Re: [PATCH 07/10] x86/tdx: Extend TDX_MODULE_CALL to support more TDCALL/SEAMCALL leafs
From: Huang, Kai
Date: Thu Jul 13 2023 - 04:14:07 EST
On Wed, 2023-07-12 at 19:11 +0200, Peter Zijlstra wrote:
> On Wed, Jul 12, 2023 at 08:55:21PM +1200, Kai Huang wrote:
> > @@ -65,6 +104,37 @@
> > .endif
> >
> > .if \ret
> > + .if \saved
> > + /*
> > + * Restore the structure from stack to saved the output registers
> > + *
> > + * In case of VP.ENTER returns due to TDVMCALL, all registers are
> > + * valid thus no register can be used as spare to restore the
> > + * structure from the stack (see "TDH.VP.ENTER Output Operands
> > + * Definition on TDCALL(TDG.VP.VMCALL) Following a TD Entry").
> > + * For this case, need to make one register as spare by saving it
> > + * to the stack and then manually load the structure pointer to
> > + * the spare register.
> > + *
> > + * Note for other TDCALLs/SEAMCALLs there are spare registers
> > + * thus no need for such hack but just use this for all for now.
> > + */
> > + pushq %rax /* save the TDCALL/SEAMCALL return code */
> > + movq 8(%rsp), %rax /* restore the structure pointer */
> > + movq %rsi, TDX_MODULE_rsi(%rax) /* save %rsi */
> > + movq %rax, %rsi /* use %rsi as structure pointer */
> > + popq %rax /* restore the return code */
> > + popq %rsi /* pop the structure pointer */
>
> Urgghh... At least for the \host case you can simply pop %rsi, no?
> VP.ENTER returns with 0 there IIRC.
No VP.ENTER doesn't return 0 for RAX. Firstly, VP.ENTER can return for many
reasons but not limited to TDVMCALL (e.g., due to interrupt), and for those
cases RAX contains valid non-zero value. Secondly, even for TDVMCALL, the RAX
isn't 0:
Table 6.256 TDX 1.5 ABI spec:
RAX SEAMCALL instruction return code
The DETAILS_L2 field in bits 31:0 contain the VMCS exit reason,
indicating TDCALL (77).