From patchwork Fri Dec 9 13:25:20 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Kirill A. Shutemov" X-Patchwork-Id: 2815 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:adf:f944:0:0:0:0:0 with SMTP id q4csp776991wrr; Fri, 9 Dec 2022 05:34:16 -0800 (PST) X-Google-Smtp-Source: AA0mqf7F/BOcJJLZCtuarUQGNKIwC1TGD3+UuI+Uv9NtsvUMSA86llPuTgO0X8bZ14l/S3fwEavE X-Received: by 2002:a17:907:629d:b0:7c1:ad6:7333 with SMTP id nd29-20020a170907629d00b007c10ad67333mr7071134ejc.10.1670592855855; Fri, 09 Dec 2022 05:34:15 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1670592855; cv=none; d=google.com; s=arc-20160816; b=vYn5NDgkLrsual/9NegmlNWNgP2UiSBId+efqdsD5ajsyig6HdGAavQSPEiv+SfFSG KIaIKyucudGXRl5xByl6WPdMJ9kdRuuH8xiTEX+iDQdokqjf5J1F5zuQfR36C1tZSTiQ DLPJjhWPIEXQXezt/ITtebZSF5Zw1nHhtd9Cup15lUeYRQ3bfE2pq+wvHGAqSmqoyH9s CEvzvTWafv4cp6GyzKOczzcwDUoNaMz/6dWPVn0CT2P+jFknZ4ltvuD2OCTSArurgeES VUelBd/RVDmfrhRyPZZlwwX934+4j0u67hlTm8mUCpqp8U9q8H4TugVx7g+vG1WAwEz4 5bRQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :message-id:date:subject:cc:to:from:dkim-signature; bh=2q1+R0Mkh2qMBkHDarDBwZx4rsJKO8lRXnt/icE9zZ4=; b=eZZdX7RxTBRkldXshHHHr86n8d8zvWogyLNuzmMzFyWNb8lO+BW2C/nL7vHYYls4ay qr12AqLYkDFbgqSQJIa7w4u3UX3OqVkHJepGCeblusOaciPQehIEuMK14/MjNJiFSEwZ jLTeT/ijJcD053PsleN4X7fD3TOdHPkonwPfpywo3Bl1Co0V4po7yOK3B49YFcv8kIr5 X63XGoI0IKRo4HyKb5c81JpE/OtLPFimYgzC7LAF152l0RuKE2z2mMXEi7euoosR1w0v KWkJlQxqq5k0pDfce+QilC4VL+M9Xx/oR2kWXP08IM2T3vyGVPQKw8QwDOu5fwv6/5GZ FuoQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b=aKP5ek4m; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id du16-20020a17090772d000b00783b75ec298si1259741ejc.395.2022.12.09.05.33.51; Fri, 09 Dec 2022 05:34:15 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b=aKP5ek4m; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229905AbiLINZt (ORCPT + 99 others); Fri, 9 Dec 2022 08:25:49 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:40842 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229677AbiLINZj (ORCPT ); Fri, 9 Dec 2022 08:25:39 -0500 Received: from mga14.intel.com (mga14.intel.com [192.55.52.115]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 5DA8E3FB95 for ; Fri, 9 Dec 2022 05:25:38 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1670592338; x=1702128338; h=from:to:cc:subject:date:message-id:mime-version: content-transfer-encoding; bh=BSrPUYonGntiTXzc7J4wwmhKstgGiqEhA6jFvc+d+NI=; b=aKP5ek4m6ufnjFSsZr7brhDvHBoiyxXfpexg5mLP9DXFHtCnUrfFxK2U OU834nMm7MbPZE9P0Eu2seUuRZSeWIHyy8VzdSX/1j9xhVCEfpJ8j9sin KW4obKwa4k6xZZlVj+zn1qchPXfX75Ie6g4ItR5/50MY+htQ9KwoydpUg hzR8T9BIPvDffUDhsEaKh54Bq0H824mlrKoSSwZFyS3dkRFaOxEwwt51F aZBXGsudB85hdtstVSegeO7O30QJrm4tMXFn6h4nckSuDOPy1JfOjAdNi G2aE7PAaH+9Df2ISmfJe9bcuhBjlHrhO99/SfvYwwCYcjmNyRbLQphcJQ g==; X-IronPort-AV: E=McAfee;i="6500,9779,10556"; a="317483319" X-IronPort-AV: E=Sophos;i="5.96,230,1665471600"; d="scan'208";a="317483319" Received: from fmsmga006.fm.intel.com ([10.253.24.20]) by fmsmga103.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 09 Dec 2022 05:25:36 -0800 X-IronPort-AV: E=McAfee;i="6500,9779,10556"; a="892670382" X-IronPort-AV: E=Sophos;i="5.96,230,1665471600"; d="scan'208";a="892670382" Received: from elinares-mobl.ger.corp.intel.com (HELO box.shutemov.name) ([10.249.38.98]) by fmsmga006-auth.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 09 Dec 2022 05:25:33 -0800 Received: by box.shutemov.name (Postfix, from userid 1000) id 3AACD109CE2; Fri, 9 Dec 2022 16:25:31 +0300 (+03) From: "Kirill A. Shutemov" To: Dave Hansen , Borislav Petkov , Andy Lutomirski Cc: Kuppuswamy Sathyanarayanan , Thomas Gleixner , Elena Reshetova , x86@kernel.org, linux-coco@lists.linux.dev, linux-kernel@vger.kernel.org, "Kirill A. Shutemov" Subject: [PATCH 0/4] x86/tdx: Changes for TDX guest initialization Date: Fri, 9 Dec 2022 16:25:20 +0300 Message-Id: <20221209132524.20200-1-kirill.shutemov@linux.intel.com> X-Mailer: git-send-email 2.38.0 MIME-Version: 1.0 X-Spam-Status: No, score=-7.0 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_EF,RCVD_IN_DNSWL_HI,SPF_HELO_NONE, SPF_NONE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1751743574127919718?= X-GMAIL-MSGID: =?utf-8?q?1751743574127919718?= Several changes to TDX initialization: - Make early panic message visible to user; - Relax SEPT_VE_DISABLE for debug TD. It helps to investigate bugs resulting in access of unaccepted memory. - Make sure NOTIFY_ENABLES is off to eliminate possible source of random #VE. The patchset makes use of ReportFatalError TDVMCALL. The definition of the TDVMCALL has changed in recent GHCI update[1]. It now requires more arguments handled by __tdx_hypercall(). The patch that expands __tdx_hypercall() is the same as the patch included in TDX guest enabling for Hyper-V. [1] https://cdrdv2.intel.com/v1/dl/getContent/726790 Kirill A. Shutemov (4): x86/tdx: Expand __tdx_hypercall() to handle more arguments x86/tdx: Use ReportFatalError to report missing SEPT_VE_DISABLE x86/tdx: Relax SEPT_VE_DISABLE check for debug TD x86/tdx: Disable NOTIFY_ENABLES arch/x86/coco/tdx/tdcall.S | 82 ++++++++++++++++++++++--------- arch/x86/coco/tdx/tdx.c | 57 ++++++++++++++++++++- arch/x86/include/asm/shared/tdx.h | 6 +++ arch/x86/kernel/asm-offsets.c | 6 +++ 4 files changed, 125 insertions(+), 26 deletions(-)