x86/hyperv/vtl: Mark the wakeup mailbox page as private

The current code maps MMIO devices as shared (decrypted) by default in a
confidential computing VM.

In a TDX environment, secondary CPUs are booted using the Multiprocessor
Wakeup Structure defined in the ACPI specification. The virtual firmware
and the operating system function in the guest context, without
intervention from the VMM. Map the physical memory of the mailbox as
private. Use the is_private_mmio() callback.

Signed-off-by: Yunhong Jiang <yunhong.jiang@linux.intel.com>
Signed-off-by: Ricardo Neri <ricardo.neri-calderon@linux.intel.com>
Signed-off-by: Dexuan Cui <dexuan@kernel.org>

diff --git a/arch/x86/hyperv/hv_vtl.c b/arch/x86/hyperv/hv_vtl.c
index b94fffa67312856e2c97251182a6dcd464456c30..1e2f5b3ea772050acfa8625de77a8da30339bad0 100644 (file)
--- a/arch/x86/hyperv/hv_vtl.c
+++ b/arch/x86/hyperv/hv_vtl.c
@@ -6,6 +6,9 @@
  *   Saurabh Sengar <ssengar@microsoft.com>
  */
 
+#include <linux/acpi.h>
+
+#include <asm/acpi.h>
 #include <asm/apic.h>
 #include <asm/boot.h>
 #include <asm/desc.h>
@@ -59,6 +62,18 @@ static void  __noreturn hv_vtl_restart(char __maybe_unused *cmd)
        hv_vtl_emergency_restart();
 }
 
+static inline bool within_page(u64 addr, u64 start)
+{
+       return addr >= start && addr < (start + PAGE_SIZE);
+}
+
+static bool hv_vtl_is_private_mmio_tdx(u64 addr)
+{
+       u64 mb_addr = acpi_get_mp_wakeup_mailbox_paddr();
+
+       return mb_addr && within_page(addr, mb_addr);
+}
+
 void __init hv_vtl_init_platform(void)
 {
        /*
@@ -71,6 +86,8 @@ void __init hv_vtl_init_platform(void)
        /* There is no paravisor present if we are here. */
        if (hv_isolation_type_tdx()) {
                x86_init.resources.realmode_limit = SZ_4G;
+               x86_platform.hyper.is_private_mmio = hv_vtl_is_private_mmio_tdx;
+
        } else {
                x86_platform.realmode_reserve = x86_init_noop;
                x86_platform.realmode_init = x86_init_noop;