diff options
author | Kirill A. Shutemov <kirill.shutemov@linux.intel.com> | 2022-04-06 01:29:13 +0200 |
---|---|---|
committer | Dave Hansen <dave.hansen@linux.intel.com> | 2022-04-07 17:27:50 +0200 |
commit | 41394e33f3a0ce791caf0e086e1fca850832ddec (patch) | |
tree | 0aa0b1d188e8af08b4802449060688a10bbf6e0c /arch/x86/Kconfig | |
parent | x86/tdx: Add __tdx_module_call() and __tdx_hypercall() helper functions (diff) | |
download | linux-41394e33f3a0ce791caf0e086e1fca850832ddec.tar.xz linux-41394e33f3a0ce791caf0e086e1fca850832ddec.zip |
x86/tdx: Extend the confidential computing API to support TDX guests
Confidential Computing (CC) features (like string I/O unroll support,
memory encryption/decryption support, etc) are conditionally enabled
in the kernel using cc_platform_has() API. Since TDX guests also need
to use these CC features, extend cc_platform_has() API and add TDX
guest-specific CC attributes support.
CC API also provides an interface to deal with encryption mask. Extend
it to cover TDX.
Details about which bit in the page table entry to be used to indicate
shared/private state is determined by using the TDINFO TDCALL.
Signed-off-by: Kirill A. Shutemov <kirill.shutemov@linux.intel.com>
Signed-off-by: Dave Hansen <dave.hansen@linux.intel.com>
Reviewed-by: Dave Hansen <dave.hansen@linux.intel.com>
Reviewed-by: Borislav Petkov <bp@suse.de>
Link: https://lkml.kernel.org/r/20220405232939.73860-5-kirill.shutemov@linux.intel.com
Diffstat (limited to 'arch/x86/Kconfig')
-rw-r--r-- | arch/x86/Kconfig | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig index 4ae27322869d..984315ca0275 100644 --- a/arch/x86/Kconfig +++ b/arch/x86/Kconfig @@ -882,6 +882,7 @@ config INTEL_TDX_GUEST bool "Intel TDX (Trust Domain Extensions) - Guest Support" depends on X86_64 && CPU_SUP_INTEL depends on X86_X2APIC + select ARCH_HAS_CC_PLATFORM help Support running as a guest under Intel TDX. Without this support, the guest kernel can not boot or run under TDX. |