From: "Kirill A. Shutemov" <kirill.shutemov@linux.intel.com>
To: tglx@linutronix.de, mingo@redhat.com, bp@alien8.de,
dave.hansen@intel.com, luto@kernel.org, peterz@infradead.org
Cc: sathyanarayanan.kuppuswamy@linux.intel.com, aarcange@redhat.com,
ak@linux.intel.com, dan.j.williams@intel.com, david@redhat.com,
hpa@zytor.com, jgross@suse.com, jmattson@google.com,
joro@8bytes.org, jpoimboe@redhat.com, knsathya@kernel.org,
pbonzini@redhat.com, sdeep@vmware.com, seanjc@google.com,
tony.luck@intel.com, vkuznets@redhat.com, wanpengli@tencent.com,
x86@kernel.org, linux-kernel@vger.kernel.org,
"Kirill A . Shutemov" <kirill.shutemov@linux.intel.com>
Subject: [PATCHv2 02/29] x86/tdx: Extend the cc_platform_has() API to support TDX guests
Date: Mon, 24 Jan 2022 18:01:48 +0300 [thread overview]
Message-ID: <20220124150215.36893-3-kirill.shutemov@linux.intel.com> (raw)
In-Reply-To: <20220124150215.36893-1-kirill.shutemov@linux.intel.com>
From: Kuppuswamy Sathyanarayanan <sathyanarayanan.kuppuswamy@linux.intel.com>
Confidential Computing (CC) features (like string I/O unroll support,
memory encryption/decryption support, etc) are conditionally enabled
in the kernel using cc_platform_has() API. Since TDX guests also need
to use these CC features, extend cc_platform_has() API and add TDX
guest-specific CC attributes support.
Use is_tdx_guest() API to detect for the TDX guest status and return
TDX-specific CC attributes. To enable use of CC APIs in the TDX guest,
select ARCH_HAS_CC_PLATFORM in the CONFIG_INTEL_TDX_GUEST case.
This is a preparatory patch and just creates the framework for adding
TDX guest specific CC attributes.
Since is_tdx_guest() function (through cc_platform_has() API) is used in
the early boot code, disable the instrumentation flags and function
tracer. This is similar to AMD SEV and cc_platform.c.
Since intel_cc_platform_has() function only gets called when
is_tdx_guest() is true (valid CONFIG_INTEL_TDX_GUEST case), remove the
redundant #ifdef in intel_cc_platform_has().
Signed-off-by: Kuppuswamy Sathyanarayanan <sathyanarayanan.kuppuswamy@linux.intel.com>
Signed-off-by: Kirill A. Shutemov <kirill.shutemov@linux.intel.com>
---
arch/x86/Kconfig | 1 +
arch/x86/kernel/Makefile | 3 +++
arch/x86/kernel/cc_platform.c | 9 ++++-----
3 files changed, 8 insertions(+), 5 deletions(-)
diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig
index 09e6744af3f8..1491f25c844e 100644
--- a/arch/x86/Kconfig
+++ b/arch/x86/Kconfig
@@ -884,6 +884,7 @@ config INTEL_TDX_GUEST
bool "Intel TDX (Trust Domain Extensions) - Guest Support"
depends on X86_64 && CPU_SUP_INTEL
depends on X86_X2APIC
+ select ARCH_HAS_CC_PLATFORM
help
Support running as a guest under Intel TDX. Without this support,
the guest kernel can not boot or run under TDX.
diff --git a/arch/x86/kernel/Makefile b/arch/x86/kernel/Makefile
index 211d9fcdd729..67415037c33c 100644
--- a/arch/x86/kernel/Makefile
+++ b/arch/x86/kernel/Makefile
@@ -22,6 +22,7 @@ CFLAGS_REMOVE_early_printk.o = -pg
CFLAGS_REMOVE_head64.o = -pg
CFLAGS_REMOVE_sev.o = -pg
CFLAGS_REMOVE_cc_platform.o = -pg
+CFLAGS_REMOVE_tdx.o = -pg
endif
KASAN_SANITIZE_head$(BITS).o := n
@@ -31,6 +32,7 @@ KASAN_SANITIZE_stacktrace.o := n
KASAN_SANITIZE_paravirt.o := n
KASAN_SANITIZE_sev.o := n
KASAN_SANITIZE_cc_platform.o := n
+KASAN_SANITIZE_tdx.o := n
# With some compiler versions the generated code results in boot hangs, caused
# by several compilation units. To be safe, disable all instrumentation.
@@ -50,6 +52,7 @@ KCOV_INSTRUMENT := n
CFLAGS_head$(BITS).o += -fno-stack-protector
CFLAGS_cc_platform.o += -fno-stack-protector
+CFLAGS_tdx.o += -fno-stack-protector
CFLAGS_irq.o := -I $(srctree)/$(src)/../include/asm/trace
diff --git a/arch/x86/kernel/cc_platform.c b/arch/x86/kernel/cc_platform.c
index 6a6ffcd978f6..c72b3919bca9 100644
--- a/arch/x86/kernel/cc_platform.c
+++ b/arch/x86/kernel/cc_platform.c
@@ -13,14 +13,11 @@
#include <asm/mshyperv.h>
#include <asm/processor.h>
+#include <asm/tdx.h>
-static bool __maybe_unused intel_cc_platform_has(enum cc_attr attr)
+static bool intel_cc_platform_has(enum cc_attr attr)
{
-#ifdef CONFIG_INTEL_TDX_GUEST
return false;
-#else
- return false;
-#endif
}
/*
@@ -76,6 +73,8 @@ bool cc_platform_has(enum cc_attr attr)
{
if (sme_me_mask)
return amd_cc_platform_has(attr);
+ else if (is_tdx_guest())
+ return intel_cc_platform_has(attr);
if (hv_is_isolation_supported())
return hyperv_cc_platform_has(attr);
--
2.34.1
next prev parent reply other threads:[~2022-01-24 15:02 UTC|newest]
Thread overview: 154+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-01-24 15:01 [PATCHv2 00/29] TDX Guest: TDX core support Kirill A. Shutemov
2022-01-24 15:01 ` [PATCHv2 01/29] x86/tdx: Detect running as a TDX guest in early boot Kirill A. Shutemov
2022-02-01 19:29 ` Thomas Gleixner
2022-02-01 23:14 ` Kirill A. Shutemov
2022-02-03 0:32 ` Josh Poimboeuf
2022-02-03 14:09 ` Kirill A. Shutemov
2022-02-03 15:13 ` Dave Hansen
2022-01-24 15:01 ` Kirill A. Shutemov [this message]
2022-02-01 19:31 ` [PATCHv2 02/29] x86/tdx: Extend the cc_platform_has() API to support TDX guests Thomas Gleixner
2022-01-24 15:01 ` [PATCHv2 03/29] x86/tdx: Add __tdx_module_call() and __tdx_hypercall() helper functions Kirill A. Shutemov
2022-02-01 19:58 ` Thomas Gleixner
2022-02-02 2:55 ` Kirill A. Shutemov
2022-02-02 10:59 ` Kai Huang
2022-02-03 14:44 ` Kirill A. Shutemov
2022-02-03 23:47 ` Kai Huang
2022-02-04 3:43 ` Kirill A. Shutemov
2022-02-04 9:51 ` Kai Huang
2022-02-04 13:20 ` Kirill A. Shutemov
2022-02-04 10:12 ` Kai Huang
2022-02-04 13:18 ` Kirill A. Shutemov
2022-02-05 0:06 ` Kai Huang
2022-02-02 17:08 ` Thomas Gleixner
2022-01-24 15:01 ` [PATCHv2 04/29] x86/traps: Add #VE support for TDX guest Kirill A. Shutemov
2022-02-01 21:02 ` Thomas Gleixner
2022-02-01 21:26 ` Sean Christopherson
2022-02-12 1:42 ` Kirill A. Shutemov
2022-01-24 15:01 ` [PATCHv2 05/29] x86/tdx: Add HLT support for TDX guests Kirill A. Shutemov
2022-01-29 14:53 ` Borislav Petkov
2022-01-29 22:30 ` [PATCHv2.1 " Kirill A. Shutemov
2022-02-01 21:21 ` Thomas Gleixner
2022-02-02 12:48 ` Kirill A. Shutemov
2022-02-02 17:17 ` Thomas Gleixner
2022-02-04 16:55 ` Kirill A. Shutemov
2022-02-07 22:52 ` Sean Christopherson
2022-02-09 14:34 ` Kirill A. Shutemov
2022-02-09 18:05 ` Sean Christopherson
2022-02-09 22:23 ` Kirill A. Shutemov
2022-02-10 1:21 ` Sean Christopherson
2022-01-24 15:01 ` [PATCHv2 06/29] x86/tdx: Add MSR " Kirill A. Shutemov
2022-02-01 21:38 ` Thomas Gleixner
2022-02-02 13:06 ` Kirill A. Shutemov
2022-02-02 17:18 ` Thomas Gleixner
2022-01-24 15:01 ` [PATCHv2 07/29] x86/tdx: Handle CPUID via #VE Kirill A. Shutemov
2022-02-01 21:39 ` Thomas Gleixner
2022-01-24 15:01 ` [PATCHv2 08/29] x86/tdx: Handle in-kernel MMIO Kirill A. Shutemov
2022-01-24 19:30 ` Josh Poimboeuf
2022-01-24 22:08 ` Kirill A. Shutemov
2022-01-24 23:04 ` Josh Poimboeuf
2022-01-24 22:40 ` Dave Hansen
2022-01-24 23:04 ` [PATCHv2.1 " Kirill A. Shutemov
2022-02-01 16:14 ` Borislav Petkov
2022-02-01 22:30 ` [PATCHv2 " Thomas Gleixner
2022-01-24 15:01 ` [PATCHv2 09/29] x86/tdx: Detect TDX at early kernel decompression time Kirill A. Shutemov
2022-02-01 18:30 ` Borislav Petkov
2022-02-01 22:33 ` Thomas Gleixner
2022-01-24 15:01 ` [PATCHv2 10/29] x86: Consolidate port I/O helpers Kirill A. Shutemov
2022-02-01 22:36 ` Thomas Gleixner
2022-01-24 15:01 ` [PATCHv2 11/29] x86/boot: Allow to hook up alternative " Kirill A. Shutemov
2022-02-01 19:02 ` Borislav Petkov
2022-02-01 22:39 ` Thomas Gleixner
2022-02-01 22:53 ` Thomas Gleixner
2022-02-02 17:20 ` Kirill A. Shutemov
2022-02-02 19:05 ` Thomas Gleixner
2022-01-24 15:01 ` [PATCHv2 12/29] x86/boot/compressed: Support TDX guest port I/O at decompression time Kirill A. Shutemov
2022-02-01 22:55 ` Thomas Gleixner
2022-01-24 15:01 ` [PATCHv2 13/29] x86/tdx: Add port I/O emulation Kirill A. Shutemov
2022-02-01 23:01 ` Thomas Gleixner
2022-02-02 6:22 ` Borislav Petkov
2022-01-24 15:02 ` [PATCHv2 14/29] x86/tdx: Early boot handling of port I/O Kirill A. Shutemov
2022-02-01 23:02 ` Thomas Gleixner
2022-02-02 10:09 ` Borislav Petkov
2022-01-24 15:02 ` [PATCHv2 15/29] x86/tdx: Wire up KVM hypercalls Kirill A. Shutemov
2022-02-01 23:05 ` Thomas Gleixner
2022-01-24 15:02 ` [PATCHv2 16/29] x86/boot: Add a trampoline for booting APs via firmware handoff Kirill A. Shutemov
2022-02-01 23:06 ` Thomas Gleixner
2022-02-02 11:27 ` Borislav Petkov
2022-02-04 11:27 ` Kuppuswamy, Sathyanarayanan
2022-02-04 13:49 ` Borislav Petkov
2022-02-15 21:36 ` Kirill A. Shutemov
2022-02-16 10:07 ` Borislav Petkov
2022-02-16 14:10 ` Kirill A. Shutemov
2022-02-10 0:25 ` Kai Huang
2022-01-24 15:02 ` [PATCHv2 17/29] x86/acpi, x86/boot: Add multiprocessor wake-up support Kirill A. Shutemov
2022-02-01 23:27 ` Thomas Gleixner
2022-02-05 12:37 ` Kuppuswamy, Sathyanarayanan
2022-01-24 15:02 ` [PATCHv2 18/29] x86/boot: Avoid #VE during boot for TDX platforms Kirill A. Shutemov
2022-02-02 0:04 ` Thomas Gleixner
2022-02-11 16:13 ` Kirill A. Shutemov
2022-01-24 15:02 ` [PATCHv2 19/29] x86/topology: Disable CPU online/offline control for TDX guests Kirill A. Shutemov
2022-02-02 0:09 ` Thomas Gleixner
2022-02-02 0:11 ` Thomas Gleixner
2022-02-03 15:00 ` Borislav Petkov
2022-02-03 21:26 ` Thomas Gleixner
2022-01-24 15:02 ` [PATCHv2 20/29] x86/tdx: Get page shared bit info from the TDX module Kirill A. Shutemov
2022-02-02 0:14 ` Thomas Gleixner
2022-02-07 22:27 ` Sean Christopherson
2022-02-07 10:44 ` Borislav Petkov
2022-01-24 15:02 ` [PATCHv2 21/29] x86/tdx: Exclude shared bit from __PHYSICAL_MASK Kirill A. Shutemov
2022-02-02 0:18 ` Thomas Gleixner
2022-01-24 15:02 ` [PATCHv2 22/29] x86/tdx: Make pages shared in ioremap() Kirill A. Shutemov
2022-02-02 0:25 ` Thomas Gleixner
2022-02-02 19:27 ` Kirill A. Shutemov
2022-02-02 19:47 ` Thomas Gleixner
2022-02-07 16:27 ` Borislav Petkov
2022-02-07 16:57 ` Dave Hansen
2022-02-07 17:28 ` Borislav Petkov
2022-02-14 22:09 ` Kirill A. Shutemov
2022-02-15 10:50 ` Borislav Petkov
2022-02-15 14:49 ` Tom Lendacky
2022-02-15 15:41 ` Kirill A. Shutemov
2022-02-15 15:55 ` Tom Lendacky
2022-02-15 16:27 ` Kirill A. Shutemov
2022-02-15 16:34 ` Dave Hansen
2022-02-15 17:33 ` Kirill A. Shutemov
2022-02-16 9:58 ` Borislav Petkov
2022-02-16 15:37 ` Kirill A. Shutemov
2022-02-17 15:24 ` Borislav Petkov
2022-01-24 15:02 ` [PATCHv2 23/29] x86/tdx: Add helper to convert memory between shared and private Kirill A. Shutemov
2022-02-02 0:35 ` Thomas Gleixner
2022-02-08 12:12 ` Borislav Petkov
2022-02-09 23:21 ` Kirill A. Shutemov
2022-01-24 15:02 ` [PATCHv2 24/29] x86/mm/cpa: Add support for TDX shared memory Kirill A. Shutemov
2022-02-02 1:27 ` Thomas Gleixner
2022-01-24 15:02 ` [PATCHv2 25/29] x86/kvm: Use bounce buffers for TD guest Kirill A. Shutemov
2022-01-24 15:02 ` [PATCHv2 26/29] x86/tdx: ioapic: Add shared bit for IOAPIC base address Kirill A. Shutemov
2022-02-02 1:33 ` Thomas Gleixner
2022-02-04 22:09 ` Yamahata, Isaku
2022-02-04 22:31 ` Kirill A. Shutemov
2022-02-07 14:08 ` Tom Lendacky
2022-01-24 15:02 ` [PATCHv2 27/29] ACPICA: Avoid cache flush on TDX guest Kirill A. Shutemov
2022-01-24 15:02 ` [PATCHv2 28/29] x86/tdx: Warn about unexpected WBINVD Kirill A. Shutemov
2022-02-02 1:46 ` Thomas Gleixner
2022-02-04 21:35 ` Kirill A. Shutemov
2022-01-24 15:02 ` [PATCHv2 29/29] Documentation/x86: Document TDX kernel architecture Kirill A. Shutemov
2022-02-24 9:08 ` Xiaoyao Li
2022-02-09 10:56 ` [PATCHv2 00/29] TDX Guest: TDX core support Kai Huang
2022-02-09 11:08 ` Borislav Petkov
2022-02-09 11:30 ` Kai Huang
2022-02-09 11:40 ` Borislav Petkov
2022-02-09 11:48 ` Kai Huang
2022-02-09 11:56 ` Borislav Petkov
2022-02-09 11:58 ` Kai Huang
2022-02-09 16:50 ` Sean Christopherson
2022-02-09 19:11 ` Borislav Petkov
2022-02-09 20:07 ` Sean Christopherson
2022-02-09 20:36 ` Borislav Petkov
2022-02-10 0:05 ` Kai Huang
2022-02-16 16:08 ` Sean Christopherson
2022-02-16 15:48 ` Kirill A. Shutemov
2022-02-17 15:19 ` Borislav Petkov
2022-02-17 15:26 ` Kirill A. Shutemov
2022-02-17 15:34 ` Borislav Petkov
2022-02-17 15:29 ` Sean Christopherson
2022-02-17 15:31 ` Borislav Petkov
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20220124150215.36893-3-kirill.shutemov@linux.intel.com \
--to=kirill.shutemov@linux.intel.com \
--cc=aarcange@redhat.com \
--cc=ak@linux.intel.com \
--cc=bp@alien8.de \
--cc=dan.j.williams@intel.com \
--cc=dave.hansen@intel.com \
--cc=david@redhat.com \
--cc=hpa@zytor.com \
--cc=jgross@suse.com \
--cc=jmattson@google.com \
--cc=joro@8bytes.org \
--cc=jpoimboe@redhat.com \
--cc=knsathya@kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=luto@kernel.org \
--cc=mingo@redhat.com \
--cc=pbonzini@redhat.com \
--cc=peterz@infradead.org \
--cc=sathyanarayanan.kuppuswamy@linux.intel.com \
--cc=sdeep@vmware.com \
--cc=seanjc@google.com \
--cc=tglx@linutronix.de \
--cc=tony.luck@intel.com \
--cc=vkuznets@redhat.com \
--cc=wanpengli@tencent.com \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.