com Subject: [PATCH v16 098/116] KVM: TDX: Handle MSR IA32_FEAT_CTL MSR and IA32_MCG_EXT_CTL Date: Mon, 16 Oct 2023 09:14:50 -0700 Message-Id: X-Mailer: git-send-email 2.25.1 In-Reply-To: References: MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Spam-Status: No, score=-0.9 required=5.0 tests=DKIMWL_WL_HIGH,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS, MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on fry.vger.email Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.6.4 (fry.vger.email [0.0.0.0]); Mon, 16 Oct 2023 09:37:42 -0700 (PDT) From: Isaku Yamahata MCE and MCA is advertised via cpuid based on the TDX module spec. Guest kernel can access IA32_FEAT_CTL for checking if LMCE is enabled by platform and IA32_MCG_EXT_CTL to enable LMCE. Make TDX KVM handle them. Otherwise guest MSR access to them with TDG.VP.VMCALL on VE results in GP in guest. Because LMCE is disabled with qemu by default, "-cpu lmce=on" to qemu command line is needed to reproduce it. Signed-off-by: Isaku Yamahata --- arch/x86/kvm/vmx/tdx.c | 20 ++++++++++++++++++++ 1 file changed, 20 insertions(+) diff --git a/arch/x86/kvm/vmx/tdx.c b/arch/x86/kvm/vmx/tdx.c index 726e28f30354..7f8c89fd556a 100644 --- a/arch/x86/kvm/vmx/tdx.c +++ b/arch/x86/kvm/vmx/tdx.c @@ -1950,6 +1950,7 @@ bool tdx_has_emulated_msr(u32 index, bool write) default: return true; } + case MSR_IA32_FEAT_CTL: case MSR_IA32_APICBASE: case MSR_EFER: return !write; @@ -1964,6 +1965,20 @@ bool tdx_has_emulated_msr(u32 index, bool write) int tdx_get_msr(struct kvm_vcpu *vcpu, struct msr_data *msr) { switch (msr->index) { + case MSR_IA32_FEAT_CTL: + /* + * MCE and MCA are advertised via cpuid. guest kernel could + * check if LMCE is enabled or not. + */ + msr->data = FEAT_CTL_LOCKED; + if (vcpu->arch.mcg_cap & MCG_LMCE_P) + msr->data |= FEAT_CTL_LMCE_ENABLED; + return 0; + case MSR_IA32_MCG_EXT_CTL: + if (!msr->host_initiated && !(vcpu->arch.mcg_cap & MCG_LMCE_P)) + return 1; + msr->data = vcpu->arch.mcg_ext_ctl; + return 0; case MSR_MTRRcap: /* * Override kvm_mtrr_get_msr() which hardcodes the value. @@ -1982,6 +1997,11 @@ int tdx_get_msr(struct kvm_vcpu *vcpu, struct msr_data *msr) int tdx_set_msr(struct kvm_vcpu *vcpu, struct msr_data *msr) { switch (msr->index) { + case MSR_IA32_MCG_EXT_CTL: + if (!msr->host_initiated && !(vcpu->arch.mcg_cap & MCG_LMCE_P)) + return 1; + vcpu->arch.mcg_ext_ctl = msr->data; + return 0; case MSR_MTRRdefType: /* * Allow writeback only for all memory. -- 2.25.1