[v8,095/103] KVM: TDX: Handle TDX PV rdmsr/wrmsr hypercall

Message ID	ce183d47a93012c46472b32077e80dc8b56c88ed.1659854791.git.isaku.yamahata@intel.com (mailing list archive)
State	New, archived
Headers	show Return-Path: <kvm-owner@kernel.org> From: isaku.yamahata@intel.com To: kvm@vger.kernel.org, linux-kernel@vger.kernel.org Cc: isaku.yamahata@intel.com, isaku.yamahata@gmail.com, Paolo Bonzini <pbonzini@redhat.com>, erdemaktas@google.com, Sean Christopherson <seanjc@google.com>, Sagi Shahar <sagis@google.com> Subject: [PATCH v8 095/103] KVM: TDX: Handle TDX PV rdmsr/wrmsr hypercall Date: Sun, 7 Aug 2022 15:02:20 -0700 Message-Id: <ce183d47a93012c46472b32077e80dc8b56c88ed.1659854791.git.isaku.yamahata@intel.com> In-Reply-To: <cover.1659854790.git.isaku.yamahata@intel.com> References: <cover.1659854790.git.isaku.yamahata@intel.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Precedence: bulk
Series	KVM TDX basic feature support \| expand [v8,000/103] KVM TDX basic feature support [v8,001/103] KVM: x86: Move check_processor_compatibility from init ops to runtime ops [v8,002/103] Partially revert "KVM: Pass kvm_init()'s opaque param to additional arch funcs" [v8,003/103] KVM: Refactor CPU compatibility check on module initialization [v8,004/103] KVM: VMX: Move out vmx_x86_ops to 'main.c' to wrap VMX and TDX [v8,005/103] KVM: x86: Refactor KVM VMX module init/exit functions [v8,006/103] KVM: Enable hardware before doing arch VM initialization [v8,007/103] KVM: TDX: Add placeholders for TDX VM/vcpu structure [v8,008/103] x86/virt/tdx: Add a helper function to return system wide info about TDX module [v8,009/103] KVM: TDX: Initialize the TDX module when loading the KVM intel kernel module [v8,010/103] KVM: x86: Introduce vm_type to differentiate default VMs from confidential VMs [v8,011/103] KVM: TDX: Make TDX VM type supported [v8,012/103,MARKER] The start of TDX KVM patch series: TDX architectural definitions [v8,013/103] KVM: TDX: Define TDX architectural definitions [v8,014/103] KVM: TDX: Add TDX "architectural" error codes [v8,015/103] KVM: TDX: Add C wrapper functions for SEAMCALLs to the TDX module [v8,016/103] KVM: TDX: Add helper functions to print TDX SEAMCALL error [v8,017/103,MARKER] The start of TDX KVM patch series: TD VM creation/destruction [v8,018/103] KVM: TDX: Stub in tdx.h with structs, accessors, and VMCS helpers [v8,019/103] x86/cpu: Add helper functions to allocate/free TDX private host key id [v8,020/103] KVM: TDX: create/destroy VM structure [v8,021/103] KVM: TDX: x86: Add ioctl to get TDX systemwide parameters [v8,022/103] KVM: TDX: Add place holder for TDX VM specific mem_enc_op ioctl [v8,023/103] KVM: TDX: initialize VM with TDX specific parameters [v8,024/103] KVM: TDX: Make pmu_intel.c ignore guest TD case [v8,025/103,MARKER] The start of TDX KVM patch series: TD vcpu creation/destruction [v8,026/103] KVM: TDX: allocate/free TDX vcpu structure [v8,027/103] KVM: TDX: Do TDX specific vcpu initialization [v8,028/103,MARKER] The start of TDX KVM patch series: KVM MMU GPA shared bits [v8,029/103] KVM: x86/mmu: introduce config for PRIVATE KVM MMU [v8,030/103] KVM: x86/mmu: Add address conversion functions for TDX shared bit of GPA [v8,031/103,MARKER] The start of TDX KVM patch series: KVM TDP refactoring for TDX [v8,032/103] KVM: x86/mmu: Allow non-zero value for non-present SPTE [v8,033/103] KVM: x86/mmu: Track shadow MMIO value/mask on a per-VM basis [v8,034/103] KVM: x86/mmu: Disallow fast page fault on private GPA [v8,035/103] KVM: x86/mmu: Allow per-VM override of the TDP max page level [v8,036/103] KVM: VMX: Introduce test mode related to EPT violation VE [v8,037/103,MARKER] The start of TDX KVM patch series: KVM TDP MMU hooks [v8,038/103] KVM: x86/tdp_mmu: refactor kvm_tdp_mmu_map() [v8,039/103] KVM: x86/tdp_mmu: Init role member of struct kvm_mmu_page at allocation [v8,040/103] KVM: x86/mmu: Require TDP MMU for TDX [v8,041/103] KVM: x86/mmu: Add a new is_private member for union kvm_mmu_page_role [v8,042/103] KVM: x86/mmu: Add a private pointer to struct kvm_mmu_page [v8,043/103] KVM: x86/tdp_mmu: Don't zap private pages for unsupported cases [v8,044/103] KVM: x86/tdp_mmu: Support TDX private mapping for TDP MMU [v8,045/103,MARKER] The start of TDX KVM patch series: TDX EPT violation [v8,046/103] KVM: x86/mmu: Disallow dirty logging for x86 TDX [v8,047/103] KVM: x86/tdp_mmu: Ignore unsupported mmu operation on private GFNs [v8,048/103] KVM: VMX: Split out guts of EPT violation to common/exposed function [v8,049/103] KVM: VMX: Move setting of EPT MMU masks to common VT-x code [v8,050/103] KVM: TDX: Add load_mmu_pgd method for TDX [v8,051/103] KVM: TDX: don't request KVM_REQ_APIC_PAGE_RELOAD [v8,052/103] KVM: x86/VMX: introduce vmx tlb_remote_flush and tlb_remote_flush_with_range [v8,053/103] KVM: TDX: TDP MMU TDX support [v8,054/103,MARKER] The start of TDX KVM patch series: KVM TDP MMU MapGPA [v8,055/103] KVM: Add functions to track whether GFN is private or shared [v8,056/103] KVM: x86/mmu: Let vcpu re-try when faulting page type conflict [v8,057/103] KVM: x86/mmu: Introduce kvm_mmu_map_tdp_page() for use by TDX [v8,058/103] KVM: x86/tdp_mmu: implement MapGPA hypercall for TDX [v8,059/103,MARKER] The start of TDX KVM patch series: TD finalization [v8,060/103] KVM: TDX: Create initial guest memory [v8,061/103] KVM: TDX: Finalize VM initialization [v8,062/103,MARKER] The start of TDX KVM patch series: TD vcpu enter/exit [v8,063/103] KVM: TDX: Add helper assembly function to TDX vcpu [v8,064/103] KVM: TDX: Implement TDX vcpu enter/exit path [v8,065/103] KVM: TDX: vcpu_run: save/restore host state(host kernel gs) [v8,066/103] KVM: TDX: restore host xsave state when exit from the guest TD [v8,067/103] KVM: x86: Allow to update cached values in kvm_user_return_msrs w/o wrmsr [v8,068/103] KVM: TDX: restore user ret MSRs [v8,069/103,MARKER] The start of TDX KVM patch series: TD vcpu exits/interrupts/hypercalls [v8,070/103] KVM: TDX: complete interrupts after tdexit [v8,071/103] KVM: TDX: restore debug store when TD exit [v8,072/103] KVM: TDX: handle vcpu migration over logical processor [v8,073/103] KVM: x86: Add a switch_db_regs flag to handle TDX's auto-switched behavior [v8,074/103] KVM: TDX: Add support for find pending IRQ in a protected local APIC [v8,075/103] KVM: x86: Assume timer IRQ was injected if APIC state is proteced [v8,076/103] KVM: TDX: remove use of struct vcpu_vmx from posted_interrupt.c [v8,077/103] KVM: TDX: Implement interrupt injection [v8,078/103] KVM: TDX: Implements vcpu request_immediate_exit [v8,079/103] KVM: TDX: Implement methods to inject NMI [v8,080/103] KVM: VMX: Modify NMI and INTR handlers to take intr_info as function argument [v8,081/103] KVM: VMX: Move NMI/exception handler to common helper [v8,082/103] KVM: x86: Split core of hypercall emulation to helper function [v8,083/103] KVM: TDX: Add a place holder to handle TDX VM exit [v8,084/103] KVM: TDX: Retry seamcall when TDX_OPERAND_BUSY with operand SEPT [v8,085/103] KVM: TDX: handle EXIT_REASON_OTHER_SMI [v8,086/103] KVM: TDX: handle ept violation/misconfig exit [v8,087/103] KVM: TDX: handle EXCEPTION_NMI and EXTERNAL_INTERRUPT [v8,088/103] KVM: TDX: Add a place holder for handler of TDX hypercalls (TDG.VP.VMCALL) [v8,089/103] KVM: TDX: handle KVM hypercall with TDG.VP.VMCALL [v8,090/103] KVM: TDX: Handle TDX PV CPUID hypercall [v8,091/103] KVM: TDX: Handle TDX PV HLT hypercall [v8,092/103] KVM: TDX: Handle TDX PV port io hypercall [v8,093/103] KVM: TDX: Handle TDX PV MMIO hypercall [v8,094/103] KVM: TDX: Implement callbacks for MSR operations for TDX [v8,095/103] KVM: TDX: Handle TDX PV rdmsr/wrmsr hypercall [v8,096/103] KVM: TDX: Handle TDX PV report fatal error hypercall [v8,097/103] KVM: TDX: Handle TDX PV map_gpa hypercall [v8,098/103] KVM: TDX: Handle TDG.VP.VMCALL<GetTdVmCallInfo> hypercall [v8,099/103] KVM: TDX: Silently discard SMI request [v8,100/103] KVM: TDX: Silently ignore INIT/SIPI [v8,101/103] KVM: TDX: Add methods to ignore accesses to CPU state [v8,102/103] Documentation/virt/kvm: Document on Trust Domain Extensions(TDX) [v8,103/103] KVM: x86: design documentation on TDX support of x86 KVM TDP MMU

Message ID

ce183d47a93012c46472b32077e80dc8b56c88ed.1659854791.git.isaku.yamahata@intel.com (mailing list archive)

State

New, archived

Headers

From: isaku.yamahata@intel.com
To: kvm@vger.kernel.org, linux-kernel@vger.kernel.org
Cc: isaku.yamahata@intel.com, isaku.yamahata@gmail.com,
        Paolo Bonzini <pbonzini@redhat.com>, erdemaktas@google.com,
        Sean Christopherson <seanjc@google.com>,
        Sagi Shahar <sagis@google.com>
Subject: [PATCH v8 095/103] KVM: TDX: Handle TDX PV rdmsr/wrmsr hypercall
Date: Sun,  7 Aug 2022 15:02:20 -0700
Message-Id: 
 <ce183d47a93012c46472b32077e80dc8b56c88ed.1659854791.git.isaku.yamahata@intel.com>
In-Reply-To: <cover.1659854790.git.isaku.yamahata@intel.com>
References: <cover.1659854790.git.isaku.yamahata@intel.com>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
Precedence: bulk

Series

KVM TDX basic feature support | expand

Commit Message

Isaku Yamahata Aug. 7, 2022, 10:02 p.m. UTC

From: Isaku Yamahata <isaku.yamahata@intel.com>

Wire up TDX PV rdmsr/wrmsr hypercall to the KVM backend function.

Signed-off-by: Isaku Yamahata <isaku.yamahata@intel.com>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
---
 arch/x86/kvm/vmx/tdx.c | 39 +++++++++++++++++++++++++++++++++++++++
 1 file changed, 39 insertions(+)

Comments

Sagi Shahar Aug. 17, 2022, 10:40 p.m. UTC | #1

On Sun, Aug 7, 2022 at 3:03 PM <isaku.yamahata@intel.com> wrote:
>
> From: Isaku Yamahata <isaku.yamahata@intel.com>
>
> Wire up TDX PV rdmsr/wrmsr hypercall to the KVM backend function.
>
> Signed-off-by: Isaku Yamahata <isaku.yamahata@intel.com>
> Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
> ---
>  arch/x86/kvm/vmx/tdx.c | 39 +++++++++++++++++++++++++++++++++++++++
>  1 file changed, 39 insertions(+)
>
> diff --git a/arch/x86/kvm/vmx/tdx.c b/arch/x86/kvm/vmx/tdx.c
> index 341c29385544..fdd0609bd01b 100644
> --- a/arch/x86/kvm/vmx/tdx.c
> +++ b/arch/x86/kvm/vmx/tdx.c
> @@ -1157,6 +1157,41 @@ static int tdx_emulate_mmio(struct kvm_vcpu *vcpu)
>         return 1;
>  }
>
> +static int tdx_emulate_rdmsr(struct kvm_vcpu *vcpu)
> +{
> +       u32 index = tdvmcall_a0_read(vcpu);
> +       u64 data;
> +
> +       if (!kvm_msr_allowed(vcpu, index, KVM_MSR_FILTER_READ) ||
> +           kvm_get_msr(vcpu, index, &data)) {
> +               trace_kvm_msr_read_ex(index);
> +               tdvmcall_set_return_code(vcpu, TDG_VP_VMCALL_INVALID_OPERAND);
> +               return 1;
> +       }
> +       trace_kvm_msr_read(index, data);
> +
> +       tdvmcall_set_return_code(vcpu, TDG_VP_VMCALL_SUCCESS);
> +       tdvmcall_set_return_val(vcpu, data);
> +       return 1;
> +}
> +
> +static int tdx_emulate_wrmsr(struct kvm_vcpu *vcpu)
> +{
> +       u32 index = tdvmcall_a0_read(vcpu);
> +       u64 data = tdvmcall_a1_read(vcpu);
> +
> +       if (!kvm_msr_allowed(vcpu, index, KVM_MSR_FILTER_READ) ||
                                                                   ^
This should be KVM_MSR_FILTER_WRITE

> +           kvm_set_msr(vcpu, index, data)) {
> +               trace_kvm_msr_write_ex(index, data);
> +               tdvmcall_set_return_code(vcpu, TDG_VP_VMCALL_INVALID_OPERAND);
> +               return 1;
> +       }
> +
> +       trace_kvm_msr_write(index, data);
> +       tdvmcall_set_return_code(vcpu, TDG_VP_VMCALL_SUCCESS);
> +       return 1;
> +}
> +
>  static int handle_tdvmcall(struct kvm_vcpu *vcpu)
>  {
>         if (tdvmcall_exit_type(vcpu))
> @@ -1171,6 +1206,10 @@ static int handle_tdvmcall(struct kvm_vcpu *vcpu)
>                 return tdx_emulate_io(vcpu);
>         case EXIT_REASON_EPT_VIOLATION:
>                 return tdx_emulate_mmio(vcpu);
> +       case EXIT_REASON_MSR_READ:
> +               return tdx_emulate_rdmsr(vcpu);
> +       case EXIT_REASON_MSR_WRITE:
> +               return tdx_emulate_wrmsr(vcpu);
>         default:
>                 break;
>         }
> --
> 2.25.1
>

Isaku Yamahata Aug. 26, 2022, 6:46 a.m. UTC | #2

On Wed, Aug 17, 2022 at 03:40:24PM -0700,
Sagi Shahar <sagis@google.com> wrote:

> On Sun, Aug 7, 2022 at 3:03 PM <isaku.yamahata@intel.com> wrote:
> > +static int tdx_emulate_wrmsr(struct kvm_vcpu *vcpu)
> > +{
> > +       u32 index = tdvmcall_a0_read(vcpu);
> > +       u64 data = tdvmcall_a1_read(vcpu);
> > +
> > +       if (!kvm_msr_allowed(vcpu, index, KVM_MSR_FILTER_READ) ||
>                                                                    ^
> This should be KVM_MSR_FILTER_WRITE

Oops. Thanks. I'll fix it.

diff --git a/arch/x86/kvm/vmx/tdx.c b/arch/x86/kvm/vmx/tdx.c
index 341c29385544..fdd0609bd01b 100644
--- a/arch/x86/kvm/vmx/tdx.c
+++ b/arch/x86/kvm/vmx/tdx.c
@@ -1157,6 +1157,41 @@  static int tdx_emulate_mmio(struct kvm_vcpu *vcpu)
 	return 1;
 }
 
+static int tdx_emulate_rdmsr(struct kvm_vcpu *vcpu)
+{
+	u32 index = tdvmcall_a0_read(vcpu);
+	u64 data;
+
+	if (!kvm_msr_allowed(vcpu, index, KVM_MSR_FILTER_READ) ||
+	    kvm_get_msr(vcpu, index, &data)) {
+		trace_kvm_msr_read_ex(index);
+		tdvmcall_set_return_code(vcpu, TDG_VP_VMCALL_INVALID_OPERAND);
+		return 1;
+	}
+	trace_kvm_msr_read(index, data);
+
+	tdvmcall_set_return_code(vcpu, TDG_VP_VMCALL_SUCCESS);
+	tdvmcall_set_return_val(vcpu, data);
+	return 1;
+}
+
+static int tdx_emulate_wrmsr(struct kvm_vcpu *vcpu)
+{
+	u32 index = tdvmcall_a0_read(vcpu);
+	u64 data = tdvmcall_a1_read(vcpu);
+
+	if (!kvm_msr_allowed(vcpu, index, KVM_MSR_FILTER_READ) ||
+	    kvm_set_msr(vcpu, index, data)) {
+		trace_kvm_msr_write_ex(index, data);
+		tdvmcall_set_return_code(vcpu, TDG_VP_VMCALL_INVALID_OPERAND);
+		return 1;
+	}
+
+	trace_kvm_msr_write(index, data);
+	tdvmcall_set_return_code(vcpu, TDG_VP_VMCALL_SUCCESS);
+	return 1;
+}
+
 static int handle_tdvmcall(struct kvm_vcpu *vcpu)
 {
 	if (tdvmcall_exit_type(vcpu))
@@ -1171,6 +1206,10 @@  static int handle_tdvmcall(struct kvm_vcpu *vcpu)
 		return tdx_emulate_io(vcpu);
 	case EXIT_REASON_EPT_VIOLATION:
 		return tdx_emulate_mmio(vcpu);
+	case EXIT_REASON_MSR_READ:
+		return tdx_emulate_rdmsr(vcpu);
+	case EXIT_REASON_MSR_WRITE:
+		return tdx_emulate_wrmsr(vcpu);
 	default:
 		break;
 	}

[v8,095/103] KVM: TDX: Handle TDX PV rdmsr/wrmsr hypercall

Commit Message

Comments

Patch