Re: [PATCH v2 3/8] KVM: TDX: Add a place holder for handler of TDX hypercalls (TDG.VP.VMCALL)

From: Binbin Wu
Date: Tue Feb 11 2025 - 04:08:26 EST

Next message: Tomi Valkeinen: "Re: [PATCH v9 00/13]drm/bridge: cdns-dsi: Fix the color-shift issue"
Previous message: kernel test robot: "Re: [PATCH] arm64: scripts/sorttable: Implement sorting mcount_loc at boot for arm64"
In reply to: Chao Gao: "Re: [PATCH v2 3/8] KVM: TDX: Add a place holder for handler of TDX hypercalls (TDG.VP.VMCALL)"
Next in thread: Sean Christopherson: "Re: [PATCH v2 3/8] KVM: TDX: Add a place holder for handler of TDX hypercalls (TDG.VP.VMCALL)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 2/11/2025 4:41 PM, Chao Gao wrote:

+static __always_inline unsigned long tdvmcall_exit_type(struct kvm_vcpu *vcpu)
+{
+ return to_tdx(vcpu)->vp_enter_args.r10;
+}

please add a newline here.

+static __always_inline unsigned long tdvmcall_leaf(struct kvm_vcpu *vcpu)
+{
+ return to_tdx(vcpu)->vp_enter_args.r11;
+}

..

+static __always_inline void tdvmcall_set_return_code(struct kvm_vcpu *vcpu,
+ long val)
+{
+ to_tdx(vcpu)->vp_enter_args.r10 = val;
+}

ditto.

+static __always_inline void tdvmcall_set_return_val(struct kvm_vcpu *vcpu,
+ unsigned long val)
+{
+ to_tdx(vcpu)->vp_enter_args.r11 = val;
+}
+
static inline void tdx_hkid_free(struct kvm_tdx *kvm_tdx)
{
tdx_guest_keyid_free(kvm_tdx->hkid);
@@ -810,6 +829,7 @@ static bool tdx_guest_state_is_invalid(struct kvm_vcpu *vcpu)
static __always_inline u32 tdx_to_vmx_exit_reason(struct kvm_vcpu *vcpu)
{
struct vcpu_tdx *tdx = to_tdx(vcpu);
+ u32 exit_reason;

switch (tdx->vp_enter_ret & TDX_SEAMCALL_STATUS_MASK) {
case TDX_SUCCESS:
@@ -822,7 +842,21 @@ static __always_inline u32 tdx_to_vmx_exit_reason(struct kvm_vcpu *vcpu)
return -1u;
}

- return tdx->vp_enter_ret;
+ exit_reason = tdx->vp_enter_ret;
+
+ switch (exit_reason) {
+ case EXIT_REASON_TDCALL:
+ if (tdvmcall_exit_type(vcpu))
+ return EXIT_REASON_VMCALL;
+
+ if (tdvmcall_leaf(vcpu) < 0x10000)

Can you add a comment for the hard-coded 0x10000?

I am wondering what would happen if the guest tries to make a tdvmcall with
leaf=0 or leaf=1 to mislead KVM into calling the NMI/interrupt handling
routine. Would it trigger the unknown NMI warning or effectively inject an
interrupt into the host?

Oh, yes, it's possible.

I think we should do the conversion for leafs that are defined in the current
GHCI spec.

Yes, it should be limited to the supported leaves defined in the GHCI.
Thanks for pointing it out!

+ return tdvmcall_leaf(vcpu);
+ break;
+ default:
+ break;
+ }
+
+ return exit_reason;
}

Next message: Tomi Valkeinen: "Re: [PATCH v9 00/13]drm/bridge: cdns-dsi: Fix the color-shift issue"
Previous message: kernel test robot: "Re: [PATCH] arm64: scripts/sorttable: Implement sorting mcount_loc at boot for arm64"
In reply to: Chao Gao: "Re: [PATCH v2 3/8] KVM: TDX: Add a place holder for handler of TDX hypercalls (TDG.VP.VMCALL)"
Next in thread: Sean Christopherson: "Re: [PATCH v2 3/8] KVM: TDX: Add a place holder for handler of TDX hypercalls (TDG.VP.VMCALL)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]