From: Sagi Shahar <sagis@google.com>
To: linux-kselftest@vger.kernel.org,
Paolo Bonzini <pbonzini@redhat.com>,
Shuah Khan <shuah@kernel.org>,
Sean Christopherson <seanjc@google.com>,
Ackerley Tng <ackerleytng@google.com>,
Ryan Afranji <afranji@google.com>,
Andrew Jones <ajones@ventanamicro.com>,
Isaku Yamahata <isaku.yamahata@intel.com>,
Erdem Aktas <erdemaktas@google.com>,
Rick Edgecombe <rick.p.edgecombe@intel.com>,
Sagi Shahar <sagis@google.com>,
Roger Wang <runanwang@google.com>,
Binbin Wu <binbin.wu@linux.intel.com>,
Oliver Upton <oliver.upton@linux.dev>,
"Pratik R. Sampat" <pratikrajesh.sampat@amd.com>,
Reinette Chatre <reinette.chatre@intel.com>,
Ira Weiny <ira.weiny@intel.com>, Chao Gao <chao.gao@intel.com>,
Chenyi Qiang <chenyi.qiang@intel.com>
Cc: linux-kernel@vger.kernel.org, kvm@vger.kernel.org
Subject: [PATCH v11 09/21] KVM: selftests: Set up TDX boot code region
Date: Thu, 25 Sep 2025 10:28:37 -0700 [thread overview]
Message-ID: <20250925172851.606193-10-sagis@google.com> (raw)
In-Reply-To: <20250925172851.606193-1-sagis@google.com>
Add memory for TDX boot code in a separate memslot.
Use virt_map() to get identity map in this memory region to allow for
seamless transition from paging disabled to paging enabled code.
Copy the boot code into the memory region and set up the reset vector
at this point. While it's possible to separate the memory allocation and
boot code initialization into separate functions, having all the
calculations for memory size and offsets in one place simplifies the
code and avoids duplications.
Handcode the reset vector as suggested by Sean Christopherson.
Reviewed-by: Binbin Wu <binbin.wu@linux.intel.com>
Suggested-by: Sean Christopherson <seanjc@google.com>
Co-developed-by: Erdem Aktas <erdemaktas@google.com>
Signed-off-by: Erdem Aktas <erdemaktas@google.com>
Signed-off-by: Sagi Shahar <sagis@google.com>
---
tools/testing/selftests/kvm/Makefile.kvm | 1 +
.../selftests/kvm/include/x86/tdx/tdx_util.h | 2 +
.../selftests/kvm/lib/x86/tdx/tdx_util.c | 54 +++++++++++++++++++
3 files changed, 57 insertions(+)
create mode 100644 tools/testing/selftests/kvm/lib/x86/tdx/tdx_util.c
diff --git a/tools/testing/selftests/kvm/Makefile.kvm b/tools/testing/selftests/kvm/Makefile.kvm
index d11d02e17cc5..52c90f1c0484 100644
--- a/tools/testing/selftests/kvm/Makefile.kvm
+++ b/tools/testing/selftests/kvm/Makefile.kvm
@@ -31,6 +31,7 @@ LIBKVM_x86 += lib/x86/sev.c
LIBKVM_x86 += lib/x86/svm.c
LIBKVM_x86 += lib/x86/ucall.c
LIBKVM_x86 += lib/x86/vmx.c
+LIBKVM_x86 += lib/x86/tdx/tdx_util.c
LIBKVM_x86 += lib/x86/tdx/td_boot.S
LIBKVM_arm64 += lib/arm64/gic.c
diff --git a/tools/testing/selftests/kvm/include/x86/tdx/tdx_util.h b/tools/testing/selftests/kvm/include/x86/tdx/tdx_util.h
index 286d5e3c24b1..ec05bcd59145 100644
--- a/tools/testing/selftests/kvm/include/x86/tdx/tdx_util.h
+++ b/tools/testing/selftests/kvm/include/x86/tdx/tdx_util.h
@@ -11,4 +11,6 @@ static inline bool is_tdx_vm(struct kvm_vm *vm)
return vm->type == KVM_X86_TDX_VM;
}
+void vm_tdx_setup_boot_code_region(struct kvm_vm *vm);
+
#endif // SELFTESTS_TDX_TDX_UTIL_H
diff --git a/tools/testing/selftests/kvm/lib/x86/tdx/tdx_util.c b/tools/testing/selftests/kvm/lib/x86/tdx/tdx_util.c
new file mode 100644
index 000000000000..a1cf12de9d56
--- /dev/null
+++ b/tools/testing/selftests/kvm/lib/x86/tdx/tdx_util.c
@@ -0,0 +1,54 @@
+// SPDX-License-Identifier: GPL-2.0-only
+
+#include <stdint.h>
+
+#include "kvm_util.h"
+#include "processor.h"
+#include "tdx/td_boot.h"
+#include "tdx/tdx_util.h"
+
+/* Arbitrarily selected to avoid overlaps with anything else */
+#define TD_BOOT_CODE_SLOT 20
+
+#define X86_RESET_VECTOR 0xfffffff0ul
+#define X86_RESET_VECTOR_SIZE 16
+
+void vm_tdx_setup_boot_code_region(struct kvm_vm *vm)
+{
+ size_t total_code_size = TD_BOOT_CODE_SIZE + X86_RESET_VECTOR_SIZE;
+ vm_paddr_t boot_code_gpa = X86_RESET_VECTOR - TD_BOOT_CODE_SIZE;
+ vm_paddr_t alloc_gpa = round_down(boot_code_gpa, PAGE_SIZE);
+ size_t nr_pages = DIV_ROUND_UP(total_code_size, PAGE_SIZE);
+ vm_paddr_t gpa;
+ uint8_t *hva;
+
+ vm_userspace_mem_region_add(vm, VM_MEM_SRC_ANONYMOUS,
+ alloc_gpa,
+ TD_BOOT_CODE_SLOT, nr_pages,
+ KVM_MEM_GUEST_MEMFD);
+
+ gpa = vm_phy_pages_alloc(vm, nr_pages, alloc_gpa, TD_BOOT_CODE_SLOT);
+ TEST_ASSERT(gpa == alloc_gpa, "Failed vm_phy_pages_alloc\n");
+
+ virt_map(vm, alloc_gpa, alloc_gpa, nr_pages);
+ hva = addr_gpa2hva(vm, boot_code_gpa);
+ memcpy(hva, td_boot, TD_BOOT_CODE_SIZE);
+
+ hva += TD_BOOT_CODE_SIZE;
+ TEST_ASSERT(hva == addr_gpa2hva(vm, X86_RESET_VECTOR),
+ "Expected RESET vector at hva 0x%lx, got %lx",
+ (unsigned long)addr_gpa2hva(vm, X86_RESET_VECTOR), (unsigned long)hva);
+
+ /*
+ * Handcode "JMP rel8" at the RESET vector to jump back to the TD boot
+ * code, as there are only 16 bytes at the RESET vector before RIP will
+ * wrap back to zero. Insert a trailing int3 so that the vCPU crashes
+ * in case the JMP somehow falls through. Note! The target address is
+ * relative to the end of the instruction!
+ */
+ TEST_ASSERT(TD_BOOT_CODE_SIZE + 2 <= 128,
+ "TD boot code not addressable by 'JMP rel8'");
+ hva[0] = 0xeb;
+ hva[1] = 256 - 2 - TD_BOOT_CODE_SIZE;
+ hva[2] = 0xcc;
+}
--
2.51.0.536.g15c5d4f767-goog
next prev parent reply other threads:[~2025-09-25 17:29 UTC|newest]
Thread overview: 33+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-09-25 17:28 [PATCH v11 00/21] TDX KVM selftests Sagi Shahar
2025-09-25 17:28 ` [PATCH v11 01/21] KVM: selftests: Allocate pgd in virt_map() as necessary Sagi Shahar
2025-09-25 17:28 ` [PATCH v11 02/21] KVM: selftests: Expose functions to get default sregs values Sagi Shahar
2025-09-25 17:28 ` [PATCH v11 03/21] KVM: selftests: Expose function to allocate guest vCPU stack Sagi Shahar
2025-09-25 17:28 ` [PATCH v11 04/21] KVM: selftests: Update kvm_init_vm_address_properties() for TDX Sagi Shahar
2025-09-25 17:28 ` [PATCH v11 05/21] KVM: selftests: Expose segment definitons to assembly files Sagi Shahar
2025-09-25 17:28 ` [PATCH v11 06/21] KVM: selftests: Add kbuild definitons Sagi Shahar
2025-09-25 17:28 ` [PATCH v11 07/21] KVM: selftests: Define structs to pass parameters to TDX boot code Sagi Shahar
2025-09-25 17:28 ` [PATCH v11 08/21] KVM: selftests: Add " Sagi Shahar
2025-09-25 17:28 ` Sagi Shahar [this message]
2025-09-25 17:28 ` [PATCH v11 10/21] KVM: selftests: Set up TDX boot parameters region Sagi Shahar
2025-09-25 17:28 ` [PATCH v11 11/21] KVM: selftests: Add helper to initialize TDX VM Sagi Shahar
2025-09-25 17:28 ` [PATCH v11 12/21] KVM: selftests: TDX: Use KVM_TDX_CAPABILITIES to validate TDs' attribute configuration Sagi Shahar
2025-09-25 17:28 ` [PATCH v11 13/21] KVM: selftests: Add helpers to init TDX memory and finalize VM Sagi Shahar
2025-10-15 16:27 ` Ira Weiny
2025-10-23 23:59 ` Sagi Shahar
2025-10-24 16:01 ` Sean Christopherson
2025-10-24 16:45 ` Sagi Shahar
2025-10-24 17:24 ` Sean Christopherson
2025-09-25 17:28 ` [PATCH v11 14/21] KVM: selftests: Call TDX init when creating a new TDX vm Sagi Shahar
2025-09-25 17:28 ` [PATCH v11 15/21] KVM: selftests: Setup memory regions for TDX on vm creation Sagi Shahar
2025-09-25 17:28 ` [PATCH v11 16/21] KVM: selftests: Call KVM_TDX_INIT_VCPU when creating a new TDX vcpu Sagi Shahar
2025-09-25 17:28 ` [PATCH v11 17/21] KVM: selftests: Set entry point for TDX guest code Sagi Shahar
2025-09-25 17:28 ` [PATCH v11 18/21] KVM: selftests: Add support for TDX TDCALL from guest Sagi Shahar
2025-09-25 17:28 ` [PATCH v11 19/21] KVM: selftests: Add wrapper for TDX MMIO " Sagi Shahar
2025-09-25 17:28 ` [PATCH v11 20/21] KVM: selftests: Add ucall support for TDX Sagi Shahar
2025-09-25 17:28 ` [PATCH v11 21/21] KVM: selftests: Add TDX lifecycle test Sagi Shahar
2025-10-24 16:18 ` Sean Christopherson
2025-10-27 22:58 ` Ira Weiny
2025-10-27 23:42 ` Sean Christopherson
2025-10-28 0:53 ` Sagi Shahar
2025-10-28 17:12 ` Ira Weiny
2025-10-28 14:56 ` Ira Weiny
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20250925172851.606193-10-sagis@google.com \
--to=sagis@google.com \
--cc=ackerleytng@google.com \
--cc=afranji@google.com \
--cc=ajones@ventanamicro.com \
--cc=binbin.wu@linux.intel.com \
--cc=chao.gao@intel.com \
--cc=chenyi.qiang@intel.com \
--cc=erdemaktas@google.com \
--cc=ira.weiny@intel.com \
--cc=isaku.yamahata@intel.com \
--cc=kvm@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-kselftest@vger.kernel.org \
--cc=oliver.upton@linux.dev \
--cc=pbonzini@redhat.com \
--cc=pratikrajesh.sampat@amd.com \
--cc=reinette.chatre@intel.com \
--cc=rick.p.edgecombe@intel.com \
--cc=runanwang@google.com \
--cc=seanjc@google.com \
--cc=shuah@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox