Re: [PATCHv5 3/4] x86/tdx: Dynamically disable SEPT violations from causing #VEs

[Nikolay Borisov]

On 24.06.24 г. 14:41 ч., Kirill A. Shutemov wrote:

<snip>



> --- a/arch/x86/include/asm/shared/tdx.h
> +++ b/arch/x86/include/asm/shared/tdx.h
> @@ -19,9 +19,17 @@
>   #define TDG_VM_RD			7
>   #define TDG_VM_WR			8
>   
> -/* TDCS fields. To be used by TDG.VM.WR and TDG.VM.RD module calls */
> +/* TDX TD-Scope Metadata. To be used by TDG.VM.WR and TDG.VM.RD */
> +#define TDCS_CONFIG_FLAGS		0x1110000300000016
> +#define TDCS_TD_CTLS			0x1110000300000017
>   #define TDCS_NOTIFY_ENABLES		0x9100000000000010
>   
> +/* TDCS_CONFIG_FLAGS bits */
> +#define TDCS_CONFIG_FLEXIBLE_PENDING_VE	BIT_ULL(1)


So where is this bit documented, because in td_scope_metadata.json 
CONFIG_FLAGS' individual bits aren't documented. All other TDX docs 
refer to the ABI .json file.

Landing code for undocumented bits unfortunately precludes any quality 
review on behalf of independent parties.

> +
> +/* TDCS_TD_CTLS bits */
> +#define TD_CTLS_PENDING_VE_DISABLE	BIT_ULL(0)

In contrast the TD_CTLS bits are documented in the same .json file.

> +
>   /* TDX hypercall Leaf IDs */
>   #define TDVMCALL_MAP_GPA		0x10001
>   #define TDVMCALL_GET_QUOTE		0x10002