[GIT PULL] x86/tdx for 6.3
From: Dave Hansen
Date: Tue Feb 21 2023 - 19:17:12 EST
Hi Linus,
Please pull some x86/tdx changes for 6.3. Other than a minor fixup,
the content here is to ensure that TDX guests never see virtualization
exceptions (#VE's) that might be induced by the untrusted VMM.
This is a highly desirable property. Without it, #VE exception
handling would fall somewhere between NMIs, machine checks and
total insanity. With it, #VE handling remains pretty mundane.
There is a conflict here with some cleanups which you already pulled
via tip:sched/core. I've appended a conflict resolution from Ingo
that he used when merging these all together in tip/master.
--
The following changes since commit 5dc4c995db9eb45f6373a956eb1f69460e69e6d4:
Linux 6.2-rc4 (2023-01-15 09:22:43 -0600)
are available in the Git repository at:
https://git.kernel.org/pub/scm/linux/kernel/git/tip/tip.git tags/x86_tdx_for_6.3
for you to fetch changes up to 1e70c680375aa33cca97bff0bca68c0f82f5023c:
x86/tdx: Do not corrupt frame-pointer in __tdx_hypercall() (2023-02-02 16:31:25 -0800)
----------------------------------------------------------------
- Fixup comment typo
- Prevent unexpected #VE's from:
- Hosts removing perfectly good guest mappings (SEPT_VE_DISABLE
- Excessive #VE notifications (NOTIFY_ENABLES) which are
delivered via a #VE.
----------------------------------------------------------------
Kirill A. Shutemov (8):
x86/tdx: Fix typo in comment in __tdx_hypercall()
x86/tdx: Add more registers to struct tdx_hypercall_args
x86/tdx: Refactor __tdx_hypercall() to allow pass down more arguments
x86/tdx: Expand __tdx_hypercall() to handle more arguments
x86/tdx: Use ReportFatalError to report missing SEPT_VE_DISABLE
x86/tdx: Relax SEPT_VE_DISABLE check for debug TD
x86/tdx: Disable NOTIFY_ENABLES
x86/tdx: Do not corrupt frame-pointer in __tdx_hypercall()
arch/x86/coco/tdx/tdcall.S | 83 ++++++++++++++++++++++++++++-----------
arch/x86/coco/tdx/tdx.c | 62 ++++++++++++++++++++++++++++-
arch/x86/include/asm/shared/tdx.h | 6 +++
arch/x86/kernel/asm-offsets.c | 6 +++
4 files changed, 131 insertions(+), 26 deletions(-)
--
Author: Ingo Molnar <mingo@xxxxxxxxxx>
Date: Tue Feb 21 09:30:27 2023 +0100
Merge branch 'x86/tdx'
Conflicts:
arch/x86/coco/tdx/tdcall.S
Signed-off-by: Ingo Molnar <mingo@xxxxxxxxxx>
diff --cc arch/x86/coco/tdx/tdcall.S
index ad0d51f03cb4,2bd436a4790d..6a255e6809bc
--- a/arch/x86/coco/tdx/tdcall.S
+++ b/arch/x86/coco/tdx/tdcall.S
@@@ -27,12 -33,10 +33,12 @@@
* details can be found in TDX GHCI specification, section
* titled "TDCALL [TDG.VP.VMCALL] leaf".
*/
- #define TDVMCALL_EXPOSE_REGS_MASK ( TDX_R10 | TDX_R11 | \
- TDX_R12 | TDX_R13 | \
- TDX_R14 | TDX_R15 )
+ #define TDVMCALL_EXPOSE_REGS_MASK \
+ ( TDX_RDX | TDX_RBX | TDX_RSI | TDX_RDI | TDX_R8 | TDX_R9 | \
+ TDX_R10 | TDX_R11 | TDX_R12 | TDX_R13 | TDX_R14 | TDX_R15 )
+.section .noinstr.text, "ax"
+
/*
* __tdx_module_call() - Used by TDX guests to request services from
* the TDX module (does not include VMM services) using TDCALL instruction.
@@@ -131,16 -156,21 +158,8 @@@ SYM_FUNC_START(__tdx_hypercall
/* Set TDCALL leaf ID (TDVMCALL (0)) in RAX */
xor %eax, %eax
- /* Copy hypercall registers from arg struct: */
- movq TDX_HYPERCALL_r10(%rdi), %r10
- movq TDX_HYPERCALL_r11(%rdi), %r11
- movq TDX_HYPERCALL_r12(%rdi), %r12
- movq TDX_HYPERCALL_r13(%rdi), %r13
- movq TDX_HYPERCALL_r14(%rdi), %r14
- movq TDX_HYPERCALL_r15(%rdi), %r15
-
movl $TDVMCALL_EXPOSE_REGS_MASK, %ecx
- /*
- * For the idle loop STI needs to be called directly before the TDCALL
- * that enters idle (EXIT_REASON_HLT case). STI instruction enables
- * interrupts only one instruction later. If there is a window between
- * STI and the instruction that emulates the HALT state, there is a
- * chance for interrupts to happen in this window, which can delay the
- * HLT operation indefinitely. Since this is the not the desired
- * result, conditionally call STI before TDCALL.
- */
- testq $TDX_HCALL_ISSUE_STI, 8(%rsp)
- jz .Lskip_sti
- sti
-.Lskip_sti:
tdcall
/*