| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <Z1ZcvCmAPvBOr4Vt@intel.com>
Date: Mon, 9 Dec 2024 10:58:04 +0800
From: Chao Gao <chao.gao@...el.com>
To: Binbin Wu <binbin.wu@...ux.intel.com>
CC: <pbonzini@...hat.com>, <seanjc@...gle.com>, <kvm@...r.kernel.org>,
<rick.p.edgecombe@...el.com>, <kai.huang@...el.com>,
<adrian.hunter@...el.com>, <reinette.chatre@...el.com>,
<xiaoyao.li@...el.com>, <tony.lindgren@...ux.intel.com>,
<isaku.yamahata@...el.com>, <yan.y.zhao@...el.com>, <michael.roth@....com>,
<linux-kernel@...r.kernel.org>
Subject: Re: [PATCH 3/7] KVM: TDX: Handle KVM hypercall with TDG.VP.VMCALL
On Sun, Dec 01, 2024 at 11:53:52AM +0800, Binbin Wu wrote:
>From: Isaku Yamahata <isaku.yamahata@...el.com>
>
>Handle KVM hypercall for TDX according to TDX Guest-Host Communication
>Interface (GHCI) specification.
>
>The TDX GHCI specification defines the ABI for the guest TD to issue
>hypercalls. When R10 is non-zero, it indicates the TDG.VP.VMCALL is
>vendor-specific. KVM uses R10 as KVM hypercall number and R11-R14
>as 4 arguments, while the error code is returned in R10. Follow the
>ABI and handle the KVM hypercall for TDX.
>
>Signed-off-by: Isaku Yamahata <isaku.yamahata@...el.com>
>Co-developed-by: Binbin Wu <binbin.wu@...ux.intel.com>
>Signed-off-by: Binbin Wu <binbin.wu@...ux.intel.com>
>---
>Hypercalls exit to userspace breakout:
>- Renamed from "KVM: TDX: handle KVM hypercall with TDG.VP.VMCALL" to
> "KVM: TDX: Handle KVM hypercall with TDG.VP.VMCALL".
>- Update the change log.
>- Rebased on Sean's "Prep KVM hypercall handling for TDX" patch set.
> https://lore.kernel.org/kvm/20241128004344.4072099-1-seanjc@google.com
>- Use the right register (i.e. R10) to set the return code after returning
> back from userspace.
>---
> arch/x86/kvm/vmx/tdx.c | 31 +++++++++++++++++++++++++++++++
> 1 file changed, 31 insertions(+)
>
>diff --git a/arch/x86/kvm/vmx/tdx.c b/arch/x86/kvm/vmx/tdx.c
>index 19fd8a5dabd0..4cc55b120ab0 100644
>--- a/arch/x86/kvm/vmx/tdx.c
>+++ b/arch/x86/kvm/vmx/tdx.c
>@@ -957,8 +957,39 @@ static int tdx_handle_triple_fault(struct kvm_vcpu *vcpu)
> return 0;
> }
>
>+
>+static int complete_hypercall_exit(struct kvm_vcpu *vcpu)
>+{
>+ kvm_r10_write(vcpu, vcpu->run->hypercall.ret);
Use tdvmcall_set_return_code() here? it would be more self-explanatory.
>+ return 1;
>+}
>+
>+static int tdx_emulate_vmcall(struct kvm_vcpu *vcpu)
>+{
>+ int r;
>+
>+ /*
>+ * ABI for KVM tdvmcall argument:
>+ * In Guest-Hypervisor Communication Interface(GHCI) specification,
>+ * Non-zero leaf number (R10 != 0) is defined to indicate
>+ * vendor-specific. KVM uses this for KVM hypercall. NOTE: KVM
>+ * hypercall number starts from one. Zero isn't used for KVM hypercall
>+ * number.
>+ *
>+ * R10: KVM hypercall number
>+ * arguments: R11, R12, R13, R14.
>+ */
>+ r = __kvm_emulate_hypercall(vcpu, r10, r11, r12, r13, r14, true, 0,
note r10-14 are not declared in this function.
>+ complete_hypercall_exit);
>+
>+ return r > 0;
>+}
>+
> static int handle_tdvmcall(struct kvm_vcpu *vcpu)
> {
>+ if (tdvmcall_exit_type(vcpu))
>+ return tdx_emulate_vmcall(vcpu);
>+
> switch (tdvmcall_leaf(vcpu)) {
> default:
> break;
>--
>2.46.0
>
Powered by blists - more mailing lists