lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Message-Id: <20250313-vverma7-cleanup_x86_ops-v1-0-0346c8211a0c@intel.com>
Date: Thu, 13 Mar 2025 13:30:00 -0600
From: Vishal Verma <vishal.l.verma@...el.com>
To: Sean Christopherson <seanjc@...gle.com>, 
 Paolo Bonzini <pbonzini@...hat.com>
Cc: kvm@...r.kernel.org, linux-kernel@...r.kernel.org, 
 Rick Edgecombe <rick.p.edgecombe@...el.com>, 
 Vishal Verma <vishal.l.verma@...el.com>
Subject: [PATCH 0/4] KVM: TDX: Cleanup the kvm_x86_ops structure for
 vmx/tdx

This is a cleanup that should follow the initial TDX base support (i.e.
not an immediate fix needed for kvm-coco-queue).

In [1], Sean points out that the kvm_x86_ops structure and its
associated helpers and wrappers can be cleaned up a lot by -

1. Putting the wrappers under CONFIG_KVM_INTEL_TDX, and
2. Defining the helpers with macros that switch between the tdx and
   non-tdx case, as well as NULL out the TDX-only stubs when needed.

This cleans up the generated code by completely removing trampolines
that would otherwise be left behind in the CONFIG_KVM_INTEL_TDX=n case.

[1]: https://lore.kernel.org/kvm/Z6v9yjWLNTU6X90d@google.com/

For example, looking at vt_refresh_apicv_exec_ctrl(), before this cleanup,
when CONFIG_KVM_INTEL_TDX=n, the following asm is generated:

0000000000036490 <vt_refresh_apicv_exec_ctrl>:
   36490:       f3 0f 1e fa             endbr64
   36494:       e8 00 00 00 00          call   36499 <vt_refresh_apicv_exec_ctrl+0x9>
                        36495: R_X86_64_PLT32   __fentry__-0x4
   36499:       e9 00 00 00 00          jmp    3649e <vt_refresh_apicv_exec_ctrl+0xe>
                        3649a: R_X86_64_PLT32   vmx_refresh_apicv_exec_ctrl-0x4
   3649e:       66 90                   xchg   %ax,%ax

But with these patches, it goes away completely.

These patches have been tested with TDX kvm-unit-tests, booting a Linux
TD, TDX enhanced KVM selftests, and building and examining the generated
assembly (or lack thereof) with both CONFIG_KVM_INTEL_TDX=y and
CONFIG_KVM_INTEL_TDX=n

Based on a patch by Sean Christopherson <seanjc@...gle.com>

Signed-off-by: Vishal Verma <vishal.l.verma@...el.com>
---
Vishal Verma (4):
      KVM: TDX: Move apicv_pre_state_restore to posted_intr.c
      KVM: VMX: Move x86_ops wrappers under CONFIG_KVM_INTEL_TDX
      KVM: VMX: Make naming consistent for kvm_complete_insn_gp via define
      KVM: VMX: Clean up and macrofy x86_ops

 arch/x86/kvm/vmx/posted_intr.h |   1 +
 arch/x86/kvm/vmx/tdx.h         |   2 +-
 arch/x86/kvm/vmx/x86_ops.h     |  68 +-------------
 arch/x86/kvm/vmx/main.c        | 204 ++++++++++++++++++++---------------------
 arch/x86/kvm/vmx/posted_intr.c |   8 ++
 5 files changed, 113 insertions(+), 170 deletions(-)
---
base-commit: 85c9490bbed74b006a614e542da404a55ff5938f
change-id: 20250311-vverma7-cleanup_x86_ops-c62e50e47126

Best regards,
-- 
Vishal Verma <vishal.l.verma@...el.com>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ