From patchwork Thu May 12 03:18:02 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Xiaoyao Li X-Patchwork-Id: 12846947 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 4239BC433EF for ; Thu, 12 May 2022 03:21:41 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1344228AbiELDVi (ORCPT ); Wed, 11 May 2022 23:21:38 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:37516 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1344758AbiELDVB (ORCPT ); Wed, 11 May 2022 23:21:01 -0400 Received: from mga03.intel.com (mga03.intel.com [134.134.136.65]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 1EFB3DF0B for ; Wed, 11 May 2022 20:20:59 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1652325659; x=1683861659; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=J8wfNdwz1HDEu6qHVMyEy9TFq8BIL0W8plK9acH8mCo=; b=E70j0pUm/KVIk1cGqy/LiOcV0SWW1i5GLXXCYBHRqWIlxybHUDkCjs6b fClqkz4ZgorkRhwiEAmb31jF+RmWCb1ViRNAgaQBQHasJ1I8uW+0Y8cGo sxGk2LGdC4/0/sx0wZg49PNmUXBb8Wl3EA8hS0Th5Tn2d/SdT5BF6YtnQ lQwtY60lXz4FtPrL6tPBENyUrzfv3QaeXf94ONnGtWKpj8MvtqV+Vydo1 yc4NX5xK6JIfVv4dVG21imgzRERxX1HTIiBokS9pDpAqkUfugQsKX+j2s EX959fXc6ZEj1OTnKTnbqnjES6p1L/bP0F8sxa33EWNNRFQv88jv2Pg2K w==; X-IronPort-AV: E=McAfee;i="6400,9594,10344"; a="269815706" X-IronPort-AV: E=Sophos;i="5.91,218,1647327600"; d="scan'208";a="269815706" Received: from orsmga008.jf.intel.com ([10.7.209.65]) by orsmga103.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 11 May 2022 20:20:58 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.91,218,1647327600"; d="scan'208";a="594456757" Received: from lxy-dell.sh.intel.com ([10.239.159.55]) by orsmga008.jf.intel.com with ESMTP; 11 May 2022 20:20:54 -0700 From: Xiaoyao Li To: Paolo Bonzini , Isaku Yamahata , isaku.yamahata@intel.com, Gerd Hoffmann , =?utf-8?q?Daniel_P_=2E_Berrang=C3=A9?= , =?utf-8?q?Phi?= =?utf-8?q?lippe_Mathieu-Daud=C3=A9?= , Richard Henderson , "Michael S . Tsirkin" , Marcel Apfelbaum , Cornelia Huck , Marcelo Tosatti , Laszlo Ersek , Eric Blake Cc: Connor Kuehl , erdemaktas@google.com, kvm@vger.kernel.org, qemu-devel@nongnu.org, seanjc@google.com, xiaoyao.li@intel.com Subject: [RFC PATCH v4 35/36] i386/tdx: Don't get/put guest state for TDX VMs Date: Thu, 12 May 2022 11:18:02 +0800 Message-Id: <20220512031803.3315890-36-xiaoyao.li@intel.com> X-Mailer: git-send-email 2.27.0 In-Reply-To: <20220512031803.3315890-1-xiaoyao.li@intel.com> References: <20220512031803.3315890-1-xiaoyao.li@intel.com> MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: kvm@vger.kernel.org From: Sean Christopherson Don't get/put state of TDX VMs since accessing/mutating guest state of production TDs is not supported. Note, it will be allowed for a debug TD. Corresponding support will be introduced when debug TD support is implemented in the future. Signed-off-by: Sean Christopherson Signed-off-by: Xiaoyao Li --- target/i386/kvm/kvm.c | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/target/i386/kvm/kvm.c b/target/i386/kvm/kvm.c index 4d520d0e34bd..3e26dacf7807 100644 --- a/target/i386/kvm/kvm.c +++ b/target/i386/kvm/kvm.c @@ -4478,6 +4478,11 @@ int kvm_arch_put_registers(CPUState *cpu, int level) assert(cpu_is_stopped(cpu) || qemu_cpu_is_self(cpu)); + /* TODO: Allow accessing guest state for debug TDs. */ + if (is_tdx_vm()) { + return 0; + } + /* must be before kvm_put_nested_state so that EFER.SVME is set */ ret = has_sregs2 ? kvm_put_sregs2(x86_cpu) : kvm_put_sregs(x86_cpu); if (ret < 0) { @@ -4572,6 +4577,12 @@ int kvm_arch_get_registers(CPUState *cs) if (ret < 0) { goto out; } + + /* TODO: Allow accessing guest state for debug TDs. */ + if (is_tdx_vm()) { + return 0; + } + ret = kvm_getput_regs(cpu, 0); if (ret < 0) { goto out;