From: Isaku Yamahata <isaku.yamahata@gmail.com>
To: Kai Huang <kai.huang@intel.com>
Cc: peterz@infradead.org, kirill.shutemov@linux.intel.com,
linux-kernel@vger.kernel.org, dave.hansen@intel.com,
tglx@linutronix.de, bp@alien8.de, mingo@redhat.com,
hpa@zytor.com, x86@kernel.org, seanjc@google.com,
pbonzini@redhat.com, kvm@vger.kernel.org,
isaku.yamahata@intel.com,
sathyanarayanan.kuppuswamy@linux.intel.com,
isaku.yamahata@gmail.com
Subject: Re: [PATCH 09/10] x86/virt/tdx: Wire up basic SEAMCALL functions
Date: Wed, 12 Jul 2023 15:15:10 -0700 [thread overview]
Message-ID: <20230712221510.GG3894444@ls.amr.corp.intel.com> (raw)
In-Reply-To: <41b7e5503a3e6057dc168b3c5a9693651c501d22.1689151537.git.kai.huang@intel.com>
On Wed, Jul 12, 2023 at 08:55:23PM +1200,
Kai Huang <kai.huang@intel.com> wrote:
> Intel Trust Domain Extensions (TDX) protects guest VMs from malicious
> host and certain physical attacks. A CPU-attested software module
> called 'the TDX module' runs inside a new isolated memory range as a
> trusted hypervisor to manage and run protected VMs.
>
> TDX introduces a new CPU mode: Secure Arbitration Mode (SEAM). This
> mode runs only the TDX module itself or other code to load the TDX
> module.
>
> The host kernel communicates with SEAM software via a new SEAMCALL
> instruction. This is conceptually similar to a guest->host hypercall,
> except it is made from the host to SEAM software instead. The TDX
> module establishes a new SEAMCALL ABI which allows the host to
> initialize the module and to manage VMs.
>
> The SEAMCALL ABI is very similar to the TDCALL ABI and leverages much
> TDCALL infrastructure. Wire up basic functions to make SEAMCALLs for
> the basic TDX support: __seamcall(), __seamcall_ret() and
> __seamcall_saved_ret() which is for TDH.VP.ENTER leaf function.
Hi. __seamcall_saved_ret() uses struct tdx_module_arg as input and output. For
KVM TDH.VP.ENTER case, those arguments are already in unsigned long
kvm_vcpu_arch::regs[]. It's silly to move those values twice. From
kvm_vcpu_arch::regs to tdx_module_args. From tdx_module_args to real registers.
If TDH.VP.ENTER is the only user of __seamcall_saved_ret(), can we make it to
take unsigned long kvm_vcpu_argh::regs[NR_VCPU_REGS]? Maybe I can make the
change with TDX KVM patch series.
Thanks,
> To start to support TDX, create a new arch/x86/virt/vmx/tdx/tdx.c for
> TDX host kernel support. Add a new Kconfig option CONFIG_INTEL_TDX_HOST
> to opt-in TDX host kernel support (to distinguish with TDX guest kernel
> support). So far only KVM uses TDX. Make the new config option depend
> on KVM_INTEL.
>
> Signed-off-by: Kai Huang <kai.huang@intel.com>
> ---
> arch/x86/Kconfig | 12 +++++++
> arch/x86/Makefile | 2 ++
> arch/x86/include/asm/tdx.h | 7 +++++
> arch/x86/virt/Makefile | 2 ++
> arch/x86/virt/vmx/Makefile | 2 ++
> arch/x86/virt/vmx/tdx/Makefile | 2 ++
> arch/x86/virt/vmx/tdx/seamcall.S | 54 ++++++++++++++++++++++++++++++++
> 7 files changed, 81 insertions(+)
> create mode 100644 arch/x86/virt/Makefile
> create mode 100644 arch/x86/virt/vmx/Makefile
> create mode 100644 arch/x86/virt/vmx/tdx/Makefile
> create mode 100644 arch/x86/virt/vmx/tdx/seamcall.S
>
> diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig
> index 53bab123a8ee..191587f75810 100644
> --- a/arch/x86/Kconfig
> +++ b/arch/x86/Kconfig
> @@ -1952,6 +1952,18 @@ config X86_SGX
>
> If unsure, say N.
>
> +config INTEL_TDX_HOST
> + bool "Intel Trust Domain Extensions (TDX) host support"
> + depends on CPU_SUP_INTEL
> + depends on X86_64
> + depends on KVM_INTEL
> + help
> + Intel Trust Domain Extensions (TDX) protects guest VMs from malicious
> + host and certain physical attacks. This option enables necessary TDX
> + support in the host kernel to run confidential VMs.
> +
> + If unsure, say N.
> +
> config EFI
> bool "EFI runtime service support"
> depends on ACPI
> diff --git a/arch/x86/Makefile b/arch/x86/Makefile
> index b39975977c03..ec0e71d8fa30 100644
> --- a/arch/x86/Makefile
> +++ b/arch/x86/Makefile
> @@ -252,6 +252,8 @@ archheaders:
>
> libs-y += arch/x86/lib/
>
> +core-y += arch/x86/virt/
> +
> # drivers-y are linked after core-y
> drivers-$(CONFIG_MATH_EMULATION) += arch/x86/math-emu/
> drivers-$(CONFIG_PCI) += arch/x86/pci/
> diff --git a/arch/x86/include/asm/tdx.h b/arch/x86/include/asm/tdx.h
> index 9b0ad0176e58..a82e5249d079 100644
> --- a/arch/x86/include/asm/tdx.h
> +++ b/arch/x86/include/asm/tdx.h
> @@ -74,5 +74,12 @@ static inline long tdx_kvm_hypercall(unsigned int nr, unsigned long p1,
> return -ENODEV;
> }
> #endif /* CONFIG_INTEL_TDX_GUEST && CONFIG_KVM_GUEST */
> +
> +#ifdef CONFIG_INTEL_TDX_HOST
> +u64 __seamcall(u64 fn, struct tdx_module_args *args);
> +u64 __seamcall_ret(u64 fn, struct tdx_module_args *args);
> +u64 __seamcall_saved_ret(u64 fn, struct tdx_module_args *args);
> +#endif /* CONFIG_INTEL_TDX_HOST */
> +
> #endif /* !__ASSEMBLY__ */
> #endif /* _ASM_X86_TDX_H */
> diff --git a/arch/x86/virt/Makefile b/arch/x86/virt/Makefile
> new file mode 100644
> index 000000000000..1e36502cd738
> --- /dev/null
> +++ b/arch/x86/virt/Makefile
> @@ -0,0 +1,2 @@
> +# SPDX-License-Identifier: GPL-2.0-only
> +obj-y += vmx/
> diff --git a/arch/x86/virt/vmx/Makefile b/arch/x86/virt/vmx/Makefile
> new file mode 100644
> index 000000000000..feebda21d793
> --- /dev/null
> +++ b/arch/x86/virt/vmx/Makefile
> @@ -0,0 +1,2 @@
> +# SPDX-License-Identifier: GPL-2.0-only
> +obj-$(CONFIG_INTEL_TDX_HOST) += tdx/
> diff --git a/arch/x86/virt/vmx/tdx/Makefile b/arch/x86/virt/vmx/tdx/Makefile
> new file mode 100644
> index 000000000000..46ef8f73aebb
> --- /dev/null
> +++ b/arch/x86/virt/vmx/tdx/Makefile
> @@ -0,0 +1,2 @@
> +# SPDX-License-Identifier: GPL-2.0-only
> +obj-y += seamcall.o
> diff --git a/arch/x86/virt/vmx/tdx/seamcall.S b/arch/x86/virt/vmx/tdx/seamcall.S
> new file mode 100644
> index 000000000000..650a40843afe
> --- /dev/null
> +++ b/arch/x86/virt/vmx/tdx/seamcall.S
> @@ -0,0 +1,54 @@
> +/* SPDX-License-Identifier: GPL-2.0 */
> +#include <linux/linkage.h>
> +#include <asm/frame.h>
> +
> +#include "tdxcall.S"
> +
> +/*
> + * __seamcall() - Host-side interface functions to SEAM software
> + * (the P-SEAMLDR or the TDX module).
> + *
> + * __seamcall() function ABI:
> + *
> + * @fn (RDI) - SEAMCALL Leaf number, moved to RAX
> + * @args (RSI) - struct tdx_module_args for input
> + *
> + * Return (via RAX) TDX_SEAMCALL_VMFAILINVALID if the SEAMCALL itself
> + * fails, or the completion status of the SEAMCALL leaf function.
> + */
> +SYM_FUNC_START(__seamcall)
> + TDX_MODULE_CALL host=1 ret=0 saved=0
> +SYM_FUNC_END(__seamcall)
> +
> +/*
> + * __seamcall_ret() - Host-side interface functions to SEAM software
> + * (the P-SEAMLDR or the TDX module).
> + *
> + * __seamcall_ret() function ABI:
> + *
> + * @fn (RDI) - SEAMCALL Leaf number, moved to RAX
> + * @args (RSI) - struct tdx_module_args for input and output
> + *
> + * Return (via RAX) TDX_SEAMCALL_VMFAILINVALID if the SEAMCALL itself
> + * fails, or the completion status of the SEAMCALL leaf function.
> + */
> +SYM_FUNC_START(__seamcall_ret)
> + TDX_MODULE_CALL host=1 ret=1 saved=0
> +SYM_FUNC_END(__seamcall_ret)
> +
> +/*
> + * __seamcall_saved_ret() - Host-side interface functions to SEAM software
> + * (the P-SEAMLDR or the TDX module) with extra
> + * "callee-saved" registers as input/output.
> + *
> + * __seamcall_saved_ret() function ABI:
> + *
> + * @fn (RDI) - SEAMCALL Leaf number, moved to RAX
> + * @args (RSI) - struct tdx_module_args for input and output
> + *
> + * Return (via RAX) TDX_SEAMCALL_VMFAILINVALID if the SEAMCALL itself
> + * fails, or the completion status of the SEAMCALL leaf function.
> + */
> +SYM_FUNC_START(__seamcall_saved_ret)
> + TDX_MODULE_CALL host=1 ret=1 saved=0
> +SYM_FUNC_END(__seamcall_saved_ret)
> --
> 2.41.0
>
--
Isaku Yamahata <isaku.yamahata@gmail.com>
next prev parent reply other threads:[~2023-07-12 22:15 UTC|newest]
Thread overview: 58+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-07-12 8:55 [PATCH 00/10] Unify TDCALL/SEAMCALL and TDVMCALL assembly Kai Huang
2023-07-12 8:55 ` [PATCH 01/10] x86/tdx: Zero out the missing RSI in TDX_HYPERCALL macro Kai Huang
2023-07-12 19:19 ` Sathyanarayanan Kuppuswamy
2023-07-12 8:55 ` [PATCH 02/10] x86/tdx: Use cmovc to save a label in TDX_MODULE_CALL asm Kai Huang
2023-07-12 19:27 ` Sathyanarayanan Kuppuswamy
2023-07-13 10:32 ` Huang, Kai
2023-07-12 8:55 ` [PATCH 03/10] x86/tdx: Move FRAME_BEGIN/END to TDX_MODULE_CALL asm macro Kai Huang
2023-07-12 19:57 ` Sathyanarayanan Kuppuswamy
2023-07-12 22:05 ` Isaku Yamahata
2023-07-12 8:55 ` [PATCH 04/10] x86/tdx: Make macros of TDCALLs consistent with the spec Kai Huang
2023-07-14 12:28 ` Nikolay Borisov
2023-07-14 12:28 ` Nikolay Borisov
2023-07-17 0:57 ` Huang, Kai
2023-07-12 8:55 ` [PATCH 05/10] x86/tdx: Rename __tdx_module_call() to __tdcall() Kai Huang
2023-07-12 8:55 ` [PATCH 06/10] x86/tdx: Pass TDCALL/SEAMCALL input/output registers via a structure Kai Huang
2023-07-12 8:55 ` [PATCH 07/10] x86/tdx: Extend TDX_MODULE_CALL to support more TDCALL/SEAMCALL leafs Kai Huang
2023-07-12 16:53 ` Peter Zijlstra
2023-07-12 16:59 ` Peter Zijlstra
2023-07-13 8:02 ` Huang, Kai
2023-07-13 8:43 ` Peter Zijlstra
2023-07-13 10:19 ` Huang, Kai
2023-07-13 10:24 ` Huang, Kai
2023-07-13 10:39 ` Peter Zijlstra
2023-07-13 10:37 ` Peter Zijlstra
2023-07-13 10:47 ` Huang, Kai
2023-07-13 11:22 ` Andrew Cooper
2023-07-13 11:40 ` Huang, Kai
2023-07-13 7:48 ` Huang, Kai
2023-07-13 8:46 ` Peter Zijlstra
2023-07-13 9:34 ` Huang, Kai
2023-07-13 9:40 ` Peter Zijlstra
2023-07-12 17:11 ` Peter Zijlstra
2023-07-13 8:09 ` Huang, Kai
2023-07-13 9:01 ` Peter Zijlstra
2023-07-13 9:15 ` Huang, Kai
2023-07-13 9:25 ` Peter Zijlstra
2023-07-13 10:01 ` Huang, Kai
2023-07-12 8:55 ` [PATCH 08/10] x86/tdx: Unify TDX_HYPERCALL and TDX_MODULE_CALL assembly Kai Huang
2023-07-15 10:05 ` Nikolay Borisov
2023-07-17 6:35 ` Huang, Kai
2023-07-17 7:02 ` Nikolay Borisov
2023-07-17 7:58 ` Huang, Kai
2023-07-18 10:32 ` Huang, Kai
2023-07-12 8:55 ` [PATCH 09/10] x86/virt/tdx: Wire up basic SEAMCALL functions Kai Huang
2023-07-12 22:15 ` Isaku Yamahata [this message]
2023-07-13 3:46 ` Huang, Kai
2023-07-13 7:42 ` Peter Zijlstra
2023-07-13 8:18 ` Huang, Kai
2023-07-13 9:03 ` Peter Zijlstra
2023-07-13 9:20 ` Huang, Kai
2023-07-13 14:51 ` Sean Christopherson
2023-07-17 3:52 ` Huang, Kai
2023-07-13 18:44 ` Isaku Yamahata
2023-08-08 9:16 ` Yuan Yao
2023-08-14 20:37 ` Isaku Yamahata
2023-07-12 8:55 ` [PATCH 10/10] x86/virt/tdx: Allow SEAMCALL to handle #UD and #GP Kai Huang
2023-07-13 8:07 ` Peter Zijlstra
2023-07-13 9:58 ` Huang, Kai
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20230712221510.GG3894444@ls.amr.corp.intel.com \
--to=isaku.yamahata@gmail.com \
--cc=bp@alien8.de \
--cc=dave.hansen@intel.com \
--cc=hpa@zytor.com \
--cc=isaku.yamahata@intel.com \
--cc=kai.huang@intel.com \
--cc=kirill.shutemov@linux.intel.com \
--cc=kvm@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=mingo@redhat.com \
--cc=pbonzini@redhat.com \
--cc=peterz@infradead.org \
--cc=sathyanarayanan.kuppuswamy@linux.intel.com \
--cc=seanjc@google.com \
--cc=tglx@linutronix.de \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.