Commit 57a420bb authored by Kai Huang's avatar Kai Huang Committed by Dave Hansen

x86/tdx: Pass TDCALL/SEAMCALL input/output registers via a structure

Currently, the TDX_MODULE_CALL asm macro, which handles both TDCALL and
SEAMCALL, takes one parameter for each input register and an optional
'struct tdx_module_output' (a collection of output registers) as output.
This is different from the TDX_HYPERCALL macro which uses a single
'struct tdx_hypercall_args' to carry all input/output registers.

The newer TDX versions introduce more TDCALLs/SEAMCALLs which use more
input/output registers.  Also, the TDH.VP.ENTER (which isn't covered
by the current TDX_MODULE_CALL macro) basically can use all registers
that the TDX_HYPERCALL does.  The current TDX_MODULE_CALL macro isn't
extendible to cover those cases.

Similar to the TDX_HYPERCALL macro, simplify the TDX_MODULE_CALL macro
to use a single structure 'struct tdx_module_args' to carry all the
input/output registers.  Currently, R10/R11 are only used as output
register but not as input by any TDCALL/SEAMCALL.  Change to also use
R10/R11 as input register to make input/output registers symmetric.

Currently, the TDX_MODULE_CALL macro depends on the caller to pass a
non-NULL 'struct tdx_module_output' to get additional output registers.
Similar to the TDX_HYPERCALL macro, change the TDX_MODULE_CALL macro to
take a new 'ret' macro argument to indicate whether to save the output
registers to the 'struct tdx_module_args'.  Also introduce a new
__tdcall_ret() for that purpose, similar to the __tdx_hypercall_ret().

Note the tdcall(), which is a wrapper of __tdcall(), is called by three
callers: tdx_parse_tdinfo(), tdx_get_ve_info() and tdx_early_init().
The former two need the additional output but the last one doesn't.  For
simplicity, make tdcall() always call __tdcall_ret() to avoid another
"_ret()" wrapper.  The last caller tdx_early_init() isn't performance
critical anyway.
Suggested-by: default avatarPeter Zijlstra <peterz@infradead.org>
Signed-off-by: default avatarKai Huang <kai.huang@intel.com>
Signed-off-by: default avatarDave Hansen <dave.hansen@linux.intel.com>
Reviewed-by: default avatarKirill A. Shutemov <kirill.shutemov@linux.intel.com>
Acked-by: default avatarPeter Zijlstra (Intel) <peterz@infradead.org>
Link: https://lore.kernel.org/all/483616c1762d85eb3a3c3035a7de061cfacf2f14.1692096753.git.kai.huang%40intel.com
parent 5efb9628
...@@ -43,37 +43,10 @@ ...@@ -43,37 +43,10 @@
* __tdcall() - Used by TDX guests to request services from the TDX * __tdcall() - Used by TDX guests to request services from the TDX
* module (does not include VMM services) using TDCALL instruction. * module (does not include VMM services) using TDCALL instruction.
* *
* Transforms function call register arguments into the TDCALL register ABI.
* After TDCALL operation, TDX module output is saved in @out (if it is
* provided by the user).
*
*-------------------------------------------------------------------------
* TDCALL ABI:
*-------------------------------------------------------------------------
* Input Registers:
*
* RAX - TDCALL Leaf number.
* RCX,RDX,R8-R9 - TDCALL Leaf specific input registers.
*
* Output Registers:
*
* RAX - TDCALL instruction error code.
* RCX,RDX,R8-R11 - TDCALL Leaf specific output registers.
*
*-------------------------------------------------------------------------
*
* __tdcall() function ABI: * __tdcall() function ABI:
* *
* @fn (RDI) - TDCALL Leaf ID, moved to RAX * @fn (RDI) - TDCALL Leaf ID, moved to RAX
* @rcx (RSI) - Input parameter 1, moved to RCX * @args (RSI) - struct tdx_module_args for input
* @rdx (RDX) - Input parameter 2, moved to RDX
* @r8 (RCX) - Input parameter 3, moved to R8
* @r9 (R8) - Input parameter 4, moved to R9
*
* @out (R9) - struct tdx_module_output pointer
* stored temporarily in R12 (not
* shared with the TDX module). It
* can be NULL.
* *
* Return status of TDCALL via RAX. * Return status of TDCALL via RAX.
*/ */
...@@ -81,6 +54,22 @@ SYM_FUNC_START(__tdcall) ...@@ -81,6 +54,22 @@ SYM_FUNC_START(__tdcall)
TDX_MODULE_CALL host=0 TDX_MODULE_CALL host=0
SYM_FUNC_END(__tdcall) SYM_FUNC_END(__tdcall)
/*
* __tdcall_ret() - Used by TDX guests to request services from the TDX
* module (does not include VMM services) using TDCALL instruction, with
* saving output registers to the 'struct tdx_module_args' used as input.
*
* __tdcall_ret() function ABI:
*
* @fn (RDI) - TDCALL Leaf ID, moved to RAX
* @args (RSI) - struct tdx_module_args for input and output
*
* Return status of TDCALL via RAX.
*/
SYM_FUNC_START(__tdcall_ret)
TDX_MODULE_CALL host=0 ret=1
SYM_FUNC_END(__tdcall_ret)
/* /*
* TDX_HYPERCALL - Make hypercalls to a TDX VMM using TDVMCALL leaf of TDCALL * TDX_HYPERCALL - Make hypercalls to a TDX VMM using TDVMCALL leaf of TDCALL
* instruction * instruction
......
...@@ -5,7 +5,7 @@ static unsigned long try_accept_one(phys_addr_t start, unsigned long len, ...@@ -5,7 +5,7 @@ static unsigned long try_accept_one(phys_addr_t start, unsigned long len,
enum pg_level pg_level) enum pg_level pg_level)
{ {
unsigned long accept_size = page_level_size(pg_level); unsigned long accept_size = page_level_size(pg_level);
u64 tdcall_rcx; struct tdx_module_args args = {};
u8 page_size; u8 page_size;
if (!IS_ALIGNED(start, accept_size)) if (!IS_ALIGNED(start, accept_size))
...@@ -34,8 +34,8 @@ static unsigned long try_accept_one(phys_addr_t start, unsigned long len, ...@@ -34,8 +34,8 @@ static unsigned long try_accept_one(phys_addr_t start, unsigned long len,
return 0; return 0;
} }
tdcall_rcx = start | page_size; args.rcx = start | page_size;
if (__tdcall(TDG_MEM_PAGE_ACCEPT, tdcall_rcx, 0, 0, 0, NULL)) if (__tdcall(TDG_MEM_PAGE_ACCEPT, &args))
return 0; return 0;
return accept_size; return accept_size;
......
...@@ -66,10 +66,9 @@ EXPORT_SYMBOL_GPL(tdx_kvm_hypercall); ...@@ -66,10 +66,9 @@ EXPORT_SYMBOL_GPL(tdx_kvm_hypercall);
* should only be used for calls that have no legitimate reason to fail * should only be used for calls that have no legitimate reason to fail
* or where the kernel can not survive the call failing. * or where the kernel can not survive the call failing.
*/ */
static inline void tdcall(u64 fn, u64 rcx, u64 rdx, u64 r8, u64 r9, static inline void tdcall(u64 fn, struct tdx_module_args *args)
struct tdx_module_output *out)
{ {
if (__tdcall(fn, rcx, rdx, r8, r9, out)) if (__tdcall_ret(fn, args))
panic("TDCALL %lld failed (Buggy TDX module!)\n", fn); panic("TDCALL %lld failed (Buggy TDX module!)\n", fn);
} }
...@@ -89,11 +88,14 @@ static inline void tdcall(u64 fn, u64 rcx, u64 rdx, u64 r8, u64 r9, ...@@ -89,11 +88,14 @@ static inline void tdcall(u64 fn, u64 rcx, u64 rdx, u64 r8, u64 r9,
*/ */
int tdx_mcall_get_report0(u8 *reportdata, u8 *tdreport) int tdx_mcall_get_report0(u8 *reportdata, u8 *tdreport)
{ {
struct tdx_module_args args = {
.rcx = virt_to_phys(tdreport),
.rdx = virt_to_phys(reportdata),
.r8 = TDREPORT_SUBTYPE_0,
};
u64 ret; u64 ret;
ret = __tdcall(TDG_MR_REPORT, virt_to_phys(tdreport), ret = __tdcall(TDG_MR_REPORT, &args);
virt_to_phys(reportdata), TDREPORT_SUBTYPE_0,
0, NULL);
if (ret) { if (ret) {
if (TDCALL_RETURN_CODE(ret) == TDCALL_INVALID_OPERAND) if (TDCALL_RETURN_CODE(ret) == TDCALL_INVALID_OPERAND)
return -EINVAL; return -EINVAL;
...@@ -141,7 +143,7 @@ static void __noreturn tdx_panic(const char *msg) ...@@ -141,7 +143,7 @@ static void __noreturn tdx_panic(const char *msg)
static void tdx_parse_tdinfo(u64 *cc_mask) static void tdx_parse_tdinfo(u64 *cc_mask)
{ {
struct tdx_module_output out; struct tdx_module_args args = {};
unsigned int gpa_width; unsigned int gpa_width;
u64 td_attr; u64 td_attr;
...@@ -152,7 +154,7 @@ static void tdx_parse_tdinfo(u64 *cc_mask) ...@@ -152,7 +154,7 @@ static void tdx_parse_tdinfo(u64 *cc_mask)
* Guest-Host-Communication Interface (GHCI), section 2.4.2 TDCALL * Guest-Host-Communication Interface (GHCI), section 2.4.2 TDCALL
* [TDG.VP.INFO]. * [TDG.VP.INFO].
*/ */
tdcall(TDG_VP_INFO, 0, 0, 0, 0, &out); tdcall(TDG_VP_INFO, &args);
/* /*
* The highest bit of a guest physical address is the "sharing" bit. * The highest bit of a guest physical address is the "sharing" bit.
...@@ -161,7 +163,7 @@ static void tdx_parse_tdinfo(u64 *cc_mask) ...@@ -161,7 +163,7 @@ static void tdx_parse_tdinfo(u64 *cc_mask)
* The GPA width that comes out of this call is critical. TDX guests * The GPA width that comes out of this call is critical. TDX guests
* can not meaningfully run without it. * can not meaningfully run without it.
*/ */
gpa_width = out.rcx & GENMASK(5, 0); gpa_width = args.rcx & GENMASK(5, 0);
*cc_mask = BIT_ULL(gpa_width - 1); *cc_mask = BIT_ULL(gpa_width - 1);
/* /*
...@@ -169,7 +171,7 @@ static void tdx_parse_tdinfo(u64 *cc_mask) ...@@ -169,7 +171,7 @@ static void tdx_parse_tdinfo(u64 *cc_mask)
* memory. Ensure that no #VE will be delivered for accesses to * memory. Ensure that no #VE will be delivered for accesses to
* TD-private memory. Only VMM-shared memory (MMIO) will #VE. * TD-private memory. Only VMM-shared memory (MMIO) will #VE.
*/ */
td_attr = out.rdx; td_attr = args.rdx;
if (!(td_attr & ATTR_SEPT_VE_DISABLE)) { if (!(td_attr & ATTR_SEPT_VE_DISABLE)) {
const char *msg = "TD misconfiguration: SEPT_VE_DISABLE attribute must be set."; const char *msg = "TD misconfiguration: SEPT_VE_DISABLE attribute must be set.";
...@@ -577,7 +579,7 @@ __init bool tdx_early_handle_ve(struct pt_regs *regs) ...@@ -577,7 +579,7 @@ __init bool tdx_early_handle_ve(struct pt_regs *regs)
void tdx_get_ve_info(struct ve_info *ve) void tdx_get_ve_info(struct ve_info *ve)
{ {
struct tdx_module_output out; struct tdx_module_args args = {};
/* /*
* Called during #VE handling to retrieve the #VE info from the * Called during #VE handling to retrieve the #VE info from the
...@@ -594,15 +596,15 @@ void tdx_get_ve_info(struct ve_info *ve) ...@@ -594,15 +596,15 @@ void tdx_get_ve_info(struct ve_info *ve)
* Note, the TDX module treats virtual NMIs as inhibited if the #VE * Note, the TDX module treats virtual NMIs as inhibited if the #VE
* valid flag is set. It means that NMI=>#VE will not result in a #DF. * valid flag is set. It means that NMI=>#VE will not result in a #DF.
*/ */
tdcall(TDG_VP_VEINFO_GET, 0, 0, 0, 0, &out); tdcall(TDG_VP_VEINFO_GET, &args);
/* Transfer the output parameters */ /* Transfer the output parameters */
ve->exit_reason = out.rcx; ve->exit_reason = args.rcx;
ve->exit_qual = out.rdx; ve->exit_qual = args.rdx;
ve->gla = out.r8; ve->gla = args.r8;
ve->gpa = out.r9; ve->gpa = args.r9;
ve->instr_len = lower_32_bits(out.r10); ve->instr_len = lower_32_bits(args.r10);
ve->instr_info = upper_32_bits(out.r10); ve->instr_info = upper_32_bits(args.r10);
} }
/* /*
...@@ -799,6 +801,10 @@ static bool tdx_enc_status_change_finish(unsigned long vaddr, int numpages, ...@@ -799,6 +801,10 @@ static bool tdx_enc_status_change_finish(unsigned long vaddr, int numpages,
void __init tdx_early_init(void) void __init tdx_early_init(void)
{ {
struct tdx_module_args args = {
.rdx = TDCS_NOTIFY_ENABLES,
.r9 = -1ULL,
};
u64 cc_mask; u64 cc_mask;
u32 eax, sig[3]; u32 eax, sig[3];
...@@ -814,7 +820,7 @@ void __init tdx_early_init(void) ...@@ -814,7 +820,7 @@ void __init tdx_early_init(void)
cc_set_mask(cc_mask); cc_set_mask(cc_mask);
/* Kernel does not use NOTIFY_ENABLES and does not need random #VEs */ /* Kernel does not use NOTIFY_ENABLES and does not need random #VEs */
tdcall(TDG_VM_WR, 0, TDCS_NOTIFY_ENABLES, 0, -1ULL, NULL); tdcall(TDG_VM_WR, &args);
/* /*
* All bits above GPA width are reserved and kernel treats shared bit * All bits above GPA width are reserved and kernel treats shared bit
......
...@@ -76,11 +76,11 @@ static inline u64 _tdx_hypercall(u64 fn, u64 r12, u64 r13, u64 r14, u64 r15) ...@@ -76,11 +76,11 @@ static inline u64 _tdx_hypercall(u64 fn, u64 r12, u64 r13, u64 r14, u64 r15)
void __tdx_hypercall_failed(void); void __tdx_hypercall_failed(void);
/* /*
* Used in __tdx_module_call() to gather the output registers' values of the * Used in __tdcall*() to gather the input/output registers' values of the
* TDCALL instruction when requesting services from the TDX module. This is a * TDCALL instruction when requesting services from the TDX module. This is a
* software only structure and not part of the TDX module/VMM ABI * software only structure and not part of the TDX module/VMM ABI
*/ */
struct tdx_module_output { struct tdx_module_args {
u64 rcx; u64 rcx;
u64 rdx; u64 rdx;
u64 r8; u64 r8;
...@@ -90,8 +90,8 @@ struct tdx_module_output { ...@@ -90,8 +90,8 @@ struct tdx_module_output {
}; };
/* Used to communicate with the TDX module */ /* Used to communicate with the TDX module */
u64 __tdcall(u64 fn, u64 rcx, u64 rdx, u64 r8, u64 r9, u64 __tdcall(u64 fn, struct tdx_module_args *args);
struct tdx_module_output *out); u64 __tdcall_ret(u64 fn, struct tdx_module_args *args);
bool tdx_accept_memory(phys_addr_t start, phys_addr_t end); bool tdx_accept_memory(phys_addr_t start, phys_addr_t end);
......
...@@ -68,12 +68,12 @@ static void __used common(void) ...@@ -68,12 +68,12 @@ static void __used common(void)
#endif #endif
BLANK(); BLANK();
OFFSET(TDX_MODULE_rcx, tdx_module_output, rcx); OFFSET(TDX_MODULE_rcx, tdx_module_args, rcx);
OFFSET(TDX_MODULE_rdx, tdx_module_output, rdx); OFFSET(TDX_MODULE_rdx, tdx_module_args, rdx);
OFFSET(TDX_MODULE_r8, tdx_module_output, r8); OFFSET(TDX_MODULE_r8, tdx_module_args, r8);
OFFSET(TDX_MODULE_r9, tdx_module_output, r9); OFFSET(TDX_MODULE_r9, tdx_module_args, r9);
OFFSET(TDX_MODULE_r10, tdx_module_output, r10); OFFSET(TDX_MODULE_r10, tdx_module_args, r10);
OFFSET(TDX_MODULE_r11, tdx_module_output, r11); OFFSET(TDX_MODULE_r11, tdx_module_args, r11);
BLANK(); BLANK();
OFFSET(TDX_HYPERCALL_r8, tdx_hypercall_args, r8); OFFSET(TDX_HYPERCALL_r8, tdx_hypercall_args, r8);
......
...@@ -17,34 +17,35 @@ ...@@ -17,34 +17,35 @@
* TDX module and hypercalls to the VMM. * TDX module and hypercalls to the VMM.
* SEAMCALL - used by TDX hosts to make requests to the * SEAMCALL - used by TDX hosts to make requests to the
* TDX module. * TDX module.
*
*-------------------------------------------------------------------------
* TDCALL/SEAMCALL ABI:
*-------------------------------------------------------------------------
* Input Registers:
*
* RAX - TDCALL/SEAMCALL Leaf number.
* RCX,RDX,R8-R11 - TDCALL/SEAMCALL Leaf specific input registers.
*
* Output Registers:
*
* RAX - TDCALL/SEAMCALL instruction error code.
* RCX,RDX,R8-R11 - TDCALL/SEAMCALL Leaf specific output registers.
*
*-------------------------------------------------------------------------
*/ */
.macro TDX_MODULE_CALL host:req .macro TDX_MODULE_CALL host:req ret=0
FRAME_BEGIN FRAME_BEGIN
/*
* R12 will be used as temporary storage for struct tdx_module_output
* pointer. Since R12-R15 registers are not used by TDCALL/SEAMCALL
* services supported by this function, it can be reused.
*/
/* Callee saved, so preserve it */
push %r12
/*
* Push output pointer to stack.
* After the operation, it will be fetched into R12 register.
*/
push %r9
/* Mangle function call ABI into TDCALL/SEAMCALL ABI: */
/* Move Leaf ID to RAX */ /* Move Leaf ID to RAX */
mov %rdi, %rax mov %rdi, %rax
/* Move input 4 to R9 */
mov %r8, %r9 /* Move other input regs from 'struct tdx_module_args' */
/* Move input 3 to R8 */ movq TDX_MODULE_rcx(%rsi), %rcx
mov %rcx, %r8 movq TDX_MODULE_rdx(%rsi), %rdx
/* Move input 1 to RCX */ movq TDX_MODULE_r8(%rsi), %r8
mov %rsi, %rcx movq TDX_MODULE_r9(%rsi), %r9
/* Leave input param 2 in RDX */ movq TDX_MODULE_r10(%rsi), %r10
movq TDX_MODULE_r11(%rsi), %r11
.if \host .if \host
seamcall seamcall
...@@ -59,49 +60,31 @@ ...@@ -59,49 +60,31 @@
* This value will never be used as actual SEAMCALL error code as * This value will never be used as actual SEAMCALL error code as
* it is from the Reserved status code class. * it is from the Reserved status code class.
*/ */
jc .Lseamcall_vmfailinvalid jc .Lseamcall_vmfailinvalid\@
.else .else
tdcall tdcall
.endif .endif
/* .if \ret
* Fetch output pointer from stack to R12 (It is used /* Copy output registers to the structure */
* as temporary storage) movq %rcx, TDX_MODULE_rcx(%rsi)
*/ movq %rdx, TDX_MODULE_rdx(%rsi)
pop %r12 movq %r8, TDX_MODULE_r8(%rsi)
movq %r9, TDX_MODULE_r9(%rsi)
/* movq %r10, TDX_MODULE_r10(%rsi)
* Since this macro can be invoked with NULL as an output pointer, movq %r11, TDX_MODULE_r11(%rsi)
* check if caller provided an output struct before storing output .endif
* registers.
*
* Update output registers, even if the call failed (RAX != 0).
* Other registers may contain details of the failure.
*/
test %r12, %r12
jz .Lout
/* Copy result registers to output struct: */
movq %rcx, TDX_MODULE_rcx(%r12)
movq %rdx, TDX_MODULE_rdx(%r12)
movq %r8, TDX_MODULE_r8(%r12)
movq %r9, TDX_MODULE_r9(%r12)
movq %r10, TDX_MODULE_r10(%r12)
movq %r11, TDX_MODULE_r11(%r12)
.Lout:
/* Restore the state of R12 register */
pop %r12
.if \host
.Lout\@:
.endif
FRAME_END FRAME_END
RET RET
.if \host .if \host
.Lseamcall_vmfailinvalid: .Lseamcall_vmfailinvalid\@:
mov $TDX_SEAMCALL_VMFAILINVALID, %rax mov $TDX_SEAMCALL_VMFAILINVALID, %rax
/* pop the unused output pointer back to %r9 */ jmp .Lout\@
pop %r9
jmp .Lout
.endif /* \host */ .endif /* \host */
.endm .endm
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment