| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <6904c3834e3c0_231474100ca@iweiny-mobl.notmuch>
Date: Fri, 31 Oct 2025 09:11:15 -0500
From: Ira Weiny <ira.weiny@...el.com>
To: Sagi Shahar <sagis@...gle.com>, <linux-kselftest@...r.kernel.org>, "Paolo
Bonzini" <pbonzini@...hat.com>, Shuah Khan <shuah@...nel.org>, "Sean
Christopherson" <seanjc@...gle.com>, Ackerley Tng <ackerleytng@...gle.com>,
Ryan Afranji <afranji@...gle.com>, Andrew Jones <ajones@...tanamicro.com>,
Isaku Yamahata <isaku.yamahata@...el.com>, Erdem Aktas
<erdemaktas@...gle.com>, Rick Edgecombe <rick.p.edgecombe@...el.com>, "Roger
Wang" <runanwang@...gle.com>, Binbin Wu <binbin.wu@...ux.intel.com>, "Oliver
Upton" <oliver.upton@...ux.dev>, "Pratik R. Sampat"
<pratikrajesh.sampat@....com>, Reinette Chatre <reinette.chatre@...el.com>,
Ira Weiny <ira.weiny@...el.com>, Chao Gao <chao.gao@...el.com>, Chenyi Qiang
<chenyi.qiang@...el.com>
CC: <linux-kernel@...r.kernel.org>, <kvm@...r.kernel.org>
Subject: Re: [PATCH v12 20/23] KVM: selftests: Add support for TDX TDCALL
from guest
Sagi Shahar wrote:
> From: Erdem Aktas <erdemaktas@...gle.com>
>
> Add support for TDX guests to issue TDCALLs to the TDX module.
Generally it is nice to have more details. As someone new to TDX I
have to remind myself what a TDCALL is. And any random kernel developer
reading this in the future will likely have even less clue than me.
Paraphrased from the spec:
TDCALL is the instruction used by the guest TD software (in TDX non-root
mode) to invoke guest-side TDX functions. TDG.VP.VMCALL helps invoke
services from the host VMM.
Add support for TDX guests to invoke services from the host VMM.
>
> Signed-off-by: Erdem Aktas <erdemaktas@...gle.com>
> Co-developed-by: Sagi Shahar <sagis@...gle.com>
> Signed-off-by: Sagi Shahar <sagis@...gle.com>
> ---
[snip]
> diff --git a/tools/testing/selftests/kvm/include/x86/tdx/tdcall.h b/tools/testing/selftests/kvm/include/x86/tdx/tdcall.h
> new file mode 100644
> index 000000000000..60c70646f876
> --- /dev/null
> +++ b/tools/testing/selftests/kvm/include/x86/tdx/tdcall.h
[snip]
> +
> +/*
> + * Used in __tdx_tdcall() to pass down and get back registers' values of
> + * the TDCALL instruction when requesting services from the VMM.
> + *
> + * This is a software only structure and not part of the TDX module/VMM ABI.
This is a good comment.
> + */
> +struct tdx_tdcall_args {
> + u64 r10;
> + u64 r11;
> + u64 r12;
> + u64 r13;
> + u64 r14;
> + u64 r15;
> +};
> +
[snip]
> +
> +/*
> + * Bitmasks of exposed registers (with VMM).
> + */
> +#define TDX_R10 BIT(10)
> +#define TDX_R11 BIT(11)
> +#define TDX_R12 BIT(12)
> +#define TDX_R13 BIT(13)
> +#define TDX_R14 BIT(14)
> +#define TDX_R15 BIT(15)
> +
> +/*
> + * These registers are clobbered to hold arguments for each
> + * TDVMCALL. They are safe to expose to the VMM.
I'm not sure what this comment means by being 'safe to expose to the VMM'?
They are all overwritten per the data specified correct?
> + * Each bit in this mask represents a register ID. Bit field
> + * details can be found in TDX GHCI specification, section
> + * titled "TDCALL [TDG.VP.VMCALL] leaf".
TDX GHCI specification v1.5, March 2023
2.4.1 TDCALL [TDG.VP.VMCALL] leaf
This nails down any issues which may arise if the module/spec changes.
Ira
[snip]
Powered by blists - more mailing lists