[PATCH v8 0/9] TDX host: metadata reading tweaks and bug fixes

[Kai Huang <kai.huang@intel.com>]

This series replaces the existing TDX module metadata reading code with
a new auto-generated global metadata infrastructure to:

1) address two issues in the current TDX module initialization code, and
2) have an extendable infrastructure which is super easy to read more
   metadata and share with KVM for KVM TDX support (and other kernel
   components for TDX Connect in the future).

And the reason that we need a new global metadata infrastructure is the
current one can only read TDMR related metadata fields and it is not
extendable to read more metadata fields, which is required to address
both 1) and 2) above.

Specifically, below two issues in the current module initialization code
need to be addressed:

1) Module initialization may fail on some large systems (e.g., with 4 or
   more sockets) [1].
2) Some old modules can clobber host's RBP when existing from the TDX
   guest, and currently they can be initialized successfully.  We don't
   want to use such modules thus we should just fail to initialize them
   to avoid memory/cpu cycle cost of initializing TDX module [2].

The first 6 patches introduce the new auto-generated global metadata
infrastructure (which is auto-generated using a script [3]), and the
rest patches address the above two issues.

Hi Dave,

This series targets x86 tip.  This is also a pre-work of the "quite near
future" KVM TDX support.  I appreciate if you can review, comment and
take this series if the patches look good to you.

The script used to auto-generate the metadata reading code in patch 3
can be found in [3].

Also cc Dan for TDX Connect, and cc Paolo/Sean for KVM TDX (but I
removed KVM list since this series doesn't touch KVM code).

History:

v7 -> v8:
 - Address Dave's comments to remove the code to print module version
   and CMRs:
   - Remove the code which reads module version in the auto-generated
     code.
   - Remove the patch which prints module version (patch 10 in v7)
   - Remove the code which prints CMRs in patch 7.
   - Update the changelog of some patches that mentioned "reading module
     version" and "print CMRs".
 - Collect Nikolay's tag.

Previous versions and more background info please see:

 - https://lore.kernel.org/kvm/6ab90fd332bccdec7b64e5909cb4637732d6bb01.1731318868.git.kai.huang@intel.com/T/

[1]: https://github.com/canonical/tdx/issues/135
[2]: https://lore.kernel.org/fc0e8ab7-86d4-4428-be31-82e1ece6dd21@intel.com/
[3]: https://lore.kernel.org/d5aed06ae4b46df5db97fdbac9c01843920a2f96.camel@intel.com/


Kai Huang (8):
  x86/virt/tdx: Rename 'struct tdx_tdmr_sysinfo' to reflect the spec
    better
  x86/virt/tdx: Start to track all global metadata in one structure
  x86/virt/tdx: Use dedicated struct members for PAMT entry sizes
  x86/virt/tdx: Add missing header file inclusion to local tdx.h
  x86/virt/tdx: Switch to use auto-generated global metadata reading
    code
  x86/virt/tdx: Trim away tail null CMRs
  x86/virt/tdx: Reduce TDMR's reserved areas by using CMRs to find
    memory holes
  x86/virt/tdx: Require the module to assert it has the NO_RBP_MOD
    mitigation

Paolo Bonzini (1):
  x86/virt/tdx: Use auto-generated code to read global metadata

 arch/x86/virt/vmx/tdx/tdx.c                 | 146 +++++++++++---------
 arch/x86/virt/vmx/tdx/tdx.h                 |  43 +-----
 arch/x86/virt/vmx/tdx/tdx_global_metadata.c |  67 +++++++++
 arch/x86/virt/vmx/tdx/tdx_global_metadata.h |  32 +++++
 4 files changed, 183 insertions(+), 105 deletions(-)
 create mode 100644 arch/x86/virt/vmx/tdx/tdx_global_metadata.c
 create mode 100644 arch/x86/virt/vmx/tdx/tdx_global_metadata.h


base-commit: 7ae15e2f69bad06527668b478dff7c099ad2e6ae
-- 
2.46.2