From patchwork Wed Jan 31 11:31:54 2024
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Kai Huang <kai.huang@intel.com>
X-Patchwork-Id: 194696
Return-Path: <linux-kernel+bounces-46350-ouuuleilei=gmail.com@vger.kernel.org>
Delivered-To: ouuuleilei@gmail.com
Received: by 2002:a05:7301:2087:b0:106:209c:c626 with SMTP id
 gs7csp1821760dyb;
        Wed, 31 Jan 2024 03:32:49 -0800 (PST)
X-Google-Smtp-Source: 
 AGHT+IHaX0M9E0Z1v43HOcFXVH9093HRyduu1qfGfij8eGBZ2ET6zcTGAFIFMORKaQGlVhXruaBW
X-Received: by 2002:ad4:5743:0:b0:68c:4f18:b057 with SMTP id
 q3-20020ad45743000000b0068c4f18b057mr1553666qvx.39.1706700769676;
        Wed, 31 Jan 2024 03:32:49 -0800 (PST)
ARC-Seal: i=2; a=rsa-sha256; t=1706700769; cv=pass;
        d=google.com; s=arc-20160816;
        b=dhdcN3m20l5fgfGoZnxGTKnzztkW2lusr2W/YSXcFstjBt8UDZU7zBZ1xpNAUD5vg8
         YVtW4HIxlMSdS3GQumKu0oagp2d0rczW5/KmJ80NWTjzv8QMaouMndUr9wxzAyNBbd8N
         atvhuPkKauucLOMg3Rv1BnQ96f1ngnivmzsI3DdpaLDhICd7WPFBiNvUMPdb80XB68HJ
         wORh3p6AobE4jkU6+2bWgxXwlr8Nm+bL9WXBInvrlbzHu2ZoMcoVL2wqd7zHgkO6tmtv
         T+2RLG84oZWolZ2jzDjUDwszT6rI0Ly5UCwxqGpettK/JwJXUDl/cc2O/1n16i7/xoIY
         BujA==
ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com;
 s=arc-20160816;
        h=content-transfer-encoding:mime-version:list-unsubscribe
         :list-subscribe:list-id:precedence:references:in-reply-to:message-id
         :date:subject:cc:to:from:dkim-signature;
        bh=L83RsMudGs9zQO0uJJy+ASnO9AXLtwQyy6EBBToDTPc=;
        fh=T3q/119teAZvm8zaDiaVGcjbVe87hHJu126JRukB+dg=;
        b=BeuQRupVyLbT9S4JCeUHK04FyoMm/brXIbTL2TpkcWGS5duyWQI+ULYN27SloigfQl
         UfJ7wYCFgOctu80b/I8xfnz7jpdzphocRzMt9/UQbuoOlyup7nra17xVqQi0K5NmaZYS
         MnukME4r7ugeYExV3Y5JzhrU2UQMKoZGFlFi1cXSQ1ocKAxv4/0r6DHhYao9LUylgMS+
         yCGxn889wT7ICfDSV+053DjBoNLhtcuvEYE5iKEdjH1L40eBG+kuia41ueT7rH+2Qtuw
         9S8SCA8h5Ya0H7oILfOQrPQC2v3bJvaxi4vX242pz1FV+CHSo1dcKfQHV+CWv0M8l6TG
         T7RA==;
        dara=google.com
ARC-Authentication-Results: i=2; mx.google.com;
       dkim=pass header.i=@intel.com header.s=Intel header.b=d5DvL+Ch;
       arc=pass (i=1 spf=pass spfdomain=intel.com dkim=pass dkdomain=intel.com
 dmarc=pass fromdomain=intel.com);
       spf=pass (google.com: domain of
 linux-kernel+bounces-46350-ouuuleilei=gmail.com@vger.kernel.org designates
 147.75.199.223 as permitted sender)
 smtp.mailfrom="linux-kernel+bounces-46350-ouuuleilei=gmail.com@vger.kernel.org";
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com
X-Forwarded-Encrypted: i=1;
 AJvYcCUIZaZ3M0I9/88bpv69VSfyWZAvrxKQ8FeQStY776CmYpkJej3gNJV3EC93I1FwxTaio1YZJT5TE8FpnuaCn2h7tGrkYA==
Received: from ny.mirrors.kernel.org (ny.mirrors.kernel.org. [147.75.199.223])
        by mx.google.com with ESMTPS id
 20-20020ac85954000000b0042bea9f793esi810546qtz.608.2024.01.31.03.32.49
        for <ouuuleilei@gmail.com>
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Wed, 31 Jan 2024 03:32:49 -0800 (PST)
Received-SPF: pass (google.com: domain of
 linux-kernel+bounces-46350-ouuuleilei=gmail.com@vger.kernel.org designates
 147.75.199.223 as permitted sender) client-ip=147.75.199.223;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@intel.com header.s=Intel header.b=d5DvL+Ch;
       arc=pass (i=1 spf=pass spfdomain=intel.com dkim=pass dkdomain=intel.com
 dmarc=pass fromdomain=intel.com);
       spf=pass (google.com: domain of
 linux-kernel+bounces-46350-ouuuleilei=gmail.com@vger.kernel.org designates
 147.75.199.223 as permitted sender)
 smtp.mailfrom="linux-kernel+bounces-46350-ouuuleilei=gmail.com@vger.kernel.org";
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com
Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org
 [52.25.139.140])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by ny.mirrors.kernel.org (Postfix) with ESMTPS id 77C9A1C2090A
	for <ouuuleilei@gmail.com>; Wed, 31 Jan 2024 11:32:49 +0000 (UTC)
Received: from localhost.localdomain (localhost.localdomain [127.0.0.1])
	by smtp.subspace.kernel.org (Postfix) with ESMTP id 0738A7866B;
	Wed, 31 Jan 2024 11:32:21 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org;
	dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com
 header.b="d5DvL+Ch"
Received: from mgamail.intel.com (mgamail.intel.com [192.198.163.12])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id 76B6D78676
	for <linux-kernel@vger.kernel.org>; Wed, 31 Jan 2024 11:32:14 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org;
 arc=none smtp.client-ip=192.198.163.12
ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;
	t=1706700738; cv=none;
 b=sXIRX6sIrCjosGIlvxRHnNBCmHfum8yLmTBFlNZuymUb2IO5b4ZkkwX7lKF1NnqNjHTLI+XG7d2s7BMXbr16hQiC59+bqvg9vfVcqQNXrfqdkViGeHs5A8xGss7/d9iFVSNFiXYS3a++DPfoSJJfixIWHo0KK016wVPEdnMjGIA=
ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org;
	s=arc-20240116; t=1706700738; c=relaxed/simple;
	bh=YJkpXfj77W6zId/DBHAD6wMYoSjxGXRmcWi4w8zk/iY=;
	h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:References:
	 MIME-Version;
 b=kT+gPbtV50JlfbDyD0fOta8oflTdcnkYneBAaYNhNX5MhJgV5KC3DUeXTl6f0d8dq2HeuEJMTDLiKwRlhEfmQ5LMVtrq73t/xHDka46Te6cyq6JoqemaL+WpXx78LCaA9226CzdK/AU98Ths6NrOjiu7wmZrsKEA+ZSfAGIDpLY=
ARC-Authentication-Results: i=1; smtp.subspace.kernel.org;
 dmarc=pass (p=none dis=none) header.from=intel.com;
 spf=pass smtp.mailfrom=intel.com;
 dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com
 header.b=d5DvL+Ch; arc=none smtp.client-ip=192.198.163.12
Authentication-Results: smtp.subspace.kernel.org;
 dmarc=pass (p=none dis=none) header.from=intel.com
Authentication-Results: smtp.subspace.kernel.org;
 spf=pass smtp.mailfrom=intel.com
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple;
  d=intel.com; i=@intel.com; q=dns/txt; s=Intel;
  t=1706700734; x=1738236734;
  h=from:to:cc:subject:date:message-id:in-reply-to:
   references:mime-version:content-transfer-encoding;
  bh=YJkpXfj77W6zId/DBHAD6wMYoSjxGXRmcWi4w8zk/iY=;
  b=d5DvL+ChUDBvlVnEbdQZioyHTdviW0BkX9OmBLqQnsiPYSETKmyYDYIf
   xy3CTewBeXz+g2p7rUDSz4HMkf71XKHhLyJ21ypFzWfKEbBdXwe9VAEdb
   d2PhQO1gacDn33hw/zk8ByaTkKNEQOmNKa+PYdejflMFGkrIoS3xzlXoV
   veV0w3aLyevNexrmwxVcqa8g1yqwEZXnjdDHGZ5BWwB87+9ARpNpGCVzi
   qRvnkoyjlq1fdDG/tUW+Ulwzch6V+cDC5Mw5cCYxl9rJ4zOhOQdKgZKRZ
   dvEDYQsqn/uEqoksjaWGR0HPBlf77TxS5k0PbNGl9o6+Ip9JTfWeU8rwg
   w==;
X-IronPort-AV: E=McAfee;i="6600,9927,10969"; a="3414182"
X-IronPort-AV: E=Sophos;i="6.05,231,1701158400";
   d="scan'208";a="3414182"
Received: from fmsmga003.fm.intel.com ([10.253.24.29])
  by fmvoesa106.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384;
 31 Jan 2024 03:32:13 -0800
X-ExtLoop1: 1
X-IronPort-AV: E=McAfee;i="6600,9927,10969"; a="878764802"
X-IronPort-AV: E=Sophos;i="6.05,231,1701158400";
   d="scan'208";a="878764802"
Received: from server.sh.intel.com ([10.239.53.117])
  by fmsmga003-auth.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384;
 31 Jan 2024 03:32:10 -0800
From: "Huang, Kai" <kai.huang@intel.com>
To: linux-kernel@vger.kernel.org
Cc: x86@kernel.org,
	dave.hansen@intel.com,
	kirill.shutemov@linux.intel.com,
	tglx@linutronix.de,
	bp@alien8.de,
	mingo@redhat.com,
	hpa@zytor.com,
	luto@kernel.org,
	peterz@infradead.org,
	thomas.lendacky@amd.com,
	chao.gao@intel.com,
	bhe@redhat.com,
	nik.borisov@suse.com,
	pbonzini@redhat.com
Subject: [PATCH 2/4] x86/virt/tdx: Advertise the CC_ATTR_HOST_MEM_INCOHERENT
 for TDX host
Date: Wed, 31 Jan 2024 11:31:54 +0000
Message-Id: 
 <ebbc67eb2c6052dd56fda31cd22bb830d3d290ef.1706698706.git.kai.huang@intel.com>
X-Mailer: git-send-email 2.34.1
In-Reply-To: <cover.1706698706.git.kai.huang@intel.com>
References: <cover.1706698706.git.kai.huang@intel.com>
Precedence: bulk
X-Mailing-List: linux-kernel@vger.kernel.org
List-Id: <linux-kernel.vger.kernel.org>
List-Subscribe: <mailto:linux-kernel+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:linux-kernel+unsubscribe@vger.kernel.org>
MIME-Version: 1.0
X-getmail-retrieved-from-mailbox: INBOX
X-GMAIL-THRID: 1789605466024494314
X-GMAIL-MSGID: 1789605466024494314

From: Kai Huang <kai.huang@intel.com>

On the TDX capable platform, during kexec() the old kernel needs to
flush dirty cachelines of all TDX private memory otherwise they may
silently corrupt the new kernel's memory.

Advertise the new introduced CC_ATTR_HOST_MEM_INCOHERENT attribute for
TDX host platform so the cache will be flushed during kexec().

Note theoretically cache flush is only needed when TDX module is
initialized, but the module initialization is done at runtime so just
advertise the CC attribute when the platform has TDX enabled.

Signed-off-by: Kai Huang <kai.huang@intel.com>
Reviewed-by: Kirill A. Shutemov <kirill.shutemov@linux.intel.com>
Reviewed-by: Chao Gao <chao.gao@intel.com>
---
 arch/x86/Kconfig            |  1 +
 arch/x86/coco/core.c        | 21 ++++++++++++++++++++-
 arch/x86/virt/vmx/tdx/tdx.c |  3 +++
 include/linux/cc_platform.h |  3 ++-
 4 files changed, 26 insertions(+), 2 deletions(-)

diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig
index 502986237cb6..ac3b32149a77 100644
--- a/arch/x86/Kconfig
+++ b/arch/x86/Kconfig
@@ -1975,6 +1975,7 @@ config INTEL_TDX_HOST
 	depends on CONTIG_ALLOC
 	depends on !KEXEC_CORE
 	depends on X86_MCE
+	select ARCH_HAS_CC_PLATFORM
 	help
 	  Intel Trust Domain Extensions (TDX) protects guest VMs from malicious
 	  host and certain physical attacks.  This option enables necessary TDX
diff --git a/arch/x86/coco/core.c b/arch/x86/coco/core.c
index 8d6d727e6e18..ecb15852b69d 100644
--- a/arch/x86/coco/core.c
+++ b/arch/x86/coco/core.c
@@ -12,11 +12,12 @@
 
 #include <asm/coco.h>
 #include <asm/processor.h>
+#include <asm/cpufeature.h>
 
 enum cc_vendor cc_vendor __ro_after_init = CC_VENDOR_NONE;
 static u64 cc_mask __ro_after_init;
 
-static bool noinstr intel_cc_platform_has(enum cc_attr attr)
+static bool noinstr intel_cc_platform_guest_has(enum cc_attr attr)
 {
 	switch (attr) {
 	case CC_ATTR_GUEST_UNROLL_STRING_IO:
@@ -29,6 +30,24 @@ static bool noinstr intel_cc_platform_has(enum cc_attr attr)
 	}
 }
 
+static bool noinstr intel_cc_platform_host_has(enum cc_attr attr)
+{
+	switch (attr) {
+	case CC_ATTR_HOST_MEM_INCOHERENT:
+		return true;
+	default:
+		return false;
+	}
+}
+
+static bool noinstr intel_cc_platform_has(enum cc_attr attr)
+{
+	if (boot_cpu_has(X86_FEATURE_TDX_HOST_PLATFORM))
+		return intel_cc_platform_host_has(attr);
+
+	return intel_cc_platform_guest_has(attr);
+}
+
 /*
  * Handle the SEV-SNP vTOM case where sme_me_mask is zero, and
  * the other levels of SME/SEV functionality, including C-bit
diff --git a/arch/x86/virt/vmx/tdx/tdx.c b/arch/x86/virt/vmx/tdx/tdx.c
index 4d6826a76f78..9f1fed458a32 100644
--- a/arch/x86/virt/vmx/tdx/tdx.c
+++ b/arch/x86/virt/vmx/tdx/tdx.c
@@ -37,6 +37,7 @@
 #include <asm/intel-family.h>
 #include <asm/processor.h>
 #include <asm/mce.h>
+#include <asm/coco.h>
 #include "tdx.h"
 
 static u32 tdx_global_keyid __ro_after_init;
@@ -1488,5 +1489,7 @@ void __init tdx_init(void)
 
 	setup_force_cpu_cap(X86_FEATURE_TDX_HOST_PLATFORM);
 
+	cc_vendor = CC_VENDOR_INTEL;
+
 	check_tdx_erratum();
 }
diff --git a/include/linux/cc_platform.h b/include/linux/cc_platform.h
index 2f7273596102..654777d64dc0 100644
--- a/include/linux/cc_platform.h
+++ b/include/linux/cc_platform.h
@@ -53,7 +53,8 @@ enum cc_attr {
 	 * Use this in places where the cache coherency of the memory matters
 	 * but the encryption status does not.
 	 *
-	 * Includes all systems that set CC_ATTR_HOST_MEM_ENCRYPT.
+	 * Includes all systems that set CC_ATTR_HOST_MEM_ENCRYPT, but
+	 * additionally adds TDX hosts.
 	 */
 	CC_ATTR_HOST_MEM_INCOHERENT,