Commit 883af1f8 authored by Linus Torvalds's avatar Linus Torvalds
Browse files

Merge tag 'x86_tdx_for_7.1-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip 

Pull x86 TDX updates from Dave Hansen:
 "The only real thing of note here is printing the TDX module version.

  This is a little silly on its own, but the upcoming TDX module update
  code needs the same TDX module call. This shrinks that set a wee bit.

  There's also few minor macro cleanups and a tweak to the GetQuote ABI
  to make it easier for userspace to detect zero-length (failed) quotes"

* tag 'x86_tdx_for_7.1-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip:
  virt: tdx-guest: Return error for GetQuote failures
  KVM/TDX: Rename KVM_SUPPORTED_TD_ATTRS to KVM_SUPPORTED_TDX_TD_ATTRS
  x86/tdx: Rename TDX_ATTR_* to TDX_TD_ATTR_*
  KVM/TDX: Remove redundant definitions of TDX_TD_ATTR_*
  x86/tdx: Fix the typo in TDX_ATTR_MIGRTABLE
  x86/virt/tdx: Print TDX module version during init
  x86/virt/tdx: Retrieve TDX module version
parents 51efd086 0f409eae

arch/x86/coco/tdx/debug.c

+13 −13
Original line number Diff line number Diff line
@@ -7,21 +7,21 @@ 
#include <linux/printk.h>

#include <asm/tdx.h>



#define DEF_TDX_ATTR_NAME(_name) [TDX_ATTR_##_name##_BIT] = __stringify(_name)

#define DEF_TDX_TD_ATTR_NAME(_name) [TDX_TD_ATTR_##_name##_BIT] = __stringify(_name)



static __initdata const char *tdx_attributes[] = {

	DEF_TDX_ATTR_NAME(DEBUG),

	DEF_TDX_ATTR_NAME(HGS_PLUS_PROF),

	DEF_TDX_ATTR_NAME(PERF_PROF),

	DEF_TDX_ATTR_NAME(PMT_PROF),

	DEF_TDX_ATTR_NAME(ICSSD),

	DEF_TDX_ATTR_NAME(LASS),

	DEF_TDX_ATTR_NAME(SEPT_VE_DISABLE),

	DEF_TDX_ATTR_NAME(MIGRTABLE),

	DEF_TDX_ATTR_NAME(PKS),

	DEF_TDX_ATTR_NAME(KL),

	DEF_TDX_ATTR_NAME(TPA),

	DEF_TDX_ATTR_NAME(PERFMON),

	DEF_TDX_TD_ATTR_NAME(DEBUG),

	DEF_TDX_TD_ATTR_NAME(HGS_PLUS_PROF),

	DEF_TDX_TD_ATTR_NAME(PERF_PROF),

	DEF_TDX_TD_ATTR_NAME(PMT_PROF),

	DEF_TDX_TD_ATTR_NAME(ICSSD),

	DEF_TDX_TD_ATTR_NAME(LASS),

	DEF_TDX_TD_ATTR_NAME(SEPT_VE_DISABLE),

	DEF_TDX_TD_ATTR_NAME(MIGRATABLE),

	DEF_TDX_TD_ATTR_NAME(PKS),

	DEF_TDX_TD_ATTR_NAME(KL),

	DEF_TDX_TD_ATTR_NAME(TPA),

	DEF_TDX_TD_ATTR_NAME(PERFMON),

};



#define DEF_TD_CTLS_NAME(_name) [TD_CTLS_##_name##_BIT] = __stringify(_name)

arch/x86/coco/tdx/tdx.c

+4 −4
Original line number Diff line number Diff line
@@ -238,14 +238,14 @@ static void __noreturn tdx_panic(const char *msg) 
 *

 * TDX 1.0 does not allow the guest to disable SEPT #VE on its own. The VMM

 * controls if the guest will receive such #VE with TD attribute

 * TDX_ATTR_SEPT_VE_DISABLE.

 * TDX_TD_ATTR_SEPT_VE_DISABLE.

 *

 * Newer TDX modules allow the guest to control if it wants to receive SEPT

 * violation #VEs.

 *

 * Check if the feature is available and disable SEPT #VE if possible.

 *

 * If the TD is allowed to disable/enable SEPT #VEs, the TDX_ATTR_SEPT_VE_DISABLE

 * If the TD is allowed to disable/enable SEPT #VEs, the TDX_TD_ATTR_SEPT_VE_DISABLE

 * attribute is no longer reliable. It reflects the initial state of the

 * control for the TD, but it will not be updated if someone (e.g. bootloader)

 * changes it before the kernel starts. Kernel must check TDCS_TD_CTLS bit to
@@ -254,14 +254,14 @@ static void __noreturn tdx_panic(const char *msg) 
static void disable_sept_ve(u64 td_attr)

{

	const char *msg = "TD misconfiguration: SEPT #VE has to be disabled";

	bool debug = td_attr & TDX_ATTR_DEBUG;

	bool debug = td_attr & TDX_TD_ATTR_DEBUG;

	u64 config, controls;



	/* Is this TD allowed to disable SEPT #VE */

	tdg_vm_rd(TDCS_CONFIG_FLAGS, &config);

	if (!(config & TDCS_CONFIG_FLEXIBLE_PENDING_VE)) {

		/* No SEPT #VE controls for the guest: check the attribute */

		if (td_attr & TDX_ATTR_SEPT_VE_DISABLE)

		if (td_attr & TDX_TD_ATTR_SEPT_VE_DISABLE)

			return;



		/* Relax SEPT_VE_DISABLE check for debug TD for backtraces */

arch/x86/include/asm/shared/tdx.h

+25 −25
Original line number Diff line number Diff line
@@ -20,31 +20,31 @@ 
#define TDG_VM_RD			7

#define TDG_VM_WR			8



/* TDX attributes */

#define TDX_ATTR_DEBUG_BIT		0

#define TDX_ATTR_DEBUG			BIT_ULL(TDX_ATTR_DEBUG_BIT)

#define TDX_ATTR_HGS_PLUS_PROF_BIT	4

#define TDX_ATTR_HGS_PLUS_PROF		BIT_ULL(TDX_ATTR_HGS_PLUS_PROF_BIT)

#define TDX_ATTR_PERF_PROF_BIT		5

#define TDX_ATTR_PERF_PROF		BIT_ULL(TDX_ATTR_PERF_PROF_BIT)

#define TDX_ATTR_PMT_PROF_BIT		6

#define TDX_ATTR_PMT_PROF		BIT_ULL(TDX_ATTR_PMT_PROF_BIT)

#define TDX_ATTR_ICSSD_BIT		16

#define TDX_ATTR_ICSSD			BIT_ULL(TDX_ATTR_ICSSD_BIT)

#define TDX_ATTR_LASS_BIT		27

#define TDX_ATTR_LASS			BIT_ULL(TDX_ATTR_LASS_BIT)

#define TDX_ATTR_SEPT_VE_DISABLE_BIT	28

#define TDX_ATTR_SEPT_VE_DISABLE	BIT_ULL(TDX_ATTR_SEPT_VE_DISABLE_BIT)

#define TDX_ATTR_MIGRTABLE_BIT		29

#define TDX_ATTR_MIGRTABLE		BIT_ULL(TDX_ATTR_MIGRTABLE_BIT)

#define TDX_ATTR_PKS_BIT		30

#define TDX_ATTR_PKS			BIT_ULL(TDX_ATTR_PKS_BIT)

#define TDX_ATTR_KL_BIT			31

#define TDX_ATTR_KL			BIT_ULL(TDX_ATTR_KL_BIT)

#define TDX_ATTR_TPA_BIT		62

#define TDX_ATTR_TPA			BIT_ULL(TDX_ATTR_TPA_BIT)

#define TDX_ATTR_PERFMON_BIT		63

#define TDX_ATTR_PERFMON		BIT_ULL(TDX_ATTR_PERFMON_BIT)

/* TDX TD attributes */

#define TDX_TD_ATTR_DEBUG_BIT		0

#define TDX_TD_ATTR_DEBUG		BIT_ULL(TDX_TD_ATTR_DEBUG_BIT)

#define TDX_TD_ATTR_HGS_PLUS_PROF_BIT	4

#define TDX_TD_ATTR_HGS_PLUS_PROF	BIT_ULL(TDX_TD_ATTR_HGS_PLUS_PROF_BIT)

#define TDX_TD_ATTR_PERF_PROF_BIT	5

#define TDX_TD_ATTR_PERF_PROF		BIT_ULL(TDX_TD_ATTR_PERF_PROF_BIT)

#define TDX_TD_ATTR_PMT_PROF_BIT	6

#define TDX_TD_ATTR_PMT_PROF		BIT_ULL(TDX_TD_ATTR_PMT_PROF_BIT)

#define TDX_TD_ATTR_ICSSD_BIT		16

#define TDX_TD_ATTR_ICSSD		BIT_ULL(TDX_TD_ATTR_ICSSD_BIT)

#define TDX_TD_ATTR_LASS_BIT		27

#define TDX_TD_ATTR_LASS		BIT_ULL(TDX_TD_ATTR_LASS_BIT)

#define TDX_TD_ATTR_SEPT_VE_DISABLE_BIT	28

#define TDX_TD_ATTR_SEPT_VE_DISABLE	BIT_ULL(TDX_TD_ATTR_SEPT_VE_DISABLE_BIT)

#define TDX_TD_ATTR_MIGRATABLE_BIT	29

#define TDX_TD_ATTR_MIGRATABLE		BIT_ULL(TDX_TD_ATTR_MIGRATABLE_BIT)

#define TDX_TD_ATTR_PKS_BIT		30

#define TDX_TD_ATTR_PKS			BIT_ULL(TDX_TD_ATTR_PKS_BIT)

#define TDX_TD_ATTR_KL_BIT		31

#define TDX_TD_ATTR_KL			BIT_ULL(TDX_TD_ATTR_KL_BIT)

#define TDX_TD_ATTR_TPA_BIT		62

#define TDX_TD_ATTR_TPA			BIT_ULL(TDX_TD_ATTR_TPA_BIT)

#define TDX_TD_ATTR_PERFMON_BIT		63

#define TDX_TD_ATTR_PERFMON		BIT_ULL(TDX_TD_ATTR_PERFMON_BIT)



/* TDX TD-Scope Metadata. To be used by TDG.VM.WR and TDG.VM.RD */

#define TDCS_CONFIG_FLAGS		0x1110000300000016

arch/x86/include/asm/tdx_global_metadata.h

+7 −0
Original line number Diff line number Diff line
@@ -5,6 +5,12 @@ 


#include <linux/types.h>



struct tdx_sys_info_version {

	u16 minor_version;

	u16 major_version;

	u16 update_version;

};



struct tdx_sys_info_features {

	u64 tdx_features0;

};
@@ -35,6 +41,7 @@ struct tdx_sys_info_td_conf { 
};



struct tdx_sys_info {

	struct tdx_sys_info_version version;

	struct tdx_sys_info_features features;

	struct tdx_sys_info_tdmr tdmr;

	struct tdx_sys_info_td_ctrl td_ctrl;

arch/x86/kvm/vmx/tdx.c

+2 −2
Original line number Diff line number Diff line
@@ -75,7 +75,7 @@ void tdh_vp_wr_failed(struct vcpu_tdx *tdx, char *uclass, char *op, u32 field, 
	pr_err("TDH_VP_WR[%s.0x%x]%s0x%llx failed: 0x%llx\n", uclass, field, op, val, err);

}



#define KVM_SUPPORTED_TD_ATTRS (TDX_TD_ATTR_SEPT_VE_DISABLE)

#define KVM_SUPPORTED_TDX_TD_ATTRS (TDX_TD_ATTR_SEPT_VE_DISABLE)



static __always_inline struct kvm_tdx *to_kvm_tdx(struct kvm *kvm)

{
@@ -89,7 +89,7 @@ static __always_inline struct vcpu_tdx *to_tdx(struct kvm_vcpu *vcpu) 


static u64 tdx_get_supported_attrs(const struct tdx_sys_info_td_conf *td_conf)

{

	u64 val = KVM_SUPPORTED_TD_ATTRS;

	u64 val = KVM_SUPPORTED_TDX_TD_ATTRS;



	if ((val & td_conf->attributes_fixed1) != td_conf->attributes_fixed1)

		return 0;