Received: by 2002:a05:7412:d8a:b0:e2:908c:2ebd with SMTP id b10csp3054286rdg; Tue, 17 Oct 2023 03:16:41 -0700 (PDT) X-Google-Smtp-Source: AGHT+IEBEFoUuNrrYoC0PnLbRQAmLdoluIjpClcUhRXg4d+w5q6l4wTIbv+Wa1MufJIr6rW2b4Bn X-Received: by 2002:a05:6a20:7d91:b0:153:78c1:c40f with SMTP id v17-20020a056a207d9100b0015378c1c40fmr1909114pzj.15.1697537801551; Tue, 17 Oct 2023 03:16:41 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1697537801; cv=none; d=google.com; s=arc-20160816; b=DZU2CPyjcq0hRIwHUkm5po1OymOWcywP7CicJrTCd63z0wvih+OnQ10E41R0zQE1id U1zgeFUOsE5JO+rLH+BWYQ4RmFf3Lmh1JPeFpEMMECxK6zMKZHnZinWZdFxUbqyDlLFS urfnzr5XY6GIxV6JDThTtIIe8Vl1M284qY3Tbz81hyvms/xpZu6YATGYOeFvbDlkpNE5 YzAJPnHoF7ujh2Wr+NwUza3ceI4ZkHQtgWwp10clL/81mGnjsoZu5BzlrCC23S3II7yT /QEDrjKTZGvjacC97el0uPHaRC/jU+S5l7gdwQT1nAS+uA0Oj/DuRQCX5g+QW8DLI6y/ CvrQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=ir6IOg5nw9wdGHduYG+/953r6kv8Z1oHOC+sAAWQLFo=; fh=WBgbLtMencYhgeHuu2sUs5b9THiYLgy17d2w1N+xuf4=; b=wVBmOjxsHrmhDKOk9rqgLZ9mkBukbJ1HESBjpYrlHskcVAaex6MYL273V7GYLikoa+ SrJp5D3b37LA5h2tADADi99krzDe6fbvGHus32BJPmrn9IJ/NIjZAacE9hgr1qaX8wLu vIbkRznOs06vjJ0SarSlfFStRRfJt+wrVKSP0+yFigQnGTkxj9Ol+gu/lPlZ56exH41A QWFBLyF4i+/ysEjS+gWGJyNpW0wPvq3gB6woHeMWsVFkecWs6FTMwCy6imoJYUHNGGrE hfNSsO+wUoLP2agc4oG4b/SMjoZ4oPuqy/BxF2nQXcMHpD8bRhAUpM86Yt4xfvxh+wSJ eurw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b=YsOfCb25; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.32 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Return-Path: Received: from agentk.vger.email (agentk.vger.email. [23.128.96.32]) by mx.google.com with ESMTPS id x6-20020a17090a8a8600b0027d06e08f9bsi7901626pjn.150.2023.10.17.03.16.41 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 17 Oct 2023 03:16:41 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.32 as permitted sender) client-ip=23.128.96.32; Authentication-Results: mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b=YsOfCb25; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.32 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: from out1.vger.email (depot.vger.email [IPv6:2620:137:e000::3:0]) by agentk.vger.email (Postfix) with ESMTP id 3D4868037AAB; Tue, 17 Oct 2023 03:16:38 -0700 (PDT) X-Virus-Status: Clean X-Virus-Scanned: clamav-milter 0.103.10 at agentk.vger.email Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1343690AbjJQKQQ (ORCPT + 99 others); Tue, 17 Oct 2023 06:16:16 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:51688 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1343706AbjJQKPv (ORCPT ); Tue, 17 Oct 2023 06:15:51 -0400 Received: from mgamail.intel.com (mgamail.intel.com [134.134.136.100]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id AF85E1BF; Tue, 17 Oct 2023 03:15:41 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1697537741; x=1729073741; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=F2UWS68G23VMzstdN8nuzh/U2U/GfdW4IZaM6wZeN9U=; b=YsOfCb25uOwxNWt9WhU8ql35GGuel57An9euttg2sehdTkaGZ4zNUDb4 A1JAHFUniUkQNnv7IgrMqOPG9T/TbbXCOD3/+ooT46VRL9NSbuY3MDEvg 68h0BYsqnQv5/8ycP+2WmbefP7YDi3EPkKshpeQMmxgLHHJJ67/xAgum3 OTMZanis3qjSLvH8kM1NDwVlzg0UWabMh3OnqezqZchpmWcjdwG3/jwXk C1h8C2cJXPb6f1WaZB98Xz/7KH+sdFGCEm7Odcmgd9E44rrsigSfwwk9o ioMHCwJ0rMveqqbdxB7zCaZiWH3EMUWmtDq/ZEFsz153Awm4bbFsvI/ZI g==; X-IronPort-AV: E=McAfee;i="6600,9927,10865"; a="452226797" X-IronPort-AV: E=Sophos;i="6.03,231,1694761200"; d="scan'208";a="452226797" Received: from fmsmga002.fm.intel.com ([10.253.24.26]) by orsmga105.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 17 Oct 2023 03:15:40 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=McAfee;i="6600,9927,10865"; a="872503506" X-IronPort-AV: E=Sophos;i="6.03,231,1694761200"; d="scan'208";a="872503506" Received: from chowe-mobl.amr.corp.intel.com (HELO khuang2-desk.gar.corp.intel.com) ([10.255.229.64]) by fmsmga002-auth.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 17 Oct 2023 03:15:34 -0700 From: Kai Huang To: linux-kernel@vger.kernel.org, kvm@vger.kernel.org Cc: x86@kernel.org, dave.hansen@intel.com, kirill.shutemov@linux.intel.com, peterz@infradead.org, tony.luck@intel.com, tglx@linutronix.de, bp@alien8.de, mingo@redhat.com, hpa@zytor.com, seanjc@google.com, pbonzini@redhat.com, rafael@kernel.org, david@redhat.com, dan.j.williams@intel.com, len.brown@intel.com, ak@linux.intel.com, isaku.yamahata@intel.com, ying.huang@intel.com, chao.gao@intel.com, sathyanarayanan.kuppuswamy@linux.intel.com, nik.borisov@suse.com, bagasdotme@gmail.com, sagis@google.com, imammedo@redhat.com, kai.huang@intel.com Subject: [PATCH v14 06/23] x86/virt/tdx: Add SEAMCALL error printing for module initialization Date: Tue, 17 Oct 2023 23:14:30 +1300 Message-ID: <58c44258cb5b1009f0ddfe6b07ac986b9614b8b3.1697532085.git.kai.huang@intel.com> X-Mailer: git-send-email 2.41.0 In-Reply-To: References: MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Spam-Status: No, score=-0.9 required=5.0 tests=DKIMWL_WL_HIGH,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS, MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on agentk.vger.email Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.6.4 (agentk.vger.email [0.0.0.0]); Tue, 17 Oct 2023 03:16:38 -0700 (PDT) The SEAMCALLs involved during the TDX module initialization are not expected to fail. In fact, they are not expected to return any non-zero code (except the "running out of entropy error", which can be handled internally already). Add yet another set of SEAMCALL wrappers, which treats all non-zero return code as error, to support printing SEAMCALL error upon failure for module initialization. Note the TDX module initialization doesn't use the _saved_ret() variant thus no wrapper is added for it. SEAMCALL assembly can also return kernel-defined error codes for three special cases: 1) TDX isn't enabled by the BIOS; 2) TDX module isn't loaded; 3) CPU isn't in VMX operation. Whether they can legally happen depends on the caller, so leave to the caller to print error message when desired. Also convert the SEAMCALL error codes to the kernel error codes in the new wrappers so that each SEAMCALL caller doesn't have to repeat the conversion. Signed-off-by: Kai Huang Reviewed-by: Kirill A. Shutemov --- v13 -> v14: - Use real functions to replace macros. (Dave) - Moved printing error message for special error code to the caller (internal) - Added Kirill's tag v12 -> v13: - New implementation due to TDCALL assembly series. --- arch/x86/include/asm/tdx.h | 1 + arch/x86/virt/vmx/tdx/tdx.c | 52 +++++++++++++++++++++++++++++++++++++ 2 files changed, 53 insertions(+) diff --git a/arch/x86/include/asm/tdx.h b/arch/x86/include/asm/tdx.h index d624aa25aab0..984efd3114ed 100644 --- a/arch/x86/include/asm/tdx.h +++ b/arch/x86/include/asm/tdx.h @@ -27,6 +27,7 @@ /* * TDX module SEAMCALL leaf function error codes */ +#define TDX_SUCCESS 0ULL #define TDX_RND_NO_ENTROPY 0x8000020300000000ULL #ifndef __ASSEMBLY__ diff --git a/arch/x86/virt/vmx/tdx/tdx.c b/arch/x86/virt/vmx/tdx/tdx.c index 13d22ea2e2d9..52fb14e0195f 100644 --- a/arch/x86/virt/vmx/tdx/tdx.c +++ b/arch/x86/virt/vmx/tdx/tdx.c @@ -20,6 +20,58 @@ static u32 tdx_global_keyid __ro_after_init; static u32 tdx_guest_keyid_start __ro_after_init; static u32 tdx_nr_guest_keyids __ro_after_init; +typedef void (*sc_err_func_t)(u64 fn, u64 err, struct tdx_module_args *args); + +static inline void seamcall_err(u64 fn, u64 err, struct tdx_module_args *args) +{ + pr_err("SEAMCALL (0x%llx) failed: 0x%llx\n", fn, err); +} + +static inline void seamcall_err_ret(u64 fn, u64 err, + struct tdx_module_args *args) +{ + seamcall_err(fn, err, args); + pr_err("RCX 0x%llx RDX 0x%llx R8 0x%llx R9 0x%llx R10 0x%llx R11 0x%llx\n", + args->rcx, args->rdx, args->r8, args->r9, + args->r10, args->r11); +} + +static inline void seamcall_err_saved_ret(u64 fn, u64 err, + struct tdx_module_args *args) +{ + seamcall_err_ret(fn, err, args); + pr_err("RBX 0x%llx RDI 0x%llx RSI 0x%llx R12 0x%llx R13 0x%llx R14 0x%llx R15 0x%llx\n", + args->rbx, args->rdi, args->rsi, args->r12, + args->r13, args->r14, args->r15); +} + +static inline int sc_retry_prerr(sc_func_t func, sc_err_func_t err_func, + u64 fn, struct tdx_module_args *args) +{ + u64 sret = sc_retry(func, fn, args); + + if (sret == TDX_SUCCESS) + return 0; + + if (sret == TDX_SEAMCALL_VMFAILINVALID) + return -ENODEV; + + if (sret == TDX_SEAMCALL_GP) + return -EOPNOTSUPP; + + if (sret == TDX_SEAMCALL_UD) + return -EACCES; + + err_func(fn, sret, args); + return -EIO; +} + +#define seamcall_prerr(__fn, __args) \ + sc_retry_prerr(__seamcall, seamcall_err, (__fn), (__args)) + +#define seamcall_prerr_ret(__fn, __args) \ + sc_retry_prerr(__seamcall_ret, seamcall_err_ret, (__fn), (__args)) + static int __init record_keyid_partitioning(u32 *tdx_keyid_start, u32 *nr_tdx_keyids) { -- 2.41.0