From patchwork Thu Nov 17 21:43:25 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: tip-bot2 for Thomas Gleixner <tip-bot2@linutronix.de>
X-Patchwork-Id: 21948
Return-Path: <linux-kernel-owner@vger.kernel.org>
Delivered-To: ouuuleilei@gmail.com
Received: by 2002:adf:f944:0:0:0:0:0 with SMTP id q4csp639115wrr;
        Thu, 17 Nov 2022 13:50:53 -0800 (PST)
X-Google-Smtp-Source: 
 AA0mqf4079yN8345+Od2rG/sRgtLC6+ZA3E12vADbOFqU0uFtTaHxEBx6t+Gw6YsZkSNxIM6o6/9
X-Received: by 2002:a17:906:c283:b0:7ae:2277:9fec with SMTP id
 r3-20020a170906c28300b007ae22779fecmr3518534ejz.623.1668721852932;
        Thu, 17 Nov 2022 13:50:52 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1668721852; cv=none;
        d=google.com; s=arc-20160816;
        b=lSNOKLpwrHjU3dIjZ8971WzTIuEzKXupOSGw+NsZH7RkGNecR80D3DAvZso4WknsOL
         n7gCAO2t7d+QZk866fWrYthDw8XftuhUd4AkCIQR0dZ1zOttWxRp0cM8pfZpnG3ggN8F
         rw2M4COKcVYQl2/lUHzTPTQdt7Tl2Pv89jJfN/n5kkfyjAiDWZIIexy9DObKLtPTvFDz
         s3XJysHtTfVC/o9VZ6/YLfanrMLwPzxubN2odwJRJQa9D+XIcI1WwF2rjXQmIYUuzn12
         11IM5Ak4m2b8aV3s4K21Z21bnpnvD7YX92cSt3x4H1oTcJKEV6DCzmFOR5xgGfB9l0T6
         xzTw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com;
 s=arc-20160816;
        h=list-id:precedence:content-transfer-encoding:robot-unsubscribe
         :robot-id:message-id:mime-version:cc:subject:to:reply-to:sender:from
         :dkim-signature:dkim-signature:date;
        bh=e1EptTRRDZWJPGJ1JeZSDbsVVsKPz/WMABLqUp0/9uc=;
        b=uOiHnUad2720wQF4yFCoje0wWjDZMpIFkyo4tIUW9i6imnBjJjFqJYfUTH29gFIgzT
         qznfqQFvedsu9d0qS+eazm88rDBOoU5iWREjSiwTYOu+eHz6FCTYcNdzeai67/wHh9CM
         Gwt1ZfIL0zV5qQmxO7DspK6lkllebmN7/WVI579LgknOg4BT02+OzhR3B1J7cVP519Xw
         cmZE7gCTXNRjYlO4bsMApiDXmvOuqKxJPnB7YOskjboDBtNkEPHbmeJ63WL0E1KB3IRD
         FUilQmPzJbKTjphxNKw2aZsb5D0bPvS1qpb61JqNwVj4YD61gvR+QsVbrhM8pVOF829T
         hpzg==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@linutronix.de header.s=2020 header.b=ewbMtQFG;
       dkim=neutral (no key) header.i=@linutronix.de header.s=2020e;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org
 designates 2620:137:e000::1:20 as permitted sender)
 smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=linutronix.de
Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20])
        by mx.google.com with ESMTP id
 x10-20020a056402414a00b004687eebac58si1758741eda.458.2022.11.17.13.50.28;
        Thu, 17 Nov 2022 13:50:52 -0800 (PST)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org
 designates 2620:137:e000::1:20 as permitted sender)
 client-ip=2620:137:e000::1:20;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@linutronix.de header.s=2020 header.b=ewbMtQFG;
       dkim=neutral (no key) header.i=@linutronix.de header.s=2020e;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org
 designates 2620:137:e000::1:20 as permitted sender)
 smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=linutronix.de
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S240703AbiKQVnq (ORCPT <rfc822;a1648639935@gmail.com>
        + 99 others); Thu, 17 Nov 2022 16:43:46 -0500
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:57088 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S239211AbiKQVna (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Thu, 17 Nov 2022 16:43:30 -0500
Received: from galois.linutronix.de (Galois.linutronix.de [193.142.43.55])
        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id AB2921025;
        Thu, 17 Nov 2022 13:43:27 -0800 (PST)
Date: Thu, 17 Nov 2022 21:43:25 -0000
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linutronix.de;
        s=2020; t=1668721406;
        h=from:from:sender:sender:reply-to:reply-to:subject:subject:date:date:
         message-id:message-id:to:to:cc:cc:mime-version:mime-version:
         content-type:content-type:
  content-transfer-encoding:content-transfer-encoding;
        bh=e1EptTRRDZWJPGJ1JeZSDbsVVsKPz/WMABLqUp0/9uc=;
        b=ewbMtQFGcZ3oIfwVOmzkIvD6WoKj7AWjdWKXuEkjIAQ73tBznZsBDblRrGfJ8KPm7BcOUM
        I1kraZoWaGagK82bPQTYpkgBiLsqn3vI4l8wmZHsCMHdKB3giC1v3uYVHuadlW8a34nTP2
        3aIpC6crjUpNs0WOYCoZVVCGuKP6kX1D3zJ6/3f5T3HuKuGnS5BqxEUGJg7BiPnmjPjlMr
        oXAFEOYIyfhCceayqCpUpUYKhV94GtbdBA6lpMrztnnTFDfb7+0dj4Ntp1f40kOCGV1iaW
        aSWLY4GVogAkhB23l/Ny+gGtFyMmo1StPZ+wpNQei6uXzF76i8PfI2nZW7C0mQ==
DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/relaxed; d=linutronix.de;
        s=2020e; t=1668721406;
        h=from:from:sender:sender:reply-to:reply-to:subject:subject:date:date:
         message-id:message-id:to:to:cc:cc:mime-version:mime-version:
         content-type:content-type:
  content-transfer-encoding:content-transfer-encoding;
        bh=e1EptTRRDZWJPGJ1JeZSDbsVVsKPz/WMABLqUp0/9uc=;
        b=XzL7nxdn81wb/lX0WzkD+2zue+yOTkGWJ91WAX8HltF9A5Zjz1nlmxfdRxR8WeDTHFt8d1
        NE7doVPWQDCdZ1Bw==
From: "tip-bot2 for Kuppuswamy Sathyanarayanan" <tip-bot2@linutronix.de>
Sender: tip-bot2@linutronix.de
Reply-to: linux-kernel@vger.kernel.org
To: linux-tip-commits@vger.kernel.org
Subject: [tip: x86/tdx] x86/tdx: Add a wrapper to get TDREPORT0 from the TDX
 Module
Cc: Kuppuswamy Sathyanarayanan
        <sathyanarayanan.kuppuswamy@linux.intel.com>,
        Dave Hansen <dave.hansen@linux.intel.com>,
        Wander Lairson Costa <wander@redhat.com>, x86@kernel.org,
        linux-kernel@vger.kernel.org
MIME-Version: 1.0
Message-ID: <166872140508.4906.7190539793443618681.tip-bot2@tip-bot2>
Robot-ID: <tip-bot2@linutronix.de>
Robot-Unsubscribe: Contact <mailto:tglx@linutronix.de> to get blacklisted from
 these emails
X-Spam-Status: No, score=-4.4 required=5.0 tests=BAYES_00,DKIM_SIGNED,
        DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_MED,SPF_HELO_NONE,
        SPF_PASS autolearn=ham autolearn_force=no version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on
        lindbergh.monkeyblade.net
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org
X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?=
X-GMAIL-THRID: =?utf-8?q?1749781685172787081?=
X-GMAIL-MSGID: =?utf-8?q?1749781685172787081?=

The following commit has been merged into the x86/tdx branch of tip:

Commit-ID:     51acfe89af1118f906f9b68d95fdfb22832ac960
Gitweb:        https://git.kernel.org/tip/51acfe89af1118f906f9b68d95fdfb22832ac960
Author:        Kuppuswamy Sathyanarayanan <sathyanarayanan.kuppuswamy@linux.intel.com>
AuthorDate:    Wed, 16 Nov 2022 14:38:18 -08:00
Committer:     Dave Hansen <dave.hansen@linux.intel.com>
CommitterDate: Thu, 17 Nov 2022 11:03:09 -08:00

x86/tdx: Add a wrapper to get TDREPORT0 from the TDX Module

To support TDX attestation, the TDX guest driver exposes an IOCTL
interface to allow userspace to get the TDREPORT0 (a.k.a. TDREPORT
subtype 0) from the TDX module via TDG.MR.TDREPORT TDCALL.

In order to get the TDREPORT0 in the TDX guest driver, instead of using
a low level function like __tdx_module_call(), add a
tdx_mcall_get_report0() wrapper function to handle it.

This is a preparatory patch for adding attestation support.

Signed-off-by: Kuppuswamy Sathyanarayanan <sathyanarayanan.kuppuswamy@linux.intel.com>
Signed-off-by: Dave Hansen <dave.hansen@linux.intel.com>
Acked-by: Wander Lairson Costa <wander@redhat.com>
Link: https://lore.kernel.org/all/20221116223820.819090-2-sathyanarayanan.kuppuswamy%40linux.intel.com
---
 arch/x86/coco/tdx/tdx.c    | 40 +++++++++++++++++++++++++++++++++++++-
 arch/x86/include/asm/tdx.h |  2 ++-
 2 files changed, 42 insertions(+)

diff --git a/arch/x86/coco/tdx/tdx.c b/arch/x86/coco/tdx/tdx.c
index b8998cf..cfd4c95 100644
--- a/arch/x86/coco/tdx/tdx.c
+++ b/arch/x86/coco/tdx/tdx.c
@@ -5,6 +5,8 @@
 #define pr_fmt(fmt)     "tdx: " fmt
 
 #include <linux/cpufeature.h>
+#include <linux/export.h>
+#include <linux/io.h>
 #include <asm/coco.h>
 #include <asm/tdx.h>
 #include <asm/vmx.h>
@@ -15,6 +17,7 @@
 /* TDX module Call Leaf IDs */
 #define TDX_GET_INFO			1
 #define TDX_GET_VEINFO			3
+#define TDX_GET_REPORT			4
 #define TDX_ACCEPT_PAGE			6
 
 /* TDX hypercall Leaf IDs */
@@ -36,6 +39,12 @@
 
 #define ATTR_SEPT_VE_DISABLE	BIT(28)
 
+/* TDX Module call error codes */
+#define TDCALL_RETURN_CODE(a)	((a) >> 32)
+#define TDCALL_INVALID_OPERAND	0xc0000100
+
+#define TDREPORT_SUBTYPE_0	0
+
 /*
  * Wrapper for standard use of __tdx_hypercall with no output aside from
  * return code.
@@ -100,6 +109,37 @@ static inline void tdx_module_call(u64 fn, u64 rcx, u64 rdx, u64 r8, u64 r9,
 		panic("TDCALL %lld failed (Buggy TDX module!)\n", fn);
 }
 
+/**
+ * tdx_mcall_get_report0() - Wrapper to get TDREPORT0 (a.k.a. TDREPORT
+ *                           subtype 0) using TDG.MR.REPORT TDCALL.
+ * @reportdata: Address of the input buffer which contains user-defined
+ *              REPORTDATA to be included into TDREPORT.
+ * @tdreport: Address of the output buffer to store TDREPORT.
+ *
+ * Refer to section titled "TDG.MR.REPORT leaf" in the TDX Module
+ * v1.0 specification for more information on TDG.MR.REPORT TDCALL.
+ * It is used in the TDX guest driver module to get the TDREPORT0.
+ *
+ * Return 0 on success, -EINVAL for invalid operands, or -EIO on
+ * other TDCALL failures.
+ */
+int tdx_mcall_get_report0(u8 *reportdata, u8 *tdreport)
+{
+	u64 ret;
+
+	ret = __tdx_module_call(TDX_GET_REPORT, virt_to_phys(tdreport),
+				virt_to_phys(reportdata), TDREPORT_SUBTYPE_0,
+				0, NULL);
+	if (ret) {
+		if (TDCALL_RETURN_CODE(ret) == TDCALL_INVALID_OPERAND)
+			return -EINVAL;
+		return -EIO;
+	}
+
+	return 0;
+}
+EXPORT_SYMBOL_GPL(tdx_mcall_get_report0);
+
 static void tdx_parse_tdinfo(u64 *cc_mask)
 {
 	struct tdx_module_output out;
diff --git a/arch/x86/include/asm/tdx.h b/arch/x86/include/asm/tdx.h
index 020c81a..28d889c 100644
--- a/arch/x86/include/asm/tdx.h
+++ b/arch/x86/include/asm/tdx.h
@@ -67,6 +67,8 @@ void tdx_safe_halt(void);
 
 bool tdx_early_handle_ve(struct pt_regs *regs);
 
+int tdx_mcall_get_report0(u8 *reportdata, u8 *tdreport);
+
 #else
 
 static inline void tdx_early_init(void) { };