Received: by 2002:a05:7412:e79e:b0:f3:1519:9f41 with SMTP id o30csp44801rdd; Wed, 22 Nov 2023 09:02:03 -0800 (PST) X-Google-Smtp-Source: AGHT+IH8zk6xrPZuKTt9l+3IdCUS1Mo4dBn1cbSE++7VJMN99j+Gu+DmCAqLpwg2mMF1yyC7E2fb X-Received: by 2002:a05:6870:1e8b:b0:1e9:ab99:6b7 with SMTP id pb11-20020a0568701e8b00b001e9ab9906b7mr3859218oab.3.1700672522853; Wed, 22 Nov 2023 09:02:02 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1700672522; cv=none; d=google.com; s=arc-20160816; b=DiFqzMGTUgmqBhklQRXS9jPzaB9JeHGvPgUL03uDBopHeihQp/kaiP3KYp3czzBitK YqSN+ibZOiYiWTJcwMkUBkFBut1eY5FTnun7G6NPh6EeViu1CAkC9z+H94yvtqkUc+BV TBLWRI5PJxrTKLUunmzC7XX2qbElT/m4yvldPPgIiZMuHK5d2eH7+0lbwegrrTJIJWWM /fojOrB8G1wViD9sVIgNCkm/TD/Plm4WY0JbGsK7B/fzPCG4I+9SWT2sI+Iu5fQXMUwU oEk8oCyQqm0d//hRAkmkMdzjqoPqGouQxWR7mF9Abk2FHwQQsU0O572OxYFcifuNmj/0 O1Ig== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :message-id:date:subject:cc:to:from:dkim-signature:dkim-filter; bh=SyJPVx2JrmsCqhSu/Lg/Nm3EngUrOFky3GEOUF76eKQ=; fh=E8ULNJBgdDg9an7hIBnyD2FCRjgTqVL5oPJZZj2SaL0=; b=EDo273aZ8Nd3qMzMpjWnxKUx1sBnW+GCZjYK7NzR5h/QFGBtxj81kM+SsipMhgG8rU EcsTFWREhgqAFaCAsJZOCnCib1AxCzw9ppW5NFtjbodJptu5o4ycJkTgVTnS84wdJO3D r0QbF7NmFJvI2Qm3kwhSZ4VbYaWotr3Gp5X+umqIeW/1NiCHyMHKeb7Iq8apk2KMhoXp sT2bAtk/VX64MfUZG4FT6VFjd9fjF4qAzuUwXvQDN3muQHpGXSWoRORuOryrXq9rlR7W rzA64+ozljIa2NuAmwFIzwGIsi2yeKoPOLazaSwbnBPQCTYJD1IFPVjszppDm2MSpv1v QO6g== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linux.microsoft.com header.s=default header.b=KCTatUdl; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:5 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linux.microsoft.com Return-Path: Received: from groat.vger.email (groat.vger.email. [2620:137:e000::3:5]) by mx.google.com with ESMTPS id j13-20020a056870530d00b001e9c5c41aabsi12208oan.209.2023.11.22.09.01.57 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 22 Nov 2023 09:02:02 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:5 as permitted sender) client-ip=2620:137:e000::3:5; Authentication-Results: mx.google.com; dkim=pass header.i=@linux.microsoft.com header.s=default header.b=KCTatUdl; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:5 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linux.microsoft.com Received: from out1.vger.email (depot.vger.email [IPv6:2620:137:e000::3:0]) by groat.vger.email (Postfix) with ESMTP id 9528082663B2; Wed, 22 Nov 2023 09:01:48 -0800 (PST) X-Virus-Status: Clean X-Virus-Scanned: clamav-milter 0.103.11 at groat.vger.email Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232295AbjKVRBj (ORCPT + 99 others); Wed, 22 Nov 2023 12:01:39 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:59798 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231683AbjKVRBg (ORCPT ); Wed, 22 Nov 2023 12:01:36 -0500 Received: from linux.microsoft.com (linux.microsoft.com [13.77.154.182]) by lindbergh.monkeyblade.net (Postfix) with ESMTP id AC0B3A4; Wed, 22 Nov 2023 09:01:32 -0800 (PST) Received: from localhost.localdomain (77-166-152-30.fixed.kpn.net [77.166.152.30]) by linux.microsoft.com (Postfix) with ESMTPSA id EFB6A20B74C0; Wed, 22 Nov 2023 09:01:27 -0800 (PST) DKIM-Filter: OpenDKIM Filter v2.11.0 linux.microsoft.com EFB6A20B74C0 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linux.microsoft.com; s=default; t=1700672492; bh=SyJPVx2JrmsCqhSu/Lg/Nm3EngUrOFky3GEOUF76eKQ=; h=From:To:Cc:Subject:Date:From; b=KCTatUdliXlguFtxNBDUPDpF5OjuHuE4Yes3AcmnnhK9OcZuGnCuYmz2cFENbRZfX 4EAzk9gj68teUCXZxphaBMILXskzmpHtZvt5zGMEo5RIcVRq0RapsPdpezoS4OXMMh gO4eh1mn0IkXvTK4hSSqGg5CueRvF1tVYCJaM2eo= From: Jeremi Piotrowski To: linux-kernel@vger.kernel.org, Borislav Petkov , Dave Hansen , "H. Peter Anvin" , Ingo Molnar , "Kirill A. Shutemov" , Michael Kelley , Nikolay Borisov , Peter Zijlstra , Thomas Gleixner , Tom Lendacky , x86@kernel.org, Dexuan Cui Cc: Jeremi Piotrowski , linux-hyperv@vger.kernel.org, stefan.bader@canonical.com, tim.gardner@canonical.com, roxana.nicolescu@canonical.com, cascardo@canonical.com, kys@microsoft.com, haiyangz@microsoft.com, wei.liu@kernel.org, sashal@kernel.org, stable@vger.kernel.org Subject: [PATCH v1 1/3] x86/tdx: Check for TDX partitioning during early TDX init Date: Wed, 22 Nov 2023 18:01:04 +0100 Message-Id: <20231122170106.270266-1-jpiotrowski@linux.microsoft.com> X-Mailer: git-send-email 2.39.2 MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Spam-Status: No, score=-8.4 required=5.0 tests=DKIM_SIGNED,DKIM_VALID, DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI, SPF_HELO_NONE,SPF_PASS,T_SCC_BODY_TEXT_LINE,USER_IN_DEF_DKIM_WL autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on groat.vger.email Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.6.4 (groat.vger.email [0.0.0.0]); Wed, 22 Nov 2023 09:01:48 -0800 (PST) Check for additional CPUID bits to identify TDX guests running with Trust Domain (TD) partitioning enabled. TD partitioning is like nested virtualization inside the Trust Domain so there is a L1 TD VM(M) and there can be L2 TD VM(s). In this arrangement we are not guaranteed that the TDX_CPUID_LEAF_ID is visible to Linux running as an L2 TD VM. This is because a majority of TDX facilities are controlled by the L1 VMM and the L2 TDX guest needs to use TD partitioning aware mechanisms for what's left. So currently such guests do not have X86_FEATURE_TDX_GUEST set. We want the kernel to have X86_FEATURE_TDX_GUEST set for all TDX guests so we need to check these additional CPUID bits, but we skip further initialization in the function as we aren't guaranteed access to TDX module calls. Cc: # v6.5+ Signed-off-by: Jeremi Piotrowski --- arch/x86/coco/tdx/tdx.c | 29 ++++++++++++++++++++++++++--- arch/x86/include/asm/tdx.h | 3 +++ 2 files changed, 29 insertions(+), 3 deletions(-) diff --git a/arch/x86/coco/tdx/tdx.c b/arch/x86/coco/tdx/tdx.c index 1d6b863c42b0..c7bbbaaf654d 100644 --- a/arch/x86/coco/tdx/tdx.c +++ b/arch/x86/coco/tdx/tdx.c @@ -8,6 +8,7 @@ #include #include #include +#include #include #include #include @@ -37,6 +38,8 @@ #define TDREPORT_SUBTYPE_0 0 +bool tdx_partitioning_active; + /* Called from __tdx_hypercall() for unrecoverable failure */ noinstr void __tdx_hypercall_failed(void) { @@ -757,19 +760,38 @@ static bool tdx_enc_status_change_finish(unsigned long vaddr, int numpages, return true; } + +static bool early_is_hv_tdx_partitioning(void) +{ + u32 eax, ebx, ecx, edx; + cpuid(HYPERV_CPUID_ISOLATION_CONFIG, &eax, &ebx, &ecx, &edx); + return eax & HV_PARAVISOR_PRESENT && + (ebx & HV_ISOLATION_TYPE) == HV_ISOLATION_TYPE_TDX; +} + void __init tdx_early_init(void) { u64 cc_mask; u32 eax, sig[3]; cpuid_count(TDX_CPUID_LEAF_ID, 0, &eax, &sig[0], &sig[2], &sig[1]); - - if (memcmp(TDX_IDENT, sig, sizeof(sig))) - return; + if (memcmp(TDX_IDENT, sig, sizeof(sig))) { + tdx_partitioning_active = early_is_hv_tdx_partitioning(); + if (!tdx_partitioning_active) + return; + } setup_force_cpu_cap(X86_FEATURE_TDX_GUEST); cc_vendor = CC_VENDOR_INTEL; + + /* + * Need to defer cc_mask and page visibility callback initializations + * to a TD-partitioning aware implementation. + */ + if (tdx_partitioning_active) + goto exit; + tdx_parse_tdinfo(&cc_mask); cc_set_mask(cc_mask); @@ -820,5 +842,6 @@ void __init tdx_early_init(void) */ x86_cpuinit.parallel_bringup = false; +exit: pr_info("Guest detected\n"); } diff --git a/arch/x86/include/asm/tdx.h b/arch/x86/include/asm/tdx.h index 603e6d1e9d4a..fe22f8675859 100644 --- a/arch/x86/include/asm/tdx.h +++ b/arch/x86/include/asm/tdx.h @@ -52,6 +52,7 @@ bool tdx_early_handle_ve(struct pt_regs *regs); int tdx_mcall_get_report0(u8 *reportdata, u8 *tdreport); +extern bool tdx_partitioning_active; #else static inline void tdx_early_init(void) { }; @@ -71,6 +72,8 @@ static inline long tdx_kvm_hypercall(unsigned int nr, unsigned long p1, { return -ENODEV; } + +#define tdx_partitioning_active false #endif /* CONFIG_INTEL_TDX_GUEST && CONFIG_KVM_GUEST */ #endif /* !__ASSEMBLY__ */ #endif /* _ASM_X86_TDX_H */ -- 2.39.2