From patchwork Wed Jan 31 23:09:01 2024
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Paolo Bonzini <pbonzini@redhat.com>
X-Patchwork-Id: 195057
Return-Path: <linux-kernel+bounces-47342-ouuuleilei=gmail.com@vger.kernel.org>
Delivered-To: ouuuleilei@gmail.com
Received: by 2002:a05:693c:2685:b0:106:209c:c626 with SMTP id mn5csp92134dyc;
        Wed, 31 Jan 2024 15:35:07 -0800 (PST)
X-Google-Smtp-Source: 
 AGHT+IHPMcLge5l40ItnTUBNy7GsdMeRj4mYXv6UmRhLLO48QZcEkY5+hwcQxds7OOs9AnBOZsYQ
X-Received: by 2002:a05:6a00:190b:b0:6dd:c3fd:45fb with SMTP id
 y11-20020a056a00190b00b006ddc3fd45fbmr617518pfi.24.1706744107478;
        Wed, 31 Jan 2024 15:35:07 -0800 (PST)
ARC-Seal: i=2; a=rsa-sha256; t=1706744107; cv=pass;
        d=google.com; s=arc-20160816;
        b=j9gW2+4zl1JGzASNjAvFcDiwJeMuR8gQy/jdX+60TcyZdTQu89OSaNH0AoF3p8Tk6U
         Vg3D/Q/IaD5ti2HYHAzn5iQBDO0ZnnozwZzIgim4WkBomRThXk3D2HbTRPwOfYproapU
         o+zVUacE26bF7290yeTNlZXvLlGj18Tvm796sjOujsQvXVqh/XgQo8iViOlsKaW0eICc
         r+xsTxMGVpQT0wLtaVsgNPcOEkg89JXjAKLGuaWZtO2AjQjucXflYif1Ps8nIdNuIRE5
         3Rg0SHRWfTUZ81JXD7gBjd8smW0G4zrZ/lwSw0pubRUj9QYFFoTEoQAU4NKts6DV5Rbd
         sMUw==
ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com;
 s=arc-20160816;
        h=content-transfer-encoding:mime-version:list-unsubscribe
         :list-subscribe:list-id:precedence:references:in-reply-to:message-id
         :date:subject:cc:to:from:dkim-signature;
        bh=6tcUd6aqQBTGujreDUlh09+Wd/lkDDTLdTqmcFaCI+4=;
        fh=LkyM0paA+uIjvWNEkKP1gbKLlG6BZkgS4qce0HcNW2s=;
        b=WLt2CVJSz0WUThvNcWM9wRqJg5edXyWLUf15B5h2PbTB4b/6ycl6mZXiDgFA+F3YH/
         aZjQsCwDXE8dhBm/wlSSROFQpLCi2+Q/ogaSlHSrIJzUl5OjvrxYtjtJ9MbnS6L4O8aU
         9LxqNoFQne7QsTYs3hF8RK0z34gvp1gCe4x4bYD1B6JnVoyDF/Va8AkDwadRGuBmUqca
         69D7QkV7ISwh+K0rf2/MTfHJSh3qZ0g2XIOKvO36G4J5xJ3VY/+3opNIemNuF2VDuGB4
         CJCSrMtva4scpeP4RwoSTwkq62YOTvPF7caXenyIvbk97DGbtKQOTGiL26QPhWDvL6Rz
         XajA==;
        dara=google.com
ARC-Authentication-Results: i=2; mx.google.com;
       dkim=pass header.i=@redhat.com header.s=mimecast20190719
 header.b=CKopBDI5;
       arc=pass (i=1 spf=pass spfdomain=redhat.com dkim=pass
 dkdomain=redhat.com dmarc=pass fromdomain=redhat.com);
       spf=pass (google.com: domain of
 linux-kernel+bounces-47342-ouuuleilei=gmail.com@vger.kernel.org designates
 139.178.88.99 as permitted sender)
 smtp.mailfrom="linux-kernel+bounces-47342-ouuuleilei=gmail.com@vger.kernel.org";
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com
X-Forwarded-Encrypted: i=1;
 AJvYcCW4CZ/cS76qlR0P6LIYKAeyl4VOr/61/yLHSve6Cz4ThcHT1fZRQxy/69NWV+MGjVWb6bCDhQn81pBog48Ji4vRzPeG8Q==
Received: from sv.mirrors.kernel.org (sv.mirrors.kernel.org. [139.178.88.99])
        by mx.google.com with ESMTPS id
 h21-20020a056a00219500b006dd82ed2c1csi10704999pfi.84.2024.01.31.15.35.07
        for <ouuuleilei@gmail.com>
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Wed, 31 Jan 2024 15:35:07 -0800 (PST)
Received-SPF: pass (google.com: domain of
 linux-kernel+bounces-47342-ouuuleilei=gmail.com@vger.kernel.org designates
 139.178.88.99 as permitted sender) client-ip=139.178.88.99;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@redhat.com header.s=mimecast20190719
 header.b=CKopBDI5;
       arc=pass (i=1 spf=pass spfdomain=redhat.com dkim=pass
 dkdomain=redhat.com dmarc=pass fromdomain=redhat.com);
       spf=pass (google.com: domain of
 linux-kernel+bounces-47342-ouuuleilei=gmail.com@vger.kernel.org designates
 139.178.88.99 as permitted sender)
 smtp.mailfrom="linux-kernel+bounces-47342-ouuuleilei=gmail.com@vger.kernel.org";
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com
Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org
 [52.25.139.140])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by sv.mirrors.kernel.org (Postfix) with ESMTPS id D8584286688
	for <ouuuleilei@gmail.com>; Wed, 31 Jan 2024 23:27:26 +0000 (UTC)
Received: from localhost.localdomain (localhost.localdomain [127.0.0.1])
	by smtp.subspace.kernel.org (Postfix) with ESMTP id 4FA5C481A7;
	Wed, 31 Jan 2024 23:09:16 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org;
	dkim=pass (1024-bit key) header.d=redhat.com header.i=@redhat.com
 header.b="CKopBDI5"
Received: from us-smtp-delivery-124.mimecast.com
 (us-smtp-delivery-124.mimecast.com [170.10.129.124])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id AEADA47A55
	for <linux-kernel@vger.kernel.org>; Wed, 31 Jan 2024 23:09:11 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org;
 arc=none smtp.client-ip=170.10.129.124
ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;
	t=1706742553; cv=none;
 b=qVl3yj82Y8lS1d0SrXP/aPTanDcqVZ2D+pgjOKnCq/yx9L8akHGXArfr9Z7yHCsf2iKE2djD0cIuLwtlEQswThF0fAHelCiccrlguifQZr3+qFus+qeffWLVTaKa1lWlr2zrh5i1YrU2/ArllUD/ktOj/DY0DaUyMsJp6wMElQI=
ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org;
	s=arc-20240116; t=1706742553; c=relaxed/simple;
	bh=AITC0g6KpE00MHHi4gqzkoS6GaRfFWD8G+vwLdrjOPo=;
	h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References:
	 MIME-Version:Content-Type;
 b=SqtKTAOwaFdWEh3Eh/rR4C6NRgKbCe0U9dICRNzVGbT6SbM/ZKQzabnzdBOhRQk7DxUp8rz9hlOTz6A08lNsRGbN8bKWL6WwPiSAs4w5z1RVJzw8e4rzaXqnjuqVLX/vArK5w31q8VdvRbdKTh/XgECId14lh5rQOtdIOqTnM9c=
ARC-Authentication-Results: i=1; smtp.subspace.kernel.org;
 dmarc=pass (p=none dis=none) header.from=redhat.com;
 spf=pass smtp.mailfrom=redhat.com;
 dkim=pass (1024-bit key) header.d=redhat.com header.i=@redhat.com
 header.b=CKopBDI5; arc=none smtp.client-ip=170.10.129.124
Authentication-Results: smtp.subspace.kernel.org;
 dmarc=pass (p=none dis=none) header.from=redhat.com
Authentication-Results: smtp.subspace.kernel.org;
 spf=pass smtp.mailfrom=redhat.com
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com;
	s=mimecast20190719; t=1706742550;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding:
	 in-reply-to:in-reply-to:references:references;
	bh=6tcUd6aqQBTGujreDUlh09+Wd/lkDDTLdTqmcFaCI+4=;
	b=CKopBDI5X/zXFBzQsOiazKhh1+vPFMTEDXmkL/FzaplWVVDTL66FVjCQvwtyKbS500tZtt
	fZSZcVHDnfICupYD5r/Mj0RXDh70MXpHdjk2i0/7SB6UBZz0YanPVIBUVxkcm27v7b5UfL
	3NVapYn6xs4rNx/Xsx7wCtmMf893ruY=
Received: from mail-wr1-f71.google.com (mail-wr1-f71.google.com
 [209.85.221.71]) by relay.mimecast.com with ESMTP with STARTTLS
 (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id
 us-mta-635-oPTCD6TwMMK2Lt-cLSZfbQ-1; Wed, 31 Jan 2024 18:09:09 -0500
X-MC-Unique: oPTCD6TwMMK2Lt-cLSZfbQ-1
Received: by mail-wr1-f71.google.com with SMTP id
 ffacd0b85a97d-33b04ad091eso100064f8f.0
        for <linux-kernel@vger.kernel.org>;
 Wed, 31 Jan 2024 15:09:09 -0800 (PST)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1706742547; x=1707347347;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc
         :subject:date:message-id:reply-to;
        bh=6tcUd6aqQBTGujreDUlh09+Wd/lkDDTLdTqmcFaCI+4=;
        b=tKVzBcB0/qMCY5E4AAM7k6dQ/NAIf55OAMyoZSuTthBqPFvp4WETfjLL4HWnvrvfYW
         7DLZuY0wimHb3Ys5bGBKGlFdlKHqTGKh2eolljJBKnYeLfNV9xwaX19sXhsjiZLCUodQ
         NQpXvsc2veCncOIsyDGcwHaVreuSOHhmDjBejfPfKhGNcOq2mCyoT9N+3Az0kIqVCBY9
         YkdXRYr7YEsiKD+iA/KY6E8txLeE3a+TyFkxW1tlMp0vLUqjO/0QsGkVYiz78j8USQ8+
         +3pOOt7VgPIPZV+fYGmricBne3KIPjDkfsOOKAyO12a7hfIqGsDXeBaTKjMED/V6Tx7r
         PNkw==
X-Gm-Message-State: AOJu0YznS8SSvYnHR2i8Qc/cRUddkDhOGUbaNps90PEwKssxA3rIGalT
	fU1OFmOCbw3+oo+lgQR87ehlnlO1ZpQsfEFfXMJKSa773ZG+aGgA3awmW4K/P+RYDyxsL3DCvPQ
	fhHxzp73lskN7E3wBez3ecBM7QmGZv55GcvS9xPwTkwpVbGUmV2OG2YtBMtdwwwRn/TzdG8FoNv
	tv3eVXbJASqRRzquVdSfon9zsih2OyfXkk+In5Qc39QEgJCIAp
X-Received: by 2002:adf:e2c5:0:b0:33a:fe3b:b2ae with SMTP id
 d5-20020adfe2c5000000b0033afe3bb2aemr1897580wrj.66.1706742547340;
        Wed, 31 Jan 2024 15:09:07 -0800 (PST)
X-Received: by 2002:adf:e2c5:0:b0:33a:fe3b:b2ae with SMTP id
 d5-20020adfe2c5000000b0033afe3bb2aemr1897565wrj.66.1706742547097;
        Wed, 31 Jan 2024 15:09:07 -0800 (PST)
Received: from [10.10.0.32] ([213.214.41.32])
        by smtp.gmail.com with ESMTPSA id
 a2-20020a5d4d42000000b0033afe816977sm3900965wru.66.2024.01.31.15.09.04
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Wed, 31 Jan 2024 15:09:05 -0800 (PST)
From: Paolo Bonzini <pbonzini@redhat.com>
To: linux-kernel@vger.kernel.org,
	kvm@vger.kernel.org
Cc: Zixi Chen <zixchen@redhat.com>,
	Adam Dunlap <acdunlap@google.com>,
	"Kirill A . Shutemov" <kirill.shutemov@linux.intel.com>,
	Xiaoyao Li <xiaoyao.li@intel.com>,
	Kai Huang <kai.huang@intel.com>,
	Dave Hansen <dave.hansen@linux.intel.com>,
	Thomas Gleixner <tglx@linutronix.de>,
	Ingo Molnar <mingo@kernel.org>,
	x86@kernel.org,
	stable@vger.kernel.org
Subject: [PATCH v2 1/2] x86/cpu: allow reducing x86_phys_bits during
 early_identify_cpu()
Date: Thu,  1 Feb 2024 00:09:01 +0100
Message-ID: <20240131230902.1867092-2-pbonzini@redhat.com>
X-Mailer: git-send-email 2.43.0
In-Reply-To: <20240131230902.1867092-1-pbonzini@redhat.com>
References: <20240131230902.1867092-1-pbonzini@redhat.com>
Precedence: bulk
X-Mailing-List: linux-kernel@vger.kernel.org
List-Id: <linux-kernel.vger.kernel.org>
List-Subscribe: <mailto:linux-kernel+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:linux-kernel+unsubscribe@vger.kernel.org>
MIME-Version: 1.0
X-getmail-retrieved-from-mailbox: INBOX
X-GMAIL-THRID: 1789650908788699999
X-GMAIL-MSGID: 1789650908788699999

In commit fbf6449f84bf ("x86/sev-es: Set x86_virt_bits to the correct
value straight away, instead of a two-phase approach"), the initialization
of c->x86_phys_bits was moved after this_cpu->c_early_init(c).  This is
incorrect because early_init_amd() expected to be able to reduce the
value according to the contents of CPUID leaf 0x8000001f.

Fortunately, the bug was negated by init_amd()'s call to early_init_amd(),
which does reduce x86_phys_bits in the end.  However, this is very
late in the boot process and, most notably, the wrong value is used for
x86_phys_bits when setting up MTRRs.

To fix this, call get_cpu_address_sizes() as soon as X86_FEATURE_CPUID is
set/cleared, and c->extended_cpuid_level is retrieved.

Fixes: fbf6449f84bf ("x86/sev-es: Set x86_virt_bits to the correct value straight away, instead of a two-phase approach")
Cc: Adam Dunlap <acdunlap@google.com>
Cc: Kirill A. Shutemov <kirill.shutemov@linux.intel.com>
Cc: Xiaoyao Li <xiaoyao.li@intel.com>
Cc: Kai Huang <kai.huang@intel.com>
Cc: Dave Hansen <dave.hansen@linux.intel.com>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: Ingo Molnar <mingo@kernel.org>
Cc: x86@kernel.org
Cc: stable@vger.kernel.org
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Reviewed-by: Kirill A. Shutemov <kirill.shutemov@linux.intel.com>
Acked-by: Kai Huang <kai.huang@intel.com>
---
 arch/x86/kernel/cpu/common.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/arch/x86/kernel/cpu/common.c b/arch/x86/kernel/cpu/common.c
index 0b97bcde70c6..fbc4e60d027c 100644
--- a/arch/x86/kernel/cpu/common.c
+++ b/arch/x86/kernel/cpu/common.c
@@ -1589,6 +1589,7 @@ static void __init early_identify_cpu(struct cpuinfo_x86 *c)
 		get_cpu_vendor(c);
 		get_cpu_cap(c);
 		setup_force_cpu_cap(X86_FEATURE_CPUID);
+		get_cpu_address_sizes(c);
 		cpu_parse_early_param();
 
 		if (this_cpu->c_early_init)
@@ -1601,10 +1602,9 @@ static void __init early_identify_cpu(struct cpuinfo_x86 *c)
 			this_cpu->c_bsp_init(c);
 	} else {
 		setup_clear_cpu_cap(X86_FEATURE_CPUID);
+		get_cpu_address_sizes(c);
 	}
 
-	get_cpu_address_sizes(c);
-
 	setup_force_cpu_cap(X86_FEATURE_ALWAYS);
 
 	cpu_set_bug_bits(c);

From patchwork Wed Jan 31 23:09:02 2024
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Paolo Bonzini <pbonzini@redhat.com>
X-Patchwork-Id: 195045
Return-Path: <linux-kernel+bounces-47343-ouuuleilei=gmail.com@vger.kernel.org>
Delivered-To: ouuuleilei@gmail.com
Received: by 2002:a05:693c:2685:b0:106:209c:c626 with SMTP id mn5csp89107dyc;
        Wed, 31 Jan 2024 15:28:17 -0800 (PST)
X-Google-Smtp-Source: 
 AGHT+IECtSNxvX0JmSlUm+DDrxvd9iBToLK3Q9FYVTLECogx7PX+FB0mqiTVdWqR14z3MHjbW0OA
X-Received: by 2002:aa7:c3cc:0:b0:55f:43f4:9ba with SMTP id
 l12-20020aa7c3cc000000b0055f43f409bamr1922172edr.34.1706743697258;
        Wed, 31 Jan 2024 15:28:17 -0800 (PST)
ARC-Seal: i=2; a=rsa-sha256; t=1706743697; cv=pass;
        d=google.com; s=arc-20160816;
        b=C+UbM5Prz3azpZ0YwpYXf+mIrTK1/fHQwOYZKIwvexfaxPzdYbU7kIifExXgdWzGEs
         rZoiC172inp0HYVO8G5FiK9LoPK8tpo8ewhFwi5ibpH8XHgpBSvnEJPz5+7l6ao0HSS/
         33gCqu8RuAjMpf/hgmvd0WJSbJ0XVJY6RwUQ9V16lvM6c2KVBZBjA02HP/jWbsFggOfL
         d9+cEJJoTCTXGbWrrU02Ma+sVzy+avg8qWYeixGHISRdlVDR5BeW3g84w9H5dYFqGk5E
         mCQd55DFcOJ5GNwJA+71zoyp/HL49CNpcuJ1FSTOL0ZPK0vovpOp94LBqY7YkfOZbzPT
         JUqQ==
ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com;
 s=arc-20160816;
        h=content-transfer-encoding:mime-version:list-unsubscribe
         :list-subscribe:list-id:precedence:references:in-reply-to:message-id
         :date:subject:cc:to:from:dkim-signature;
        bh=AVF+MMqBraYuLEZ3nz+rh5hR3QYgKQlXNiv3cB3L9Yk=;
        fh=Y6DTjTrxqjRq381jXYMILstiV7YjsDBTQNYM7XkRDrY=;
        b=RjW3V01CYFVbQV6I/BCgPbqlVvOL17xhkEm8MUdNTh/FKgmnz2wtke+QBsrMz3sodu
         2tjZ4X7wr+VF2OoXS25ATP3o0s/UZfgvoiUw1VJmhgbcNIWl317UDZ5kibucMzCm2kuX
         KrclDScq/izbZrpw+TsbfL888X6bXW5m6PJ5ru5o562NIQTodo04PT2T6nRUF1aRwi1U
         9aK73aniI9GpFIhomy9w4UR8b8f9XnJkCLlUPanHmRbyEO2Wk/I5m5aXg7PpXxQyBZgP
         DNKmV+InF9HecWS3IEDTsw8BgBzYPVk3G81WaeJzdGQd9kMOTdHFwI7xPYIARr5mjmem
         bcng==;
        dara=google.com
ARC-Authentication-Results: i=2; mx.google.com;
       dkim=pass header.i=@redhat.com header.s=mimecast20190719
 header.b=ILjcVmBi;
       arc=pass (i=1 spf=pass spfdomain=redhat.com dkim=pass
 dkdomain=redhat.com dmarc=pass fromdomain=redhat.com);
       spf=pass (google.com: domain of
 linux-kernel+bounces-47343-ouuuleilei=gmail.com@vger.kernel.org designates
 147.75.80.249 as permitted sender)
 smtp.mailfrom="linux-kernel+bounces-47343-ouuuleilei=gmail.com@vger.kernel.org";
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com
X-Forwarded-Encrypted: i=1;
 AJvYcCUV/qVhp8k4bCufTNkviEJNP6VHT7GdZEPvVz+HDzRrnjfJ/4W2sm6FQEMdxPV0qwABAP2aqQ/ysoqGK5zfX4/qkmDYog==
Received: from am.mirrors.kernel.org (am.mirrors.kernel.org. [147.75.80.249])
        by mx.google.com with ESMTPS id
 cm3-20020a0564020c8300b0055f9278c347si814418edb.645.2024.01.31.15.28.17
        for <ouuuleilei@gmail.com>
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Wed, 31 Jan 2024 15:28:17 -0800 (PST)
Received-SPF: pass (google.com: domain of
 linux-kernel+bounces-47343-ouuuleilei=gmail.com@vger.kernel.org designates
 147.75.80.249 as permitted sender) client-ip=147.75.80.249;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@redhat.com header.s=mimecast20190719
 header.b=ILjcVmBi;
       arc=pass (i=1 spf=pass spfdomain=redhat.com dkim=pass
 dkdomain=redhat.com dmarc=pass fromdomain=redhat.com);
       spf=pass (google.com: domain of
 linux-kernel+bounces-47343-ouuuleilei=gmail.com@vger.kernel.org designates
 147.75.80.249 as permitted sender)
 smtp.mailfrom="linux-kernel+bounces-47343-ouuuleilei=gmail.com@vger.kernel.org";
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com
Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org
 [52.25.139.140])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by am.mirrors.kernel.org (Postfix) with ESMTPS id CD8C91F29F81
	for <ouuuleilei@gmail.com>; Wed, 31 Jan 2024 23:27:43 +0000 (UTC)
Received: from localhost.localdomain (localhost.localdomain [127.0.0.1])
	by smtp.subspace.kernel.org (Postfix) with ESMTP id B56A3481DB;
	Wed, 31 Jan 2024 23:09:19 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org;
	dkim=pass (1024-bit key) header.d=redhat.com header.i=@redhat.com
 header.b="ILjcVmBi"
Received: from us-smtp-delivery-124.mimecast.com
 (us-smtp-delivery-124.mimecast.com [170.10.129.124])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id B33A347F4D
	for <linux-kernel@vger.kernel.org>; Wed, 31 Jan 2024 23:09:13 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org;
 arc=none smtp.client-ip=170.10.129.124
ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;
	t=1706742555; cv=none;
 b=PyNVROv3FdDL7wYsyy5YFz5y4r79qINusQ5hT0F4Ko40i2ZSKgChhNkqa0vnV+uIV6ymTOwq+RRsTsaqMwhQ/l+d3axcxpMxMx9MbooE6t5moeLM/iQTWjp/fst1wbR7QNb/ym4eRKQrfceIgen8J3nwPsla3NqPiWZxnmgVcrA=
ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org;
	s=arc-20240116; t=1706742555; c=relaxed/simple;
	bh=4IzgUiiLC2xdXeX/Q2WgpODnZbuMlaMcucIkHRMpcVQ=;
	h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References:
	 MIME-Version:Content-Type;
 b=oL+f63E3e8AC6mgtDJrpGEP4fckTahDwbCylmxE8at3oifassNq/5XXjz3fropOHXCF3ifG5PKlZniIFmFLFk59xgFwabPrjaF0PaOHswrx+GrzzKVjK4jHW/5h2tynnsJnFLFJ5rKxJ5cEaen+9IwxIp+O1oJ1uNDDxjXrikyY=
ARC-Authentication-Results: i=1; smtp.subspace.kernel.org;
 dmarc=pass (p=none dis=none) header.from=redhat.com;
 spf=pass smtp.mailfrom=redhat.com;
 dkim=pass (1024-bit key) header.d=redhat.com header.i=@redhat.com
 header.b=ILjcVmBi; arc=none smtp.client-ip=170.10.129.124
Authentication-Results: smtp.subspace.kernel.org;
 dmarc=pass (p=none dis=none) header.from=redhat.com
Authentication-Results: smtp.subspace.kernel.org;
 spf=pass smtp.mailfrom=redhat.com
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com;
	s=mimecast20190719; t=1706742552;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding:
	 in-reply-to:in-reply-to:references:references;
	bh=AVF+MMqBraYuLEZ3nz+rh5hR3QYgKQlXNiv3cB3L9Yk=;
	b=ILjcVmBiDZ2k2kqg9fe1VzZNf5TXYg3pPbwYwAtve9tHPUcj55eToz7htFphsZQKpMtlbd
	+OgDF6ghGc9BU/Xn3Fylh1OydelHn+fA1M2988BYrzkNEf52KLrPwrzG0yhPfs1Kh1Iv7C
	CsAfzvyk7TRgBggOzxMjI9DZY7E4BBM=
Received: from mail-wm1-f70.google.com (mail-wm1-f70.google.com
 [209.85.128.70]) by relay.mimecast.com with ESMTP with STARTTLS
 (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id
 us-mta-91-WJI2WiYBM0aPMHZiIpgQHw-1; Wed, 31 Jan 2024 18:09:11 -0500
X-MC-Unique: WJI2WiYBM0aPMHZiIpgQHw-1
Received: by mail-wm1-f70.google.com with SMTP id
 5b1f17b1804b1-40ef6b8d0f6so2034755e9.2
        for <linux-kernel@vger.kernel.org>;
 Wed, 31 Jan 2024 15:09:11 -0800 (PST)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1706742550; x=1707347350;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc
         :subject:date:message-id:reply-to;
        bh=AVF+MMqBraYuLEZ3nz+rh5hR3QYgKQlXNiv3cB3L9Yk=;
        b=ehiLzbdi3Q7kuOQluwtBTtGx78O8v0jj9w7h6ovwoZfEWxWgGqoMThbkvFyhuHNHB5
         W7TSCm3NSYUuv21cvPc7RMiSekKpkrm34gaU2o6PgXHqd6z2XDHYTfwspLNpAkIC4V9I
         5aGuS3E27Hs+8iJ75TAGJ8hA2cFWgFiW9t8MQbnoXQJ7XwdrD52XQwBuNlXAclvl4Spu
         BThYUrP9hNbc1kyvE+pyvXtRs1RIXTL91gOg2NUza/x5FiUsAwq0djUJ8BoNwZqP9y3y
         Kgth7Oven6249WCNVErACuAiiPkqZP168IA4MSxpNZtGKgf7GhV6bV6eL1EyEgxnqeT/
         htIw==
X-Gm-Message-State: AOJu0YxOV8YyYL/vHkS6hD/NlgiQKG1kURsS9z0x7RdsIVwtuvu1HY3x
	j8CAa6r/5fZa/uh3+bVooeFrwUv2fx7VXFXjRSqY5Zi2ioixHulTs8IqLb2L9w+Sj/mzUhooPCh
	qdojjuNLLYR5YpGkH4nc8JU7o2d6wvyj4piTSbp3iX35WSUB7tjYG6F/WJ/UWke9qxddh2OTFDc
	/Cf4LlsmoMTlgw+ojMgvzR9OzIQgU95bYdVLs6jQDCxzxHegp0
X-Received: by 2002:a05:600c:1989:b0:40f:b37a:a7ee with SMTP id
 t9-20020a05600c198900b0040fb37aa7eemr2466371wmq.41.1706742549798;
        Wed, 31 Jan 2024 15:09:09 -0800 (PST)
X-Received: by 2002:a05:600c:1989:b0:40f:b37a:a7ee with SMTP id
 t9-20020a05600c198900b0040fb37aa7eemr2466349wmq.41.1706742549449;
        Wed, 31 Jan 2024 15:09:09 -0800 (PST)
Received: from [10.10.0.32] ([213.214.41.32])
        by smtp.gmail.com with ESMTPSA id
 fa6-20020a05600c518600b0040efb445698sm2718989wmb.5.2024.01.31.15.09.07
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Wed, 31 Jan 2024 15:09:07 -0800 (PST)
From: Paolo Bonzini <pbonzini@redhat.com>
To: linux-kernel@vger.kernel.org,
	kvm@vger.kernel.org
Cc: Zixi Chen <zixchen@redhat.com>,
	Adam Dunlap <acdunlap@google.com>,
	"Kirill A . Shutemov" <kirill.shutemov@linux.intel.com>,
	Xiaoyao Li <xiaoyao.li@intel.com>,
	Kai Huang <kai.huang@intel.com>,
	Dave Hansen <dave.hansen@linux.intel.com>,
	Thomas Gleixner <tglx@linutronix.de>,
	Ingo Molnar <mingo@kernel.org>,
	x86@kernel.org,
	stable@vger.kernel.org
Subject: [PATCH v2 2/2] x86/cpu/intel: Detect TME keyid bits before setting
 MTRR mask registers
Date: Thu,  1 Feb 2024 00:09:02 +0100
Message-ID: <20240131230902.1867092-3-pbonzini@redhat.com>
X-Mailer: git-send-email 2.43.0
In-Reply-To: <20240131230902.1867092-1-pbonzini@redhat.com>
References: <20240131230902.1867092-1-pbonzini@redhat.com>
Precedence: bulk
X-Mailing-List: linux-kernel@vger.kernel.org
List-Id: <linux-kernel.vger.kernel.org>
List-Subscribe: <mailto:linux-kernel+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:linux-kernel+unsubscribe@vger.kernel.org>
MIME-Version: 1.0
X-getmail-retrieved-from-mailbox: INBOX
X-GMAIL-THRID: 1789650478821869365
X-GMAIL-MSGID: 1789650478821869365

MKTME repurposes the high bit of physical address to key id for encryption
key and, even though MAXPHYADDR in CPUID[0x80000008] remains the same,
the valid bits in the MTRR mask register are based on the reduced number
of physical address bits.

detect_tme() in arch/x86/kernel/cpu/intel.c detects TME and subtracts
it from the total usable physical bits, but it is called too late.
Move the call to early_init_intel() so that it is called in setup_arch(),
before MTRRs are setup.

This fixes boot on TDX-enabled systems, which until now only worked with
"disable_mtrr_cleanup".  Without the patch, the values written to the
MTRRs mask registers were 52-bit wide (e.g. 0x000fffff_80000800) and
the writes failed; with the patch, the values are 46-bit wide, which
matches the reduced MAXPHYADDR that is shown in /proc/cpuinfo.

Reported-by: Zixi Chen <zixchen@redhat.com>
Cc: Adam Dunlap <acdunlap@google.com>
Cc: Kirill A. Shutemov <kirill.shutemov@linux.intel.com>
Cc: Xiaoyao Li <xiaoyao.li@intel.com>
Cc: Kai Huang <kai.huang@intel.com>
Cc: Dave Hansen <dave.hansen@linux.intel.com>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: Ingo Molnar <mingo@kernel.org>
Cc: x86@kernel.org
Cc: stable@vger.kernel.org
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Reviewed-by: Kirill A. Shutemov <kirill.shutemov@linux.intel.com>
Acked-by: Kai Huang <kai.huang@intel.com>
---
 arch/x86/kernel/cpu/intel.c | 178 ++++++++++++++++++------------------
 1 file changed, 91 insertions(+), 87 deletions(-)

diff --git a/arch/x86/kernel/cpu/intel.c b/arch/x86/kernel/cpu/intel.c
index a927a8fc9624..40dec9b56f87 100644
--- a/arch/x86/kernel/cpu/intel.c
+++ b/arch/x86/kernel/cpu/intel.c
@@ -184,6 +184,90 @@ static bool bad_spectre_microcode(struct cpuinfo_x86 *c)
 	return false;
 }
 
+#define MSR_IA32_TME_ACTIVATE		0x982
+
+/* Helpers to access TME_ACTIVATE MSR */
+#define TME_ACTIVATE_LOCKED(x)		(x & 0x1)
+#define TME_ACTIVATE_ENABLED(x)		(x & 0x2)
+
+#define TME_ACTIVATE_POLICY(x)		((x >> 4) & 0xf)	/* Bits 7:4 */
+#define TME_ACTIVATE_POLICY_AES_XTS_128	0
+
+#define TME_ACTIVATE_KEYID_BITS(x)	((x >> 32) & 0xf)	/* Bits 35:32 */
+
+#define TME_ACTIVATE_CRYPTO_ALGS(x)	((x >> 48) & 0xffff)	/* Bits 63:48 */
+#define TME_ACTIVATE_CRYPTO_AES_XTS_128	1
+
+/* Values for mktme_status (SW only construct) */
+#define MKTME_ENABLED			0
+#define MKTME_DISABLED			1
+#define MKTME_UNINITIALIZED		2
+static int mktme_status = MKTME_UNINITIALIZED;
+
+static void detect_tme_early(struct cpuinfo_x86 *c)
+{
+	u64 tme_activate, tme_policy, tme_crypto_algs;
+	int keyid_bits = 0, nr_keyids = 0;
+	static u64 tme_activate_cpu0 = 0;
+
+	rdmsrl(MSR_IA32_TME_ACTIVATE, tme_activate);
+
+	if (mktme_status != MKTME_UNINITIALIZED) {
+		if (tme_activate != tme_activate_cpu0) {
+			/* Broken BIOS? */
+			pr_err_once("x86/tme: configuration is inconsistent between CPUs\n");
+			pr_err_once("x86/tme: MKTME is not usable\n");
+			mktme_status = MKTME_DISABLED;
+
+			/* Proceed. We may need to exclude bits from x86_phys_bits. */
+		}
+	} else {
+		tme_activate_cpu0 = tme_activate;
+	}
+
+	if (!TME_ACTIVATE_LOCKED(tme_activate) || !TME_ACTIVATE_ENABLED(tme_activate)) {
+		pr_info_once("x86/tme: not enabled by BIOS\n");
+		mktme_status = MKTME_DISABLED;
+		return;
+	}
+
+	if (mktme_status != MKTME_UNINITIALIZED)
+		goto detect_keyid_bits;
+
+	pr_info("x86/tme: enabled by BIOS\n");
+
+	tme_policy = TME_ACTIVATE_POLICY(tme_activate);
+	if (tme_policy != TME_ACTIVATE_POLICY_AES_XTS_128)
+		pr_warn("x86/tme: Unknown policy is active: %#llx\n", tme_policy);
+
+	tme_crypto_algs = TME_ACTIVATE_CRYPTO_ALGS(tme_activate);
+	if (!(tme_crypto_algs & TME_ACTIVATE_CRYPTO_AES_XTS_128)) {
+		pr_err("x86/mktme: No known encryption algorithm is supported: %#llx\n",
+				tme_crypto_algs);
+		mktme_status = MKTME_DISABLED;
+	}
+detect_keyid_bits:
+	keyid_bits = TME_ACTIVATE_KEYID_BITS(tme_activate);
+	nr_keyids = (1UL << keyid_bits) - 1;
+	if (nr_keyids) {
+		pr_info_once("x86/mktme: enabled by BIOS\n");
+		pr_info_once("x86/mktme: %d KeyIDs available\n", nr_keyids);
+	} else {
+		pr_info_once("x86/mktme: disabled by BIOS\n");
+	}
+
+	if (mktme_status == MKTME_UNINITIALIZED) {
+		/* MKTME is usable */
+		mktme_status = MKTME_ENABLED;
+	}
+
+	/*
+	 * KeyID bits effectively lower the number of physical address
+	 * bits.  Update cpuinfo_x86::x86_phys_bits accordingly.
+	 */
+	c->x86_phys_bits -= keyid_bits;
+}
+
 static void early_init_intel(struct cpuinfo_x86 *c)
 {
 	u64 misc_enable;
@@ -322,6 +406,13 @@ static void early_init_intel(struct cpuinfo_x86 *c)
 	 */
 	if (detect_extended_topology_early(c) < 0)
 		detect_ht_early(c);
+
+	/*
+	 * Adjust the number of physical bits early because it affects the
+	 * valid bits of the MTRR mask registers.
+	 */
+	if (cpu_has(c, X86_FEATURE_TME))
+		detect_tme_early(c);
 }
 
 static void bsp_init_intel(struct cpuinfo_x86 *c)
@@ -482,90 +573,6 @@ static void srat_detect_node(struct cpuinfo_x86 *c)
 #endif
 }
 
-#define MSR_IA32_TME_ACTIVATE		0x982
-
-/* Helpers to access TME_ACTIVATE MSR */
-#define TME_ACTIVATE_LOCKED(x)		(x & 0x1)
-#define TME_ACTIVATE_ENABLED(x)		(x & 0x2)
-
-#define TME_ACTIVATE_POLICY(x)		((x >> 4) & 0xf)	/* Bits 7:4 */
-#define TME_ACTIVATE_POLICY_AES_XTS_128	0
-
-#define TME_ACTIVATE_KEYID_BITS(x)	((x >> 32) & 0xf)	/* Bits 35:32 */
-
-#define TME_ACTIVATE_CRYPTO_ALGS(x)	((x >> 48) & 0xffff)	/* Bits 63:48 */
-#define TME_ACTIVATE_CRYPTO_AES_XTS_128	1
-
-/* Values for mktme_status (SW only construct) */
-#define MKTME_ENABLED			0
-#define MKTME_DISABLED			1
-#define MKTME_UNINITIALIZED		2
-static int mktme_status = MKTME_UNINITIALIZED;
-
-static void detect_tme(struct cpuinfo_x86 *c)
-{
-	u64 tme_activate, tme_policy, tme_crypto_algs;
-	int keyid_bits = 0, nr_keyids = 0;
-	static u64 tme_activate_cpu0 = 0;
-
-	rdmsrl(MSR_IA32_TME_ACTIVATE, tme_activate);
-
-	if (mktme_status != MKTME_UNINITIALIZED) {
-		if (tme_activate != tme_activate_cpu0) {
-			/* Broken BIOS? */
-			pr_err_once("x86/tme: configuration is inconsistent between CPUs\n");
-			pr_err_once("x86/tme: MKTME is not usable\n");
-			mktme_status = MKTME_DISABLED;
-
-			/* Proceed. We may need to exclude bits from x86_phys_bits. */
-		}
-	} else {
-		tme_activate_cpu0 = tme_activate;
-	}
-
-	if (!TME_ACTIVATE_LOCKED(tme_activate) || !TME_ACTIVATE_ENABLED(tme_activate)) {
-		pr_info_once("x86/tme: not enabled by BIOS\n");
-		mktme_status = MKTME_DISABLED;
-		return;
-	}
-
-	if (mktme_status != MKTME_UNINITIALIZED)
-		goto detect_keyid_bits;
-
-	pr_info("x86/tme: enabled by BIOS\n");
-
-	tme_policy = TME_ACTIVATE_POLICY(tme_activate);
-	if (tme_policy != TME_ACTIVATE_POLICY_AES_XTS_128)
-		pr_warn("x86/tme: Unknown policy is active: %#llx\n", tme_policy);
-
-	tme_crypto_algs = TME_ACTIVATE_CRYPTO_ALGS(tme_activate);
-	if (!(tme_crypto_algs & TME_ACTIVATE_CRYPTO_AES_XTS_128)) {
-		pr_err("x86/mktme: No known encryption algorithm is supported: %#llx\n",
-				tme_crypto_algs);
-		mktme_status = MKTME_DISABLED;
-	}
-detect_keyid_bits:
-	keyid_bits = TME_ACTIVATE_KEYID_BITS(tme_activate);
-	nr_keyids = (1UL << keyid_bits) - 1;
-	if (nr_keyids) {
-		pr_info_once("x86/mktme: enabled by BIOS\n");
-		pr_info_once("x86/mktme: %d KeyIDs available\n", nr_keyids);
-	} else {
-		pr_info_once("x86/mktme: disabled by BIOS\n");
-	}
-
-	if (mktme_status == MKTME_UNINITIALIZED) {
-		/* MKTME is usable */
-		mktme_status = MKTME_ENABLED;
-	}
-
-	/*
-	 * KeyID bits effectively lower the number of physical address
-	 * bits.  Update cpuinfo_x86::x86_phys_bits accordingly.
-	 */
-	c->x86_phys_bits -= keyid_bits;
-}
-
 static void init_cpuid_fault(struct cpuinfo_x86 *c)
 {
 	u64 msr;
@@ -702,9 +709,6 @@ static void init_intel(struct cpuinfo_x86 *c)
 
 	init_ia32_feat_ctl(c);
 
-	if (cpu_has(c, X86_FEATURE_TME))
-		detect_tme(c);
-
 	init_intel_misc_features(c);
 
 	split_lock_init();