Received: by 2002:a05:7412:419a:b0:f3:1519:9f41 with SMTP id i26csp983789rdh; Fri, 24 Nov 2023 02:44:03 -0800 (PST) X-Google-Smtp-Source: AGHT+IGhOIJeZ/0tlF+JagPK029anOarb3IRZjDPZKU+C9+9avFgPNVAlZ4zZURxazPK3vWfTl8h X-Received: by 2002:a17:90b:3a82:b0:280:aa7b:fbe8 with SMTP id om2-20020a17090b3a8200b00280aa7bfbe8mr2353669pjb.32.1700822642971; Fri, 24 Nov 2023 02:44:02 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1700822642; cv=none; d=google.com; s=arc-20160816; b=mcXo4LzCja4OD9cjza9Nsu51PxP/T/uEMHiIDgQarSDS7INVoF/bmRftxD/2j1d79o 5YUl5W4NpaskOyrbD0WwNIUW/nRz17N3LtxB/ZytRUBeDEj0hfDU9iczqtY4tOX00oHb FXUz89FOIu9MxIX4nwpN5OiBo65sFQ9bSfwRq0awB8knc9Rx7HHKuLg6W4jwU9eGsg/i K9T0ec43lVJCioy0q4rrplFcwmqDOhuxj07mCTjVJirzBTLDfvrZkTSEQauSl6VbcF0u MTqu7FBV+iw8VDuhBgbow5xMufxIthX+pnAW1VqjqNHLXHSa2tpbumE+73lLHGWf55Xl 1cvg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:in-reply-to:content-disposition:mime-version :references:message-id:subject:cc:to:from:date:dkim-signature; bh=ZAqrzZngc5pz1XE5f+eF0uCnOOSePlGn9HgtRsWY9ao=; fh=1Ie+ok9DLok8LLm5qlbSZiXR/51z9U8R9sgEH7smzlc=; b=DRmL8agIK0TaMSDZwvtMxJ8G3iw6eMYdtU5HPJONPwzdJptt1F+eHYRR2dRApZPJ2v aIieTK4EtSs1buSb2cJuk2AwPAk5ndzLAcR2OcrqwMh/ZkdVVg5PqRGeW1z+0hibc9mp qDegOhhaiiUemF9gqupIpVx7Vqhqe+XwcTuH9/5PRWe/yxxHG8FYo62r9/CRly4zkQ6z httGl8TH8EtPxvRvizdzvzYpfj67jkLFY/sf876PCaoS92anwzZ78sbzs6ArHlDjp88b tR4rhPzivmYAoxOBPbi3qFyEbJOvTc10QQRJb3V4QVYGjzEOae9XVwBGRE4mHCXbxtkd X5YA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b="JD3wbCV/"; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:1 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Return-Path: Received: from morse.vger.email (morse.vger.email. [2620:137:e000::3:1]) by mx.google.com with ESMTPS id g6-20020a170902c38600b001cf67881772si3074970plg.537.2023.11.24.02.44.02 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 24 Nov 2023 02:44:02 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:1 as permitted sender) client-ip=2620:137:e000::3:1; Authentication-Results: mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b="JD3wbCV/"; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:1 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: from out1.vger.email (depot.vger.email [IPv6:2620:137:e000::3:0]) by morse.vger.email (Postfix) with ESMTP id 676A48050FBA; Fri, 24 Nov 2023 02:44:00 -0800 (PST) X-Virus-Status: Clean X-Virus-Scanned: clamav-milter 0.103.11 at morse.vger.email Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230320AbjKXKnk (ORCPT + 99 others); Fri, 24 Nov 2023 05:43:40 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:37384 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229580AbjKXKni (ORCPT ); Fri, 24 Nov 2023 05:43:38 -0500 Received: from mgamail.intel.com (mgamail.intel.com [192.198.163.7]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 3DFB9D7D; Fri, 24 Nov 2023 02:43:44 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1700822625; x=1732358625; h=date:from:to:cc:subject:message-id:references: mime-version:in-reply-to; bh=hg6v7dHBdtvtudmVo+NTweERkfdjUzrmgi4VSQqAYB8=; b=JD3wbCV/swNHXAq2W4wcMcIhGXZnM6OpqTryzPcCTuCv186qGnqgqvd5 HllagTkR7W/DYQULhgG5HfIHTDdws5So8Ej1z8nutuVKTUVMNtukewpqc OmBxGDb5I6YlBR4vWKShdPLFJ5Tg6+qWJZJXOpL4CtjYhfL8zct78D8gn cVrqIX8HXv+HQN23JM+GpXqRtnSSEl7Dj2jSNbUYWHCvBVUbMhG8oFSZt cWhdMr3VsaYtlhGblOH18ZZdOmUhnVIYorO6DqZxvCK8lcWnyGqpj1jDC hYWtVHRsU1znVtVjEQVPyFp79YNKsDprNzNkPmaJAIRxipDHIKJuUvm/+ A==; X-IronPort-AV: E=McAfee;i="6600,9927,10902"; a="13959476" X-IronPort-AV: E=Sophos;i="6.04,223,1695711600"; d="scan'208";a="13959476" Received: from fmviesa001.fm.intel.com ([10.60.135.141]) by fmvoesa101.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 24 Nov 2023 02:43:44 -0800 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="6.04,223,1695711600"; d="scan'208";a="15937816" Received: from dlemiech-mobl.ger.corp.intel.com (HELO box.shutemov.name) ([10.252.59.78]) by smtpauth.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 24 Nov 2023 02:43:39 -0800 Received: by box.shutemov.name (Postfix, from userid 1000) id 1895910A38A; Fri, 24 Nov 2023 13:43:37 +0300 (+03) Date: Fri, 24 Nov 2023 13:43:37 +0300 From: "Kirill A. Shutemov" To: Jeremi Piotrowski Cc: linux-kernel@vger.kernel.org, Borislav Petkov , Dave Hansen , "H. Peter Anvin" , Ingo Molnar , Michael Kelley , Nikolay Borisov , Peter Zijlstra , Thomas Gleixner , Tom Lendacky , x86@kernel.org, Dexuan Cui , linux-hyperv@vger.kernel.org, stefan.bader@canonical.com, tim.gardner@canonical.com, roxana.nicolescu@canonical.com, cascardo@canonical.com, kys@microsoft.com, haiyangz@microsoft.com, wei.liu@kernel.org, sashal@kernel.org, stable@vger.kernel.org Subject: Re: [PATCH v1 1/3] x86/tdx: Check for TDX partitioning during early TDX init Message-ID: <20231124104337.gjfyasjmo5pp666l@box.shutemov.name> References: <20231122170106.270266-1-jpiotrowski@linux.microsoft.com> <20231123135846.pakk44rqbbi7njmb@box.shutemov.name> <9f550947-9d13-479c-90c4-2e3f7674afee@linux.microsoft.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <9f550947-9d13-479c-90c4-2e3f7674afee@linux.microsoft.com> X-Spam-Status: No, score=-0.8 required=5.0 tests=DKIMWL_WL_HIGH,DKIM_SIGNED, DKIM_VALID,HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI, SPF_HELO_NONE,SPF_PASS,T_SCC_BODY_TEXT_LINE autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on morse.vger.email Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.6.4 (morse.vger.email [0.0.0.0]); Fri, 24 Nov 2023 02:44:00 -0800 (PST) On Fri, Nov 24, 2023 at 11:31:44AM +0100, Jeremi Piotrowski wrote: > On 23/11/2023 14:58, Kirill A. Shutemov wrote: > > On Wed, Nov 22, 2023 at 06:01:04PM +0100, Jeremi Piotrowski wrote: > >> Check for additional CPUID bits to identify TDX guests running with Trust > >> Domain (TD) partitioning enabled. TD partitioning is like nested virtualization > >> inside the Trust Domain so there is a L1 TD VM(M) and there can be L2 TD VM(s). > >> > >> In this arrangement we are not guaranteed that the TDX_CPUID_LEAF_ID is visible > >> to Linux running as an L2 TD VM. This is because a majority of TDX facilities > >> are controlled by the L1 VMM and the L2 TDX guest needs to use TD partitioning > >> aware mechanisms for what's left. So currently such guests do not have > >> X86_FEATURE_TDX_GUEST set. > >> > >> We want the kernel to have X86_FEATURE_TDX_GUEST set for all TDX guests so we > >> need to check these additional CPUID bits, but we skip further initialization > >> in the function as we aren't guaranteed access to TDX module calls. > > > > I don't follow. The idea of partitioning is that L2 OS can be > > unenlightened and have no idea if it runs indide of TD. But this patch > > tries to enumerate TDX anyway. > > > > Why? > > > > That's not the only idea of partitioning. Partitioning provides different privilege > levels within the TD, and unenlightened L2 OS can be made to work but are inefficient. > In our case Linux always runs enlightened (both with and without TD partitioning), and > uses TDX functionality where applicable (TDX vmcalls, PTE encryption bit). What value L1 adds in this case? If L2 has to be enlightened just run the enlightened OS directly as L1 and ditch half-measures. I think you can gain some performance this way. -- Kiryl Shutsemau / Kirill A. Shutemov