From patchwork Fri Dec  9 13:25:21 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: "Kirill A. Shutemov" <kirill.shutemov@linux.intel.com>
X-Patchwork-Id: 31742
Return-Path: <linux-kernel-owner@vger.kernel.org>
Delivered-To: ouuuleilei@gmail.com
Received: by 2002:adf:f944:0:0:0:0:0 with SMTP id q4csp778025wrr;
        Fri, 9 Dec 2022 05:36:18 -0800 (PST)
X-Google-Smtp-Source: 
 AA0mqf78yHH9EMviIw5GEoIV01dlhBA504tEVEtv6k+SHGUyXi4AkTO63dOxx7JTQibi4Owk5tEf
X-Received: by 2002:a05:6a21:394b:b0:ac:4b17:a9cf with SMTP id
 ac11-20020a056a21394b00b000ac4b17a9cfmr6930579pzc.59.1670592978043;
        Fri, 09 Dec 2022 05:36:18 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1670592978; cv=none;
        d=google.com; s=arc-20160816;
        b=LgzQ1zQVlosO7lrADfdUIR3lE3FQ7OaNwGCrWQWcmARKV8v60sSlK/99iVC8YGyAkw
         siB708rJobqXMUD/XMy44Tf4uPMzN7c9TSo9SiUYSswcfD3Xa/7T/vrC7mWWV/lZ0FqU
         Lxb82ZUNv1Bojye+SMTjCzNwscD8IuXnRbTp4LhoDL251l8EEZ85oACtvgeSB1O/u/Bx
         tdIHW8DdTDNkgPgJW3JSsBQx/SOMX0hUi17Ct4eS6AZ6rwRU0J0chguarTU6MHuS0N3y
         Iq0ptCx5P5oUszdKlXCq1HM1rjaRUNPBNkz+uZi/ZN05FCv/zGEeGlEKf3NQiEdGXxlW
         i4Vg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com;
 s=arc-20160816;
        h=list-id:precedence:content-transfer-encoding:mime-version
         :references:in-reply-to:message-id:date:subject:cc:to:from
         :dkim-signature;
        bh=PA/x7+7zi90JAR5T55MXDBO/IFECA6scY+Uur0wRRsg=;
        b=QdK6BK0TQb6vrclF2W1Q/9SjglOyRWtRnVik+ToiljPotrbWWjvnPqDb8OhhzcQN5V
         tQyulcXHpQFGju17SdyKelCJAke9bhGJx1KWXPEtImSFav2XXptgRXdDNB3yrOuDvoxA
         ue8GaQgzY/MxOTi/9Rk2Qxobp/xfi+P8WdknKLuF1Bg24qhNVv7BNRN7KaYJvEGnXYDT
         pmrPiG4RiK5dI3Kk4aQTPn1iRY1FV+5xeLnVBnI8CqRjo5deZaBzwM7nuTEiaxBwiqNi
         h5SufbDATh17FI2WF2JznV7WgkynSOvIVA5NTQwjfmIIn9S9Wqvy1pS1dQP5iLayDiw+
         jVHg==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@intel.com header.s=Intel header.b=hMd8+8hj;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org
 designates 2620:137:e000::1:20 as permitted sender)
 smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com
Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20])
        by mx.google.com with ESMTP id
 y22-20020a634b16000000b0046b3ba2c806si1534653pga.145.2022.12.09.05.36.04;
        Fri, 09 Dec 2022 05:36:18 -0800 (PST)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org
 designates 2620:137:e000::1:20 as permitted sender)
 client-ip=2620:137:e000::1:20;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@intel.com header.s=Intel header.b=hMd8+8hj;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org
 designates 2620:137:e000::1:20 as permitted sender)
 smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S229995AbiLINZw (ORCPT <rfc822;sophiezhao968@gmail.com>
        + 99 others); Fri, 9 Dec 2022 08:25:52 -0500
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:40848 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S229703AbiLINZj (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Fri, 9 Dec 2022 08:25:39 -0500
Received: from mga14.intel.com (mga14.intel.com [192.55.52.115])
        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 021CF3D93D
        for <linux-kernel@vger.kernel.org>;
 Fri,  9 Dec 2022 05:25:38 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple;
  d=intel.com; i=@intel.com; q=dns/txt; s=Intel;
  t=1670592338; x=1702128338;
  h=from:to:cc:subject:date:message-id:in-reply-to:
   references:mime-version:content-transfer-encoding;
  bh=J62v2nU2mAAlWk+4nnIwm7vHzPkFaSakhn+r6Jo3ffQ=;
  b=hMd8+8hjOWaPCz2nQrJMWqcHDTRu/lzQ2f2xL8tXxYKRRdoF6aWcm5q5
   rf8wmNnRB7aaGgwrXC7JhZYwDZiHtM6Ps20C9ovEFMSsDKXk5QCx3S7uh
   INezEnuyGeIlkxhOELdpZal0h1WBVDPlavrVkN0Kv7sBv6i0dtIoxRZ4X
   YW2kvCgryLUnBwQ9gNhMGmkeLmSfWyXPQuSGP2/QCGHhawJUIQnZ/ZeZ6
   qJW5UfJ6uypZbueR7WEnkkfw3Ermx19lI6KNNrVyRAT1lgsCAY15G7qSC
   pq39IXYFXZCSO6dCtThql88GVWs/t8pBxgmu9o889FxpCkVO46zWDs1s7
   Q==;
X-IronPort-AV: E=McAfee;i="6500,9779,10556"; a="317483325"
X-IronPort-AV: E=Sophos;i="5.96,230,1665471600";
   d="scan'208";a="317483325"
Received: from fmsmga006.fm.intel.com ([10.253.24.20])
  by fmsmga103.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384;
 09 Dec 2022 05:25:36 -0800
X-IronPort-AV: E=McAfee;i="6500,9779,10556"; a="892670385"
X-IronPort-AV: E=Sophos;i="5.96,230,1665471600";
   d="scan'208";a="892670385"
Received: from elinares-mobl.ger.corp.intel.com (HELO box.shutemov.name)
 ([10.249.38.98])
  by fmsmga006-auth.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384;
 09 Dec 2022 05:25:33 -0800
Received: by box.shutemov.name (Postfix, from userid 1000)
        id 41BE8109CE3; Fri,  9 Dec 2022 16:25:31 +0300 (+03)
From: "Kirill A. Shutemov" <kirill.shutemov@linux.intel.com>
To: Dave Hansen <dave.hansen@intel.com>,
        Borislav Petkov <bp@alien8.de>,
        Andy Lutomirski <luto@kernel.org>
Cc: Kuppuswamy Sathyanarayanan
        <sathyanarayanan.kuppuswamy@linux.intel.com>,
        Thomas Gleixner <tglx@linutronix.de>,
        Elena Reshetova <elena.reshetova@intel.com>, x86@kernel.org,
        linux-coco@lists.linux.dev, linux-kernel@vger.kernel.org,
        "Kirill A. Shutemov" <kirill.shutemov@linux.intel.com>
Subject: [PATCH 1/4] x86/tdx: Expand __tdx_hypercall() to handle more
 arguments
Date: Fri,  9 Dec 2022 16:25:21 +0300
Message-Id: <20221209132524.20200-2-kirill.shutemov@linux.intel.com>
X-Mailer: git-send-email 2.38.0
In-Reply-To: <20221209132524.20200-1-kirill.shutemov@linux.intel.com>
References: <20221209132524.20200-1-kirill.shutemov@linux.intel.com>
MIME-Version: 1.0
X-Spam-Status: No, score=-7.0 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH,
        DKIM_SIGNED,DKIM_VALID,DKIM_VALID_EF,RCVD_IN_DNSWL_HI,SPF_HELO_NONE,
        SPF_NONE autolearn=ham autolearn_force=no version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on
        lindbergh.monkeyblade.net
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org
X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?=
X-GMAIL-THRID: =?utf-8?q?1751743702769604472?=
X-GMAIL-MSGID: =?utf-8?q?1751743702769604472?=

So far __tdx_hypercall() only handles six arguments for VMCALL.
Expanding it to six more register would allow to cover more use-cases.

Using RDI and RSI as VMCALL arguments requires more register shuffling.
RAX is used to hold tdx_hypercall_args pointer and RBP stores flags.

While there, fix typo in the comment on panic branch.

Signed-off-by: Kirill A. Shutemov <kirill.shutemov@linux.intel.com>
---
 arch/x86/coco/tdx/tdcall.S        | 82 ++++++++++++++++++++++---------
 arch/x86/include/asm/shared/tdx.h |  6 +++
 arch/x86/kernel/asm-offsets.c     |  6 +++
 3 files changed, 70 insertions(+), 24 deletions(-)

diff --git a/arch/x86/coco/tdx/tdcall.S b/arch/x86/coco/tdx/tdcall.S
index f9eb1134f22d..64e57739dc9d 100644
--- a/arch/x86/coco/tdx/tdcall.S
+++ b/arch/x86/coco/tdx/tdcall.S
@@ -13,6 +13,12 @@
 /*
  * Bitmasks of exposed registers (with VMM).
  */
+#define TDX_RDX		BIT(2)
+#define TDX_RBX		BIT(3)
+#define TDX_RSI		BIT(6)
+#define TDX_RDI		BIT(7)
+#define TDX_R8		BIT(8)
+#define TDX_R9		BIT(9)
 #define TDX_R10		BIT(10)
 #define TDX_R11		BIT(11)
 #define TDX_R12		BIT(12)
@@ -27,9 +33,9 @@
  * details can be found in TDX GHCI specification, section
  * titled "TDCALL [TDG.VP.VMCALL] leaf".
  */
-#define TDVMCALL_EXPOSE_REGS_MASK	( TDX_R10 | TDX_R11 | \
-					  TDX_R12 | TDX_R13 | \
-					  TDX_R14 | TDX_R15 )
+#define TDVMCALL_EXPOSE_REGS_MASK	\
+	( TDX_RDX | TDX_RBX | TDX_RSI | TDX_RDI | TDX_R8  | TDX_R9  | \
+	  TDX_R10 | TDX_R11 | TDX_R12 | TDX_R13 | TDX_R14 | TDX_R15 )
 
 /*
  * __tdx_module_call()  - Used by TDX guests to request services from
@@ -124,19 +130,32 @@ SYM_FUNC_START(__tdx_hypercall)
 	push %r14
 	push %r13
 	push %r12
+	push %rbx
+	push %rbp
+
+	movq %rdi, %rax
+	movq %rsi, %rbp
+
+	/* Copy hypercall registers from arg struct: */
+	movq TDX_HYPERCALL_r8(%rax),  %r8
+	movq TDX_HYPERCALL_r9(%rax),  %r9
+	movq TDX_HYPERCALL_r10(%rax), %r10
+	movq TDX_HYPERCALL_r11(%rax), %r11
+	movq TDX_HYPERCALL_r12(%rax), %r12
+	movq TDX_HYPERCALL_r13(%rax), %r13
+	movq TDX_HYPERCALL_r14(%rax), %r14
+	movq TDX_HYPERCALL_r15(%rax), %r15
+	movq TDX_HYPERCALL_rdi(%rax), %rdi
+	movq TDX_HYPERCALL_rsi(%rax), %rsi
+	movq TDX_HYPERCALL_rbx(%rax), %rbx
+	movq TDX_HYPERCALL_rdx(%rax), %rdx
+
+	push %rax
 
 	/* Mangle function call ABI into TDCALL ABI: */
 	/* Set TDCALL leaf ID (TDVMCALL (0)) in RAX */
 	xor %eax, %eax
 
-	/* Copy hypercall registers from arg struct: */
-	movq TDX_HYPERCALL_r10(%rdi), %r10
-	movq TDX_HYPERCALL_r11(%rdi), %r11
-	movq TDX_HYPERCALL_r12(%rdi), %r12
-	movq TDX_HYPERCALL_r13(%rdi), %r13
-	movq TDX_HYPERCALL_r14(%rdi), %r14
-	movq TDX_HYPERCALL_r15(%rdi), %r15
-
 	movl $TDVMCALL_EXPOSE_REGS_MASK, %ecx
 
 	/*
@@ -148,14 +167,14 @@ SYM_FUNC_START(__tdx_hypercall)
 	 * HLT operation indefinitely. Since this is the not the desired
 	 * result, conditionally call STI before TDCALL.
 	 */
-	testq $TDX_HCALL_ISSUE_STI, %rsi
+	testq $TDX_HCALL_ISSUE_STI, %rbp
 	jz .Lskip_sti
 	sti
 .Lskip_sti:
 	tdcall
 
 	/*
-	 * RAX==0 indicates a failure of the TDVMCALL mechanism itself and that
+	 * RAX!=0 indicates a failure of the TDVMCALL mechanism itself and that
 	 * something has gone horribly wrong with the TDX module.
 	 *
 	 * The return status of the hypercall operation is in a separate
@@ -165,30 +184,45 @@ SYM_FUNC_START(__tdx_hypercall)
 	testq %rax, %rax
 	jne .Lpanic
 
-	/* TDVMCALL leaf return code is in R10 */
-	movq %r10, %rax
+	pop %rax
 
 	/* Copy hypercall result registers to arg struct if needed */
-	testq $TDX_HCALL_HAS_OUTPUT, %rsi
+	testq $TDX_HCALL_HAS_OUTPUT, %rbp
 	jz .Lout
 
-	movq %r10, TDX_HYPERCALL_r10(%rdi)
-	movq %r11, TDX_HYPERCALL_r11(%rdi)
-	movq %r12, TDX_HYPERCALL_r12(%rdi)
-	movq %r13, TDX_HYPERCALL_r13(%rdi)
-	movq %r14, TDX_HYPERCALL_r14(%rdi)
-	movq %r15, TDX_HYPERCALL_r15(%rdi)
+	movq %r8,  TDX_HYPERCALL_r8(%rax)
+	movq %r9,  TDX_HYPERCALL_r9(%rax)
+	movq %r10, TDX_HYPERCALL_r10(%rax)
+	movq %r11, TDX_HYPERCALL_r11(%rax)
+	movq %r12, TDX_HYPERCALL_r12(%rax)
+	movq %r13, TDX_HYPERCALL_r13(%rax)
+	movq %r14, TDX_HYPERCALL_r14(%rax)
+	movq %r15, TDX_HYPERCALL_r15(%rax)
+	movq %rdi, TDX_HYPERCALL_rdi(%rax)
+	movq %rsi, TDX_HYPERCALL_rsi(%rax)
+	movq %rbx, TDX_HYPERCALL_rbx(%rax)
+	movq %rdx, TDX_HYPERCALL_rdx(%rax)
 .Lout:
+	/* TDVMCALL leaf return code is in R10 */
+	movq %r10, %rax
+
 	/*
 	 * Zero out registers exposed to the VMM to avoid speculative execution
 	 * with VMM-controlled values. This needs to include all registers
-	 * present in TDVMCALL_EXPOSE_REGS_MASK (except R12-R15). R12-R15
-	 * context will be restored.
+	 * present in TDVMCALL_EXPOSE_REGS_MASK, except RBX, and R12-R15 which
+	 * will be restored.
 	 */
+	xor %r8d,  %r8d
+	xor %r9d,  %r9d
 	xor %r10d, %r10d
 	xor %r11d, %r11d
+	xor %rdi,  %rdi
+	xor %rsi,  %rsi
+	xor %rdx,  %rdx
 
 	/* Restore callee-saved GPRs as mandated by the x86_64 ABI */
+	pop %rbp
+	pop %rbx
 	pop %r12
 	pop %r13
 	pop %r14
diff --git a/arch/x86/include/asm/shared/tdx.h b/arch/x86/include/asm/shared/tdx.h
index e53f26228fbb..8068faa52de1 100644
--- a/arch/x86/include/asm/shared/tdx.h
+++ b/arch/x86/include/asm/shared/tdx.h
@@ -22,12 +22,18 @@
  * This is a software only structure and not part of the TDX module/VMM ABI.
  */
 struct tdx_hypercall_args {
+	u64 r8;
+	u64 r9;
 	u64 r10;
 	u64 r11;
 	u64 r12;
 	u64 r13;
 	u64 r14;
 	u64 r15;
+	u64 rdi;
+	u64 rsi;
+	u64 rbx;
+	u64 rdx;
 };
 
 /* Used to request services from the VMM */
diff --git a/arch/x86/kernel/asm-offsets.c b/arch/x86/kernel/asm-offsets.c
index a668a70abf32..3b6957d4d0ed 100644
--- a/arch/x86/kernel/asm-offsets.c
+++ b/arch/x86/kernel/asm-offsets.c
@@ -75,12 +75,18 @@ static void __used common(void)
 	OFFSET(TDX_MODULE_r11, tdx_module_output, r11);
 
 	BLANK();
+	OFFSET(TDX_HYPERCALL_r8,  tdx_hypercall_args, r8);
+	OFFSET(TDX_HYPERCALL_r9,  tdx_hypercall_args, r9);
 	OFFSET(TDX_HYPERCALL_r10, tdx_hypercall_args, r10);
 	OFFSET(TDX_HYPERCALL_r11, tdx_hypercall_args, r11);
 	OFFSET(TDX_HYPERCALL_r12, tdx_hypercall_args, r12);
 	OFFSET(TDX_HYPERCALL_r13, tdx_hypercall_args, r13);
 	OFFSET(TDX_HYPERCALL_r14, tdx_hypercall_args, r14);
 	OFFSET(TDX_HYPERCALL_r15, tdx_hypercall_args, r15);
+	OFFSET(TDX_HYPERCALL_rdi, tdx_hypercall_args, rdi);
+	OFFSET(TDX_HYPERCALL_rsi, tdx_hypercall_args, rsi);
+	OFFSET(TDX_HYPERCALL_rbx, tdx_hypercall_args, rbx);
+	OFFSET(TDX_HYPERCALL_rdx, tdx_hypercall_args, rdx);
 
 	BLANK();
 	OFFSET(BP_scratch, boot_params, scratch);

From patchwork Fri Dec  9 13:25:22 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: "Kirill A. Shutemov" <kirill.shutemov@linux.intel.com>
X-Patchwork-Id: 31739
Return-Path: <linux-kernel-owner@vger.kernel.org>
Delivered-To: ouuuleilei@gmail.com
Received: by 2002:adf:f944:0:0:0:0:0 with SMTP id q4csp776547wrr;
        Fri, 9 Dec 2022 05:33:29 -0800 (PST)
X-Google-Smtp-Source: 
 AA0mqf5UJGBWLIvpn9kGpTl3JUZcscr8vvlqClf09sl7r5uDIVk4qQUMxPSvqTkyRj7/vSFb/3xP
X-Received: by 2002:a17:906:1851:b0:7c1:1dc7:8837 with SMTP id
 w17-20020a170906185100b007c11dc78837mr5768614eje.66.1670592809521;
        Fri, 09 Dec 2022 05:33:29 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1670592809; cv=none;
        d=google.com; s=arc-20160816;
        b=yJCv0P/lvzdYrhcU5EoXP/iF8NiNeqFpqC6ty+EYepmXF0sJ80ElXk7oZ/IffISNrW
         28/38BKDhrB5zeI5Tq/PGJTqM47zjfueuESrantGMg+3mZjkeBvKx4V8v7VT/4UfYDGd
         QRecxj0fIUqT71+yk+ZFblWEjy1AuPNMLiQxItqK53mhK4Vu+dOXJ9LazGNKkrsG/Ttg
         bjQa4qHgVEQ6UJSxN3VbSZ+c7YJNfdO0r4e/YVnhWAv//du2nWpaOW4gXEEQirOXtkm5
         mkl0N6N2LlUpKTLFarqRPFfpEsvKrpRX86TfFK764/f5zE/Pm9E5wEIxZplTeleCn8kl
         Et5Q==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com;
 s=arc-20160816;
        h=list-id:precedence:content-transfer-encoding:mime-version
         :references:in-reply-to:message-id:date:subject:cc:to:from
         :dkim-signature;
        bh=sRY74v1eiiHXwmVm041LIaCBELB9b4B0UiBwt3G+wm8=;
        b=uRXDwewpQoDCmPfkDa/4D3nyqNzZow/HbTRCSdPlke1tcvuLzOXLfQYSxvljjDaf6W
         SAmue1CHAsDipJtMY4oeyUgYSoqmgajRlrUyuDMy3+IVrWPlBtT3G7nYxyL4TRNfuVOW
         egyjo4fAGNatMzArmwHDsgKNFvVNwv6DbBVCkwfiB0yqdgggUDOnRfD8bQkRU/qXYrt1
         PmNOKXtEKXCg3wOHXKX1ACacJqPoA5miqT1q087e2kqDX+NKvqEZ+EqYNd+JOhQzT++9
         hGcrxBQvqI5BuRS03s9V9vjEBMjn+0NJy34zot/UtwpSlTKzEJshbUM6D8FmsjppOZVd
         lhVA==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@intel.com header.s=Intel header.b=EovttXS6;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org
 designates 2620:137:e000::1:20 as permitted sender)
 smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com
Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20])
        by mx.google.com with ESMTP id
 xa14-20020a170906fd8e00b007adadfc97c7si1188062ejb.918.2022.12.09.05.33.06;
        Fri, 09 Dec 2022 05:33:29 -0800 (PST)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org
 designates 2620:137:e000::1:20 as permitted sender)
 client-ip=2620:137:e000::1:20;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@intel.com header.s=Intel header.b=EovttXS6;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org
 designates 2620:137:e000::1:20 as permitted sender)
 smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S229822AbiLINZm (ORCPT <rfc822;sophiezhao968@gmail.com>
        + 99 others); Fri, 9 Dec 2022 08:25:42 -0500
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:40830 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S229604AbiLINZi (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Fri, 9 Dec 2022 08:25:38 -0500
Received: from mga14.intel.com (mga14.intel.com [192.55.52.115])
        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id B7D2E3D93D
        for <linux-kernel@vger.kernel.org>;
 Fri,  9 Dec 2022 05:25:37 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple;
  d=intel.com; i=@intel.com; q=dns/txt; s=Intel;
  t=1670592337; x=1702128337;
  h=from:to:cc:subject:date:message-id:in-reply-to:
   references:mime-version:content-transfer-encoding;
  bh=5keQeb9S+KFaicFjIjAGLohVdO9xiTEtldY0S8UVDYw=;
  b=EovttXS6iaIn9O5sYm0fZH0QypmTs2UndyTrZIFP8Gnm/NL1lDJsVoNU
   fL78QWfhBHr77ZjJgDTUsqtFzMg9LJNXm2wbI9Icv+nX/0EMvYsL6vMSP
   4cPJWtSJ0WxgZ46r7x6scxkcX+yQ+VEyP18VRGGXZFfSAlCgxWlO7s6Nm
   6Vq/sw86wqWJfJ4Kpb23GmoQINMNfaWmAvvqlK0hm4nmbvS/cC+4tVFyU
   fAPStuz99LTp5tEzp+OCCWac/wSL8hAYjRVWv5sKkuihVxhJ72hEqfPx8
   0TpfyMHse3vwq3AFO80OgpMSPtNtShBVRVC4V6pMieJVXkgDyw/1DvRVl
   A==;
X-IronPort-AV: E=McAfee;i="6500,9779,10556"; a="317483303"
X-IronPort-AV: E=Sophos;i="5.96,230,1665471600";
   d="scan'208";a="317483303"
Received: from fmsmga006.fm.intel.com ([10.253.24.20])
  by fmsmga103.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384;
 09 Dec 2022 05:25:36 -0800
X-IronPort-AV: E=McAfee;i="6500,9779,10556"; a="892670378"
X-IronPort-AV: E=Sophos;i="5.96,230,1665471600";
   d="scan'208";a="892670378"
Received: from elinares-mobl.ger.corp.intel.com (HELO box.shutemov.name)
 ([10.249.38.98])
  by fmsmga006-auth.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384;
 09 Dec 2022 05:25:33 -0800
Received: by box.shutemov.name (Postfix, from userid 1000)
        id 4B536109CE4; Fri,  9 Dec 2022 16:25:31 +0300 (+03)
From: "Kirill A. Shutemov" <kirill.shutemov@linux.intel.com>
To: Dave Hansen <dave.hansen@intel.com>,
        Borislav Petkov <bp@alien8.de>,
        Andy Lutomirski <luto@kernel.org>
Cc: Kuppuswamy Sathyanarayanan
        <sathyanarayanan.kuppuswamy@linux.intel.com>,
        Thomas Gleixner <tglx@linutronix.de>,
        Elena Reshetova <elena.reshetova@intel.com>, x86@kernel.org,
        linux-coco@lists.linux.dev, linux-kernel@vger.kernel.org,
        "Kirill A. Shutemov" <kirill.shutemov@linux.intel.com>
Subject: [PATCH 2/4] x86/tdx: Use ReportFatalError to report missing
 SEPT_VE_DISABLE
Date: Fri,  9 Dec 2022 16:25:22 +0300
Message-Id: <20221209132524.20200-3-kirill.shutemov@linux.intel.com>
X-Mailer: git-send-email 2.38.0
In-Reply-To: <20221209132524.20200-1-kirill.shutemov@linux.intel.com>
References: <20221209132524.20200-1-kirill.shutemov@linux.intel.com>
MIME-Version: 1.0
X-Spam-Status: No, score=-7.0 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH,
        DKIM_SIGNED,DKIM_VALID,DKIM_VALID_EF,RCVD_IN_DNSWL_HI,SPF_HELO_NONE,
        SPF_NONE autolearn=ham autolearn_force=no version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on
        lindbergh.monkeyblade.net
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org
X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?=
X-GMAIL-THRID: =?utf-8?q?1751743526062575264?=
X-GMAIL-MSGID: =?utf-8?q?1751743526062575264?=

The check for SEPT_VE_DISABLE happens early in the kernel boot where
earlyprintk is not yet functional. Kernel successfully detect broken
TD configuration and stops the kernel with panic(), but it cannot
communicate the reason to the user.

Use TDG.VP.VMCALL<ReportFatalError> to report the error. The hypercall
can encode message up to 64 bytes in eight registers.

Signed-off-by: Kirill A. Shutemov <kirill.shutemov@linux.intel.com>
---
 arch/x86/coco/tdx/tdx.c | 38 +++++++++++++++++++++++++++++++++++++-
 1 file changed, 37 insertions(+), 1 deletion(-)

diff --git a/arch/x86/coco/tdx/tdx.c b/arch/x86/coco/tdx/tdx.c
index cfd4c95b9f04..8ad04d101270 100644
--- a/arch/x86/coco/tdx/tdx.c
+++ b/arch/x86/coco/tdx/tdx.c
@@ -22,6 +22,7 @@
 
 /* TDX hypercall Leaf IDs */
 #define TDVMCALL_MAP_GPA		0x10001
+#define TDVMCALL_REPORT_FATAL_ERROR	0x10003
 
 /* MMIO direction */
 #define EPT_READ	0
@@ -140,6 +141,41 @@ int tdx_mcall_get_report0(u8 *reportdata, u8 *tdreport)
 }
 EXPORT_SYMBOL_GPL(tdx_mcall_get_report0);
 
+static void __noreturn tdx_panic(const char *msg)
+{
+	struct tdx_hypercall_args args = {
+		.r10 = TDX_HYPERCALL_STANDARD,
+		.r11 = TDVMCALL_REPORT_FATAL_ERROR,
+		.r12 = 0, /* Error code: 0 is Panic */
+	};
+	union {
+		/* Define register order according to the GHCI */
+		struct { u64 r14, r15, rbx, rdi, rsi, r8, r9, rdx; };
+
+		char str[64];
+	} message;
+
+	/* VMM assumes '\0' in byte 65, if the message took all 64 bytes */
+	strncpy(message.str, msg, 64);
+
+	args.r8  = message.r8;
+	args.r9  = message.r9;
+	args.r14 = message.r14;
+	args.r15 = message.r15;
+	args.rdi = message.rdi;
+	args.rsi = message.rsi;
+	args.rbx = message.rbx;
+	args.rdx = message.rdx;
+
+	/*
+	 * Keep calling the hypercall in case VMM did not terminated
+	 * the TD as it must.
+	 */
+	while (1) {
+		__tdx_hypercall(&args, 0);
+	}
+}
+
 static void tdx_parse_tdinfo(u64 *cc_mask)
 {
 	struct tdx_module_output out;
@@ -172,7 +208,7 @@ static void tdx_parse_tdinfo(u64 *cc_mask)
 	 */
 	td_attr = out.rdx;
 	if (!(td_attr & ATTR_SEPT_VE_DISABLE))
-		panic("TD misconfiguration: SEPT_VE_DISABLE attibute must be set.\n");
+		tdx_panic("TD misconfiguration: SEPT_VE_DISABLE attribute must be set.");
 }
 
 /*

From patchwork Fri Dec  9 13:25:23 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: "Kirill A. Shutemov" <kirill.shutemov@linux.intel.com>
X-Patchwork-Id: 31738
Return-Path: <linux-kernel-owner@vger.kernel.org>
Delivered-To: ouuuleilei@gmail.com
Received: by 2002:adf:f944:0:0:0:0:0 with SMTP id q4csp776365wrr;
        Fri, 9 Dec 2022 05:33:10 -0800 (PST)
X-Google-Smtp-Source: 
 AA0mqf52SSENNavlbLaHsKaSJWg8Ny3G9m8NepNnXSDMGXULXkF0nPPTKa9Iq+G8fz6Ms8y6fQgl
X-Received: by 2002:a05:6402:2a09:b0:461:a5ac:61e5 with SMTP id
 ey9-20020a0564022a0900b00461a5ac61e5mr5962594edb.15.1670592790290;
        Fri, 09 Dec 2022 05:33:10 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1670592790; cv=none;
        d=google.com; s=arc-20160816;
        b=lSpHokztBnHofLTVqbN7Q5eddSZOKU+TbAZQslZNsqB29i8KtSMJ3C/7EFs2Hd4lJ5
         oTjudHLPikyKyxbEeavNRJHLvkJY6tKxu3rJYt5LM7yBBgmHoELExtbRFEdm8Nc1lDCQ
         id//r81cRfp8bg9ie0bPdM+oBDs+ABOWKQPh3lTpqlT3QivRNW/nvJvk/1agYcMFtcaP
         tUEeCNW27kXhGRWzwnRozArDOsZvs672Ye1omJEI0aeARkaFe6YUkb7VzaKB2xdQJ07z
         ktXF4x4BGfbj9JeKVVbsOzLx0jrbbku4tKamIoa0K+0Ai8A7FnpXO+OBSN1KBKAheodU
         Vgsw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com;
 s=arc-20160816;
        h=list-id:precedence:content-transfer-encoding:mime-version
         :references:in-reply-to:message-id:date:subject:cc:to:from
         :dkim-signature;
        bh=8Ab+BHwMw5JrMZ5nH69W1iJRYFPXDZj8iLAgxJjoI+k=;
        b=z80nc7wAkFB4liGGMzvYCtNCDZFATKBZIQ9bOCaEUvJhXOHnB1qVUZ86fet2WvUjOE
         Kn3eau9wL+Ym4RSyFgWfKZXLKmTEULSsGXLtFmx2WaazNvvyvaK8OfZCmbMXWLsID7Q+
         8vLZN20No7ZkKLTOmOs1TamXb6o0Bg2gfFGGOPisNUQ1Yr+ELSROqWa4uE9vZUkrmclH
         3wJTkvgVrDSsFbwDUFa4TkqOEmzY+ARDA2mbRMwpw0TsAnc+ILxbOmMCmc0JattgzBz9
         NXxB9C9K4uFIVI1SYc6NfOP9UPOEMxB7qpDvY+gCxuMy9iLmzwMLagqXb5qCdNcDAqJD
         7yUA==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@intel.com header.s=Intel header.b=eiOtqLsq;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org
 designates 2620:137:e000::1:20 as permitted sender)
 smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com
Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20])
        by mx.google.com with ESMTP id
 c13-20020a509f8d000000b0046a9b3521fasi1307789edf.134.2022.12.09.05.32.35;
        Fri, 09 Dec 2022 05:33:10 -0800 (PST)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org
 designates 2620:137:e000::1:20 as permitted sender)
 client-ip=2620:137:e000::1:20;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@intel.com header.s=Intel header.b=eiOtqLsq;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org
 designates 2620:137:e000::1:20 as permitted sender)
 smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S229704AbiLINZk (ORCPT <rfc822;sophiezhao968@gmail.com>
        + 99 others); Fri, 9 Dec 2022 08:25:40 -0500
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:40824 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S229470AbiLINZh (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Fri, 9 Dec 2022 08:25:37 -0500
Received: from mga14.intel.com (mga14.intel.com [192.55.52.115])
        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id E64403D939
        for <linux-kernel@vger.kernel.org>;
 Fri,  9 Dec 2022 05:25:36 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple;
  d=intel.com; i=@intel.com; q=dns/txt; s=Intel;
  t=1670592336; x=1702128336;
  h=from:to:cc:subject:date:message-id:in-reply-to:
   references:mime-version:content-transfer-encoding;
  bh=pqHHbopmGNY5t74exyfAEgTwAvM3lKXws1pSWDVVq7U=;
  b=eiOtqLsqmiWyw/fKhuxkgg6TNRgyamHYXpC3EB+r2rMD+VBop8LIutWA
   g6j2Gs5mLtDpfjMNXvO/6lHiQ9GDtMJ2OmKIc66O0RUTbblA4qntosWiU
   RWiY+OlJONjuaU9gX1BmMKagabvJfcMgUDWx6eiOcomteBGxeHXSxWIu5
   0husm3qHGTk+KRa4RmHzbsBoAvQ4Pd97ou2zTI3OHOUNsJSTO5Dj6U+SZ
   Khm0sfc+gh8gvorP4ZK5i02085+CIzVs5JUd5OOEkcIaAxd6jOcICDXBN
   aSBEXrush8R/FTqNdZzxMCsB9yMFxGcyVlukZstbSaBah7UVq2vXysJ/p
   Q==;
X-IronPort-AV: E=McAfee;i="6500,9779,10556"; a="317483308"
X-IronPort-AV: E=Sophos;i="5.96,230,1665471600";
   d="scan'208";a="317483308"
Received: from fmsmga006.fm.intel.com ([10.253.24.20])
  by fmsmga103.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384;
 09 Dec 2022 05:25:36 -0800
X-IronPort-AV: E=McAfee;i="6500,9779,10556"; a="892670376"
X-IronPort-AV: E=Sophos;i="5.96,230,1665471600";
   d="scan'208";a="892670376"
Received: from elinares-mobl.ger.corp.intel.com (HELO box.shutemov.name)
 ([10.249.38.98])
  by fmsmga006-auth.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384;
 09 Dec 2022 05:25:33 -0800
Received: by box.shutemov.name (Postfix, from userid 1000)
        id 54B84109CE5; Fri,  9 Dec 2022 16:25:31 +0300 (+03)
From: "Kirill A. Shutemov" <kirill.shutemov@linux.intel.com>
To: Dave Hansen <dave.hansen@intel.com>,
        Borislav Petkov <bp@alien8.de>,
        Andy Lutomirski <luto@kernel.org>
Cc: Kuppuswamy Sathyanarayanan
        <sathyanarayanan.kuppuswamy@linux.intel.com>,
        Thomas Gleixner <tglx@linutronix.de>,
        Elena Reshetova <elena.reshetova@intel.com>, x86@kernel.org,
        linux-coco@lists.linux.dev, linux-kernel@vger.kernel.org,
        "Kirill A. Shutemov" <kirill.shutemov@linux.intel.com>
Subject: [PATCH 3/4] x86/tdx: Relax SEPT_VE_DISABLE check for debug TD
Date: Fri,  9 Dec 2022 16:25:23 +0300
Message-Id: <20221209132524.20200-4-kirill.shutemov@linux.intel.com>
X-Mailer: git-send-email 2.38.0
In-Reply-To: <20221209132524.20200-1-kirill.shutemov@linux.intel.com>
References: <20221209132524.20200-1-kirill.shutemov@linux.intel.com>
MIME-Version: 1.0
X-Spam-Status: No, score=-7.0 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH,
        DKIM_SIGNED,DKIM_VALID,DKIM_VALID_EF,RCVD_IN_DNSWL_HI,SPF_HELO_NONE,
        SPF_NONE autolearn=ham autolearn_force=no version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on
        lindbergh.monkeyblade.net
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org
X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?=
X-GMAIL-THRID: =?utf-8?q?1751743505804073232?=
X-GMAIL-MSGID: =?utf-8?q?1751743505804073232?=

SEPT_VE_DISABLE check is required to keep the TD protected from VMM
attacks, but it makes harder to debug guest kernel bugs. If guest
touches unaccepted memory the TD will get terminated without any
traces on what has happened.

Relax the SEPT_VE_DISABLE check to warning on debug TD and panic() in
the #VE handler on EPT-violation on private memory. It will produce
useful backtrace.

Signed-off-by: Kirill A. Shutemov <kirill.shutemov@linux.intel.com>
---
 arch/x86/coco/tdx/tdx.c | 14 ++++++++++++--
 1 file changed, 12 insertions(+), 2 deletions(-)

diff --git a/arch/x86/coco/tdx/tdx.c b/arch/x86/coco/tdx/tdx.c
index 8ad04d101270..0e47846ff8ff 100644
--- a/arch/x86/coco/tdx/tdx.c
+++ b/arch/x86/coco/tdx/tdx.c
@@ -38,6 +38,7 @@
 #define VE_GET_PORT_NUM(e)	((e) >> 16)
 #define VE_IS_IO_STRING(e)	((e) & BIT(4))
 
+#define ATTR_DEBUG		BIT(0)
 #define ATTR_SEPT_VE_DISABLE	BIT(28)
 
 /* TDX Module call error codes */
@@ -207,8 +208,15 @@ static void tdx_parse_tdinfo(u64 *cc_mask)
 	 * TD-private memory.  Only VMM-shared memory (MMIO) will #VE.
 	 */
 	td_attr = out.rdx;
-	if (!(td_attr & ATTR_SEPT_VE_DISABLE))
-		tdx_panic("TD misconfiguration: SEPT_VE_DISABLE attribute must be set.");
+	if (!(td_attr & ATTR_SEPT_VE_DISABLE)) {
+		const char *msg = "TD misconfiguration: SEPT_VE_DISABLE attribute must be set.";
+
+		/* Relax SEPT_VE_DISABLE check for debug TD. */
+		if (td_attr & ATTR_DEBUG)
+			pr_warn("%s\n", msg);
+		else
+			tdx_panic(msg);
+	}
 }
 
 /*
@@ -682,6 +690,8 @@ static int virt_exception_kernel(struct pt_regs *regs, struct ve_info *ve)
 	case EXIT_REASON_CPUID:
 		return handle_cpuid(regs, ve);
 	case EXIT_REASON_EPT_VIOLATION:
+		if (ve->gpa != cc_mkdec(ve->gpa))
+			panic("Unexpected EPT-violation on private memory.");
 		return handle_mmio(regs, ve);
 	case EXIT_REASON_IO_INSTRUCTION:
 		return handle_io(regs, ve);

From patchwork Fri Dec  9 13:25:24 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: "Kirill A. Shutemov" <kirill.shutemov@linux.intel.com>
X-Patchwork-Id: 31741
Return-Path: <linux-kernel-owner@vger.kernel.org>
Delivered-To: ouuuleilei@gmail.com
Received: by 2002:adf:f944:0:0:0:0:0 with SMTP id q4csp777920wrr;
        Fri, 9 Dec 2022 05:36:06 -0800 (PST)
X-Google-Smtp-Source: 
 AA0mqf6An4Xb+kgTzjnY4KNiGtKICdGVN972kLlSswS3vU321cz1gKukqgChwpeQhztHoa9iFDli
X-Received: by 2002:a17:902:7890:b0:188:fc0c:cdb1 with SMTP id
 q16-20020a170902789000b00188fc0ccdb1mr5901593pll.16.1670592966645;
        Fri, 09 Dec 2022 05:36:06 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1670592966; cv=none;
        d=google.com; s=arc-20160816;
        b=dU/dSRRkTNvWb2xUp9niLxmlSCNZrE6qaVQlr0qLgha6lE1tcS7Eds7gGzLN1NREGW
         wSubz3DNiduCVDtp4Ogx5Ev60DwkFFylHVcl1KEVnabHTrEpUL+M2Nfkn/6Y7qiaxzdu
         oXqyY1fRNoDQv+lJ7WrO8/HVZ7zsa+vO1/X9TxsUOkfCZr3pNQQzX8ISDdJhJNSYpE79
         /2EyM4DuQnR8RR/gHNn2M92AH/vvy/V9rBTlteym4RFZURCj0s1t9fQLGZEeb+yeIwf1
         3aMmvlalpMI2rngyAegMJ0gO/TBUx/QF8x0sN6771T1Tq9R65hFe3WXfH26EKJc1VJ6S
         Yvyw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com;
 s=arc-20160816;
        h=list-id:precedence:content-transfer-encoding:mime-version
         :references:in-reply-to:message-id:date:subject:cc:to:from
         :dkim-signature;
        bh=ec98HwFNaKVB4dbUFRAk5lWSb9M/krgLzvwHU9yyOO0=;
        b=uQm1LSm5BV2dKUjimM7YuV+fQsbQZMMKxfSMg6tb2AhjUZz25QCJmtlLN0N+kkA0Kt
         WIpWaJg+X4i9HJjYxR+4fdiNx9w7J6Cc3IWx6I2m8V9B07zRhY5tVkoYS5nAAkjrQ95u
         9Ii1t8Om4G1qVk6xDyjIEwkVVhvCn1zm3BfBplFrQ5y895ljY8KrgU4pJs7bVowWT0tR
         olcF7K6CEhxeK/SdefWoW7Gu5gqN/9bqznMG2aKUZk80YU6V/XjLdSlHwySOn3A64K+O
         EKh/5f2MDuMjbNckzSG6M1EZoCZje4aBSB7tMBsndCKFcxv40a1I8FcPSDobEvs4QBC/
         VOsw==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@intel.com header.s=Intel header.b=dlgY7rue;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org
 designates 2620:137:e000::1:20 as permitted sender)
 smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com
Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20])
        by mx.google.com with ESMTP id
 i19-20020a170902e49300b0018c166e2304si1452311ple.299.2022.12.09.05.35.51;
        Fri, 09 Dec 2022 05:36:06 -0800 (PST)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org
 designates 2620:137:e000::1:20 as permitted sender)
 client-ip=2620:137:e000::1:20;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@intel.com header.s=Intel header.b=dlgY7rue;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org
 designates 2620:137:e000::1:20 as permitted sender)
 smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S229955AbiLINZq (ORCPT <rfc822;sophiezhao968@gmail.com>
        + 99 others); Fri, 9 Dec 2022 08:25:46 -0500
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:40840 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S229646AbiLINZj (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Fri, 9 Dec 2022 08:25:39 -0500
Received: from mga14.intel.com (mga14.intel.com [192.55.52.115])
        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 4B2533D939
        for <linux-kernel@vger.kernel.org>;
 Fri,  9 Dec 2022 05:25:38 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple;
  d=intel.com; i=@intel.com; q=dns/txt; s=Intel;
  t=1670592338; x=1702128338;
  h=from:to:cc:subject:date:message-id:in-reply-to:
   references:mime-version:content-transfer-encoding;
  bh=8ftr4Pgs9drQ0/lSGEE7hL10OZnO7CDBLzLz4s18Rn4=;
  b=dlgY7ruediAL+2IEdYCLk0WjffddYBakEO+OuFRr7W+Z25un5oxncPcZ
   2kOMujZcrcVN0Qu1snozu7iFNiBHKjlQUNSY+LWEHAMN9FAR7KQS2r7+b
   GciUYu6lnEC2qjTcT8Z6SkNEuaXUsJ2K4WAW9i6edTZn90/Ar1NZdTijQ
   aCVk1viyCfICH5ZVcO2QviSqHzXW6pxBYVxsngCOpVe6UMtcxdmG4qG9y
   RHfUjA0GQtCwc79q2QLXJCugyxyv0M1CCA9sM062imrpN+7R+qfUZxR8C
   AnkmXGn/M7CIr60F2njA7ytMIwpXBsIO90qAt0YpgVVhzDWMT5sq3Ur6W
   A==;
X-IronPort-AV: E=McAfee;i="6500,9779,10556"; a="317483313"
X-IronPort-AV: E=Sophos;i="5.96,230,1665471600";
   d="scan'208";a="317483313"
Received: from fmsmga006.fm.intel.com ([10.253.24.20])
  by fmsmga103.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384;
 09 Dec 2022 05:25:36 -0800
X-IronPort-AV: E=McAfee;i="6500,9779,10556"; a="892670380"
X-IronPort-AV: E=Sophos;i="5.96,230,1665471600";
   d="scan'208";a="892670380"
Received: from elinares-mobl.ger.corp.intel.com (HELO box.shutemov.name)
 ([10.249.38.98])
  by fmsmga006-auth.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384;
 09 Dec 2022 05:25:33 -0800
Received: by box.shutemov.name (Postfix, from userid 1000)
        id 5D6DF109CE6; Fri,  9 Dec 2022 16:25:31 +0300 (+03)
From: "Kirill A. Shutemov" <kirill.shutemov@linux.intel.com>
To: Dave Hansen <dave.hansen@intel.com>,
        Borislav Petkov <bp@alien8.de>,
        Andy Lutomirski <luto@kernel.org>
Cc: Kuppuswamy Sathyanarayanan
        <sathyanarayanan.kuppuswamy@linux.intel.com>,
        Thomas Gleixner <tglx@linutronix.de>,
        Elena Reshetova <elena.reshetova@intel.com>, x86@kernel.org,
        linux-coco@lists.linux.dev, linux-kernel@vger.kernel.org,
        "Kirill A. Shutemov" <kirill.shutemov@linux.intel.com>
Subject: [PATCH 4/4] x86/tdx: Disable NOTIFY_ENABLES
Date: Fri,  9 Dec 2022 16:25:24 +0300
Message-Id: <20221209132524.20200-5-kirill.shutemov@linux.intel.com>
X-Mailer: git-send-email 2.38.0
In-Reply-To: <20221209132524.20200-1-kirill.shutemov@linux.intel.com>
References: <20221209132524.20200-1-kirill.shutemov@linux.intel.com>
MIME-Version: 1.0
X-Spam-Status: No, score=-7.0 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH,
        DKIM_SIGNED,DKIM_VALID,DKIM_VALID_EF,RCVD_IN_DNSWL_HI,SPF_HELO_NONE,
        SPF_NONE autolearn=ham autolearn_force=no version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on
        lindbergh.monkeyblade.net
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org
X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?=
X-GMAIL-THRID: =?utf-8?q?1751743690458697950?=
X-GMAIL-MSGID: =?utf-8?q?1751743690458697950?=

== Background ==

There is a class of side-channel attacks against SGX enclaves called
"SGX Step"[1]. These attacks create lots of exceptions inside of
enclaves. Basically, run an in-enclave instruction, cause an exception.
Over and over.

There is a concern that a VMM could attack a TDX guest in the same way
by causing lots of #VE's. The TDX architecture includes new
countermeasures for these attacks. It basically counts the number of
exceptions and can send another *special* exception once the number of
VMM-induced #VE's hits a critical threshold[2].

== Problem ==

But, these special exceptions are independent of any action that the
guest takes. They can occur anywhere that the guest executes. This
includes sensitive areas like the entry code. The (non-paranoid) #VE
handler is incapable of handling exceptions in these areas.

== Solution ==

Fortunately, the special exceptions can be disabled by the guest via
write to NOTIFY_ENABLES TDCS field. NOTIFY_ENABLES is disabled by
default, but might be enabled by a bootloader, firmware or an earlier
kernel before the current kernel runs.

Disable NOTIFY_ENABLES feature explicitly and unconditionally. Any
NOTIFY_ENABLES-based #VE's that occur before this point will end up
in the early #VE exception handler and die due to unexpected exit
reason.

[1] https://github.com/jovanbulck/sgx-step
[2] https://intel.github.io/ccc-linux-guest-hardening-docs/security-spec.html#safety-against-ve-in-kernel-code

Signed-off-by: Kirill A. Shutemov <kirill.shutemov@linux.intel.com>
Reviewed-by: Dave Hansen <dave.hansen@intel.com>
---
 arch/x86/coco/tdx/tdx.c | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/arch/x86/coco/tdx/tdx.c b/arch/x86/coco/tdx/tdx.c
index 0e47846ff8ff..c93c2fd2e113 100644
--- a/arch/x86/coco/tdx/tdx.c
+++ b/arch/x86/coco/tdx/tdx.c
@@ -19,6 +19,10 @@
 #define TDX_GET_VEINFO			3
 #define TDX_GET_REPORT			4
 #define TDX_ACCEPT_PAGE			6
+#define TDX_WR				8
+
+/* TDCS fields. To be used by TDG.VM.WR and TDG.VM.RD module calls */
+#define TDCS_NOTIFY_ENABLES		0x9100000000000010
 
 /* TDX hypercall Leaf IDs */
 #define TDVMCALL_MAP_GPA		0x10001
@@ -858,6 +862,9 @@ void __init tdx_early_init(void)
 	tdx_parse_tdinfo(&cc_mask);
 	cc_set_mask(cc_mask);
 
+	/* Kernel does not use NOTIFY_ENABLES and does not need random #VEs */
+	tdx_module_call(TDX_WR, 0, TDCS_NOTIFY_ENABLES, 0, -1ULL, NULL);
+
 	/*
 	 * All bits above GPA width are reserved and kernel treats shared bit
 	 * as flag, not as part of physical address.