Commit Message
Isaku Yamahata
Oct. 30, 2022, 6:23 a.m. UTC
From: Isaku Yamahata <isaku.yamahata@intel.com> TDX defines an API to run TDX vcpu with its own ABI. Define an assembly helper function to run TDX vcpu to hide the special ABI so that C code can call it with function call ABI. Signed-off-by: Isaku Yamahata <isaku.yamahata@intel.com> --- arch/x86/kvm/vmx/vmenter.S | 157 +++++++++++++++++++++++++++++++++++++ 1 file changed, 157 insertions(+)
Comments
> TDX defines an API to run TDX vcpu with its own ABI. Define an assembly > helper function to run TDX vcpu to hide the special ABI so that C code can > call it with function call ABI. > Signed-off-by: Isaku Yamahata <isaku.yamahata@intel.com> > --- > arch/x86/kvm/vmx/vmenter.S | 157 +++++++++++++++++++++++++++++++++++++ > 1 file changed, 157 insertions(+) > diff --git a/arch/x86/kvm/vmx/vmenter.S b/arch/x86/kvm/vmx/vmenter.S > index 8477d8bdd69c..9066eea1ede5 100644 > --- a/arch/x86/kvm/vmx/vmenter.S > +++ b/arch/x86/kvm/vmx/vmenter.S > @@ -3,6 +3,7 @@ > #include <asm/asm.h> > #include <asm/asm-offsets.h> > #include <asm/bitsperlong.h> > +#include <asm/errno.h> > #include <asm/kvm_vcpu_regs.h> > #include <asm/nospec-branch.h> > #include <asm/percpu.h> > @@ -31,6 +32,13 @@ > #define VCPU_R15 __VCPU_REGS_R15 * WORD_SIZE > #endif > +#ifdef CONFIG_INTEL_TDX_HOST > +#define TDENTER 0 > +#define EXIT_REASON_TDCALL 77 > +#define TDENTER_ERROR_BIT 63 > +#define seamcall .byte 0x66,0x0f,0x01,0xcf > +#endif > + > .section .noinstr.text, "ax" > /** > @@ -350,3 +358,152 @@ SYM_FUNC_START(vmx_do_interrupt_nmi_irqoff) > pop %_ASM_BP > RET > SYM_FUNC_END(vmx_do_interrupt_nmi_irqoff) > + > +#ifdef CONFIG_INTEL_TDX_HOST > + > +.pushsection .noinstr.text, "ax" > + > +/** > + * __tdx_vcpu_run - Call SEAMCALL(TDENTER) to run a TD vcpu > + * @tdvpr: physical address of TDVPR > + * @regs: void * (to registers of TDVCPU) > + * @gpr_mask: non-zero if guest registers need to be loaded prior to > TDENTER > + * > + * Returns: > + * TD-Exit Reason > + * > + * Note: KVM doesn't support using XMM in its hypercalls, it's the HyperV > + * code's responsibility to save/restore XMM registers on TDVMCALL. > + */ > +SYM_FUNC_START(__tdx_vcpu_run) > + push %rbp > + mov %rsp, %rbp > + > + push %r15 > + push %r14 > + push %r13 > + push %r12 > + push %rbx > + > + /* Save @regs, which is needed after TDENTER to capture output. */ > + push %rsi > + > + /* Load @tdvpr to RCX */ > + mov %rdi, %rcx > + > + /* No need to load guest GPRs if the last exit wasn't a TDVMCALL. */ > + test %dx, %dx > + je 1f > + > + /* Load @regs to RAX, which will be clobbered with $TDENTER anyways. */ > + mov %rsi, %rax > + > + mov VCPU_RBX(%rax), %rbx > + mov VCPU_RDX(%rax), %rdx > + mov VCPU_RBP(%rax), %rbp > + mov VCPU_RSI(%rax), %rsi > + mov VCPU_RDI(%rax), %rdi > + > + mov VCPU_R8 (%rax), %r8 > + mov VCPU_R9 (%rax), %r9 > + mov VCPU_R10(%rax), %r10 > + mov VCPU_R11(%rax), %r11 > + mov VCPU_R12(%rax), %r12 > + mov VCPU_R13(%rax), %r13 > + mov VCPU_R14(%rax), %r14 > + mov VCPU_R15(%rax), %r15 > + > + /* Load TDENTER to RAX. This kills the @regs pointer! */ > +1: mov $TDENTER, %rax > + > +2: seamcall > + > + /* > + * Use same return value convention to tdxcall.S. > + * TDX_SEAMCALL_VMFAILINVALID doesn't conflict with any TDX status code. > + */ > + jnc 3f > + mov $TDX_SEAMCALL_VMFAILINVALID, %rax > + jmp 5f > +3: > + > + /* Skip to the exit path if TDENTER failed. */ > + bt $TDENTER_ERROR_BIT, %rax > + jc 5f > + > + /* Temporarily save the TD-Exit reason. */ > + push %rax > + > + /* check if TD-exit due to TDVMCALL */ > + cmp $EXIT_REASON_TDCALL, %ax > + > + /* Reload @regs to RAX. */ > + mov 8(%rsp), %rax > + > + /* Jump on non-TDVMCALL */ > + jne 4f > + > + /* Save all output from SEAMCALL(TDENTER) */ > + mov %rbx, VCPU_RBX(%rax) > + mov %rbp, VCPU_RBP(%rax) > + mov %rsi, VCPU_RSI(%rax) > + mov %rdi, VCPU_RDI(%rax) > + mov %r10, VCPU_R10(%rax) > + mov %r11, VCPU_R11(%rax) > + mov %r12, VCPU_R12(%rax) > + mov %r13, VCPU_R13(%rax) > + mov %r14, VCPU_R14(%rax) > + mov %r15, VCPU_R15(%rax) > + > +4: mov %rcx, VCPU_RCX(%rax) > + mov %rdx, VCPU_RDX(%rax) > + mov %r8, VCPU_R8 (%rax) > + mov %r9, VCPU_R9 (%rax) > + > + /* > + * Clear all general purpose registers except RSP and RAX to prevent > + * speculative use of the guest's values. > + */ > + xor %rbx, %rbx > + xor %rcx, %rcx > + xor %rdx, %rdx > + xor %rsi, %rsi > + xor %rdi, %rdi > + xor %rbp, %rbp > + xor %r8, %r8 > + xor %r9, %r9 > + xor %r10, %r10 > + xor %r11, %r11 > + xor %r12, %r12 > + xor %r13, %r13 > + xor %r14, %r14 > + xor %r15, %r15 > + > + /* Restore the TD-Exit reason to RAX for return. */ > + pop %rax > + > + /* "POP" @regs. */ > +5: add $8, %rsp > + pop %rbx > + pop %r12 > + pop %r13 > + pop %r14 > + pop %r15 > + > + pop %rbp > + RET > + > +6: cmpb $0, kvm_rebooting > + je 1f > + mov $TDX_SW_ERROR, %r12 While compiling the tree at https://github.com/intel/tdx/tree/kvm-upstream, it seems like compilation was failing because TDX_SW_ERROR was not defined. Perhaps asm/tdx.h needs to be added. > + orq %r12, %rax > + jmp 5b > +1: ud2 > + /* Use FAULT version to know what fault happened. */ > + _ASM_EXTABLE_FAULT(2b, 6b) > + > +SYM_FUNC_END(__tdx_vcpu_run) > + > +.popsection > + > +#endif > -- > 2.25.1
diff --git a/arch/x86/kvm/vmx/vmenter.S b/arch/x86/kvm/vmx/vmenter.S index 8477d8bdd69c..9066eea1ede5 100644 --- a/arch/x86/kvm/vmx/vmenter.S +++ b/arch/x86/kvm/vmx/vmenter.S @@ -3,6 +3,7 @@ #include <asm/asm.h> #include <asm/asm-offsets.h> #include <asm/bitsperlong.h> +#include <asm/errno.h> #include <asm/kvm_vcpu_regs.h> #include <asm/nospec-branch.h> #include <asm/percpu.h> @@ -31,6 +32,13 @@ #define VCPU_R15 __VCPU_REGS_R15 * WORD_SIZE #endif +#ifdef CONFIG_INTEL_TDX_HOST +#define TDENTER 0 +#define EXIT_REASON_TDCALL 77 +#define TDENTER_ERROR_BIT 63 +#define seamcall .byte 0x66,0x0f,0x01,0xcf +#endif + .section .noinstr.text, "ax" /** @@ -350,3 +358,152 @@ SYM_FUNC_START(vmx_do_interrupt_nmi_irqoff) pop %_ASM_BP RET SYM_FUNC_END(vmx_do_interrupt_nmi_irqoff) + +#ifdef CONFIG_INTEL_TDX_HOST + +.pushsection .noinstr.text, "ax" + +/** + * __tdx_vcpu_run - Call SEAMCALL(TDENTER) to run a TD vcpu + * @tdvpr: physical address of TDVPR + * @regs: void * (to registers of TDVCPU) + * @gpr_mask: non-zero if guest registers need to be loaded prior to TDENTER + * + * Returns: + * TD-Exit Reason + * + * Note: KVM doesn't support using XMM in its hypercalls, it's the HyperV + * code's responsibility to save/restore XMM registers on TDVMCALL. + */ +SYM_FUNC_START(__tdx_vcpu_run) + push %rbp + mov %rsp, %rbp + + push %r15 + push %r14 + push %r13 + push %r12 + push %rbx + + /* Save @regs, which is needed after TDENTER to capture output. */ + push %rsi + + /* Load @tdvpr to RCX */ + mov %rdi, %rcx + + /* No need to load guest GPRs if the last exit wasn't a TDVMCALL. */ + test %dx, %dx + je 1f + + /* Load @regs to RAX, which will be clobbered with $TDENTER anyways. */ + mov %rsi, %rax + + mov VCPU_RBX(%rax), %rbx + mov VCPU_RDX(%rax), %rdx + mov VCPU_RBP(%rax), %rbp + mov VCPU_RSI(%rax), %rsi + mov VCPU_RDI(%rax), %rdi + + mov VCPU_R8 (%rax), %r8 + mov VCPU_R9 (%rax), %r9 + mov VCPU_R10(%rax), %r10 + mov VCPU_R11(%rax), %r11 + mov VCPU_R12(%rax), %r12 + mov VCPU_R13(%rax), %r13 + mov VCPU_R14(%rax), %r14 + mov VCPU_R15(%rax), %r15 + + /* Load TDENTER to RAX. This kills the @regs pointer! */ +1: mov $TDENTER, %rax + +2: seamcall + + /* + * Use same return value convention to tdxcall.S. + * TDX_SEAMCALL_VMFAILINVALID doesn't conflict with any TDX status code. + */ + jnc 3f + mov $TDX_SEAMCALL_VMFAILINVALID, %rax + jmp 5f +3: + + /* Skip to the exit path if TDENTER failed. */ + bt $TDENTER_ERROR_BIT, %rax + jc 5f + + /* Temporarily save the TD-Exit reason. */ + push %rax + + /* check if TD-exit due to TDVMCALL */ + cmp $EXIT_REASON_TDCALL, %ax + + /* Reload @regs to RAX. */ + mov 8(%rsp), %rax + + /* Jump on non-TDVMCALL */ + jne 4f + + /* Save all output from SEAMCALL(TDENTER) */ + mov %rbx, VCPU_RBX(%rax) + mov %rbp, VCPU_RBP(%rax) + mov %rsi, VCPU_RSI(%rax) + mov %rdi, VCPU_RDI(%rax) + mov %r10, VCPU_R10(%rax) + mov %r11, VCPU_R11(%rax) + mov %r12, VCPU_R12(%rax) + mov %r13, VCPU_R13(%rax) + mov %r14, VCPU_R14(%rax) + mov %r15, VCPU_R15(%rax) + +4: mov %rcx, VCPU_RCX(%rax) + mov %rdx, VCPU_RDX(%rax) + mov %r8, VCPU_R8 (%rax) + mov %r9, VCPU_R9 (%rax) + + /* + * Clear all general purpose registers except RSP and RAX to prevent + * speculative use of the guest's values. + */ + xor %rbx, %rbx + xor %rcx, %rcx + xor %rdx, %rdx + xor %rsi, %rsi + xor %rdi, %rdi + xor %rbp, %rbp + xor %r8, %r8 + xor %r9, %r9 + xor %r10, %r10 + xor %r11, %r11 + xor %r12, %r12 + xor %r13, %r13 + xor %r14, %r14 + xor %r15, %r15 + + /* Restore the TD-Exit reason to RAX for return. */ + pop %rax + + /* "POP" @regs. */ +5: add $8, %rsp + pop %rbx + pop %r12 + pop %r13 + pop %r14 + pop %r15 + + pop %rbp + RET + +6: cmpb $0, kvm_rebooting + je 1f + mov $TDX_SW_ERROR, %r12 + orq %r12, %rax + jmp 5b +1: ud2 + /* Use FAULT version to know what fault happened. */ + _ASM_EXTABLE_FAULT(2b, 6b) + +SYM_FUNC_END(__tdx_vcpu_run) + +.popsection + +#endif