From: Adrian Hunter <adrian.hunter@intel.com>
To: pbonzini@redhat.com, seanjc@google.com
Cc: kvm@vger.kernel.org, rick.p.edgecombe@intel.com,
kai.huang@intel.com, adrian.hunter@intel.com,
reinette.chatre@intel.com, xiaoyao.li@intel.com,
tony.lindgren@linux.intel.com, binbin.wu@linux.intel.com,
dmatlack@google.com, isaku.yamahata@intel.com,
nik.borisov@suse.com, linux-kernel@vger.kernel.org,
yan.y.zhao@intel.com, chao.gao@intel.com,
weijiang.yang@intel.com
Subject: [PATCH V2 03/12] KVM: TDX: Set arch.has_protected_state to true
Date: Wed, 29 Jan 2025 11:58:52 +0200 [thread overview]
Message-ID: <20250129095902.16391-4-adrian.hunter@intel.com> (raw)
In-Reply-To: <20250129095902.16391-1-adrian.hunter@intel.com>
TDX VMs have protected state. Accordingly, set arch.has_protected_state to
true.
This will cause the following IOCTL functions to return an error:
kvm_arch_vcpu_ioctl() case KVM_GET_SREGS2
kvm_arch_vcpu_ioctl() case KVM_SET_SREGS2
kvm_arch_vcpu_ioctl_get_regs()
kvm_arch_vcpu_ioctl_set_regs()
kvm_arch_vcpu_ioctl_get_sregs()
kvm_arch_vcpu_ioctl_set_sregs()
kvm_vcpu_ioctl_x86_get_debugregs()
kvm_vcpu_ioctl_x86_set_debugregs
kvm_vcpu_ioctl_x86_get_xcrs()
kvm_vcpu_ioctl_x86_set_xcrs()
In addition, the following will error for confidential FPU state:
kvm_vcpu_ioctl_x86_get_xsave ()
kvm_vcpu_ioctl_x86_get_xsave2()
kvm_vcpu_ioctl_x86_set_xsave()
kvm_arch_vcpu_ioctl_get_fpu()
kvm_arch_vcpu_ioctl_set_fpu()
And finally, in accordance with commit 66155de93bcf ("KVM: x86: Disallow
read-only memslots for SEV-ES and SEV-SNP (and TDX)"), read-only
memslots will be disallowed.
Signed-off-by: Adrian Hunter <adrian.hunter@intel.com>
---
TD vcpu enter/exit v2:
- New patch
---
arch/x86/kvm/vmx/tdx.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/arch/x86/kvm/vmx/tdx.c b/arch/x86/kvm/vmx/tdx.c
index ea9498028212..a7ebdafdfd82 100644
--- a/arch/x86/kvm/vmx/tdx.c
+++ b/arch/x86/kvm/vmx/tdx.c
@@ -553,6 +553,7 @@ int tdx_vm_init(struct kvm *kvm)
{
struct kvm_tdx *kvm_tdx = to_kvm_tdx(kvm);
+ kvm->arch.has_protected_state = true;
kvm->arch.has_private_mem = true;
/*
--
2.43.0
next prev parent reply other threads:[~2025-01-29 9:59 UTC|newest]
Thread overview: 38+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-01-29 9:58 [PATCH V2 00/12] KVM: TDX: TD vcpu enter/exit Adrian Hunter
2025-01-29 9:58 ` [PATCH V2 01/12] x86/virt/tdx: Make tdh_vp_enter() noinstr Adrian Hunter
2025-02-16 18:26 ` Paolo Bonzini
2025-02-27 14:13 ` Adrian Hunter
2025-01-29 9:58 ` [PATCH V2 02/12] KVM: x86: Allow the use of kvm_load_host_xsave_state() with guest_state_protected Adrian Hunter
2025-02-20 10:50 ` Xiaoyao Li
2025-02-24 11:38 ` Adrian Hunter
2025-02-25 5:56 ` Xiaoyao Li
2025-02-27 14:14 ` Adrian Hunter
2025-03-06 18:04 ` Paolo Bonzini
2025-03-06 20:43 ` Sean Christopherson
2025-03-06 22:34 ` Paolo Bonzini
2025-03-07 23:04 ` Sean Christopherson
2025-03-10 19:08 ` Paolo Bonzini
2025-01-29 9:58 ` Adrian Hunter [this message]
2025-02-20 12:35 ` [PATCH V2 03/12] KVM: TDX: Set arch.has_protected_state to true Xiaoyao Li
2025-02-27 14:17 ` Adrian Hunter
2025-01-29 9:58 ` [PATCH V2 04/12] KVM: VMX: Move common fields of struct vcpu_{vmx,tdx} to a struct Adrian Hunter
2025-01-29 9:58 ` [PATCH V2 05/12] KVM: TDX: Implement TDX vcpu enter/exit path Adrian Hunter
2025-02-20 13:16 ` Xiaoyao Li
2025-02-24 12:27 ` Adrian Hunter
2025-02-25 6:15 ` Xiaoyao Li
2025-02-27 18:37 ` Adrian Hunter
2025-03-06 18:19 ` Paolo Bonzini
2025-03-06 19:13 ` Adrian Hunter
2025-01-29 9:58 ` [PATCH V2 06/12] KVM: TDX: vcpu_run: save/restore host state(host kernel gs) Adrian Hunter
2025-01-29 9:58 ` [PATCH V2 07/12] KVM: TDX: restore host xsave state when exit from the guest TD Adrian Hunter
2025-02-25 6:43 ` Xiaoyao Li
2025-02-27 14:29 ` Adrian Hunter
2025-02-28 1:58 ` Xiaoyao Li
2025-01-29 9:58 ` [PATCH V2 08/12] KVM: x86: Allow to update cached values in kvm_user_return_msrs w/o wrmsr Adrian Hunter
2025-02-25 7:00 ` Xiaoyao Li
2025-01-29 9:58 ` [PATCH V2 09/12] KVM: TDX: restore user ret MSRs Adrian Hunter
2025-02-25 7:01 ` Xiaoyao Li
2025-02-27 14:19 ` Adrian Hunter
2025-01-29 9:58 ` [PATCH V2 10/12] KVM: TDX: Disable support for TSX and WAITPKG Adrian Hunter
2025-01-29 9:59 ` [PATCH V2 11/12] KVM: TDX: Save and restore IA32_DEBUGCTL Adrian Hunter
2025-01-29 9:59 ` [PATCH V2 12/12] KVM: x86: Add a switch_db_regs flag to handle TDX's auto-switched behavior Adrian Hunter
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20250129095902.16391-4-adrian.hunter@intel.com \
--to=adrian.hunter@intel.com \
--cc=binbin.wu@linux.intel.com \
--cc=chao.gao@intel.com \
--cc=dmatlack@google.com \
--cc=isaku.yamahata@intel.com \
--cc=kai.huang@intel.com \
--cc=kvm@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=nik.borisov@suse.com \
--cc=pbonzini@redhat.com \
--cc=reinette.chatre@intel.com \
--cc=rick.p.edgecombe@intel.com \
--cc=seanjc@google.com \
--cc=tony.lindgren@linux.intel.com \
--cc=weijiang.yang@intel.com \
--cc=xiaoyao.li@intel.com \
--cc=yan.y.zhao@intel.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.