KVM: TDX: create/free TDX vcpu structure

Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

kernel os linux

Implement vcpu related stubs for TDX for create, reset and free.

For now, create only the features that do not require the TDX SEAMCALL.
The TDX specific vcpu initialization will be handled by KVM_TDX_INIT_VCPU.

Signed-off-by: Isaku Yamahata <isaku.yamahata@intel.com>
Signed-off-by: Rick Edgecombe <rick.p.edgecombe@intel.com>
---
- Use lapic_in_kernel() (Nikolay Borisov)
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>

authored by

Isaku Yamahata and committed by

Paolo Bonzini 1 year ago 9002f8cf 9934d7e5

+84 -4

3 changed files

expand all

arch

x86

kvm

vmx

main.c

tdx.c

x86_ops.h

+38 -4

arch/x86/kvm/vmx/main.c

··· 64 64 vmx_vm_destroy(kvm); 65 65 } 66 66 67 + static int vt_vcpu_precreate(struct kvm *kvm) 68 + { 69 + if (is_td(kvm)) 70 + return 0; 71 + 72 + return vmx_vcpu_precreate(kvm); 73 + } 74 + 75 + static int vt_vcpu_create(struct kvm_vcpu *vcpu) 76 + { 77 + if (is_td_vcpu(vcpu)) 78 + return tdx_vcpu_create(vcpu); 79 + 80 + return vmx_vcpu_create(vcpu); 81 + } 82 + 83 + static void vt_vcpu_free(struct kvm_vcpu *vcpu) 84 + { 85 + if (is_td_vcpu(vcpu)) { 86 + tdx_vcpu_free(vcpu); 87 + return; 88 + } 89 + 90 + vmx_vcpu_free(vcpu); 91 + } 92 + 93 + static void vt_vcpu_reset(struct kvm_vcpu *vcpu, bool init_event) 94 + { 95 + if (is_td_vcpu(vcpu)) 96 + return; 97 + 98 + vmx_vcpu_reset(vcpu, init_event); 99 + } 100 + 67 101 static int vt_mem_enc_ioctl(struct kvm *kvm, void __user *argp) 68 102 { 69 103 if (!is_td(kvm)) ··· 134 100 .vm_pre_destroy = vt_vm_pre_destroy, 135 101 .vm_destroy = vt_vm_destroy, 136 102 137 - .vcpu_precreate = vmx_vcpu_precreate, 138 - .vcpu_create = vmx_vcpu_create, 139 - .vcpu_free = vmx_vcpu_free, 140 - .vcpu_reset = vmx_vcpu_reset, 103 + .vcpu_precreate = vt_vcpu_precreate, 104 + .vcpu_create = vt_vcpu_create, 105 + .vcpu_free = vt_vcpu_free, 106 + .vcpu_reset = vt_vcpu_reset, 141 107 142 108 .prepare_switch_to_guest = vmx_prepare_switch_to_guest, 143 109 .vcpu_load = vmx_vcpu_load,

+40

arch/x86/kvm/vmx/tdx.c

··· 4 4 #include <asm/tdx.h> 5 5 #include "capabilities.h" 6 6 #include "x86_ops.h" 7 + #include "lapic.h" 7 8 #include "tdx.h" 8 9 9 10 #pragma GCC poison to_vmx ··· 405 404 kvm_tdx->state = TD_STATE_UNINITIALIZED; 406 405 407 406 return 0; 407 + } 408 + 409 + int tdx_vcpu_create(struct kvm_vcpu *vcpu) 410 + { 411 + struct kvm_tdx *kvm_tdx = to_kvm_tdx(vcpu->kvm); 412 + 413 + if (kvm_tdx->state != TD_STATE_INITIALIZED) 414 + return -EIO; 415 + 416 + /* TDX module mandates APICv, which requires an in-kernel local APIC. */ 417 + if (!lapic_in_kernel(vcpu)) 418 + return -EINVAL; 419 + 420 + fpstate_set_confidential(&vcpu->arch.guest_fpu); 421 + 422 + vcpu->arch.efer = EFER_SCE | EFER_LME | EFER_LMA | EFER_NX; 423 + 424 + vcpu->arch.cr0_guest_owned_bits = -1ul; 425 + vcpu->arch.cr4_guest_owned_bits = -1ul; 426 + 427 + /* KVM can't change TSC offset/multiplier as TDX module manages them. */ 428 + vcpu->arch.guest_tsc_protected = true; 429 + vcpu->arch.tsc_offset = kvm_tdx->tsc_offset; 430 + vcpu->arch.l1_tsc_offset = vcpu->arch.tsc_offset; 431 + vcpu->arch.tsc_scaling_ratio = kvm_tdx->tsc_multiplier; 432 + vcpu->arch.l1_tsc_scaling_ratio = kvm_tdx->tsc_multiplier; 433 + 434 + vcpu->arch.guest_state_protected = 435 + !(to_kvm_tdx(vcpu->kvm)->attributes & TDX_TD_ATTR_DEBUG); 436 + 437 + if ((kvm_tdx->xfam & XFEATURE_MASK_XTILE) == XFEATURE_MASK_XTILE) 438 + vcpu->arch.xfd_no_write_intercept = true; 439 + 440 + return 0; 441 + } 442 + 443 + void tdx_vcpu_free(struct kvm_vcpu *vcpu) 444 + { 445 + /* This is stub for now. More logic will come. */ 408 446 } 409 447 410 448 static int tdx_get_capabilities(struct kvm_tdx_cmd *cmd)

arch/x86/kvm/vmx/x86_ops.h

··· 126 126 void tdx_mmu_release_hkid(struct kvm *kvm); 127 127 void tdx_vm_destroy(struct kvm *kvm); 128 128 int tdx_vm_ioctl(struct kvm *kvm, void __user *argp); 129 + 130 + int tdx_vcpu_create(struct kvm_vcpu *vcpu); 131 + void tdx_vcpu_free(struct kvm_vcpu *vcpu); 129 132 #else 130 133 static inline int tdx_vm_init(struct kvm *kvm) { return -EOPNOTSUPP; } 131 134 static inline void tdx_mmu_release_hkid(struct kvm *kvm) {} 132 135 static inline void tdx_vm_destroy(struct kvm *kvm) {} 133 136 static inline int tdx_vm_ioctl(struct kvm *kvm, void __user *argp) { return -EOPNOTSUPP; } 137 + 138 + static inline int tdx_vcpu_create(struct kvm_vcpu *vcpu) { return -EOPNOTSUPP; } 139 + static inline void tdx_vcpu_free(struct kvm_vcpu *vcpu) {} 134 140 #endif 135 141 136 142 #endif /* __KVM_X86_VMX_X86_OPS_H */