[PATCH v7 03/20] x86/virt/tdx: Disable TDX if X2APIC is not enabled
From: Kai Huang
Date: Sun Nov 20 2022 - 19:27:58 EST
The MMIO/xAPIC interface has some problems, most notably the APIC LEAK
[1]. This bug allows an attacker to use the APIC MMIO interface to
extract data from the SGX enclave.
TDX is not immune from this either. Early check X2APIC and disable TDX
if X2APIC is not enabled, and make INTEL_TDX_HOST depend on X86_X2APIC.
[1]: https://aepicleak.com/aepicleak.pdf
Link: https://lore.kernel.org/lkml/d6ffb489-7024-ff74-bd2f-d1e06573bb82@xxxxxxxxx/
Link: https://lore.kernel.org/lkml/ba80b303-31bf-d44a-b05d-5c0f83038798@xxxxxxxxx/
Signed-off-by: Kai Huang <kai.huang@xxxxxxxxx>
---
v6 -> v7:
- Changed to use "Link" for the two lore links to get rid of checkpatch
warning.
---
arch/x86/Kconfig | 1 +
arch/x86/virt/vmx/tdx/tdx.c | 11 +++++++++++
2 files changed, 12 insertions(+)
diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig
index cced4ef3bfb2..dd333b46fafb 100644
--- a/arch/x86/Kconfig
+++ b/arch/x86/Kconfig
@@ -1958,6 +1958,7 @@ config INTEL_TDX_HOST
depends on CPU_SUP_INTEL
depends on X86_64
depends on KVM_INTEL
+ depends on X86_X2APIC
help
Intel Trust Domain Extensions (TDX) protects guest VMs from malicious
host and certain physical attacks. This option enables necessary TDX
diff --git a/arch/x86/virt/vmx/tdx/tdx.c b/arch/x86/virt/vmx/tdx/tdx.c
index 982d9c453b6b..8d943bdc8335 100644
--- a/arch/x86/virt/vmx/tdx/tdx.c
+++ b/arch/x86/virt/vmx/tdx/tdx.c
@@ -12,6 +12,7 @@
#include <linux/printk.h>
#include <asm/msr-index.h>
#include <asm/msr.h>
+#include <asm/apic.h>
#include <asm/tdx.h>
#include "tdx.h"
@@ -81,6 +82,16 @@ static int __init tdx_init(void)
goto no_tdx;
}
+ /*
+ * TDX requires X2APIC being enabled to prevent potential data
+ * leak via APIC MMIO registers. Just disable TDX if not using
+ * X2APIC.
+ */
+ if (!x2apic_enabled()) {
+ pr_info("Disable TDX as X2APIC is not enabled.\n");
+ goto no_tdx;
+ }
+
return 0;
no_tdx:
clear_tdx();
--
2.38.1