linux-kernel.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
From: "Kirill A. Shutemov" <kirill.shutemov@linux.intel.com>
To: tglx@linutronix.de, mingo@redhat.com, bp@alien8.de,
	dave.hansen@intel.com, luto@kernel.org, peterz@infradead.org
Cc: sathyanarayanan.kuppuswamy@linux.intel.com, aarcange@redhat.com,
	ak@linux.intel.com, dan.j.williams@intel.com, david@redhat.com,
	hpa@zytor.com, jgross@suse.com, jmattson@google.com,
	joro@8bytes.org, jpoimboe@redhat.com, knsathya@kernel.org,
	pbonzini@redhat.com, sdeep@vmware.com, seanjc@google.com,
	tony.luck@intel.com, vkuznets@redhat.com, wanpengli@tencent.com,
	thomas.lendacky@amd.com, brijesh.singh@amd.com, x86@kernel.org,
	linux-kernel@vger.kernel.org,
	"Kirill A. Shutemov" <kirill.shutemov@linux.intel.com>
Subject: [PATCHv7 05/30] x86/tdx: Exclude shared bit from __PHYSICAL_MASK
Date: Fri, 18 Mar 2022 18:30:23 +0300	[thread overview]
Message-ID: <20220318153048.51177-6-kirill.shutemov@linux.intel.com> (raw)
In-Reply-To: <20220318153048.51177-1-kirill.shutemov@linux.intel.com>

In TDX guests, by default memory is protected from host access. If a
guest needs to communicate with the VMM (like the I/O use case), it uses
a single bit in the physical address to communicate the protected/shared
attribute of the given page.

In the x86 ARCH code, __PHYSICAL_MASK macro represents the width of the
physical address in the given architecture. It is used in creating
physical PAGE_MASK for address bits in the kernel. Since in TDX guest,
a single bit is used as metadata, it needs to be excluded from valid
physical address bits to avoid using incorrect addresses bits in the
kernel.

Enable DYNAMIC_PHYSICAL_MASK to support updating the __PHYSICAL_MASK.

Co-developed-by: Kuppuswamy Sathyanarayanan <sathyanarayanan.kuppuswamy@linux.intel.com>
Signed-off-by: Kuppuswamy Sathyanarayanan <sathyanarayanan.kuppuswamy@linux.intel.com>
Reviewed-by: Andi Kleen <ak@linux.intel.com>
Reviewed-by: Tony Luck <tony.luck@intel.com>
Signed-off-by: Kirill A. Shutemov <kirill.shutemov@linux.intel.com>
Reviewed-by: Thomas Gleixner <tglx@linutronix.de>
---
 arch/x86/Kconfig        | 1 +
 arch/x86/coco/tdx/tdx.c | 8 ++++++++
 2 files changed, 9 insertions(+)

diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig
index 93e67842e369..d2f45e58e846 100644
--- a/arch/x86/Kconfig
+++ b/arch/x86/Kconfig
@@ -885,6 +885,7 @@ config INTEL_TDX_GUEST
 	depends on X86_64 && CPU_SUP_INTEL
 	depends on X86_X2APIC
 	select ARCH_HAS_CC_PLATFORM
+	select DYNAMIC_PHYSICAL_MASK
 	help
 	  Support running as a guest under Intel TDX.  Without this support,
 	  the guest kernel can not boot or run under TDX.
diff --git a/arch/x86/coco/tdx/tdx.c b/arch/x86/coco/tdx/tdx.c
index 96b2611baac5..e84f6dd3ed2a 100644
--- a/arch/x86/coco/tdx/tdx.c
+++ b/arch/x86/coco/tdx/tdx.c
@@ -89,5 +89,13 @@ void __init tdx_early_init(void)
 	cc_mask = get_cc_mask();
 	cc_set_mask(cc_mask);
 
+	/*
+	 * All bits above GPA width are reserved and kernel treats shared bit
+	 * as flag, not as part of physical address.
+	 *
+	 * Adjust physical mask to only cover valid GPA bits.
+	 */
+	physical_mask &= cc_mask - 1;
+
 	pr_info("Guest detected\n");
 }
-- 
2.34.1


  parent reply	other threads:[~2022-03-18 15:31 UTC|newest]

Thread overview: 55+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2022-03-18 15:30 [PATCHv7 00/30] TDX Guest: TDX core support Kirill A. Shutemov
2022-03-18 15:30 ` [PATCHv7 01/30] x86/tdx: Detect running as a TDX guest in early boot Kirill A. Shutemov
2022-03-18 15:30 ` [PATCHv7 02/30] x86/tdx: Provide common base for SEAMCALL and TDCALL C wrappers Kirill A. Shutemov
2022-03-19 14:48   ` Borislav Petkov
2022-03-21 15:52     ` Kirill A. Shutemov
2022-03-21 16:02     ` [PATCHv7.1 " Kirill A. Shutemov
2022-04-04  3:19       ` Kai Huang
2022-04-04  3:25         ` Kai Huang
2022-04-04 13:51         ` Dave Hansen
2022-04-04 23:35           ` Kai Huang
2022-04-05  0:01             ` Dave Hansen
2022-04-05  0:23               ` Kai Huang
2022-04-08 20:12                 ` Dave Hansen
2022-03-18 15:30 ` [PATCHv7 03/30] x86/tdx: Add __tdx_module_call() and __tdx_hypercall() helper functions Kirill A. Shutemov
2022-03-18 15:30 ` [PATCHv7 04/30] x86/tdx: Extend the confidential computing API to support TDX guests Kirill A. Shutemov
2022-03-18 15:30 ` Kirill A. Shutemov [this message]
2022-03-18 15:30 ` [PATCHv7 06/30] x86/traps: Refactor exc_general_protection() Kirill A. Shutemov
2022-03-18 15:30 ` [PATCHv7 07/30] x86/traps: Add #VE support for TDX guest Kirill A. Shutemov
2022-03-18 15:30 ` [PATCHv7 08/30] x86/tdx: Add HLT support for TDX guests Kirill A. Shutemov
2022-03-18 15:30 ` [PATCHv7 09/30] x86/tdx: Add MSR " Kirill A. Shutemov
2022-03-18 15:30 ` [PATCHv7 10/30] x86/tdx: Handle CPUID via #VE Kirill A. Shutemov
2022-03-18 15:30 ` [PATCHv7 11/30] x86/tdx: Handle in-kernel MMIO Kirill A. Shutemov
2022-03-18 15:30 ` [PATCHv7 12/30] x86/tdx: Detect TDX at early kernel decompression time Kirill A. Shutemov
2022-03-18 15:30 ` [PATCHv7 13/30] x86: Adjust types used in port I/O helpers Kirill A. Shutemov
2022-03-18 15:30 ` [PATCHv7 14/30] x86: Consolidate " Kirill A. Shutemov
2022-03-18 15:30 ` [PATCHv7 15/30] x86/boot: Port I/O: allow to hook up alternative helpers Kirill A. Shutemov
2022-03-18 16:04   ` [PATCHv7.1 " Kirill A. Shutemov
2022-03-18 15:30 ` [PATCHv7 16/30] x86/boot: Port I/O: add decompression-time support for TDX Kirill A. Shutemov
2022-03-18 16:05   ` [PATCHv7.1 " Kirill A. Shutemov
2022-03-18 15:30 ` [PATCHv7 17/30] x86/tdx: Port I/O: add runtime hypercalls Kirill A. Shutemov
2022-03-18 15:30 ` [PATCHv7 18/30] x86/tdx: Port I/O: add early boot support Kirill A. Shutemov
2022-03-18 15:30 ` [PATCHv7 19/30] x86/tdx: Wire up KVM hypercalls Kirill A. Shutemov
2022-03-18 15:30 ` [PATCHv7 20/30] x86/boot: Add a trampoline for booting APs via firmware handoff Kirill A. Shutemov
2022-03-18 15:30 ` [PATCHv7 21/30] x86/acpi, x86/boot: Add multiprocessor wake-up support Kirill A. Shutemov
2022-03-18 18:23   ` Dave Hansen
2022-03-18 19:22     ` Dave Hansen
2022-03-24 15:24     ` Kirill A. Shutemov
2022-03-28 19:17       ` Dave Hansen
2022-03-30 23:16         ` Kirill A. Shutemov
2022-03-30 23:44           ` Dave Hansen
2022-03-31  1:52             ` Kirill A. Shutemov
2022-04-01 17:33               ` Dave Hansen
2022-03-18 15:30 ` [PATCHv7 22/30] x86/boot: Set CR0.NE early and keep it set during the boot Kirill A. Shutemov
2022-03-18 15:30 ` [PATCHv7 23/30] x86/boot: Avoid #VE during boot for TDX platforms Kirill A. Shutemov
2022-03-18 15:30 ` [PATCHv7 24/30] x86/topology: Disable CPU online/offline control for TDX guests Kirill A. Shutemov
2022-03-18 15:30 ` [PATCHv7 25/30] x86/tdx: Make pages shared in ioremap() Kirill A. Shutemov
2022-03-18 15:30 ` [PATCHv7 26/30] x86/mm/cpa: Add support for TDX shared memory Kirill A. Shutemov
2022-03-18 15:30 ` [PATCHv7 27/30] x86/mm: Make DMA memory shared for TD guest Kirill A. Shutemov
2022-03-18 15:53   ` Dave Hansen
2022-03-18 15:30 ` [PATCHv7 28/30] x86/tdx: ioapic: Add shared bit for IOAPIC base address Kirill A. Shutemov
2022-03-18 15:30 ` [PATCHv7 29/30] ACPICA: Avoid cache flush inside virtual machines Kirill A. Shutemov
2022-03-18 15:30 ` [PATCHv7 30/30] Documentation/x86: Document TDX kernel architecture Kirill A. Shutemov
2022-04-04  4:32   ` Kai Huang
2022-04-04  6:25     ` Dave Hansen
2022-04-04  7:23       ` Kai Huang

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20220318153048.51177-6-kirill.shutemov@linux.intel.com \
    --to=kirill.shutemov@linux.intel.com \
    --cc=aarcange@redhat.com \
    --cc=ak@linux.intel.com \
    --cc=bp@alien8.de \
    --cc=brijesh.singh@amd.com \
    --cc=dan.j.williams@intel.com \
    --cc=dave.hansen@intel.com \
    --cc=david@redhat.com \
    --cc=hpa@zytor.com \
    --cc=jgross@suse.com \
    --cc=jmattson@google.com \
    --cc=joro@8bytes.org \
    --cc=jpoimboe@redhat.com \
    --cc=knsathya@kernel.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=luto@kernel.org \
    --cc=mingo@redhat.com \
    --cc=pbonzini@redhat.com \
    --cc=peterz@infradead.org \
    --cc=sathyanarayanan.kuppuswamy@linux.intel.com \
    --cc=sdeep@vmware.com \
    --cc=seanjc@google.com \
    --cc=tglx@linutronix.de \
    --cc=thomas.lendacky@amd.com \
    --cc=tony.luck@intel.com \
    --cc=vkuznets@redhat.com \
    --cc=wanpengli@tencent.com \
    --cc=x86@kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).