Re: [PATCHv5 3/4] x86/tdx: Dynamically disable SEPT violations from causing #VEs
From: Kirill A. Shutemov
Date: Wed Jul 03 2024 - 09:05:45 EST
On Wed, Jul 03, 2024 at 03:22:35PM +0300, Nikolay Borisov wrote:
>
>
> On 24.06.24 г. 14:41 ч., Kirill A. Shutemov wrote:
>
> <snip>
>
>
>
> > --- a/arch/x86/include/asm/shared/tdx.h
> > +++ b/arch/x86/include/asm/shared/tdx.h
> > @@ -19,9 +19,17 @@
> > #define TDG_VM_RD 7
> > #define TDG_VM_WR 8
> > -/* TDCS fields. To be used by TDG.VM.WR and TDG.VM.RD module calls */
> > +/* TDX TD-Scope Metadata. To be used by TDG.VM.WR and TDG.VM.RD */
> > +#define TDCS_CONFIG_FLAGS 0x1110000300000016
> > +#define TDCS_TD_CTLS 0x1110000300000017
> > #define TDCS_NOTIFY_ENABLES 0x9100000000000010
> > +/* TDCS_CONFIG_FLAGS bits */
> > +#define TDCS_CONFIG_FLEXIBLE_PENDING_VE BIT_ULL(1)
>
>
> So where is this bit documented, because in td_scope_metadata.json
> CONFIG_FLAGS' individual bits aren't documented. All other TDX docs refer to
> the ABI .json file.
>
> Landing code for undocumented bits unfortunately precludes any quality
> review on behalf of independent parties.
>
> > +
> > +/* TDCS_TD_CTLS bits */
> > +#define TD_CTLS_PENDING_VE_DISABLE BIT_ULL(0)
>
> In contrast the TD_CTLS bits are documented in the same .json file.
Yes, TDX documentation is lacking here. I hope it will be fixed in the
next version.
--
Kiryl Shutsemau / Kirill A. Shutemov