From patchwork Wed Jan 31 23:09:02 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Paolo Bonzini X-Patchwork-Id: 195045 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a05:693c:2685:b0:106:209c:c626 with SMTP id mn5csp89107dyc; Wed, 31 Jan 2024 15:28:17 -0800 (PST) X-Google-Smtp-Source: AGHT+IECtSNxvX0JmSlUm+DDrxvd9iBToLK3Q9FYVTLECogx7PX+FB0mqiTVdWqR14z3MHjbW0OA X-Received: by 2002:aa7:c3cc:0:b0:55f:43f4:9ba with SMTP id l12-20020aa7c3cc000000b0055f43f409bamr1922172edr.34.1706743697258; Wed, 31 Jan 2024 15:28:17 -0800 (PST) ARC-Seal: i=2; a=rsa-sha256; t=1706743697; cv=pass; d=google.com; s=arc-20160816; b=C+UbM5Prz3azpZ0YwpYXf+mIrTK1/fHQwOYZKIwvexfaxPzdYbU7kIifExXgdWzGEs rZoiC172inp0HYVO8G5FiK9LoPK8tpo8ewhFwi5ibpH8XHgpBSvnEJPz5+7l6ao0HSS/ 33gCqu8RuAjMpf/hgmvd0WJSbJ0XVJY6RwUQ9V16lvM6c2KVBZBjA02HP/jWbsFggOfL d9+cEJJoTCTXGbWrrU02Ma+sVzy+avg8qWYeixGHISRdlVDR5BeW3g84w9H5dYFqGk5E mCQd55DFcOJ5GNwJA+71zoyp/HL49CNpcuJ1FSTOL0ZPK0vovpOp94LBqY7YkfOZbzPT JUqQ== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:list-unsubscribe :list-subscribe:list-id:precedence:references:in-reply-to:message-id :date:subject:cc:to:from:dkim-signature; bh=AVF+MMqBraYuLEZ3nz+rh5hR3QYgKQlXNiv3cB3L9Yk=; fh=Y6DTjTrxqjRq381jXYMILstiV7YjsDBTQNYM7XkRDrY=; b=RjW3V01CYFVbQV6I/BCgPbqlVvOL17xhkEm8MUdNTh/FKgmnz2wtke+QBsrMz3sodu 2tjZ4X7wr+VF2OoXS25ATP3o0s/UZfgvoiUw1VJmhgbcNIWl317UDZ5kibucMzCm2kuX KrclDScq/izbZrpw+TsbfL888X6bXW5m6PJ5ru5o562NIQTodo04PT2T6nRUF1aRwi1U 9aK73aniI9GpFIhomy9w4UR8b8f9XnJkCLlUPanHmRbyEO2Wk/I5m5aXg7PpXxQyBZgP DNKmV+InF9HecWS3IEDTsw8BgBzYPVk3G81WaeJzdGQd9kMOTdHFwI7xPYIARr5mjmem bcng==; dara=google.com ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=ILjcVmBi; arc=pass (i=1 spf=pass spfdomain=redhat.com dkim=pass dkdomain=redhat.com dmarc=pass fromdomain=redhat.com); spf=pass (google.com: domain of linux-kernel+bounces-47343-ouuuleilei=gmail.com@vger.kernel.org designates 147.75.80.249 as permitted sender) smtp.mailfrom="linux-kernel+bounces-47343-ouuuleilei=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com X-Forwarded-Encrypted: i=1; AJvYcCUV/qVhp8k4bCufTNkviEJNP6VHT7GdZEPvVz+HDzRrnjfJ/4W2sm6FQEMdxPV0qwABAP2aqQ/ysoqGK5zfX4/qkmDYog== Received: from am.mirrors.kernel.org (am.mirrors.kernel.org. [147.75.80.249]) by mx.google.com with ESMTPS id cm3-20020a0564020c8300b0055f9278c347si814418edb.645.2024.01.31.15.28.17 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 31 Jan 2024 15:28:17 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel+bounces-47343-ouuuleilei=gmail.com@vger.kernel.org designates 147.75.80.249 as permitted sender) client-ip=147.75.80.249; Authentication-Results: mx.google.com; dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=ILjcVmBi; arc=pass (i=1 spf=pass spfdomain=redhat.com dkim=pass dkdomain=redhat.com dmarc=pass fromdomain=redhat.com); spf=pass (google.com: domain of linux-kernel+bounces-47343-ouuuleilei=gmail.com@vger.kernel.org designates 147.75.80.249 as permitted sender) smtp.mailfrom="linux-kernel+bounces-47343-ouuuleilei=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by am.mirrors.kernel.org (Postfix) with ESMTPS id CD8C91F29F81 for ; Wed, 31 Jan 2024 23:27:43 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id B56A3481DB; Wed, 31 Jan 2024 23:09:19 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=redhat.com header.i=@redhat.com header.b="ILjcVmBi" Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id B33A347F4D for ; Wed, 31 Jan 2024 23:09:13 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=170.10.129.124 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1706742555; cv=none; b=PyNVROv3FdDL7wYsyy5YFz5y4r79qINusQ5hT0F4Ko40i2ZSKgChhNkqa0vnV+uIV6ymTOwq+RRsTsaqMwhQ/l+d3axcxpMxMx9MbooE6t5moeLM/iQTWjp/fst1wbR7QNb/ym4eRKQrfceIgen8J3nwPsla3NqPiWZxnmgVcrA= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1706742555; c=relaxed/simple; bh=4IzgUiiLC2xdXeX/Q2WgpODnZbuMlaMcucIkHRMpcVQ=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=oL+f63E3e8AC6mgtDJrpGEP4fckTahDwbCylmxE8at3oifassNq/5XXjz3fropOHXCF3ifG5PKlZniIFmFLFk59xgFwabPrjaF0PaOHswrx+GrzzKVjK4jHW/5h2tynnsJnFLFJ5rKxJ5cEaen+9IwxIp+O1oJ1uNDDxjXrikyY= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=redhat.com; spf=pass smtp.mailfrom=redhat.com; dkim=pass (1024-bit key) header.d=redhat.com header.i=@redhat.com header.b=ILjcVmBi; arc=none smtp.client-ip=170.10.129.124 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=redhat.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=redhat.com DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1706742552; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=AVF+MMqBraYuLEZ3nz+rh5hR3QYgKQlXNiv3cB3L9Yk=; b=ILjcVmBiDZ2k2kqg9fe1VzZNf5TXYg3pPbwYwAtve9tHPUcj55eToz7htFphsZQKpMtlbd +OgDF6ghGc9BU/Xn3Fylh1OydelHn+fA1M2988BYrzkNEf52KLrPwrzG0yhPfs1Kh1Iv7C CsAfzvyk7TRgBggOzxMjI9DZY7E4BBM= Received: from mail-wm1-f70.google.com (mail-wm1-f70.google.com [209.85.128.70]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-91-WJI2WiYBM0aPMHZiIpgQHw-1; Wed, 31 Jan 2024 18:09:11 -0500 X-MC-Unique: WJI2WiYBM0aPMHZiIpgQHw-1 Received: by mail-wm1-f70.google.com with SMTP id 5b1f17b1804b1-40ef6b8d0f6so2034755e9.2 for ; Wed, 31 Jan 2024 15:09:11 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1706742550; x=1707347350; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=AVF+MMqBraYuLEZ3nz+rh5hR3QYgKQlXNiv3cB3L9Yk=; b=ehiLzbdi3Q7kuOQluwtBTtGx78O8v0jj9w7h6ovwoZfEWxWgGqoMThbkvFyhuHNHB5 W7TSCm3NSYUuv21cvPc7RMiSekKpkrm34gaU2o6PgXHqd6z2XDHYTfwspLNpAkIC4V9I 5aGuS3E27Hs+8iJ75TAGJ8hA2cFWgFiW9t8MQbnoXQJ7XwdrD52XQwBuNlXAclvl4Spu BThYUrP9hNbc1kyvE+pyvXtRs1RIXTL91gOg2NUza/x5FiUsAwq0djUJ8BoNwZqP9y3y Kgth7Oven6249WCNVErACuAiiPkqZP168IA4MSxpNZtGKgf7GhV6bV6eL1EyEgxnqeT/ htIw== X-Gm-Message-State: AOJu0YxOV8YyYL/vHkS6hD/NlgiQKG1kURsS9z0x7RdsIVwtuvu1HY3x j8CAa6r/5fZa/uh3+bVooeFrwUv2fx7VXFXjRSqY5Zi2ioixHulTs8IqLb2L9w+Sj/mzUhooPCh qdojjuNLLYR5YpGkH4nc8JU7o2d6wvyj4piTSbp3iX35WSUB7tjYG6F/WJ/UWke9qxddh2OTFDc /Cf4LlsmoMTlgw+ojMgvzR9OzIQgU95bYdVLs6jQDCxzxHegp0 X-Received: by 2002:a05:600c:1989:b0:40f:b37a:a7ee with SMTP id t9-20020a05600c198900b0040fb37aa7eemr2466371wmq.41.1706742549798; Wed, 31 Jan 2024 15:09:09 -0800 (PST) X-Received: by 2002:a05:600c:1989:b0:40f:b37a:a7ee with SMTP id t9-20020a05600c198900b0040fb37aa7eemr2466349wmq.41.1706742549449; Wed, 31 Jan 2024 15:09:09 -0800 (PST) Received: from [10.10.0.32] ([213.214.41.32]) by smtp.gmail.com with ESMTPSA id fa6-20020a05600c518600b0040efb445698sm2718989wmb.5.2024.01.31.15.09.07 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 31 Jan 2024 15:09:07 -0800 (PST) From: Paolo Bonzini To: linux-kernel@vger.kernel.org, kvm@vger.kernel.org Cc: Zixi Chen , Adam Dunlap , "Kirill A . Shutemov" , Xiaoyao Li , Kai Huang , Dave Hansen , Thomas Gleixner , Ingo Molnar , x86@kernel.org, stable@vger.kernel.org Subject: [PATCH v2 2/2] x86/cpu/intel: Detect TME keyid bits before setting MTRR mask registers Date: Thu, 1 Feb 2024 00:09:02 +0100 Message-ID: <20240131230902.1867092-3-pbonzini@redhat.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20240131230902.1867092-1-pbonzini@redhat.com> References: <20240131230902.1867092-1-pbonzini@redhat.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1789650478821869365 X-GMAIL-MSGID: 1789650478821869365 MKTME repurposes the high bit of physical address to key id for encryption key and, even though MAXPHYADDR in CPUID[0x80000008] remains the same, the valid bits in the MTRR mask register are based on the reduced number of physical address bits. detect_tme() in arch/x86/kernel/cpu/intel.c detects TME and subtracts it from the total usable physical bits, but it is called too late. Move the call to early_init_intel() so that it is called in setup_arch(), before MTRRs are setup. This fixes boot on TDX-enabled systems, which until now only worked with "disable_mtrr_cleanup". Without the patch, the values written to the MTRRs mask registers were 52-bit wide (e.g. 0x000fffff_80000800) and the writes failed; with the patch, the values are 46-bit wide, which matches the reduced MAXPHYADDR that is shown in /proc/cpuinfo. Reported-by: Zixi Chen Cc: Adam Dunlap Cc: Kirill A. Shutemov Cc: Xiaoyao Li Cc: Kai Huang Cc: Dave Hansen Cc: Thomas Gleixner Cc: Ingo Molnar Cc: x86@kernel.org Cc: stable@vger.kernel.org Signed-off-by: Paolo Bonzini Reviewed-by: Kirill A. Shutemov Acked-by: Kai Huang --- arch/x86/kernel/cpu/intel.c | 178 ++++++++++++++++++------------------ 1 file changed, 91 insertions(+), 87 deletions(-) diff --git a/arch/x86/kernel/cpu/intel.c b/arch/x86/kernel/cpu/intel.c index a927a8fc9624..40dec9b56f87 100644 --- a/arch/x86/kernel/cpu/intel.c +++ b/arch/x86/kernel/cpu/intel.c @@ -184,6 +184,90 @@ static bool bad_spectre_microcode(struct cpuinfo_x86 *c) return false; } +#define MSR_IA32_TME_ACTIVATE 0x982 + +/* Helpers to access TME_ACTIVATE MSR */ +#define TME_ACTIVATE_LOCKED(x) (x & 0x1) +#define TME_ACTIVATE_ENABLED(x) (x & 0x2) + +#define TME_ACTIVATE_POLICY(x) ((x >> 4) & 0xf) /* Bits 7:4 */ +#define TME_ACTIVATE_POLICY_AES_XTS_128 0 + +#define TME_ACTIVATE_KEYID_BITS(x) ((x >> 32) & 0xf) /* Bits 35:32 */ + +#define TME_ACTIVATE_CRYPTO_ALGS(x) ((x >> 48) & 0xffff) /* Bits 63:48 */ +#define TME_ACTIVATE_CRYPTO_AES_XTS_128 1 + +/* Values for mktme_status (SW only construct) */ +#define MKTME_ENABLED 0 +#define MKTME_DISABLED 1 +#define MKTME_UNINITIALIZED 2 +static int mktme_status = MKTME_UNINITIALIZED; + +static void detect_tme_early(struct cpuinfo_x86 *c) +{ + u64 tme_activate, tme_policy, tme_crypto_algs; + int keyid_bits = 0, nr_keyids = 0; + static u64 tme_activate_cpu0 = 0; + + rdmsrl(MSR_IA32_TME_ACTIVATE, tme_activate); + + if (mktme_status != MKTME_UNINITIALIZED) { + if (tme_activate != tme_activate_cpu0) { + /* Broken BIOS? */ + pr_err_once("x86/tme: configuration is inconsistent between CPUs\n"); + pr_err_once("x86/tme: MKTME is not usable\n"); + mktme_status = MKTME_DISABLED; + + /* Proceed. We may need to exclude bits from x86_phys_bits. */ + } + } else { + tme_activate_cpu0 = tme_activate; + } + + if (!TME_ACTIVATE_LOCKED(tme_activate) || !TME_ACTIVATE_ENABLED(tme_activate)) { + pr_info_once("x86/tme: not enabled by BIOS\n"); + mktme_status = MKTME_DISABLED; + return; + } + + if (mktme_status != MKTME_UNINITIALIZED) + goto detect_keyid_bits; + + pr_info("x86/tme: enabled by BIOS\n"); + + tme_policy = TME_ACTIVATE_POLICY(tme_activate); + if (tme_policy != TME_ACTIVATE_POLICY_AES_XTS_128) + pr_warn("x86/tme: Unknown policy is active: %#llx\n", tme_policy); + + tme_crypto_algs = TME_ACTIVATE_CRYPTO_ALGS(tme_activate); + if (!(tme_crypto_algs & TME_ACTIVATE_CRYPTO_AES_XTS_128)) { + pr_err("x86/mktme: No known encryption algorithm is supported: %#llx\n", + tme_crypto_algs); + mktme_status = MKTME_DISABLED; + } +detect_keyid_bits: + keyid_bits = TME_ACTIVATE_KEYID_BITS(tme_activate); + nr_keyids = (1UL << keyid_bits) - 1; + if (nr_keyids) { + pr_info_once("x86/mktme: enabled by BIOS\n"); + pr_info_once("x86/mktme: %d KeyIDs available\n", nr_keyids); + } else { + pr_info_once("x86/mktme: disabled by BIOS\n"); + } + + if (mktme_status == MKTME_UNINITIALIZED) { + /* MKTME is usable */ + mktme_status = MKTME_ENABLED; + } + + /* + * KeyID bits effectively lower the number of physical address + * bits. Update cpuinfo_x86::x86_phys_bits accordingly. + */ + c->x86_phys_bits -= keyid_bits; +} + static void early_init_intel(struct cpuinfo_x86 *c) { u64 misc_enable; @@ -322,6 +406,13 @@ static void early_init_intel(struct cpuinfo_x86 *c) */ if (detect_extended_topology_early(c) < 0) detect_ht_early(c); + + /* + * Adjust the number of physical bits early because it affects the + * valid bits of the MTRR mask registers. + */ + if (cpu_has(c, X86_FEATURE_TME)) + detect_tme_early(c); } static void bsp_init_intel(struct cpuinfo_x86 *c) @@ -482,90 +573,6 @@ static void srat_detect_node(struct cpuinfo_x86 *c) #endif } -#define MSR_IA32_TME_ACTIVATE 0x982 - -/* Helpers to access TME_ACTIVATE MSR */ -#define TME_ACTIVATE_LOCKED(x) (x & 0x1) -#define TME_ACTIVATE_ENABLED(x) (x & 0x2) - -#define TME_ACTIVATE_POLICY(x) ((x >> 4) & 0xf) /* Bits 7:4 */ -#define TME_ACTIVATE_POLICY_AES_XTS_128 0 - -#define TME_ACTIVATE_KEYID_BITS(x) ((x >> 32) & 0xf) /* Bits 35:32 */ - -#define TME_ACTIVATE_CRYPTO_ALGS(x) ((x >> 48) & 0xffff) /* Bits 63:48 */ -#define TME_ACTIVATE_CRYPTO_AES_XTS_128 1 - -/* Values for mktme_status (SW only construct) */ -#define MKTME_ENABLED 0 -#define MKTME_DISABLED 1 -#define MKTME_UNINITIALIZED 2 -static int mktme_status = MKTME_UNINITIALIZED; - -static void detect_tme(struct cpuinfo_x86 *c) -{ - u64 tme_activate, tme_policy, tme_crypto_algs; - int keyid_bits = 0, nr_keyids = 0; - static u64 tme_activate_cpu0 = 0; - - rdmsrl(MSR_IA32_TME_ACTIVATE, tme_activate); - - if (mktme_status != MKTME_UNINITIALIZED) { - if (tme_activate != tme_activate_cpu0) { - /* Broken BIOS? */ - pr_err_once("x86/tme: configuration is inconsistent between CPUs\n"); - pr_err_once("x86/tme: MKTME is not usable\n"); - mktme_status = MKTME_DISABLED; - - /* Proceed. We may need to exclude bits from x86_phys_bits. */ - } - } else { - tme_activate_cpu0 = tme_activate; - } - - if (!TME_ACTIVATE_LOCKED(tme_activate) || !TME_ACTIVATE_ENABLED(tme_activate)) { - pr_info_once("x86/tme: not enabled by BIOS\n"); - mktme_status = MKTME_DISABLED; - return; - } - - if (mktme_status != MKTME_UNINITIALIZED) - goto detect_keyid_bits; - - pr_info("x86/tme: enabled by BIOS\n"); - - tme_policy = TME_ACTIVATE_POLICY(tme_activate); - if (tme_policy != TME_ACTIVATE_POLICY_AES_XTS_128) - pr_warn("x86/tme: Unknown policy is active: %#llx\n", tme_policy); - - tme_crypto_algs = TME_ACTIVATE_CRYPTO_ALGS(tme_activate); - if (!(tme_crypto_algs & TME_ACTIVATE_CRYPTO_AES_XTS_128)) { - pr_err("x86/mktme: No known encryption algorithm is supported: %#llx\n", - tme_crypto_algs); - mktme_status = MKTME_DISABLED; - } -detect_keyid_bits: - keyid_bits = TME_ACTIVATE_KEYID_BITS(tme_activate); - nr_keyids = (1UL << keyid_bits) - 1; - if (nr_keyids) { - pr_info_once("x86/mktme: enabled by BIOS\n"); - pr_info_once("x86/mktme: %d KeyIDs available\n", nr_keyids); - } else { - pr_info_once("x86/mktme: disabled by BIOS\n"); - } - - if (mktme_status == MKTME_UNINITIALIZED) { - /* MKTME is usable */ - mktme_status = MKTME_ENABLED; - } - - /* - * KeyID bits effectively lower the number of physical address - * bits. Update cpuinfo_x86::x86_phys_bits accordingly. - */ - c->x86_phys_bits -= keyid_bits; -} - static void init_cpuid_fault(struct cpuinfo_x86 *c) { u64 msr; @@ -702,9 +709,6 @@ static void init_intel(struct cpuinfo_x86 *c) init_ia32_feat_ctl(c); - if (cpu_has(c, X86_FEATURE_TME)) - detect_tme(c); - init_intel_misc_features(c); split_lock_init();