[REVERTME] x86/tdx: Add CONFIG option for KVM SDV workarounds

Shared memory seems to be broken in the KVM SDV, but since we
don't need it there just don't set the attribute.

Also the SDV injects #VE for MSR reads, which breaks the early
boot that tries to read MISC_ENABLES. Skip that check because
it's not needed.

Also enable debug mode with SDV

arch/x86/Kconfig

@@ -896,6 +896,10 @@ config TDX_FUZZ
 	help
 	  Support fuzzing of TDX guests against attacks from hosts
 
+config INTEL_TDX_KVM_SDV
+	bool "Fixes specific to KVM SDV (incompatible to others)"
+	depends on INTEL_TDX_GUEST
+
 config INTEL_TDX_ICL_FIXES
 	bool "Fixes specific for ICL chip"
 	depends on INTEL_TDX_GUEST

arch/x86/kernel/tdx.c

@@ -150,11 +150,18 @@ static u64 __trace_tdx_module_call(u64 fn, u64 rcx, u64 rdx, u64 r8, u64 r9,
 /* The highest bit of a guest physical address is the "sharing" bit */
 phys_addr_t tdx_shared_mask(void)
 {
+#ifdef CONFIG_INTEL_TDX_KVM_SDV
+	return 0;
+#else
 	return 1ULL << (td_info.gpa_width - 1);
+#endif
 }
 
 bool tdx_debug_enabled(void)
 {
+#ifdef CONFIG_INTEL_TDX_KVM_SDV
+	return true;
+#endif
 	return td_info.attributes & BIT(0);
 }
 

arch/x86/kernel/verify_cpu.S

@@ -62,7 +62,13 @@ SYM_FUNC_START_LOCAL(verify_cpu)
 	cmpl	$0x444d4163,%ecx
 	jnz	.Lverify_cpu_noamd
 	mov	$1,%di			# cpu is from AMD
+#ifdef CONFIG_INTEL_TDX_KVM_SDV
+	/* The KVM SDV currently injects a #VE on accessing
+	 * MISC_ENABLE, which we cannot handle here. Just
+	 * skip it, since XD_DISABLE is never set.
+	 */
 	jmp	.Lverify_cpu_check
+#endif
 
 .Lverify_cpu_noamd:
 	cmpl	$0x756e6547,%ebx        # GenuineIntel?
@@ -72,6 +78,8 @@ SYM_FUNC_START_LOCAL(verify_cpu)
 	cmpl	$0x6c65746e,%ecx
 	jnz	.Lverify_cpu_check
 
+	jmp	.Lverify_cpu_check
+
 	# only call IA32_MISC_ENABLE when:
 	# family > 6 || (family == 6 && model >= 0xd)
 	movl	$0x1, %eax		# check CPU family and model