RE: [PATCH v2 5/9] x86/hyperv: Mark ACPI wakeup mailbox page as private

From: Michael Kelley
Date: Sun Sep 01 2024 - 23:35:54 EST

Next message: Michael Kelley: "RE: [PATCH v2 8/9] x86/hyperv: Set realmode_limit to 4G for VTL2 TDX guest"
Previous message: Michael Kelley: "RE: [PATCH v2 4/9] x86/hyperv: Parse the ACPI wakeup mailbox"
Next in thread: Saurabh Singh Sengar: "Re: [PATCH v2 5/9] x86/hyperv: Mark ACPI wakeup mailbox page as private"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Yunhong Jiang <yunhong.jiang@xxxxxxxxxxxxxxx> Sent: Friday, August 23, 2024 4:23 PM
>
> Current code maps MMIO devices as shared (decrypted) by default in a
> confidential computing VM. However, the wakeup mailbox must be accessed
> as private (encrypted) because it's accessed by the OS and the firmware,
> both are in the guest's context and encrypted. Set the wakeup mailbox
> range as private explicitly.
>
> Signed-off-by: Yunhong Jiang <yunhong.jiang@xxxxxxxxxxxxxxx>
> ---
> arch/x86/hyperv/hv_vtl.c | 16 ++++++++++++++++
> 1 file changed, 16 insertions(+)
>
> diff --git a/arch/x86/hyperv/hv_vtl.c b/arch/x86/hyperv/hv_vtl.c
> index 04775346369c..987a6a1200b0 100644
> --- a/arch/x86/hyperv/hv_vtl.c
> +++ b/arch/x86/hyperv/hv_vtl.c
> @@ -22,10 +22,26 @@ static bool __init hv_vtl_msi_ext_dest_id(void)
> return true;
> }
>
> +static inline bool within_page(u64 addr, u64 start)
> +{
> + return addr >= start && addr < (start + PAGE_SIZE);
> +}
> +
> +/*
> + * The ACPI wakeup mailbox are accessed by the OS and the BIOS, both are in the
> + * guest's context, instead of the hypervisor/VMM context.
> + */
> +static bool hv_is_private_mmio_tdx(u64 addr)
> +{
> + return wakeup_mailbox_addr && within_page(addr, wakeup_mailbox_addr);
> +}
> +
> void __init hv_vtl_init_platform(void)
> {
> pr_info("Linux runs in Hyper-V Virtual Trust Level\n");
>
> + if (hv_isolation_type_tdx())
> + x86_platform.hyper.is_private_mmio = hv_is_private_mmio_tdx;

hv_vtl_init_platform() is unconditionally called in
ms_hyperv_init_platform(). So in the case of a normal TDX guest
running with a paravisor on Hyper-V, the above code will overwrite
the is_private_mmio function that was set in hv_vtom_init(). Then
the mapping of the emulated IOAPIC and TPM provided by the
paravisor won't be correct.

Michael

> x86_platform.realmode_reserve = x86_init_noop;
> x86_platform.realmode_init = x86_init_noop;
> x86_init.irqs.pre_vector_init = x86_init_noop;
> --
> 2.25.1
>

Next message: Michael Kelley: "RE: [PATCH v2 8/9] x86/hyperv: Set realmode_limit to 4G for VTL2 TDX guest"
Previous message: Michael Kelley: "RE: [PATCH v2 4/9] x86/hyperv: Parse the ACPI wakeup mailbox"
Next in thread: Saurabh Singh Sengar: "Re: [PATCH v2 5/9] x86/hyperv: Mark ACPI wakeup mailbox page as private"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]