Re: [PATCH 08/25] KVM: TDX: Add place holder for TDX VM specific mem_enc_op ioctl

Binbin Wu <binbin.wu@xxxxxxxxxxxxxxx> · Tue, 13 Aug 2024 14:25:50 +0800

On 8/13/2024 6:48 AM, Rick Edgecombe wrote:
From: Isaku Yamahata <isaku.yamahata@xxxxxxxxx>

KVM_MEMORY_ENCRYPT_OP was introduced for VM-scoped operations specific for
guest state-protected VM.  It defined subcommands for technology-specific
operations under KVM_MEMORY_ENCRYPT_OP.  Despite its name, the subcommands
are not limited to memory encryption, but various technology-specific
operations are defined.  It's natural to repurpose KVM_MEMORY_ENCRYPT_OP
for TDX specific operations and define subcommands.

Add a place holder function for TDX specific VM-scoped ioctl as mem_enc_op.
TDX specific sub-commands will be added to retrieve/pass TDX specific
parameters.  Make mem_enc_ioctl non-optional as it's always filled.

Signed-off-by: Isaku Yamahata <isaku.yamahata@xxxxxxxxx>
Signed-off-by: Rick Edgecombe <rick.p.edgecombe@xxxxxxxxx>
---
uAPI breakout v1:
  - rename error->hw_error (Kai)
  - Include "x86_ops.h" to tdx.c as the patch to initialize TDX module
    doesn't include it anymore.
  - Introduce tdx_vm_ioctl() as the first tdx func in x86_ops.h
  - Drop middle paragraph in the commit log (Tony)

v15:
   - change struct kvm_tdx_cmd to drop unused member.
---
  arch/x86/include/asm/kvm-x86-ops.h |  2 +-
  arch/x86/include/uapi/asm/kvm.h    | 26 ++++++++++++++++++++++++
  arch/x86/kvm/vmx/main.c            | 10 ++++++++++
  arch/x86/kvm/vmx/tdx.c             | 32 ++++++++++++++++++++++++++++++
  arch/x86/kvm/vmx/x86_ops.h         |  6 ++++++
  arch/x86/kvm/x86.c                 |  4 ----
  6 files changed, 75 insertions(+), 5 deletions(-)

diff --git a/arch/x86/include/asm/kvm-x86-ops.h b/arch/x86/include/asm/kvm-x86-ops.h
index af58cabcf82f..538f50eee86d 100644
--- a/arch/x86/include/asm/kvm-x86-ops.h
+++ b/arch/x86/include/asm/kvm-x86-ops.h
@@ -123,7 +123,7 @@ KVM_X86_OP(leave_smm)
  KVM_X86_OP(enable_smi_window)
  #endif
  KVM_X86_OP_OPTIONAL(dev_get_attr)
-KVM_X86_OP_OPTIONAL(mem_enc_ioctl)
+KVM_X86_OP(mem_enc_ioctl)
  KVM_X86_OP_OPTIONAL(mem_enc_register_region)
  KVM_X86_OP_OPTIONAL(mem_enc_unregister_region)
  KVM_X86_OP_OPTIONAL(vm_copy_enc_context_from)
diff --git a/arch/x86/include/uapi/asm/kvm.h b/arch/x86/include/uapi/asm/kvm.h
index cba4351b3091..d91f1bad800e 100644
--- a/arch/x86/include/uapi/asm/kvm.h
+++ b/arch/x86/include/uapi/asm/kvm.h
@@ -926,4 +926,30 @@ struct kvm_hyperv_eventfd {
  #define KVM_X86_SNP_VM		4
  #define KVM_X86_TDX_VM		5
  
+/* Trust Domain eXtension sub-ioctl() commands. */
+enum kvm_tdx_cmd_id {
+	KVM_TDX_CAPABILITIES = 0,
It's not used yet.
This cmd id can be introduced in the next patch.

+
+	KVM_TDX_CMD_NR_MAX,
+};
+

[...]







