| From: |
| Sean Christopherson <seanjc-AT-google.com> |
| To: |
| Thomas Gleixner <tglx-AT-linutronix.de>, Ingo Molnar <mingo-AT-redhat.com>, Borislav Petkov <bp-AT-alien8.de>, Dave Hansen <dave.hansen-AT-linux.intel.com>, x86-AT-kernel.org, "Kirill A. Shutemov" <kas-AT-kernel.org>, Sean Christopherson <seanjc-AT-google.com>, Paolo Bonzini <pbonzini-AT-redhat.com> |
| Subject: |
| [RFC PATCH 0/4] KVM: x86/tdx: Have TDX handle VMXON during bringup |
| Date: |
| Fri, 10 Oct 2025 15:03:58 -0700 |
| Message-ID: |
| <20251010220403.987927-1-seanjc@google.com> |
| Cc: |
| linux-kernel-AT-vger.kernel.org, linux-coco-AT-lists.linux.dev, kvm-AT-vger.kernel.org, Chao Gao <chao.gao-AT-intel.com>, Dan Williams <dan.j.williams-AT-intel.com>, Xin Li <xin-AT-zytor.com>, Kai Huang <kai.huang-AT-intel.com>, Adrian Hunter <adrian.hunter-AT-intel.com> |
| Archive-link: |
| Article |
This is a sort of middle ground between fully yanking core virtualization
support out of KVM, and unconditionally doing VMXON during boot[0].
I got quite far long on rebasing some internal patches we have to extract the
core virtualization bits out of KVM x86, but as I paged back in all of the
things we had punted on (because they were waaay out of scope for our needs),
I realized more and more that providing truly generic virtualization
instrastructure is vastly different than providing infrastructure that can be
shared by multiple instances of KVM (or things very similar to KVM)[1].
So while I still don't want to blindly do VMXON, I also think that trying to
actually support another in-tree hypervisor, without an imminent user to drive
the development, is a waste of resources, and would saddle KVM with a pile of
pointless complexity.
The idea here is to extract _only_ VMXON+VMXOFF and EFER.SVME toggling. AFAIK
there's no second user of SVM, i.e. no equivalent to TDX, but I wanted to keep
things as symmetrical as possible.
Emphasis on "only", because leaving VMCS tracking and clearing in KVM is
another key difference from Xin's series. The "light bulb" moment on that
front is that TDX isn't a hypervisor, and isn't trying to be a hypervisor.
Specifically, TDX should _never_ have it's own VMCSes (that are visible to the
host; the TDX-Module has it's own VMCSes to do SEAMCALL/SEAMRET), and so there
is simply no reason to move that functionality out of KVM.
With that out of the way, dealing with VMXON/VMXOFF and EFER.SVME is a fairly
simple refcounting game.
Oh, and I didn't bother looking to see if it would work, but if TDX only needs
VMXON during boot, then the TDX use of VMXON could be transient. I.e. TDX
could simply blast on_each_cpu() and forego the cpuhp and syscore hooks (a
non-emergency reboot during init isn't possible). I don't particuarly care
what TDX does, as it's a fairly minor detail all things concerned. I went with
the "harder" approach, e.g. to validate keeping the VMXON users count elevated
would do the right thing with respect to CPU offlining, etc.
Lightly tested (see the hacks below to verify the TDX side appears to do what
it's supposed to do), but it seems to work? Heavily RFC, e.g. the third patch
in particular needs to be chunked up, I'm sure there's polishing to be done,
etc.
[0] https://lore.kernel.org/all/20250909182828.1542362-1-xin@...
[1] https://lore.kernel.org/all/aOl5EutrdL_OlVOO@google.com
Sean Christopherson (4):
KVM: x86: Move kvm_rebooting to x86
KVM: x86: Extract VMXON and EFER.SVME enablement to kernel
KVM: x86/tdx: Do VMXON and TDX-Module initialization during tdx_init()
KVM: Bury kvm_{en,dis}able_virtualization() in kvm_main.c once more
Documentation/arch/x86/tdx.rst | 26 --
arch/x86/events/intel/pt.c | 1 -
arch/x86/include/asm/reboot.h | 3 -
arch/x86/include/asm/tdx.h | 4 -
arch/x86/include/asm/virt.h | 21 ++
arch/x86/include/asm/vmx.h | 11 +
arch/x86/kernel/cpu/common.c | 2 +
arch/x86/kernel/reboot.c | 11 -
arch/x86/kvm/svm/svm.c | 34 +-
arch/x86/kvm/svm/vmenter.S | 10 +-
arch/x86/kvm/vmx/tdx.c | 190 +++---------
arch/x86/kvm/vmx/vmcs.h | 11 -
arch/x86/kvm/vmx/vmenter.S | 2 +-
arch/x86/kvm/vmx/vmx.c | 128 +-------
arch/x86/kvm/x86.c | 18 +-
arch/x86/virt/Makefile | 2 +
arch/x86/virt/hw.c | 327 ++++++++++++++++++++
arch/x86/virt/vmx/tdx/tdx.c | 292 +++++++++--------
arch/x86/virt/vmx/tdx/tdx.h | 8 -
arch/x86/virt/vmx/tdx/tdx_global_metadata.c | 10 +-
include/linux/kvm_host.h | 10 +-
virt/kvm/kvm_main.c | 31 +-
22 files changed, 622 insertions(+), 530 deletions(-)
create mode 100644 arch/x86/include/asm/virt.h
create mode 100644 arch/x86/virt/hw.c
base-commit: efcebc8f7aeeba15feb1a5bde70af74d96bf1a76
--
2.51.0.740.g6adb054d12-goog
