From: Chao Gao <chao.gao@intel.com>
To: Rick Edgecombe <rick.p.edgecombe@intel.com>
Cc: <seanjc@google.com>, <pbonzini@redhat.com>, <kvm@vger.kernel.org>,
<kai.huang@intel.com>, <isaku.yamahata@gmail.com>,
<tony.lindgren@linux.intel.com>, <xiaoyao.li@intel.com>,
<linux-kernel@vger.kernel.org>
Subject: Re: [PATCH 10/25] KVM: TDX: Initialize KVM supported capabilities when module setup
Date: Tue, 13 Aug 2024 11:25:37 +0800 [thread overview]
Message-ID: <ZrrSMaAxyqMBcp8a@chao-email> (raw)
In-Reply-To: <20240812224820.34826-11-rick.p.edgecombe@intel.com>
On Mon, Aug 12, 2024 at 03:48:05PM -0700, Rick Edgecombe wrote:
>From: Xiaoyao Li <xiaoyao.li@intel.com>
>
>While TDX module reports a set of capabilities/features that it
>supports, what KVM currently supports might be a subset of them.
>E.g., DEBUG and PERFMON are supported by TDX module but currently not
>supported by KVM.
>
>Introduce a new struct kvm_tdx_caps to store KVM's capabilities of TDX.
>supported_attrs and suppported_xfam are validated against fixed0/1
>values enumerated by TDX module. Configurable CPUID bits derive from TDX
>module plus applying KVM's capabilities (KVM_GET_SUPPORTED_CPUID),
>i.e., mask off the bits that are configurable in the view of TDX module
>but not supported by KVM yet.
>
>KVM_TDX_CPUID_NO_SUBLEAF is the concept from TDX module, switch it to 0
>and use KVM_CPUID_FLAG_SIGNIFCANT_INDEX, which are the concept of KVM.
If we convert KVM_TDX_CPUID_NO_SUBLEAF to 0 when reporting capabilities to
QEMU, QEMU cannot distinguish a CPUID subleaf 0 from a CPUID w/o subleaf.
Does it matter to QEMU?
>
>Signed-off-by: Xiaoyao Li <xiaoyao.li@intel.com>
>Signed-off-by: Rick Edgecombe <rick.p.edgecombe@intel.com>
>---
>uAPI breakout v1:
> - Change setup_kvm_tdx_caps() to use the exported 'struct tdx_sysinfo'
> pointer.
> - Change how to copy 'kvm_tdx_cpuid_config' since 'struct tdx_sysinfo'
> doesn't have 'kvm_tdx_cpuid_config'.
> - Updates for uAPI changes
>---
> arch/x86/include/uapi/asm/kvm.h | 2 -
> arch/x86/kvm/vmx/tdx.c | 81 +++++++++++++++++++++++++++++++++
> 2 files changed, 81 insertions(+), 2 deletions(-)
>
>diff --git a/arch/x86/include/uapi/asm/kvm.h b/arch/x86/include/uapi/asm/kvm.h
>index 47caf508cca7..c9eb2e2f5559 100644
>--- a/arch/x86/include/uapi/asm/kvm.h
>+++ b/arch/x86/include/uapi/asm/kvm.h
>@@ -952,8 +952,6 @@ struct kvm_tdx_cmd {
> __u64 hw_error;
> };
>
>-#define KVM_TDX_CPUID_NO_SUBLEAF ((__u32)-1)
>-
This definition can be dropped from the previous patch because it isn't
used there.
> struct kvm_tdx_cpuid_config {
> __u32 leaf;
> __u32 sub_leaf;
>diff --git a/arch/x86/kvm/vmx/tdx.c b/arch/x86/kvm/vmx/tdx.c
>index 90b44ebaf864..d89973e554f6 100644
>--- a/arch/x86/kvm/vmx/tdx.c
>+++ b/arch/x86/kvm/vmx/tdx.c
>@@ -31,6 +31,19 @@ static void __used tdx_guest_keyid_free(int keyid)
> ida_free(&tdx_guest_keyid_pool, keyid);
> }
>
>+#define KVM_TDX_CPUID_NO_SUBLEAF ((__u32)-1)
>+
>+struct kvm_tdx_caps {
>+ u64 supported_attrs;
>+ u64 supported_xfam;
>+
>+ u16 num_cpuid_config;
>+ /* This must the last member. */
>+ DECLARE_FLEX_ARRAY(struct kvm_tdx_cpuid_config, cpuid_configs);
>+};
>+
>+static struct kvm_tdx_caps *kvm_tdx_caps;
>+
> static int tdx_get_capabilities(struct kvm_tdx_cmd *cmd)
> {
> const struct tdx_sysinfo_td_conf *td_conf = &tdx_sysinfo->td_conf;
>@@ -131,6 +144,68 @@ int tdx_vm_ioctl(struct kvm *kvm, void __user *argp)
> return r;
> }
>
>+#define KVM_SUPPORTED_TD_ATTRS (TDX_TD_ATTR_SEPT_VE_DISABLE)
>+
>+static int __init setup_kvm_tdx_caps(void)
>+{
>+ const struct tdx_sysinfo_td_conf *td_conf = &tdx_sysinfo->td_conf;
>+ u64 kvm_supported;
>+ int i;
>+
>+ kvm_tdx_caps = kzalloc(sizeof(*kvm_tdx_caps) +
>+ sizeof(struct kvm_tdx_cpuid_config) * td_conf->num_cpuid_config,
struct_size()
>+ GFP_KERNEL);
>+ if (!kvm_tdx_caps)
>+ return -ENOMEM;
>+
>+ kvm_supported = KVM_SUPPORTED_TD_ATTRS;
>+ if ((kvm_supported & td_conf->attributes_fixed1) != td_conf->attributes_fixed1)
>+ goto err;
>+
>+ kvm_tdx_caps->supported_attrs = kvm_supported & td_conf->attributes_fixed0;
>+
>+ kvm_supported = kvm_caps.supported_xcr0 | kvm_caps.supported_xss;
>+
>+ /*
>+ * PT and CET can be exposed to TD guest regardless of KVM's XSS, PT
>+ * and, CET support.
>+ */
>+ kvm_supported |= XFEATURE_MASK_PT | XFEATURE_MASK_CET_USER |
>+ XFEATURE_MASK_CET_KERNEL;
I prefer to add PT/CET bits in separate patches because PT/CET related MSRs may
need save/restore. Putting them in separate patches can give us the chance to
explain this in detail.
>+ if ((kvm_supported & td_conf->xfam_fixed1) != td_conf->xfam_fixed1)
>+ goto err;
>+
>+ kvm_tdx_caps->supported_xfam = kvm_supported & td_conf->xfam_fixed0;
>+
>+ kvm_tdx_caps->num_cpuid_config = td_conf->num_cpuid_config;
>+ for (i = 0; i < td_conf->num_cpuid_config; i++) {
>+ struct kvm_tdx_cpuid_config source = {
>+ .leaf = (u32)td_conf->cpuid_config_leaves[i],
>+ .sub_leaf = td_conf->cpuid_config_leaves[i] >> 32,
>+ .eax = (u32)td_conf->cpuid_config_values[i].eax_ebx,
>+ .ebx = td_conf->cpuid_config_values[i].eax_ebx >> 32,
>+ .ecx = (u32)td_conf->cpuid_config_values[i].ecx_edx,
>+ .edx = td_conf->cpuid_config_values[i].ecx_edx >> 32,
>+ };
>+ struct kvm_tdx_cpuid_config *dest =
>+ &kvm_tdx_caps->cpuid_configs[i];
>+
>+ memcpy(dest, &source, sizeof(struct kvm_tdx_cpuid_config));
this memcpy() looks superfluous. does this work?
kvm_tdx_caps->cpuid_configs[i] = {
.leaf = (u32)td_conf->cpuid_config_leaves[i],
.sub_leaf = td_conf->cpuid_config_leaves[i] >> 32,
.eax = (u32)td_conf->cpuid_config_values[i].eax_ebx,
.ebx = td_conf->cpuid_config_values[i].eax_ebx >> 32,
.ecx = (u32)td_conf->cpuid_config_values[i].ecx_edx,
.edx = td_conf->cpuid_config_values[i].ecx_edx >> 32,
};
>+ if (dest->sub_leaf == KVM_TDX_CPUID_NO_SUBLEAF)
>+ dest->sub_leaf = 0;
>+ }
>+
>+ return 0;
>+err:
>+ kfree(kvm_tdx_caps);
>+ return -EIO;
>+}
next prev parent reply other threads:[~2024-08-13 3:25 UTC|newest]
Thread overview: 191+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-08-12 22:47 [PATCH 00/25] TDX vCPU/VM creation Rick Edgecombe
2024-08-12 22:47 ` [PATCH 01/25] KVM: TDX: Add placeholders for TDX VM/vCPU structures Rick Edgecombe
2024-09-10 16:00 ` Paolo Bonzini
2024-08-12 22:47 ` [PATCH 02/25] KVM: TDX: Define TDX architectural definitions Rick Edgecombe
2024-08-29 13:25 ` Xiaoyao Li
2024-08-29 19:46 ` Edgecombe, Rick P
2024-08-30 1:29 ` Xiaoyao Li
2024-08-30 4:45 ` Tony Lindgren
2024-09-10 16:21 ` Paolo Bonzini
2024-09-10 17:49 ` Sean Christopherson
2024-08-12 22:47 ` [PATCH 03/25] KVM: TDX: Add TDX "architectural" error codes Rick Edgecombe
2024-08-13 6:08 ` Binbin Wu
2024-08-29 5:24 ` Tony Lindgren
2024-08-30 5:52 ` Tony Lindgren
2024-09-10 16:22 ` Paolo Bonzini
2024-09-11 5:58 ` Tony Lindgren
2024-08-12 22:47 ` [PATCH 04/25] KVM: TDX: Add C wrapper functions for SEAMCALLs to the TDX module Rick Edgecombe
2024-08-12 22:48 ` [PATCH 05/25] KVM: TDX: Add helper functions to print TDX SEAMCALL error Rick Edgecombe
2024-08-13 16:32 ` Isaku Yamahata
2024-08-13 22:34 ` Huang, Kai
2024-08-14 0:31 ` Isaku Yamahata
2024-08-30 5:56 ` Tony Lindgren
2024-08-12 22:48 ` [PATCH 06/25] x86/virt/tdx: Export TDX KeyID information Rick Edgecombe
2024-08-30 18:45 ` Dave Hansen
2024-08-30 19:16 ` Edgecombe, Rick P
2024-08-30 21:18 ` Dave Hansen
2024-09-10 16:26 ` Paolo Bonzini
2024-08-12 22:48 ` [PATCH 07/25] KVM: TDX: Add helper functions to allocate/free TDX private host key id Rick Edgecombe
2024-09-10 16:27 ` Paolo Bonzini
2024-09-10 16:39 ` Edgecombe, Rick P
2024-09-10 16:42 ` Paolo Bonzini
2024-09-10 16:43 ` Edgecombe, Rick P
2024-08-12 22:48 ` [PATCH 08/25] KVM: TDX: Add place holder for TDX VM specific mem_enc_op ioctl Rick Edgecombe
2024-08-13 6:25 ` Binbin Wu
2024-08-13 16:37 ` Isaku Yamahata
2024-08-30 6:00 ` Tony Lindgren
2024-08-12 22:48 ` [PATCH 09/25] KVM: TDX: Get system-wide info about TDX module on initialization Rick Edgecombe
2024-08-13 6:47 ` Binbin Wu
2024-08-30 6:59 ` Tony Lindgren
2024-08-14 6:18 ` Binbin Wu
2024-08-21 0:11 ` Edgecombe, Rick P
2024-08-21 6:14 ` Tony Lindgren
2024-08-15 7:59 ` Xu Yilun
2024-08-30 7:21 ` Tony Lindgren
2024-09-02 1:25 ` Xu Yilun
2024-09-02 5:05 ` Tony Lindgren
2024-08-12 22:48 ` [PATCH 10/25] KVM: TDX: Initialize KVM supported capabilities when module setup Rick Edgecombe
2024-08-13 3:25 ` Chao Gao [this message]
2024-08-13 5:26 ` Huang, Kai
2024-08-30 8:44 ` Tony Lindgren
2024-08-13 7:24 ` Binbin Wu
2024-08-14 0:26 ` Chao Gao
2024-08-14 2:36 ` Binbin Wu
2024-08-30 8:34 ` Tony Lindgren
2024-09-10 16:58 ` Paolo Bonzini
2024-09-11 11:07 ` Tony Lindgren
2024-09-03 16:53 ` Edgecombe, Rick P
2024-08-19 1:33 ` Tao Su
2024-08-29 13:28 ` Xiaoyao Li
2024-08-26 11:04 ` Nikolay Borisov
2024-08-29 4:51 ` Tony Lindgren
2024-09-10 17:15 ` Paolo Bonzini
2024-09-11 11:04 ` Tony Lindgren
2024-10-10 8:25 ` Xiaoyao Li
2024-10-10 9:49 ` Tony Lindgren
2024-09-04 11:58 ` Nikolay Borisov
2024-09-05 13:36 ` Xiaoyao Li
2024-09-12 8:04 ` Nikolay Borisov
2024-09-12 8:37 ` Xiaoyao Li
2024-09-12 8:43 ` Nikolay Borisov
2024-09-12 9:07 ` Xiaoyao Li
2024-09-12 15:12 ` Edgecombe, Rick P
2024-09-12 15:18 ` Nikolay Borisov
2024-08-12 22:48 ` [PATCH 11/25] KVM: TDX: Report kvm_tdx_caps in KVM_TDX_CAPABILITIES Rick Edgecombe
2024-08-13 3:35 ` Chao Gao
2024-08-19 10:24 ` Nikolay Borisov
2024-08-21 0:06 ` Edgecombe, Rick P
2024-08-12 22:48 ` [PATCH 12/25] KVM: TDX: Allow userspace to configure maximum vCPUs for TDX guests Rick Edgecombe
2024-08-19 1:17 ` Tao Su
2024-08-21 0:12 ` Edgecombe, Rick P
2024-08-30 8:53 ` Tony Lindgren
2024-09-30 2:14 ` Xiaoyao Li
2024-08-12 22:48 ` [PATCH 13/25] KVM: TDX: create/destroy VM structure Rick Edgecombe
2024-08-14 3:08 ` Yuan Yao
2024-08-21 6:13 ` Tony Lindgren
2024-08-16 7:31 ` Xu Yilun
2024-08-30 9:26 ` Tony Lindgren
2024-08-19 15:09 ` Nikolay Borisov
2024-08-21 0:23 ` Edgecombe, Rick P
2024-08-21 5:39 ` Tony Lindgren
2024-08-21 16:52 ` Edgecombe, Rick P
2024-08-30 9:40 ` Tony Lindgren
2024-09-02 9:22 ` Tony Lindgren
2024-08-12 22:48 ` [PATCH 14/25] KVM: TDX: initialize VM with TDX specific parameters Rick Edgecombe
2024-08-19 15:35 ` Nikolay Borisov
2024-08-21 0:01 ` Edgecombe, Rick P
2024-08-29 6:27 ` Yan Zhao
2024-09-02 10:31 ` Tony Lindgren
2024-09-05 6:59 ` Yan Zhao
2024-09-05 9:27 ` Tony Lindgren
2024-09-06 4:05 ` Yan Zhao
2024-09-06 4:32 ` Tony Lindgren
2024-09-06 13:52 ` Wang, Wei W
2024-09-03 2:58 ` Chenyi Qiang
2024-09-03 5:44 ` Tony Lindgren
2024-09-03 8:04 ` Chenyi Qiang
2024-09-05 9:31 ` Tony Lindgren
2024-10-01 20:45 ` Edgecombe, Rick P
2024-10-02 23:39 ` Edgecombe, Rick P
2024-08-12 22:48 ` [PATCH 15/25] KVM: TDX: Make pmu_intel.c ignore guest TD case Rick Edgecombe
2024-09-10 17:23 ` Paolo Bonzini
2024-10-01 10:23 ` Tony Lindgren
2024-08-12 22:48 ` [PATCH 16/25] KVM: TDX: Don't offline the last cpu of one package when there's TDX guest Rick Edgecombe
2024-08-13 8:37 ` Binbin Wu
2024-08-12 22:48 ` [PATCH 17/25] KVM: TDX: create/free TDX vcpu structure Rick Edgecombe
2024-08-13 9:15 ` Binbin Wu
2024-09-02 10:50 ` Tony Lindgren
2024-08-19 16:46 ` Nikolay Borisov
2024-08-29 5:00 ` Tony Lindgren
2024-08-29 6:41 ` Yan Zhao
2024-08-12 22:48 ` [PATCH 18/25] KVM: TDX: Do TDX specific vcpu initialization Rick Edgecombe
2024-08-13 8:00 ` Yuan Yao
2024-08-13 17:21 ` Isaku Yamahata
2024-08-14 1:20 ` Yuan Yao
2024-08-15 0:47 ` Isaku Yamahata
2024-09-03 5:23 ` Tony Lindgren
2024-10-09 15:01 ` Adrian Hunter
2024-10-16 17:42 ` Edgecombe, Rick P
2024-10-18 2:21 ` Xiaoyao Li
2024-10-18 14:20 ` Edgecombe, Rick P
2024-10-21 8:35 ` Xiaoyao Li
2024-10-26 1:12 ` Edgecombe, Rick P
2024-08-28 14:34 ` Edgecombe, Rick P
2024-09-03 5:34 ` Tony Lindgren
2024-08-12 22:48 ` [PATCH 19/25] KVM: X86: Introduce kvm_get_supported_cpuid_internal() Rick Edgecombe
2024-08-12 22:48 ` [PATCH 20/25] KVM: X86: Introduce tdx_get_kvm_supported_cpuid() Rick Edgecombe
2024-08-12 22:48 ` [PATCH 21/25] KVM: x86: Introduce KVM_TDX_GET_CPUID Rick Edgecombe
2024-08-19 2:59 ` Tao Su
2024-09-03 6:21 ` Tony Lindgren
2024-09-10 17:27 ` Paolo Bonzini
2024-08-19 5:02 ` Xu Yilun
2024-09-03 7:19 ` Tony Lindgren
2024-09-10 17:29 ` Paolo Bonzini
2024-09-11 11:11 ` Tony Lindgren
2024-08-26 14:09 ` Nikolay Borisov
2024-08-26 17:46 ` Edgecombe, Rick P
2024-08-27 12:19 ` Nikolay Borisov
2024-08-27 20:40 ` Edgecombe, Rick P
2024-09-30 6:26 ` Xiaoyao Li
2024-09-30 16:22 ` Edgecombe, Rick P
2024-08-12 22:48 ` [PATCH 22/25] KVM: TDX: Use guest physical address to configure EPT level and GPAW Rick Edgecombe
2024-09-10 17:31 ` Paolo Bonzini
2024-10-10 9:13 ` Xiaoyao Li
2024-10-10 10:36 ` Tony Lindgren
2024-08-12 22:48 ` [PATCH 23/25] KVM: x86/mmu: Taking guest pa into consideration when calculate tdp level Rick Edgecombe
2024-09-10 17:33 ` Paolo Bonzini
2024-08-12 22:48 ` [PATCH 24/25] KVM: x86: Filter directly configurable TDX CPUID bits Rick Edgecombe
2024-08-19 5:02 ` Xu Yilun
2024-09-03 7:51 ` Tony Lindgren
2024-09-10 17:36 ` Paolo Bonzini
2024-08-12 22:48 ` [PATCH 25/25] KVM: x86: Add CPUID bits missing from KVM_GET_SUPPORTED_CPUID Rick Edgecombe
2024-08-13 11:34 ` Chao Gao
2024-08-13 15:14 ` Xiaoyao Li
2024-08-14 0:47 ` Chao Gao
2024-08-14 1:16 ` Sean Christopherson
2024-08-14 10:46 ` Chao Gao
2024-08-14 13:35 ` Sean Christopherson
2024-08-14 17:35 ` Edgecombe, Rick P
2024-08-14 21:22 ` Sean Christopherson
2024-08-13 18:45 ` Edgecombe, Rick P
2024-08-14 1:10 ` Sean Christopherson
2024-08-14 11:36 ` Chao Gao
2024-08-14 17:17 ` Edgecombe, Rick P
2024-09-10 17:52 ` Paolo Bonzini
2024-09-12 7:48 ` Xiaoyao Li
2024-09-12 14:09 ` Paolo Bonzini
2024-09-12 14:45 ` Xiaoyao Li
2024-09-12 14:48 ` Paolo Bonzini
2024-09-12 15:26 ` Xiaoyao Li
2024-09-12 16:42 ` Sean Christopherson
2024-09-12 18:29 ` Paolo Bonzini
2024-09-12 18:41 ` Sean Christopherson
2024-09-13 3:54 ` Xiaoyao Li
2024-09-12 18:42 ` Edgecombe, Rick P
2024-09-13 3:57 ` Xiaoyao Li
2024-09-12 15:07 ` Edgecombe, Rick P
2024-09-12 15:37 ` Paolo Bonzini
2024-09-12 16:38 ` Edgecombe, Rick P
2024-08-15 5:20 ` [PATCH 00/25] TDX vCPU/VM creation Tony Lindgren
2024-08-15 23:46 ` Edgecombe, Rick P
2024-08-16 5:18 ` Tony Lindgren
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=ZrrSMaAxyqMBcp8a@chao-email \
--to=chao.gao@intel.com \
--cc=isaku.yamahata@gmail.com \
--cc=kai.huang@intel.com \
--cc=kvm@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=pbonzini@redhat.com \
--cc=rick.p.edgecombe@intel.com \
--cc=seanjc@google.com \
--cc=tony.lindgren@linux.intel.com \
--cc=xiaoyao.li@intel.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.