From: Sathyanarayanan Kuppuswamy <sathyanarayanan.kuppuswamy@linux.intel.com>
To: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Cc: Thomas Gleixner <tglx@linutronix.de>,
Ingo Molnar <mingo@redhat.com>, Borislav Petkov <bp@alien8.de>,
Dave Hansen <dave.hansen@linux.intel.com>,
x86@kernel.org, Shuah Khan <shuah@kernel.org>,
"H . Peter Anvin" <hpa@zytor.com>,
"Kirill A . Shutemov" <kirill.shutemov@linux.intel.com>,
Tony Luck <tony.luck@intel.com>, Andi Kleen <ak@linux.intel.com>,
Kai Huang <kai.huang@intel.com>,
Wander Lairson Costa <wander@redhat.com>,
Isaku Yamahata <isaku.yamahata@gmail.com>,
marcelo.cerri@canonical.com, tim.gardner@canonical.com,
khalid.elmously@canonical.com, philip.cox@canonical.com,
linux-kernel@vger.kernel.org, linux-kselftest@vger.kernel.org,
linux-doc@vger.kernel.org
Subject: Re: [PATCH v13 1/3] x86/tdx: Add TDX Guest attestation interface driver
Date: Thu, 15 Sep 2022 08:22:37 -0700 [thread overview]
Message-ID: <208a847e-92eb-0590-b498-e34d59b1cf34@linux.intel.com> (raw)
In-Reply-To: <YyMH37G2CTuVCbLM@kroah.com>
Hi,
On 9/15/22 4:09 AM, Greg Kroah-Hartman wrote:
> On Fri, Sep 09, 2022 at 12:27:06PM -0700, Kuppuswamy Sathyanarayanan wrote:
>> +static int __init tdx_guest_init(void)
>> +{
>> + int ret;
>> +
>> + if (!cpu_feature_enabled(X86_FEATURE_TDX_GUEST))
>> + return -EIO;
>> +
>> + ret = misc_register(&tdx_misc_dev);
>> + if (ret) {
>> + pr_err("misc device registration failed\n");
>> + return ret;
>> + }
>> +
>> + return 0;
>> +}
>> +device_initcall(tdx_guest_init)
>
> As mentioned elsewhere, make this a normal module_init() format and only
> load the module if the hardware is present. Don't just always be
This feature needs to be enabled by default for all valid TDX guests.
If TDX support is enabled and the guest is a valid TDX guest, the
"X86 FEATURE TDX GUEST" feature flag will be set. So looking for
"if(!cpu feature enabled(X86 FEATURE TDX GUEST))" will ensure that
the interface is only created in a valid TDX guest.
Even if we make it into a separate driver and use module init(), we'll
have to use the same "if(!cpu feature enabled(X86 FEATURE TDX GUEST))"
check to create and load the device. This approach was used in earlier
versions of this driver. We later changed it to initcall because it
appeared to be a roundabout approach.
Let me know if you still suggest to use module_init() model.
Following is the sample implementation with module_init() and this code
will be compiled with CONFIG_INTEL_TDX_GUEST=y.
+static struct platform_driver tdx_attest_driver = {
+ .probe = tdx_attest_probe,
+ .remove = tdx_attest_remove,
+ .driver = {
+ .name = DRIVER_NAME,
+ },
+};
+
+static int __init tdx_attest_init(void)
+{
+ int ret;
+
+ /* Make sure we are in a valid TDX platform */
+ if (!cpu_feature_enabled(X86_FEATURE_TDX_GUEST))
+ return -EIO;
+
+ ret = platform_driver_register(&tdx_attest_driver);
+ if (ret) {
+ pr_err("failed to register driver, err=%d\n", ret);
+ return ret;
+ }
+
+ pdev = platform_device_register_simple(DRIVER_NAME, -1, NULL, 0);
+ if (IS_ERR(pdev)) {
+ ret = PTR_ERR(pdev);
+ pr_err("failed to allocate device, err=%d\n", ret);
+ platform_driver_unregister(&tdx_attest_driver);
+ return ret;
+ }
+
+ return 0;
+}
+
+static void __exit tdx_attest_exit(void)
+{
+ platform_device_unregister(pdev);
+ platform_driver_unregister(&tdx_attest_driver);
+}
+
+module_init(tdx_attest_init);
+module_exit(tdx_attest_exit);
> built/loaded, that's not ok.
>
> thanks,
>
> greg k-h
--
Sathyanarayanan Kuppuswamy
Linux Kernel Developer
next prev parent reply other threads:[~2022-09-15 15:23 UTC|newest]
Thread overview: 38+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-09-09 19:27 [PATCH v13 0/3] Add TDX Guest Attestation support Kuppuswamy Sathyanarayanan
2022-09-09 19:27 ` [PATCH v13 1/3] x86/tdx: Add TDX Guest attestation interface driver Kuppuswamy Sathyanarayanan
2022-09-09 19:39 ` Greg Kroah-Hartman
2022-09-09 19:41 ` Dave Hansen
2022-09-09 20:07 ` Sathyanarayanan Kuppuswamy
2022-09-09 20:54 ` Dave Hansen
2022-09-12 22:22 ` Kirill A . Shutemov
2022-09-12 23:00 ` Sathyanarayanan Kuppuswamy
2022-09-13 1:25 ` Huang, Kai
2022-09-13 2:44 ` Sathyanarayanan Kuppuswamy
2022-09-13 5:03 ` Huang, Kai
2022-09-13 9:01 ` Dave Hansen
2022-09-13 15:21 ` Sathyanarayanan Kuppuswamy
2022-09-14 11:36 ` Dave Hansen
2022-09-14 15:36 ` Sathyanarayanan Kuppuswamy
2022-09-14 16:12 ` Dave Hansen
2022-09-14 16:25 ` Sathyanarayanan Kuppuswamy
2022-09-15 0:30 ` Sathyanarayanan Kuppuswamy
2022-09-15 11:07 ` Greg Kroah-Hartman
2022-09-15 11:09 ` Greg Kroah-Hartman
2022-09-15 15:22 ` Sathyanarayanan Kuppuswamy [this message]
2022-09-16 8:12 ` Greg Kroah-Hartman
2022-09-09 19:27 ` [PATCH v13 2/3] selftests: tdx: Test TDX attestation GetReport support Kuppuswamy Sathyanarayanan
2022-09-12 7:17 ` Huang, Kai
2022-09-12 22:06 ` Sathyanarayanan Kuppuswamy
2022-09-12 22:54 ` Huang, Kai
2022-09-12 7:21 ` Huang, Kai
2022-09-12 21:38 ` Sathyanarayanan Kuppuswamy
2022-09-12 22:56 ` Huang, Kai
2022-09-09 19:27 ` [PATCH v13 3/3] Documentation/x86: Document TDX attestation process Kuppuswamy Sathyanarayanan
2022-09-12 7:04 ` Huang, Kai
2022-09-12 14:15 ` Sathyanarayanan Kuppuswamy
2022-09-12 21:01 ` Huang, Kai
2022-09-13 17:54 ` Kirill A . Shutemov
2022-09-13 18:25 ` Sathyanarayanan Kuppuswamy
2022-09-14 1:23 ` Sathyanarayanan Kuppuswamy
2022-09-14 13:41 ` Kirill A. Shutemov
2022-09-14 21:09 ` Huang, Kai
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=208a847e-92eb-0590-b498-e34d59b1cf34@linux.intel.com \
--to=sathyanarayanan.kuppuswamy@linux.intel.com \
--cc=ak@linux.intel.com \
--cc=bp@alien8.de \
--cc=dave.hansen@linux.intel.com \
--cc=gregkh@linuxfoundation.org \
--cc=hpa@zytor.com \
--cc=isaku.yamahata@gmail.com \
--cc=kai.huang@intel.com \
--cc=khalid.elmously@canonical.com \
--cc=kirill.shutemov@linux.intel.com \
--cc=linux-doc@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-kselftest@vger.kernel.org \
--cc=marcelo.cerri@canonical.com \
--cc=mingo@redhat.com \
--cc=philip.cox@canonical.com \
--cc=shuah@kernel.org \
--cc=tglx@linutronix.de \
--cc=tim.gardner@canonical.com \
--cc=tony.luck@intel.com \
--cc=wander@redhat.com \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).