Received: by 2002:ab2:6203:0:b0:1f5:f2ab:c469 with SMTP id o3csp655759lqt; Fri, 19 Apr 2024 06:52:56 -0700 (PDT) X-Forwarded-Encrypted: i=3; AJvYcCWo6TrrG1vjQQTti/OIeOztt/ZNhN44p+A5xL5AOQpndSOGn265bIIQSRaMXEXp6biNLQ5FPb7kkpjkecEFp631XvqOcG5Km6nonHBp7g== X-Google-Smtp-Source: AGHT+IFLXtX7ndebVIp3hHfOoyTJ4X4QQMH6SJnniFPcAn1mkSOWzGP8o080CRAgIj9ZL+mAj7LY X-Received: by 2002:a17:906:2786:b0:a55:75ff:ea12 with SMTP id j6-20020a170906278600b00a5575ffea12mr2076196ejc.4.1713534776107; Fri, 19 Apr 2024 06:52:56 -0700 (PDT) ARC-Seal: i=2; a=rsa-sha256; t=1713534776; cv=pass; d=google.com; s=arc-20160816; b=cpTeVYq+jf6dueCXCeyat/6knMEAJUSAuKVJ1HdWgXP6sGYVAC9MwtULA08iWpSVWw sGNQPntZjrr6s3vGKhTKnNiVwkIN5Yyg7TOVcR0JMPbcSNxNU3P6QWRkC3tkqFjAxjlH m59w/rwkl3mp2i/pMyZgEwOUGQg1/Eu4Nxeym6snKSu0QLm5spUBWS02HPwlpxu6Xeyv /s0E8EI9kl13qwIqg//5k+G8FMohuKjJGmK08BzdIJtS+4TFZnKMaZZhNcYNxPTF6G/i HC80uRaxFH4+1ZjnCfhZJfUj7rE/pFUFFfE1C4I6TcBOR+kS6ke0m3k3hNwZ8nnyxwEh fIBg== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=cc:to:from:subject:message-id:references:mime-version :list-unsubscribe:list-subscribe:list-id:precedence:in-reply-to:date :dkim-signature; bh=gHnn4b/aF0vLLT3VFQPmMbPoN7WtL6sG78+6CFhfUU0=; fh=n93eMwvVjRXw2g7n/yGHP3z7NV1hEaDy/kF9ICmToUY=; b=dKydjRlFz7dPYvwNk6UvW5D91Pgj92tNjrm7HBx84I0cuFBQR5hfs1IiJBNjCW7TTX 48wCDa2yympI6tjGSNiwNY4mu6oPPE8eaXOF8RnQtDoDjMs/T6ad6D0wWKgFDtmWgRYm +6Mbp01ghrTyZgmxlIvL6P6Bg1fsSLrPg/Hp2fHRoxveRX4UdRHRCKKEmGrZO/r/5fWA ToYnINx8GaHq4UkFeqWji2JHrxORAhCUEagwjNd91qilPf/dJqWcGjrFDXcc4ahImmbc qTZnYyMDyo5GiHRbX9ueDhVpBIZIb+Q71t5jNe8oyhbhe+L3zIfE80IcFXwYASHSVm2H gnsQ==; dara=google.com ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@google.com header.s=20230601 header.b=JqhLbwga; arc=pass (i=1 spf=pass spfdomain=flex--seanjc.bounces.google.com dkim=pass dkdomain=google.com dmarc=pass fromdomain=google.com); spf=pass (google.com: domain of linux-kernel+bounces-151505-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:4601:e00::3 as permitted sender) smtp.mailfrom="linux-kernel+bounces-151505-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Return-Path: Received: from am.mirrors.kernel.org (am.mirrors.kernel.org. [2604:1380:4601:e00::3]) by mx.google.com with ESMTPS id jt25-20020a170906dfd900b00a5563246549si1995273ejc.368.2024.04.19.06.52.56 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 19 Apr 2024 06:52:56 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel+bounces-151505-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:4601:e00::3 as permitted sender) client-ip=2604:1380:4601:e00::3; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20230601 header.b=JqhLbwga; arc=pass (i=1 spf=pass spfdomain=flex--seanjc.bounces.google.com dkim=pass dkdomain=google.com dmarc=pass fromdomain=google.com); spf=pass (google.com: domain of linux-kernel+bounces-151505-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:4601:e00::3 as permitted sender) smtp.mailfrom="linux-kernel+bounces-151505-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by am.mirrors.kernel.org (Postfix) with ESMTPS id 9ABD01F21C6F for ; Fri, 19 Apr 2024 13:52:55 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id DCEFF12C805; Fri, 19 Apr 2024 13:52:46 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="JqhLbwga" Received: from mail-pg1-f202.google.com (mail-pg1-f202.google.com [209.85.215.202]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id A010712AAF4 for ; Fri, 19 Apr 2024 13:52:44 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.215.202 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1713534766; cv=none; b=A7eccbxqnkuRvNG5XonlefvUdCMeJdpDXtItUmiXrBsYu8uTN5rzEWKcxnQHXsDnOgiuZuAGYdMtoStGqyyG7YWK8ohW2kl3JO9Hi3KpoEGWlH+hpqCm+9b/lAypgeib9boGv5G6JE2a0RhPcBG27GFj2Hyl4uxziAryCvT4wjY= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1713534766; c=relaxed/simple; bh=0bMqhizXXBRsHgH7B8q96FVF9b/L6f85+o0VoS7OMWs=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=UtXfjpTgYf+ewmx6sLQ3+5lDjBm/W2BDsPoCSFgSUZTGcVQ/AeGSiaZJyxa+01/VbUu6Hvzf80lRPCQ2ts6ZdxO3yuR+zHx2VYLs4JS903Spb4sh9L/Dab1SaJ2SyvBtJYbl69mqpl0PTX4VKyI3+XW+csfz3iSdNsQhNx2Nzj0= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=JqhLbwga; arc=none smtp.client-ip=209.85.215.202 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com Received: by mail-pg1-f202.google.com with SMTP id 41be03b00d2f7-5c670f70a37so2174470a12.2 for ; Fri, 19 Apr 2024 06:52:44 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1713534764; x=1714139564; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=gHnn4b/aF0vLLT3VFQPmMbPoN7WtL6sG78+6CFhfUU0=; b=JqhLbwgaCHJykhghjgEVhqE7Xtvo9O50qeZTNWc77MBxI/BxRpo66JP3OY4k41Q+OW rIQ+pbtm+5Gd/QgKha17SFH+4QaGeAEXSnNzeo5gLwYKa3YQWozzBgtJYrzZPNzgvSln VI4LID5//WzaeEwSaKHdz0fIODL1boGHITbkFwSkw2mchhOw09KDo5/nMx0IBbj3WXEY aWHXK8XB+oxfNCiNkGUyqXyNR+oomrIQB6i4A4vvkzgg00cgIEDqPQbufF8sGqEURlBA 8tEBuS/vs99SJBGrIn+u7bfmQFjKcrbSoZS3yW0/1YtzsGLYYtvbsmcuwoI4WXIcFyCX DF2w== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1713534764; x=1714139564; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=gHnn4b/aF0vLLT3VFQPmMbPoN7WtL6sG78+6CFhfUU0=; b=k228NUySjPC7x1LicleteBFJCUAZ6MYZ1Ajwnj5QjCUfI5GCMQ+iIQz7N/E07vSH1t 23UT2eBqWcLnlMmTkj7Y1/G98MK9QdJqENCdpYwBqCD6XyjEZorzk20+lwyvdEUi5R3r 0G5gNiUCMVlNS7HgJdpuPHd9yow1+TiKIdd2hDVlvyT8uy8x1ck3RSZcIH/kqqPCBKFs 9/XMmBkvNNFHPUKuFgRuEC5VucUbNLKA5uN8+M8Rk7idR9SVhATgYBc49IvJxF8HXsf9 AnSNAZEmwsXaCStBXvdAVYqUPRPfCO0c0xMgIgfurVCetDa63AHD/1+EIjXr9yGq26qc mKQw== X-Forwarded-Encrypted: i=1; AJvYcCXXUlyPdOL34A3kB1KlYB+9q/spA2+i2h4ShszDvO6fG/d5QesS0h1xRFt2vooGDnfYQAkkIAsVaxukEac2EN4kuhafyECvo74gwQys X-Gm-Message-State: AOJu0YyPzKYrosf2qHJ+yXyGNAdZyDeOwQfWQTD8YWiMf6d2YQJnTQLr gLUlN1L0iyPKIQ00YmTgn8bp1gdz5bdMN4TgwqWSQI1lRHpr1QTBacUijtd5UI7PKpsrkgrf0zS Unw== X-Received: from zagreus.c.googlers.com ([fda3:e722:ac3:cc00:7f:e700:c0a8:5c37]) (user=seanjc job=sendgmr) by 2002:a05:6a02:fca:b0:5dc:af76:660 with SMTP id dr10-20020a056a020fca00b005dcaf760660mr75766pgb.10.1713534763747; Fri, 19 Apr 2024 06:52:43 -0700 (PDT) Date: Fri, 19 Apr 2024 06:52:42 -0700 In-Reply-To: <9c4547ea234a2ba09ebe05219f180f08ac6fc2e3.1708933498.git.isaku.yamahata@intel.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <9c4547ea234a2ba09ebe05219f180f08ac6fc2e3.1708933498.git.isaku.yamahata@intel.com> Message-ID: Subject: Re: [PATCH v19 116/130] KVM: TDX: Silently discard SMI request From: Sean Christopherson To: isaku.yamahata@intel.com Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org, isaku.yamahata@gmail.com, Paolo Bonzini , erdemaktas@google.com, Sagi Shahar , Kai Huang , chen.bo@intel.com, hang.yuan@intel.com, tina.zhang@intel.com Content-Type: text/plain; charset="us-ascii" On Mon, Feb 26, 2024, isaku.yamahata@intel.com wrote: > From: Isaku Yamahata > > TDX doesn't support system-management mode (SMM) and system-management > interrupt (SMI) in guest TDs. Because guest state (vcpu state, memory > state) is protected, it must go through the TDX module APIs to change guest > state, injecting SMI and changing vcpu mode into SMM. The TDX module > doesn't provide a way for VMM to inject SMI into guest TD and a way for VMM > to switch guest vcpu mode into SMM. > > We have two options in KVM when handling SMM or SMI in the guest TD or the > device model (e.g. QEMU): 1) silently ignore the request or 2) return a > meaningful error. > > For simplicity, we implemented the option 1). > > Signed-off-by: Isaku Yamahata > --- > arch/x86/kvm/smm.h | 7 +++++- > arch/x86/kvm/vmx/main.c | 45 ++++++++++++++++++++++++++++++++++---- > arch/x86/kvm/vmx/tdx.c | 29 ++++++++++++++++++++++++ > arch/x86/kvm/vmx/x86_ops.h | 12 ++++++++++ > 4 files changed, 88 insertions(+), 5 deletions(-) > > diff --git a/arch/x86/kvm/smm.h b/arch/x86/kvm/smm.h > index a1cf2ac5bd78..bc77902f5c18 100644 > --- a/arch/x86/kvm/smm.h > +++ b/arch/x86/kvm/smm.h > @@ -142,7 +142,12 @@ union kvm_smram { > > static inline int kvm_inject_smi(struct kvm_vcpu *vcpu) > { > - kvm_make_request(KVM_REQ_SMI, vcpu); > + /* > + * If SMM isn't supported (e.g. TDX), silently discard SMI request. > + * Assume that SMM supported = MSR_IA32_SMBASE supported. > + */ > + if (static_call(kvm_x86_has_emulated_msr)(vcpu->kvm, MSR_IA32_SMBASE)) > + kvm_make_request(KVM_REQ_SMI, vcpu); > return 0; No, just do what KVM already does for CONFIG_KVM_SMM=n, and return -ENOTTY. The *entire* point of have a return code is to handle setups that don't support SMM. if (!static_call(kvm_x86_has_emulated_msr)(vcpu->kvm, MSR_IA32_SMBASE))) return -ENOTTY; And with that, I would drop the comment, it's pretty darn clear what "assumption" is being made. In quotes because it's not an assumption, it's literally KVM's implementation. And then the changelog can say "do what KVM does for CONFIG_KVM_SMM=n" without having to explain why we decided to do something completely arbitrary for TDX. > } > > diff --git a/arch/x86/kvm/vmx/main.c b/arch/x86/kvm/vmx/main.c > index ed46e7e57c18..4f3b872cd401 100644 > --- a/arch/x86/kvm/vmx/main.c > +++ b/arch/x86/kvm/vmx/main.c > @@ -283,6 +283,43 @@ static void vt_msr_filter_changed(struct kvm_vcpu *vcpu) > vmx_msr_filter_changed(vcpu); > } > > +#ifdef CONFIG_KVM_SMM > +static int vt_smi_allowed(struct kvm_vcpu *vcpu, bool for_injection) > +{ > + if (is_td_vcpu(vcpu)) > + return tdx_smi_allowed(vcpu, for_injection); Adding stubs for something that TDX will never support is silly. Bug the VM and return an error. if (KVM_BUG_ON(is_td_vcpu(vcpu))) return -EIO; And I wouldn't even bother with vt_* wrappers, just put that right in vmx_*(). Same thing for everything below.