diff options
| author | Yunhong Jiang <yunhong.jiang@linux.intel.com> | 2026-03-04 15:41:20 -0800 |
|---|---|---|
| committer | Dexuan Cui <decui@microsoft.com> | 2026-05-28 20:01:26 +0000 |
| commit | 80200341197a799fe39da4e9da61bde4d23ec7ec (patch) | |
| tree | 690505c717da87a7d3c87e1691e37b7cf6c3be93 | |
| parent | 12584a89c9172ed5c2718612314a2d6f87260896 (diff) | |
| download | linux-next-history-80200341197a799fe39da4e9da61bde4d23ec7ec.tar.gz | |
x86/hyperv/vtl: Mark the wakeup mailbox page as private
The current code maps MMIO devices as shared (decrypted) by default in a
confidential computing VM.
In a TDX environment, secondary CPUs are booted using the Multiprocessor
Wakeup Structure defined in the ACPI specification. The virtual firmware
and the operating system function in the guest context, without
intervention from the VMM. Map the physical memory of the mailbox as
private. Use the is_private_mmio() callback.
Signed-off-by: Yunhong Jiang <yunhong.jiang@linux.intel.com>
Signed-off-by: Ricardo Neri <ricardo.neri-calderon@linux.intel.com>
Signed-off-by: Dexuan Cui <dexuan@kernel.org>
| -rw-r--r-- | arch/x86/hyperv/hv_vtl.c | 17 |
1 files changed, 17 insertions, 0 deletions
diff --git a/arch/x86/hyperv/hv_vtl.c b/arch/x86/hyperv/hv_vtl.c index b94fffa673128..1e2f5b3ea7720 100644 --- a/arch/x86/hyperv/hv_vtl.c +++ b/arch/x86/hyperv/hv_vtl.c @@ -6,6 +6,9 @@ * Saurabh Sengar <ssengar@microsoft.com> */ +#include <linux/acpi.h> + +#include <asm/acpi.h> #include <asm/apic.h> #include <asm/boot.h> #include <asm/desc.h> @@ -59,6 +62,18 @@ static void __noreturn hv_vtl_restart(char __maybe_unused *cmd) hv_vtl_emergency_restart(); } +static inline bool within_page(u64 addr, u64 start) +{ + return addr >= start && addr < (start + PAGE_SIZE); +} + +static bool hv_vtl_is_private_mmio_tdx(u64 addr) +{ + u64 mb_addr = acpi_get_mp_wakeup_mailbox_paddr(); + + return mb_addr && within_page(addr, mb_addr); +} + void __init hv_vtl_init_platform(void) { /* @@ -71,6 +86,8 @@ void __init hv_vtl_init_platform(void) /* There is no paravisor present if we are here. */ if (hv_isolation_type_tdx()) { x86_init.resources.realmode_limit = SZ_4G; + x86_platform.hyper.is_private_mmio = hv_vtl_is_private_mmio_tdx; + } else { x86_platform.realmode_reserve = x86_init_noop; x86_platform.realmode_init = x86_init_noop; |