Received: by 2002:a05:7412:e794:b0:fa:551:50a7 with SMTP id o20csp1245742rdd;
        Wed, 10 Jan 2024 13:18:35 -0800 (PST)
X-Google-Smtp-Source: AGHT+IFbm0wNrDHsUhPpZ+I0Xy9G7hBN3APOl7IK8x4JybMFkIFphajqIvE+Tk08Zlhepk8FkUBJ
X-Received: by 2002:a17:902:d48e:b0:1d4:68b:32d8 with SMTP id c14-20020a170902d48e00b001d4068b32d8mr190665plg.42.1704921515023;
        Wed, 10 Jan 2024 13:18:35 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1704921515; cv=none;
        d=google.com; s=arc-20160816;
        b=XXpCbqXl1077Q/UC16/uxw+C9i/qjte0QTtBDwrbOtotBOMKKPGgMacmziP+k0gyd7
         9zQcL8O21DgcF50mqXfKgf5Dg8Pyn55y6n/Es72UXTgYuQor+B/wLR2DUWvLUVkjmuWd
         6qPtvS1/z86j20wPiA+wTL//P7rDYFLGJwF1MvGKNTWh+buc9TVfD8lMTG5/aubsP53w
         Dwo+o7g2Ee4+hEJ+Ls/d6E/SDVGcFi/WUZJ2y76iOcX+SAeTUzmm7jXLPDlyQ7FJm8Bz
         0lB6MRXho0UuCP4T85cEIMvPTlGAlPwvN/SfIsOp8yfadkMIZWWhZFusRjf9/SmrxkD+
         GPqg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=content-transfer-encoding:mime-version:list-unsubscribe
         :list-subscribe:list-id:precedence:message-id:date:subject:cc:to
         :from:dkim-signature;
        bh=EhD93UVejpYWuu6uk7ORxC8uYGsAzf/Flz/UzmxfvYU=;
        fh=WnlVi/Q/6zv0fZ6Ey9Krvq5QWByVvi9tb1A26EVXDkE=;
        b=ob2siZjpVQq8m2RQSSDFj+s8kQoVlrqT9A3u3L3CUne5crPM5NbnYVE/T73rJG3MXy
         lOHMp1GCXx/4l/0nV1SZfH0NeDl1ktnJwOzUBRRhu28Hfm3coiXeSYgdBWteVbjjqD9+
         6qh6YFe0dTGRmrjx97sLavRvYMy9+19pp3yFuxVhhABQ2OMuq6QIyHiRl/sICGUj9nwk
         PITm5FuuDqq03RTssLzr1ebPe734PMG6zpJ1GDu9APwJ/noyVNTja+kqXNUq7nW7ZqGY
         m7Zf7Y86Yili69+srQQZ8IqwrFI02fwF1qFHz0wLWRl1QeRRQeSxcihApin96oM2O7c0
         b31Q==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@intel.com header.s=Intel header.b=n8fgbPxK;
       spf=pass (google.com: domain of linux-kernel+bounces-22809-linux.lists.archive=gmail.com@vger.kernel.org designates 139.178.88.99 as permitted sender) smtp.mailfrom="linux-kernel+bounces-22809-linux.lists.archive=gmail.com@vger.kernel.org";
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com
Return-Path: <linux-kernel+bounces-22809-linux.lists.archive=gmail.com@vger.kernel.org>
Received: from sv.mirrors.kernel.org (sv.mirrors.kernel.org. [139.178.88.99])
        by mx.google.com with ESMTPS id d9-20020a170902c18900b001d4e7ad3810si4373887pld.604.2024.01.10.13.18.34
        for <linux.lists.archive@gmail.com>
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Wed, 10 Jan 2024 13:18:35 -0800 (PST)
Received-SPF: pass (google.com: domain of linux-kernel+bounces-22809-linux.lists.archive=gmail.com@vger.kernel.org designates 139.178.88.99 as permitted sender) client-ip=139.178.88.99;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@intel.com header.s=Intel header.b=n8fgbPxK;
       spf=pass (google.com: domain of linux-kernel+bounces-22809-linux.lists.archive=gmail.com@vger.kernel.org designates 139.178.88.99 as permitted sender) smtp.mailfrom="linux-kernel+bounces-22809-linux.lists.archive=gmail.com@vger.kernel.org";
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com
Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by sv.mirrors.kernel.org (Postfix) with ESMTPS id AE5DC2869DE
	for <linux.lists.archive@gmail.com>; Wed, 10 Jan 2024 21:18:34 +0000 (UTC)
Received: from localhost.localdomain (localhost.localdomain [127.0.0.1])
	by smtp.subspace.kernel.org (Postfix) with ESMTP id EC2584F5EF;
	Wed, 10 Jan 2024 21:18:29 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org;
	dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b="n8fgbPxK"
Received: from mgamail.intel.com (mgamail.intel.com [192.55.52.43])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id 515644F219
	for <linux-kernel@vger.kernel.org>; Wed, 10 Jan 2024 21:18:27 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.intel.com
Authentication-Results: smtp.subspace.kernel.org; spf=none smtp.mailfrom=linux.intel.com
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple;
  d=intel.com; i=@intel.com; q=dns/txt; s=Intel;
  t=1704921507; x=1736457507;
  h=from:to:cc:subject:date:message-id:mime-version:
   content-transfer-encoding;
  bh=cfaP81IHOOzCGJygxejGsPS0pogAXrgN8vCCGYRNWNU=;
  b=n8fgbPxKtnJ15jHZa9ClnWFpy3Rnhpf5l3WxQm1yCc2JvWZXBaIlFd7p
   Wb39t9uof9hmC1skszlfWYrMknZ/NJXKhDB3bE5xxNmqGoBZ38NR6zAB6
   YyZNRWCxp6hauidcIWjt0ERcJRIpryjtYZCsPEEfMBsn4U8mqwdiObvqj
   e2dqNQ5rdXm0xgNKRiHH+3W8DyFWzL8NaEDe8dqc6jTGb2ctLkttePAwt
   tWEetW27kM5qubLKrBprqFmJ36ecTu1+4ReYWNkldw+zQMD177dymsOmE
   ldTr1frEa2VxTcOjskOvZGDFaA3sljQ+Rwrj7AhANSn+Zmn03etS2aQfH
   w==;
X-IronPort-AV: E=McAfee;i="6600,9927,10949"; a="484837195"
X-IronPort-AV: E=Sophos;i="6.04,184,1695711600"; 
   d="scan'208";a="484837195"
Received: from orsmga001.jf.intel.com ([10.7.209.18])
  by fmsmga105.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 10 Jan 2024 13:18:25 -0800
X-ExtLoop1: 1
X-IronPort-AV: E=McAfee;i="6600,9927,10949"; a="816485570"
X-IronPort-AV: E=Sophos;i="6.04,184,1695711600"; 
   d="scan'208";a="816485570"
Received: from viggo.jf.intel.com (HELO ray2.sr71.net) ([10.54.77.144])
  by orsmga001.jf.intel.com with ESMTP; 10 Jan 2024 13:18:25 -0800
From: Dave Hansen <dave.hansen@linux.intel.com>
To: torvalds@linux-foundation.org
Cc: x86@kernel.org,
	linux-kernel@vger.kernel.org,
	Dave Hansen <dave.hansen@linux.intel.com>
Subject: [GIT PULL] x86/tdx for 6.8
Date: Wed, 10 Jan 2024 13:18:22 -0800
Message-Id: <20240110211822.3014608-1-dave.hansen@linux.intel.com>
X-Mailer: git-send-email 2.34.1
Precedence: bulk
X-Mailing-List: linux-kernel@vger.kernel.org
List-Id: <linux-kernel.vger.kernel.org>
List-Subscribe: <mailto:linux-kernel+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:linux-kernel+unsubscribe@vger.kernel.org>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit

Hi Linus,

Please pull some x86/tdx changes for 6.8.  This contains the initial
support for host-side TDX support so that KVM can run TDX-protected
guests.  This does not include the actual KVM-side support which
will come from the KVM folks.  The TDX host interactions with kexec
also needs to be ironed out before this is ready for prime time, so
this code is currently Kconfig'd off when kexec is on.

The majority of the code here is the kernel telling the TDX module
which memory to protect and handing some additional memory over to it
to use to store TDX module metadata.  That sounds pretty simple, but
the TDX architecture is rather flexible and it takes quite a bit of
back-and-forth to say, "just protect all memory, please."

There is also some code tacked on near the end of the series to handle
a hardware erratum.  The erratum can make software bugs such as a
kernel write to TDX-protected memory cause a machine check and
masquerade as a real hardware failure.  The erratum handling watches
out for these and tries to provide nicer user errors.

--

The following changes since commit 33cc938e65a98f1d29d0a18403dbbee050dcad9a:

  Linux 6.7-rc4 (2023-12-03 18:52:56 +0900)

are available in the Git repository at:

  https://git.kernel.org/pub/scm/linux/kernel/git/tip/tip.git tags/x86_tdx_for_6.8

for you to fetch changes up to 83e1bdc94f32dcf52dfcd2025acc7a2b9376b1e8:

  x86/virt/tdx: Make TDX host depend on X86_MCE (2023-12-14 14:08:24 -0800)

----------------------------------------------------------------
 - Add support managing TDX host hardware

----------------------------------------------------------------
Dave Hansen (1):
      x86/virt/tdx: Disable TDX host support when kexec is enabled

Kai Huang (20):
      x86/virt/tdx: Detect TDX during kernel boot
      x86/virt/tdx: Define TDX supported page sizes as macros
      x86/virt/tdx: Make INTEL_TDX_HOST depend on X86_X2APIC
      x86/virt/tdx: Handle SEAMCALL no entropy error in common code
      x86/virt/tdx: Add SEAMCALL error printing for module initialization
      x86/virt/tdx: Add skeleton to enable TDX on demand
      x86/virt/tdx: Use all system memory when initializing TDX module as TDX memory
      x86/virt/tdx: Get module global metadata for module initialization
      x86/virt/tdx: Add placeholder to construct TDMRs to cover all TDX memory regions
      x86/virt/tdx: Fill out TDMRs to cover all TDX memory regions
      x86/virt/tdx: Allocate and set up PAMTs for TDMRs
      x86/virt/tdx: Designate reserved areas for all TDMRs
      x86/virt/tdx: Configure TDX module with the TDMRs and global KeyID
      x86/virt/tdx: Configure global KeyID on all packages
      x86/virt/tdx: Initialize all TDMRs
      x86/virt/tdx: Handle TDX interaction with sleep and hibernation
      x86/cpu: Detect TDX partial write machine check erratum
      x86/mce: Differentiate real hardware #MCs from TDX erratum ones
      Documentation/x86: Add documentation for TDX host support
      x86/virt/tdx: Make TDX host depend on X86_MCE

 Documentation/arch/x86/tdx.rst     |  207 ++++-
 arch/x86/Kconfig                   |    5 +
 arch/x86/coco/tdx/tdx-shared.c     |    6 +-
 arch/x86/include/asm/cpufeatures.h |    2 +
 arch/x86/include/asm/msr-index.h   |    3 +
 arch/x86/include/asm/shared/tdx.h  |    6 +
 arch/x86/include/asm/tdx.h         |   38 +
 arch/x86/kernel/cpu/common.c       |    2 +
 arch/x86/kernel/cpu/mce/core.c     |   15 +
 arch/x86/kernel/setup.c            |    2 +
 arch/x86/virt/vmx/tdx/Makefile     |    2 +-
 arch/x86/virt/vmx/tdx/tdx.c        | 1492 ++++++++++++++++++++++++++++++++++++
 arch/x86/virt/vmx/tdx/tdx.h        |  121 +++
 13 files changed, 1886 insertions(+), 15 deletions(-)
 create mode 100644 arch/x86/virt/vmx/tdx/tdx.c
 create mode 100644 arch/x86/virt/vmx/tdx/tdx.h