The TDX Guest-Host Communication Interface (GHCI) includes a module call (TDREPORT TDCALL) that a guest can make to acquire a copy of the attestation data that it needs to verify its trustworthiness. Add a wrapper function tdx_mcall_tdreport() that makes the module call to get this data. See GHCI section 2.4.5 "TDCALL [TDG.MR.REPORT] leaf" for additional details. [Xiaoyao: Proposed error code fix] Reviewed-by: Tony Luck <tony.luck@xxxxxxxxx> Reviewed-by: Andi Kleen <ak@xxxxxxxxxxxxxxx> Signed-off-by: Kuppuswamy Sathyanarayanan <sathyanarayanan.kuppuswamy@xxxxxxxxxxxxxxx> --- Changes since v3 * Rebased on top of Tom Lendacky's protected guest changes (https://lore.kernel.org/patchwork/cover/1468760/) Changes since v2: * Included TDCALL_SUCCESS case check in tdx_mcall_tdreport(). arch/x86/include/asm/tdx.h | 2 ++ arch/x86/kernel/tdx.c | 33 +++++++++++++++++++++++++++++++++ 2 files changed, 35 insertions(+) diff --git a/arch/x86/include/asm/tdx.h b/arch/x86/include/asm/tdx.h index 50693bd6f0dd..6e6abd2b0894 100644 --- a/arch/x86/include/asm/tdx.h +++ b/arch/x86/include/asm/tdx.h @@ -95,6 +95,8 @@ extern phys_addr_t tdg_shared_mask(void); extern int tdx_hcall_gpa_intent(phys_addr_t gpa, int numpages, enum tdx_map_type map_type); +int tdx_mcall_tdreport(u64 data, u64 reportdata); + /* * To support I/O port access in decompressor or early kernel init * code, since #VE exception handler cannot be used, use paravirt diff --git a/arch/x86/kernel/tdx.c b/arch/x86/kernel/tdx.c index c71049cd2255..5eed2e660546 100644 --- a/arch/x86/kernel/tdx.c +++ b/arch/x86/kernel/tdx.c @@ -22,6 +22,7 @@ /* TDX Module call Leaf IDs */ #define TDINFO 1 #define TDGETVEINFO 3 +#define TDREPORT 4 #define TDACCEPTPAGE 6 /* TDX hypercall Leaf IDs */ @@ -30,6 +31,9 @@ /* TDX Module call error codes */ #define TDX_PAGE_ALREADY_ACCEPTED 0x00000b0a00000000 #define TDCALL_RETURN_CODE_MASK 0xFFFFFFFF00000000 +#define TDCALL_OPERAND_BUSY 0x8000020000000000 +#define TDCALL_INVALID_OPERAND 0x8000000000000000 +#define TDCALL_SUCCESS 0x0 #define TDCALL_RETURN_CODE(a) ((a) & TDCALL_RETURN_CODE_MASK) #define VE_IS_IO_OUT(exit_qual) (((exit_qual) & 8) ? 0 : 1) @@ -140,6 +144,35 @@ bool tdg_debug_enabled(void) return td_info.attributes & BIT(0); } +/* + * tdx_mcall_tdreport() - Generate TDREPORT_STRUCT using TDCALL. + * + * @data : Physical address of 1024B aligned data to store + * TDREPORT_STRUCT. + * @reportdata : Physical address of 64B aligned report data + * + * return 0 on success or failure error number. + */ +int tdx_mcall_tdreport(u64 data, u64 reportdata) +{ + u64 ret; + + if (!data || !reportdata || !prot_guest_has(PATTR_GUEST_TDX)) + return -EINVAL; + + ret = __trace_tdx_module_call(TDREPORT, data, reportdata, 0, 0, NULL); + + if (ret == TDCALL_SUCCESS) + return 0; + else if (TDCALL_RETURN_CODE(ret) == TDCALL_INVALID_OPERAND) + return -EINVAL; + else if (TDCALL_RETURN_CODE(ret) == TDCALL_OPERAND_BUSY) + return -EBUSY; + + return -EIO; +} +EXPORT_SYMBOL_GPL(tdx_mcall_tdreport); + static void tdg_get_info(void) { u64 ret; -- 2.25.1
