From: Binbin Wu <binbin.wu@linux.intel.com>
To: pbonzini@redhat.com, seanjc@google.com, kvm@vger.kernel.org
Cc: rick.p.edgecombe@intel.com, kai.huang@intel.com,
adrian.hunter@intel.com, reinette.chatre@intel.com,
xiaoyao.li@intel.com, tony.lindgren@intel.com,
isaku.yamahata@intel.com, yan.y.zhao@intel.com,
mikko.ylinen@linux.intel.com, linux-kernel@vger.kernel.org,
kirill.shutemov@intel.com, jiewen.yao@intel.com,
binbin.wu@linux.intel.com
Subject: [RFC PATCH 1/4] KVM: TDX: Add new TDVMCALL status code for unsupported subfuncs
Date: Tue, 10 Jun 2025 10:14:19 +0800 [thread overview]
Message-ID: <20250610021422.1214715-2-binbin.wu@linux.intel.com> (raw)
In-Reply-To: <20250610021422.1214715-1-binbin.wu@linux.intel.com>
Add the new TDVMCALL status code TDVMCALL_STATUS_SUBFUNC_UNSUPPORTED and
return it for unimplemented TDVMCALL subfunctions.
Returning TDVMCALL_STATUS_INVALID_OPERAND when a subfunction is not
implemented is vague because TDX guests can't tell the error is due to
the subfunction is not supported or an invalid input of the subfunction.
New GHCI spec adds TDVMCALL_STATUS_SUBFUNC_UNSUPPORTED to avoid the
ambiguity. Use it instead of TDVMCALL_STATUS_INVALID_OPERAND.
Before the change, for common guest implementations, when a TDX guest
receives TDVMCALL_STATUS_INVALID_OPERAND, it has two cases:
1. Some operand is invalid. It could change the operand to another value
retry.
2. The subfunction is not supported.
For case 1, an invalid operand usually means the guest implementation bug.
Since the TDX guest can't tell which case is, the best practice for
handling TDVMCALL_STATUS_INVALID_OPERAND is stopping calling such leaf.
Treat it as fatal if the TDVMCALL is essential or ignore it if the TDVMCALL
is optional.
After the change, TDVMCALL_STATUS_SUBFUNC_UNSUPPORTED is unknown to the
old TDX guest, the guest will make the same action as
TDVMCALL_STATUS_INVALID_OPERAND, unless the guest check the
TDVMCALL_STATUS_INVALID_OPERAND specifically. Currently, no known
TDX guests do it, e.g., Linux TDX guests just check for success.
Signed-off-by: Binbin Wu <binbin.wu@linux.intel.com>
---
arch/x86/include/asm/shared/tdx.h | 1 +
arch/x86/kvm/vmx/tdx.c | 2 +-
2 files changed, 2 insertions(+), 1 deletion(-)
diff --git a/arch/x86/include/asm/shared/tdx.h b/arch/x86/include/asm/shared/tdx.h
index fd9209e996e7..b109b947fadf 100644
--- a/arch/x86/include/asm/shared/tdx.h
+++ b/arch/x86/include/asm/shared/tdx.h
@@ -79,6 +79,7 @@
#define TDVMCALL_STATUS_RETRY 0x0000000000000001ULL
#define TDVMCALL_STATUS_INVALID_OPERAND 0x8000000000000000ULL
#define TDVMCALL_STATUS_ALIGN_ERROR 0x8000000000000002ULL
+#define TDVMCALL_STATUS_SUBFUNC_UNSUPPORTED 0x8000000000000003ULL
/*
* Bitmasks of exposed registers (with VMM).
diff --git a/arch/x86/kvm/vmx/tdx.c b/arch/x86/kvm/vmx/tdx.c
index b952bc673271..8134d5805b03 100644
--- a/arch/x86/kvm/vmx/tdx.c
+++ b/arch/x86/kvm/vmx/tdx.c
@@ -1476,7 +1476,7 @@ static int handle_tdvmcall(struct kvm_vcpu *vcpu)
break;
}
- tdvmcall_set_return_code(vcpu, TDVMCALL_STATUS_INVALID_OPERAND);
+ tdvmcall_set_return_code(vcpu, TDVMCALL_STATUS_SUBFUNC_UNSUPPORTED);
return 1;
}
--
2.46.0
next prev parent reply other threads:[~2025-06-10 2:13 UTC|newest]
Thread overview: 33+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-06-10 2:14 [RFC PATCH 0/4] TDX attestation support and GHCI fixup Binbin Wu
2025-06-10 2:14 ` Binbin Wu [this message]
2025-06-10 2:14 ` [RFC PATCH 2/4] KVM: TDX: Handle TDG.VP.VMCALL<GetQuote> Binbin Wu
2025-06-10 2:14 ` [RFC PATCH 3/4] KVM: TDX: Exit to userspace for GetTdVmCallInfo Binbin Wu
2025-06-10 9:16 ` Xiaoyao Li
2025-06-10 16:50 ` Edgecombe, Rick P
2025-06-10 16:54 ` Edgecombe, Rick P
2025-06-11 2:04 ` Binbin Wu
2025-06-11 2:37 ` Xiaoyao Li
2025-06-11 14:17 ` Edgecombe, Rick P
2025-06-11 14:34 ` Xiaoyao Li
2025-06-11 14:41 ` Edgecombe, Rick P
2025-06-11 1:37 ` Binbin Wu
2025-06-11 2:17 ` Xiaoyao Li
2025-06-11 14:54 ` Sean Christopherson
2025-06-11 14:58 ` Edgecombe, Rick P
2025-06-11 16:26 ` Sean Christopherson
2025-06-11 16:53 ` Edgecombe, Rick P
2025-06-11 18:13 ` Sean Christopherson
2025-06-11 18:52 ` Edgecombe, Rick P
2025-06-12 8:27 ` Huang, Kai
2025-06-12 15:26 ` Edgecombe, Rick P
2025-06-20 18:27 ` Edgecombe, Rick P
2025-06-10 2:14 ` [RFC PATCH 4/4] KVM: TDX: Check KVM exit on KVM_HC_MAP_GPA_RANGE when TD finalize Binbin Wu
2025-06-10 17:01 ` Edgecombe, Rick P
2025-06-10 19:58 ` Sean Christopherson
2025-06-11 1:22 ` Binbin Wu
2025-06-11 13:36 ` Sean Christopherson
2025-06-11 14:01 ` Xiaoyao Li
2025-06-11 14:04 ` Edgecombe, Rick P
2025-06-11 14:26 ` Xiaoyao Li
2025-06-11 16:00 ` Binbin Wu
2025-06-11 15:33 ` Binbin Wu
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20250610021422.1214715-2-binbin.wu@linux.intel.com \
--to=binbin.wu@linux.intel.com \
--cc=adrian.hunter@intel.com \
--cc=isaku.yamahata@intel.com \
--cc=jiewen.yao@intel.com \
--cc=kai.huang@intel.com \
--cc=kirill.shutemov@intel.com \
--cc=kvm@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=mikko.ylinen@linux.intel.com \
--cc=pbonzini@redhat.com \
--cc=reinette.chatre@intel.com \
--cc=rick.p.edgecombe@intel.com \
--cc=seanjc@google.com \
--cc=tony.lindgren@intel.com \
--cc=xiaoyao.li@intel.com \
--cc=yan.y.zhao@intel.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.