Re: [PATCH v17 059/116] KVM: TDX: Create initial guest memory
From: Binbin Wu
Date: Fri Nov 17 2023 - 00:26:13 EST
On 11/17/2023 8:04 AM, Isaku Yamahata wrote:
On Thu, Nov 16, 2023 at 02:35:33PM +0800,
Binbin Wu <binbin.wu@xxxxxxxxxxxxxxx> wrote:
On 11/7/2023 10:56 PM, isaku.yamahata@xxxxxxxxx wrote:
From: Isaku Yamahata <isaku.yamahata@xxxxxxxxx>
Because the guest memory is protected in TDX, the creation of the initial
guest memory requires a dedicated TDX module API, tdh_mem_page_add, instead
of directly copying the memory contents into the guest memory in the case
of the default VM type. KVM MMU page fault handler callback,
private_page_add, handles it.
Define new subcommand, KVM_TDX_INIT_MEM_REGION, of VM-scoped
KVM_MEMORY_ENCRYPT_OP. It assigns the guest page, copies the initial
memory contents into the guest memory, encrypts the guest memory. At the
same time, optionally it extends memory measurement of the TDX guest. It
calls the KVM MMU page fault(EPT-violation) handler to trigger the
callbacks for it.
Reported-by: gkirkpatrick@xxxxxxxxxx
Signed-off-by: Isaku Yamahata <isaku.yamahata@xxxxxxxxx>
---
v15 -> v16:
- add check if nr_pages isn't large with
(nr_page << PAGE_SHIFT) >> PAGE_SHIFT
v14 -> v15:
- add a check if TD is finalized or not to tdx_init_mem_region()
- return -EAGAIN when partial population
---
arch/x86/include/uapi/asm/kvm.h | 9 ++
arch/x86/kvm/mmu/mmu.c | 1 +
arch/x86/kvm/vmx/tdx.c | 167 +++++++++++++++++++++++++-
arch/x86/kvm/vmx/tdx.h | 2 +
tools/arch/x86/include/uapi/asm/kvm.h | 9 ++
5 files changed, 185 insertions(+), 3 deletions(-)
[...]
+static int tdx_sept_page_add(struct kvm *kvm, gfn_t gfn,
+ enum pg_level level, kvm_pfn_t pfn)
For me, the function name is a bit confusing.
I would relate it to a SEPT table page instead of a normal private page if
only by the function name.
Similar to tdx_sept_page_aug(), though it's less confusing due to there is
no seam call to aug a sept table page.
How about tdx_mem_page_{add, aug}()?
It looks good to me.