Sagi Shahar wrote:
From: Erdem Aktas erdemaktas@google.com
Add support for TDX guests to issue TDCALLs to the TDX module.
Generally it is nice to have more details. As someone new to TDX I have to remind myself what a TDCALL is. And any random kernel developer reading this in the future will likely have even less clue than me.
Paraphrased from the spec:
TDCALL is the instruction used by the guest TD software (in TDX non-root mode) to invoke guest-side TDX functions. TDG.VP.VMCALL helps invoke services from the host VMM.
Add support for TDX guests to invoke services from the host VMM.
Signed-off-by: Erdem Aktas erdemaktas@google.com Co-developed-by: Sagi Shahar sagis@google.com Signed-off-by: Sagi Shahar sagis@google.com
[snip]
diff --git a/tools/testing/selftests/kvm/include/x86/tdx/tdcall.h b/tools/testing/selftests/kvm/include/x86/tdx/tdcall.h new file mode 100644 index 000000000000..60c70646f876 --- /dev/null +++ b/tools/testing/selftests/kvm/include/x86/tdx/tdcall.h
[snip]
+/*
- Used in __tdx_tdcall() to pass down and get back registers' values of
- the TDCALL instruction when requesting services from the VMM.
- This is a software only structure and not part of the TDX module/VMM ABI.
This is a good comment.
- */
+struct tdx_tdcall_args {
- u64 r10;
- u64 r11;
- u64 r12;
- u64 r13;
- u64 r14;
- u64 r15;
+};
[snip]
+/*
- Bitmasks of exposed registers (with VMM).
- */
+#define TDX_R10 BIT(10) +#define TDX_R11 BIT(11) +#define TDX_R12 BIT(12) +#define TDX_R13 BIT(13) +#define TDX_R14 BIT(14) +#define TDX_R15 BIT(15)
+/*
- These registers are clobbered to hold arguments for each
- TDVMCALL. They are safe to expose to the VMM.
I'm not sure what this comment means by being 'safe to expose to the VMM'? They are all overwritten per the data specified correct?
- Each bit in this mask represents a register ID. Bit field
- details can be found in TDX GHCI specification, section
- titled "TDCALL [TDG.VP.VMCALL] leaf".
TDX GHCI specification v1.5, March 2023 2.4.1 TDCALL [TDG.VP.VMCALL] leaf
This nails down any issues which may arise if the module/spec changes.
Ira
[snip]