From: Kai Huang <kai.huang@intel.com>
To: linux-kernel@vger.kernel.org, kvm@vger.kernel.org
Cc: linux-mm@kvack.org, seanjc@google.com, pbonzini@redhat.com,
dave.hansen@intel.com, dan.j.williams@intel.com,
rafael.j.wysocki@intel.com, kirill.shutemov@linux.intel.com,
reinette.chatre@intel.com, len.brown@intel.com,
tony.luck@intel.com, peterz@infradead.org, ak@linux.intel.com,
isaku.yamahata@intel.com, chao.gao@intel.com,
sathyanarayanan.kuppuswamy@linux.intel.com, bagasdotme@gmail.com,
sagis@google.com, imammedo@redhat.com, kai.huang@intel.com
Subject: [PATCH v6 07/21] x86/virt/tdx: Shut down TDX module in case of error
Date: Thu, 27 Oct 2022 12:16:06 +1300 [thread overview]
Message-ID: <3f61504e985ade3acd2e36cfa33aa00d3c9ce16f.1666824663.git.kai.huang@intel.com> (raw)
In-Reply-To: <cover.1666824663.git.kai.huang@intel.com>
TDX supports shutting down the TDX module at any time during its
lifetime. After the module is shut down, no further TDX module SEAMCALL
leaf functions can be made to the module on any logical cpu.
Shut down the TDX module in case of any error during the initialization
process. It's pointless to leave the TDX module in some middle state.
Shutting down the TDX module requires calling TDH.SYS.LP.SHUTDOWN on all
BIOS-enabled CPUs, and the SEMACALL can run concurrently on different
CPUs. Implement a mechanism to run SEAMCALL concurrently on all online
CPUs and use it to shut down the module. Later logical-cpu scope module
initialization will use it too.
Reviewed-by: Isaku Yamahata <isaku.yamahata@intel.com>
Signed-off-by: Kai Huang <kai.huang@intel.com>
---
v5 -> v6:
- Removed the seamcall() wrapper to previous patch (Dave).
- v3 -> v5 (no feedback on v4):
- Added a wrapper of __seamcall() to print error code if SEAMCALL fails.
- Made the seamcall_on_each_cpu() void.
- Removed 'seamcall_ret' and 'tdx_module_out' from
'struct seamcall_ctx', as they must be local variable.
- Added the comments to tdx_init() and one paragraph to changelog to
explain the caller should handle VMXON.
- Called out after shut down, no "TDX module" SEAMCALL can be made.
---
arch/x86/virt/vmx/tdx/tdx.c | 43 +++++++++++++++++++++++++++++++++----
arch/x86/virt/vmx/tdx/tdx.h | 5 +++++
2 files changed, 44 insertions(+), 4 deletions(-)
diff --git a/arch/x86/virt/vmx/tdx/tdx.c b/arch/x86/virt/vmx/tdx/tdx.c
index f1154ef15549..5246335abe07 100644
--- a/arch/x86/virt/vmx/tdx/tdx.c
+++ b/arch/x86/virt/vmx/tdx/tdx.c
@@ -15,6 +15,8 @@
#include <linux/mutex.h>
#include <linux/cpu.h>
#include <linux/cpumask.h>
+#include <linux/smp.h>
+#include <linux/atomic.h>
#include <asm/msr-index.h>
#include <asm/msr.h>
#include <asm/apic.h>
@@ -267,15 +269,27 @@ bool platform_tdx_enabled(void)
return !!tdx_keyid_num;
}
+/*
+ * Data structure to make SEAMCALL on multiple CPUs concurrently.
+ * @err is set to -EFAULT when SEAMCALL fails on any cpu.
+ */
+struct seamcall_ctx {
+ u64 fn;
+ u64 rcx;
+ u64 rdx;
+ u64 r8;
+ u64 r9;
+ atomic_t err;
+};
+
/*
* Wrapper of __seamcall() to convert SEAMCALL leaf function error code
* to kernel error code. @seamcall_ret and @out contain the SEAMCALL
* leaf function return code and the additional output respectively if
* not NULL.
*/
-static int __always_unused seamcall(u64 fn, u64 rcx, u64 rdx, u64 r8, u64 r9,
- u64 *seamcall_ret,
- struct tdx_module_output *out)
+static int seamcall(u64 fn, u64 rcx, u64 rdx, u64 r8, u64 r9,
+ u64 *seamcall_ret, struct tdx_module_output *out)
{
u64 sret;
@@ -309,6 +323,25 @@ static int __always_unused seamcall(u64 fn, u64 rcx, u64 rdx, u64 r8, u64 r9,
}
}
+static void seamcall_smp_call_function(void *data)
+{
+ struct seamcall_ctx *sc = data;
+ int ret;
+
+ ret = seamcall(sc->fn, sc->rcx, sc->rdx, sc->r8, sc->r9, NULL, NULL);
+ if (ret)
+ atomic_set(&sc->err, -EFAULT);
+}
+
+/*
+ * Call the SEAMCALL on all online CPUs concurrently. Caller to check
+ * @sc->err to determine whether any SEAMCALL failed on any cpu.
+ */
+static void seamcall_on_each_cpu(struct seamcall_ctx *sc)
+{
+ on_each_cpu(seamcall_smp_call_function, sc, true);
+}
+
/*
* Detect and initialize the TDX module.
*
@@ -324,7 +357,9 @@ static int init_tdx_module(void)
static void shutdown_tdx_module(void)
{
- /* TODO: Shut down the TDX module */
+ struct seamcall_ctx sc = { .fn = TDH_SYS_LP_SHUTDOWN };
+
+ seamcall_on_each_cpu(&sc);
}
static int __tdx_enable(void)
diff --git a/arch/x86/virt/vmx/tdx/tdx.h b/arch/x86/virt/vmx/tdx/tdx.h
index 92a8de957dc7..215cc1065d78 100644
--- a/arch/x86/virt/vmx/tdx/tdx.h
+++ b/arch/x86/virt/vmx/tdx/tdx.h
@@ -12,6 +12,11 @@
/* MSR to report KeyID partitioning between MKTME and TDX */
#define MSR_IA32_MKTME_KEYID_PARTITIONING 0x00000087
+/*
+ * TDX module SEAMCALL leaf functions
+ */
+#define TDH_SYS_LP_SHUTDOWN 44
+
/*
* Do not put any hardware-defined TDX structure representations below
* this comment!
--
2.37.3
next prev parent reply other threads:[~2022-10-26 23:17 UTC|newest]
Thread overview: 46+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-10-26 23:15 [PATCH v6 00/21] TDX host kernel support Kai Huang
2022-10-26 23:16 ` [PATCH v6 01/21] x86/tdx: Use enum to define page level of TDX supported page sizes Kai Huang
2022-10-27 7:08 ` Xiaoyao Li
2022-10-27 8:42 ` Huang, Kai
2022-10-27 13:51 ` Kirill A. Shutemov
2022-10-28 0:47 ` Huang, Kai
2022-10-27 22:28 ` Isaku Yamahata
2022-10-27 15:27 ` Dave Hansen
2022-10-28 0:10 ` Huang, Kai
2022-10-26 23:16 ` [PATCH v6 02/21] x86/virt/tdx: Detect TDX during kernel boot Kai Huang
2022-10-26 23:16 ` [PATCH v6 03/21] x86/virt/tdx: Disable TDX if X2APIC is not enabled Kai Huang
2022-10-26 23:16 ` [PATCH v6 04/21] x86/virt/tdx: Use all boot-time system memory as TDX memory Kai Huang
2022-10-26 23:16 ` [PATCH v6 05/21] x86/virt/tdx: Add skeleton to initialize TDX on demand Kai Huang
2022-10-26 23:16 ` [PATCH v6 06/21] x86/virt/tdx: Implement functions to make SEAMCALL Kai Huang
2022-10-26 23:16 ` Kai Huang [this message]
2022-10-26 23:16 ` [PATCH v6 08/21] x86/virt/tdx: Do TDX module global initialization Kai Huang
2022-10-26 23:16 ` [PATCH v6 09/21] x86/virt/tdx: Do logical-cpu scope TDX module initialization Kai Huang
2022-10-26 23:16 ` [PATCH v6 10/21] x86/virt/tdx: Get information about TDX module and TDX-capable memory Kai Huang
2022-10-26 23:16 ` [PATCH v6 11/21] x86/virt/tdx: Sanity check all TDX memory ranges are convertible memory Kai Huang
2022-10-26 23:16 ` [PATCH v6 12/21] x86/virt/tdx: Add placeholder to construct TDMRs to cover all TDX memory regions Kai Huang
2022-10-27 15:31 ` Andi Kleen
2022-10-28 2:21 ` Huang, Kai
2022-11-03 8:55 ` Huang, Kai
2022-11-03 15:05 ` Dave Hansen
2022-11-03 22:07 ` Huang, Kai
2022-10-26 23:16 ` [PATCH v6 13/21] x86/virt/tdx: Create " Kai Huang
2022-10-26 23:16 ` [PATCH v6 14/21] x86/virt/tdx: Allocate and set up PAMTs for TDMRs Kai Huang
2022-10-26 23:16 ` [PATCH v6 15/21] x86/virt/tdx: Set up reserved areas for all TDMRs Kai Huang
2022-10-26 23:16 ` [PATCH v6 16/21] x86/virt/tdx: Reserve TDX module global KeyID Kai Huang
2022-10-27 12:40 ` Andi Kleen
2022-10-28 1:24 ` Huang, Kai
2022-10-26 23:16 ` [PATCH v6 17/21] x86/virt/tdx: Configure TDX module with TDMRs and " Kai Huang
2022-10-26 23:16 ` [PATCH v6 18/21] x86/virt/tdx: Configure global KeyID on all packages Kai Huang
2022-10-27 12:35 ` Andi Kleen
2022-10-28 1:07 ` Huang, Kai
2022-10-26 23:16 ` [PATCH v6 19/21] x86/virt/tdx: Initialize all TDMRs Kai Huang
2022-10-27 12:30 ` Andi Kleen
2022-10-28 1:08 ` Huang, Kai
2022-10-26 23:16 ` [PATCH v6 20/21] x86/virt/tdx: Flush cache in kexec() when TDX is enabled Kai Huang
2022-10-26 23:16 ` [PATCH v6 21/21] Documentation/x86: Add documentation for TDX host support Kai Huang
2022-10-27 12:38 ` Andi Kleen
2022-10-28 2:31 ` Huang, Kai
2022-10-28 12:52 ` Bagas Sanjaya
2022-10-28 14:16 ` Dave Hansen
2022-10-26 23:26 ` [PATCH v6 00/21] TDX host kernel support Dave Hansen
2022-10-26 23:51 ` Huang, Kai
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=3f61504e985ade3acd2e36cfa33aa00d3c9ce16f.1666824663.git.kai.huang@intel.com \
--to=kai.huang@intel.com \
--cc=ak@linux.intel.com \
--cc=bagasdotme@gmail.com \
--cc=chao.gao@intel.com \
--cc=dan.j.williams@intel.com \
--cc=dave.hansen@intel.com \
--cc=imammedo@redhat.com \
--cc=isaku.yamahata@intel.com \
--cc=kirill.shutemov@linux.intel.com \
--cc=kvm@vger.kernel.org \
--cc=len.brown@intel.com \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=pbonzini@redhat.com \
--cc=peterz@infradead.org \
--cc=rafael.j.wysocki@intel.com \
--cc=reinette.chatre@intel.com \
--cc=sagis@google.com \
--cc=sathyanarayanan.kuppuswamy@linux.intel.com \
--cc=seanjc@google.com \
--cc=tony.luck@intel.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).