[PATCH v1 0/4] x86/tdx: Allow MMIO instructions from userspace

From: Alexey Gladkov (Intel)
Date: Tue Jul 30 2024 - 13:36:22 EST


Currently, MMIO inside the TDX guest is allowed from kernel space and access
from userspace is denied. This becomes a problem when working with virtual
devices in userspace.

In TDX guest MMIO instructions are emulated in #VE. The kernel code uses special
helpers to access MMIO memory to limit the number of instructions which are
used.

This patchset makes MMIO accessible from userspace. To do this additional checks
were added to ensure that the emulated instruction will not be compromised.


Alexey Gladkov (Intel) (4):
x86/tdx: Split MMIO read and write operations
x86/tdx: Add validation of userspace MMIO instructions
x86/tdx: Allow MMIO from userspace
x86/tdx: Implement movs for MMIO

arch/x86/coco/sev/core.c | 133 ++---------------
arch/x86/coco/tdx/tdx.c | 295 +++++++++++++++++++++++++++++++-------
arch/x86/include/asm/io.h | 3 +
arch/x86/lib/iomem.c | 132 +++++++++++++++++
4 files changed, 390 insertions(+), 173 deletions(-)

--
2.45.2