[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <837fb5e9-4a35-4e49-8ec6-1fcfd5a0da30@linux.microsoft.com>
Date: Fri, 24 Nov 2023 11:38:36 +0100
From: Jeremi Piotrowski <jpiotrowski@...ux.microsoft.com>
To: "Kirill A. Shutemov" <kirill.shutemov@...ux.intel.com>
Cc: linux-kernel@...r.kernel.org, Borislav Petkov <bp@...en8.de>,
Dave Hansen <dave.hansen@...ux.intel.com>,
"H. Peter Anvin" <hpa@...or.com>, Ingo Molnar <mingo@...hat.com>,
Michael Kelley <mhkelley58@...il.com>,
Nikolay Borisov <nik.borisov@...e.com>,
Peter Zijlstra <peterz@...radead.org>,
Thomas Gleixner <tglx@...utronix.de>,
Tom Lendacky <thomas.lendacky@....com>, x86@...nel.org,
Dexuan Cui <decui@...rosoft.com>, linux-hyperv@...r.kernel.org,
stefan.bader@...onical.com, tim.gardner@...onical.com,
roxana.nicolescu@...onical.com, cascardo@...onical.com,
kys@...rosoft.com, haiyangz@...rosoft.com, wei.liu@...nel.org,
sashal@...nel.org, stable@...r.kernel.org
Subject: Re: [PATCH v1 2/3] x86/coco: Disable TDX module calls when TD
partitioning is active
On 23/11/2023 15:13, Kirill A. Shutemov wrote:
> On Wed, Nov 22, 2023 at 06:01:05PM +0100, Jeremi Piotrowski wrote:
>> Introduce CC_ATTR_TDX_MODULE_CALLS to allow code to check whether TDX module
>> calls are available. When TD partitioning is enabled, a L1 TD VMM handles most
>> TDX facilities and the kernel running as an L2 TD VM does not have access to
>> TDX module calls. The kernel still has access to TDVMCALL(0) which is forwarded
>> to the VMM for processing, which is the L1 TD VM in this case.
>
Correction: it turns out TDVMCALL(0) is handled by L0 VMM.
> Sounds like a problem introduced by patch 1/3 :/
>
What problem are you referring to? This patch is making the kernel aware of which
subfeatures of TDX are available to it.
This patch is needed once you make the kernel aware of X86_FEATURE_TDX_GUEST, which
is applicable because we're dealing with a TDX guest.
Powered by blists - more mailing lists