x86/hyperv: Use TDX GHCI to access some MSRs in a TDX VM with the paravisor

author Dexuan Cui <decui@microsoft.com>

Thu, 24 Aug 2023 08:07:10 +0000 (01:07 -0700)

committer Wei Liu <wei.liu@kernel.org>

Fri, 25 Aug 2023 00:04:57 +0000 (00:04 +0000)
author Dexuan Cui <decui@microsoft.com>
Thu, 24 Aug 2023 08:07:10 +0000 (01:07 -0700)
committer Wei Liu <wei.liu@kernel.org>
Fri, 25 Aug 2023 00:04:57 +0000 (00:04 +0000)
diff --git a/arch/x86/hyperv/hv_init.c b/arch/x86/hyperv/hv_init.c

index 3729eee21e471f06f78bb43fdb0025f8cca384a9..c4cffa3b1c3cc9704df341c60d8ebef5cf1b0dd6 100644 (file)
--- a/arch/x86/hyperv/hv_init.c
+++ b/arch/x86/hyperv/hv_init.c
@@ -500,8 +500,8 @@ void __init hyperv_init(void)
         guest_id = hv_generate_guest_id(LINUX_VERSION_CODE);
         wrmsrl(HV_X64_MSR_GUEST_OS_ID, guest_id);
  
-       /* Hyper-V requires to write guest os id via ghcb in SNP IVM. */
-       hv_ghcb_msr_write(HV_X64_MSR_GUEST_OS_ID, guest_id);
+       /* With the paravisor, the VM must also write the ID via GHCB/GHCI */
+       hv_ivm_msr_write(HV_X64_MSR_GUEST_OS_ID, guest_id);
  
         /* A TDX VM with no paravisor only uses TDX GHCI rather than hv_hypercall_pg */
         if (hv_isolation_type_tdx() && !ms_hyperv.paravisor_present)
@@ -590,7 +590,7 @@ skip_hypercall_pg_init:
  
  clean_guest_os_id:
         wrmsrl(HV_X64_MSR_GUEST_OS_ID, 0);
-       hv_ghcb_msr_write(HV_X64_MSR_GUEST_OS_ID, 0);
+       hv_ivm_msr_write(HV_X64_MSR_GUEST_OS_ID, 0);
         cpuhp_remove_state(cpuhp);
  free_ghcb_page:
         free_percpu(hv_ghcb_pg);
@@ -611,7 +611,7 @@ void hyperv_cleanup(void)
  
         /* Reset our OS id */
         wrmsrl(HV_X64_MSR_GUEST_OS_ID, 0);
-       hv_ghcb_msr_write(HV_X64_MSR_GUEST_OS_ID, 0);
+       hv_ivm_msr_write(HV_X64_MSR_GUEST_OS_ID, 0);
  
         /*
          * Reset hypercall page reference before reset the page,
diff --git a/arch/x86/hyperv/ivm.c b/arch/x86/hyperv/ivm.c

index 7bd0359d5e384a192119fedc6ef99cd13a126699..fbc07493fcb43433ccb26907eff620491881b131 100644 (file)
--- a/arch/x86/hyperv/ivm.c
+++ b/arch/x86/hyperv/ivm.c
@@ -24,6 +24,7 @@
  #include <asm/realmode.h>
  #include <asm/e820/api.h>
  #include <asm/desc.h>
+#include <uapi/asm/vmx.h>
  
  #ifdef CONFIG_AMD_MEM_ENCRYPT
  
@@ -186,7 +187,7 @@ bool hv_ghcb_negotiate_protocol(void)
         return true;
  }
  
-void hv_ghcb_msr_write(u64 msr, u64 value)
+static void hv_ghcb_msr_write(u64 msr, u64 value)
  {
         union hv_ghcb *hv_ghcb;
         void **ghcb_base;
@@ -214,9 +215,8 @@ void hv_ghcb_msr_write(u64 msr, u64 value)
  
         local_irq_restore(flags);
  }
-EXPORT_SYMBOL_GPL(hv_ghcb_msr_write);
  
-void hv_ghcb_msr_read(u64 msr, u64 *value)
+static void hv_ghcb_msr_read(u64 msr, u64 *value)
  {
         union hv_ghcb *hv_ghcb;
         void **ghcb_base;
@@ -246,10 +246,71 @@ void hv_ghcb_msr_read(u64 msr, u64 *value)
                         | ((u64)lower_32_bits(hv_ghcb->ghcb.save.rdx) << 32);
         local_irq_restore(flags);
  }
-EXPORT_SYMBOL_GPL(hv_ghcb_msr_read);
  
+#else
+static inline void hv_ghcb_msr_write(u64 msr, u64 value) {}
+static inline void hv_ghcb_msr_read(u64 msr, u64 *value) {}
  #endif /* CONFIG_AMD_MEM_ENCRYPT */
  
+#ifdef CONFIG_INTEL_TDX_GUEST
+static void hv_tdx_msr_write(u64 msr, u64 val)
+{
+       struct tdx_hypercall_args args = {
+               .r10 = TDX_HYPERCALL_STANDARD,
+               .r11 = EXIT_REASON_MSR_WRITE,
+               .r12 = msr,
+               .r13 = val,
+       };
+
+       u64 ret = __tdx_hypercall(&args);
+
+       WARN_ONCE(ret, "Failed to emulate MSR write: %lld\n", ret);
+}
+
+static void hv_tdx_msr_read(u64 msr, u64 *val)
+{
+       struct tdx_hypercall_args args = {
+               .r10 = TDX_HYPERCALL_STANDARD,
+               .r11 = EXIT_REASON_MSR_READ,
+               .r12 = msr,
+       };
+
+       u64 ret = __tdx_hypercall_ret(&args);
+
+       if (WARN_ONCE(ret, "Failed to emulate MSR read: %lld\n", ret))
+               *val = 0;
+       else
+               *val = args.r11;
+}
+#else
+static inline void hv_tdx_msr_write(u64 msr, u64 value) {}
+static inline void hv_tdx_msr_read(u64 msr, u64 *value) {}
+#endif /* CONFIG_INTEL_TDX_GUEST */
+
+#if defined(CONFIG_AMD_MEM_ENCRYPT) || defined(CONFIG_INTEL_TDX_GUEST)
+void hv_ivm_msr_write(u64 msr, u64 value)
+{
+       if (!ms_hyperv.paravisor_present)
+               return;
+
+       if (hv_isolation_type_tdx())
+               hv_tdx_msr_write(msr, value);
+       else if (hv_isolation_type_snp())
+               hv_ghcb_msr_write(msr, value);
+}
+
+void hv_ivm_msr_read(u64 msr, u64 *value)
+{
+       if (!ms_hyperv.paravisor_present)
+               return;
+
+       if (hv_isolation_type_tdx())
+               hv_tdx_msr_read(msr, value);
+       else if (hv_isolation_type_snp())
+               hv_ghcb_msr_read(msr, value);
+}
+#endif
+
  #if defined(CONFIG_AMD_MEM_ENCRYPT) || defined(CONFIG_INTEL_TDX_GUEST)
  /*
   * hv_mark_gpa_visibility - Set pages visible to host via hvcall.
diff --git a/arch/x86/include/asm/mshyperv.h b/arch/x86/include/asm/mshyperv.h

index a9f453c39371042671cfb61df83ba0959a482e6e..101f71b85cfd64cbfc635a2abf6d869e40456403 100644 (file)
--- a/arch/x86/include/asm/mshyperv.h
+++ b/arch/x86/include/asm/mshyperv.h
@@ -275,14 +275,10 @@ int hv_map_ioapic_interrupt(int ioapic_id, bool level, int vcpu, int vector,
  int hv_unmap_ioapic_interrupt(int ioapic_id, struct hv_interrupt_entry *entry);
  
  #ifdef CONFIG_AMD_MEM_ENCRYPT
-void hv_ghcb_msr_write(u64 msr, u64 value);
-void hv_ghcb_msr_read(u64 msr, u64 *value);
  bool hv_ghcb_negotiate_protocol(void);
  void __noreturn hv_ghcb_terminate(unsigned int set, unsigned int reason);
  int hv_snp_boot_ap(int cpu, unsigned long start_ip);
  #else
-static inline void hv_ghcb_msr_write(u64 msr, u64 value) {}
-static inline void hv_ghcb_msr_read(u64 msr, u64 *value) {}
  static inline bool hv_ghcb_negotiate_protocol(void) { return false; }
  static inline void hv_ghcb_terminate(unsigned int set, unsigned int reason) {}
  static inline int hv_snp_boot_ap(int cpu, unsigned long start_ip) { return 0; }
@@ -292,8 +288,12 @@ extern bool hv_isolation_type_snp(void);
  
  #if defined(CONFIG_AMD_MEM_ENCRYPT) || defined(CONFIG_INTEL_TDX_GUEST)
  void hv_vtom_init(void);
+void hv_ivm_msr_write(u64 msr, u64 value);
+void hv_ivm_msr_read(u64 msr, u64 *value);
  #else
  static inline void hv_vtom_init(void) {}
+static inline void hv_ivm_msr_write(u64 msr, u64 value) {}
+static inline void hv_ivm_msr_read(u64 msr, u64 *value) {}
  #endif
  
  static inline bool hv_is_synic_reg(unsigned int reg)
diff --git a/arch/x86/kernel/cpu/mshyperv.c b/arch/x86/kernel/cpu/mshyperv.c

index 4c5a174935ca296c5fb15abce24d32d0103265e6..4f51dac9eeb23381c96a590634ed7c58e2684081 100644 (file)
--- a/arch/x86/kernel/cpu/mshyperv.c
+++ b/arch/x86/kernel/cpu/mshyperv.c
@@ -70,8 +70,8 @@ u64 hv_get_non_nested_register(unsigned int reg)
  {
         u64 value;
  
-       if (hv_is_synic_reg(reg) && hv_isolation_type_snp())
-               hv_ghcb_msr_read(reg, &value);
+       if (hv_is_synic_reg(reg) && ms_hyperv.paravisor_present)
+               hv_ivm_msr_read(reg, &value);
         else
                 rdmsrl(reg, value);
         return value;
@@ -80,8 +80,8 @@ EXPORT_SYMBOL_GPL(hv_get_non_nested_register);
  
  void hv_set_non_nested_register(unsigned int reg, u64 value)
  {
-       if (hv_is_synic_reg(reg) && hv_isolation_type_snp()) {
-               hv_ghcb_msr_write(reg, value);
+       if (hv_is_synic_reg(reg) && ms_hyperv.paravisor_present) {
+               hv_ivm_msr_write(reg, value);
  
                 /* Write proxy bit via wrmsl instruction */
                 if (hv_is_sint_reg(reg))
author	Dexuan Cui <decui@microsoft.com>
	Thu, 24 Aug 2023 08:07:10 +0000 (01:07 -0700)
committer	Wei Liu <wei.liu@kernel.org>
	Fri, 25 Aug 2023 00:04:57 +0000 (00:04 +0000)
arch/x86/hyperv/hv_init.c		patch \| blob \| blame \| history
arch/x86/hyperv/ivm.c		patch \| blob \| blame \| history
arch/x86/include/asm/mshyperv.h		patch \| blob \| blame \| history
arch/x86/kernel/cpu/mshyperv.c		patch \| blob \| blame \| history