Re: [PATCH v10 08/11] x86/tdx: Wire up KVM hypercalls

From: Sathyanarayanan Kuppuswamy
Date: Thu Oct 14 2021 - 23:03:22 EST

Next message: Shawn Guo: "Re: [PATCH] ARM: dts: imx6dl-prtrvt: drop undocumented TRF7970A NFC properties"
Previous message: Guoqing Jiang: "Re: [PATCH v2] md: Kill usage of page->index"
In reply to: Thomas Gleixner: "Re: [PATCH v10 08/11] x86/tdx: Wire up KVM hypercalls"
Next in thread: Kuppuswamy Sathyanarayanan: "[PATCH v10 09/11] x86/tdx: Add MSR support for TDX guest"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 10/14/21 3:21 AM, Thomas Gleixner wrote:

On Fri, Oct 08 2021 at 22:37, Kuppuswamy Sathyanarayanan wrote:

From: "Kirill A. Shutemov" <kirill.shutemov@xxxxxxxxxxxxxxx>
#ifdef CONFIG_KVM_GUEST
@@ -32,6 +34,10 @@ static inline bool kvm_check_and_clear_guest_paused(void)
static inline long kvm_hypercall0(unsigned int nr)
{
long ret;
+
+ if (cc_platform_has(CC_ATTR_GUEST_TDX))
+ return tdx_kvm_hypercall(nr, 0, 0, 0, 0);

So if TDX is not enabled in Kconfig this cannot be optimized out unless
CC_PLATFORM is disabled as well. But what's worse is that every
hypercall needs to call into cc_platform_has().

None of the hypercalls is used before the early TDX detection. So we can
simply use

if (cpu_feature_enabled(X86_FEATURE_TDX_GUEST))

here, right? Then you add X86_FEATURE_TDX_GUEST to the disabled feature
bits correctly and all of the above is solved.

Hmm?

Make sense. Since this will only be used after tdx_early_init() call,
and X86_FEATURE_TDX_GUEST is also set in that call, we can just use
cpu_feature_enabled(X86_FEATURE_TDX_GUEST) as you have mentioned.

I will fix this in next version.

+#if defined(CONFIG_KVM_GUEST) && defined(CONFIG_INTEL_TDX_GUEST)
+static inline long tdx_kvm_hypercall(unsigned int nr, unsigned long p1,
+ unsigned long p2, unsigned long p3,
+ unsigned long p4)
+{
+ struct tdx_hypercall_output out;
+ u64 err;
+
+ err = __tdx_hypercall(TDX_HYPERCALL_VENDOR_KVM, nr, p1, p2,
+ p3, p4, &out);
+
+ /*
+ * Non zero return value means buggy TDX module (which is fatal).
+ * So use BUG_ON() to panic.
+ */
+ BUG_ON(err);
+
+ return out.r10;
+}

Can we make that a proper exported function (instead of
tdx_kvm_hypercall) so we don't end up with the very same code inlined
all over the place?

Initially it was an exported function. But we made it inline in tdx.h
to simplify the implementation. But if exported function is preferred,
I will fix it in next version.

Thanks,

tglx

--
Sathyanarayanan Kuppuswamy
Linux Kernel Developer

Next message: Shawn Guo: "Re: [PATCH] ARM: dts: imx6dl-prtrvt: drop undocumented TRF7970A NFC properties"
Previous message: Guoqing Jiang: "Re: [PATCH v2] md: Kill usage of page->index"
In reply to: Thomas Gleixner: "Re: [PATCH v10 08/11] x86/tdx: Wire up KVM hypercalls"
Next in thread: Kuppuswamy Sathyanarayanan: "[PATCH v10 09/11] x86/tdx: Add MSR support for TDX guest"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]