From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id A56F0C7EE2F for ; Tue, 6 Jun 2023 23:44:13 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 341A78E0002; Tue, 6 Jun 2023 19:44:13 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 2F1558E0001; Tue, 6 Jun 2023 19:44:13 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 1B93C8E0002; Tue, 6 Jun 2023 19:44:13 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0010.hostedemail.com [216.40.44.10]) by kanga.kvack.org (Postfix) with ESMTP id 0D1B18E0001 for ; Tue, 6 Jun 2023 19:44:13 -0400 (EDT) Received: from smtpin24.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay07.hostedemail.com (Postfix) with ESMTP id D612F1604F1 for ; Tue, 6 Jun 2023 23:44:12 +0000 (UTC) X-FDA: 80873953944.24.2F09A90 Received: from mail-pf1-f172.google.com (mail-pf1-f172.google.com [209.85.210.172]) by imf07.hostedemail.com (Postfix) with ESMTP id 06BFC40008 for ; Tue, 6 Jun 2023 23:44:10 +0000 (UTC) Authentication-Results: imf07.hostedemail.com; dkim=pass header.d=gmail.com header.s=20221208 header.b=n8hRF4MS; dmarc=pass (policy=none) header.from=gmail.com; spf=pass (imf07.hostedemail.com: domain of isaku.yamahata@gmail.com designates 209.85.210.172 as permitted sender) smtp.mailfrom=isaku.yamahata@gmail.com ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1686095051; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=mEZkIZY9Q7jTP/McBQstCS6PR169uMprlxbbas5+TgM=; b=sUri7ZIdPq15EUyP5tdpU+6k4JjesLrmsZpPXfc6K1BbbwDDSJh/fkvcj3JvhQIOfBQk4G XcICfPo5P87Swm7a8OirUIDamVGYAt55mkD1QRmxouF0FtuiOZh5XQSf0njrwhtKNkPhM2 C5rn0i6C2fnwbMOh0xc9XYj1N1p3qgI= ARC-Authentication-Results: i=1; imf07.hostedemail.com; dkim=pass header.d=gmail.com header.s=20221208 header.b=n8hRF4MS; dmarc=pass (policy=none) header.from=gmail.com; spf=pass (imf07.hostedemail.com: domain of isaku.yamahata@gmail.com designates 209.85.210.172 as permitted sender) smtp.mailfrom=isaku.yamahata@gmail.com ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1686095051; a=rsa-sha256; cv=none; b=hVkKJVC9ywqRupsrTojOuy3CHREqibcvv1jSEb7dNdcW/WsMb/XamQugH6yfNqzQAUhDmk Y/C/hA0+HA8udsatsr30Ddq3wYZcgGLXLmkyMVmiBNNkPWseBVIC8yJ/ihaw/EO354ixmw 7fSxhsuHb/lzGY2+tX4K/7IoVDp4GUQ= Received: by mail-pf1-f172.google.com with SMTP id d2e1a72fcca58-64d24136685so39707b3a.1 for ; Tue, 06 Jun 2023 16:44:10 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20221208; t=1686095050; x=1688687050; h=in-reply-to:content-disposition:mime-version:references:message-id :subject:cc:to:from:date:from:to:cc:subject:date:message-id:reply-to; bh=mEZkIZY9Q7jTP/McBQstCS6PR169uMprlxbbas5+TgM=; b=n8hRF4MSiRkNfUvc8i87aRrACp6giMIbhGu+lCaOcY3T23RWe5R6yTEszIukbeyMSm weqnE4w2TVNcK7Sym65s37htsxfSTQ/p4IVGtkQX89lCAsXIo8LQCJw4Ln+2dSQZjlVs NXwKWSS4mgrfrUqtDtiqCjJmRNPKNQm83Si4eJqbPy0OXr8gkBQJ9LTxaFjLOhwzLbFP bliYMmczVVHC9vw1KKOnUH+EAMqRe1jsqINbip5WMtCFYkR4nUI8kIUB1QhyZ8YDt+HA LUFg+4G4GsMey4PlvtzlYgg24NGT9EuoIn+Ze44Dz0kBIbKNHB6mjrSOFREAVXPZdcCr KnVQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1686095050; x=1688687050; h=in-reply-to:content-disposition:mime-version:references:message-id :subject:cc:to:from:date:x-gm-message-state:from:to:cc:subject:date :message-id:reply-to; bh=mEZkIZY9Q7jTP/McBQstCS6PR169uMprlxbbas5+TgM=; b=g37DxzPStN6WwlcPqdVY88aPNIn5/OCleRjjY8x6bsQDaTSyIqwMPNXbsKE1Ubt0zk HpYrXcDpspPOsmqVq9/hYl6sw15zywUlD85fGbDwigZWJff65+vs0BkTfViW/XGKfXiG MSdh+/SSOggzcfmibkocifTaYW9eZquhctahXz3Q01bjrWWp+xJ/stiNPYw3eESWVCoU Q8GWcXblE0WaxpWI/Fd1pr7N9nA4MeSBkI4lnjBP+vfTTRtDNWUFZmc14mob/2rkfc56 YFt032WWs2lVYfOdIeIapF201IV6WT282+xQoWmj8epfHxqlZ3n3y3387EttKq2KHrvG 5OYQ== X-Gm-Message-State: AC+VfDw5WLTi0NXsS9FVTO6dYRA+15iuA3XXuepA7IbPVhdIsnLYeJiP +aR+LAnYX5+lo+zlonhya5Y= X-Google-Smtp-Source: ACHHUZ6ELRc9CiQE6xiKHl+27ELaDVpnZylJ3B8xbEzOwiolUc5ZwT/a+AYfyajhlDYhqp+nzXt2qw== X-Received: by 2002:a05:6a00:238e:b0:65c:d458:cedc with SMTP id f14-20020a056a00238e00b0065cd458cedcmr3508063pfc.12.1686095049540; Tue, 06 Jun 2023 16:44:09 -0700 (PDT) Received: from localhost ([192.55.54.50]) by smtp.gmail.com with ESMTPSA id b20-20020aa78114000000b00660f0e4da6esm1302157pfi.183.2023.06.06.16.44.08 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 06 Jun 2023 16:44:09 -0700 (PDT) Date: Tue, 6 Jun 2023 16:44:07 -0700 From: Isaku Yamahata To: Kai Huang Cc: linux-kernel@vger.kernel.org, kvm@vger.kernel.org, linux-mm@kvack.org, dave.hansen@intel.com, kirill.shutemov@linux.intel.com, tony.luck@intel.com, peterz@infradead.org, tglx@linutronix.de, seanjc@google.com, pbonzini@redhat.com, david@redhat.com, dan.j.williams@intel.com, rafael.j.wysocki@intel.com, ying.huang@intel.com, reinette.chatre@intel.com, len.brown@intel.com, ak@linux.intel.com, isaku.yamahata@intel.com, chao.gao@intel.com, sathyanarayanan.kuppuswamy@linux.intel.com, bagasdotme@gmail.com, sagis@google.com, imammedo@redhat.com, isaku.yamahata@gmail.com Subject: Re: [PATCH v11 02/20] x86/virt/tdx: Detect TDX during kernel boot Message-ID: <20230606234407.GC2244082@ls.amr.corp.intel.com> References: MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline In-Reply-To: X-Rspamd-Queue-Id: 06BFC40008 X-Rspam-User: X-Rspamd-Server: rspam05 X-Stat-Signature: mkwme6yjgsap378r3ppqrbsi1atkazhu X-HE-Tag: 1686095050-770204 X-HE-Meta: U2FsdGVkX19fepCjGeVQYRm9cDc+5v6pVTPKXbAHaIqYkW8hL3lxPGlJfwNgfLVkwMDYXk9TLNknFbUFLR9T9t02gvOj8iWB2zDe5DSLcTQS/3cM32VDlePWuyLGnnOQ/6MLsguoUeWWABNnN54Y1bTnTOqE+VB6nXvfmmftoMDqEubhYzr9y1f0XmAA9Ed13IMiSdwv5SjFKD+W4oA/co8Ke7ZaoQc9GyCekOKmskZxgLJj4n4InkmwvlN8a9P8pEasxVPb/fRk1mG6/kVWm0jDrummqZraSs26GeolTmX4i6lOgbuYoJwO56h7vzZXppCbzRMpnP/lM8GF8EJpAZnmpLeG010Z50WjzQJ0+0QyUJcFDVWQSzEO/Z/0bmak67bdFEGlQCJjbTkvG1NMdLA9Ipgon77ny9v6Xc4VT+AUuvtaUggfvrevuc5JDrj2Fb01b++mV4T6GULvqtngmlAU+O0G0YOeqFEvq+b8jzV+Xj5/moG9fls6zX9mWsPsEhs2bYpAFHmWhJWGKdORYeYZzEk2RL1wM8v9rYqVEN5JBOOjckA7eg9Xswe7YW/jPt5IO3OVvVr6ehaoUTnwcBwzrU5hlrtxhb1m0uQuJlFiyO7k69TJf0OND6BmiGHBnw0tas4y6ynOlpLJApqiz+2sApgujgSZG2mM2GQs5nVkhARJjh8uDtAqsbTeHnkq+e2v0Qj6T3R2nFwjc9LviKtn0KfnbWKxI9aEO/KQmLLZH9p3qwx7En5qFNhA5q0sudXmMwx3N25eNUgpboos57ELeIorxWO9we2vndXcym3SFU0ziMWLvfTjpHgBUFd4LDm/a8Ga5zdZmxdY4ozlmtuCQo73919jIbUSRtoDTgrInQ665bIvPLIi0haZYXnkySZYwO7sVOqzVfVJmTd0XOeC4DBqJWqUk05BmMS8fu5bQRbt1BfpORpaediU8F3Cuod3NK81m2KrvigEEAY DClJ2hUu WKZyAWZ9bGgwqtvorVYTU6L6patrhZ7v91Qojyj3A+dYYccupmPbI2uplBGi2YPoUdZ/GQIPDkiZZ376Q+On/UZI4hKcB6hCvb9f0Jcogw57xM4LwvRieKcJX+A5KqAwzCQbvMsxmjUi/34KBCWwRvl/CDf1tArY49YlSKlXEfCVphacCXa3145WcGCkhy/iiURK6gE4caG+nMXSKxSWiNFXklA1mnmLyi3VwXtAGlx1P5gkG+iFvJBAxuXwW+mjvz3OUCiyHvt+LdIT02xvR+sbbSTZHlgjh9iJt5LHn73FBHZs/pGma8drOfsej4odYPgvAhqiBNOyIC6OqrrQKWJJUB0+7y7GyigjoQNwTgWE2U61oP4PuMEXp25pUM+6dqMelIe0d1ggcBZafJehMuKWJqbnPoXa+2eTtPSMLRnQuaHePemGg0b7oPwPY5LvVFq6h5GCuPOwqPJnyQ8rW+1P+6eoNbLvdu/u2XAJJgWKpeiT6xe9mJdx7X+ZMIQyaHWBe5WE6No3rqah6ECdZkgAcC4KcWAfdrefy X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: On Mon, Jun 05, 2023 at 02:27:15AM +1200, Kai Huang wrote: > diff --git a/arch/x86/virt/vmx/tdx/tdx.c b/arch/x86/virt/vmx/tdx/tdx.c > new file mode 100644 > index 000000000000..2d91e7120c90 > --- /dev/null > +++ b/arch/x86/virt/vmx/tdx/tdx.c > @@ -0,0 +1,92 @@ > +// SPDX-License-Identifier: GPL-2.0 > +/* > + * Copyright(c) 2023 Intel Corporation. > + * > + * Intel Trusted Domain Extensions (TDX) support > + */ > + > +#define pr_fmt(fmt) "tdx: " fmt > + > +#include > +#include > +#include > +#include > +#include > +#include > +#include > +#include > + > +static u32 tdx_global_keyid __ro_after_init; > +static u32 tdx_guest_keyid_start __ro_after_init; > +static u32 tdx_nr_guest_keyids __ro_after_init; > + > +static int __init record_keyid_partitioning(u32 *tdx_keyid_start, > + u32 *nr_tdx_keyids) > +{ > + u32 _nr_mktme_keyids, _tdx_keyid_start, _nr_tdx_keyids; > + int ret; > + > + /* > + * IA32_MKTME_KEYID_PARTIONING: > + * Bit [31:0]: Number of MKTME KeyIDs. > + * Bit [63:32]: Number of TDX private KeyIDs. > + */ > + ret = rdmsr_safe(MSR_IA32_MKTME_KEYID_PARTITIONING, &_nr_mktme_keyids, > + &_nr_tdx_keyids); > + if (ret) > + return -ENODEV; > + > + if (!_nr_tdx_keyids) > + return -ENODEV; > + > + /* TDX KeyIDs start after the last MKTME KeyID. */ > + _tdx_keyid_start = _nr_mktme_keyids + 1; > + > + *tdx_keyid_start = _tdx_keyid_start; > + *nr_tdx_keyids = _nr_tdx_keyids; > + > + return 0; > +} > + > +static int __init tdx_init(void) > +{ > + u32 tdx_keyid_start, nr_tdx_keyids; > + int err; > + > + err = record_keyid_partitioning(&tdx_keyid_start, &nr_tdx_keyids); > + if (err) > + return err; > + > + pr_info("BIOS enabled: private KeyID range [%u, %u)\n", > + tdx_keyid_start, tdx_keyid_start + nr_tdx_keyids); > + > + /* > + * The TDX module itself requires one 'global KeyID' to protect > + * its metadata. If there's only one TDX KeyID, there won't be > + * any left for TDX guests thus there's no point to enable TDX > + * at all. > + */ > + if (nr_tdx_keyids < 2) { > + pr_info("initialization failed: too few private KeyIDs available.\n"); Because this case is against the admin expectation, pr_warn() or pr_err()? Except that, looks good to me Reviewed-by: Isaku Yamahata -- Isaku Yamahata