[v2] KVM: SVM: Add support for KVM_SEV_SEND_CANCEL command

Message ID	20210409220750.1972030-1-srutherford@google.com (mailing list archive)
State	New, archived
Headers	show Return-Path: <kvm-owner@kernel.org> Date: Fri, 9 Apr 2021 15:07:50 -0700 Message-Id: <20210409220750.1972030-1-srutherford@google.com> Mime-Version: 1.0 Subject: [PATCH v2] KVM: SVM: Add support for KVM_SEV_SEND_CANCEL command From: Steve Rutherford <srutherford@google.com> To: kvm@vger.kernel.org Cc: linux-kernel@vger.kernel.org, natet@google.com, Ashish.Kalra@amd.com, brijesh.singh@amd.com, pbonzini@redhat.com, Steve Rutherford <srutherford@google.com> Content-Type: text/plain; charset="UTF-8" Precedence: bulk
Series	[v2] KVM: SVM: Add support for KVM_SEV_SEND_CANCEL command \| expand [v2] KVM: SVM: Add support for KVM_SEV_SEND_CANCEL command

Message ID

20210409220750.1972030-1-srutherford@google.com (mailing list archive)

State

New, archived

Headers

Date: Fri,  9 Apr 2021 15:07:50 -0700
Message-Id: <20210409220750.1972030-1-srutherford@google.com>
Mime-Version: 1.0
Subject: [PATCH v2] KVM: SVM: Add support for KVM_SEV_SEND_CANCEL command
From: Steve Rutherford <srutherford@google.com>
To: kvm@vger.kernel.org
Cc: linux-kernel@vger.kernel.org, natet@google.com,
        Ashish.Kalra@amd.com, brijesh.singh@amd.com, pbonzini@redhat.com,
        Steve Rutherford <srutherford@google.com>
Content-Type: text/plain; charset="UTF-8"
Precedence: bulk

Series

[v2] KVM: SVM: Add support for KVM_SEV_SEND_CANCEL command | expand

Commit Message

Steve Rutherford April 9, 2021, 10:07 p.m. UTC

After completion of SEND_START, but before SEND_FINISH, the source VMM can
issue the SEND_CANCEL command to stop a migration. This is necessary so
that a cancelled migration can restart with a new target later.

Reviewed-by: Nathan Tempelman <natet@google.com>
Reviewed-by: Brijesh Singh <brijesh.singh@amd.com>
Signed-off-by: Steve Rutherford <srutherford@google.com>
---
 .../virt/kvm/amd-memory-encryption.rst        |  9 ++++++++
 arch/x86/kvm/svm/sev.c                        | 23 +++++++++++++++++++
 drivers/crypto/ccp/sev-dev.c                  |  1 +
 include/linux/psp-sev.h                       | 10 ++++++++
 include/uapi/linux/kvm.h                      |  2 ++
 5 files changed, 45 insertions(+)

Comments

kernel test robot April 11, 2021, 8:56 a.m. UTC | #1

Hi Steve,

Thank you for the patch! Yet something to improve:

[auto build test ERROR on kvm/queue]
[also build test ERROR on vhost/linux-next cryptodev/master linux/master linus/master v5.12-rc6 next-20210409]
[cannot apply to crypto/master]
[If your patch is applied to the wrong git tree, kindly drop us a note.
And when submitting patch, we suggest to use '--base' as documented in
https://git-scm.com/docs/git-format-patch]

url:    https://github.com/0day-ci/linux/commits/Steve-Rutherford/KVM-SVM-Add-support-for-KVM_SEV_SEND_CANCEL-command/20210410-060941
base:   https://git.kernel.org/pub/scm/virt/kvm/kvm.git queue
config: x86_64-allyesconfig (attached as .config)
compiler: gcc-9 (Debian 9.3.0-22) 9.3.0
reproduce (this is a W=1 build):
        # https://github.com/0day-ci/linux/commit/16f9122ec5c3ee772f1edb80c2c2526650b60868
        git remote add linux-review https://github.com/0day-ci/linux
        git fetch --no-tags linux-review Steve-Rutherford/KVM-SVM-Add-support-for-KVM_SEV_SEND_CANCEL-command/20210410-060941
        git checkout 16f9122ec5c3ee772f1edb80c2c2526650b60868
        # save the attached .config to linux build tree
        make W=1 ARCH=x86_64 

If you fix the issue, kindly add following tag as appropriate
Reported-by: kernel test robot <lkp@intel.com>

All errors (new ones prefixed by >>):

   drivers/crypto/ccp/sev-dev.c: In function 'sev_cmd_buffer_len':
>> drivers/crypto/ccp/sev-dev.c:132:7: error: 'SEV_SEND_CANCEL' undeclared (first use in this function); did you mean 'SEV_CMD_SEND_CANCEL'?
     132 |  case SEV_SEND_CANCEL:    return sizeof(struct sev_data_send_cancel);
         |       ^~~~~~~~~~~~~~~
         |       SEV_CMD_SEND_CANCEL
   drivers/crypto/ccp/sev-dev.c:132:7: note: each undeclared identifier is reported only once for each function it appears in


vim +132 drivers/crypto/ccp/sev-dev.c

   100	
   101	static int sev_cmd_buffer_len(int cmd)
   102	{
   103		switch (cmd) {
   104		case SEV_CMD_INIT:			return sizeof(struct sev_data_init);
   105		case SEV_CMD_PLATFORM_STATUS:		return sizeof(struct sev_user_data_status);
   106		case SEV_CMD_PEK_CSR:			return sizeof(struct sev_data_pek_csr);
   107		case SEV_CMD_PEK_CERT_IMPORT:		return sizeof(struct sev_data_pek_cert_import);
   108		case SEV_CMD_PDH_CERT_EXPORT:		return sizeof(struct sev_data_pdh_cert_export);
   109		case SEV_CMD_LAUNCH_START:		return sizeof(struct sev_data_launch_start);
   110		case SEV_CMD_LAUNCH_UPDATE_DATA:	return sizeof(struct sev_data_launch_update_data);
   111		case SEV_CMD_LAUNCH_UPDATE_VMSA:	return sizeof(struct sev_data_launch_update_vmsa);
   112		case SEV_CMD_LAUNCH_FINISH:		return sizeof(struct sev_data_launch_finish);
   113		case SEV_CMD_LAUNCH_MEASURE:		return sizeof(struct sev_data_launch_measure);
   114		case SEV_CMD_ACTIVATE:			return sizeof(struct sev_data_activate);
   115		case SEV_CMD_DEACTIVATE:		return sizeof(struct sev_data_deactivate);
   116		case SEV_CMD_DECOMMISSION:		return sizeof(struct sev_data_decommission);
   117		case SEV_CMD_GUEST_STATUS:		return sizeof(struct sev_data_guest_status);
   118		case SEV_CMD_DBG_DECRYPT:		return sizeof(struct sev_data_dbg);
   119		case SEV_CMD_DBG_ENCRYPT:		return sizeof(struct sev_data_dbg);
   120		case SEV_CMD_SEND_START:		return sizeof(struct sev_data_send_start);
   121		case SEV_CMD_SEND_UPDATE_DATA:		return sizeof(struct sev_data_send_update_data);
   122		case SEV_CMD_SEND_UPDATE_VMSA:		return sizeof(struct sev_data_send_update_vmsa);
   123		case SEV_CMD_SEND_FINISH:		return sizeof(struct sev_data_send_finish);
   124		case SEV_CMD_RECEIVE_START:		return sizeof(struct sev_data_receive_start);
   125		case SEV_CMD_RECEIVE_FINISH:		return sizeof(struct sev_data_receive_finish);
   126		case SEV_CMD_RECEIVE_UPDATE_DATA:	return sizeof(struct sev_data_receive_update_data);
   127		case SEV_CMD_RECEIVE_UPDATE_VMSA:	return sizeof(struct sev_data_receive_update_vmsa);
   128		case SEV_CMD_LAUNCH_UPDATE_SECRET:	return sizeof(struct sev_data_launch_secret);
   129		case SEV_CMD_DOWNLOAD_FIRMWARE:		return sizeof(struct sev_data_download_firmware);
   130		case SEV_CMD_GET_ID:			return sizeof(struct sev_data_get_id);
   131		case SEV_CMD_ATTESTATION_REPORT:	return sizeof(struct sev_data_attestation_report);
 > 132		case SEV_SEND_CANCEL:				return sizeof(struct sev_data_send_cancel);
   133		default:				return 0;
   134		}
   135	
   136		return 0;
   137	}
   138	

---
0-DAY CI Kernel Test Service, Intel Corporation
https://lists.01.org/hyperkitty/list/kbuild-all@lists.01.org

Steve Rutherford April 12, 2021, 7:45 p.m. UTC | #2

On Sun, Apr 11, 2021 at 1:56 AM kernel test robot <lkp@intel.com> wrote:
>
> Hi Steve,
>
> Thank you for the patch! Yet something to improve:
>
> [auto build test ERROR on kvm/queue]
> [also build test ERROR on vhost/linux-next cryptodev/master linux/master linus/master v5.12-rc6 next-20210409]
> [cannot apply to crypto/master]
> [If your patch is applied to the wrong git tree, kindly drop us a note.
> And when submitting patch, we suggest to use '--base' as documented in
> https://git-scm.com/docs/git-format-patch]
>
> url:    https://github.com/0day-ci/linux/commits/Steve-Rutherford/KVM-SVM-Add-support-for-KVM_SEV_SEND_CANCEL-command/20210410-060941
> base:   https://git.kernel.org/pub/scm/virt/kvm/kvm.git queue
> config: x86_64-allyesconfig (attached as .config)
> compiler: gcc-9 (Debian 9.3.0-22) 9.3.0
> reproduce (this is a W=1 build):
>         # https://github.com/0day-ci/linux/commit/16f9122ec5c3ee772f1edb80c2c2526650b60868
>         git remote add linux-review https://github.com/0day-ci/linux
>         git fetch --no-tags linux-review Steve-Rutherford/KVM-SVM-Add-support-for-KVM_SEV_SEND_CANCEL-command/20210410-060941
>         git checkout 16f9122ec5c3ee772f1edb80c2c2526650b60868
>         # save the attached .config to linux build tree
>         make W=1 ARCH=x86_64
>
> If you fix the issue, kindly add following tag as appropriate
> Reported-by: kernel test robot <lkp@intel.com>
>
> All errors (new ones prefixed by >>):
>
>    drivers/crypto/ccp/sev-dev.c: In function 'sev_cmd_buffer_len':
> >> drivers/crypto/ccp/sev-dev.c:132:7: error: 'SEV_SEND_CANCEL' undeclared (first use in this function); did you mean 'SEV_CMD_SEND_CANCEL'?
>      132 |  case SEV_SEND_CANCEL:    return sizeof(struct sev_data_send_cancel);
>          |       ^~~~~~~~~~~~~~~
>          |       SEV_CMD_SEND_CANCEL
>    drivers/crypto/ccp/sev-dev.c:132:7: note: each undeclared identifier is reported only once for each function it appears in
>
>
> vim +132 drivers/crypto/ccp/sev-dev.c
>
>    100
>    101  static int sev_cmd_buffer_len(int cmd)
>    102  {
>    103          switch (cmd) {
>    104          case SEV_CMD_INIT:                      return sizeof(struct sev_data_init);
>    105          case SEV_CMD_PLATFORM_STATUS:           return sizeof(struct sev_user_data_status);
>    106          case SEV_CMD_PEK_CSR:                   return sizeof(struct sev_data_pek_csr);
>    107          case SEV_CMD_PEK_CERT_IMPORT:           return sizeof(struct sev_data_pek_cert_import);
>    108          case SEV_CMD_PDH_CERT_EXPORT:           return sizeof(struct sev_data_pdh_cert_export);
>    109          case SEV_CMD_LAUNCH_START:              return sizeof(struct sev_data_launch_start);
>    110          case SEV_CMD_LAUNCH_UPDATE_DATA:        return sizeof(struct sev_data_launch_update_data);
>    111          case SEV_CMD_LAUNCH_UPDATE_VMSA:        return sizeof(struct sev_data_launch_update_vmsa);
>    112          case SEV_CMD_LAUNCH_FINISH:             return sizeof(struct sev_data_launch_finish);
>    113          case SEV_CMD_LAUNCH_MEASURE:            return sizeof(struct sev_data_launch_measure);
>    114          case SEV_CMD_ACTIVATE:                  return sizeof(struct sev_data_activate);
>    115          case SEV_CMD_DEACTIVATE:                return sizeof(struct sev_data_deactivate);
>    116          case SEV_CMD_DECOMMISSION:              return sizeof(struct sev_data_decommission);
>    117          case SEV_CMD_GUEST_STATUS:              return sizeof(struct sev_data_guest_status);
>    118          case SEV_CMD_DBG_DECRYPT:               return sizeof(struct sev_data_dbg);
>    119          case SEV_CMD_DBG_ENCRYPT:               return sizeof(struct sev_data_dbg);
>    120          case SEV_CMD_SEND_START:                return sizeof(struct sev_data_send_start);
>    121          case SEV_CMD_SEND_UPDATE_DATA:          return sizeof(struct sev_data_send_update_data);
>    122          case SEV_CMD_SEND_UPDATE_VMSA:          return sizeof(struct sev_data_send_update_vmsa);
>    123          case SEV_CMD_SEND_FINISH:               return sizeof(struct sev_data_send_finish);
>    124          case SEV_CMD_RECEIVE_START:             return sizeof(struct sev_data_receive_start);
>    125          case SEV_CMD_RECEIVE_FINISH:            return sizeof(struct sev_data_receive_finish);
>    126          case SEV_CMD_RECEIVE_UPDATE_DATA:       return sizeof(struct sev_data_receive_update_data);
>    127          case SEV_CMD_RECEIVE_UPDATE_VMSA:       return sizeof(struct sev_data_receive_update_vmsa);
>    128          case SEV_CMD_LAUNCH_UPDATE_SECRET:      return sizeof(struct sev_data_launch_secret);
>    129          case SEV_CMD_DOWNLOAD_FIRMWARE:         return sizeof(struct sev_data_download_firmware);
>    130          case SEV_CMD_GET_ID:                    return sizeof(struct sev_data_get_id);
>    131          case SEV_CMD_ATTESTATION_REPORT:        return sizeof(struct sev_data_attestation_report);
>  > 132          case SEV_SEND_CANCEL:                           return sizeof(struct sev_data_send_cancel);
>    133          default:                                return 0;
>    134          }
>    135
>    136          return 0;
>    137  }
>    138
>
> ---
> 0-DAY CI Kernel Test Service, Intel Corporation
> https://lists.01.org/hyperkitty/list/kbuild-all@lists.01.org

Ugh, forgot to amend. V3 sent.

diff --git a/Documentation/virt/kvm/amd-memory-encryption.rst b/Documentation/virt/kvm/amd-memory-encryption.rst
index 469a6308765b1..9e018a3eec03b 100644
--- a/Documentation/virt/kvm/amd-memory-encryption.rst
+++ b/Documentation/virt/kvm/amd-memory-encryption.rst
@@ -284,6 +284,15 @@  Returns: 0 on success, -negative on error
                 __u32 len;
         };
 
+16. KVM_SEV_SEND_CANCEL
+------------------------
+
+After completion of SEND_START, but before SEND_FINISH, the source VMM can issue the
+SEND_CANCEL command to stop a migration. This is necessary so that a cancelled
+migration can restart with a new target later.
+
+Returns: 0 on success, -negative on error
+
 References
 ==========
 
diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c
index 83e00e5245136..16d75b39e5e78 100644
--- a/arch/x86/kvm/svm/sev.c
+++ b/arch/x86/kvm/svm/sev.c
@@ -1110,6 +1110,26 @@  static int sev_get_attestation_report(struct kvm *kvm, struct kvm_sev_cmd *argp)
 	return ret;
 }
 
+static int sev_send_cancel(struct kvm *kvm, struct kvm_sev_cmd *argp)
+{
+	struct kvm_sev_info *sev = &to_kvm_svm(kvm)->sev_info;
+	struct sev_data_send_cancel *data;
+	int ret;
+
+	if (!sev_guest(kvm))
+		return -ENOTTY;
+
+	data = kzalloc(sizeof(*data), GFP_KERNEL);
+	if (!data)
+		return -ENOMEM;
+
+	data->handle = sev->handle;
+	ret = sev_issue_cmd(kvm, SEV_CMD_SEND_CANCEL, data, &argp->error);
+
+	kfree(data);
+	return ret;
+}
+
 int svm_mem_enc_op(struct kvm *kvm, void __user *argp)
 {
 	struct kvm_sev_cmd sev_cmd;
@@ -1163,6 +1183,9 @@  int svm_mem_enc_op(struct kvm *kvm, void __user *argp)
 	case KVM_SEV_GET_ATTESTATION_REPORT:
 		r = sev_get_attestation_report(kvm, &sev_cmd);
 		break;
+	case KVM_SEV_SEND_CANCEL:
+		r = sev_send_cancel(kvm, &sev_cmd);
+		break;
 	default:
 		r = -EINVAL;
 		goto out;
diff --git a/drivers/crypto/ccp/sev-dev.c b/drivers/crypto/ccp/sev-dev.c
index cb9b4c4e371ed..2c0a60120c785 100644
--- a/drivers/crypto/ccp/sev-dev.c
+++ b/drivers/crypto/ccp/sev-dev.c
@@ -129,6 +129,7 @@  static int sev_cmd_buffer_len(int cmd)
 	case SEV_CMD_DOWNLOAD_FIRMWARE:		return sizeof(struct sev_data_download_firmware);
 	case SEV_CMD_GET_ID:			return sizeof(struct sev_data_get_id);
 	case SEV_CMD_ATTESTATION_REPORT:	return sizeof(struct sev_data_attestation_report);
+	case SEV_SEND_CANCEL:				return sizeof(struct sev_data_send_cancel);
 	default:				return 0;
 	}
 
diff --git a/include/linux/psp-sev.h b/include/linux/psp-sev.h
index b801ead1e2bb5..74f2babffc574 100644
--- a/include/linux/psp-sev.h
+++ b/include/linux/psp-sev.h
@@ -73,6 +73,7 @@  enum sev_cmd {
 	SEV_CMD_SEND_UPDATE_DATA	= 0x041,
 	SEV_CMD_SEND_UPDATE_VMSA	= 0x042,
 	SEV_CMD_SEND_FINISH		= 0x043,
+	SEV_CMD_SEND_CANCEL		= 0x044,
 
 	/* Guest migration commands (incoming) */
 	SEV_CMD_RECEIVE_START		= 0x050,
@@ -392,6 +393,15 @@  struct sev_data_send_finish {
 	u32 handle;				/* In */
 } __packed;
 
+/**
+ * struct sev_data_send_cancel - SEND_CANCEL command parameters
+ *
+ * @handle: handle of the VM to process
+ */
+struct sev_data_send_cancel {
+	u32 handle;				/* In */
+} __packed;
+
 /**
  * struct sev_data_receive_start - RECEIVE_START command parameters
  *
diff --git a/include/uapi/linux/kvm.h b/include/uapi/linux/kvm.h
index f6afee209620d..707469b6b7072 100644
--- a/include/uapi/linux/kvm.h
+++ b/include/uapi/linux/kvm.h
@@ -1671,6 +1671,8 @@  enum sev_cmd_id {
 	KVM_SEV_CERT_EXPORT,
 	/* Attestation report */
 	KVM_SEV_GET_ATTESTATION_REPORT,
+	/* Guest Migration Extension */
+	KVM_SEV_SEND_CANCEL,
 
 	KVM_SEV_NR_MAX,
 };

[v2] KVM: SVM: Add support for KVM_SEV_SEND_CANCEL command

Commit Message

Comments

Patch