[v5,50/65] i386/tdx: handle TDG.VP.VMCALL<MapGPA> hypercall

Message ID	20240229063726.610065-51-xiaoyao.li@intel.com (mailing list archive)
State	New, archived
Headers	show Received: from mgamail.intel.com (mgamail.intel.com [192.198.163.15]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 1F6CF45940 for <kvm@vger.kernel.org>; Thu, 29 Feb 2024 06:43:04 +0000 (UTC) From: Xiaoyao Li <xiaoyao.li@intel.com> To: Paolo Bonzini <pbonzini@redhat.com>, David Hildenbrand <david@redhat.com>, Igor Mammedov <imammedo@redhat.com>, Eduardo Habkost <eduardo@habkost.net>, Marcel Apfelbaum <marcel.apfelbaum@gmail.com>, =?utf-8?q?Philippe_Mathieu-D?= =?utf-8?q?aud=C3=A9?= <philmd@linaro.org>, Yanan Wang <wangyanan55@huawei.com>, "Michael S. Tsirkin" <mst@redhat.com>, Richard Henderson <richard.henderson@linaro.org>, Ani Sinha <anisinha@redhat.com>, Peter Xu <peterx@redhat.com>, Cornelia Huck <cohuck@redhat.com>, =?utf-8?q?Daniel_P=2E_Berrang=C3=A9?= <berrange@redhat.com>, Eric Blake <eblake@redhat.com>, Markus Armbruster <armbru@redhat.com>, Marcelo Tosatti <mtosatti@redhat.com> Cc: kvm@vger.kernel.org, qemu-devel@nongnu.org, Michael Roth <michael.roth@amd.com>, Claudio Fontana <cfontana@suse.de>, Gerd Hoffmann <kraxel@redhat.com>, Isaku Yamahata <isaku.yamahata@gmail.com>, Chenyi Qiang <chenyi.qiang@intel.com>, xiaoyao.li@intel.com Subject: [PATCH v5 50/65] i386/tdx: handle TDG.VP.VMCALL<MapGPA> hypercall Date: Thu, 29 Feb 2024 01:37:11 -0500 Message-Id: <20240229063726.610065-51-xiaoyao.li@intel.com> In-Reply-To: <20240229063726.610065-1-xiaoyao.li@intel.com> References: <20240229063726.610065-1-xiaoyao.li@intel.com> Precedence: bulk MIME-Version: 1.0 Content-Transfer-Encoding: 8bit
Series	QEMU Guest memfd + QEMU TDX support \| expand [v5,00/65] QEMU Guest memfd + QEMU TDX support [v5,01/65] linux-headers: Update to Linux v6.8-rc5 [v5,02/65] RAMBlock: Add support of KVM private guest memfd [v5,03/65] HostMem: Add mechanism to opt in kvm guest memfd via MachineState [v5,04/65] trace/kvm: Split address space and slot id in trace_kvm_set_user_memory() [v5,05/65] kvm: Enable KVM_SET_USER_MEMORY_REGION2 for memslot [v5,06/65] kvm: Introduce support for memory_attributes [v5,07/65] physmem: Introduce ram_block_discard_guest_memfd_range() [v5,08/65] kvm: handle KVM_EXIT_MEMORY_FAULT [v5,09/65] trace/kvm: Add trace for page convertion between shared and private [v5,10/65] kvm/memory: Make memory type private by default if it has guest memfd backend [v5,11/65] * HACK * linux-headers: Update headers to pull in TDX API changes [v5,12/65] i386: Introduce tdx-guest object [v5,13/65] target/i386: Implement mc->kvm_type() to get VM type [v5,14/65] i386/tdx: Implement tdx_kvm_init() to initialize TDX VM context [v5,15/65] i386/tdx: Get tdx_capabilities via KVM_TDX_CAPABILITIES [v5,16/65] i386/tdx: Introduce is_tdx_vm() helper and cache tdx_guest object [v5,17/65] i386/tdx: Adjust the supported CPUID based on TDX restrictions [v5,18/65] i386/tdx: Make Intel-PT unsupported for TD guest [v5,19/65] i386/tdx: Update tdx_cpuid_lookup[].tdx_fixed0/1 by tdx_caps.cpuid_config[] [v5,20/65] i386/tdx: Integrate tdx_caps->xfam_fixed0/1 into tdx_cpuid_lookup [v5,21/65] i386/tdx: Integrate tdx_caps->attrs_fixed0/1 to tdx_cpuid_lookup [v5,22/65] i386/kvm: Move architectural CPUID leaf generation to separate helper [v5,23/65] kvm: Introduce kvm_arch_pre_create_vcpu() [v5,24/65] i386/tdx: Initialize TDX before creating TD vcpus [v5,25/65] i386/tdx: Add property sept-ve-disable for tdx-guest object [v5,26/65] i386/tdx: Make sept_ve_disable set by default [v5,27/65] i386/tdx: Wire CPU features up with attributes of TD guest [v5,28/65] i386/tdx: Disable pmu for TD guest [v5,29/65] i386/tdx: Validate TD attributes [v5,30/65] i386/tdx: Support user configurable mrconfigid/mrowner/mrownerconfig [v5,31/65] i386/tdx: Implement user specified tsc frequency [v5,32/65] i386/tdx: Set kvm_readonly_mem_enabled to false for TDX VM [v5,33/65] kvm/tdx: Don't complain when converting vMMIO region to shared [v5,34/65] kvm/tdx: Ignore memory conversion to shared of unassigned region [v5,35/65] memory: Introduce memory_region_init_ram_guest_memfd() [v5,36/65] i386/tdx: load TDVF for TD guest [v5,37/65] i386/tdvf: Introduce function to parse TDVF metadata [v5,38/65] i386/tdx: Parse TDVF metadata for TDX VM [v5,39/65] i386/tdx: Skip BIOS shadowing setup [v5,40/65] i386/tdx: Don't initialize pc.rom for TDX VMs [v5,41/65] i386/tdx: Track mem_ptr for each firmware entry of TDVF [v5,42/65] i386/tdx: Track RAM entries for TDX VM [v5,43/65] headers: Add definitions from UEFI spec for volumes, resources, etc... [v5,44/65] i386/tdx: Setup the TD HOB list [v5,45/65] i386/tdx: Populate TDVF private memory via KVM_MEMORY_MAPPING [v5,46/65] i386/tdx: Call KVM_TDX_INIT_VCPU to initialize TDX vcpu [v5,47/65] i386/tdx: Finalize TDX VM [v5,48/65] i386/tdx: handle TDG.VP.VMCALL<SetupEventNotifyInterrupt> [v5,49/65] i386/tdx: handle TDG.VP.VMCALL<GetQuote> [v5,50/65] i386/tdx: handle TDG.VP.VMCALL<MapGPA> hypercall [v5,51/65] i386/tdx: Handle TDG.VP.VMCALL<REPORT_FATAL_ERROR> [v5,52/65] i386/tdx: Wire TDX_REPORT_FATAL_ERROR with GuestPanic facility [v5,53/65] pci-host/q35: Move PAM initialization above SMRAM initialization [v5,54/65] q35: Introduce smm_ranges property for q35-pci-host [v5,55/65] i386/tdx: Disable SMM for TDX VMs [v5,56/65] i386/tdx: Disable PIC for TDX VMs [v5,57/65] i386/tdx: Don't allow system reset for TDX VMs [v5,58/65] i386/tdx: LMCE is not supported for TDX [v5,59/65] hw/i386: add eoi_intercept_unsupported member to X86MachineState [v5,60/65] hw/i386: add option to forcibly report edge trigger in acpi tables [v5,61/65] i386/tdx: Don't synchronize guest tsc for TDs [v5,62/65] i386/tdx: Only configure MSR_IA32_UCODE_REV in kvm_init_msrs() for TDs [v5,63/65] i386/tdx: Skip kvm_put_apicbase() for TDs [v5,64/65] i386/tdx: Don't get/put guest state for TDX VMs [v5,65/65] docs: Add TDX documentation

Message ID

20240229063726.610065-51-xiaoyao.li@intel.com (mailing list archive)

State

New, archived

Headers

From: Xiaoyao Li <xiaoyao.li@intel.com>
To: Paolo Bonzini <pbonzini@redhat.com>, David Hildenbrand <david@redhat.com>,
 Igor Mammedov <imammedo@redhat.com>, Eduardo Habkost <eduardo@habkost.net>,
 Marcel Apfelbaum <marcel.apfelbaum@gmail.com>, =?utf-8?q?Philippe_Mathieu-D?=
	=?utf-8?q?aud=C3=A9?= <philmd@linaro.org>,
 Yanan Wang <wangyanan55@huawei.com>, "Michael S. Tsirkin" <mst@redhat.com>,
 Richard Henderson <richard.henderson@linaro.org>,
 Ani Sinha <anisinha@redhat.com>, Peter Xu <peterx@redhat.com>,
 Cornelia Huck <cohuck@redhat.com>,
 =?utf-8?q?Daniel_P=2E_Berrang=C3=A9?= <berrange@redhat.com>,
 Eric Blake <eblake@redhat.com>, Markus Armbruster <armbru@redhat.com>,
 Marcelo Tosatti <mtosatti@redhat.com>
Cc: kvm@vger.kernel.org,
	qemu-devel@nongnu.org,
	Michael Roth <michael.roth@amd.com>,
	Claudio Fontana <cfontana@suse.de>,
	Gerd Hoffmann <kraxel@redhat.com>,
	Isaku Yamahata <isaku.yamahata@gmail.com>,
	Chenyi Qiang <chenyi.qiang@intel.com>,
	xiaoyao.li@intel.com
Subject: [PATCH v5 50/65] i386/tdx: handle TDG.VP.VMCALL<MapGPA> hypercall
Date: Thu, 29 Feb 2024 01:37:11 -0500
Message-Id: <20240229063726.610065-51-xiaoyao.li@intel.com>
In-Reply-To: <20240229063726.610065-1-xiaoyao.li@intel.com>
References: <20240229063726.610065-1-xiaoyao.li@intel.com>
Precedence: bulk
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit

Series

QEMU Guest memfd + QEMU TDX support | expand

Commit Message

Xiaoyao Li Feb. 29, 2024, 6:37 a.m. UTC

From: Isaku Yamahata <isaku.yamahata@intel.com>

MapGPA is a hypercall to convert GPA from/to private GPA to/from shared GPA.
As the conversion function is already implemented as kvm_convert_memory,
wire it to TDX hypercall exit.

Signed-off-by: Isaku Yamahata <isaku.yamahata@intel.com>
Signed-off-by: Xiaoyao Li <xiaoyao.li@intel.com>
---
 accel/kvm/kvm-all.c   |  2 +-
 include/sysemu/kvm.h  |  2 ++
 target/i386/kvm/tdx.c | 54 +++++++++++++++++++++++++++++++++++++++++++
 target/i386/kvm/tdx.h |  1 +
 4 files changed, 58 insertions(+), 1 deletion(-)

diff --git a/accel/kvm/kvm-all.c b/accel/kvm/kvm-all.c
index 9dc17a1b5f43..2c83b6d270f7 100644
--- a/accel/kvm/kvm-all.c
+++ b/accel/kvm/kvm-all.c
@@ -2930,7 +2930,7 @@  static void kvm_eat_signals(CPUState *cpu)
     } while (sigismember(&chkset, SIG_IPI));
 }
 
-static int kvm_convert_memory(hwaddr start, hwaddr size, bool to_private)
+int kvm_convert_memory(hwaddr start, hwaddr size, bool to_private)
 {
     MemoryRegionSection section;
     ram_addr_t offset;
diff --git a/include/sysemu/kvm.h b/include/sysemu/kvm.h
index 82b547848130..78fcf1c3a617 100644
--- a/include/sysemu/kvm.h
+++ b/include/sysemu/kvm.h
@@ -550,4 +550,6 @@  int kvm_create_guest_memfd(uint64_t size, uint64_t flags, Error **errp);
 
 int kvm_set_memory_attributes_private(hwaddr start, hwaddr size);
 int kvm_set_memory_attributes_shared(hwaddr start, hwaddr size);
+
+int kvm_convert_memory(hwaddr start, hwaddr size, bool to_private);
 #endif
diff --git a/target/i386/kvm/tdx.c b/target/i386/kvm/tdx.c
index 7dfda507cc8c..88d245577594 100644
--- a/target/i386/kvm/tdx.c
+++ b/target/i386/kvm/tdx.c
@@ -898,6 +898,58 @@  static hwaddr tdx_shared_bit(X86CPU *cpu)
     return (cpu->phys_bits > 48) ? BIT_ULL(51) : BIT_ULL(47);
 }
 
+/* 64MB at most in one call. What value is appropriate? */
+#define TDX_MAP_GPA_MAX_LEN     (64 * 1024 * 1024)
+
+static int tdx_handle_map_gpa(X86CPU *cpu, struct kvm_tdx_vmcall *vmcall)
+{
+    hwaddr shared_bit = tdx_shared_bit(cpu);
+    hwaddr gpa = vmcall->in_r12 & ~shared_bit;
+    bool private = !(vmcall->in_r12 & shared_bit);
+    hwaddr size = vmcall->in_r13;
+    bool retry = false;
+    int ret = 0;
+
+    vmcall->status_code = TDG_VP_VMCALL_INVALID_OPERAND;
+
+    if (!QEMU_IS_ALIGNED(gpa, 4096) || !QEMU_IS_ALIGNED(size, 4096)) {
+        vmcall->status_code = TDG_VP_VMCALL_ALIGN_ERROR;
+        return 0;
+    }
+
+    /* Overflow case. */
+    if (gpa + size < gpa) {
+        return 0;
+    }
+    if (gpa >= (1ULL << cpu->phys_bits) ||
+        gpa + size >= (1ULL << cpu->phys_bits)) {
+        return 0;
+    }
+
+    if (size > TDX_MAP_GPA_MAX_LEN) {
+        retry = true;
+        size = TDX_MAP_GPA_MAX_LEN;
+    }
+
+    if (size > 0) {
+        ret = kvm_convert_memory(gpa, size, private);
+    }
+
+    if (!ret) {
+        if (retry) {
+            vmcall->status_code = TDG_VP_VMCALL_RETRY;
+            vmcall->out_r11 = gpa + size;
+            if (!private) {
+                vmcall->out_r11 |= shared_bit;
+            }
+        } else {
+            vmcall->status_code = TDG_VP_VMCALL_SUCCESS;
+        }
+    }
+
+    return 0;
+}
+
 static void tdx_get_quote_completion(struct tdx_generate_quote_task *task)
 {
     int ret;
@@ -1070,6 +1122,8 @@  static int tdx_handle_vmcall(X86CPU *cpu, struct kvm_tdx_vmcall *vmcall)
     }
 
     switch (vmcall->subfunction) {
+    case TDG_VP_VMCALL_MAP_GPA:
+        return tdx_handle_map_gpa(cpu, vmcall);
     case TDG_VP_VMCALL_GET_QUOTE:
         return tdx_handle_get_quote(cpu, vmcall);
     case TDG_VP_VMCALL_SETUP_EVENT_NOTIFY_INTERRUPT:
diff --git a/target/i386/kvm/tdx.h b/target/i386/kvm/tdx.h
index b7ce793d6037..b6b8742e79f7 100644
--- a/target/i386/kvm/tdx.h
+++ b/target/i386/kvm/tdx.h
@@ -18,6 +18,7 @@  typedef struct TdxGuestClass {
     ConfidentialGuestSupportClass parent_class;
 } TdxGuestClass;
 
+#define TDG_VP_VMCALL_MAP_GPA                           0x10001ULL
 #define TDG_VP_VMCALL_GET_QUOTE                         0x10002ULL
 #define TDG_VP_VMCALL_SETUP_EVENT_NOTIFY_INTERRUPT      0x10004ULL

[v5,50/65] i386/tdx: handle TDG.VP.VMCALL<MapGPA> hypercall

Commit Message

Patch