From: "Huang, Kai" <kai.huang@intel.com>
To: "peterz@infradead.org" <peterz@infradead.org>
Cc: "kvm@vger.kernel.org" <kvm@vger.kernel.org>,
"Raj, Ashok" <ashok.raj@intel.com>,
"Luck, Tony" <tony.luck@intel.com>,
"david@redhat.com" <david@redhat.com>,
"bagasdotme@gmail.com" <bagasdotme@gmail.com>,
"Hansen, Dave" <dave.hansen@intel.com>,
"ak@linux.intel.com" <ak@linux.intel.com>,
"Wysocki, Rafael J" <rafael.j.wysocki@intel.com>,
"kirill.shutemov@linux.intel.com"
<kirill.shutemov@linux.intel.com>,
"Chatre, Reinette" <reinette.chatre@intel.com>, "Christopherson,,
Sean" <seanjc@google.com>,
"pbonzini@redhat.com" <pbonzini@redhat.com>,
"mingo@redhat.com" <mingo@redhat.com>,
"linux-mm@kvack.org" <linux-mm@kvack.org>,
"linux-kernel@vger.kernel.org" <linux-kernel@vger.kernel.org>,
"tglx@linutronix.de" <tglx@linutronix.de>,
"Yamahata, Isaku" <isaku.yamahata@intel.com>,
"nik.borisov@suse.com" <nik.borisov@suse.com>,
"hpa@zytor.com" <hpa@zytor.com>,
"Shahar, Sagi" <sagis@google.com>,
"imammedo@redhat.com" <imammedo@redhat.com>,
"bp@alien8.de" <bp@alien8.de>, "Gao, Chao" <chao.gao@intel.com>,
"Brown, Len" <len.brown@intel.com>,
"sathyanarayanan.kuppuswamy@linux.intel.com"
<sathyanarayanan.kuppuswamy@linux.intel.com>,
"Huang, Ying" <ying.huang@intel.com>,
"Williams, Dan J" <dan.j.williams@intel.com>,
"x86@kernel.org" <x86@kernel.org>
Subject: Re: [PATCH v12 20/22] x86/virt/tdx: Allow SEAMCALL to handle #UD and #GP
Date: Wed, 5 Jul 2023 11:34:53 +0000 [thread overview]
Message-ID: <ab3dea02892920cd6640a31a9c846afd6c6a9d54.camel@intel.com> (raw)
In-Reply-To: <20230705102137.GX4253@hirez.programming.kicks-ass.net>
On Wed, 2023-07-05 at 12:21 +0200, Peter Zijlstra wrote:
> On Mon, Jul 03, 2023 at 12:15:13PM +0000, Huang, Kai wrote:
> >
> > >
> > > So I think the below deals with everything and unifies __tdx_hypercall()
> > > and __tdx_module_call(), since both sides needs to deal with exactly the
> > > same trainwreck.
> >
> > Hi Peter,
> >
> > Just want to make sure I understand you correctly:
> >
> > You want to make __tdx_module_call() look like __tdx_hypercall(), but not to
> > unify them into one assembly (at least for now), right?
>
> Well, given the horrendous trainwreck this is all turning into, I
> through it prudent to have it all in a single place. The moment you go
> play games with callee-saved registers you're really close to what
> hypercall does so then they might as well be the same.
OK I understand you now. Thanks.
Yeah I think from long-term's view, since SEAMCALLs to support live migration
pretty much uses all RCX/RDX/R8-R15 as input/output, it seems reasonable to
unify all of them, although I guess there might be some special handling to
VP.VMCALL and/or VP.ENTER, e.g., below:
/* TDVMCALL leaf return code is in R10 */
movq %r10, %rax
So long-termly, I don't have objection to that. But my thinking is for the
first version of TDX host support, we don't have to support all SEAMCALLs but
only those involved in basic TDX support. Those SEAMCALLs (except VP.ENTER)
only uses RCX/RDX/R8/R9 as input and RCX/RDX/R8-R11 as output, so to me it looks
fine to only make __tdx_module_call() look like __tdx_hypercall() as the first
step.
Also, the new SEAMCALLs to handle live migration all seem to have below
statement:
AVX, AVX2 May be reset to the architectural INIT state
and
AVX512
state
Which means those SEAMCALLs need to preserve AVX* states too?
And reading the spec, the VP.VMCALL and VP.ENTER also can use XMM0 - XMM15 as
input/output. Linux VP.VMCALL seems doesn't support using XMM0 - XMM15 as
input/output, but KVM can run other guest OSes too so I think KVM VP.ENTER needs
to handle XMM0-XMM15 as input/output too.
That being said, I think although we can provide a common asm macro to cover
VP.ENTER, I suspect KVM still needs to do additional assembly around the macro
too. So I am not sure whether we should try to cover VP.ENTER.
And I don't want to speak for KVM maintainers. :)
Hi Sean/Paolo, do you have any comments here?
>
> > I am confused you mentioned VP.VMCALL below, which is handled by
> > __tdx_hypercall().
>
> But why? It really isn't *that* special if you consider the other calls
> that are using callee-saved regs, yes it has the rdi/rsi extra, but meh,
> it really just is tdcall-0.
As mentioned above I don't have objection to this :)
>
>
> > > *-------------------------------------------------------------------------
> > > * TDCALL/SEAMCALL ABI:
> > > *-------------------------------------------------------------------------
> > > * Input Registers:
> > > *
> > > * RAX - Leaf number.
> > > * RCX,RDX,R8-R11 - Leaf specific input registers.
> > > * RDI,RSI,RBX,R11-R15 - VP.VMCALL VP.ENTER
> > > *
> > > * Output Registers:
> > > *
> > > * RAX - instruction error code.
> > > * RCX,RDX,R8-R11 - Leaf specific output registers.
> > > * RDI,RSI,RBX,R12-R15 - VP.VMCALL VP.ENTER
> >
> > As mentioned above, VP.VMCALL is handled by __tdx_hypercall(). Also, VP.ENTER
> > will be handled by KVM's own assembly. They both are not handled in this
> > TDX_MODULE_CALL assembly.
>
> I don't think they should be special, they're really just yet another
> leaf call. Yes, they have a shit calling convention, and yes VP.ENTER is
> terminally broken for unconditionally clobbering BP :-(
>
> That really *must* be fixed.
Sure I don't have objection to this, and for VP.ENTER please see above.
But I'd like to say that, generally speaking, from virtualization's point of
view, guest has its own BP and conceptually the hypervisor needs to restore
guest's BP before jumping to the guest. E.g., for normal VMX guest, KVM always
restores guest's BP before VMENTER (arch/x86/kvm/vmx/vmenter.S):
SYM_FUNC_START(__vmx_vcpu_run)
push %_ASM_BP
mov %_ASM_SP, %_ASM_BP
...
mov VCPU_RBP(%_ASM_AX), %_ASM_BP
...
vmenter/vmresume
...
SYM_INNER_LABEL(vmx_vmexit, SYM_L_GLOBAL)
.....
mov %_ASM_BP, VCPU_RBP(%_ASM_AX)
...
pop %_ASM_BP
RET
>
> > > .Lcall:
> > > .if \host
> > > seamcall
> > > /*
> > > * SEAMCALL instruction is essentially a VMExit from VMX root
> > > * mode to SEAM VMX root mode. VMfailInvalid (CF=1) indicates
> > > * that the targeted SEAM firmware is not loaded or disabled,
> > > * or P-SEAMLDR is busy with another SEAMCALL. RAX is not
> > > * changed in this case.
> > > */
> > > jc .Lseamfail
> > >
> > > .if \saved && \ret
> > > /*
> > > * VP.ENTER clears RSI on output, use it to restore state.
> > > */
> > > popq %rsi
> > > xor %edi,%edi
> > > movq %rdi, TDX_MODULE_rdi(%rsi)
> > > movq %rdi, TDX_MODULE_rsi(%rsi)
> > > .endif
> > > .else
> > > tdcall
> > >
> > > /*
> > > * RAX!=0 indicates a failure, assume no return values.
> > > */
> > > testq %rax, %rax
> > > jne .Lerror
> >
> > For some SEAMCALL/TDCALL the output registers may contain additional error
> > information. We need to jump to a location where whether returning those
> > additional regs to 'struct tdx_module_args' depends on \ret.
>
> I suppose we can move this into the below conditional :-( The [DS]I
> register stuff requires a scratch reg to recover, AX being zero provides
> that.
Yeah this can certainly be done in one way or another.
>
> > > .if \saved && \ret
> > > /*
> > > * Since RAX==0, it can be used as a scratch register to restore state.
> > > *
> > > * [ assumes \saved implies \ret ]
> > > */
> > > popq %rax
> > > movq %rdi, TDX_MODULE_rdi(%rax)
> > > movq %rsi, TDX_MODULE_rsi(%rax)
> > > movq %rax, %rsi
> > > xor %eax, %eax;
> > > .endif
> > > .endif // \host
>
> So the reason I want this, is that I feel very strongly that if you
> cannot write a single coherent wrapper for all this, its calling
> convention is fundamentally *too* complex / broken.
In general I agree, but I am not sure whether there's any detail holding us
back. :)
next prev parent reply other threads:[~2023-07-05 11:35 UTC|newest]
Thread overview: 159+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-06-26 14:12 [PATCH v12 00/22] TDX host kernel support Kai Huang
2023-06-26 14:12 ` [PATCH v12 01/22] x86/tdx: Define TDX supported page sizes as macros Kai Huang
2023-06-26 14:12 ` [PATCH v12 02/22] x86/virt/tdx: Detect TDX during kernel boot Kai Huang
2023-06-26 14:12 ` [PATCH v12 03/22] x86/virt/tdx: Make INTEL_TDX_HOST depend on X86_X2APIC Kai Huang
2023-06-26 14:12 ` [PATCH v12 04/22] x86/cpu: Detect TDX partial write machine check erratum Kai Huang
2023-06-29 11:22 ` David Hildenbrand
2023-06-26 14:12 ` [PATCH v12 05/22] x86/virt/tdx: Add SEAMCALL infrastructure Kai Huang
2023-06-27 9:48 ` kirill.shutemov
2023-06-27 10:28 ` Huang, Kai
2023-06-27 11:36 ` kirill.shutemov
2023-06-28 0:19 ` Isaku Yamahata
2023-06-28 3:09 ` Chao Gao
2023-06-28 3:34 ` Huang, Kai
2023-06-28 11:50 ` kirill.shutemov
2023-06-28 23:31 ` Huang, Kai
2023-06-29 11:25 ` David Hildenbrand
2023-06-28 12:58 ` Peter Zijlstra
2023-06-28 13:54 ` Peter Zijlstra
2023-06-28 23:25 ` Huang, Kai
2023-06-29 10:15 ` kirill.shutemov
2023-06-28 23:21 ` Huang, Kai
2023-06-29 3:40 ` Huang, Kai
2023-06-26 14:12 ` [PATCH v12 06/22] x86/virt/tdx: Handle SEAMCALL running out of entropy error Kai Huang
2023-06-28 13:02 ` Peter Zijlstra
2023-06-28 23:30 ` Huang, Kai
2023-06-26 14:12 ` [PATCH v12 07/22] x86/virt/tdx: Add skeleton to enable TDX on demand Kai Huang
2023-06-26 21:21 ` Sathyanarayanan Kuppuswamy
2023-06-27 10:37 ` Huang, Kai
2023-06-27 9:50 ` kirill.shutemov
2023-06-27 10:34 ` Huang, Kai
2023-06-27 12:18 ` kirill.shutemov
2023-06-27 22:37 ` Huang, Kai
2023-06-28 0:28 ` Huang, Kai
2023-06-28 11:55 ` kirill.shutemov
2023-06-28 13:35 ` Peter Zijlstra
2023-06-29 0:15 ` Huang, Kai
2023-06-30 9:22 ` Peter Zijlstra
2023-06-30 10:09 ` Huang, Kai
2023-06-30 18:42 ` Isaku Yamahata
2023-07-01 8:15 ` Huang, Kai
2023-06-28 0:31 ` Isaku Yamahata
2023-06-28 13:04 ` Peter Zijlstra
2023-06-29 0:00 ` Huang, Kai
2023-06-30 9:25 ` Peter Zijlstra
2023-06-30 9:48 ` Huang, Kai
2023-06-28 13:08 ` Peter Zijlstra
2023-06-29 0:08 ` Huang, Kai
2023-06-28 13:17 ` Peter Zijlstra
2023-06-29 0:10 ` Huang, Kai
2023-06-30 9:26 ` Peter Zijlstra
2023-06-30 9:55 ` Huang, Kai
2023-06-30 18:30 ` Peter Zijlstra
2023-06-30 19:05 ` Isaku Yamahata
2023-06-30 21:24 ` Sean Christopherson
2023-06-30 21:58 ` Dan Williams
2023-06-30 23:13 ` Dave Hansen
2023-07-03 10:38 ` Peter Zijlstra
2023-07-03 10:49 ` Peter Zijlstra
2023-07-03 14:40 ` Dave Hansen
2023-07-03 15:03 ` Peter Zijlstra
2023-07-03 15:26 ` Dave Hansen
2023-07-03 17:55 ` kirill.shutemov
2023-07-03 18:26 ` Dave Hansen
2023-07-05 7:14 ` Peter Zijlstra
2023-07-04 16:58 ` Peter Zijlstra
2023-07-04 21:50 ` Huang, Kai
2023-07-05 7:16 ` Peter Zijlstra
2023-07-05 7:54 ` Huang, Kai
2023-07-05 14:34 ` Dave Hansen
2023-07-05 14:57 ` Peter Zijlstra
2023-07-06 14:49 ` Dave Hansen
2023-07-10 17:58 ` Sean Christopherson
2023-06-29 11:31 ` David Hildenbrand
2023-06-29 22:58 ` Huang, Kai
2023-06-26 14:12 ` [PATCH v12 08/22] x86/virt/tdx: Get information about TDX module and TDX-capable memory Kai Huang
2023-06-27 9:51 ` kirill.shutemov
2023-06-27 10:45 ` Huang, Kai
2023-06-27 11:37 ` kirill.shutemov
2023-06-27 11:46 ` Huang, Kai
2023-06-28 14:10 ` Peter Zijlstra
2023-06-29 9:15 ` Huang, Kai
2023-06-30 9:34 ` Peter Zijlstra
2023-06-30 9:58 ` Huang, Kai
2023-06-26 14:12 ` [PATCH v12 09/22] x86/virt/tdx: Use all system memory when initializing TDX module as TDX memory Kai Huang
2023-06-28 14:17 ` Peter Zijlstra
2023-06-29 0:57 ` Huang, Kai
2023-07-11 11:38 ` David Hildenbrand
2023-07-11 12:27 ` Huang, Kai
2023-06-26 14:12 ` [PATCH v12 10/22] x86/virt/tdx: Add placeholder to construct TDMRs to cover all TDX memory regions Kai Huang
2023-06-26 14:12 ` [PATCH v12 11/22] x86/virt/tdx: Fill out " Kai Huang
2023-07-04 7:28 ` Yuan Yao
2023-06-26 14:12 ` [PATCH v12 12/22] x86/virt/tdx: Allocate and set up PAMTs for TDMRs Kai Huang
2023-06-27 9:51 ` kirill.shutemov
2023-07-04 7:40 ` Yuan Yao
2023-07-04 8:59 ` Huang, Kai
2023-07-11 11:42 ` David Hildenbrand
2023-07-11 11:49 ` Huang, Kai
2023-07-11 11:55 ` David Hildenbrand
2023-06-26 14:12 ` [PATCH v12 13/22] x86/virt/tdx: Designate reserved areas for all TDMRs Kai Huang
2023-07-05 5:29 ` Yuan Yao
2023-06-26 14:12 ` [PATCH v12 14/22] x86/virt/tdx: Configure TDX module with the TDMRs and global KeyID Kai Huang
2023-07-05 6:49 ` Yuan Yao
2023-06-26 14:12 ` [PATCH v12 15/22] x86/virt/tdx: Configure global KeyID on all packages Kai Huang
2023-07-05 8:13 ` Yuan Yao
2023-06-26 14:12 ` [PATCH v12 16/22] x86/virt/tdx: Initialize all TDMRs Kai Huang
2023-07-06 5:31 ` Yuan Yao
2023-06-26 14:12 ` [PATCH v12 17/22] x86/kexec: Flush cache of TDX private memory Kai Huang
2023-06-26 14:12 ` [PATCH v12 18/22] x86/virt/tdx: Keep TDMRs when module initialization is successful Kai Huang
2023-06-28 9:04 ` Nikolay Borisov
2023-06-29 1:03 ` Huang, Kai
2023-06-28 12:23 ` kirill.shutemov
2023-06-28 12:48 ` Nikolay Borisov
2023-06-29 0:24 ` Huang, Kai
2023-06-26 14:12 ` [PATCH v12 19/22] x86/kexec(): Reset TDX private memory on platforms with TDX erratum Kai Huang
2023-06-28 9:20 ` Nikolay Borisov
2023-06-29 0:32 ` Dave Hansen
2023-06-29 0:58 ` Huang, Kai
2023-06-29 3:19 ` Huang, Kai
2023-06-29 5:38 ` Huang, Kai
2023-06-29 9:45 ` Huang, Kai
2023-06-29 9:48 ` Nikolay Borisov
2023-06-28 12:29 ` kirill.shutemov
2023-06-29 0:27 ` Huang, Kai
2023-07-07 4:01 ` Yuan Yao
2023-06-26 14:12 ` [PATCH v12 20/22] x86/virt/tdx: Allow SEAMCALL to handle #UD and #GP Kai Huang
2023-06-28 12:32 ` kirill.shutemov
2023-06-28 15:29 ` Peter Zijlstra
2023-06-28 20:38 ` Peter Zijlstra
2023-06-28 21:11 ` Peter Zijlstra
2023-06-28 21:16 ` Peter Zijlstra
2023-06-30 9:03 ` kirill.shutemov
2023-06-30 10:02 ` Huang, Kai
2023-06-30 10:22 ` kirill.shutemov
2023-06-30 11:06 ` Huang, Kai
2023-06-29 10:33 ` Huang, Kai
2023-06-30 10:06 ` Peter Zijlstra
2023-06-30 10:18 ` Huang, Kai
2023-06-30 15:16 ` Dave Hansen
2023-07-01 8:16 ` Huang, Kai
2023-06-30 10:21 ` Peter Zijlstra
2023-06-30 11:05 ` Huang, Kai
2023-06-30 12:06 ` Peter Zijlstra
2023-06-30 15:14 ` Peter Zijlstra
2023-07-03 12:15 ` Huang, Kai
2023-07-05 10:21 ` Peter Zijlstra
2023-07-05 11:34 ` Huang, Kai [this message]
2023-07-05 12:19 ` Peter Zijlstra
2023-07-05 12:53 ` Huang, Kai
2023-07-05 20:56 ` Isaku Yamahata
2023-07-05 12:21 ` Peter Zijlstra
2023-06-29 11:16 ` kirill.shutemov
2023-06-29 10:00 ` Huang, Kai
2023-06-26 14:12 ` [PATCH v12 21/22] x86/mce: Improve error log of kernel space TDX #MC due to erratum Kai Huang
2023-06-28 12:38 ` kirill.shutemov
2023-07-07 7:26 ` Yuan Yao
2023-06-26 14:12 ` [PATCH v12 22/22] Documentation/x86: Add documentation for TDX host support Kai Huang
2023-06-28 7:04 ` [PATCH v12 00/22] TDX host kernel support Yuan Yao
2023-06-28 8:12 ` Huang, Kai
2023-06-29 1:01 ` Yuan Yao
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=ab3dea02892920cd6640a31a9c846afd6c6a9d54.camel@intel.com \
--to=kai.huang@intel.com \
--cc=ak@linux.intel.com \
--cc=ashok.raj@intel.com \
--cc=bagasdotme@gmail.com \
--cc=bp@alien8.de \
--cc=chao.gao@intel.com \
--cc=dan.j.williams@intel.com \
--cc=dave.hansen@intel.com \
--cc=david@redhat.com \
--cc=hpa@zytor.com \
--cc=imammedo@redhat.com \
--cc=isaku.yamahata@intel.com \
--cc=kirill.shutemov@linux.intel.com \
--cc=kvm@vger.kernel.org \
--cc=len.brown@intel.com \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=mingo@redhat.com \
--cc=nik.borisov@suse.com \
--cc=pbonzini@redhat.com \
--cc=peterz@infradead.org \
--cc=rafael.j.wysocki@intel.com \
--cc=reinette.chatre@intel.com \
--cc=sagis@google.com \
--cc=sathyanarayanan.kuppuswamy@linux.intel.com \
--cc=seanjc@google.com \
--cc=tglx@linutronix.de \
--cc=tony.luck@intel.com \
--cc=x86@kernel.org \
--cc=ying.huang@intel.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).