Received: by 2002:ab2:69cc:0:b0:1f4:be93:e15a with SMTP id n12csp86994lqp; Fri, 12 Apr 2024 11:10:11 -0700 (PDT) X-Forwarded-Encrypted: i=3; AJvYcCWeayDLduN/hkD2wOtKpqU0objvXGtVPflidSDRTYrT6UNkLYIYVGt8iJeHQVUBjosgo+CkJ9HmIvITVTkCjPiPKv7GiWIjOry7S6N1nA== X-Google-Smtp-Source: AGHT+IFu+n3ysSL4MfHII3gxTuG9r7Cwjn1ZW1Y41ETkMThfHjpvaPB81hKSH2EoSjZ4x4Qf8sQ7 X-Received: by 2002:a50:8add:0:b0:56e:2bf4:fe0a with SMTP id k29-20020a508add000000b0056e2bf4fe0amr2518882edk.35.1712945410987; Fri, 12 Apr 2024 11:10:10 -0700 (PDT) ARC-Seal: i=2; a=rsa-sha256; t=1712945410; cv=pass; d=google.com; s=arc-20160816; b=UKVCv51MLgVeutq9FbIAsguqNRkF3As70zKeUXF8ZnwJfq0nQuyZ5Ou1QdMdbewV0O Xb5mop40ApF5TN7Pq5Ua9hwDQdEFzixpax3x4xeTozpXoxXSAHIxOy7EnDnQOMsR67bc qmUoS+Kbzhew0KAnkFYoBu4TheWmKs1ydOgHLx5kljKRFGtjTYy2R8Km+QsVeOJ8lN0u uNJjX8G8TSbMAVI6fzk3clDkJ0W+pa/Kno15n5jk1j4mJkKwWN4pUEhqE/VWWEQhrbs+ cAXda91YmXagevYl1+/48GiMxcTm6Wya3VsR9WRQJ5plFEUTXDbIrsDO3aJxXxZK3bsn ATzA== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=in-reply-to:content-disposition:mime-version:list-unsubscribe :list-subscribe:list-id:precedence:references:message-id:subject:cc :to:from:date:dkim-signature; bh=QZyfUoWoCOn178y0wWgCxC/i/aQuA/+dLaEXgvyvUYw=; fh=hncLbbr5Ox+C/oKc63L7c2MU2DTHJslWrW+0L25ueuw=; b=DH+XQkF438Oqs6TE6L/jT5+qQRB2U9dU2vY+TjoncptxLWYp1gaS+x7zkb0IqmsNRv aeJAiFMBzeFqcgFs8TVODkE4eBV1zsM30AHtzJXCUObAB5FhUhjhVwFFuTFoszVWuSls zLIFIFOp1oeDdipjPxs5FlpncQWOReCGjJ8uHcHkPqEPFSEFS8GqPSyaRkfHuh7JnZKP pbK59GV7XaagAPBKtMYjjF9kl5mooc7lwmadKyEDnkFk8a1k6E9YBX7RoOHux3R2leNV lPL8sm7ib3z5J9fwyTfh/f61LU9jjml2+npOEL3PJb/XDEbX+j6zZPyJpFdI2aXr92YP n5ug==; dara=google.com ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b=eN5ZO6yp; arc=pass (i=1 spf=pass spfdomain=intel.com dkim=pass dkdomain=intel.com dmarc=pass fromdomain=intel.com); spf=pass (google.com: domain of linux-kernel+bounces-143175-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.80.249 as permitted sender) smtp.mailfrom="linux-kernel+bounces-143175-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Return-Path: Received: from am.mirrors.kernel.org (am.mirrors.kernel.org. [147.75.80.249]) by mx.google.com with ESMTPS id i17-20020a0564020f1100b005700332aad6si408455eda.477.2024.04.12.11.10.10 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 12 Apr 2024 11:10:10 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel+bounces-143175-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.80.249 as permitted sender) client-ip=147.75.80.249; Authentication-Results: mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b=eN5ZO6yp; arc=pass (i=1 spf=pass spfdomain=intel.com dkim=pass dkdomain=intel.com dmarc=pass fromdomain=intel.com); spf=pass (google.com: domain of linux-kernel+bounces-143175-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.80.249 as permitted sender) smtp.mailfrom="linux-kernel+bounces-143175-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by am.mirrors.kernel.org (Postfix) with ESMTPS id AC5E61F219C1 for ; Fri, 12 Apr 2024 18:10:10 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id 563CA14EC49; Fri, 12 Apr 2024 18:10:01 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b="eN5ZO6yp" Received: from mgamail.intel.com (mgamail.intel.com [198.175.65.18]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 8A5DF146D7B; Fri, 12 Apr 2024 18:09:58 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=198.175.65.18 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1712945400; cv=none; b=XLLcFbs2Nz8KtO8UWMN2C5cf4TrJd+Dj7av8UK+v6pvNS5tSP4VTmHaA3diRs+qf+tScsR+p+eLmE16Obx9W+rn3JGSrl42fSfzbnwGFR4bqZESybQKBrDjCKEh3uCKaDAso12ILt4ZnoHXHhHrQeLOphZER1B0RY4FclYsdd6E= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1712945400; c=relaxed/simple; bh=0J4SlgDGf+5ax9loRJCtM8+Hj8SjQZHESyQGU7tmxW4=; h=Date:From:To:Cc:Subject:Message-ID:References:MIME-Version: Content-Type:Content-Disposition:In-Reply-To; b=jr93Ei+HOssBUO8ytyh1y1ohaLAtd+zO+AJ2jcu2jnHP8zKIKRwcBt06ZsP+jR+q/Y5Utz9XatjnQk7FUsBzKhwK1B1F6G2WAKuCLJN17u9HuJZ1yJyEG7dtDt0KEkV8B3GHo+32LzZsRWJiPlxh4ja8pPHRLjBNbwivTCSKV4A= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=intel.com; spf=pass smtp.mailfrom=intel.com; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b=eN5ZO6yp; arc=none smtp.client-ip=198.175.65.18 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=intel.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=intel.com DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1712945399; x=1744481399; h=date:from:to:cc:subject:message-id:references: mime-version:in-reply-to; bh=0J4SlgDGf+5ax9loRJCtM8+Hj8SjQZHESyQGU7tmxW4=; b=eN5ZO6ypRnrWN8psJZ0kj2nAI5zDa0PziW84KwNfttSwo4pKOFuhAWjH YdU1C3FBGhbR1zbf8L5cYTW7vd7Az3pf/ZTaeKsqMtMVYXWBlKn0vRGvv /OeT3j1P72HzJdFokT3PSzahs6I9UnJP464044Oj0mvNScdFEVCI2gJ2g y65gpG7yyoR0cbfE8tsFMof4pepA0EsACMWPlf7tSjs1N8yqI9TJpKYw1 QFvoFeqjGBSbRwHXadqvCcEE96gFcAo2VEpixphbGZK0INC0pavYaoEda 0NLeKQb5JNGmmGhRNmcAG2vUn4N3pJbSXfroNK7xxxXZhyqkW5SEtBszg A==; X-CSE-ConnectionGUID: hl63ZS0dTQeh8NO64IYkYA== X-CSE-MsgGUID: L1Ixrb6gQJuF8Z1zjWflKQ== X-IronPort-AV: E=McAfee;i="6600,9927,11042"; a="8583247" X-IronPort-AV: E=Sophos;i="6.07,196,1708416000"; d="scan'208";a="8583247" Received: from orviesa002.jf.intel.com ([10.64.159.142]) by orvoesa110.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 12 Apr 2024 11:09:58 -0700 X-CSE-ConnectionGUID: kYEP+10GTD69RVfRQuSdHA== X-CSE-MsgGUID: mx5ldHYRSBqXgJI8J5lA0A== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="6.07,196,1708416000"; d="scan'208";a="52262517" Received: from ls.sc.intel.com (HELO localhost) ([172.25.112.31]) by orviesa002-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 12 Apr 2024 11:09:57 -0700 Date: Fri, 12 Apr 2024 11:09:57 -0700 From: Isaku Yamahata To: Adrian Hunter Cc: Isaku Yamahata , kvm@vger.kernel.org, linux-kernel@vger.kernel.org, "Edgecombe, Rick P" , isaku.yamahata@gmail.com, Paolo Bonzini , erdemaktas@google.com, Sean Christopherson , Sagi Shahar , Kai Huang , chen.bo@intel.com, hang.yuan@intel.com, tina.zhang@intel.com, isaku.yamahata@linux.intel.com Subject: Re: [PATCH v19 076/130] KVM: TDX: Finalize VM initialization Message-ID: <20240412180957.GI3039520@ls.amr.corp.intel.com> References: <20240412010848.GG3039520@ls.amr.corp.intel.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline In-Reply-To: On Fri, Apr 12, 2024 at 03:22:00PM +0300, Adrian Hunter wrote: > > diff --git a/arch/x86/kvm/vmx/tdx.c b/arch/x86/kvm/vmx/tdx.c > > index 0d3b79b5c42a..c7ff819ccaf1 100644 > > --- a/arch/x86/kvm/vmx/tdx.c > > +++ b/arch/x86/kvm/vmx/tdx.c > > @@ -2757,6 +2757,12 @@ static int tdx_td_finalizemr(struct kvm *kvm) > > return -EINVAL; > > > > err = tdh_mr_finalize(kvm_tdx); > > + kvm_tdx->hw_error = err; > > + > > + if (err == (TDX_OPERAND_BUSY | TDX_OPERAND_ID_RCX)) > > There seem to be also implicit operand codes. How sure are > we that TDX_OPERAND_ID_RCX is the only valid busy operand? According to the description of TDH.MR.FINALIZE, it locks exclusively, RCX in TDR, TDCS as implicit, OP_STATE as implicit. And the basic TDX feature to run guest TD, TDX module locks in order of TDR => OP_STATE. We won't see OP_STATE lock failure after gaining TDR lock. If you worry for future, we can code it as (err & TDX_SEAMCALL_STATUS_MASK) == TDX_OPERAND_BUSY. We should do it consistently, though. > > + return -EAGAIN; > > + if (err == TDX_NO_VCPUS) > > TDX_NO_VCPUS is not one of the completion status codes for > TDH.MR.FINALIZE It depends on the document version. Need to check TDX_OP_STATE_INCORRECT to be defensive. > > diff --git a/arch/x86/kvm/vmx/tdx.h b/arch/x86/kvm/vmx/tdx.h > > index 98f5d7c5891a..dc150b8bdd5f 100644 > > --- a/arch/x86/kvm/vmx/tdx.h > > +++ b/arch/x86/kvm/vmx/tdx.h > > @@ -18,6 +18,9 @@ struct kvm_tdx { > > u64 xfam; > > int hkid; > > > > + /* For KVM_TDX ioctl to return SEAMCALL status code. */ > > + u64 hw_error; > > For this case, it seems weird to have a struct member > to pass back a return status code, why not make it a parameter > of tdx_td_finalizemr() or pass &tdx_cmd? I created the patch too quick. Given KVM_TDX_CAPABILITIES and KVM_TDX_INIT_VM take tdx_cmd already, it's consistent to make tdx_td_finalize() take it. -- Isaku Yamahata