Received: by 2002:a05:7412:419a:b0:f3:1519:9f41 with SMTP id i26csp978265rdh; Fri, 24 Nov 2023 02:32:52 -0800 (PST) X-Google-Smtp-Source: AGHT+IEocfXgiUFGWk0XHHk0ynrQrXHfpdvAI8lCkwTGUsBoxp6PzNYJ1to1bHUUOXNSJmA4B+m5 X-Received: by 2002:a17:903:230c:b0:1cc:3fc9:7d09 with SMTP id d12-20020a170903230c00b001cc3fc97d09mr2834875plh.15.1700821972372; Fri, 24 Nov 2023 02:32:52 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1700821972; cv=none; d=google.com; s=arc-20160816; b=Z98kiJ+OsaxZUhcRednXlnwJFRzFBJLNOFa/1jq0gKgelR5AOMamWGwxp5wmQroy0K c3tK/kCTtkIc+0yySUUH2/B8xgVnqsTL+58gKqfzLhEZRLc7sslV5DGkHhPIwqMleKRo 9two2eOQWwvscxX/E5BE+6iVlxlYcUc3LJHjGyWIzQGE5LikLNZIN4cC4DnbBMxnn/t9 x4KQrntmL8reyWoVKDS/NzBmtF3Gh+sq6lt1HLC9x+jBKfj03mDUZKT+Iry4A4GoZs9h kpiVHdYVx85kwvo6XsaXHkMJ5tFnvydXqXSGuEZZ3rWZNTxLTr/KVnTuTaLXTqm1tMb0 cu4g== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:in-reply-to:from :references:cc:to:content-language:subject:user-agent:mime-version :date:message-id:dkim-signature:dkim-filter; bh=QLms25rgq8qSrzk159jr51gU0QpzCDKfknjLMjUaAxY=; fh=CtPEWLGW3h0xHqpYmMk3bEL5pF6SAQdyssf4zEDqQSU=; b=Nm7YAunJfjmMTDup3UJcjq6Mrht6jJQYf/rbW5ErZttqM78XtPSQix8Swf9dMUQUKP af/oZ3TQGQspem6QwWm1fz9LlXDKO5EyBZI1a6g1lfNvdJebRRFKdF1EBSvYcv+CXPKI 0bGOh1D01ItLHEkxr1LktvNmfmIRhLuiG+dw0j6KuKrc3ql8YY5r+NO2zKq/6XiOnV91 TLt48Wh1ZdtQ/8jLOqseZH/r7ugdOHwdRbFYy+QEZ2c2WDKqVrBNuqJ7MNxgbzJTIbnJ ZXOVPuer1g1wRdYAzbeRY3OD4wzd7CI8+iRd3INgNKZ990pohoh0kuHETYe+05dRDPCu /Qgw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linux.microsoft.com header.s=default header.b=qNTjTTAk; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.37 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linux.microsoft.com Return-Path: Received: from snail.vger.email (snail.vger.email. [23.128.96.37]) by mx.google.com with ESMTPS id 4-20020a170902c14400b001cf650128f7si3070223plj.226.2023.11.24.02.32.52 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 24 Nov 2023 02:32:52 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.37 as permitted sender) client-ip=23.128.96.37; Authentication-Results: mx.google.com; dkim=pass header.i=@linux.microsoft.com header.s=default header.b=qNTjTTAk; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.37 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linux.microsoft.com Received: from out1.vger.email (depot.vger.email [IPv6:2620:137:e000::3:0]) by snail.vger.email (Postfix) with ESMTP id 61960805DC0E; Fri, 24 Nov 2023 02:32:20 -0800 (PST) X-Virus-Status: Clean X-Virus-Scanned: clamav-milter 0.103.11 at snail.vger.email Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1345481AbjKXKbw (ORCPT + 99 others); Fri, 24 Nov 2023 05:31:52 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:57668 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230343AbjKXKbn (ORCPT ); Fri, 24 Nov 2023 05:31:43 -0500 Received: from linux.microsoft.com (linux.microsoft.com [13.77.154.182]) by lindbergh.monkeyblade.net (Postfix) with ESMTP id 4A6201BD; Fri, 24 Nov 2023 02:31:50 -0800 (PST) Received: from [192.168.1.150] (181-28-144-85.ftth.glasoperator.nl [85.144.28.181]) by linux.microsoft.com (Postfix) with ESMTPSA id E259D20B74C0; Fri, 24 Nov 2023 02:31:45 -0800 (PST) DKIM-Filter: OpenDKIM Filter v2.11.0 linux.microsoft.com E259D20B74C0 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linux.microsoft.com; s=default; t=1700821909; bh=QLms25rgq8qSrzk159jr51gU0QpzCDKfknjLMjUaAxY=; h=Date:Subject:To:Cc:References:From:In-Reply-To:From; b=qNTjTTAkNJr4duxdUknZaGEH905MX99vycftZ8lZ4SLR/E4P5cmh1WKWIrwTDIxaV q1UZguzEpWq0o9ZANF1yATZK5eQCwXcHeS77JrCLlMxah+2dwQZincDgF3aigs9jQO cwuTi/EyXVfJsp5mB/SZeCe1O++3k0GO7HqO1P7I= Message-ID: <9f550947-9d13-479c-90c4-2e3f7674afee@linux.microsoft.com> Date: Fri, 24 Nov 2023 11:31:44 +0100 MIME-Version: 1.0 User-Agent: Mozilla Thunderbird Subject: Re: [PATCH v1 1/3] x86/tdx: Check for TDX partitioning during early TDX init Content-Language: en-US To: "Kirill A. Shutemov" Cc: linux-kernel@vger.kernel.org, Borislav Petkov , Dave Hansen , "H. Peter Anvin" , Ingo Molnar , Michael Kelley , Nikolay Borisov , Peter Zijlstra , Thomas Gleixner , Tom Lendacky , x86@kernel.org, Dexuan Cui , linux-hyperv@vger.kernel.org, stefan.bader@canonical.com, tim.gardner@canonical.com, roxana.nicolescu@canonical.com, cascardo@canonical.com, kys@microsoft.com, haiyangz@microsoft.com, wei.liu@kernel.org, sashal@kernel.org, stable@vger.kernel.org References: <20231122170106.270266-1-jpiotrowski@linux.microsoft.com> <20231123135846.pakk44rqbbi7njmb@box.shutemov.name> From: Jeremi Piotrowski In-Reply-To: <20231123135846.pakk44rqbbi7njmb@box.shutemov.name> Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit X-Spam-Status: No, score=-17.5 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,ENV_AND_HDR_SPF_MATCH,SPF_HELO_PASS,SPF_PASS, T_SCC_BODY_TEXT_LINE,USER_IN_DEF_DKIM_WL,USER_IN_DEF_SPF_WL autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.6.4 (snail.vger.email [0.0.0.0]); Fri, 24 Nov 2023 02:32:20 -0800 (PST) On 23/11/2023 14:58, Kirill A. Shutemov wrote: > On Wed, Nov 22, 2023 at 06:01:04PM +0100, Jeremi Piotrowski wrote: >> Check for additional CPUID bits to identify TDX guests running with Trust >> Domain (TD) partitioning enabled. TD partitioning is like nested virtualization >> inside the Trust Domain so there is a L1 TD VM(M) and there can be L2 TD VM(s). >> >> In this arrangement we are not guaranteed that the TDX_CPUID_LEAF_ID is visible >> to Linux running as an L2 TD VM. This is because a majority of TDX facilities >> are controlled by the L1 VMM and the L2 TDX guest needs to use TD partitioning >> aware mechanisms for what's left. So currently such guests do not have >> X86_FEATURE_TDX_GUEST set. >> >> We want the kernel to have X86_FEATURE_TDX_GUEST set for all TDX guests so we >> need to check these additional CPUID bits, but we skip further initialization >> in the function as we aren't guaranteed access to TDX module calls. > > I don't follow. The idea of partitioning is that L2 OS can be > unenlightened and have no idea if it runs indide of TD. But this patch > tries to enumerate TDX anyway. > > Why? > That's not the only idea of partitioning. Partitioning provides different privilege levels within the TD, and unenlightened L2 OS can be made to work but are inefficient. In our case Linux always runs enlightened (both with and without TD partitioning), and uses TDX functionality where applicable (TDX vmcalls, PTE encryption bit). There have been long discussions on LKML about how CoCo features should be supported, I've followed most of them and I believe we've converged on: the kernel is fully aware what kind of guest it is (SNP/TDX) and uses CC_ATTR_XXX to check for specific SNP/TDX features. Right now the guest with TD partitioning is missing out on X86_FEATURE_TDX_GUEST. That's why this patch tries to enumerate TDX. I have posted an alternate version of this patch for discussion here: https://lore.kernel.org/lkml/0799b692-4b26-4e00-9cec-fdc4c929ea58@linux.microsoft.com/