Received: by 2002:a05:7412:d8a:b0:e2:908c:2ebd with SMTP id b10csp2623876rdg;
        Mon, 16 Oct 2023 09:41:39 -0700 (PDT)
X-Google-Smtp-Source: AGHT+IHQ4gUHB6zXw/5c7Pj6SOnpcWifhChdx+OnRnZsikVrV7ZARf7gzIQAsmkahwRMgKFKrfni
X-Received: by 2002:a05:6a20:8e08:b0:138:836c:5370 with SMTP id y8-20020a056a208e0800b00138836c5370mr37550546pzj.42.1697474499390;
        Mon, 16 Oct 2023 09:41:39 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1697474499; cv=none;
        d=google.com; s=arc-20160816;
        b=a9K9TXBzUc3d0f4fsXr/+2bS/ggIQPqFkOptp+KucW4itfDHislsldPLB/C7eL4nHx
         D0yIPp48jK+ZaDw9kLfE4jlPAYsuIvPFBzJ8ak0Ws8Gv5z35AmH53aY59ohodWUbnVMX
         OIR37DnnV3gRRhMt8dYwKV5Dxp5VuBrZLB+mJYb5LEi3SXZrIOMBO5ucS8FfiY6IVbUL
         oev6m1RuE4/7k6X3eS/yP8iWP/IkMLoyVRIZi7CwP9o/ZUdoYlbe58rhOYCnJZA6SM8y
         mMrS17t/2iDiEjFK9Q5tbMKH8whl1W/CEDse1NuwKhWrkvI2seAHL9Z6G1568eTH+YSu
         J6Yw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:content-transfer-encoding:mime-version
         :references:in-reply-to:message-id:date:subject:cc:to:from
         :dkim-signature;
        bh=mJHVpaWn/4bioB/XXw4POKVOOjE0rRT/6dHx5s7AOSc=;
        fh=8msT5+Q6Iycrkr7siMJxuOlyMjbfyFwYktO24Zq6ZS4=;
        b=ZA3+iliYcM32khjZvbDz4XpLShfjmAqLWoWQDGeUeShEFlmCxzKeY3/ujcPRqIcIsm
         jkOn35nKTk7e/hZV39r4bOP5OGW0apkRLaEjL/HR6xeJVOdP7Olv53plNIYEYsIeo6DW
         DQ2solQYjNzr9iXPZpDT/Xsh1jhnoL+TYDrKjSK1v1Yxh7NexETai+TmBlATypdLTDYj
         F88YhNvy/RLbY4o3a3Wc0gH6vOAnSaEa3W0Y4usz8HlQZCPtS/FpQrqfoWgv7FifNO1E
         2WbKQ8Jf6UhEOHVCMOcQG5ojXS7wU6+qAIqYOk0IsjeuW2no/U4GFJCUq4hT6UN1bceL
         BsFA==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@intel.com header.s=Intel header.b=nxFszrH2;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.32 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from agentk.vger.email (agentk.vger.email. [23.128.96.32])
        by mx.google.com with ESMTPS id 71-20020a63004a000000b005ab85a6c6besi7704780pga.742.2023.10.16.09.41.39
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Mon, 16 Oct 2023 09:41:39 -0700 (PDT)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.32 as permitted sender) client-ip=23.128.96.32;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@intel.com header.s=Intel header.b=nxFszrH2;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.32 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com
Received: from out1.vger.email (depot.vger.email [IPv6:2620:137:e000::3:0])
	by agentk.vger.email (Postfix) with ESMTP id B7F4B804A22F;
	Mon, 16 Oct 2023 09:40:41 -0700 (PDT)
X-Virus-Status: Clean
X-Virus-Scanned: clamav-milter 0.103.10 at agentk.vger.email
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S234307AbjJPQkB (ORCPT <rfc822;0xff07.lkml@gmail.com>
        + 99 others); Mon, 16 Oct 2023 12:40:01 -0400
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:38184 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S234657AbjJPQjF (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Mon, 16 Oct 2023 12:39:05 -0400
Received: from mgamail.intel.com (mgamail.intel.com [192.55.52.136])
        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id E7CA2D7B;
        Mon, 16 Oct 2023 09:17:57 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple;
  d=intel.com; i=@intel.com; q=dns/txt; s=Intel;
  t=1697473078; x=1729009078;
  h=from:to:cc:subject:date:message-id:in-reply-to:
   references:mime-version:content-transfer-encoding;
  bh=NT/toe0FHcz1FOQ9+qlRYuaeKyHzTK7eQLgyvz4j05U=;
  b=nxFszrH2A8pEUvTAxjkcrpZuLztiHHygTaIKmlqZr25Vh9eS70wYJ+xE
   NsP1TasfprRPQVDGfIsQRaAJJ4Z8IZXf821V+Or/KWOc9FyvNLY1uHUZ6
   LVqqQHk4RMm1N3SSbpVpn86aTeUZnt813AHheBhfBQ5iWYf0ascIAcgaY
   YUpGkCM6V2J4dwpoP3PxApr7R8KPlsyQF2m6U8d/8/+90M5MgHKvxZ4p7
   g3ZrrFZecuBojEfspwWQBXb9oR/+rhc188B09bGHbw9Oq5nCcpBXD8/64
   dEGmR+G910QVj+MnQrTlTFjF5IB1mQrLrqIQ/AtMiVtJOZ9Z24Bi56FgW
   Q==;
X-IronPort-AV: E=McAfee;i="6600,9927,10865"; a="364921881"
X-IronPort-AV: E=Sophos;i="6.03,229,1694761200"; 
   d="scan'208";a="364921881"
Received: from fmsmga003.fm.intel.com ([10.253.24.29])
  by fmsmga106.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 16 Oct 2023 09:15:52 -0700
X-ExtLoop1: 1
X-IronPort-AV: E=McAfee;i="6600,9927,10865"; a="846448202"
X-IronPort-AV: E=Sophos;i="6.03,229,1694761200"; 
   d="scan'208";a="846448202"
Received: from ls.sc.intel.com (HELO localhost) ([172.25.112.31])
  by fmsmga003-auth.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 16 Oct 2023 09:15:52 -0700
From:   isaku.yamahata@intel.com
To:     kvm@vger.kernel.org, linux-kernel@vger.kernel.org
Cc:     isaku.yamahata@intel.com, isaku.yamahata@gmail.com,
        Paolo Bonzini <pbonzini@redhat.com>, erdemaktas@google.com,
        Sean Christopherson <seanjc@google.com>,
        Sagi Shahar <sagis@google.com>,
        David Matlack <dmatlack@google.com>,
        Kai Huang <kai.huang@intel.com>,
        Zhi Wang <zhi.wang.linux@gmail.com>, chen.bo@intel.com,
        hang.yuan@intel.com, tina.zhang@intel.com,
        Yang Weijiang <weijiang.yang@intel.com>
Subject: [PATCH v16 067/116] KVM: TDX: Add TSX_CTRL msr into uret_msrs list
Date:   Mon, 16 Oct 2023 09:14:19 -0700
Message-Id: <0766a33268fa66b6f5e582d659e184d4eeacc837.1697471314.git.isaku.yamahata@intel.com>
X-Mailer: git-send-email 2.25.1
In-Reply-To: <cover.1697471314.git.isaku.yamahata@intel.com>
References: <cover.1697471314.git.isaku.yamahata@intel.com>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-Spam-Status: No, score=-0.9 required=5.0 tests=DKIMWL_WL_HIGH,DKIM_SIGNED,
	DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS,
	MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS autolearn=unavailable
	autolearn_force=no version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on agentk.vger.email
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org
X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.6.4 (agentk.vger.email [0.0.0.0]); Mon, 16 Oct 2023 09:40:41 -0700 (PDT)

From: Yang Weijiang <weijiang.yang@intel.com>

TDX module resets the TSX_CTRL MSR to 0 at TD exit if TSX is enabled for
TD. Or it preserves the TSX_CTRL MSR if TSX is disabled for TD.  VMM can
rely on uret_msrs mechanism to defer the reload of host value until exiting
to user space.

Signed-off-by: Yang Weijiang <weijiang.yang@intel.com>
Signed-off-by: Isaku Yamahata <isaku.yamahata@intel.com>
---
 arch/x86/kvm/vmx/tdx.c | 33 +++++++++++++++++++++++++++++++--
 arch/x86/kvm/vmx/tdx.h |  8 ++++++++
 2 files changed, 39 insertions(+), 2 deletions(-)

diff --git a/arch/x86/kvm/vmx/tdx.c b/arch/x86/kvm/vmx/tdx.c
index 87ed1a255c3b..b5493d6c7cdd 100644
--- a/arch/x86/kvm/vmx/tdx.c
+++ b/arch/x86/kvm/vmx/tdx.c
@@ -521,14 +521,21 @@ static struct tdx_uret_msr tdx_uret_msrs[] = {
 	{.msr = MSR_LSTAR,},
 	{.msr = MSR_TSC_AUX,},
 };
+static unsigned int tdx_uret_tsx_ctrl_slot;
 
-static void tdx_user_return_update_cache(void)
+static void tdx_user_return_update_cache(struct kvm_vcpu *vcpu)
 {
 	int i;
 
 	for (i = 0; i < ARRAY_SIZE(tdx_uret_msrs); i++)
 		kvm_user_return_update_cache(tdx_uret_msrs[i].slot,
 					     tdx_uret_msrs[i].defval);
+	/*
+	 * TSX_CTRL is reset to 0 if guest TSX is supported. Otherwise
+	 * preserved.
+	 */
+	if (to_kvm_tdx(vcpu->kvm)->tsx_supported && tdx_uret_tsx_ctrl_slot != -1)
+		kvm_user_return_update_cache(tdx_uret_tsx_ctrl_slot, 0);
 }
 
 static void tdx_restore_host_xsave_state(struct kvm_vcpu *vcpu)
@@ -623,7 +630,7 @@ fastpath_t tdx_vcpu_run(struct kvm_vcpu *vcpu)
 
 	tdx_vcpu_enter_exit(tdx);
 
-	tdx_user_return_update_cache();
+	tdx_user_return_update_cache(vcpu);
 	tdx_restore_host_xsave_state(vcpu);
 	tdx->host_state_need_restore = true;
 
@@ -1167,6 +1174,22 @@ static int setup_tdparams_xfam(struct kvm_cpuid2 *cpuid, struct td_params *td_pa
 	return 0;
 }
 
+static bool tdparams_tsx_supported(struct kvm_cpuid2 *cpuid)
+{
+	const struct kvm_cpuid_entry2 *entry;
+	u64 mask;
+	u32 ebx;
+
+	entry = kvm_find_cpuid_entry2(cpuid->entries, cpuid->nent, 0x7, 0);
+	if (entry)
+		ebx = entry->ebx;
+	else
+		ebx = 0;
+
+	mask = __feature_bit(X86_FEATURE_HLE) | __feature_bit(X86_FEATURE_RTM);
+	return ebx & mask;
+}
+
 static int setup_tdparams(struct kvm *kvm, struct td_params *td_params,
 			struct kvm_tdx_init_vm *init_vm)
 {
@@ -1212,6 +1235,7 @@ static int setup_tdparams(struct kvm *kvm, struct td_params *td_params,
 	MEMCPY_SAME_SIZE(td_params->mrowner, init_vm->mrowner);
 	MEMCPY_SAME_SIZE(td_params->mrownerconfig, init_vm->mrownerconfig);
 
+	to_kvm_tdx(kvm)->tsx_supported = tdparams_tsx_supported(cpuid);
 	return 0;
 }
 
@@ -1875,6 +1899,11 @@ int __init tdx_hardware_setup(struct kvm_x86_ops *x86_ops)
 			return -EIO;
 		}
 	}
+	tdx_uret_tsx_ctrl_slot = kvm_find_user_return_msr(MSR_IA32_TSX_CTRL);
+	if (tdx_uret_tsx_ctrl_slot == -1 && boot_cpu_has(X86_FEATURE_MSR_TSX_CTRL)) {
+		pr_err("MSR_IA32_TSX_CTRL isn't included by kvm_find_user_return_msr\n");
+		return -EIO;
+	}
 
 	max_pkgs = topology_max_packages();
 	tdx_mng_key_config_lock = kcalloc(max_pkgs, sizeof(*tdx_mng_key_config_lock),
diff --git a/arch/x86/kvm/vmx/tdx.h b/arch/x86/kvm/vmx/tdx.h
index 610bd3f4e952..45f5c2744d78 100644
--- a/arch/x86/kvm/vmx/tdx.h
+++ b/arch/x86/kvm/vmx/tdx.h
@@ -17,6 +17,14 @@ struct kvm_tdx {
 	u64 xfam;
 	int hkid;
 
+	/*
+	 * Used on each TD-exit, see tdx_user_return_update_cache().
+	 * TSX_CTRL value on TD exit
+	 * - set 0     if guest TSX enabled
+	 * - preserved if guest TSX disabled
+	 */
+	bool tsx_supported;
+
 	hpa_t source_pa;
 
 	bool finalized;
-- 
2.25.1