On Mon, Jun 03, 2024 at 06:37:45AM -0700, Dave Hansen wrote:
> On 6/2/24 04:54, Kirill A. Shutemov wrote:
> > Sean observed that the compiler is generating inefficient code to clear
> > the tdx_module_args struct for TDCALL and SEAMCALL wrappers. The
> > compiler i
grow/shrink: 3/22 up/down: 17/-313 (-296)
GCC tends to generate string instructions more frequently to clear the
struct.
Signed-off-by: Kirill A. Shutemov
Suggested-by: Dave Hansen
Cc: Sean Christopherson
---
arch/x86/boot/compressed/tdx.c| 32 ---
arch/x86/coco/tdx/tdx-shared.c
; when
> Hyper-V TSC page is not enabled, hv_read_reference_counter defaults to
> be drivers/hv/hv_common.c: __hv_read_ref_counter(), which is suboptimal
> as it uses the slow MSR interface to get the time info.
Why can't the guest just read the TSC directly? Why do we need the page?
I am confused.
--
Kiryl Shutsemau / Kirill A. Shutemov
On Fri, May 17, 2024 at 08:57:10AM -0700, Dave Hansen wrote:
> On 5/17/24 07:19, Kirill A. Shutemov wrote:
> > - /*
> > -* TDINFO TDX module call is used to get the TD execution environment
> > -* information like GPA width, number of available vcpus, debug mode
&
On Fri, May 17, 2024 at 06:54:15PM +0200, Paolo Bonzini wrote:
> On 5/17/24 16:19, Kirill A. Shutemov wrote:
> > Introduce a set of macros that allow to generate wrappers for TDVMCALL
> > leafs. The macros uses tdvmcall_trmapoline() and provides SYSV-complaint
> > ABI on top o
On Fri, May 17, 2024 at 07:02:25PM +0200, Paolo Bonzini wrote:
> On 5/17/24 16:19, Kirill A. Shutemov wrote:
> > The function will be used from inline assembly to handle most TDVMCALL
> > cases.
>
> Perhaps add that the calling convention is designed to allow using the asm
&g
On Fri, May 17, 2024 at 08:21:37AM -0700, Dave Hansen wrote:
> On 5/17/24 07:19, Kirill A. Shutemov wrote:
> > TDCALL calls are centralized into a few megawrappers that take the
> > struct tdx_module_args as input. Most of the call sites only use a few
> > arguments, but
All code has been converted to new TDCALL wrappers.
Drop the old wrappers.
Signed-off-by: Kirill A. Shutemov
---
arch/x86/boot/compressed/tdx.c| 6
arch/x86/coco/tdx/tdcall.S| 60 ++-
arch/x86/coco/tdx/tdx-shared.c| 20 ---
arch/x86
on tdx_early_init()
is code reduction.
Signed-off-by: Kirill A. Shutemov
---
arch/x86/coco/tdx/tdx.c | 18 ++
1 file changed, 2 insertions(+), 16 deletions(-)
diff --git a/arch/x86/coco/tdx/tdx.c b/arch/x86/coco/tdx/tdx.c
index e1849878f3bc..6559f3842f67 100644
--- a/arch/x86/coco/tdx
Use newly introduced TDCALL_0() instead of tdcall() to issue
MR_REPORT tdcall.
It cuts code bloat substantially:
Function old new delta
tdx_mcall_get_report0229 111-118
Signed-off-by: Kirill A. Shutemov
---
arch/x86
Use newly introduced TDCALL_5() instead of tdcall() to issue
VP_VEINFO_GET tdcall.
It cuts code bloat substantially:
Function old new delta
tdx_get_ve_info 253 116-137
Signed-off-by: Kirill A. Shutemov
---
arch/x86
Use newly introduced TDCALL_5() instead of tdcall() to issue VP_INFO
tdcall.
It cuts code bloat slightly:
Function old new delta
tdx_early_init 780 744 -36
Signed-off-by: Kirill A. Shutemov
---
arch/x86/coco/tdx
Use newly introduced TDCALL_0() instead of __tdcall() to issue
PAGE_ACCEPT tdcall.
It cuts code bloat substantially:
Function old new delta
tdx_accept_memory592 233-359
Signed-off-by: Kirill A. Shutemov
---
arch/x86
Use newly introduced TDVMCALL_0() and TDVMCALL_1() instead of
__tdx_hypercall() to handle MMIO emulation.
It cuts code bloat substantially:
Function old new delta
tdx_handle_virt_exception 17471383-364
Signed-off-by: Kirill
-by: Kirill A. Shutemov
---
arch/x86/coco/tdx/tdx.c | 16
1 file changed, 8 insertions(+), 8 deletions(-)
diff --git a/arch/x86/coco/tdx/tdx.c b/arch/x86/coco/tdx/tdx.c
index b7299e668564..e7ffe1cd6d32 100644
--- a/arch/x86/coco/tdx/tdx.c
+++ b/arch/x86/coco/tdx/tdx.c
@@ -49,15
the hypercall directly in assembly.
It cuts code bloat substantially:
Function old new delta
tdx_panic222 59-163
Signed-off-by: Kirill A. Shutemov
---
arch/x86/coco/tdx/tdcall.S | 28
Introduce a set of macros that allow to generate wrappers for TDCALL
leafs.
There are three macros differentiated by number of return parameters.
Signed-off-by: Kirill A. Shutemov
---
arch/x86/include/asm/shared/tdx.h | 58 +++
1 file changed, 58 insertions(+)
diff
645 530-115
tdx_enc_status_change_prepare326 181-145
Total: Before=5553, After=5183, chg -6.66%
Signed-off-by: Kirill A. Shutemov
---
arch/x86/coco/tdx/tdx.c | 12 +++-
1 file changed, 3 insertions(+), 9 deletions(-)
diff --git a/arch/x86/coco/tdx
Use newly introduced TDVMCALL_4() instead of __tdx_hypercall() to handle
CPUID instruction emulation.
It cuts code bloat substantially:
Function old new delta
tdx_handle_virt_exception 18191747 -72
Signed-off-by: Kirill
old new delta
hv_tdx_hypercall 171 42-129
Signed-off-by: Kirill A. Shutemov
---
arch/x86/coco/tdx/tdcall.S | 30 ++
arch/x86/hyperv/ivm.c | 14 --
2 files changed, 30 insertions(+), 14
Use newly introduced TDVMCALL_0() instead of __tdx_hypercall() to issue
GET_QUOTE hypercall.
It cuts code bloat substantially:
Function old new delta
tdx_hcall_get_quote 188 76-112
Signed-off-by: Kirill A. Shutemov
Use newly introduced TDVMCALL_1() instead of __tdx_hypercall() to handle
MSR read emulation.
It cuts code bloat substantially:
Function old new delta
tdx_handle_virt_exception 20521947-105
Signed-off-by: Kirill A. Shutemov
: dozens of instructions per call site to clear unused
fields of the structure.
This issue can be avoided by using more targeted wrappers.
tdvmcall_trampoline() provides a common base for them.
The function will be used from inline assembly to handle most TDVMCALL
cases.
Signed-off-by: Kirill
Use newly introduced TDVMCALL_0() instead of __tdx_hypercall() to handle
MSR write emulation.
It cuts code bloat substantially:
Function old new delta
tdx_handle_virt_exception 19471819-128
Signed-off-by: Kirill A. Shutemov
Introduce a set of macros that allow to generate wrappers for TDVMCALL
leafs. The macros uses tdvmcall_trmapoline() and provides SYSV-complaint
ABI on top of it.
There are three macros differentiated by number of return parameters.
Signed-off-by: Kirill A. Shutemov
---
arch/x86/include/asm
-by: Kirill A. Shutemov
---
arch/x86/boot/compressed/tdx.c| 26 +++---
arch/x86/coco/tdx/tdx.c | 23 +++
arch/x86/include/asm/shared/tdx.h | 4
3 files changed, 18 insertions(+), 35 deletions(-)
diff --git a/arch/x86/boot/compressed/tdx.c b/arch
20232052 +29
__pfx___halt 16 - -16
__halt 171 --171
Total: Before=6350, After=6222, chg -2.02%
Signed-off-by: Kirill A. Shutemov
---
arch/x86/coco/tdx/tdx.c | 29
: 212/-3502 (-3290)
Please take a look. I would appreciate any feedback.
Kirill A. Shutemov (20):
x86/tdx: Introduce tdvmcall_trampoline()
x86/tdx: Add macros to generate TDVMCALL wrappers
x86/tdx: Convert port I/O handling to use new TDVMCALL macros
x86/tdx: Convert HLT handling to use new
--
> drivers/net/hyperv/netvsc.c | 7 +--
> drivers/uio/uio_hv_generic.c | 12
> include/linux/hyperv.h | 1 +
> 5 files changed, 33 insertions(+), 14 deletions(-)
Acked-by: Kirill A. Shutemov
--
Kiryl Shutsemau / Kirill A. Shutemov
th an
> L1 specific
> protocol and TDVMCALLs are routed to L0 for performance reasons. It can't be
> done
> transparently with TDX 1.5 calls alone and we already have TDX 1.5 deployed
> to users with
> an upstream kernel.
TDX 1.5 is not set in stone (yet). The spec is still draft. We can add
capabilities if we make case for them.
Let's try to shift the discussion to how to make TDX better rather than
adding workaround to kernel.
--
Kiryl Shutsemau / Kirill A. Shutemov
On Wed, Dec 06, 2023 at 06:49:11PM +0100, Jeremi Piotrowski wrote:
> On 05/12/2023 11:54, Kirill A. Shutemov wrote:
> > On Mon, Dec 04, 2023 at 08:07:38PM +0100, Jeremi Piotrowski wrote:
> >> On 04/12/2023 10:17, Reshetova, Elena wrote:
> >>>> Check for additional
> describing that: the kernel already supports, has an implementation that
> works and
> has actual users. This is also a model that Intel intentionally created the
> TD-partitioning
> spec to support.
>
> So lets work together to make X86_FEATURE_TDX_GUEST match reality.
I think the right direction is to make TDX architecture good enough
without that. If we need more hooks in TDX module that give required
control to L1, let's do that. (I don't see it so far)
--
Kiryl Shutsemau / Kirill A. Shutemov
On Fri, Nov 24, 2023 at 12:04:56PM +0100, Jeremi Piotrowski wrote:
> On 24/11/2023 11:43, Kirill A. Shutemov wrote:
> > On Fri, Nov 24, 2023 at 11:31:44AM +0100, Jeremi Piotrowski wrote:
> >> On 23/11/2023 14:58, Kirill A. Shutemov wrote:
> >>> On Wed, Nov 22, 20
On Fri, Nov 24, 2023 at 11:31:44AM +0100, Jeremi Piotrowski wrote:
> On 23/11/2023 14:58, Kirill A. Shutemov wrote:
> > On Wed, Nov 22, 2023 at 06:01:04PM +0100, Jeremi Piotrowski wrote:
> >> Check for additional CPUID bits to identify TDX guests running with Trust
> >&g
not have access to
> TDX module calls. The kernel still has access to TDVMCALL(0) which is
> forwarded
> to the VMM for processing, which is the L1 TD VM in this case.
Sounds like a problem introduced by patch 1/3 :/
--
Kiryl Shutsemau / Kirill A. Shutemov
efined because the
> branch that references tdx_accept_memory() was being discarded due to
> DISABLE_TDX_GUEST being set.
And who unsets it now?
--
Kiryl Shutsemau / Kirill A. Shutemov
we aren't guaranteed access to TDX module calls.
I don't follow. The idea of partitioning is that L2 OS can be
unenlightened and have no idea if it runs indide of TD. But this patch
tries to enumerate TDX anyway.
Why?
--
Kiryl Shutsemau / Kirill A. Shutemov
37 matches
Mail list logo
