| Message ID | 20210707181506.30489-3-brijesh.singh@amd.com (mailing list archive) |
|---|---|
| State | Not Applicable |
| Delegated to: | Herbert Xu |
| Headers | show |
| Series | Add AMD Secure Nested Paging (SEV-SNP) Guest Support | expand |
On Wed, Jul 07, 2021 at 01:14:32PM -0500, Brijesh Singh wrote: > diff --git a/arch/x86/kernel/sev-shared.c b/arch/x86/kernel/sev-shared.c > index 114f62fe2529..19c2306ac02d 100644 > --- a/arch/x86/kernel/sev-shared.c > +++ b/arch/x86/kernel/sev-shared.c > @@ -14,6 +14,15 @@ > #define has_cpuflag(f) boot_cpu_has(f) > #endif > > +/* > + * Since feature negotiation related variables are set early in the boot > + * process they must reside in the .data section so as not to be zeroed > + * out when the .bss section is later cleared. > + * > + * GHCB protocol version negotiated with the hypervisor. > + */ > +static u16 ghcb_version __section(".data..ro_after_init"); There's a define for that section specifier: __ro_after_init
On Wed, Jul 07, 2021 at 01:14:32PM -0500, Brijesh Singh wrote: > The SEV-ES guest calls the sev_es_negotiate_protocol() to negotiate the > GHCB protocol version before establishing the GHCB. Cache the negotiated > GHCB version so that it can be used later. > > Signed-off-by: Brijesh Singh <brijesh.singh@amd.com> > --- > arch/x86/include/asm/sev.h | 2 +- > arch/x86/kernel/sev-shared.c | 17 ++++++++++++++--- > 2 files changed, 15 insertions(+), 4 deletions(-) Also, while looking at this, all those defines in sev-common.h were bothering me for a while now because they're an unreadable mess because I have to go look at the GHCB spec, decode the corresponding MSR protocol request and then go and piece together each request value by verifying the masks... So I did the below which is, IMO, a lot more readable as you can follow it directly with the spec opened in parallel. Thus, if you don't have a better idea, I'd ask you to please add this to your set and continue defining the new MSR protocol requests this way so that it can be readable. Thx. --- From: Borislav Petkov <bp@suse.de> Date: Tue, 10 Aug 2021 11:39:57 +0200 Subject: [PATCH] x86/sev: Get rid of excessive use of defines Remove all the defines of masks and bit positions for the GHCB MSR protocol and use comments instead which correspond directly to the spec so that following those can be a lot easier and straightforward with the spec opened in parallel to the code. Aligh vertically while at it. No functional changes. Signed-off-by: Borislav Petkov <bp@suse.de> --- arch/x86/include/asm/sev-common.h | 51 +++++++++++++++++-------------- 1 file changed, 28 insertions(+), 23 deletions(-) diff --git a/arch/x86/include/asm/sev-common.h b/arch/x86/include/asm/sev-common.h index 855b0ec9c4e8..28244f8ebde2 100644 --- a/arch/x86/include/asm/sev-common.h +++ b/arch/x86/include/asm/sev-common.h @@ -18,20 +18,19 @@ /* SEV Information Request/Response */ #define GHCB_MSR_SEV_INFO_RESP 0x001 #define GHCB_MSR_SEV_INFO_REQ 0x002 -#define GHCB_MSR_VER_MAX_POS 48 -#define GHCB_MSR_VER_MAX_MASK 0xffff -#define GHCB_MSR_VER_MIN_POS 32 -#define GHCB_MSR_VER_MIN_MASK 0xffff -#define GHCB_MSR_CBIT_POS 24 -#define GHCB_MSR_CBIT_MASK 0xff -#define GHCB_MSR_SEV_INFO(_max, _min, _cbit) \ - ((((_max) & GHCB_MSR_VER_MAX_MASK) << GHCB_MSR_VER_MAX_POS) | \ - (((_min) & GHCB_MSR_VER_MIN_MASK) << GHCB_MSR_VER_MIN_POS) | \ - (((_cbit) & GHCB_MSR_CBIT_MASK) << GHCB_MSR_CBIT_POS) | \ + +#define GHCB_MSR_SEV_INFO(_max, _min, _cbit) \ + /* GHCBData[63:48] */ \ + ((((_max) & 0xffff) << 48) | \ + /* GHCBData[47:32] */ \ + (((_min) & 0xffff) << 32) | \ + /* GHCBData[31:24] */ \ + (((_cbit) & 0xff) << 24) | \ GHCB_MSR_SEV_INFO_RESP) + #define GHCB_MSR_INFO(v) ((v) & 0xfffUL) -#define GHCB_MSR_PROTO_MAX(v) (((v) >> GHCB_MSR_VER_MAX_POS) & GHCB_MSR_VER_MAX_MASK) -#define GHCB_MSR_PROTO_MIN(v) (((v) >> GHCB_MSR_VER_MIN_POS) & GHCB_MSR_VER_MIN_MASK) +#define GHCB_MSR_PROTO_MAX(v) (((v) >> 48) & 0xffff) +#define GHCB_MSR_PROTO_MIN(v) (((v) >> 32) & 0xffff) /* CPUID Request/Response */ #define GHCB_MSR_CPUID_REQ 0x004 @@ -46,27 +45,33 @@ #define GHCB_CPUID_REQ_EBX 1 #define GHCB_CPUID_REQ_ECX 2 #define GHCB_CPUID_REQ_EDX 3 -#define GHCB_CPUID_REQ(fn, reg) \ - (GHCB_MSR_CPUID_REQ | \ - (((unsigned long)reg & GHCB_MSR_CPUID_REG_MASK) << GHCB_MSR_CPUID_REG_POS) | \ - (((unsigned long)fn) << GHCB_MSR_CPUID_FUNC_POS)) +#define GHCB_CPUID_REQ(fn, reg) \ + /* GHCBData[11:0] */ \ + (GHCB_MSR_CPUID_REQ | \ + /* GHCBData[31:12] */ \ + (((unsigned long)reg & 0x3) << 30) | \ + /* GHCBData[63:32] */ \ + (((unsigned long)fn) << 32)) /* AP Reset Hold */ -#define GHCB_MSR_AP_RESET_HOLD_REQ 0x006 -#define GHCB_MSR_AP_RESET_HOLD_RESP 0x007 +#define GHCB_MSR_AP_RESET_HOLD_REQ 0x006 +#define GHCB_MSR_AP_RESET_HOLD_RESP 0x007 /* GHCB Hypervisor Feature Request/Response */ -#define GHCB_MSR_HV_FT_REQ 0x080 -#define GHCB_MSR_HV_FT_RESP 0x081 +#define GHCB_MSR_HV_FT_REQ 0x080 +#define GHCB_MSR_HV_FT_RESP 0x081 #define GHCB_MSR_TERM_REQ 0x100 #define GHCB_MSR_TERM_REASON_SET_POS 12 #define GHCB_MSR_TERM_REASON_SET_MASK 0xf #define GHCB_MSR_TERM_REASON_POS 16 #define GHCB_MSR_TERM_REASON_MASK 0xff -#define GHCB_SEV_TERM_REASON(reason_set, reason_val) \ - (((((u64)reason_set) & GHCB_MSR_TERM_REASON_SET_MASK) << GHCB_MSR_TERM_REASON_SET_POS) | \ - ((((u64)reason_val) & GHCB_MSR_TERM_REASON_MASK) << GHCB_MSR_TERM_REASON_POS)) + +#define GHCB_SEV_TERM_REASON(reason_set, reason_val) \ + /* GHCBData[15:12] */ \ + (((((u64)reason_set) & 0xf) << 12) | \ + /* GHCBData[23:16] */ \ + ((((u64)reason_val) & 0xff) << 16)) #define GHCB_SEV_ES_GEN_REQ 0 #define GHCB_SEV_ES_PROT_UNSUPPORTED 1
On 8/10/21 4:17 AM, Borislav Petkov wrote: > On Wed, Jul 07, 2021 at 01:14:32PM -0500, Brijesh Singh wrote: >> diff --git a/arch/x86/kernel/sev-shared.c b/arch/x86/kernel/sev-shared.c >> index 114f62fe2529..19c2306ac02d 100644 >> --- a/arch/x86/kernel/sev-shared.c >> +++ b/arch/x86/kernel/sev-shared.c >> @@ -14,6 +14,15 @@ >> #define has_cpuflag(f) boot_cpu_has(f) >> #endif >> >> +/* >> + * Since feature negotiation related variables are set early in the boot >> + * process they must reside in the .data section so as not to be zeroed >> + * out when the .bss section is later cleared. >> + * >> + * GHCB protocol version negotiated with the hypervisor. >> + */ >> +static u16 ghcb_version __section(".data..ro_after_init"); > > There's a define for that section specifier: __ro_after_init > Noted. thanks
On 8/10/21 5:01 AM, Borislav Petkov wrote: > On Wed, Jul 07, 2021 at 01:14:32PM -0500, Brijesh Singh wrote: >> The SEV-ES guest calls the sev_es_negotiate_protocol() to negotiate the >> GHCB protocol version before establishing the GHCB. Cache the negotiated >> GHCB version so that it can be used later. >> >> Signed-off-by: Brijesh Singh <brijesh.singh@amd.com> >> --- >> arch/x86/include/asm/sev.h | 2 +- >> arch/x86/kernel/sev-shared.c | 17 ++++++++++++++--- >> 2 files changed, 15 insertions(+), 4 deletions(-) > > Also, while looking at this, all those defines in sev-common.h were > bothering me for a while now because they're an unreadable mess because > I have to go look at the GHCB spec, decode the corresponding MSR > protocol request and then go and piece together each request value by > verifying the masks... > > So I did the below which is, IMO, a lot more readable as you can follow > it directly with the spec opened in parallel. > > Thus, if you don't have a better idea, I'd ask you to please add this to > your set and continue defining the new MSR protocol requests this way so > that it can be readable. > thanks Boris, I will include this in my series and rework the remaining patches to align with it. -brijesh
diff --git a/arch/x86/include/asm/sev.h b/arch/x86/include/asm/sev.h index fa5cd05d3b5b..7ec91b1359df 100644 --- a/arch/x86/include/asm/sev.h +++ b/arch/x86/include/asm/sev.h @@ -12,7 +12,7 @@ #include <asm/insn.h> #include <asm/sev-common.h> -#define GHCB_PROTO_OUR 0x0001UL +#define GHCB_PROTOCOL_MIN 1ULL #define GHCB_PROTOCOL_MAX 1ULL #define GHCB_DEFAULT_USAGE 0ULL diff --git a/arch/x86/kernel/sev-shared.c b/arch/x86/kernel/sev-shared.c index 114f62fe2529..19c2306ac02d 100644 --- a/arch/x86/kernel/sev-shared.c +++ b/arch/x86/kernel/sev-shared.c @@ -14,6 +14,15 @@ #define has_cpuflag(f) boot_cpu_has(f) #endif +/* + * Since feature negotiation related variables are set early in the boot + * process they must reside in the .data section so as not to be zeroed + * out when the .bss section is later cleared. + * + * GHCB protocol version negotiated with the hypervisor. + */ +static u16 ghcb_version __section(".data..ro_after_init"); + static bool __init sev_es_check_cpu_features(void) { if (!has_cpuflag(X86_FEATURE_RDRAND)) { @@ -54,10 +63,12 @@ static bool sev_es_negotiate_protocol(void) if (GHCB_MSR_INFO(val) != GHCB_MSR_SEV_INFO_RESP) return false; - if (GHCB_MSR_PROTO_MAX(val) < GHCB_PROTO_OUR || - GHCB_MSR_PROTO_MIN(val) > GHCB_PROTO_OUR) + if (GHCB_MSR_PROTO_MAX(val) < GHCB_PROTOCOL_MIN || + GHCB_MSR_PROTO_MIN(val) > GHCB_PROTOCOL_MAX) return false; + ghcb_version = min_t(size_t, GHCB_MSR_PROTO_MAX(val), GHCB_PROTOCOL_MAX); + return true; } @@ -102,7 +113,7 @@ static enum es_result sev_es_ghcb_hv_call(struct ghcb *ghcb, enum es_result ret; /* Fill in protocol and format specifiers */ - ghcb->protocol_version = GHCB_PROTOCOL_MAX; + ghcb->protocol_version = ghcb_version; ghcb->ghcb_usage = GHCB_DEFAULT_USAGE; ghcb_set_sw_exit_code(ghcb, exit_code);
The SEV-ES guest calls the sev_es_negotiate_protocol() to negotiate the GHCB protocol version before establishing the GHCB. Cache the negotiated GHCB version so that it can be used later. Signed-off-by: Brijesh Singh <brijesh.singh@amd.com> --- arch/x86/include/asm/sev.h | 2 +- arch/x86/kernel/sev-shared.c | 17 ++++++++++++++--- 2 files changed, 15 insertions(+), 4 deletions(-)