Received: by 2002:ab2:6857:0:b0:1ef:ffd0:ce49 with SMTP id l23csp248903lqp; Wed, 20 Mar 2024 22:43:51 -0700 (PDT) X-Forwarded-Encrypted: i=3; AJvYcCW/h2W+HgrNZYx3bA4m7EQlMRfKEPuoLgKHBDDKaf6ZYf1HluVZV3rODlkIi3Rprz1o5xy+D4Dnekv/HHKH34Dhb40Lmjm+oLZEYk+B8g== X-Google-Smtp-Source: AGHT+IFhyRGej00Jotx2nPbiFUTm1ryTYAjT1QZrPp20Ag+BDR0JKVujgtzj/VSsCyKnxEpx3T15 X-Received: by 2002:a17:90b:20e:b0:29b:cf67:7543 with SMTP id fy14-20020a17090b020e00b0029bcf677543mr3761237pjb.4.1710999831015; Wed, 20 Mar 2024 22:43:51 -0700 (PDT) Return-Path: Received: from sy.mirrors.kernel.org (sy.mirrors.kernel.org. [147.75.48.161]) by mx.google.com with ESMTPS id fy24-20020a17090b021800b0029bc3e9dd9esi2816556pjb.104.2024.03.20.22.43.50 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 20 Mar 2024 22:43:50 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel+bounces-109663-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.48.161 as permitted sender) client-ip=147.75.48.161; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@intel.com header.s=Intel header.b="nYrcxF/K"; arc=fail (body hash mismatch); spf=pass (google.com: domain of linux-kernel+bounces-109663-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.48.161 as permitted sender) smtp.mailfrom="linux-kernel+bounces-109663-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by sy.mirrors.kernel.org (Postfix) with ESMTPS id 6CC0EB20FA7 for ; Thu, 21 Mar 2024 05:43:45 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id 83D723A1C5; Thu, 21 Mar 2024 05:43:33 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=fail reason="signature verification failed" (2048-bit key) header.d=intel.com header.i=@intel.com header.b="nYrcxF/K" Received: from mgamail.intel.com (mgamail.intel.com [198.175.65.9]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id D8050374D9; Thu, 21 Mar 2024 05:43:29 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=fail smtp.client-ip=198.175.65.9 ARC-Seal:i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1710999812; cv=fail; b=d+VWLPSDMXbY+QTQC8seZZvZfpLS31oL+n5N48vDPswBo6WWdGqi3umvw57g9/CcmUlPuhFi8S9ImScVoKIqkCfftlAapeQoSRZGJ8m9Veg6QmfrivtGbPlD/U4x+CQQRniNMieuW2CAxPiU7MMTw6r9QxDdEy6odC/FcZ2bZRk= ARC-Message-Signature:i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1710999812; c=relaxed/simple; bh=X+qjYbBnmv/dTzFpQVC13GwGakPFqZTGowmXm6HhQJk=; h=Date:From:To:CC:Subject:Message-ID:References:Content-Type: Content-Disposition:In-Reply-To:MIME-Version; b=dMoKqRgXWhIzWTlEmN53n9GMiJZ0zElKAXymwH2WEDqLFxZAsVDmPNNJZrAXNhBDO6hRQbP+URO+hVeZZKLwBFBhOeSAUAuHaaIjeugvqJn2I9SezlQrK1kY+5wF/TZMvhvt7tdXL+RCrifVKIGWmqrl3q46fBbUp7112zfeXQU= ARC-Authentication-Results:i=2; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=intel.com; spf=pass smtp.mailfrom=intel.com; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b=nYrcxF/K; arc=fail smtp.client-ip=198.175.65.9 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=intel.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=intel.com DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1710999810; x=1742535810; h=date:from:to:cc:subject:message-id:references: in-reply-to:mime-version; bh=X+qjYbBnmv/dTzFpQVC13GwGakPFqZTGowmXm6HhQJk=; b=nYrcxF/KQUVsFY0+Xgff3OPh/yS0KEo34CFDIQUKhCHId1luMNFp7DEp l7Z99oqO4l2qZOU/2UvZ0X0XxK1qT+sdaD1cqzDvd81b4DCTxt07a5X1G QpQExUFnbu7dDh2rlsMXN1XeiadRaPwNrYfSVqzbkitnQpYn2VAgdSLUq FeEmU+Ye99aQiriPnUoZx5CusaNVCreSfEfryPVvmqg2UB62EYCOtsS6Q omwxPzU+SO8f8/63q8kgw6se1njKtRCO7s/pOS2Uv9VvGtCrlEHMoC8IK bgrC3RWTPbUNTgGYJAiC5WsHivIz+/GK7o8Ufgb2UDMbp++10bIhsEUKl w==; X-IronPort-AV: E=McAfee;i="6600,9927,11019"; a="28439101" X-IronPort-AV: E=Sophos;i="6.07,142,1708416000"; d="scan'208";a="28439101" Received: from fmviesa009.fm.intel.com ([10.60.135.149]) by orvoesa101.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 20 Mar 2024 22:43:29 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="6.07,142,1708416000"; d="scan'208";a="14419451" Received: from fmsmsx601.amr.corp.intel.com ([10.18.126.81]) by fmviesa009.fm.intel.com with ESMTP/TLS/AES256-GCM-SHA384; 20 Mar 2024 22:43:29 -0700 Received: from fmsmsx611.amr.corp.intel.com (10.18.126.91) by fmsmsx601.amr.corp.intel.com (10.18.126.81) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.35; Wed, 20 Mar 2024 22:43:28 -0700 Received: from fmsedg602.ED.cps.intel.com (10.1.192.136) by fmsmsx611.amr.corp.intel.com (10.18.126.91) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.35 via Frontend Transport; Wed, 20 Mar 2024 22:43:28 -0700 Received: from NAM11-CO1-obe.outbound.protection.outlook.com (104.47.56.168) by edgegateway.intel.com (192.55.55.71) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.1.2507.35; Wed, 20 Mar 2024 22:43:28 -0700 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=mHF0zvs7V+TNAYLlcnCJcoEiM2hGU36YA2UuuwI7dKDHUiIcHOsLoWa0VXvDwm2IcyokU+UMUWHh5+w3ksiaun/ELcdSCNu4nkXKynTYXu6h8PQTQcSFyEsKx2Af6lXYIsi+Q/Er31ZbrCm+SHEgzmfPXjUMLGIKC+HDRkFsh974wGae2NcRM7TY8BJkZdyFLQUtJZ9b2UPNZRijhUbIIhuqKRX/iQQI/qUnnQ01x+jp8lfDgbLV0yfg32T3uqQLlkJB6P2/VU5kK9qXNciynF2pglgEooWu82K3f4PYS/GMWx/Xd0+8SCkyQt9v6xLvmNdBfqusNhO3X2MHcxQzbQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=zQ4u/2iL9iUoY5htx9QIjFD0pp8Em7P1HWwg/furbjQ=; b=Gy0nhlFYKRJwa3FMHvSMpZLDVGyIj8k0XRJJ9FoQB78ltmm3N3sUq+ppT719mv3NQExkIiHSIGTM/LjG0XuvcbRA+0xd57iJdTKDYPia1Qdas6x3Z8r979N0FSNsI/mi6TbkD2vpG2H7HYOVS/9I2qQnkHtZMxllTkGqHeQyPzmLxgxrsLn+END9mPKZv/9VNNNT+nJmbdpa/S0swGpJ+4rT4jVpSGDuhbsBVrMVSAXeGICUoOmk4j61rYTQzLUP4hju9wWNEIyEhLYM5VNqSQU9s1ZD8p0CmN6DJ0pYU6FQpfjC4QUt0MVtkOVEWYqN2B0KjvBaane1EYGa2WFPSw== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=intel.com; dmarc=pass action=none header.from=intel.com; dkim=pass header.d=intel.com; arc=none Authentication-Results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=intel.com; Received: from CH3PR11MB8660.namprd11.prod.outlook.com (2603:10b6:610:1ce::13) by LV3PR11MB8508.namprd11.prod.outlook.com (2603:10b6:408:1b4::8) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7409.13; Thu, 21 Mar 2024 05:43:25 +0000 Received: from CH3PR11MB8660.namprd11.prod.outlook.com ([fe80::5135:2255:52ba:c64e]) by CH3PR11MB8660.namprd11.prod.outlook.com ([fe80::5135:2255:52ba:c64e%6]) with mapi id 15.20.7409.010; Thu, 21 Mar 2024 05:43:25 +0000 Date: Thu, 21 Mar 2024 13:43:14 +0800 From: Chao Gao To: CC: , , , Paolo Bonzini , , Sean Christopherson , Sagi Shahar , Kai Huang , , , , Sean Christopherson Subject: Re: [PATCH v19 044/130] KVM: TDX: Do TDX specific vcpu initialization Message-ID: References: Content-Type: text/plain; charset="us-ascii" Content-Disposition: inline In-Reply-To: X-ClientProxiedBy: SI2PR02CA0054.apcprd02.prod.outlook.com (2603:1096:4:196::13) To CH3PR11MB8660.namprd11.prod.outlook.com (2603:10b6:610:1ce::13) Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: CH3PR11MB8660:EE_|LV3PR11MB8508:EE_ X-MS-Office365-Filtering-Correlation-Id: 12ab73c7-3af5-466e-4f64-08dc4969d32c X-LD-Processed: 46c98d88-e344-4ed4-8496-4ed7712e255d,ExtAddr X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: TEFkYP0eU1K+itGr5py5aAbaxFytTqiYNRVSQ6Mcbl2snnwOFvbUup1WLnVbTKZ/BPSfLsK7FOjJpCF7x2LGGo0PfsfRehM8EeWaoJA4fG5qi3pYIdMcfEq6k35DWy3Iwtm90BOXFOfYG6mwdq8/Yme3BRGSV6JEz4h83vBSWQankAMiUcQP1fdNpuvusqICvEbJED5Mn7iInDaeWeQSDvab2IM84F2yMCXJv06YBOAr3guxmwXh1HO8jGG1hwyQ2dTarO5fBOFvgu6eJZHn+A6m5oBylFazZ0mkyIzEdzw2sBNI95dKlRRuucwew9owYwPeuXJO41BA9FCBFD65y5RtxP7vNKbM5t3aJtbbMKkgiwFUilcJO2MwHiSpfOKsw2qGZ6soeANjMmI7hnNrP0sEhzkvqtaEYhqHHT3isTD+jyd+YIfOtJOT3kLGcogVQrtibfgsHHx6wi6FlGHGxKLWZTXE9Rcbi7BatdkesIGUGqMj+lIyEUpOCqg2G/YjWVjRin48ib3heYQIBxbIxrBMxsK00m0lL/A8MIhZoFScf64VMM1fLdKEToluFzFbh60+wTNnckE1RZpcXPM/1fZIje2oyRMp1Wh9fPGZ5cZ2OQs1SLg9YKv3Me607XT9ZFcIa7wRqALwZLGANeyMO10AO/OTVItAJouB9Ot4PhY= X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:CH3PR11MB8660.namprd11.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230031)(366007)(376005)(1800799015);DIR:OUT;SFP:1101; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: =?us-ascii?Q?GKi/ecgrIrIm8Uwn16ScZ9tA5RxOGgZXDXqVsKK31DLGLDTg6lgwp5bVJtof?= =?us-ascii?Q?nxpfOfZPO7VUlTM42gmy/cEwCqlfkWfLOvuESwEavlvQME/J5chf5bsJ4ets?= =?us-ascii?Q?pm0APrECSus3Od6R2mgG5oGJvgFdWyshbZ6FTAGUYWKZHtBBizjNTPBnd45Z?= =?us-ascii?Q?e+CVz7vaxJnkfiKoUI9UKJ0/5Ilm7wa7BGFP6/LrJ2qOOJBzLzKii2Hy7XyO?= =?us-ascii?Q?PAw+onnJI0N21J7fZXZGcMP5xqNWqKYT4f/5vrqnwdDtL4HB15feEFnPzb0a?= =?us-ascii?Q?9E++mY/xM3aBY2gFAnfXLi0GciaqV5K/ZwM6YGoF/hVOEkL0fDYV/wCKZ7J7?= =?us-ascii?Q?D3ojfZn0/gnD4jINsLm0OqgCmCE5zreXfFc5Ed74vrXQt6+542VGud3HZJB6?= =?us-ascii?Q?sMZFL51Bga1dAA2g6SYu/8TNYu3m7QPMCkqbSHQumTfpnn7Uft4+IC9PM4LD?= =?us-ascii?Q?L8ae64ZmexIAF7gFzWQ1pZVdqOp/LRsN/GLrTnZ+qZ+qGYQWSrqc4NtFE6Ge?= =?us-ascii?Q?0utD9pK/7MFoglP0Uez0Zx4jzmZJAsYcaDeIYCq0rCjNyPDZBbXF2nRrtJL0?= =?us-ascii?Q?qTSnit5vd8vpXB76jK4M+YaaBrqo6NexuKzzZhh0KybEId8uZxc0jTzpW+w+?= =?us-ascii?Q?FYuqZEV4QHgPfkZGvk/tg0n+dDECgH3+hIJksaAL+aY328T9Sqi3XPp31tRB?= =?us-ascii?Q?XQnzWEsvwJejZwCE99n9feQkFxWDbLLcwOzWsYhedRRa+/JZubplIkpLxAHr?= =?us-ascii?Q?TNDbVF4QNqmbL+ESG74HxUhtGArcaA0S8yuR5XxNbcK56a0xqvB96uSz5PqN?= =?us-ascii?Q?hMh+uNdz8x26qQJwgsKu0r2yTbnQop0ZS7VZaA1XqIAWjmO4kKL1CXQ3Uma7?= =?us-ascii?Q?viYSO/2gJNiPxExCyRDxHEqp9dcCNqTUtEaWwTv7lCH16pjWEVMfpd6SzkBX?= =?us-ascii?Q?pi6Lh4WuM3Ryw+ko/4PEfgIcBrlK+PD8AfqzzFafbVEh2YvtW8QbZyHUYqbQ?= =?us-ascii?Q?53+L74xtymN5LY5PpAiYhITsLd0Vb1qJjkbHcgbmII0ClmgOdogv9lPoi51k?= =?us-ascii?Q?IldGB0Ri+ORk7nKRR0suILx8Gf/k+6BjtFXZ0lPXvHgwPiyr9HtOCoCVjjeU?= =?us-ascii?Q?dubnLvU9B5NTCpm2wDSnrMD1bUBHu28x9UphifNVHAXQQEhZ3k2A5KXbQsXc?= =?us-ascii?Q?PPFPTuYMF5b+Mf2JjeLQJuLFvJP6Hjieoih+kV0oaLUFwBQsIFbz60KSIeJV?= =?us-ascii?Q?cBGqvI45y8IzSOLSFtgnoHG2egy4rzDJ+mRotpmsB5Z2hi9yE+QQ8qq2wQfD?= =?us-ascii?Q?SmehHIejU/lBK9qQwofuz5sgZr8Lte+3EcDCLUVOQBMtI91i9/MIQ+MA9Xag?= =?us-ascii?Q?XX+3YZ1Rj8xDzh/OIGZk/rl4FN6irPKmbg1kCTGUReJ0m63bNwGDOKHY2ogg?= =?us-ascii?Q?RKfdX/ztbS3F7TRuOaCTT6smVeL+Nt0nbyHiqQ8Et7pcUhMYMyAPLv7q439g?= =?us-ascii?Q?TAjHqLH0r0mvNbQg09N/VIIZM6196buBtlS5sA6LqGAivIJajPetbjiLpdBd?= =?us-ascii?Q?H7LRMVgBo/eoww80fpK5hwmGmT/pmEKkS/8eVAGw?= X-MS-Exchange-CrossTenant-Network-Message-Id: 12ab73c7-3af5-466e-4f64-08dc4969d32c X-MS-Exchange-CrossTenant-AuthSource: CH3PR11MB8660.namprd11.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 21 Mar 2024 05:43:25.0702 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 46c98d88-e344-4ed4-8496-4ed7712e255d X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: SH4Q77VQLZHYqoNlW+8ZOAJcUdI26apHXSA0W9c7UFlHKXnnnxmKgU9zdeDDCNiCr1J0VoONysSLcKjbhDzbQQ== X-MS-Exchange-Transport-CrossTenantHeadersStamped: LV3PR11MB8508 X-OriginatorOrg: intel.com >+/* VMM can pass one 64bit auxiliary data to vcpu via RCX for guest BIOS. */ >+static int tdx_td_vcpu_init(struct kvm_vcpu *vcpu, u64 vcpu_rcx) >+{ >+ struct kvm_tdx *kvm_tdx = to_kvm_tdx(vcpu->kvm); >+ struct vcpu_tdx *tdx = to_tdx(vcpu); >+ unsigned long *tdvpx_pa = NULL; >+ unsigned long tdvpr_pa; >+ unsigned long va; >+ int ret, i; >+ u64 err; >+ >+ if (is_td_vcpu_created(tdx)) >+ return -EINVAL; >+ >+ /* >+ * vcpu_free method frees allocated pages. Avoid partial setup so >+ * that the method can't handle it. >+ */ >+ va = __get_free_page(GFP_KERNEL_ACCOUNT); >+ if (!va) >+ return -ENOMEM; >+ tdvpr_pa = __pa(va); >+ >+ tdvpx_pa = kcalloc(tdx_info->nr_tdvpx_pages, sizeof(*tdx->tdvpx_pa), >+ GFP_KERNEL_ACCOUNT); >+ if (!tdvpx_pa) { >+ ret = -ENOMEM; >+ goto free_tdvpr; >+ } >+ for (i = 0; i < tdx_info->nr_tdvpx_pages; i++) { >+ va = __get_free_page(GFP_KERNEL_ACCOUNT); >+ if (!va) { >+ ret = -ENOMEM; >+ goto free_tdvpx; >+ } >+ tdvpx_pa[i] = __pa(va); >+ } >+ >+ err = tdh_vp_create(kvm_tdx->tdr_pa, tdvpr_pa); >+ if (KVM_BUG_ON(err, vcpu->kvm)) { >+ ret = -EIO; >+ pr_tdx_error(TDH_VP_CREATE, err, NULL); >+ goto free_tdvpx; >+ } >+ tdx->tdvpr_pa = tdvpr_pa; >+ >+ tdx->tdvpx_pa = tdvpx_pa; >+ for (i = 0; i < tdx_info->nr_tdvpx_pages; i++) { Can you merge the for-loop above into this one? then ... >+ err = tdh_vp_addcx(tdx->tdvpr_pa, tdvpx_pa[i]); >+ if (KVM_BUG_ON(err, vcpu->kvm)) { >+ pr_tdx_error(TDH_VP_ADDCX, err, NULL); >+ for (; i < tdx_info->nr_tdvpx_pages; i++) { >+ free_page((unsigned long)__va(tdvpx_pa[i])); >+ tdvpx_pa[i] = 0; >+ } .. no need to free remaining pages. >+ /* vcpu_free method frees TDVPX and TDR donated to TDX */ >+ return -EIO; >+ } >+ } >+ >+ err = tdh_vp_init(tdx->tdvpr_pa, vcpu_rcx); >+ if (KVM_BUG_ON(err, vcpu->kvm)) { >+ pr_tdx_error(TDH_VP_INIT, err, NULL); >+ return -EIO; >+ } >+ >+ vcpu->arch.mp_state = KVM_MP_STATE_RUNNABLE; >+ tdx->td_vcpu_created = true; >+ return 0; >+ >+free_tdvpx: >+ for (i = 0; i < tdx_info->nr_tdvpx_pages; i++) { >+ if (tdvpx_pa[i]) >+ free_page((unsigned long)__va(tdvpx_pa[i])); >+ tdvpx_pa[i] = 0; >+ } >+ kfree(tdvpx_pa); >+ tdx->tdvpx_pa = NULL; >+free_tdvpr: >+ if (tdvpr_pa) >+ free_page((unsigned long)__va(tdvpr_pa)); >+ tdx->tdvpr_pa = 0; >+ >+ return ret; >+} >+ >+int tdx_vcpu_ioctl(struct kvm_vcpu *vcpu, void __user *argp) >+{ >+ struct msr_data apic_base_msr; >+ struct kvm_tdx *kvm_tdx = to_kvm_tdx(vcpu->kvm); >+ struct vcpu_tdx *tdx = to_tdx(vcpu); >+ struct kvm_tdx_cmd cmd; >+ int ret; >+ >+ if (tdx->initialized) >+ return -EINVAL; >+ >+ if (!is_hkid_assigned(kvm_tdx) || is_td_finalized(kvm_tdx)) These checks look random e.g., I am not sure why is_td_created() isn't check here. A few helper functions and boolean variables are added to track which stage the TD or TD vCPU is in. e.g., is_hkid_assigned() is_td_finalized() is_td_created() tdx->initialized td_vcpu_created Insteading of doing this, I am wondering if adding two state machines for TD and TD vCPU would make the implementation clear and easy to extend. >+ return -EINVAL; >+ >+ if (copy_from_user(&cmd, argp, sizeof(cmd))) >+ return -EFAULT; >+ >+ if (cmd.error) >+ return -EINVAL; >+ >+ /* Currently only KVM_TDX_INTI_VCPU is defined for vcpu operation. */ >+ if (cmd.flags || cmd.id != KVM_TDX_INIT_VCPU) >+ return -EINVAL; Even though KVM_TD_INIT_VCPU is the only supported command, it is worthwhile to use a switch-case statement. New commands can be added easily without the need to refactor this function first. >+ >+ /* >+ * As TDX requires X2APIC, set local apic mode to X2APIC. User space >+ * VMM, e.g. qemu, is required to set CPUID[0x1].ecx.X2APIC=1 by >+ * KVM_SET_CPUID2. Otherwise kvm_set_apic_base() will fail. >+ */ >+ apic_base_msr = (struct msr_data) { >+ .host_initiated = true, >+ .data = APIC_DEFAULT_PHYS_BASE | LAPIC_MODE_X2APIC | >+ (kvm_vcpu_is_reset_bsp(vcpu) ? MSR_IA32_APICBASE_BSP : 0), >+ }; >+ if (kvm_set_apic_base(vcpu, &apic_base_msr)) >+ return -EINVAL; Exporting kvm_vcpu_is_reset_bsp() and kvm_set_apic_base() should be done here (rather than in a previous patch). >+ >+ ret = tdx_td_vcpu_init(vcpu, (u64)cmd.data); >+ if (ret) >+ return ret; >+ >+ tdx->initialized = true; >+ return 0; >+} >+ >diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c >index c002761bb662..2bd4b7c8fa51 100644 >--- a/arch/x86/kvm/x86.c >+++ b/arch/x86/kvm/x86.c >@@ -6274,6 +6274,12 @@ long kvm_arch_vcpu_ioctl(struct file *filp, > case KVM_SET_DEVICE_ATTR: > r = kvm_vcpu_ioctl_device_attr(vcpu, ioctl, argp); > break; >+ case KVM_MEMORY_ENCRYPT_OP: >+ r = -ENOTTY; Maybe -EINVAL is better. Because previously trying to call this on vCPU fd failed with -EINVAL given ... >+ if (!kvm_x86_ops.vcpu_mem_enc_ioctl) >+ goto out; >+ r = kvm_x86_ops.vcpu_mem_enc_ioctl(vcpu, argp); >+ break; > default: > r = -EINVAL; .. this. > } >-- >2.25.1 > >