From: "Kirill A. Shutemov" <kirill.shutemov@linux.intel.com>
To: kirill.shutemov@linux.intel.com
Cc: aarcange@redhat.com, ak@linux.intel.com, bp@alien8.de,
brijesh.singh@amd.com, dan.j.williams@intel.com,
dave.hansen@intel.com, dave.hansen@linux.intel.com,
david@redhat.com, hpa@zytor.com, jgross@suse.com,
jmattson@google.com, joro@8bytes.org, jpoimboe@redhat.com,
knsathya@kernel.org, linux-kernel@vger.kernel.org,
luto@kernel.org, mingo@redhat.com, pbonzini@redhat.com,
peterz@infradead.org, sathyanarayanan.kuppuswamy@linux.intel.com,
sdeep@vmware.com, seanjc@google.com, tglx@linutronix.de,
thomas.lendacky@amd.com, tony.luck@intel.com,
vkuznets@redhat.com, wanpengli@tencent.com, x86@kernel.org
Subject: [PATCHv7.1 16/30] x86/boot: Port I/O: add decompression-time support for TDX
Date: Fri, 18 Mar 2022 19:05:14 +0300 [thread overview]
Message-ID: <20220318160514.66270-1-kirill.shutemov@linux.intel.com> (raw)
In-Reply-To: <20220318153048.51177-17-kirill.shutemov@linux.intel.com>
Port I/O instructions trigger #VE in the TDX environment. In response to
the exception, kernel emulates these instructions using hypercalls.
But during early boot, on the decompression stage, it is cumbersome to
deal with #VE. It is cleaner to go to hypercalls directly, bypassing #VE
handling.
Hook up TDX-specific port I/O helpers if booting in TDX environment.
Signed-off-by: Kirill A. Shutemov <kirill.shutemov@linux.intel.com>
Reviewed-by: Dave Hansen <dave.hansen@linux.intel.com>
---
v7.1:
- Explicitly use pio_ops when override port I/O callbacks
---
arch/x86/boot/compressed/Makefile | 2 +-
arch/x86/boot/compressed/tdcall.S | 3 ++
arch/x86/boot/compressed/tdx.c | 61 +++++++++++++++++++++++++++++++
arch/x86/include/asm/shared/tdx.h | 32 ++++++++++++++++
arch/x86/include/asm/tdx.h | 27 --------------
5 files changed, 97 insertions(+), 28 deletions(-)
create mode 100644 arch/x86/boot/compressed/tdcall.S
diff --git a/arch/x86/boot/compressed/Makefile b/arch/x86/boot/compressed/Makefile
index 732f6b21ecbd..8fd0e6ae2e1f 100644
--- a/arch/x86/boot/compressed/Makefile
+++ b/arch/x86/boot/compressed/Makefile
@@ -101,7 +101,7 @@ ifdef CONFIG_X86_64
endif
vmlinux-objs-$(CONFIG_ACPI) += $(obj)/acpi.o
-vmlinux-objs-$(CONFIG_INTEL_TDX_GUEST) += $(obj)/tdx.o
+vmlinux-objs-$(CONFIG_INTEL_TDX_GUEST) += $(obj)/tdx.o $(obj)/tdcall.o
vmlinux-objs-$(CONFIG_EFI_MIXED) += $(obj)/efi_thunk_$(BITS).o
efi-obj-$(CONFIG_EFI_STUB) = $(objtree)/drivers/firmware/efi/libstub/lib.a
diff --git a/arch/x86/boot/compressed/tdcall.S b/arch/x86/boot/compressed/tdcall.S
new file mode 100644
index 000000000000..46d0495e0d3a
--- /dev/null
+++ b/arch/x86/boot/compressed/tdcall.S
@@ -0,0 +1,3 @@
+/* SPDX-License-Identifier: GPL-2.0 */
+
+#include "../../coco/tdx/tdcall.S"
diff --git a/arch/x86/boot/compressed/tdx.c b/arch/x86/boot/compressed/tdx.c
index 5f6d01a2f1f4..918a7606f53c 100644
--- a/arch/x86/boot/compressed/tdx.c
+++ b/arch/x86/boot/compressed/tdx.c
@@ -2,9 +2,65 @@
#include "../cpuflags.h"
#include "../string.h"
+#include "../io.h"
+#include "error.h"
+
+#include <vdso/limits.h>
+#include <uapi/asm/vmx.h>
#include <asm/shared/tdx.h>
+/* Called from __tdx_hypercall() for unrecoverable failure */
+void __tdx_hypercall_failed(void)
+{
+ error("TDVMCALL failed. TDX module bug?");
+}
+
+static inline unsigned int tdx_io_in(int size, u16 port)
+{
+ struct tdx_hypercall_args args = {
+ .r10 = TDX_HYPERCALL_STANDARD,
+ .r11 = EXIT_REASON_IO_INSTRUCTION,
+ .r12 = size,
+ .r13 = 0,
+ .r14 = port,
+ };
+
+ if (__tdx_hypercall(&args, TDX_HCALL_HAS_OUTPUT))
+ return UINT_MAX;
+
+ return args.r11;
+}
+
+static inline void tdx_io_out(int size, u16 port, u32 value)
+{
+ struct tdx_hypercall_args args = {
+ .r10 = TDX_HYPERCALL_STANDARD,
+ .r11 = EXIT_REASON_IO_INSTRUCTION,
+ .r12 = size,
+ .r13 = 1,
+ .r14 = port,
+ .r15 = value,
+ };
+
+ __tdx_hypercall(&args, 0);
+}
+
+static inline u8 tdx_inb(u16 port)
+{
+ return tdx_io_in(1, port);
+}
+
+static inline void tdx_outb(u8 value, u16 port)
+{
+ tdx_io_out(1, port, value);
+}
+
+static inline void tdx_outw(u16 value, u16 port)
+{
+ tdx_io_out(2, port, value);
+}
+
void early_tdx_detect(void)
{
u32 eax, sig[3];
@@ -13,4 +69,9 @@ void early_tdx_detect(void)
if (memcmp(TDX_IDENT, sig, sizeof(sig)))
return;
+
+ /* Use hypercalls instead of I/O instructions */
+ pio_ops.f_inb = tdx_inb;
+ pio_ops.f_outb = tdx_outb;
+ pio_ops.f_outw = tdx_outw;
}
diff --git a/arch/x86/include/asm/shared/tdx.h b/arch/x86/include/asm/shared/tdx.h
index 8209ba9ffe1a..e53f26228fbb 100644
--- a/arch/x86/include/asm/shared/tdx.h
+++ b/arch/x86/include/asm/shared/tdx.h
@@ -2,7 +2,39 @@
#ifndef _ASM_X86_SHARED_TDX_H
#define _ASM_X86_SHARED_TDX_H
+#include <linux/bits.h>
+#include <linux/types.h>
+
+#define TDX_HYPERCALL_STANDARD 0
+
+#define TDX_HCALL_HAS_OUTPUT BIT(0)
+#define TDX_HCALL_ISSUE_STI BIT(1)
+
#define TDX_CPUID_LEAF_ID 0x21
#define TDX_IDENT "IntelTDX "
+#ifndef __ASSEMBLY__
+
+/*
+ * Used in __tdx_hypercall() to pass down and get back registers' values of
+ * the TDCALL instruction when requesting services from the VMM.
+ *
+ * This is a software only structure and not part of the TDX module/VMM ABI.
+ */
+struct tdx_hypercall_args {
+ u64 r10;
+ u64 r11;
+ u64 r12;
+ u64 r13;
+ u64 r14;
+ u64 r15;
+};
+
+/* Used to request services from the VMM */
+u64 __tdx_hypercall(struct tdx_hypercall_args *args, unsigned long flags);
+
+/* Called from __tdx_hypercall() for unrecoverable failure */
+void __tdx_hypercall_failed(void);
+
+#endif /* !__ASSEMBLY__ */
#endif /* _ASM_X86_SHARED_TDX_H */
diff --git a/arch/x86/include/asm/tdx.h b/arch/x86/include/asm/tdx.h
index ca23adaa6681..1093a5e5f446 100644
--- a/arch/x86/include/asm/tdx.h
+++ b/arch/x86/include/asm/tdx.h
@@ -3,16 +3,10 @@
#ifndef _ASM_X86_TDX_H
#define _ASM_X86_TDX_H
-#include <linux/bits.h>
#include <linux/init.h>
#include <asm/ptrace.h>
#include <asm/shared/tdx.h>
-#define TDX_HYPERCALL_STANDARD 0
-
-#define TDX_HCALL_HAS_OUTPUT BIT(0)
-#define TDX_HCALL_ISSUE_STI BIT(1)
-
/*
* SW-defined error codes.
*
@@ -40,21 +34,6 @@ struct tdx_module_output {
u64 r11;
};
-/*
- * Used in __tdx_hypercall() to pass down and get back registers' values of
- * the TDCALL instruction when requesting services from the VMM.
- *
- * This is a software only structure and not part of the TDX module/VMM ABI.
- */
-struct tdx_hypercall_args {
- u64 r10;
- u64 r11;
- u64 r12;
- u64 r13;
- u64 r14;
- u64 r15;
-};
-
/*
* Used by the #VE exception handler to gather the #VE exception
* info from the TDX module. This is a software only structure
@@ -79,12 +58,6 @@ void __init tdx_early_init(void);
u64 __tdx_module_call(u64 fn, u64 rcx, u64 rdx, u64 r8, u64 r9,
struct tdx_module_output *out);
-/* Used to request services from the VMM */
-u64 __tdx_hypercall(struct tdx_hypercall_args *args, unsigned long flags);
-
-/* Called from __tdx_hypercall() for unrecoverable failure */
-void __tdx_hypercall_failed(void);
-
void tdx_get_ve_info(struct ve_info *ve);
bool tdx_handle_virt_exception(struct pt_regs *regs, struct ve_info *ve);
--
2.34.1
next prev parent reply other threads:[~2022-03-18 16:06 UTC|newest]
Thread overview: 55+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-03-18 15:30 [PATCHv7 00/30] TDX Guest: TDX core support Kirill A. Shutemov
2022-03-18 15:30 ` [PATCHv7 01/30] x86/tdx: Detect running as a TDX guest in early boot Kirill A. Shutemov
2022-03-18 15:30 ` [PATCHv7 02/30] x86/tdx: Provide common base for SEAMCALL and TDCALL C wrappers Kirill A. Shutemov
2022-03-19 14:48 ` Borislav Petkov
2022-03-21 15:52 ` Kirill A. Shutemov
2022-03-21 16:02 ` [PATCHv7.1 " Kirill A. Shutemov
2022-04-04 3:19 ` Kai Huang
2022-04-04 3:25 ` Kai Huang
2022-04-04 13:51 ` Dave Hansen
2022-04-04 23:35 ` Kai Huang
2022-04-05 0:01 ` Dave Hansen
2022-04-05 0:23 ` Kai Huang
2022-04-08 20:12 ` Dave Hansen
2022-03-18 15:30 ` [PATCHv7 03/30] x86/tdx: Add __tdx_module_call() and __tdx_hypercall() helper functions Kirill A. Shutemov
2022-03-18 15:30 ` [PATCHv7 04/30] x86/tdx: Extend the confidential computing API to support TDX guests Kirill A. Shutemov
2022-03-18 15:30 ` [PATCHv7 05/30] x86/tdx: Exclude shared bit from __PHYSICAL_MASK Kirill A. Shutemov
2022-03-18 15:30 ` [PATCHv7 06/30] x86/traps: Refactor exc_general_protection() Kirill A. Shutemov
2022-03-18 15:30 ` [PATCHv7 07/30] x86/traps: Add #VE support for TDX guest Kirill A. Shutemov
2022-03-18 15:30 ` [PATCHv7 08/30] x86/tdx: Add HLT support for TDX guests Kirill A. Shutemov
2022-03-18 15:30 ` [PATCHv7 09/30] x86/tdx: Add MSR " Kirill A. Shutemov
2022-03-18 15:30 ` [PATCHv7 10/30] x86/tdx: Handle CPUID via #VE Kirill A. Shutemov
2022-03-18 15:30 ` [PATCHv7 11/30] x86/tdx: Handle in-kernel MMIO Kirill A. Shutemov
2022-03-18 15:30 ` [PATCHv7 12/30] x86/tdx: Detect TDX at early kernel decompression time Kirill A. Shutemov
2022-03-18 15:30 ` [PATCHv7 13/30] x86: Adjust types used in port I/O helpers Kirill A. Shutemov
2022-03-18 15:30 ` [PATCHv7 14/30] x86: Consolidate " Kirill A. Shutemov
2022-03-18 15:30 ` [PATCHv7 15/30] x86/boot: Port I/O: allow to hook up alternative helpers Kirill A. Shutemov
2022-03-18 16:04 ` [PATCHv7.1 " Kirill A. Shutemov
2022-03-18 15:30 ` [PATCHv7 16/30] x86/boot: Port I/O: add decompression-time support for TDX Kirill A. Shutemov
2022-03-18 16:05 ` Kirill A. Shutemov [this message]
2022-03-18 15:30 ` [PATCHv7 17/30] x86/tdx: Port I/O: add runtime hypercalls Kirill A. Shutemov
2022-03-18 15:30 ` [PATCHv7 18/30] x86/tdx: Port I/O: add early boot support Kirill A. Shutemov
2022-03-18 15:30 ` [PATCHv7 19/30] x86/tdx: Wire up KVM hypercalls Kirill A. Shutemov
2022-03-18 15:30 ` [PATCHv7 20/30] x86/boot: Add a trampoline for booting APs via firmware handoff Kirill A. Shutemov
2022-03-18 15:30 ` [PATCHv7 21/30] x86/acpi, x86/boot: Add multiprocessor wake-up support Kirill A. Shutemov
2022-03-18 18:23 ` Dave Hansen
2022-03-18 19:22 ` Dave Hansen
2022-03-24 15:24 ` Kirill A. Shutemov
2022-03-28 19:17 ` Dave Hansen
2022-03-30 23:16 ` Kirill A. Shutemov
2022-03-30 23:44 ` Dave Hansen
2022-03-31 1:52 ` Kirill A. Shutemov
2022-04-01 17:33 ` Dave Hansen
2022-03-18 15:30 ` [PATCHv7 22/30] x86/boot: Set CR0.NE early and keep it set during the boot Kirill A. Shutemov
2022-03-18 15:30 ` [PATCHv7 23/30] x86/boot: Avoid #VE during boot for TDX platforms Kirill A. Shutemov
2022-03-18 15:30 ` [PATCHv7 24/30] x86/topology: Disable CPU online/offline control for TDX guests Kirill A. Shutemov
2022-03-18 15:30 ` [PATCHv7 25/30] x86/tdx: Make pages shared in ioremap() Kirill A. Shutemov
2022-03-18 15:30 ` [PATCHv7 26/30] x86/mm/cpa: Add support for TDX shared memory Kirill A. Shutemov
2022-03-18 15:30 ` [PATCHv7 27/30] x86/mm: Make DMA memory shared for TD guest Kirill A. Shutemov
2022-03-18 15:53 ` Dave Hansen
2022-03-18 15:30 ` [PATCHv7 28/30] x86/tdx: ioapic: Add shared bit for IOAPIC base address Kirill A. Shutemov
2022-03-18 15:30 ` [PATCHv7 29/30] ACPICA: Avoid cache flush inside virtual machines Kirill A. Shutemov
2022-03-18 15:30 ` [PATCHv7 30/30] Documentation/x86: Document TDX kernel architecture Kirill A. Shutemov
2022-04-04 4:32 ` Kai Huang
2022-04-04 6:25 ` Dave Hansen
2022-04-04 7:23 ` Kai Huang
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20220318160514.66270-1-kirill.shutemov@linux.intel.com \
--to=kirill.shutemov@linux.intel.com \
--cc=aarcange@redhat.com \
--cc=ak@linux.intel.com \
--cc=bp@alien8.de \
--cc=brijesh.singh@amd.com \
--cc=dan.j.williams@intel.com \
--cc=dave.hansen@intel.com \
--cc=dave.hansen@linux.intel.com \
--cc=david@redhat.com \
--cc=hpa@zytor.com \
--cc=jgross@suse.com \
--cc=jmattson@google.com \
--cc=joro@8bytes.org \
--cc=jpoimboe@redhat.com \
--cc=knsathya@kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=luto@kernel.org \
--cc=mingo@redhat.com \
--cc=pbonzini@redhat.com \
--cc=peterz@infradead.org \
--cc=sathyanarayanan.kuppuswamy@linux.intel.com \
--cc=sdeep@vmware.com \
--cc=seanjc@google.com \
--cc=tglx@linutronix.de \
--cc=thomas.lendacky@amd.com \
--cc=tony.luck@intel.com \
--cc=vkuznets@redhat.com \
--cc=wanpengli@tencent.com \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).