From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 76AB3C61DA4 for ; Mon, 13 Mar 2023 23:49:23 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id CCAA06B0075; Mon, 13 Mar 2023 19:49:22 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id C7A2A6B0078; Mon, 13 Mar 2023 19:49:22 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id B41AE6B007B; Mon, 13 Mar 2023 19:49:22 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0014.hostedemail.com [216.40.44.14]) by kanga.kvack.org (Postfix) with ESMTP id A23856B0075 for ; Mon, 13 Mar 2023 19:49:22 -0400 (EDT) Received: from smtpin02.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay09.hostedemail.com (Postfix) with ESMTP id 593B180190 for ; Mon, 13 Mar 2023 23:49:22 +0000 (UTC) X-FDA: 80565518964.02.39B4132 Received: from mail-pj1-f42.google.com (mail-pj1-f42.google.com [209.85.216.42]) by imf03.hostedemail.com (Postfix) with ESMTP id 7DF542000F for ; Mon, 13 Mar 2023 23:49:20 +0000 (UTC) Authentication-Results: imf03.hostedemail.com; dkim=pass header.d=gmail.com header.s=20210112 header.b=UE0h6mJi; spf=pass (imf03.hostedemail.com: domain of isaku.yamahata@gmail.com designates 209.85.216.42 as permitted sender) smtp.mailfrom=isaku.yamahata@gmail.com; dmarc=pass (policy=none) header.from=gmail.com ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1678751360; a=rsa-sha256; cv=none; b=P8XnPOqZXFwxofBRUE6nRH7tBgPw5JHwhrw55evvq4+iKhSqgmJ301mI6VjA00EHe80/M4 IPRyVu9AVpiM8EN/OcEp94gdbv0LdmEqCVWS9OMCfvnpPnSbS1tc8pkkBz8gBeXRrGlDHX 7um5yvBZOMbrjXETdf2YvxWCzyaWnfo= ARC-Authentication-Results: i=1; imf03.hostedemail.com; dkim=pass header.d=gmail.com header.s=20210112 header.b=UE0h6mJi; spf=pass (imf03.hostedemail.com: domain of isaku.yamahata@gmail.com designates 209.85.216.42 as permitted sender) smtp.mailfrom=isaku.yamahata@gmail.com; dmarc=pass (policy=none) header.from=gmail.com ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1678751360; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=veCb5kgkwpfOZhFg24jGViGOhj9MBZ2C2UnSqiBHm5U=; b=1p7+AKf1g2sZOuUNcMs98EfcRWeFWSC9XyvoFhLCN0jcgj4Md/Hr3Eu1n/cUFOouQx+5g2 a9VFYehWK5jt58BZsIGQXQI/EaRsNw3rzz/kJG+MMfB4GB4usrNW8MxObyw/I5bjShZiYC fj1P0qqX97L6iIKd8+Oss2QGCyJI3+w= Received: by mail-pj1-f42.google.com with SMTP id qa18-20020a17090b4fd200b0023750b675f5so18595489pjb.3 for ; Mon, 13 Mar 2023 16:49:20 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; t=1678751359; h=in-reply-to:content-disposition:mime-version:references:message-id :subject:cc:to:from:date:from:to:cc:subject:date:message-id:reply-to; bh=veCb5kgkwpfOZhFg24jGViGOhj9MBZ2C2UnSqiBHm5U=; b=UE0h6mJiXvamxHNE9tkWOS7zJojTVeX594dwceoemH58pbPY1cL6zsQskb2Sq3BGFN c0BMpsgqcUN3OEPjySpUoHlr9Hc6wr3dcAlBiNoq+S0s4vaRR4ypnbF63vIUJiWU+EG2 LMEC7PqO5YQwQfj+bPzlI9Aa2RTdbzbN60C+X44jb5p1QFQHEy8H6MutxlnKLO79VaJE 1FlnLx+q7S+XAxZ1VhxCoC6bOoUWZs6ts/hV5w1A2XC2MwTPmohk1O7+1jEq/RprGERi vKbWGaFO+8vB7049HOCholwiEph8d+3W3/bdon6H11FxVTuultkrRP7AXuCkoBndvPHx g90Q== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; t=1678751359; h=in-reply-to:content-disposition:mime-version:references:message-id :subject:cc:to:from:date:x-gm-message-state:from:to:cc:subject:date :message-id:reply-to; bh=veCb5kgkwpfOZhFg24jGViGOhj9MBZ2C2UnSqiBHm5U=; b=Ifqvw7wwuvwpLwc3qeTETkCwNMYIuGBCEhHET448PU6RzXZIs33FhMj6pV2b8NdOgi YfBnqvpt/vDbtdcmboDdWPFfhWcytY4nQ/VkFN/G1jikgzYZ4dvhdF4v4AXoAi30RhoQ VjxZwtK2UBWOssJGzDgkzLSAl2pRcYI9jWu/ahbjwhJP0WwUIn3bvsZ/2tRB7JviOOco ftUZYlJCF/valQb2PozaCtj184CGGrWJDFccpzeeHVDCRH/RVKU5IFp76I7fIkX5iuSK NYqVTF5ICZ370jc6tdrRhp+sX8Dms2pYkncyrh39IGVvpSE36exwiYtTRModCH911JSo mS5A== X-Gm-Message-State: AO0yUKX80L6+4fBPySesFfXBXzK59dZfqtLSZM9ARGmOTZcO01JSQ3Pr et3HSCqGZN8/evr19oQUA/g= X-Google-Smtp-Source: AK7set/CjZAHSn9j/7nDCvM2png4vRlpqlSVmsRAnTLnb7O4nhF+5i2H43foXW1osOGQjAuc8KVIMQ== X-Received: by 2002:a17:90b:2318:b0:23b:3662:11ef with SMTP id mt24-20020a17090b231800b0023b366211efmr9334283pjb.36.1678751359156; Mon, 13 Mar 2023 16:49:19 -0700 (PDT) Received: from localhost ([192.55.54.55]) by smtp.gmail.com with ESMTPSA id v11-20020a17090a458b00b0023d0c2f39f2sm412835pjg.19.2023.03.13.16.49.17 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 13 Mar 2023 16:49:18 -0700 (PDT) Date: Mon, 13 Mar 2023 16:49:16 -0700 From: Isaku Yamahata To: "Huang, Kai" Cc: "isaku.yamahata@gmail.com" , "kvm@vger.kernel.org" , "bagasdotme@gmail.com" , "Hansen, Dave" , "Luck, Tony" , "david@redhat.com" , "ak@linux.intel.com" , "Wysocki, Rafael J" , "linux-kernel@vger.kernel.org" , "Christopherson,, Sean" , "Chatre, Reinette" , "pbonzini@redhat.com" , "linux-mm@kvack.org" , "tglx@linutronix.de" , "kirill.shutemov@linux.intel.com" , "Yamahata, Isaku" , "peterz@infradead.org" , "Shahar, Sagi" , "imammedo@redhat.com" , "Gao, Chao" , "Brown, Len" , "sathyanarayanan.kuppuswamy@linux.intel.com" , "Huang, Ying" , "Williams, Dan J" Subject: Re: [PATCH v10 05/16] x86/virt/tdx: Add skeleton to enable TDX on demand Message-ID: <20230313234916.GC3922605@ls.amr.corp.intel.com> References: <20230308222738.GA3419702@ls.amr.corp.intel.com> <96b56c5b8a5876aaf6d5ccbb81bab334b10983eb.camel@intel.com> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline In-Reply-To: <96b56c5b8a5876aaf6d5ccbb81bab334b10983eb.camel@intel.com> X-Rspam-User: X-Rspamd-Queue-Id: 7DF542000F X-Rspamd-Server: rspam01 X-Stat-Signature: kwnebbp4shd4picj8x5e3pdix9o4jjzc X-HE-Tag: 1678751360-361383 X-HE-Meta: U2FsdGVkX18vrO/xzl8jYvcb6wAlKirRDlT/hHDvbSQq74HF6RrWbfChb3gLU+LH+8JvJcZjm25PAp0ZN+M6/BXwwA8+xLiHbSMnZlgZ66L6VU9jY2mR15OqZYDxZuk+JHreqNazujgJg+60ddFh0Tf+Mf36qms3/pVFRtRBEHAmGt58eZjtSw8SzjQMLKqnDNw/PfvH9Dv0tSCpQEGdwzziKWrasDS5hs9Koc/1KAsk7Ya5jroIIPefa7ynSDqOieCloI5nmhoWtjQ0mR645K1ut1hLFAOMdxf8LeV3XtDIDMT4G4Htp05vINaZbnxAqgizHB8uuWxb1mhGxIAPLOUDNkYRiuRIsQZvQ79Sgt7j4YLelFOuPjqAhnzHlhbd59UHzaDjIakhD2ifmYFe0YVPHKwm8bpsMCrXB5uKiiLI60Q6x7KSL2USKlO9Ih1IaloDgxM9ceKJgSLDbF2Xsio+WSuKBncp5ktmMJ9tur488LcY1KD5ZO85Fm5djjtSNwpMCD8BcWUkQbGNWz+vvp6ZU3ZlIsKxKZV6RqkCEVuwc57JyfrL4sGkIZiZnBqLXbw10GCncBSB3pWc2YfA8vJ9xtdPnGga0f6qyX87TpxiWlrXSI4C9cP5gC9SvPdNOlVK5Tq49fBod3kJE/NY52sCXOhNm5Xw7FSU7z3OqbfYYk8fMwYLZST6zRCcuXrEXibGbW6re67wRz18DNDnecyaWnr9Nh4PTZpW9aTOSxmtJrhitf9DfCS2cxy7FWhXvfJes4ShtmE4m5zcbeni6MgnCxJzPr1d6hQUcc2FcMGabYjTpTbRtVNt7LFQ/AcLhEfDLJqny4jvMjkmOOP5yq+5nO1l0wV0ZIQ+1KLOFf1WHE3uujmJytL0d5noTURLFOzGg9a59b/mZnXDS3oIc014cLd9del6JNU8cWFu05NzBMhcT5+cfEvsbs+A8lmCPdrg5tIlzj7BMDKjtTf o71fYhIt 4mYIflG6n8yCpHiZ/0cuWcsvqFawtyGVFeng0pJYZcVLeLwzFCe1lrk+Qq1jLuv0K5qtuGN9oXpJJ1VCLTP1szDRqx4uI3JQKCVy6ja3SKJHF0pMjqiQstTUn42uzx+llX5pcJ3V4xj4xxorVQzJISYh0G9bZiBfxkbM0HnfxbRDuCHOu+qA8Uw+6kg3dauHrB2Ea28aXkFPfEcREs5g71oy+5i302GvQLGwkEyB45u2ZXyodyL4rG/Ks5hf6nCUPZjHELgwEdGqIy6AOjC9cfUiZjWAO5Np8V1CcCPnxtF7aTDCti1Cun678L22bxqW2A5Fnr8UFtog7NsWFMSNrDAFA+N6YyRJsS+JZSB/zvvZ7afNgXOoThYEOyhLMNI6l+FTDVEUWjyJGXjobv+mfPfCLO8B8EvE62orNkjotjVFGXEVejpXYZf9++rO3why000qKC53lLuJehAs+AfCiOV+dSBs3XyxK2e5rNJDVVv/2L5HIr5QjElj4QeB+9xqSHom/Fob2HvUjoR5g7ETbWDqpT9fZEhVyrEdMvlkhR/31MHquW/nOPrUKv9kE5DQnfUOgXV6m0e0kvB43GAHkHT1bpvSFnkuqqOdi X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: On Sun, Mar 12, 2023 at 11:08:44PM +0000, "Huang, Kai" wrote: > On Wed, 2023-03-08 at 14:27 -0800, Isaku Yamahata wrote: > > > + > > > +static int try_init_module_global(void) > > > +{ > > > + int ret; > > > + > > > + /* > > > + * The TDX module global initialization only needs to be done > > > + * once on any cpu. > > > + */ > > > + spin_lock(&tdx_global_init_lock); > > > + > > > + if (tdx_global_init_status & TDX_GLOBAL_INIT_DONE) { > > > + ret = tdx_global_init_status & TDX_GLOBAL_INIT_FAILED ? > > > + -EINVAL : 0; > > > + goto out; > > > + } > > > + > > > + /* All '0's are just unused parameters. */ > > > + ret = seamcall(TDH_SYS_INIT, 0, 0, 0, 0, NULL, NULL); > > > + > > > + tdx_global_init_status = TDX_GLOBAL_INIT_DONE; > > > + if (ret) > > > + tdx_global_init_status |= TDX_GLOBAL_INIT_FAILED; > > > > If entropy is lacking (rdrand failure), TDH_SYS_INIT can return TDX_SYS_BUSY. > > In such case, we should allow the caller to retry or make this function retry > > instead of marking error stickily. > > The spec says: > > TDX_SYS_BUSY The operation was invoked when another TDX module > operation was in progress. The operation may be retried. > > So I don't see how entropy is lacking is related to this error. Perhaps you > were mixing up with KEY.CONFIG? TDH.SYS.INIT() initializes global canary value. TDX module is compiled with strong stack protector enabled by clang and canary value needs to be initialized. By default, the canary value is stored at %fsbase: Although this is a job for libc or language runtime, TDX modules has to do it itself because it's stand alone. >From tdh_sys_init.c _STATIC_INLINE_ api_error_type tdx_init_stack_canary(void) { ia32_rflags_t rflags = {.raw = 0}; uint64_t canary; if (!ia32_rdrand(&rflags, &canary)) { return TDX_SYS_BUSY; } ... last_page_ptr->stack_canary.canary = canary; -- Isaku Yamahata