From patchwork Sun Oct 30 06:22:08 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Isaku Yamahata X-Patchwork-Id: 12848 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a5d:6687:0:0:0:0:0 with SMTP id l7csp1665747wru; Sat, 29 Oct 2022 23:27:16 -0700 (PDT) X-Google-Smtp-Source: AMsMyM48LCq+tOJLhzCOBK1Cq5VpfG/GK2TZY8WCR5Sr33eqrwDD/qvNdOP8XXQsQKs3y0f0U33Z X-Received: by 2002:a17:907:7f25:b0:7aa:acf9:c07e with SMTP id qf37-20020a1709077f2500b007aaacf9c07emr6840260ejc.280.1667111236254; Sat, 29 Oct 2022 23:27:16 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1667111236; cv=none; d=google.com; s=arc-20160816; b=Tvj2rGaKxKOa5phcqMvkaIg2jgBZXAcnCx3nIZMjFMIkOLOUbqRSPvCgCO5YDG8zpp 8R+XMtwnS0+BOv7lgwh1uqL0UZlyaOTPFhzJMhUEJlp0WUSI5lUp2/Tp7VRn/HRACO0H tpSY15bG7+cNqya8nTFUQ8rz/lVqKFH34AJZIQHD6amqWw284RDDALarF4A+rLy8RAhj FcnB4pobpCt/XBPsDEakS5lNBZLx5VgF9M1TaPADwhuLEFZya9EhXDFh675FQLYcT+Tv NESCv/d7mBwvcFbVMoBIen/ZMoL2gEzMyNTHA8/RcDBIHRrEFTlpcVEVYG3xfClrjjfo R3vw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=8cHozTrfRlW+zrtOq1l+VLJIMISNYkzulDWNu6+Wu6c=; b=oouIl7lU8uYkg/k1ZcvKfd5GofVF3Fzyya2s7JKxVvn4BwSLIMXzNO9qtLZY1C1YE5 IGCkcIAfkxZ7fLGRFLhNalO6ve6MhpyRnoB3zMGhPKO5EOxIMDboBTfSrNr0k8VnouUt J/DtRIAqy8X3Eds/6K+fa33JkwSWvTySS+oQNLyBa+b+mJWKeJk/aX9CC8QoORFGqlH5 7bLTrzJRWIgI0wNj5IG0lain43jHRxpWvIyxFSCJvP8q6ZIlNoZohq9SNR4f30x8HqJi 7OGo9GWdZyMDgK60hJw2di4vQaDu14tNVzjOpNriLCnkxMB6jYw33SHir5/y2IvITPbo RFew== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b=ewtbCVDv; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id h14-20020a1709066d8e00b007aa35038c6bsi3112490ejt.463.2022.10.29.23.26.52; Sat, 29 Oct 2022 23:27:16 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b=ewtbCVDv; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229711AbiJ3GYX (ORCPT + 99 others); Sun, 30 Oct 2022 02:24:23 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:46852 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229776AbiJ3GYD (ORCPT ); Sun, 30 Oct 2022 02:24:03 -0400 Received: from mga05.intel.com (mga05.intel.com [192.55.52.43]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 023B0B1; Sat, 29 Oct 2022 23:24:00 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1667111040; x=1698647040; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=VsKeVF448wPktNQHNkJF248fNLEn7lGAPSlciDP/1cM=; b=ewtbCVDvNBTk4vvzcR3xI0UzGCPjKaW8gja5DmPZaUCcAq9ZnF3ETHbh OLTyk+UauhhHwlXatQeBByy2SsGnBvgdyn6UWZ+nA8VvpOzvHItUElqqJ WUyksNMLiovImsd2wV5dM2TpPSNX/VUfvThhLonuxXllGpBC4wOGB2qdn MrRhLVVcuvo734Mkh721tqSDvJ2hhTH4FjAsLMtllhkx3xJQ1Fna4DFOZ GzcIZhaJXA+IKqYy4wWO/ETf0j9COvIWJCvW2jw9hDDhsfyRlnbbABMjS u/NalxRJz3Skz83HpLK6oNWrKdaZhLsTguN+PycdoCnkG5zffQZkEmDx8 A==; X-IronPort-AV: E=McAfee;i="6500,9779,10515"; a="395037117" X-IronPort-AV: E=Sophos;i="5.95,225,1661842800"; d="scan'208";a="395037117" Received: from fmsmga006.fm.intel.com ([10.253.24.20]) by fmsmga105.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 29 Oct 2022 23:23:57 -0700 X-IronPort-AV: E=McAfee;i="6500,9779,10515"; a="878392850" X-IronPort-AV: E=Sophos;i="5.95,225,1661842800"; d="scan'208";a="878392850" Received: from ls.sc.intel.com (HELO localhost) ([143.183.96.54]) by fmsmga006-auth.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 29 Oct 2022 23:23:57 -0700 From: isaku.yamahata@intel.com To: kvm@vger.kernel.org, linux-kernel@vger.kernel.org Cc: isaku.yamahata@intel.com, isaku.yamahata@gmail.com, Paolo Bonzini , erdemaktas@google.com, Sean Christopherson , Sagi Shahar , David Matlack Subject: [PATCH v10 007/108] KVM: TDX: Make TDX VM type supported Date: Sat, 29 Oct 2022 23:22:08 -0700 Message-Id: X-Mailer: git-send-email 2.25.1 In-Reply-To: References: MIME-Version: 1.0 X-Spam-Status: No, score=-4.9 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_MED, SPF_HELO_NONE,SPF_NONE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1748092831797990740?= X-GMAIL-MSGID: =?utf-8?q?1748092831797990740?= From: Isaku Yamahata NOTE: This patch is in position of the patch series for developers to be able to test codes during the middle of the patch series although this patch series doesn't provide functional features until the all the patches of this patch series. When merging this patch series, this patch can be moved to the end. As first step TDX VM support, return that TDX VM type supported to device model, e.g. qemu. The callback to create guest TD is vm_init callback for KVM_CREATE_VM. Signed-off-by: Isaku Yamahata --- arch/x86/kvm/vmx/main.c | 18 ++++++++++++++++-- arch/x86/kvm/vmx/tdx.c | 6 ++++++ arch/x86/kvm/vmx/vmx.c | 5 ----- arch/x86/kvm/vmx/x86_ops.h | 3 ++- 4 files changed, 24 insertions(+), 8 deletions(-) diff --git a/arch/x86/kvm/vmx/main.c b/arch/x86/kvm/vmx/main.c index 22bf49afc761..0900ff2f2390 100644 --- a/arch/x86/kvm/vmx/main.c +++ b/arch/x86/kvm/vmx/main.c @@ -10,6 +10,12 @@ static bool __read_mostly enable_tdx = IS_ENABLED(CONFIG_INTEL_TDX_HOST); module_param_named(tdx, enable_tdx, bool, 0444); +static bool vt_is_vm_type_supported(unsigned long type) +{ + return type == KVM_X86_DEFAULT_VM || + (enable_tdx && tdx_is_vm_type_supported(type)); +} + static __init int vt_hardware_setup(void) { int ret; @@ -23,6 +29,14 @@ static __init int vt_hardware_setup(void) return 0; } +static int vt_vm_init(struct kvm *kvm) +{ + if (is_td(kvm)) + return -EOPNOTSUPP; /* Not ready to create guest TD yet. */ + + return vmx_vm_init(kvm); +} + struct kvm_x86_ops vt_x86_ops __initdata = { .name = "kvm_intel", @@ -33,9 +47,9 @@ struct kvm_x86_ops vt_x86_ops __initdata = { .hardware_disable = vmx_hardware_disable, .has_emulated_msr = vmx_has_emulated_msr, - .is_vm_type_supported = vmx_is_vm_type_supported, + .is_vm_type_supported = vt_is_vm_type_supported, .vm_size = sizeof(struct kvm_vmx), - .vm_init = vmx_vm_init, + .vm_init = vt_vm_init, .vm_destroy = vmx_vm_destroy, .vcpu_precreate = vmx_vcpu_precreate, diff --git a/arch/x86/kvm/vmx/tdx.c b/arch/x86/kvm/vmx/tdx.c index 6213a5c6b637..530e72f85762 100644 --- a/arch/x86/kvm/vmx/tdx.c +++ b/arch/x86/kvm/vmx/tdx.c @@ -74,6 +74,12 @@ static int __init tdx_module_setup(void) return 0; } +bool tdx_is_vm_type_supported(unsigned long type) +{ + /* enable_tdx check is done by the caller. */ + return type == KVM_X86_TDX_VM; +} + int __init tdx_hardware_setup(struct kvm_x86_ops *x86_ops) { int r; diff --git a/arch/x86/kvm/vmx/vmx.c b/arch/x86/kvm/vmx/vmx.c index dc05b78e0a1e..68aef67c5eb7 100644 --- a/arch/x86/kvm/vmx/vmx.c +++ b/arch/x86/kvm/vmx/vmx.c @@ -7410,11 +7410,6 @@ int vmx_vcpu_create(struct kvm_vcpu *vcpu) return err; } -bool vmx_is_vm_type_supported(unsigned long type) -{ - return type == KVM_X86_DEFAULT_VM; -} - #define L1TF_MSG_SMT "L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details.\n" #define L1TF_MSG_L1D "L1TF CPU bug present and virtualization mitigation disabled, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details.\n" diff --git a/arch/x86/kvm/vmx/x86_ops.h b/arch/x86/kvm/vmx/x86_ops.h index d4877f4f93de..ac1688b0b0e3 100644 --- a/arch/x86/kvm/vmx/x86_ops.h +++ b/arch/x86/kvm/vmx/x86_ops.h @@ -27,7 +27,6 @@ void vmx_hardware_unsetup(void); int vmx_check_processor_compatibility(void); int vmx_hardware_enable(void); void vmx_hardware_disable(void); -bool vmx_is_vm_type_supported(unsigned long type); int vmx_vm_init(struct kvm *kvm); void vmx_vm_destroy(struct kvm *kvm); int vmx_vcpu_precreate(struct kvm *kvm); @@ -133,8 +132,10 @@ void vmx_setup_mce(struct kvm_vcpu *vcpu); #ifdef CONFIG_INTEL_TDX_HOST int __init tdx_hardware_setup(struct kvm_x86_ops *x86_ops); +bool tdx_is_vm_type_supported(unsigned long type); #else static inline int tdx_hardware_setup(struct kvm_x86_ops *x86_ops) { return 0; } +static inline bool tdx_is_vm_type_supported(unsigned long type) { return false; } #endif #endif /* __KVM_X86_VMX_X86_OPS_H */