All of lore.kernel.org
 help / color / mirror / Atom feed
From: Sean Christopherson <seanjc@google.com>
To: Kuppuswamy Sathyanarayanan  <sathyanarayanan.kuppuswamy@linux.intel.com>
Cc: Thomas Gleixner <tglx@linutronix.de>,
	Ingo Molnar <mingo@redhat.com>, Borislav Petkov <bp@alien8.de>,
	x86@kernel.org, Paolo Bonzini <pbonzini@redhat.com>,
	David Hildenbrand <david@redhat.com>,
	Andrea Arcangeli <aarcange@redhat.com>,
	Josh Poimboeuf <jpoimboe@redhat.com>,
	"H . Peter Anvin" <hpa@zytor.com>,
	Dave Hansen <dave.hansen@intel.com>,
	Tony Luck <tony.luck@intel.com>,
	Dan Williams <dan.j.williams@intel.com>,
	Andi Kleen <ak@linux.intel.com>,
	Kirill Shutemov <kirill.shutemov@linux.intel.com>,
	Kuppuswamy Sathyanarayanan <knsathya@kernel.org>,
	linux-kernel@vger.kernel.org
Subject: Re: [PATCH v7 04/10] x86/tdx: Handle early IO operations
Date: Fri, 5 Nov 2021 21:12:58 +0000	[thread overview]
Message-ID: <YYWeWlmYvotKrX+p@google.com> (raw)
In-Reply-To: <20211005204136.1812078-5-sathyanarayanan.kuppuswamy@linux.intel.com>

On Tue, Oct 05, 2021, Kuppuswamy Sathyanarayanan wrote:
> Signed-off-by: Andi Kleen <ak@linux.intel.com>
> Reviewed-by: Dan Williams <dan.j.williams@intel.com>
> Reviewed-by: Andi Kleen <ak@linux.intel.com>

Heh, is Andi double-dipping to pad his stats?  :-D

> Signed-off-by: Kuppuswamy Sathyanarayanan <sathyanarayanan.kuppuswamy@linux.intel.com>
> ---

...

> diff --git a/arch/x86/kernel/tdx.c b/arch/x86/kernel/tdx.c
> index 11e367228e96..4cbffcb737d9 100644
> --- a/arch/x86/kernel/tdx.c
> +++ b/arch/x86/kernel/tdx.c
> @@ -10,6 +10,11 @@
>  /* TDX Module call Leaf IDs */
>  #define TDGETVEINFO			3
>  
> +#define VE_IS_IO_OUT(exit_qual)		(((exit_qual) & 8) ? 0 : 1)
> +#define VE_GET_IO_SIZE(exit_qual)	(((exit_qual) & 7) + 1)
> +#define VE_GET_PORT_NUM(exit_qual)	((exit_qual) >> 16)
> +#define VE_IS_IO_STRING(exit_qual)	((exit_qual) & 16 ? 1 : 0)
> +
>  /*
>   * Allocate it in the data region to avoid zeroing it during
>   * BSS initialization. It is mainly used in cc_platform_has()
> @@ -228,6 +233,61 @@ int tdx_handle_virtualization_exception(struct pt_regs *regs,
>  	return ret;
>  }
>  
> +/*
> + * Handle early IO, mainly for early printks serial output.
> + * This avoids anything that doesn't work early on, like tracing
> + * or printks, by calling the low level functions directly. Any
> + * problems are handled by falling back to a standard early exception.
> + *
> + * Assumes the IO instruction was using ax, which is enforced
> + * by the standard io.h macros.
> + */
> +static __init bool tdx_early_io(struct pt_regs *regs, u32 exit_qual)
> +{
> +	struct tdx_hypercall_output outh;

"outh" looks like a typo.  Maybe "result" or something alongs those lines?

> +	int out, size, port, ret;
> +	bool string;
> +	u64 mask;
> +
> +	string = VE_IS_IO_STRING(exit_qual);
> +
> +	/* I/O strings ops are unrolled at build time. */
> +	if (string)

Why bother with "string"?

	if (VE_IS_IO_STRING(exit_qual))
		return false;

> +		return 0;

Ugh.  This needs to be "return false".  "return 0" in the kernel usually means
success, but this horror returns a bool where "false" is failure.

> +
> +	out = VE_IS_IO_OUT(exit_qual);
> +	size = VE_GET_IO_SIZE(exit_qual);
> +	port = VE_GET_PORT_NUM(exit_qual);
> +	mask = GENMASK(8 * size, 0);

size * BITS_PER_BYTE

> +
> +	ret = _tdx_hypercall(EXIT_REASON_IO_INSTRUCTION, size, out, port,
> +			     regs->ax, &outh);

This unnecessarily exposes RAX to the untrusted VMM for IN.

> +	if (!out && !ret) {
> +		regs->ax &= ~mask;
> +		regs->ax |= outh.r11 & mask;
> +	}
> +
> +	return !ret;
> +}

  reply	other threads:[~2021-11-05 21:13 UTC|newest]

Thread overview: 22+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2021-10-05 20:41 [PATCH v7 00/10] Add TDX Guest Support (#VE handler support) Kuppuswamy Sathyanarayanan
2021-10-05 20:41 ` [PATCH v7 01/10] x86/io: Allow to override inX() and outX() implementation Kuppuswamy Sathyanarayanan
2021-10-17 19:27   ` Thomas Gleixner
2021-10-17 20:17     ` Sathyanarayanan Kuppuswamy
2021-10-05 20:41 ` [PATCH v7 02/10] x86/tdx: Add early_is_tdx_guest() interface Kuppuswamy Sathyanarayanan
2021-10-17 19:28   ` Thomas Gleixner
2021-10-05 20:41 ` [PATCH v7 03/10] x86/tdx: Handle port I/O in decompression code Kuppuswamy Sathyanarayanan
2021-10-05 20:41 ` [PATCH v7 04/10] x86/tdx: Handle early IO operations Kuppuswamy Sathyanarayanan
2021-11-05 21:12   ` Sean Christopherson [this message]
2021-11-05 23:08     ` Sathyanarayanan Kuppuswamy
2021-10-05 20:41 ` [PATCH v7 05/10] x86/tdx: Handle port I/O Kuppuswamy Sathyanarayanan
2021-10-17 19:58   ` Thomas Gleixner
2021-10-17 20:35     ` Sathyanarayanan Kuppuswamy
2021-10-18 13:52       ` Tom Lendacky
2021-10-18 18:42         ` Sathyanarayanan Kuppuswamy
2021-11-05 21:23   ` Sean Christopherson
2021-10-05 20:41 ` [PATCH v7 06/10] x86/insn-eval: Introduce insn_get_modrm_reg_ptr() Kuppuswamy Sathyanarayanan
2021-10-05 20:41 ` [PATCH v7 07/10] x86/insn-eval: Introduce insn_decode_mmio() Kuppuswamy Sathyanarayanan
2021-10-05 20:41 ` [PATCH v7 08/10] x86/sev-es: Use insn_decode_mmio() for MMIO implementation Kuppuswamy Sathyanarayanan
2021-10-05 20:41 ` [PATCH v7 09/10] x86/tdx: Handle in-kernel MMIO Kuppuswamy Sathyanarayanan
2021-11-05 22:41   ` Sean Christopherson
2021-10-05 20:41 ` [PATCH v7 10/10] x86/tdx: Handle MWAIT and MONITOR Kuppuswamy Sathyanarayanan

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=YYWeWlmYvotKrX+p@google.com \
    --to=seanjc@google.com \
    --cc=aarcange@redhat.com \
    --cc=ak@linux.intel.com \
    --cc=bp@alien8.de \
    --cc=dan.j.williams@intel.com \
    --cc=dave.hansen@intel.com \
    --cc=david@redhat.com \
    --cc=hpa@zytor.com \
    --cc=jpoimboe@redhat.com \
    --cc=kirill.shutemov@linux.intel.com \
    --cc=knsathya@kernel.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=mingo@redhat.com \
    --cc=pbonzini@redhat.com \
    --cc=sathyanarayanan.kuppuswamy@linux.intel.com \
    --cc=tglx@linutronix.de \
    --cc=tony.luck@intel.com \
    --cc=x86@kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.