Received: by 2002:a05:7412:419a:b0:f3:1519:9f41 with SMTP id i26csp981849rdh; Fri, 24 Nov 2023 02:39:51 -0800 (PST) X-Google-Smtp-Source: AGHT+IH7lnBnWkPWGxPCNTm9OioUVsX0hy2nheK4nYhH3Uv5tD2QXr9CwLZNYuhoND+TfQZl1rdT X-Received: by 2002:a9d:6c90:0:b0:6ce:2789:7195 with SMTP id c16-20020a9d6c90000000b006ce27897195mr2193247otr.31.1700822391173; Fri, 24 Nov 2023 02:39:51 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1700822391; cv=none; d=google.com; s=arc-20160816; b=Y/50m87pklJKKaKbd7bY1tztKu7D+lkIqjUHaJwWvjVuff2IRgSh7gs1hZBsDYA3Wx tvQaXjSxEkfU/CuGFFVscOTSiMYiifudLT9cj3O3YWEar2ECfMHoj2fQyBKmYrSVhDZ9 s2ZeWt8kG6h8Pxg0CG21ourWeAnbboYXA1wqm2/PGTOA7DyMBCP4qo2pjppfTJS/a+1J 1EmaVxufQTBPEE099q7Ve0Qqu3AblvAsCx9ryW/EwxfDk9YI0hDUJnmcukdAYLsoVqwn HAfXLMJ7q1i5RTH/BugtZN/PWMyCSyMO5uNUB5wVZTl9ISTif/5CdcArthITKqmvn3Zc rgNg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:in-reply-to:from :references:cc:to:content-language:subject:user-agent:mime-version :date:message-id:dkim-signature:dkim-filter; bh=bWMJQ3ZfpBF9dhvt4SiaJCZj02iWQIJde8FaEdTvYls=; fh=CtPEWLGW3h0xHqpYmMk3bEL5pF6SAQdyssf4zEDqQSU=; b=W/WBEyuliAqR+mK3rCqgTevDe+NhINFQauexxUnAFEE6bBTi1BWckjtoPYR8O4AxD2 FIq+S/frZ0jt4ygo1aRjDoQnoxhV7mC2jv/6czvxHNVOfe+4T725fx8fd/8NNgO/pIYu g12OjYLOl0p0sSvyLprP6cxhRCff+Eh85Gc2dxY2DpN1mWXe7Jsy38HijkPtw/b8FoJ4 OMqoXpaVtMrb5XCvtBbZH/7Gwllk2oR9SuVaTVr2Ku0KkWkdmgEba7eRZrJJT0FGpu6A mjT65FJjZaujCH6mVB7E6PwEcilLPp5DsqXNR9zAyY8EqnS7MGxjRJ6Kt4sSiF8JksBU 5uqQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linux.microsoft.com header.s=default header.b=kTS8OY3u; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:3 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linux.microsoft.com Return-Path: Received: from lipwig.vger.email (lipwig.vger.email. [2620:137:e000::3:3]) by mx.google.com with ESMTPS id b8-20020a6541c8000000b005c201eb7e85si3296520pgq.541.2023.11.24.02.39.50 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 24 Nov 2023 02:39:51 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:3 as permitted sender) client-ip=2620:137:e000::3:3; Authentication-Results: mx.google.com; dkim=pass header.i=@linux.microsoft.com header.s=default header.b=kTS8OY3u; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:3 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linux.microsoft.com Received: from out1.vger.email (depot.vger.email [IPv6:2620:137:e000::3:0]) by lipwig.vger.email (Postfix) with ESMTP id 7AB73817C1FF; Fri, 24 Nov 2023 02:38:56 -0800 (PST) X-Virus-Status: Clean X-Virus-Scanned: clamav-milter 0.103.11 at lipwig.vger.email Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1345395AbjKXKih (ORCPT + 99 others); Fri, 24 Nov 2023 05:38:37 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:58220 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1345335AbjKXKif (ORCPT ); Fri, 24 Nov 2023 05:38:35 -0500 Received: from linux.microsoft.com (linux.microsoft.com [13.77.154.182]) by lindbergh.monkeyblade.net (Postfix) with ESMTP id 118C418E; Fri, 24 Nov 2023 02:38:42 -0800 (PST) Received: from [192.168.1.150] (181-28-144-85.ftth.glasoperator.nl [85.144.28.181]) by linux.microsoft.com (Postfix) with ESMTPSA id 9DF0520B74C0; Fri, 24 Nov 2023 02:38:37 -0800 (PST) DKIM-Filter: OpenDKIM Filter v2.11.0 linux.microsoft.com 9DF0520B74C0 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linux.microsoft.com; s=default; t=1700822321; bh=bWMJQ3ZfpBF9dhvt4SiaJCZj02iWQIJde8FaEdTvYls=; h=Date:Subject:To:Cc:References:From:In-Reply-To:From; b=kTS8OY3umiZsbjaLXzS+TYMWNjoZTWuEhgX5VxebyxpORdIQBzAGdvNBibm9zcg0L Tu9gO03a5Wx0myK3wV7HWYmjwF1KKSt4bRrfAEnS2qTdtwncyYSccWJxTbx9m2ASa+ n4V9wvYlV3gxxA+CwSWmzQt6JzLUSW3tN2tzy234= Message-ID: <837fb5e9-4a35-4e49-8ec6-1fcfd5a0da30@linux.microsoft.com> Date: Fri, 24 Nov 2023 11:38:36 +0100 MIME-Version: 1.0 User-Agent: Mozilla Thunderbird Subject: Re: [PATCH v1 2/3] x86/coco: Disable TDX module calls when TD partitioning is active Content-Language: en-US To: "Kirill A. Shutemov" Cc: linux-kernel@vger.kernel.org, Borislav Petkov , Dave Hansen , "H. Peter Anvin" , Ingo Molnar , Michael Kelley , Nikolay Borisov , Peter Zijlstra , Thomas Gleixner , Tom Lendacky , x86@kernel.org, Dexuan Cui , linux-hyperv@vger.kernel.org, stefan.bader@canonical.com, tim.gardner@canonical.com, roxana.nicolescu@canonical.com, cascardo@canonical.com, kys@microsoft.com, haiyangz@microsoft.com, wei.liu@kernel.org, sashal@kernel.org, stable@vger.kernel.org References: <20231122170106.270266-1-jpiotrowski@linux.microsoft.com> <20231122170106.270266-2-jpiotrowski@linux.microsoft.com> <20231123141318.rmskhl3scc2a6muw@box.shutemov.name> From: Jeremi Piotrowski In-Reply-To: <20231123141318.rmskhl3scc2a6muw@box.shutemov.name> Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit X-Spam-Status: No, score=-8.4 required=5.0 tests=DKIM_SIGNED,DKIM_VALID, DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI, SPF_HELO_NONE,SPF_PASS,T_SCC_BODY_TEXT_LINE,USER_IN_DEF_DKIM_WL autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lipwig.vger.email Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.6.4 (lipwig.vger.email [0.0.0.0]); Fri, 24 Nov 2023 02:38:56 -0800 (PST) On 23/11/2023 15:13, Kirill A. Shutemov wrote: > On Wed, Nov 22, 2023 at 06:01:05PM +0100, Jeremi Piotrowski wrote: >> Introduce CC_ATTR_TDX_MODULE_CALLS to allow code to check whether TDX module >> calls are available. When TD partitioning is enabled, a L1 TD VMM handles most >> TDX facilities and the kernel running as an L2 TD VM does not have access to >> TDX module calls. The kernel still has access to TDVMCALL(0) which is forwarded >> to the VMM for processing, which is the L1 TD VM in this case. > Correction: it turns out TDVMCALL(0) is handled by L0 VMM. > Sounds like a problem introduced by patch 1/3 :/ > What problem are you referring to? This patch is making the kernel aware of which subfeatures of TDX are available to it. This patch is needed once you make the kernel aware of X86_FEATURE_TDX_GUEST, which is applicable because we're dealing with a TDX guest.