From: Alexey Makhalov <alexey.makhalov@broadcom.com>
To: Dave Hansen <dave.hansen@intel.com>,
linux-kernel@vger.kernel.org, virtualization@lists.linux.dev,
hpa@zytor.com, dave.hansen@linux.intel.co, bp@alien8.d,
mingo@redhat.com, tglx@linutronix.de,
dave.hansen@linux.intel.com
Cc: x86@kernel.org, netdev@vger.kernel.org, richardcochran@gmail.com,
linux-input@vger.kernel.org, dmitry.torokhov@gmail.com,
zackr@vmware.com, linux-graphics-maintainer@vmware.com,
pv-drivers@vmware.com, namit@vmware.com, timothym@vmware.com,
akaher@vmware.com, jsipek@vmware.com,
dri-devel@lists.freedesktop.org, daniel@ffwll.ch,
airlied@gmail.com, tzimmermann@suse.de, mripard@kernel.org,
maarten.lankhorst@linux.intel.com, horms@kernel.org
Subject: Re: [PATCH] x86/vmware: Add TDX hypercall support
Date: Thu, 7 Dec 2023 18:27:39 -0800 [thread overview]
Message-ID: <64074f04-fd72-488b-831a-ad744bbcd950@broadcom.com> (raw)
In-Reply-To: <53592a3a-3d96-4aa1-8357-ec595f59c5f3@intel.com>
On 12/7/23 9:12 AM, Dave Hansen wrote:
> On 12/5/23 23:15, Alexey Makhalov wrote:
>> +#ifdef CONFIG_INTEL_TDX_GUEST
>> +/* Export tdx hypercall and allow it only for VMware guests. */
>> +void vmware_tdx_hypercall_args(struct tdx_module_args *args)
>> +{
>> + if (hypervisor_is_type(X86_HYPER_VMWARE))
>> + __tdx_hypercall(args);
>> +}
>> +EXPORT_SYMBOL_GPL(vmware_tdx_hypercall_args);
>> +#endif
>
> I think this is still too generic. This still allows anything setting
> X86_HYPER_VMWARE to make any TDX hypercall.
>
> I'd *much* rather you export something like vmware_tdx_hypercall() or
> even the high-level calls like hypervisor_ppn_reset_all(). The higher
> level and more specialized the interface, the less likely it is to be
> abused.
Dave, I understood your point. Please take a look on the next version of
the patch.
I export vmware_tdx_hypercall(), while vmware_tdx_hypercall_args() is a
static inline wrapper on top.
Most of the vmware hypercall logic plus sanity checks are now in
exported function. While only input and output argument handling remains
in the wrapper to allow compiler optimization for hypercalls with few
argument. Exporting vmware_tdx_hypercall1, vmware_tdx_hypercall3, and so
on is not an option either.
Regards,
--Alexey
next prev parent reply other threads:[~2023-12-08 2:27 UTC|newest]
Thread overview: 41+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-11-22 23:30 [PATCH 0/6] VMware hypercalls enhancements Alexey Makhalov
2023-11-22 23:30 ` [PATCH 1/6] x86/vmware: Move common macros to vmware.h Alexey Makhalov
2023-11-22 23:30 ` [PATCH 2/6] x86/vmware: Introduce vmware_hypercall API Alexey Makhalov
2023-11-22 23:30 ` [PATCH 3/6] ptp/vmware: Use " Alexey Makhalov
2023-11-22 23:30 ` [PATCH 4/6] input/vmmouse: " Alexey Makhalov
2023-11-24 19:46 ` Simon Horman
2023-11-25 1:22 ` Alexey Makhalov
2023-11-25 4:58 ` dmitry.torokhov
2023-11-25 5:01 ` Dmitry Torokhov
2023-11-22 23:30 ` [PATCH 5/6] drm/vmwgfx: " Alexey Makhalov
2023-11-22 23:30 ` [PATCH 6/6] x86/vmware: Add TDX hypercall support Alexey Makhalov
2023-11-22 23:30 ` [PATCH 0/6] VMware hypercalls enhancements Alexey Makhalov
2023-12-01 23:24 ` [PATCH v2 " Alexey Makhalov
2023-12-01 23:24 ` [PATCH v2 1/6] x86/vmware: Move common macros to vmware.h Alexey Makhalov
2023-12-04 10:32 ` Borislav Petkov
2023-12-01 23:24 ` [PATCH v2 2/6] x86/vmware: Introduce vmware_hypercall API Alexey Makhalov
2023-12-04 10:35 ` Borislav Petkov
2023-12-01 23:24 ` [PATCH v2 3/6] ptp/vmware: Use " Alexey Makhalov
2023-12-01 23:24 ` [PATCH v2 4/6] input/vmmouse: " Alexey Makhalov
2023-12-01 23:24 ` [PATCH v2 5/6] drm/vmwgfx: " Alexey Makhalov
2023-12-05 20:27 ` Borislav Petkov
2023-12-05 21:18 ` Alexey Makhalov
2023-12-01 23:24 ` [PATCH v2 6/6] x86/vmware: Add TDX hypercall support Alexey Makhalov
2023-12-04 10:31 ` Borislav Petkov
2023-12-05 21:24 ` Dave Hansen
2023-12-05 21:41 ` Alexey Makhalov
2023-12-05 22:43 ` Tim Merrifield
2023-12-05 23:03 ` Dave Hansen
2023-12-06 0:11 ` Alexey Makhalov
2023-12-06 7:15 ` [PATCH] " Alexey Makhalov
2023-12-07 17:12 ` Dave Hansen
2023-12-08 2:27 ` Alexey Makhalov [this message]
2023-12-08 2:32 ` Alexey Makhalov
2023-12-05 19:57 ` [PATCH v2 6/6] " kernel test robot
2023-12-05 21:04 ` kernel test robot
2023-11-22 23:30 ` [PATCH 1/6] x86/vmware: Move common macros to vmware.h Alexey Makhalov
2023-11-22 23:30 ` [PATCH 2/6] x86/vmware: Introduce vmware_hypercall API Alexey Makhalov
2023-11-22 23:30 ` [PATCH 3/6] ptp/vmware: Use " Alexey Makhalov
2023-11-22 23:30 ` [PATCH 4/6] input/vmmouse: " Alexey Makhalov
2023-11-22 23:30 ` [PATCH 5/6] drm/vmwgfx: " Alexey Makhalov
2023-11-22 23:30 ` [PATCH 6/6] x86/vmware: Add TDX hypercall support Alexey Makhalov
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=64074f04-fd72-488b-831a-ad744bbcd950@broadcom.com \
--to=alexey.makhalov@broadcom.com \
--cc=airlied@gmail.com \
--cc=akaher@vmware.com \
--cc=bp@alien8.d \
--cc=daniel@ffwll.ch \
--cc=dave.hansen@intel.com \
--cc=dave.hansen@linux.intel.co \
--cc=dave.hansen@linux.intel.com \
--cc=dmitry.torokhov@gmail.com \
--cc=dri-devel@lists.freedesktop.org \
--cc=horms@kernel.org \
--cc=hpa@zytor.com \
--cc=jsipek@vmware.com \
--cc=linux-graphics-maintainer@vmware.com \
--cc=linux-input@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=maarten.lankhorst@linux.intel.com \
--cc=mingo@redhat.com \
--cc=mripard@kernel.org \
--cc=namit@vmware.com \
--cc=netdev@vger.kernel.org \
--cc=pv-drivers@vmware.com \
--cc=richardcochran@gmail.com \
--cc=tglx@linutronix.de \
--cc=timothym@vmware.com \
--cc=tzimmermann@suse.de \
--cc=virtualization@lists.linux.dev \
--cc=x86@kernel.org \
--cc=zackr@vmware.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox