tjh.dev / kernel
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
1
fork

Configure Feed

Select the types of activity you want to include in your feed.

Merge tag 'x86_tdx_for_7.1-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip

Pull x86 TDX updates from Dave Hansen:
"The only real thing of note here is printing the TDX module version.

This is a little silly on its own, but the upcoming TDX module update
code needs the same TDX module call. This shrinks that set a wee bit.

There's also few minor macro cleanups and a tweak to the GetQuote ABI
to make it easier for userspace to detect zero-length (failed) quotes"

* tag 'x86_tdx_for_7.1-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip:
virt: tdx-guest: Return error for GetQuote failures
KVM/TDX: Rename KVM_SUPPORTED_TD_ATTRS to KVM_SUPPORTED_TDX_TD_ATTRS
x86/tdx: Rename TDX_ATTR_* to TDX_TD_ATTR_*
KVM/TDX: Remove redundant definitions of TDX_TD_ATTR_*
x86/tdx: Fix the typo in TDX_ATTR_MIGRTABLE
x86/virt/tdx: Print TDX module version during init
x86/virt/tdx: Retrieve TDX module version

Linus Torvalds 883af1f8 51efd086

+78 -50
+13 -13
arch/x86/coco/tdx/debug.c
··· 7 7 #include <linux/printk.h> 8 8 #include <asm/tdx.h> 9 9 10 - #define DEF_TDX_ATTR_NAME(_name) [TDX_ATTR_##_name##_BIT] = __stringify(_name) 10 + #define DEF_TDX_TD_ATTR_NAME(_name) [TDX_TD_ATTR_##_name##_BIT] = __stringify(_name) 11 11 12 12 static __initdata const char *tdx_attributes[] = { 13 - DEF_TDX_ATTR_NAME(DEBUG), 14 - DEF_TDX_ATTR_NAME(HGS_PLUS_PROF), 15 - DEF_TDX_ATTR_NAME(PERF_PROF), 16 - DEF_TDX_ATTR_NAME(PMT_PROF), 17 - DEF_TDX_ATTR_NAME(ICSSD), 18 - DEF_TDX_ATTR_NAME(LASS), 19 - DEF_TDX_ATTR_NAME(SEPT_VE_DISABLE), 20 - DEF_TDX_ATTR_NAME(MIGRTABLE), 21 - DEF_TDX_ATTR_NAME(PKS), 22 - DEF_TDX_ATTR_NAME(KL), 23 - DEF_TDX_ATTR_NAME(TPA), 24 - DEF_TDX_ATTR_NAME(PERFMON), 13 + DEF_TDX_TD_ATTR_NAME(DEBUG), 14 + DEF_TDX_TD_ATTR_NAME(HGS_PLUS_PROF), 15 + DEF_TDX_TD_ATTR_NAME(PERF_PROF), 16 + DEF_TDX_TD_ATTR_NAME(PMT_PROF), 17 + DEF_TDX_TD_ATTR_NAME(ICSSD), 18 + DEF_TDX_TD_ATTR_NAME(LASS), 19 + DEF_TDX_TD_ATTR_NAME(SEPT_VE_DISABLE), 20 + DEF_TDX_TD_ATTR_NAME(MIGRATABLE), 21 + DEF_TDX_TD_ATTR_NAME(PKS), 22 + DEF_TDX_TD_ATTR_NAME(KL), 23 + DEF_TDX_TD_ATTR_NAME(TPA), 24 + DEF_TDX_TD_ATTR_NAME(PERFMON), 25 25 }; 26 26 27 27 #define DEF_TD_CTLS_NAME(_name) [TD_CTLS_##_name##_BIT] = __stringify(_name)
+4 -4
arch/x86/coco/tdx/tdx.c
··· 238 238 * 239 239 * TDX 1.0 does not allow the guest to disable SEPT #VE on its own. The VMM 240 240 * controls if the guest will receive such #VE with TD attribute 241 - * TDX_ATTR_SEPT_VE_DISABLE. 241 + * TDX_TD_ATTR_SEPT_VE_DISABLE. 242 242 * 243 243 * Newer TDX modules allow the guest to control if it wants to receive SEPT 244 244 * violation #VEs. 245 245 * 246 246 * Check if the feature is available and disable SEPT #VE if possible. 247 247 * 248 - * If the TD is allowed to disable/enable SEPT #VEs, the TDX_ATTR_SEPT_VE_DISABLE 248 + * If the TD is allowed to disable/enable SEPT #VEs, the TDX_TD_ATTR_SEPT_VE_DISABLE 249 249 * attribute is no longer reliable. It reflects the initial state of the 250 250 * control for the TD, but it will not be updated if someone (e.g. bootloader) 251 251 * changes it before the kernel starts. Kernel must check TDCS_TD_CTLS bit to ··· 254 254 static void disable_sept_ve(u64 td_attr) 255 255 { 256 256 const char *msg = "TD misconfiguration: SEPT #VE has to be disabled"; 257 - bool debug = td_attr & TDX_ATTR_DEBUG; 257 + bool debug = td_attr & TDX_TD_ATTR_DEBUG; 258 258 u64 config, controls; 259 259 260 260 /* Is this TD allowed to disable SEPT #VE */ 261 261 tdg_vm_rd(TDCS_CONFIG_FLAGS, &config); 262 262 if (!(config & TDCS_CONFIG_FLEXIBLE_PENDING_VE)) { 263 263 /* No SEPT #VE controls for the guest: check the attribute */ 264 - if (td_attr & TDX_ATTR_SEPT_VE_DISABLE) 264 + if (td_attr & TDX_TD_ATTR_SEPT_VE_DISABLE) 265 265 return; 266 266 267 267 /* Relax SEPT_VE_DISABLE check for debug TD for backtraces */
+25 -25
arch/x86/include/asm/shared/tdx.h
··· 20 20 #define TDG_VM_RD 7 21 21 #define TDG_VM_WR 8 22 22 23 - /* TDX attributes */ 24 - #define TDX_ATTR_DEBUG_BIT 0 25 - #define TDX_ATTR_DEBUG BIT_ULL(TDX_ATTR_DEBUG_BIT) 26 - #define TDX_ATTR_HGS_PLUS_PROF_BIT 4 27 - #define TDX_ATTR_HGS_PLUS_PROF BIT_ULL(TDX_ATTR_HGS_PLUS_PROF_BIT) 28 - #define TDX_ATTR_PERF_PROF_BIT 5 29 - #define TDX_ATTR_PERF_PROF BIT_ULL(TDX_ATTR_PERF_PROF_BIT) 30 - #define TDX_ATTR_PMT_PROF_BIT 6 31 - #define TDX_ATTR_PMT_PROF BIT_ULL(TDX_ATTR_PMT_PROF_BIT) 32 - #define TDX_ATTR_ICSSD_BIT 16 33 - #define TDX_ATTR_ICSSD BIT_ULL(TDX_ATTR_ICSSD_BIT) 34 - #define TDX_ATTR_LASS_BIT 27 35 - #define TDX_ATTR_LASS BIT_ULL(TDX_ATTR_LASS_BIT) 36 - #define TDX_ATTR_SEPT_VE_DISABLE_BIT 28 37 - #define TDX_ATTR_SEPT_VE_DISABLE BIT_ULL(TDX_ATTR_SEPT_VE_DISABLE_BIT) 38 - #define TDX_ATTR_MIGRTABLE_BIT 29 39 - #define TDX_ATTR_MIGRTABLE BIT_ULL(TDX_ATTR_MIGRTABLE_BIT) 40 - #define TDX_ATTR_PKS_BIT 30 41 - #define TDX_ATTR_PKS BIT_ULL(TDX_ATTR_PKS_BIT) 42 - #define TDX_ATTR_KL_BIT 31 43 - #define TDX_ATTR_KL BIT_ULL(TDX_ATTR_KL_BIT) 44 - #define TDX_ATTR_TPA_BIT 62 45 - #define TDX_ATTR_TPA BIT_ULL(TDX_ATTR_TPA_BIT) 46 - #define TDX_ATTR_PERFMON_BIT 63 47 - #define TDX_ATTR_PERFMON BIT_ULL(TDX_ATTR_PERFMON_BIT) 23 + /* TDX TD attributes */ 24 + #define TDX_TD_ATTR_DEBUG_BIT 0 25 + #define TDX_TD_ATTR_DEBUG BIT_ULL(TDX_TD_ATTR_DEBUG_BIT) 26 + #define TDX_TD_ATTR_HGS_PLUS_PROF_BIT 4 27 + #define TDX_TD_ATTR_HGS_PLUS_PROF BIT_ULL(TDX_TD_ATTR_HGS_PLUS_PROF_BIT) 28 + #define TDX_TD_ATTR_PERF_PROF_BIT 5 29 + #define TDX_TD_ATTR_PERF_PROF BIT_ULL(TDX_TD_ATTR_PERF_PROF_BIT) 30 + #define TDX_TD_ATTR_PMT_PROF_BIT 6 31 + #define TDX_TD_ATTR_PMT_PROF BIT_ULL(TDX_TD_ATTR_PMT_PROF_BIT) 32 + #define TDX_TD_ATTR_ICSSD_BIT 16 33 + #define TDX_TD_ATTR_ICSSD BIT_ULL(TDX_TD_ATTR_ICSSD_BIT) 34 + #define TDX_TD_ATTR_LASS_BIT 27 35 + #define TDX_TD_ATTR_LASS BIT_ULL(TDX_TD_ATTR_LASS_BIT) 36 + #define TDX_TD_ATTR_SEPT_VE_DISABLE_BIT 28 37 + #define TDX_TD_ATTR_SEPT_VE_DISABLE BIT_ULL(TDX_TD_ATTR_SEPT_VE_DISABLE_BIT) 38 + #define TDX_TD_ATTR_MIGRATABLE_BIT 29 39 + #define TDX_TD_ATTR_MIGRATABLE BIT_ULL(TDX_TD_ATTR_MIGRATABLE_BIT) 40 + #define TDX_TD_ATTR_PKS_BIT 30 41 + #define TDX_TD_ATTR_PKS BIT_ULL(TDX_TD_ATTR_PKS_BIT) 42 + #define TDX_TD_ATTR_KL_BIT 31 43 + #define TDX_TD_ATTR_KL BIT_ULL(TDX_TD_ATTR_KL_BIT) 44 + #define TDX_TD_ATTR_TPA_BIT 62 45 + #define TDX_TD_ATTR_TPA BIT_ULL(TDX_TD_ATTR_TPA_BIT) 46 + #define TDX_TD_ATTR_PERFMON_BIT 63 47 + #define TDX_TD_ATTR_PERFMON BIT_ULL(TDX_TD_ATTR_PERFMON_BIT) 48 48 49 49 /* TDX TD-Scope Metadata. To be used by TDG.VM.WR and TDG.VM.RD */ 50 50 #define TDCS_CONFIG_FLAGS 0x1110000300000016
+7
arch/x86/include/asm/tdx_global_metadata.h
··· 5 5 6 6 #include <linux/types.h> 7 7 8 + struct tdx_sys_info_version { 9 + u16 minor_version; 10 + u16 major_version; 11 + u16 update_version; 12 + }; 13 + 8 14 struct tdx_sys_info_features { 9 15 u64 tdx_features0; 10 16 }; ··· 41 35 }; 42 36 43 37 struct tdx_sys_info { 38 + struct tdx_sys_info_version version; 44 39 struct tdx_sys_info_features features; 45 40 struct tdx_sys_info_tdmr tdmr; 46 41 struct tdx_sys_info_td_ctrl td_ctrl;
+2 -2
arch/x86/kvm/vmx/tdx.c
··· 75 75 pr_err("TDH_VP_WR[%s.0x%x]%s0x%llx failed: 0x%llx\n", uclass, field, op, val, err); 76 76 } 77 77 78 - #define KVM_SUPPORTED_TD_ATTRS (TDX_TD_ATTR_SEPT_VE_DISABLE) 78 + #define KVM_SUPPORTED_TDX_TD_ATTRS (TDX_TD_ATTR_SEPT_VE_DISABLE) 79 79 80 80 static __always_inline struct kvm_tdx *to_kvm_tdx(struct kvm *kvm) 81 81 { ··· 89 89 90 90 static u64 tdx_get_supported_attrs(const struct tdx_sys_info_td_conf *td_conf) 91 91 { 92 - u64 val = KVM_SUPPORTED_TD_ATTRS; 92 + u64 val = KVM_SUPPORTED_TDX_TD_ATTRS; 93 93 94 94 if ((val & td_conf->attributes_fixed1) != td_conf->attributes_fixed1) 95 95 return 0;
-6
arch/x86/kvm/vmx/tdx_arch.h
··· 75 75 u32 edx; 76 76 } __packed; 77 77 78 - #define TDX_TD_ATTR_DEBUG BIT_ULL(0) 79 - #define TDX_TD_ATTR_SEPT_VE_DISABLE BIT_ULL(28) 80 - #define TDX_TD_ATTR_PKS BIT_ULL(30) 81 - #define TDX_TD_ATTR_KL BIT_ULL(31) 82 - #define TDX_TD_ATTR_PERFMON BIT_ULL(63) 83 - 84 78 #define TDX_EXT_EXIT_QUAL_TYPE_MASK GENMASK(3, 0) 85 79 #define TDX_EXT_EXIT_QUAL_TYPE_PENDING_EPT_VIOLATION 6 86 80 /*
+22
arch/x86/virt/vmx/tdx/tdx_global_metadata.c
··· 7 7 * Include this file to other C file instead. 8 8 */ 9 9 10 + static int get_tdx_sys_info_version(struct tdx_sys_info_version *sysinfo_version) 11 + { 12 + int ret = 0; 13 + u64 val; 14 + 15 + if (!ret && !(ret = read_sys_metadata_field(0x0800000100000003, &val))) 16 + sysinfo_version->minor_version = val; 17 + if (!ret && !(ret = read_sys_metadata_field(0x0800000100000004, &val))) 18 + sysinfo_version->major_version = val; 19 + if (!ret && !(ret = read_sys_metadata_field(0x0800000100000005, &val))) 20 + sysinfo_version->update_version = val; 21 + 22 + return ret; 23 + } 24 + 10 25 static int get_tdx_sys_info_features(struct tdx_sys_info_features *sysinfo_features) 11 26 { 12 27 int ret = 0; ··· 103 88 static int get_tdx_sys_info(struct tdx_sys_info *sysinfo) 104 89 { 105 90 int ret = 0; 91 + 92 + ret = ret ?: get_tdx_sys_info_version(&sysinfo->version); 93 + 94 + pr_info("Module version: %u.%u.%02u\n", 95 + sysinfo->version.major_version, 96 + sysinfo->version.minor_version, 97 + sysinfo->version.update_version); 106 98 107 99 ret = ret ?: get_tdx_sys_info_features(&sysinfo->features); 108 100 ret = ret ?: get_tdx_sys_info_tdmr(&sysinfo->tdmr);
+5
drivers/virt/coco/tdx-guest/tdx-guest.c
··· 309 309 return ret; 310 310 } 311 311 312 + if (quote_buf->status != GET_QUOTE_SUCCESS) { 313 + pr_debug("GetQuote request failed, status:%llx\n", quote_buf->status); 314 + return -EIO; 315 + } 316 + 312 317 out_len = READ_ONCE(quote_buf->out_len); 313 318 314 319 if (out_len > TDX_QUOTE_MAX_LEN)