Received: by 2002:ab2:6857:0:b0:1ef:ffd0:ce49 with SMTP id l23csp2726243lqp; Mon, 25 Mar 2024 07:39:48 -0700 (PDT) X-Forwarded-Encrypted: i=3; AJvYcCWj2z/l7OLRlNB2DzO2zI8YZVyHbn+PqXn8ls4X0vGWyd3RF5joReKPFV2NXIgjSxAKyi6JtkAGBdLKuIymo4jK/fGcVwGH5hSUfZnkPw== X-Google-Smtp-Source: AGHT+IHRyCCJyoyDp/32KauKRcNV7qA+7Y2jjvb90adqKVnPFt+5EBAmi1cOrU0Sp1n2qxhRvIm8 X-Received: by 2002:a05:620a:389c:b0:78a:2efd:895 with SMTP id qp28-20020a05620a389c00b0078a2efd0895mr6731713qkn.34.1711377588661; Mon, 25 Mar 2024 07:39:48 -0700 (PDT) ARC-Seal: i=2; a=rsa-sha256; t=1711377588; cv=pass; d=google.com; s=arc-20160816; b=ge5hpQI2ohSsRLLYGlUr4kHZIXoRE4snDOtKLJjtdXneXRp47uHwy9mZbG4dVPOOIy RDmLYzfxnO7jbvJPWlajfkpdCTWucqxpk3kEUxBeBpI66TBTjqefPMSlm+iilBHuc8wv 289ZDUZuWYcVo+KQVTkkvSIJBOWCxMI7SBTv2WwTzgOpjoBSquh9j8nD/yxYrk91qEnA OV8fPsiT7RR1xyug9lTf9CsapF2PL6R9sT9ucdcQAaEm9DAsLtBSxoEl9DQq2g1pXY2r wDOExDLarBUJal6Iguqy8qvv9ngFRPQZayCekFD4DxUX6t+QCtyPIt8mMgj8I0OD/AiH ZhXg== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:list-unsubscribe :list-subscribe:list-id:precedence:references:in-reply-to:message-id :date:subject:cc:to:from:dkim-signature; bh=aE7KPUcmda/pEzw9IRnQSxg0Yf1onCGvNl9eWKXgRi4=; fh=vSzhW+9BQ94T5YyXYzqBt8+itL0niQiJkycT8MquqfE=; b=nndsb6pFTUPhPU9RdYwbaWBvm7XsVO8yAy9OCROoPfg4uHJdC43zO/2u/yVd1K5H1+ NBw1voF8kjn9B/zuLQRzlTerGDtBTT2wkItAoRq24LRYo5k9dq3UWbZfX5Uf4G/x7Qcm Zvnhfsa4jAiY7kaJsGivlhKQD5+JqdTMSjDdwtQuERvEGCMPJi0FEY6dvRkh2Fybd9O+ zHvqrQpB5WQ2m6IZwoUJtHvXThIMxmfGsY9XPtmZt8pfDBUgCwRMB27Dpyi2Jhi9Z1YY hwrJKSYN8mET2M54/sVnNbYadjFZHeOd/PtCpwnmrrsxlFoUOSV0Iyt/oPd9ek58PEmt dTtw==; dara=google.com ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b="mxUQJ/x8"; arc=pass (i=1 dkim=pass dkdomain=intel.com dmarc=pass fromdomain=linux.intel.com); spf=pass (google.com: domain of linux-kernel+bounces-116881-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.199.223 as permitted sender) smtp.mailfrom="linux-kernel+bounces-116881-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Return-Path: Received: from ny.mirrors.kernel.org (ny.mirrors.kernel.org. [147.75.199.223]) by mx.google.com with ESMTPS id bk27-20020a05620a1a1b00b0078a5ed6e3fdsi257643qkb.90.2024.03.25.07.39.48 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 25 Mar 2024 07:39:48 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel+bounces-116881-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.199.223 as permitted sender) client-ip=147.75.199.223; Authentication-Results: mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b="mxUQJ/x8"; arc=pass (i=1 dkim=pass dkdomain=intel.com dmarc=pass fromdomain=linux.intel.com); spf=pass (google.com: domain of linux-kernel+bounces-116881-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.199.223 as permitted sender) smtp.mailfrom="linux-kernel+bounces-116881-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ny.mirrors.kernel.org (Postfix) with ESMTPS id 4A8201C3B6B2 for ; Mon, 25 Mar 2024 14:39:48 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id 4E1801C41DD; Mon, 25 Mar 2024 11:29:58 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b="mxUQJ/x8" Received: from mgamail.intel.com (mgamail.intel.com [192.198.163.14]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id AA43B17F23D for ; Mon, 25 Mar 2024 10:46:23 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=192.198.163.14 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1711363585; cv=none; b=gEPzaWkFlMGWVUuTdESXwzGImHOLfyMHl6Jv+QYol0vu4L/mVurjVWO5B4v1AfaREkUjEz1rlLRpp+MtoxG5kacS48JSxCMm8cpqDP3Yd56gzM3mHcLMPewnTEp3RP/pN9r9FgIcbhxrgtdOYXMPz+/oe6vr/8Yds8QuwdvYznc= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1711363585; c=relaxed/simple; bh=JOv1yjXhc6nxbfinK757791wCBQoWQTpN+2rxg5iYUc=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=SpI/Y8zd4gKT13jyuAag3JqxTTPThXaiFVhWuS09Vu+t+P/5gCCEDPCzZA1o2af80ErJbJhvc/dZFQW7juV88DtIIuVdFMomOp7Tj+5oiiJOIXVrf2ZaV8faWPsL1YVOWjfMiVaz3MWAuhFIg1ZLxFRvbVevI6XO91vsn3Qtuuo= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.intel.com; spf=none smtp.helo=mgamail.intel.com; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b=mxUQJ/x8; arc=none smtp.client-ip=192.198.163.14 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.intel.com Authentication-Results: smtp.subspace.kernel.org; spf=none smtp.helo=mgamail.intel.com DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1711363584; x=1742899584; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=JOv1yjXhc6nxbfinK757791wCBQoWQTpN+2rxg5iYUc=; b=mxUQJ/x8Hcagjj1C1o/B6BIxrfw162kra1U+F4+lf1bIPV2fA8QpGnwl NHXkcBpL+QIqKgKupRIy9GntUz0T34Djsak4zNGJraqfSc2W2k9bWJFOa BPvfW6R4ptRRcg8hkCee9X8eHh6UylHKIANBDT8nELIEHTN9sv24a5uJQ gFQtpUSDgSmEyJWOx0rnNjePq2yl5O9ObyJQe692e+cK1+3RHTsTxrXGg EDgZFz4alrzzXdAvzadS5Hasil92KNyL8wFhLJJ+IWJDnsi6k72ogl1cI QuJ2OJaRTBnMAjDGr7H9g86akMAz22HFHA5zRhot2MTgW8x7Yu/f2cyhx w==; X-IronPort-AV: E=McAfee;i="6600,9927,11023"; a="6561986" X-IronPort-AV: E=Sophos;i="6.07,152,1708416000"; d="scan'208";a="6561986" Received: from fmsmga001.fm.intel.com ([10.253.24.23]) by fmvoesa108.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 25 Mar 2024 03:46:14 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=McAfee;i="6600,9927,11023"; a="937070183" X-IronPort-AV: E=Sophos;i="6.07,152,1708416000"; d="scan'208";a="937070183" Received: from black.fi.intel.com ([10.237.72.28]) by fmsmga001.fm.intel.com with ESMTP; 25 Mar 2024 03:46:11 -0700 Received: by black.fi.intel.com (Postfix, from userid 1000) id EA3A6484; Mon, 25 Mar 2024 12:46:10 +0200 (EET) From: "Kirill A. Shutemov" To: tglx@linutronix.de, mingo@redhat.com, bp@alien8.de, dave.hansen@intel.com Cc: sathyanarayanan.kuppuswamy@linux.intel.com, hpa@zytor.com, seanjc@google.com, elena.reshetova@intel.com, rick.p.edgecombe@intel.com, x86@kernel.org, linux-kernel@vger.kernel.org, "Kirill A. Shutemov" Subject: [PATCHv2 3/4] x86/tdx: Handle PENDING_EPT_VIOLATION_V2 Date: Mon, 25 Mar 2024 12:46:06 +0200 Message-ID: <20240325104607.2653307-4-kirill.shutemov@linux.intel.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20240325104607.2653307-1-kirill.shutemov@linux.intel.com> References: <20240325104607.2653307-1-kirill.shutemov@linux.intel.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: 8bit PENDING_EPT_VIOLATION_V2 allows TD to control whether access to a pending page triggers #VE. Kernel doesn't want to see any #VEs on accesses to private memory: disable such #VEs. Signed-off-by: Kirill A. Shutemov --- arch/x86/coco/tdx/tdx.c | 75 ++++++++++++++++++++++++++++--- arch/x86/include/asm/shared/tdx.h | 18 +++++++- 2 files changed, 87 insertions(+), 6 deletions(-) diff --git a/arch/x86/coco/tdx/tdx.c b/arch/x86/coco/tdx/tdx.c index 08e2bb462ce8..860bfdd5a11d 100644 --- a/arch/x86/coco/tdx/tdx.c +++ b/arch/x86/coco/tdx/tdx.c @@ -77,6 +77,17 @@ static inline void tdcall(u64 fn, struct tdx_module_args *args) panic("TDCALL %lld failed (Buggy TDX module!)\n", fn); } +static inline u64 tdg_vm_rd(u64 field) +{ + struct tdx_module_args args = { + .rdx = field, + }; + + tdcall(TDG_VM_RD, &args); + + return args.r8; +} + static inline u64 tdg_vm_wr(u64 field, u64 value, u64 mask) { struct tdx_module_args args = { @@ -91,6 +102,28 @@ static inline u64 tdg_vm_wr(u64 field, u64 value, u64 mask) return args.r8; } +static inline u64 tdg_sys_rd(u64 field) +{ + struct tdx_module_args args = { + .rdx = field, + }; + + tdcall(TDG_SYS_RD, &args); + + return args.r8; +} + +static bool tdcs_ctls_set(u64 mask) +{ + struct tdx_module_args args = { + .rdx = TDCS_TD_CTLS, + .r8 = mask, + .r9 = mask, + }; + + return __tdcall(TDG_VM_WR, &args) == TDX_SUCCESS; +} + /** * tdx_mcall_get_report0() - Wrapper to get TDREPORT0 (a.k.a. TDREPORT * subtype 0) using TDG.MR.REPORT TDCALL. @@ -185,7 +218,8 @@ static void tdx_setup(u64 *cc_mask) { struct tdx_module_args args = {}; unsigned int gpa_width; - u64 td_attr; + u64 td_attr, features; + bool sept_ve_disabled; /* * TDINFO TDX module call is used to get the TD execution environment @@ -206,19 +240,50 @@ static void tdx_setup(u64 *cc_mask) gpa_width = args.rcx & GENMASK(5, 0); *cc_mask = BIT_ULL(gpa_width - 1); + td_attr = args.rdx; + /* Kernel does not use NOTIFY_ENABLES and does not need random #VEs */ tdg_vm_wr(TDCS_NOTIFY_ENABLES, 0, -1ULL); + features = tdg_sys_rd(TDCS_TDX_FEATURES0); + /* * The kernel can not handle #VE's when accessing normal kernel * memory. Ensure that no #VE will be delivered for accesses to * TD-private memory. Only VMM-shared memory (MMIO) will #VE. + * + * Check if the TD is created with SEPT #VE disabled. */ - td_attr = args.rdx; - if (!(td_attr & ATTR_SEPT_VE_DISABLE)) { - const char *msg = "TD misconfiguration: SEPT_VE_DISABLE attribute must be set."; + sept_ve_disabled = td_attr & ATTR_SEPT_VE_DISABLE; - /* Relax SEPT_VE_DISABLE check for debug TD. */ + /* + * Check if flexible control of SEPT #VE is supported. + * + * The check consists of verifying if the feature is supported by the + * TDX module (the TDX_FEATURES0 check) and if the feature is enabled + * for this TD (CONFIG_FLAGS check). + * + * If flexible control is supported, disable SEPT #VE. + * + * Disable SEPT #VE regardless of ATTR_SEPT_VE_DISABLE status as + * flexible control allows software running before the kernel to + * enable it. + * + * Skip SEPT disabling for debug TD. SEPT #VE is unsafe but can be + * useful for debugging to produce a stack trace. Known to be useful + * for debugging unaccepted memory problems. + */ + if (features & TDX_FEATURES0_PENDING_EPT_VIOLATION_V2 && + (tdg_vm_rd(TDCS_CONFIG_FLAGS) & TDCS_CONFIG_FLEXIBLE_PENDING_VE) && + !(td_attr & ATTR_DEBUG)) { + if (tdcs_ctls_set(TD_CTLS_PENDING_VE_DISABLE)) + sept_ve_disabled = true; + } + + if (!sept_ve_disabled) { + const char *msg = "TD misconfiguration: SEPT #VE has to be disabled"; + + /* Relax SEPT #VE disable check for debug TD. */ if (td_attr & ATTR_DEBUG) pr_warn("%s\n", msg); else diff --git a/arch/x86/include/asm/shared/tdx.h b/arch/x86/include/asm/shared/tdx.h index fdfd41511b02..29a61c72e4dd 100644 --- a/arch/x86/include/asm/shared/tdx.h +++ b/arch/x86/include/asm/shared/tdx.h @@ -16,11 +16,27 @@ #define TDG_VP_VEINFO_GET 3 #define TDG_MR_REPORT 4 #define TDG_MEM_PAGE_ACCEPT 6 +#define TDG_VM_RD 7 #define TDG_VM_WR 8 +#define TDG_SYS_RD 11 -/* TDCS fields. To be used by TDG.VM.WR and TDG.VM.RD module calls */ +/* TDX Global Metadata. To be used by TDG.SYS.RD */ +#define TDCS_TDX_FEATURES0 0x0A00000300000008 + +/* TDX TD-Scope Metadata. To be used by TDG.VM.WR and TDG.VM.RD */ +#define TDCS_CONFIG_FLAGS 0x1110000300000016 +#define TDCS_TD_CTLS 0x1110000300000017 #define TDCS_NOTIFY_ENABLES 0x9100000000000010 +/* TDCS_TDX_FEATURES0 bits */ +#define TDX_FEATURES0_PENDING_EPT_VIOLATION_V2 BIT_ULL(16) + +/* TDCS_CONFIG_FLAGS bits */ +#define TDCS_CONFIG_FLEXIBLE_PENDING_VE BIT_ULL(1) + +/* TDCS_TD_CTLS bits */ +#define TD_CTLS_PENDING_VE_DISABLE BIT_ULL(0) + /* TDX hypercall Leaf IDs */ #define TDVMCALL_MAP_GPA 0x10001 #define TDVMCALL_GET_QUOTE 0x10002 -- 2.43.0