From: Yunhong Jiang <yunhong.jiang@linux.intel.com>
To: tglx@linutronix.de, mingo@redhat.com, bp@alien8.de,
dave.hansen@linux.intel.com, x86@kernel.org, hpa@zytor.com,
robh@kernel.org, krzk+dt@kernel.org, conor+dt@kernel.org,
kys@microsoft.com, haiyangz@microsoft.com, wei.liu@kernel.org,
decui@microsoft.com, rafael@kernel.org, lenb@kernel.org,
kirill.shutemov@linux.intel.com, yunhong.jiang@linux.intel.com
Cc: linux-kernel@vger.kernel.org, devicetree@vger.kernel.org,
linux-hyperv@vger.kernel.org, linux-acpi@vger.kernel.org
Subject: [PATCH v2 5/9] x86/hyperv: Mark ACPI wakeup mailbox page as private
Date: Fri, 23 Aug 2024 16:23:23 -0700 [thread overview]
Message-ID: <20240823232327.2408869-6-yunhong.jiang@linux.intel.com> (raw)
In-Reply-To: <20240823232327.2408869-1-yunhong.jiang@linux.intel.com>
Current code maps MMIO devices as shared (decrypted) by default in a
confidential computing VM. However, the wakeup mailbox must be accessed
as private (encrypted) because it's accessed by the OS and the firmware,
both are in the guest's context and encrypted. Set the wakeup mailbox
range as private explicitly.
Signed-off-by: Yunhong Jiang <yunhong.jiang@linux.intel.com>
---
arch/x86/hyperv/hv_vtl.c | 16 ++++++++++++++++
1 file changed, 16 insertions(+)
diff --git a/arch/x86/hyperv/hv_vtl.c b/arch/x86/hyperv/hv_vtl.c
index 04775346369c..987a6a1200b0 100644
--- a/arch/x86/hyperv/hv_vtl.c
+++ b/arch/x86/hyperv/hv_vtl.c
@@ -22,10 +22,26 @@ static bool __init hv_vtl_msi_ext_dest_id(void)
return true;
}
+static inline bool within_page(u64 addr, u64 start)
+{
+ return addr >= start && addr < (start + PAGE_SIZE);
+}
+
+/*
+ * The ACPI wakeup mailbox are accessed by the OS and the BIOS, both are in the
+ * guest's context, instead of the hypervisor/VMM context.
+ */
+static bool hv_is_private_mmio_tdx(u64 addr)
+{
+ return wakeup_mailbox_addr && within_page(addr, wakeup_mailbox_addr);
+}
+
void __init hv_vtl_init_platform(void)
{
pr_info("Linux runs in Hyper-V Virtual Trust Level\n");
+ if (hv_isolation_type_tdx())
+ x86_platform.hyper.is_private_mmio = hv_is_private_mmio_tdx;
x86_platform.realmode_reserve = x86_init_noop;
x86_platform.realmode_init = x86_init_noop;
x86_init.irqs.pre_vector_init = x86_init_noop;
--
2.25.1
next prev parent reply other threads:[~2024-08-23 23:23 UTC|newest]
Thread overview: 33+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-08-23 23:23 [PATCH v2 0/9] x86/hyperv: Support wakeup mailbox for VTL2 TDX guest Yunhong Jiang
2024-08-23 23:23 ` [PATCH v2 1/9] x86/acpi: Move ACPI MADT wakeup to generic code Yunhong Jiang
2024-08-23 23:23 ` [PATCH v2 2/9] dt-bindings: x86: Add a binding for x86 wakeup mailbox Yunhong Jiang
2024-08-25 7:10 ` Krzysztof Kozlowski
2024-08-27 20:45 ` Yunhong Jiang
2024-09-10 6:13 ` Yunhong Jiang
2024-09-16 8:56 ` Krzysztof Kozlowski
2024-09-19 19:19 ` Yunhong Jiang
2024-09-19 22:15 ` Yunhong Jiang
2024-09-20 11:19 ` Krzysztof Kozlowski
2024-09-20 11:15 ` Krzysztof Kozlowski
2025-03-03 22:21 ` Ricardo Neri
2025-03-11 10:01 ` Krzysztof Kozlowski
2025-03-12 5:51 ` Ricardo Neri
2025-03-19 7:52 ` Krzysztof Kozlowski
2025-03-20 20:34 ` Ricardo Neri
2024-08-23 23:23 ` [PATCH v2 3/9] x86/dt: Support the ACPI multiprocessor wakeup for device tree Yunhong Jiang
2024-09-02 3:35 ` Michael Kelley
2024-09-03 18:35 ` Yunhong Jiang
2024-08-23 23:23 ` [PATCH v2 4/9] x86/hyperv: Parse the ACPI wakeup mailbox Yunhong Jiang
2024-09-02 3:35 ` Michael Kelley
2024-09-03 20:19 ` Yunhong Jiang
2024-09-04 14:56 ` Michael Kelley
2024-09-04 17:31 ` Yunhong Jiang
2024-08-23 23:23 ` Yunhong Jiang [this message]
2024-09-02 3:35 ` [PATCH v2 5/9] x86/hyperv: Mark ACPI wakeup mailbox page as private Michael Kelley
2024-09-02 18:38 ` Saurabh Singh Sengar
2024-09-02 20:24 ` Michael Kelley
2024-08-23 23:23 ` [PATCH v2 6/9] x86/realmode: Add memory range support to reserve_real_mode Yunhong Jiang
2024-08-23 23:23 ` [PATCH v2 7/9] x86/hyperv: Move setting the real_mode_header to hv_vtl_init_platform Yunhong Jiang
2024-08-23 23:23 ` [PATCH v2 8/9] x86/hyperv: Set realmode_limit to 4G for VTL2 TDX guest Yunhong Jiang
2024-09-02 3:35 ` Michael Kelley
2024-08-23 23:23 ` [PATCH v2 9/9] x86/hyperv: Use wakeup mailbox for VTL2 guests if available Yunhong Jiang
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20240823232327.2408869-6-yunhong.jiang@linux.intel.com \
--to=yunhong.jiang@linux.intel.com \
--cc=bp@alien8.de \
--cc=conor+dt@kernel.org \
--cc=dave.hansen@linux.intel.com \
--cc=decui@microsoft.com \
--cc=devicetree@vger.kernel.org \
--cc=haiyangz@microsoft.com \
--cc=hpa@zytor.com \
--cc=kirill.shutemov@linux.intel.com \
--cc=krzk+dt@kernel.org \
--cc=kys@microsoft.com \
--cc=lenb@kernel.org \
--cc=linux-acpi@vger.kernel.org \
--cc=linux-hyperv@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=mingo@redhat.com \
--cc=rafael@kernel.org \
--cc=robh@kernel.org \
--cc=tglx@linutronix.de \
--cc=wei.liu@kernel.org \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).