linux-kernel.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
From: Kuppuswamy Sathyanarayanan  <sathyanarayanan.kuppuswamy@linux.intel.com>
To: Thomas Gleixner <tglx@linutronix.de>,
	Ingo Molnar <mingo@redhat.com>, Borislav Petkov <bp@alien8.de>,
	Peter Zijlstra <peterz@infradead.org>,
	Andy Lutomirski <luto@kernel.org>,
	Bjorn Helgaas <bhelgaas@google.com>,
	Richard Henderson <rth@twiddle.net>,
	Thomas Bogendoerfer <tsbogend@alpha.franken.de>,
	James E J Bottomley <James.Bottomley@HansenPartnership.com>,
	Helge Deller <deller@gmx.de>,
	"David S . Miller" <davem@davemloft.net>,
	Arnd Bergmann <arnd@arndb.de>, Jonathan Corbet <corbet@lwn.net>,
	"Michael S . Tsirkin" <mst@redhat.com>
Cc: Peter H Anvin <hpa@zytor.com>,
	Dave Hansen <dave.hansen@intel.com>,
	Tony Luck <tony.luck@intel.com>,
	Dan Williams <dan.j.williams@intel.com>,
	Andi Kleen <ak@linux.intel.com>,
	Kirill Shutemov <kirill.shutemov@linux.intel.com>,
	Sean Christopherson <seanjc@google.com>,
	Kuppuswamy Sathyanarayanan <knsathya@kernel.org>,
	x86@kernel.org, linux-kernel@vger.kernel.org,
	linux-pci@vger.kernel.org, linux-alpha@vger.kernel.org,
	linux-mips@vger.kernel.org, linux-parisc@vger.kernel.org,
	sparclinux@vger.kernel.org, linux-arch@vger.kernel.org,
	linux-doc@vger.kernel.org,
	virtualization@lists.linux-foundation.org
Subject: [PATCH v4 00/15] Add TDX Guest Support (shared-mm support)
Date: Wed,  4 Aug 2021 17:52:03 -0700	[thread overview]
Message-ID: <20210805005218.2912076-1-sathyanarayanan.kuppuswamy@linux.intel.com> (raw)

Hi All,

Intel's Trust Domain Extensions (TDX) protect guest VMs from malicious
hosts and some physical attacks. Since VMM is untrusted entity, it does
not allow VMM to access guest private memory. Any memory that is required
for communication with VMM must be shared explicitly. This series adds
support to securely share guest memory with VMM when it is required by
guest.

Originally TDX did automatic sharing of every ioremap. But it was found that
this ends up with a lot of memory shared that is supposed to be private, for
example ACPI tables. Also in general since only a few drivers are expected
to be used it's safer to mark them explicitly (for virtio it actually only
needs two places). This gives the advantage of automatically preventing
other drivers from doing MMIO, which can happen in some cases even with
the device filter. There is still a command line option to override this option,
which allows to use all drivers.

This series is the continuation of the patch series titled "Add TDX Guest
Support (Initial support)", "Add TDX Guest Support (#VE handler support)"
and "Add TDX Guest Support (boot fixes)" which added initial support,
 #VE handler support and boot fixes for TDX guests. You  can find the
related patchsets in the following links.

[set 1, v5] - https://lore.kernel.org/patchwork/project/lkml/list/?series=510805
[set 2, v4] - https://lore.kernel.org/patchwork/project/lkml/list/?series=510814
[set 3, v4] - https://lore.kernel.org/patchwork/project/lkml/list/?series=510816

Also please note that this series alone is not necessarily fully
functional. You need to apply all the above 3 patch series to get
a fully functional TDX guest.

You can find TDX related documents in the following link.

https://software.intel.com/content/www/br/pt/develop/articles/intel-trust-domain-extensions.html

Also, ioremap related changes in mips, parisc, alpha, sparch archs' are
only compile tested, and hence need help from the community users of these
archs' to make sure that it does not break any functionality.

In this patch series, following patches are in PCI domain and are
meant for the PCI domain reviewers.

  pci: Consolidate pci_iomap* and pci_iomap*wc
  pci: Add pci_iomap_shared{,_range}
  pci: Mark MSI data shared

Patch titled "asm/io.h: Add ioremap_shared fallback" adds generic
and arch specific ioremap_shared headers and are meant to be reviewed
by linux-arch@vger.kernel.org, linux-alpha@vger.kernel.org,
linux-mips@vger.kernel.org, linux-parisc@vger.kernel.org,
sparclinux@vger.kernel.org.

Similarly patch titled "virtio: Use shared mappings for virtio
PCI devices" adds ioremap_shared() support for virtio drivers
and are meant to be reviewed by virtio driver maintainers.

I have CCed this patch series to all the related domain maintainers
and open lists. If you prefer to get only patches specific to your
domain, please let me know. I will fix this in next submission.

Changes since v3:
 * Rebased on top of Tom Lendacky's protected guest
   changes (https://lore.kernel.org/patchwork/cover/1468760/)
 * Added new API to share io-reamapped memory selectively
   (using ioremap_shared())
 * Added new wrapper (pci_iomap_shared_range()) for PCI IO
   remap shared mappings use case.

Changes since v2:
 * Rebased on top of v5.14-rc1.
 * No functional changes.

Andi Kleen (6):
  pci: Consolidate pci_iomap* and pci_iomap*wc
  asm/io.h: Add ioremap_shared fallback
  pci: Add pci_iomap_shared{,_range}
  pci: Mark MSI data shared
  virtio: Use shared mappings for virtio PCI devices
  x86/tdx: Implement ioremap_shared for x86

Isaku Yamahata (1):
  x86/tdx: ioapic: Add shared bit for IOAPIC base address

Kirill A. Shutemov (6):
  x86/mm: Move force_dma_unencrypted() to common code
  x86/tdx: Exclude Shared bit from physical_mask
  x86/tdx: Make pages shared in ioremap()
  x86/tdx: Add helper to do MapGPA hypercall
  x86/tdx: Make DMA pages shared
  x86/kvm: Use bounce buffers for TD guest

Kuppuswamy Sathyanarayanan (2):
  x86/tdx: Enable shared memory protected guest flags for TDX guest
  x86/tdx: Add cmdline option to force use of ioremap_shared

 .../admin-guide/kernel-parameters.rst         |   1 +
 .../admin-guide/kernel-parameters.txt         |  12 ++
 arch/alpha/include/asm/io.h                   |   1 +
 arch/mips/include/asm/io.h                    |   1 +
 arch/parisc/include/asm/io.h                  |   1 +
 arch/sparc/include/asm/io_64.h                |   1 +
 arch/x86/Kconfig                              |   9 +-
 arch/x86/include/asm/io.h                     |   5 +
 arch/x86/include/asm/mem_encrypt_common.h     |  20 +++
 arch/x86/include/asm/pgtable.h                |   5 +
 arch/x86/include/asm/tdx.h                    |  22 +++
 arch/x86/kernel/apic/io_apic.c                |  18 ++-
 arch/x86/kernel/tdx.c                         |  64 +++++++++
 arch/x86/mm/Makefile                          |   2 +
 arch/x86/mm/ioremap.c                         |  64 +++++++--
 arch/x86/mm/mem_encrypt.c                     |   8 +-
 arch/x86/mm/mem_encrypt_common.c              |  38 ++++++
 arch/x86/mm/pat/set_memory.c                  |  45 ++++++-
 drivers/pci/msi.c                             |   2 +-
 drivers/virtio/virtio_pci_modern_dev.c        |   2 +-
 include/asm-generic/io.h                      |   4 +
 include/asm-generic/pci_iomap.h               |   6 +
 include/linux/protected_guest.h               |   1 +
 lib/pci_iomap.c                               | 125 +++++++++++++-----
 24 files changed, 393 insertions(+), 64 deletions(-)
 create mode 100644 arch/x86/include/asm/mem_encrypt_common.h
 create mode 100644 arch/x86/mm/mem_encrypt_common.c

-- 
2.25.1


             reply	other threads:[~2021-08-05  0:53 UTC|newest]

Thread overview: 55+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2021-08-05  0:52 Kuppuswamy Sathyanarayanan [this message]
2021-08-05  0:52 ` [PATCH v4 01/15] x86/mm: Move force_dma_unencrypted() to common code Kuppuswamy Sathyanarayanan
2021-08-05  0:52 ` [PATCH v4 02/15] x86/tdx: Exclude Shared bit from physical_mask Kuppuswamy Sathyanarayanan
2021-08-05  0:52 ` [PATCH v4 03/15] x86/tdx: Make pages shared in ioremap() Kuppuswamy Sathyanarayanan
2021-08-05  0:52 ` [PATCH v4 04/15] x86/tdx: Add helper to do MapGPA hypercall Kuppuswamy Sathyanarayanan
2021-08-05  0:52 ` [PATCH v4 05/15] x86/tdx: Make DMA pages shared Kuppuswamy Sathyanarayanan
2021-08-05  0:52 ` [PATCH v4 06/15] x86/kvm: Use bounce buffers for TD guest Kuppuswamy Sathyanarayanan
2021-08-05  0:52 ` [PATCH v4 07/15] x86/tdx: ioapic: Add shared bit for IOAPIC base address Kuppuswamy Sathyanarayanan
2021-08-05  0:52 ` [PATCH v4 08/15] x86/tdx: Enable shared memory protected guest flags for TDX guest Kuppuswamy Sathyanarayanan
2021-08-05  0:52 ` [PATCH v4 09/15] pci: Consolidate pci_iomap* and pci_iomap*wc Kuppuswamy Sathyanarayanan
2021-08-12 19:43   ` Bjorn Helgaas
2021-08-12 22:11     ` Andi Kleen
2021-08-12 22:29     ` Kuppuswamy, Sathyanarayanan
2021-08-05  0:52 ` [PATCH v4 10/15] asm/io.h: Add ioremap_shared fallback Kuppuswamy Sathyanarayanan
2021-08-12 19:46   ` Bjorn Helgaas
2021-08-13  7:58   ` Christoph Hellwig
2021-08-05  0:52 ` [PATCH v4 11/15] pci: Add pci_iomap_shared{,_range} Kuppuswamy Sathyanarayanan
2021-08-13  8:02   ` Christoph Hellwig
2021-08-23 23:56   ` Michael S. Tsirkin
2021-08-24  0:30     ` Kuppuswamy, Sathyanarayanan
2021-08-24  1:04       ` Dan Williams
2021-08-24  2:14         ` Andi Kleen
2021-08-24  9:47           ` Michael S. Tsirkin
2021-08-24 17:20             ` Andi Kleen
2021-08-24 18:55               ` Bjorn Helgaas
2021-08-24 20:14                 ` Andi Kleen
2021-08-24 20:31                   ` Bjorn Helgaas
2021-08-24 20:50                     ` Andi Kleen
2021-08-24 21:05                       ` Dan Williams
2021-08-25 14:52                       ` Bjorn Helgaas
2021-08-24 21:55                 ` Rajat Jain
2021-08-29 15:27               ` Michael S. Tsirkin
2021-08-29 16:17                 ` Andi Kleen
2021-08-29 22:26                   ` Michael S. Tsirkin
2021-08-30  5:11                     ` Andi Kleen
2021-08-30 20:59                       ` Michael S. Tsirkin
2021-08-31  0:23                         ` Andi Kleen
2021-09-10  9:54                           ` Michael S. Tsirkin
2021-09-10 16:34                             ` Andi Kleen
2021-09-11 23:54                               ` Michael S. Tsirkin
2021-09-13  5:53                                 ` Michael S. Tsirkin
2021-09-24 22:43                                 ` Andi Kleen
2021-09-27  9:07                                   ` Michael S. Tsirkin
2021-08-24 21:56         ` Rajat Jain
2021-08-24 21:59           ` Dan Williams
2021-08-24  7:07       ` Christoph Hellwig
2021-08-24 17:04         ` Andi Kleen
2021-08-29 15:34           ` Michael S. Tsirkin
2021-08-29 16:43             ` Andi Kleen
2021-08-24  9:12       ` Michael S. Tsirkin
2021-08-05  0:52 ` [PATCH v4 12/15] pci: Mark MSI data shared Kuppuswamy Sathyanarayanan
2021-08-13  8:07   ` Christoph Hellwig
2021-08-05  0:52 ` [PATCH v4 13/15] virtio: Use shared mappings for virtio PCI devices Kuppuswamy Sathyanarayanan
2021-08-05  0:52 ` [PATCH v4 14/15] x86/tdx: Implement ioremap_shared for x86 Kuppuswamy Sathyanarayanan
2021-08-05  0:52 ` [PATCH v4 15/15] x86/tdx: Add cmdline option to force use of ioremap_shared Kuppuswamy Sathyanarayanan

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20210805005218.2912076-1-sathyanarayanan.kuppuswamy@linux.intel.com \
    --to=sathyanarayanan.kuppuswamy@linux.intel.com \
    --cc=James.Bottomley@HansenPartnership.com \
    --cc=ak@linux.intel.com \
    --cc=arnd@arndb.de \
    --cc=bhelgaas@google.com \
    --cc=bp@alien8.de \
    --cc=corbet@lwn.net \
    --cc=dan.j.williams@intel.com \
    --cc=dave.hansen@intel.com \
    --cc=davem@davemloft.net \
    --cc=deller@gmx.de \
    --cc=hpa@zytor.com \
    --cc=kirill.shutemov@linux.intel.com \
    --cc=knsathya@kernel.org \
    --cc=linux-alpha@vger.kernel.org \
    --cc=linux-arch@vger.kernel.org \
    --cc=linux-doc@vger.kernel.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=linux-mips@vger.kernel.org \
    --cc=linux-parisc@vger.kernel.org \
    --cc=linux-pci@vger.kernel.org \
    --cc=luto@kernel.org \
    --cc=mingo@redhat.com \
    --cc=mst@redhat.com \
    --cc=peterz@infradead.org \
    --cc=rth@twiddle.net \
    --cc=seanjc@google.com \
    --cc=sparclinux@vger.kernel.org \
    --cc=tglx@linutronix.de \
    --cc=tony.luck@intel.com \
    --cc=tsbogend@alpha.franken.de \
    --cc=virtualization@lists.linux-foundation.org \
    --cc=x86@kernel.org \
    --subject='Re: [PATCH v4 00/15] Add TDX Guest Support (shared-mm support)' \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).