174  * that no #VE will be delivered for accesses to TD-private memory.
176  * TDX 1.0 does not allow the guest to disable SEPT #VE on its own. The VMM
177  * controls if the guest will receive such #VE with TD attribute
183  * Check if the feature is available and disable SEPT #VE if possible.
193 	const char *msg = "TD misconfiguration: SEPT #VE has to be disabled";  in disable_sept_ve()
197 	/* Is this TD allowed to disable SEPT #VE */  in disable_sept_ve()
200 		/* No SEPT #VE controls for the guest: check the attribute */  in disable_sept_ve()
212 	/* Check if SEPT #VE has been disabled before us */  in disable_sept_ve()
260  * The TDX module spec states that #VE may be injected for a limited set of
263  *  - Emulation of the architectural #VE injection on EPT violation;
277  * information if #VE occurred due to instruction execution, but not for EPT
280 static int ve_instr_len(struct ve_info *ve)  in ve_instr_len()  argument
282 	switch (ve->exit_reason) {  in ve_instr_len()
288 		/* It is safe to use ve->instr_len for #VE due instructions */  in ve_instr_len()
289 		return ve->instr_len;  in ve_instr_len()
292 		 * For EPT violations, ve->insn_len is not defined. For those,  in ve_instr_len()
296 		WARN_ONCE(1, "ve->instr_len is not defined for EPT violations");  in ve_instr_len()
299 		WARN_ONCE(1, "Unexpected #VE-type: %lld\n", ve->exit_reason);  in ve_instr_len()
300 		return ve->instr_len;  in ve_instr_len()
327 static int handle_halt(struct ve_info *ve)  in handle_halt()  argument
334 	return ve_instr_len(ve);  in handle_halt()
348 static int read_msr(struct pt_regs *regs, struct ve_info *ve)  in read_msr()  argument
366 	return ve_instr_len(ve);  in read_msr()
369 static int write_msr(struct pt_regs *regs, struct ve_info *ve)  in write_msr()  argument
386 	return ve_instr_len(ve);  in write_msr()
389 static int handle_cpuid(struct pt_regs *regs, struct ve_info *ve)  in handle_cpuid()  argument
407 		return ve_instr_len(ve);  in handle_cpuid()
428 	return ve_instr_len(ve);  in handle_cpuid()
453 static int handle_mmio(struct pt_regs *regs, struct ve_info *ve)  in handle_mmio()  argument
482 	if (!fault_in_kernel_space(ve->gla)) {  in handle_mmio()
504 		if (!mmio_write(size, ve->gpa, val))  in handle_mmio()
509 		if (!mmio_write(size, ve->gpa, val))  in handle_mmio()
531 	if (!mmio_read(size, ve->gpa, &val))  in handle_mmio()
611 static int handle_io(struct pt_regs *regs, struct ve_info *ve)  in handle_io()  argument
613 	u32 exit_qual = ve->exit_qual;  in handle_io()
632 	return ve_instr_len(ve);  in handle_io()
636  * Early #VE exception handler. Only handles a subset of port I/O.
641 	struct ve_info ve;  in tdx_early_handle_ve()  local
644 	tdx_get_ve_info(&ve);  in tdx_early_handle_ve()
646 	if (ve.exit_reason != EXIT_REASON_IO_INSTRUCTION)  in tdx_early_handle_ve()
649 	insn_len = handle_io(regs, &ve);  in tdx_early_handle_ve()
657 void tdx_get_ve_info(struct ve_info *ve)  in tdx_get_ve_info()  argument
662 	 * Called during #VE handling to retrieve the #VE info from the  in tdx_get_ve_info()
665 	 * This has to be called early in #VE handling.  A "nested" #VE which  in tdx_get_ve_info()
668 	 * The call retrieves the #VE info from the TDX module, which also  in tdx_get_ve_info()
669 	 * clears the "#VE valid" flag. This must be done before anything else  in tdx_get_ve_info()
670 	 * because any #VE that occurs while the valid flag is set will lead to  in tdx_get_ve_info()
673 	 * Note, the TDX module treats virtual NMIs as inhibited if the #VE  in tdx_get_ve_info()
674 	 * valid flag is set. It means that NMI=>#VE will not result in a #DF.  in tdx_get_ve_info()
679 	ve->exit_reason = args.rcx;  in tdx_get_ve_info()
680 	ve->exit_qual   = args.rdx;  in tdx_get_ve_info()
681 	ve->gla         = args.r8;  in tdx_get_ve_info()
682 	ve->gpa         = args.r9;  in tdx_get_ve_info()
683 	ve->instr_len   = lower_32_bits(args.r10);  in tdx_get_ve_info()
684 	ve->instr_info  = upper_32_bits(args.r10);  in tdx_get_ve_info()
688  * Handle the user initiated #VE.
693 static int virt_exception_user(struct pt_regs *regs, struct ve_info *ve)  in virt_exception_user()  argument
695 	switch (ve->exit_reason) {  in virt_exception_user()
697 		return handle_cpuid(regs, ve);  in virt_exception_user()
699 		pr_warn("Unexpected #VE: %lld\n", ve->exit_reason);  in virt_exception_user()
710  * Handle the kernel #VE.
715 static int virt_exception_kernel(struct pt_regs *regs, struct ve_info *ve)  in virt_exception_kernel()  argument
717 	switch (ve->exit_reason) {  in virt_exception_kernel()
719 		return handle_halt(ve);  in virt_exception_kernel()
721 		return read_msr(regs, ve);  in virt_exception_kernel()
723 		return write_msr(regs, ve);  in virt_exception_kernel()
725 		return handle_cpuid(regs, ve);  in virt_exception_kernel()
727 		if (is_private_gpa(ve->gpa))  in virt_exception_kernel()
729 		return handle_mmio(regs, ve);  in virt_exception_kernel()
731 		return handle_io(regs, ve);  in virt_exception_kernel()
733 		pr_warn("Unexpected #VE: %lld\n", ve->exit_reason);  in virt_exception_kernel()
738 bool tdx_handle_virt_exception(struct pt_regs *regs, struct ve_info *ve)  in tdx_handle_virt_exception()  argument
743 		insn_len = virt_exception_user(regs, ve);  in tdx_handle_virt_exception()
745 		insn_len = virt_exception_kernel(regs, ve);  in tdx_handle_virt_exception()
749 	/* After successful #VE handling, move the IP */  in tdx_handle_virt_exception()
873          *   - Shared mapping  => Private Page == Recoverable #VE  in tdx_early_init()
882 	 * which can result in a #VE.  But, there is never a private mapping to  in tdx_early_init()
893 	 * bringup low level code. That raises #VE which cannot be handled  in tdx_early_init()