[REVERTME] x86/tdx: Add CONFIG option for KVM SDV workarounds

Shared memory seems to be broken in the KVM SDV, but since we
don't need it there just don't set the attribute.

Also the SDV injects #VE for MSR reads, which breaks the early
boot that tries to read MISC_ENABLES. Skip that check because
it's not needed.

Also enable debug mode with SDV

arch/x86/Kconfig

@@ -904,6 +904,10 @@ config TDX_FUZZ
 	help
 	  Support fuzzing of TDX guests against attacks from hosts
 
+config INTEL_TDX_KVM_SDV
+	bool "Fixes specific to KVM SDV (incompatible to others)"
+	depends on INTEL_TDX_GUEST
+
 endif #HYPERVISOR_GUEST
 
 source "arch/x86/Kconfig.cpu"

arch/x86/kernel/tdx.c

@@ -146,11 +146,18 @@ EXPORT_SYMBOL_GPL(tdx_kvm_hypercall);
  */
 phys_addr_t tdx_shared_mask(void)
 {
+#ifdef CONFIG_INTEL_TDX_KVM_SDV
+	return 0;
+#else
 	return BIT_ULL(td_info.gpa_width - 1);
+#endif
 }
 
 bool tdx_debug_enabled(void)
 {
+#ifdef CONFIG_INTEL_TDX_KVM_SDV
+	return true;
+#endif
 	return td_info.attributes & BIT(0);
 }
 

arch/x86/kernel/verify_cpu.S

@@ -62,7 +62,13 @@ SYM_FUNC_START_LOCAL(verify_cpu)
 	cmpl	$0x444d4163,%ecx
 	jnz	.Lverify_cpu_noamd
 	mov	$1,%di			# cpu is from AMD
+#ifdef CONFIG_INTEL_TDX_KVM_SDV
+	/* The KVM SDV currently injects a #VE on accessing
+	 * MISC_ENABLE, which we cannot handle here. Just
+	 * skip it, since XD_DISABLE is never set.
+	 */
 	jmp	.Lverify_cpu_check
+#endif
 
 .Lverify_cpu_noamd:
 	cmpl	$0x756e6547,%ebx        # GenuineIntel?
@@ -72,6 +78,8 @@ SYM_FUNC_START_LOCAL(verify_cpu)
 	cmpl	$0x6c65746e,%ecx
 	jnz	.Lverify_cpu_check
 
+	jmp	.Lverify_cpu_check
+
 	# only call IA32_MISC_ENABLE when:
 	# family > 6 || (family == 6 && model >= 0xd)
 	movl	$0x1, %eax		# check CPU family and model