[RFC,v5,058/104] KVM: x86/mmu: Focibly use TDP MMU for TDX

Message ID	047e05425ffed2b5de321dba6679cb4d1c388f4e.1646422845.git.isaku.yamahata@intel.com (mailing list archive)
State	New, archived
Headers	show Return-Path: <kvm-owner@kernel.org> From: isaku.yamahata@intel.com To: kvm@vger.kernel.org, linux-kernel@vger.kernel.org Cc: isaku.yamahata@intel.com, isaku.yamahata@gmail.com, Paolo Bonzini <pbonzini@redhat.com>, Jim Mattson <jmattson@google.com>, erdemaktas@google.com, Connor Kuehl <ckuehl@redhat.com>, Sean Christopherson <seanjc@google.com> Subject: [RFC PATCH v5 058/104] KVM: x86/mmu: Focibly use TDP MMU for TDX Date: Fri, 4 Mar 2022 11:49:14 -0800 Message-Id: <047e05425ffed2b5de321dba6679cb4d1c388f4e.1646422845.git.isaku.yamahata@intel.com> In-Reply-To: <cover.1646422845.git.isaku.yamahata@intel.com> References: <cover.1646422845.git.isaku.yamahata@intel.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Precedence: bulk
Series	KVM TDX basic feature support \| expand [RFC,v5,000/104] KVM TDX basic feature support [RFC,v5,001/104] KVM: VMX: Move out vmx_x86_ops to 'main.c' to wrap VMX and TDX [RFC,v5,002/104] x86/virt/tdx: export platform_has_tdx [RFC,v5,003/104] KVM: TDX: Detect CPU feature on kernel module initialization [RFC,v5,004/104] KVM: Enable hardware before doing arch VM initialization [RFC,v5,005/104] KVM: x86: Refactor KVM VMX module init/exit functions [RFC,v5,006/104] KVM: TDX: Add placeholders for TDX VM/vcpu structure [RFC,v5,007/104] x86/virt/tdx: Add a helper function to return system wide info about TDX module [RFC,v5,008/104] KVM: TDX: Add a function to initialize TDX module [RFC,v5,009/104] KVM: x86: Introduce vm_type to differentiate default VMs from confidential VMs [RFC,v5,010/104] KVM: TDX: Make TDX VM type supported [RFC,v5,011/104,MARKER] The start of TDX KVM patch series: TDX architectural definitions [RFC,v5,012/104] KVM: TDX: Define TDX architectural definitions [RFC,v5,013/104] KVM: TDX: Add TDX "architectural" error codes [RFC,v5,014/104] KVM: TDX: Add a function for KVM to invoke SEAMCALL [RFC,v5,015/104] KVM: TDX: add a helper function for KVM to issue SEAMCALL [RFC,v5,016/104] KVM: TDX: Add C wrapper functions for SEAMCALLs to the TDX module [RFC,v5,017/104] KVM: TDX: Add helper functions to print TDX SEAMCALL error [RFC,v5,018/104,MARKER] The start of TDX KVM patch series: TD VM creation/destruction [RFC,v5,019/104] KVM: TDX: Stub in tdx.h with structs, accessors, and VMCS helpers [RFC,v5,020/104] KVM: TDX: allocate per-package mutex [RFC,v5,021/104] KVM: x86: Introduce hooks to free VM callback prezap and vm_free [RFC,v5,022/104] KVM: Add max_vcpus field in common 'struct kvm' [RFC,v5,023/104] x86/cpu: Add helper functions to allocate/free MKTME keyid [RFC,v5,024/104] KVM: TDX: create/destroy VM structure [RFC,v5,025/104] KVM: TDX: Add place holder for TDX VM specific mem_enc_op ioctl [RFC,v5,026/104] KVM: TDX: x86: Add vm ioctl to get TDX systemwide parameters [RFC,v5,027/104] KVM: TDX: initialize VM with TDX specific parameters [RFC,v5,028/104,MARKER] The start of TDX KVM patch series: TD vcpu creation/destruction [RFC,v5,029/104] KVM: TDX: allocate/free TDX vcpu structure [RFC,v5,030/104] KVM: TDX: Do TDX specific vcpu initialization [RFC,v5,031/104,MARKER] The start of TDX KVM patch series: KVM MMU GPA stolen bits [RFC,v5,032/104] KVM: x86/mmu: introduce config for PRIVATE KVM MMU [RFC,v5,033/104] KVM: x86: Add infrastructure for stolen GPA bits [RFC,v5,034/104,MARKER] The start of TDX KVM patch series: KVM TDP refactoring for TDX [RFC,v5,035/104] KVM: x86/mmu: Disallow dirty logging for x86 TDX [RFC,v5,036/104] KVM: x86/mmu: Explicitly check for MMIO spte in fast page fault [RFC,v5,037/104] KVM: x86/mmu: Allow non-zero init value for shadow PTE [RFC,v5,038/104] KVM: x86/mmu: Allow per-VM override of the TDP max page level [RFC,v5,039/104] KVM: x86/mmu: Disallow fast page fault on private GPA [RFC,v5,040/104] KVM: VMX: Split out guts of EPT violation to common/exposed function [RFC,v5,041/104] KVM: VMX: Move setting of EPT MMU masks to common VT-x code [RFC,v5,042/104] KVM: x86/mmu: Track shadow MMIO value/mask on a per-VM basis [RFC,v5,043/104] KVM: TDX: Add load_mmu_pgd method for TDX [RFC,v5,044/104,MARKER] The start of TDX KVM patch series: KVM TDP MMU hooks [RFC,v5,045/104] KVM: x86/tdp_mmu: make REMOVED_SPTE include shadow_initial value [RFC,v5,046/104] KVM: x86/tdp_mmu: refactor kvm_tdp_mmu_map() [RFC,v5,047/104] KVM: x86/mmu: add a private pointer to struct kvm_mmu_page [RFC,v5,048/104] KVM: x86/tdp_mmu: Support TDX private mapping for TDP MMU [RFC,v5,049/104] KVM: x86/tdp_mmu: Ignore unsupported mmu operation on private GFNs [RFC,v5,050/104,MARKER] The start of TDX KVM patch series: TDX EPT violation [RFC,v5,051/104] KVM: TDX: TDP MMU TDX support [RFC,v5,052/104,MARKER] The start of TDX KVM patch series: KVM TDP MMU MapGPA [RFC,v5,053/104] KVM: x86/mmu: steal software usable bit for EPT to represent shared page [RFC,v5,054/104] KVM: x86/tdp_mmu: Keep PRIVATE_PROHIBIT bit when zapping [RFC,v5,055/104] KVM: x86/tdp_mmu: prevent private/shared map based on PRIVATE_PROHIBIT [RFC,v5,056/104] KVM: x86/tdp_mmu: implement MapGPA hypercall for TDX [RFC,v5,057/104] KVM: x86/mmu: Introduce kvm_mmu_map_tdp_page() for use by TDX [RFC,v5,058/104] KVM: x86/mmu: Focibly use TDP MMU for TDX [RFC,v5,059/104,MARKER] The start of TDX KVM patch series: TD finalization [RFC,v5,060/104] KVM: TDX: Create initial guest memory [RFC,v5,061/104] KVM: TDX: Finalize VM initialization [RFC,v5,062/104,MARKER] The start of TDX KVM patch series: TD vcpu enter/exit [RFC,v5,063/104] KVM: TDX: Add helper assembly function to TDX vcpu [RFC,v5,064/104] KVM: TDX: Implement TDX vcpu enter/exit path [RFC,v5,065/104] KVM: TDX: vcpu_run: save/restore host state(host kernel gs) [RFC,v5,066/104] KVM: TDX: restore host xsave state when exit from the guest TD [RFC,v5,067/104] KVM: x86: Allow to update cached values in kvm_user_return_msrs w/o wrmsr [RFC,v5,068/104] KVM: TDX: restore user ret MSRs [RFC,v5,069/104,MARKER] The start of TDX KVM patch series: TD vcpu exits/interrupts/hypercalls [RFC,v5,070/104] KVM: TDX: complete interrupts after tdexit [RFC,v5,071/104] KVM: TDX: restore debug store when TD exit [RFC,v5,072/104] KVM: TDX: handle vcpu migration over logical processor [RFC,v5,073/104] KVM: TDX: track LP tdx vcpu run and teardown vcpus on descroing the guest TD [RFC,v5,074/104] KVM: x86: Add a switch_db_regs flag to handle TDX's auto-switched behavior [RFC,v5,075/104] KVM: x86: Check for pending APICv interrupt in kvm_vcpu_has_events() [RFC,v5,076/104] KVM: x86: Add option to force LAPIC expiration wait [RFC,v5,077/104] KVM: TDX: Use vcpu_to_pi_desc() uniformly in posted_intr.c [RFC,v5,078/104] KVM: TDX: Implement interrupt injection [RFC,v5,079/104] KVM: TDX: Implements vcpu request_immediate_exit [RFC,v5,080/104] KVM: TDX: Implement methods to inject NMI [RFC,v5,081/104] KVM: VMX: Modify NMI and INTR handlers to take intr_info as function argument [RFC,v5,082/104] KVM: VMX: Move NMI/exception handler to common helper [RFC,v5,083/104] KVM: x86: Split core of hypercall emulation to helper function [RFC,v5,084/104] KVM: TDX: Add a place holder to handle TDX VM exit [RFC,v5,085/104] KVM: TDX: handle EXIT_REASON_OTHER_SMI [RFC,v5,086/104] KVM: TDX: handle ept violation/misconfig exit [RFC,v5,087/104] KVM: TDX: handle EXCEPTION_NMI and EXTERNAL_INTERRUPT [RFC,v5,088/104] KVM: TDX: Add TDG.VP.VMCALL accessors to access guest vcpu registers [RFC,v5,089/104] KVM: TDX: Add a placeholder for handler of TDX hypercalls (TDG.VP.VMCALL) [RFC,v5,090/104] KVM: TDX: handle KVM hypercall with TDG.VP.VMCALL [RFC,v5,091/104] KVM: TDX: Handle TDX PV CPUID hypercall [RFC,v5,092/104] KVM: TDX: Handle TDX PV HLT hypercall [RFC,v5,093/104] KVM: TDX: Handle TDX PV port io hypercall [RFC,v5,094/104] KVM: TDX: Handle TDX PV MMIO hypercall [RFC,v5,095/104] KVM: TDX: Implement callbacks for MSR operations for TDX [RFC,v5,096/104] KVM: TDX: Handle TDX PV rdmsr hypercall [RFC,v5,097/104] KVM: TDX: Handle TDX PV wrmsr hypercall [RFC,v5,098/104] KVM: TDX: Handle TDX PV report fatal error hypercall [RFC,v5,099/104] KVM: TDX: Handle TDX PV map_gpa hypercall [RFC,v5,100/104] KVM: TDX: Silently discard SMI request [RFC,v5,101/104] KVM: TDX: Silently ignore INIT/SIPI [RFC,v5,102/104] KVM: TDX: Add methods to ignore accesses to CPU state [RFC,v5,103/104] Documentation/virtual/kvm: Document on Trust Domain Extensions(TDX) [RFC,v5,104/104] KVM: x86: design documentation on TDX support of x86 KVM TDP MMU

Message ID

047e05425ffed2b5de321dba6679cb4d1c388f4e.1646422845.git.isaku.yamahata@intel.com (mailing list archive)

State

New, archived

Headers

From: isaku.yamahata@intel.com
To: kvm@vger.kernel.org, linux-kernel@vger.kernel.org
Cc: isaku.yamahata@intel.com, isaku.yamahata@gmail.com,
        Paolo Bonzini <pbonzini@redhat.com>,
        Jim Mattson <jmattson@google.com>, erdemaktas@google.com,
        Connor Kuehl <ckuehl@redhat.com>,
        Sean Christopherson <seanjc@google.com>
Subject: [RFC PATCH v5 058/104] KVM: x86/mmu: Focibly use TDP MMU for TDX
Date: Fri,  4 Mar 2022 11:49:14 -0800
Message-Id: 
 <047e05425ffed2b5de321dba6679cb4d1c388f4e.1646422845.git.isaku.yamahata@intel.com>
In-Reply-To: <cover.1646422845.git.isaku.yamahata@intel.com>
References: <cover.1646422845.git.isaku.yamahata@intel.com>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
Precedence: bulk

Series

KVM TDX basic feature support | expand

Commit Message

Isaku Yamahata March 4, 2022, 7:49 p.m. UTC

From: Isaku Yamahata <isaku.yamahata@intel.com>

At this point, TDX supports TDP MMU and doesn't support legacy MMU.
Forcibly use TDP MMU for TDX irrelevant of kernel parameter to disable
TDP MMU.

Signed-off-by: Isaku Yamahata <isaku.yamahata@intel.com>
---
 arch/x86/kvm/mmu/tdp_mmu.c | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

Comments

Huang, Kai April 7, 2022, 1:49 a.m. UTC | #1

On Fri, 2022-03-04 at 11:49 -0800, isaku.yamahata@intel.com wrote:
> From: Isaku Yamahata <isaku.yamahata@intel.com>
> 
> At this point, TDX supports TDP MMU and doesn't support legacy MMU.
> Forcibly use TDP MMU for TDX irrelevant of kernel parameter to disable
> TDP MMU.
> 
> Signed-off-by: Isaku Yamahata <isaku.yamahata@intel.com>
> ---
>  arch/x86/kvm/mmu/tdp_mmu.c | 7 ++++++-
>  1 file changed, 6 insertions(+), 1 deletion(-)
> 
> diff --git a/arch/x86/kvm/mmu/tdp_mmu.c b/arch/x86/kvm/mmu/tdp_mmu.c
> index b33ace3d4456..9df6aa4da202 100644
> --- a/arch/x86/kvm/mmu/tdp_mmu.c
> +++ b/arch/x86/kvm/mmu/tdp_mmu.c
> @@ -16,7 +16,12 @@ module_param_named(tdp_mmu, tdp_mmu_enabled, bool, 0644);
>  /* Initializes the TDP MMU for the VM, if enabled. */
>  bool kvm_mmu_init_tdp_mmu(struct kvm *kvm)
>  {
> -	if (!tdp_enabled || !READ_ONCE(tdp_mmu_enabled))
> +	/*
> +	 *  Because TDX supports only TDP MMU, forcibly use TDP MMU in the case
> +	 *  of TDX.
> +	 */
> +	if (kvm->arch.vm_type != KVM_X86_TDX_VM &&
> +		(!tdp_enabled || !READ_ONCE(tdp_mmu_enabled)))
>  		return false;
>  
>  	/* This should not be changed for the lifetime of the VM. */

Please move this patch forward before introducing any private/shared mapping
support, otherwise nothing prevents you from creating a TD against legacy MMU,
which is broken (especially you have allowed userspace to create TD in patch 10
"KVM: TDX: Make TDX VM type supported").

diff --git a/arch/x86/kvm/mmu/tdp_mmu.c b/arch/x86/kvm/mmu/tdp_mmu.c
index b33ace3d4456..9df6aa4da202 100644
--- a/arch/x86/kvm/mmu/tdp_mmu.c
+++ b/arch/x86/kvm/mmu/tdp_mmu.c
@@ -16,7 +16,12 @@  module_param_named(tdp_mmu, tdp_mmu_enabled, bool, 0644);
 /* Initializes the TDP MMU for the VM, if enabled. */
 bool kvm_mmu_init_tdp_mmu(struct kvm *kvm)
 {
-	if (!tdp_enabled || !READ_ONCE(tdp_mmu_enabled))
+	/*
+	 *  Because TDX supports only TDP MMU, forcibly use TDP MMU in the case
+	 *  of TDX.
+	 */
+	if (kvm->arch.vm_type != KVM_X86_TDX_VM &&
+		(!tdp_enabled || !READ_ONCE(tdp_mmu_enabled)))
 		return false;
 
 	/* This should not be changed for the lifetime of the VM. */

[RFC,v5,058/104] KVM: x86/mmu: Focibly use TDP MMU for TDX

Commit Message

Comments

Patch