Message ID | 20231115120044.8034-7-kirill.shutemov@linux.intel.com |
---|---|
State | New |
Headers |
Return-Path: <linux-kernel-owner@vger.kernel.org> Delivered-To: ouuuleilei@gmail.com Received: by 2002:a59:b909:0:b0:403:3b70:6f57 with SMTP id t9csp2486062vqg; Wed, 15 Nov 2023 04:02:34 -0800 (PST) X-Google-Smtp-Source: AGHT+IFSRHuYnOZmVtI7jwMSJUswJA+EV1UCnnSnBNBCtt3ax1FHJLWKmdO0nnVoAgcxhmhMzvVT X-Received: by 2002:a05:6a20:4420:b0:13a:e955:d958 with SMTP id ce32-20020a056a20442000b0013ae955d958mr11006060pzb.7.1700049753911; Wed, 15 Nov 2023 04:02:33 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1700049753; cv=none; d=google.com; s=arc-20160816; b=Ax+ouBWiyQdLBVmfnU8hKnCAFbMbPhv3I6osEZeyldUckG5bn/A1F1AHknAUJWN98J dE24/3OQRvVZZVuadSwdQZNAHDaEeKLmQjBMmrxf8FLuteT8VedeQcfAPr2U3pXqumNT yZq08T+Lyqjmf2E452bODImQWvaW0AU7ZKkbBEguU9+H5b9kqFArbXLPpe8BvqcJrUBN u0WsePNSRPdKnY6YWMC91bAgtd9N+JyuShb7jZ3cnNGSQRfYEGuprjDWuQeu1LfuMx0M 246eAPVXW1TwknVfmIXIr2yaDYEy7eGd4miLItgm1Zbf+fEkZ30aMx056e+kavUff/i5 Eltw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=jif1ziLT7c511a0O426hkyoGuiqyqgCP8fPSYzvFlss=; fh=OvJRnOqsMTm9XoNmEwebcqh9Ud7yh1CTeKAP84ols98=; b=yJlok/yr6oiZgFEJO4m/kXN+gRmeHevcHxvoJWxd4rwY+ZuJoyZ2f1ThydrRJ9Ixij svDiAIadFPz/CK9ue9ZsyFjricJ//QGSyeHBZjuVFHvqc6hfNysgYbzitSZ5NHVTua6U Kt9Sw6RSnDhWuUB8icFAx6jUiQnSXNKiYdcxFRU0c7KUvyAWlnrS2/m0CNUWgoC2I9++ f0ghX4Iyn+d397CODNA/vZxFOATVEB6apcFi8omzF+81Wnw4nl4pngvI6I/qkjOmDNUD 1mN2vJfIeZvCvmhaU7zaPD42m/dXpu0cQTXnUq1cEI7eLVIIy6SH7N+r5CAtVp1Jibtt xODg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b=lMzG4Zbm; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.33 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: from lipwig.vger.email (lipwig.vger.email. [23.128.96.33]) by mx.google.com with ESMTPS id bo11-20020a056a000e8b00b006c320b98b74si9983280pfb.369.2023.11.15.04.02.33 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 15 Nov 2023 04:02:33 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.33 as permitted sender) client-ip=23.128.96.33; Authentication-Results: mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b=lMzG4Zbm; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.33 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: from out1.vger.email (depot.vger.email [IPv6:2620:137:e000::3:0]) by lipwig.vger.email (Postfix) with ESMTP id 811A580254E9; Wed, 15 Nov 2023 04:02:23 -0800 (PST) X-Virus-Status: Clean X-Virus-Scanned: clamav-milter 0.103.11 at lipwig.vger.email Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1343758AbjKOMBm (ORCPT <rfc822;heyuhang3455@gmail.com> + 28 others); Wed, 15 Nov 2023 07:01:42 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:49514 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1343727AbjKOMB3 (ORCPT <rfc822;linux-kernel@vger.kernel.org>); Wed, 15 Nov 2023 07:01:29 -0500 Received: from mgamail.intel.com (mgamail.intel.com [134.134.136.65]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id CB20F11D for <linux-kernel@vger.kernel.org>; Wed, 15 Nov 2023 04:01:25 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1700049685; x=1731585685; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=EufwntLcxHa17lX7vkyRAITUbajJMYhr8ams+J+dhGY=; b=lMzG4Zbm3y94ets4a4RAtnwoU66X4f/3PsjBqJyZjyn+twVODAXEfcmj m7WvRu9fJUiEE1rF1t8p+3CQaq4p6jHRcyBDsdRgcpEAKyRXinr+aCwFu xid6A9xXfrnthJ31qhwmlUIMdgN32TTZvQRl7Nin2RbGBMq9eTCmyDzM3 VAWno9HTLTAE/r48vOg5xrEiwafpYb+9OkXsJToDi7HDwwaLcQQMJrIZv 6zam/XHJXUDqvBbIswX0nGTHYeyFqTm12xrMNEH9gNOwvA12ATGVYpoP/ xAf/zucWeLy1K48y78j3fGv6oBsqg8kn6eRp9VPKqDex8cB8EZcPZ6zIW Q==; X-IronPort-AV: E=McAfee;i="6600,9927,10894"; a="394780425" X-IronPort-AV: E=Sophos;i="6.03,304,1694761200"; d="scan'208";a="394780425" Received: from fmviesa001.fm.intel.com ([10.60.135.141]) by orsmga103.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 15 Nov 2023 04:01:25 -0800 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="6.03,304,1694761200"; d="scan'208";a="13160242" Received: from mituomis-mobl.ger.corp.intel.com (HELO box.shutemov.name) ([10.249.44.135]) by smtpauth.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 15 Nov 2023 04:01:20 -0800 Received: by box.shutemov.name (Postfix, from userid 1000) id 6F3B710A22F; Wed, 15 Nov 2023 15:01:12 +0300 (+03) From: "Kirill A. Shutemov" <kirill.shutemov@linux.intel.com> To: Thomas Gleixner <tglx@linutronix.de>, Ingo Molnar <mingo@redhat.com>, Borislav Petkov <bp@alien8.de>, Dave Hansen <dave.hansen@linux.intel.com>, x86@kernel.org Cc: "Rafael J. Wysocki" <rafael@kernel.org>, Peter Zijlstra <peterz@infradead.org>, Adrian Hunter <adrian.hunter@intel.com>, Kuppuswamy Sathyanarayanan <sathyanarayanan.kuppuswamy@linux.intel.com>, Elena Reshetova <elena.reshetova@intel.com>, Jun Nakajima <jun.nakajima@intel.com>, Rick Edgecombe <rick.p.edgecombe@intel.com>, Tom Lendacky <thomas.lendacky@amd.com>, "Kalra, Ashish" <ashish.kalra@amd.com>, Sean Christopherson <seanjc@google.com>, "Huang, Kai" <kai.huang@intel.com>, Baoquan He <bhe@redhat.com>, kexec@lists.infradead.org, linux-coco@lists.linux.dev, linux-kernel@vger.kernel.org, "Kirill A. Shutemov" <kirill.shutemov@linux.intel.com> Subject: [PATCHv3 06/14] x86/kexec: Keep CR4.MCE set during kexec for TDX guest Date: Wed, 15 Nov 2023 15:00:36 +0300 Message-ID: <20231115120044.8034-7-kirill.shutemov@linux.intel.com> X-Mailer: git-send-email 2.41.0 In-Reply-To: <20231115120044.8034-1-kirill.shutemov@linux.intel.com> References: <20231115120044.8034-1-kirill.shutemov@linux.intel.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Spam-Status: No, score=-0.9 required=5.0 tests=DKIMWL_WL_HIGH,DKIM_SIGNED, DKIM_VALID,HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI, SPF_HELO_NONE,SPF_PASS,T_SCC_BODY_TEXT_LINE autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lipwig.vger.email Precedence: bulk List-ID: <linux-kernel.vger.kernel.org> X-Mailing-List: linux-kernel@vger.kernel.org X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.6.4 (lipwig.vger.email [0.0.0.0]); Wed, 15 Nov 2023 04:02:23 -0800 (PST) X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1782631370577741307 X-GMAIL-MSGID: 1782631370577741307 |
Series |
x86/tdx: Add kexec support
|
|
Commit Message
Kirill A. Shutemov
Nov. 15, 2023, noon UTC
TDX guests are not allowed to clear CR4.MCE. Attempt to clear it leads to #VE. Use alternatives to keep the flag during kexec for TDX guests. The change doesn't affect non-TDX-guest environments. Signed-off-by: Kirill A. Shutemov <kirill.shutemov@linux.intel.com> Reviewed-by: Kai Huang <kai.huang@intel.com> --- arch/x86/kernel/relocate_kernel_64.S | 5 +++++ 1 file changed, 5 insertions(+)
Comments
On Wed, Nov 15, 2023 at 03:00:36PM +0300, Kirill A. Shutemov wrote: > TDX guests are not allowed to clear CR4.MCE. Attempt to clear it leads > to #VE. > > Use alternatives to keep the flag during kexec for TDX guests. > > The change doesn't affect non-TDX-guest environments. > > Signed-off-by: Kirill A. Shutemov <kirill.shutemov@linux.intel.com> > Reviewed-by: Kai Huang <kai.huang@intel.com> > --- > arch/x86/kernel/relocate_kernel_64.S | 5 +++++ > 1 file changed, 5 insertions(+) > > diff --git a/arch/x86/kernel/relocate_kernel_64.S b/arch/x86/kernel/relocate_kernel_64.S > index 56cab1bb25f5..bea89814b48e 100644 > --- a/arch/x86/kernel/relocate_kernel_64.S > +++ b/arch/x86/kernel/relocate_kernel_64.S > @@ -145,11 +145,16 @@ SYM_CODE_START_LOCAL_NOALIGN(identity_mapped) > * Set cr4 to a known state: > * - physical address extension enabled > * - 5-level paging, if it was enabled before > + * - Machine check exception on TDX guest. Clearing MCE is not allowed > + * in TDX guests. > */ > movl $X86_CR4_PAE, %eax > testq $X86_CR4_LA57, %r13 > jz 1f > orl $X86_CR4_LA57, %eax > +1: > + ALTERNATIVE "jmp 1f", "", X86_FEATURE_TDX_GUEST > + orl $X86_CR4_MCE, %eax > 1: ALTERNATIVE "", "orl $X86_CR4_MCE, %eax", X86_FEATURE_TDX_GUEST ? > movq %rax, %cr4 > > -- > 2.41.0 >
On Wed, Nov 15, 2023 at 01:23:43PM +0100, Peter Zijlstra wrote: > On Wed, Nov 15, 2023 at 03:00:36PM +0300, Kirill A. Shutemov wrote: > > TDX guests are not allowed to clear CR4.MCE. Attempt to clear it leads > > to #VE. > > > > Use alternatives to keep the flag during kexec for TDX guests. > > > > The change doesn't affect non-TDX-guest environments. > > > > Signed-off-by: Kirill A. Shutemov <kirill.shutemov@linux.intel.com> > > Reviewed-by: Kai Huang <kai.huang@intel.com> > > --- > > arch/x86/kernel/relocate_kernel_64.S | 5 +++++ > > 1 file changed, 5 insertions(+) > > > > diff --git a/arch/x86/kernel/relocate_kernel_64.S b/arch/x86/kernel/relocate_kernel_64.S > > index 56cab1bb25f5..bea89814b48e 100644 > > --- a/arch/x86/kernel/relocate_kernel_64.S > > +++ b/arch/x86/kernel/relocate_kernel_64.S > > @@ -145,11 +145,16 @@ SYM_CODE_START_LOCAL_NOALIGN(identity_mapped) > > * Set cr4 to a known state: > > * - physical address extension enabled > > * - 5-level paging, if it was enabled before > > + * - Machine check exception on TDX guest. Clearing MCE is not allowed > > + * in TDX guests. > > */ > > movl $X86_CR4_PAE, %eax > > testq $X86_CR4_LA57, %r13 > > jz 1f > > orl $X86_CR4_LA57, %eax > > +1: > > + ALTERNATIVE "jmp 1f", "", X86_FEATURE_TDX_GUEST > > + orl $X86_CR4_MCE, %eax > > 1: > > ALTERNATIVE "", "orl $X86_CR4_MCE, %eax", X86_FEATURE_TDX_GUEST > > ? Oh. Right. Silly me. Will fix.
diff --git a/arch/x86/kernel/relocate_kernel_64.S b/arch/x86/kernel/relocate_kernel_64.S index 56cab1bb25f5..bea89814b48e 100644 --- a/arch/x86/kernel/relocate_kernel_64.S +++ b/arch/x86/kernel/relocate_kernel_64.S @@ -145,11 +145,16 @@ SYM_CODE_START_LOCAL_NOALIGN(identity_mapped) * Set cr4 to a known state: * - physical address extension enabled * - 5-level paging, if it was enabled before + * - Machine check exception on TDX guest. Clearing MCE is not allowed + * in TDX guests. */ movl $X86_CR4_PAE, %eax testq $X86_CR4_LA57, %r13 jz 1f orl $X86_CR4_LA57, %eax +1: + ALTERNATIVE "jmp 1f", "", X86_FEATURE_TDX_GUEST + orl $X86_CR4_MCE, %eax 1: movq %rax, %cr4