[v10,015/108] x86/cpu: Add helper functions to allocate/free TDX private host key id
Commit Message
Isaku Yamahata
Oct. 30, 2022, 6:22 a.m. UTC
From: Isaku Yamahata <isaku.yamahata@intel.com> TDX private host key id is assigned to guest TD. The memory controller encrypts guest TD memory with the assigned TDX private host key id (HIKD). Add helper functions to allocate/free TDX private host key id so that TDX KVM manage it. Also export the global TDX private host key id that is used to encrypt TDX module, its memory and some dynamic data (TDR). When VMM releasing encrypted page to reuse it, the page needs to be flushed with the used host key id. VMM needs the global TDX private host key id to flush such pages TDX module accesses with the global TDX private host key id. Signed-off-by: Isaku Yamahata <isaku.yamahata@intel.com> --- arch/x86/include/asm/tdx.h | 13 +++++++++++++ arch/x86/virt/vmx/tdx/tdx.c | 28 +++++++++++++++++++++++++++- 2 files changed, 40 insertions(+), 1 deletion(-)
Comments
On Sat, 2022-10-29 at 23:22 -0700, isaku.yamahata@intel.com wrote: > From: Isaku Yamahata <isaku.yamahata@intel.com> > > TDX private host key id is assigned to guest TD. The memory controller > encrypts guest TD memory with the assigned TDX private host key id (HIKD). ^ HKID. And since you already mentioned in the first sentence, you can put (HKID) part there. And I think you can just use HKID in the rest places to save some typing as this is the purpose of using (HKID) I suppose. [...] > > +/* TDX KeyID pool */ > +static DEFINE_IDA(tdx_keyid_pool); > + > +int tdx_keyid_alloc(void) > +{ > + if (WARN_ON_ONCE(!tdx_keyid_start || !tdx_keyid_num)) > + return -EINVAL; > + > + /* The first keyID is reserved for the global key. */ > + return ida_alloc_range(&tdx_keyid_pool, tdx_keyid_start + 1, > + tdx_keyid_start + tdx_keyid_num - 1, > + GFP_KERNEL); > +} > +EXPORT_SYMBOL_GPL(tdx_keyid_alloc); > + > +void tdx_keyid_free(int keyid) > +{ > + /* keyid = 0 is reserved. */ > + if (!keyid || keyid <= 0) > + return; Double check of keyid == 0. I think you can just use: if (keyid <= tdx_keyid_start) return; And/or add a WARN() as it's a bug if above happens. > + > + ida_free(&tdx_keyid_pool, keyid); > +} > +EXPORT_SYMBOL_GPL(tdx_keyid_free); > + > static void __init tdx_memory_destroy(void) > { > while (!list_empty(&tdx_memlist)) {
On Tue, Nov 08, 2022 at 09:16:57AM +0000, "Huang, Kai" <kai.huang@intel.com> wrote: > On Sat, 2022-10-29 at 23:22 -0700, isaku.yamahata@intel.com wrote: > > From: Isaku Yamahata <isaku.yamahata@intel.com> > > > > TDX private host key id is assigned to guest TD. The memory controller > > encrypts guest TD memory with the assigned TDX private host key id (HIKD). > ^ > HKID. > > And since you already mentioned in the first sentence, you can put (HKID) part > there. And I think you can just use HKID in the rest places to save some typing > as this is the purpose of using (HKID) I suppose. > > [...] > > > > > +/* TDX KeyID pool */ > > +static DEFINE_IDA(tdx_keyid_pool); > > + > > +int tdx_keyid_alloc(void) > > +{ > > + if (WARN_ON_ONCE(!tdx_keyid_start || !tdx_keyid_num)) > > + return -EINVAL; > > + > > + /* The first keyID is reserved for the global key. */ > > + return ida_alloc_range(&tdx_keyid_pool, tdx_keyid_start + 1, > > + tdx_keyid_start + tdx_keyid_num - 1, > > + GFP_KERNEL); > > +} > > +EXPORT_SYMBOL_GPL(tdx_keyid_alloc); > > + > > +void tdx_keyid_free(int keyid) > > +{ > > + /* keyid = 0 is reserved. */ > > + if (!keyid || keyid <= 0) > > + return; > > Double check of keyid == 0. > > I think you can just use: > > if (keyid <= tdx_keyid_start) > return; > > And/or add a WARN() as it's a bug if above happens. Ok. Will fix it with WARN().
diff --git a/arch/x86/include/asm/tdx.h b/arch/x86/include/asm/tdx.h index ba2e4c69fb9f..cd304d323d33 100644 --- a/arch/x86/include/asm/tdx.h +++ b/arch/x86/include/asm/tdx.h @@ -186,6 +186,17 @@ struct tdsysinfo_struct { const struct tdsysinfo_struct *tdx_get_sysinfo(void); bool platform_tdx_enabled(void); int tdx_enable(void); + +/* + * Key id globally used by TDX module: TDX module maps TDR with this TDX global + * key id. TDR includes key id assigned to the TD. Then TDX module maps other + * TD-related pages with the assigned key id. TDR requires this TDX global key + * id for cache flush unlike other TD-related pages. + */ +extern u32 tdx_global_keyid __read_mostly; +int tdx_keyid_alloc(void); +void tdx_keyid_free(int keyid); + u64 __seamcall(u64 op, u64 rcx, u64 rdx, u64 r8, u64 r9, struct tdx_module_output *out); #else /* !CONFIG_INTEL_TDX_HOST */ @@ -193,6 +204,8 @@ struct tdsysinfo_struct; static inline const struct tdsysinfo_struct *tdx_get_sysinfo(void) { return NULL; } static inline bool platform_tdx_enabled(void) { return false; } static inline int tdx_enable(void) { return -ENODEV; } +static inline int tdx_keyid_alloc(void) { return -EOPNOTSUPP; } +static inline void tdx_keyid_free(int keyid) { } #endif /* CONFIG_INTEL_TDX_HOST */ #endif /* !__ASSEMBLY__ */ diff --git a/arch/x86/virt/vmx/tdx/tdx.c b/arch/x86/virt/vmx/tdx/tdx.c index 6fb630fa7d09..0625ced219d7 100644 --- a/arch/x86/virt/vmx/tdx/tdx.c +++ b/arch/x86/virt/vmx/tdx/tdx.c @@ -64,7 +64,8 @@ static struct cmr_info tdx_cmr_array[MAX_CMRS] __aligned(CMR_INFO_ARRAY_ALIGNMEN static int tdx_cmr_num; /* TDX module global KeyID. Used in TDH.SYS.CONFIG ABI. */ -static u32 tdx_global_keyid; +u32 tdx_global_keyid __read_mostly; +EXPORT_SYMBOL_GPL(tdx_global_keyid); /* * Detect TDX private KeyIDs to see whether TDX has been enabled by the @@ -113,6 +114,31 @@ static void __init clear_tdx(void) tdx_keyid_start = tdx_keyid_num = 0; } +/* TDX KeyID pool */ +static DEFINE_IDA(tdx_keyid_pool); + +int tdx_keyid_alloc(void) +{ + if (WARN_ON_ONCE(!tdx_keyid_start || !tdx_keyid_num)) + return -EINVAL; + + /* The first keyID is reserved for the global key. */ + return ida_alloc_range(&tdx_keyid_pool, tdx_keyid_start + 1, + tdx_keyid_start + tdx_keyid_num - 1, + GFP_KERNEL); +} +EXPORT_SYMBOL_GPL(tdx_keyid_alloc); + +void tdx_keyid_free(int keyid) +{ + /* keyid = 0 is reserved. */ + if (!keyid || keyid <= 0) + return; + + ida_free(&tdx_keyid_pool, keyid); +} +EXPORT_SYMBOL_GPL(tdx_keyid_free); + static void __init tdx_memory_destroy(void) { while (!list_empty(&tdx_memlist)) {