mbox series

[kernel,0/9] KVM: SEV: Enable AMD SEV-ES DebugSwap

Message ID 20230615063757.3039121-1-aik@amd.com (mailing list archive)
Headers show
Series KVM: SEV: Enable AMD SEV-ES DebugSwap | expand

Message

Alexey Kardashevskiy June 15, 2023, 6:37 a.m. UTC
This is to use another AMD SEV-ES hardware assisted register swap,
more detail in 6/9. In the process it's been suggested to fix other
things, here is the attempt, with the great help of amders.

The previous conversation is here:
https://lore.kernel.org/r/20230411125718.2297768-1-aik@amd.com 

This is based on sha1
6e2e1e779912 Ingo Molnar "Merge branch into tip/master: 'x86/sgx'".

The tree is here: https://github.com/aik/linux/tree/debugswap

Please comment. Thanks.


Alexey Kardashevskiy (6):
  KVM: SEV: move set_dr_intercepts/clr_dr_intercepts from the header
  KVM: SEV: Move SEV's GP_VECTOR intercept setup to SEV
  KVM: SEV-ES: explicitly disable debug
  KVM: SVM/SEV/SEV-ES: Rework intercepts
  KVM: SEV: Enable data breakpoints in SEV-ES
  KVM: SEV-ES: Eliminate #DB intercept when DebugSwap enabled

Sean Christopherson (3):
  KVM: SVM: Rewrite sev_es_prepare_switch_to_guest()'s comment about
    swap types
  KVM: SVM: Don't defer NMI unblocking until next exit for SEV-ES guests
  KVM: SVM: Don't try to pointlessly single-step SEV-ES guests for NMI
    window

 arch/x86/include/asm/cpufeatures.h       |  1 +
 arch/x86/include/asm/svm.h               |  1 +
 arch/x86/kvm/svm/svm.h                   | 42 ----------
 tools/arch/x86/include/asm/cpufeatures.h |  1 +
 arch/x86/kvm/svm/sev.c                   | 86 +++++++++++++++++---
 arch/x86/kvm/svm/svm.c                   | 70 ++++++++++++++--
 6 files changed, 137 insertions(+), 64 deletions(-)

Comments

Alexey Kardashevskiy June 15, 2023, 7:13 a.m. UTC | #1
Ouch, forgot to mark this as "v6". Sorry...



On 15/6/23 16:37, Alexey Kardashevskiy wrote:
> This is to use another AMD SEV-ES hardware assisted register swap,
> more detail in 6/9. In the process it's been suggested to fix other
> things, here is the attempt, with the great help of amders.
> 
> The previous conversation is here:
> https://lore.kernel.org/r/20230411125718.2297768-1-aik@amd.com
> 
> This is based on sha1
> 6e2e1e779912 Ingo Molnar "Merge branch into tip/master: 'x86/sgx'".
> 
> The tree is here: https://github.com/aik/linux/tree/debugswap
> 
> Please comment. Thanks.
> 
> 
> Alexey Kardashevskiy (6):
>    KVM: SEV: move set_dr_intercepts/clr_dr_intercepts from the header
>    KVM: SEV: Move SEV's GP_VECTOR intercept setup to SEV
>    KVM: SEV-ES: explicitly disable debug
>    KVM: SVM/SEV/SEV-ES: Rework intercepts
>    KVM: SEV: Enable data breakpoints in SEV-ES
>    KVM: SEV-ES: Eliminate #DB intercept when DebugSwap enabled
> 
> Sean Christopherson (3):
>    KVM: SVM: Rewrite sev_es_prepare_switch_to_guest()'s comment about
>      swap types
>    KVM: SVM: Don't defer NMI unblocking until next exit for SEV-ES guests
>    KVM: SVM: Don't try to pointlessly single-step SEV-ES guests for NMI
>      window
> 
>   arch/x86/include/asm/cpufeatures.h       |  1 +
>   arch/x86/include/asm/svm.h               |  1 +
>   arch/x86/kvm/svm/svm.h                   | 42 ----------
>   tools/arch/x86/include/asm/cpufeatures.h |  1 +
>   arch/x86/kvm/svm/sev.c                   | 86 +++++++++++++++++---
>   arch/x86/kvm/svm/svm.c                   | 70 ++++++++++++++--
>   6 files changed, 137 insertions(+), 64 deletions(-)
>
Alexey Kardashevskiy June 23, 2023, 1:35 a.m. UTC | #2
Sean, do you want me to repost with "v6" in all patches or this will do? 
Thanks,


On 15/6/23 17:13, Alexey Kardashevskiy wrote:
> Ouch, forgot to mark this as "v6". Sorry...
> 
> 
> 
> On 15/6/23 16:37, Alexey Kardashevskiy wrote:
>> This is to use another AMD SEV-ES hardware assisted register swap,
>> more detail in 6/9. In the process it's been suggested to fix other
>> things, here is the attempt, with the great help of amders.
>>
>> The previous conversation is here:
>> https://lore.kernel.org/r/20230411125718.2297768-1-aik@amd.com
>>
>> This is based on sha1
>> 6e2e1e779912 Ingo Molnar "Merge branch into tip/master: 'x86/sgx'".
>>
>> The tree is here: https://github.com/aik/linux/tree/debugswap
>>
>> Please comment. Thanks.
>>
>>
>> Alexey Kardashevskiy (6):
>>    KVM: SEV: move set_dr_intercepts/clr_dr_intercepts from the header
>>    KVM: SEV: Move SEV's GP_VECTOR intercept setup to SEV
>>    KVM: SEV-ES: explicitly disable debug
>>    KVM: SVM/SEV/SEV-ES: Rework intercepts
>>    KVM: SEV: Enable data breakpoints in SEV-ES
>>    KVM: SEV-ES: Eliminate #DB intercept when DebugSwap enabled
>>
>> Sean Christopherson (3):
>>    KVM: SVM: Rewrite sev_es_prepare_switch_to_guest()'s comment about
>>      swap types
>>    KVM: SVM: Don't defer NMI unblocking until next exit for SEV-ES guests
>>    KVM: SVM: Don't try to pointlessly single-step SEV-ES guests for NMI
>>      window
>>
>>   arch/x86/include/asm/cpufeatures.h       |  1 +
>>   arch/x86/include/asm/svm.h               |  1 +
>>   arch/x86/kvm/svm/svm.h                   | 42 ----------
>>   tools/arch/x86/include/asm/cpufeatures.h |  1 +
>>   arch/x86/kvm/svm/sev.c                   | 86 +++++++++++++++++---
>>   arch/x86/kvm/svm/svm.c                   | 70 ++++++++++++++--
>>   6 files changed, 137 insertions(+), 64 deletions(-)
>>
>
Sean Christopherson June 23, 2023, 2:19 p.m. UTC | #3
On Fri, Jun 23, 2023, Alexey Kardashevskiy wrote:
> Sean, do you want me to repost with "v6" in all patches or this will do?

No need on my end.
Alexey Kardashevskiy June 30, 2023, 2:08 a.m. UTC | #4
On 24/6/23 00:19, Sean Christopherson wrote:
> On Fri, Jun 23, 2023, Alexey Kardashevskiy wrote:
>> Sean, do you want me to repost with "v6" in all patches or this will do?
> 
> No need on my end.

Cool. My colleagues are gently asking if this is any closer to getting 
pulled or not just yet? :) Thanks,
Sean Christopherson June 30, 2023, 9:52 p.m. UTC | #5
On Fri, Jun 30, 2023, Alexey Kardashevskiy wrote:
> 
> 
> On 24/6/23 00:19, Sean Christopherson wrote:
> > On Fri, Jun 23, 2023, Alexey Kardashevskiy wrote:
> > > Sean, do you want me to repost with "v6" in all patches or this will do?
> > 
> > No need on my end.
> 
> Cool. My colleagues are gently asking if this is any closer to getting
> pulled or not just yet? :) Thanks,

Just looked through it.  A few nits, but nothing I can't fix when applying.  I'm
planning on applying it for 6.6 (pending testing, etc.), though I'm out next week
so it'll be a week or three before that actually happens.
Alexey Kardashevskiy July 20, 2023, 7:01 p.m. UTC | #6
On 30/6/23 16:52, Sean Christopherson wrote:
> On Fri, Jun 30, 2023, Alexey Kardashevskiy wrote:
>>
>>
>> On 24/6/23 00:19, Sean Christopherson wrote:
>>> On Fri, Jun 23, 2023, Alexey Kardashevskiy wrote:
>>>> Sean, do you want me to repost with "v6" in all patches or this will do?
>>>
>>> No need on my end.
>>
>> Cool. My colleagues are gently asking if this is any closer to getting
>> pulled or not just yet? :) Thanks,
> 
> Just looked through it.  A few nits, but nothing I can't fix when applying.  I'm
> planning on applying it for 6.6 (pending testing, etc.), though I'm out next week
> so it'll be a week or three before that actually happens.

Soo three it is :)
Sean Christopherson July 28, 2023, 11:49 p.m. UTC | #7
On Thu, 15 Jun 2023 16:37:48 +1000, Alexey Kardashevskiy wrote:
> This is to use another AMD SEV-ES hardware assisted register swap,
> more detail in 6/9. In the process it's been suggested to fix other
> things, here is the attempt, with the great help of amders.
> 
> The previous conversation is here:
> https://lore.kernel.org/r/20230411125718.2297768-1-aik@amd.com
> 
> [...]

Finally applied to kvm-x86 svm, thanks!  Though I was *really* tempted to see
just how snarky the pings would get at week 5+ ;-)

[1/9] KVM: SEV: move set_dr_intercepts/clr_dr_intercepts from the header
      https://github.com/kvm-x86/linux/commit/b265ee7bae11
[2/9] KVM: SEV: Move SEV's GP_VECTOR intercept setup to SEV
      https://github.com/kvm-x86/linux/commit/29de732cc95c
[3/9] KVM: SVM: Rewrite sev_es_prepare_switch_to_guest()'s comment about swap types
      https://github.com/kvm-x86/linux/commit/f8d808ed1ba0
[4/9] KVM: SEV-ES: explicitly disable debug
      https://github.com/kvm-x86/linux/commit/2837dd00f8fc
[5/9] KVM: SVM/SEV/SEV-ES: Rework intercepts
      https://github.com/kvm-x86/linux/commit/5aefd3a05fe1
[6/9] KVM: SEV: Enable data breakpoints in SEV-ES
      https://github.com/kvm-x86/linux/commit/fb71b1298709
[7/9] KVM: SEV-ES: Eliminate #DB intercept when DebugSwap enabled
      https://github.com/kvm-x86/linux/commit/8b54cc7e1817
[8/9] KVM: SVM: Don't defer NMI unblocking until next exit for SEV-ES guests
      https://github.com/kvm-x86/linux/commit/c54268e1036f
[9/9] KVM: SVM: Don't try to pointlessly single-step SEV-ES guests for NMI window
      https://github.com/kvm-x86/linux/commit/e11f81043a12

--
https://github.com/kvm-x86/linux/tree/next
https://github.com/kvm-x86/linux/tree/fixes
Alexey Kardashevskiy July 29, 2023, 1:57 a.m. UTC | #8
On 29/7/23 09:49, Sean Christopherson wrote:
> On Thu, 15 Jun 2023 16:37:48 +1000, Alexey Kardashevskiy wrote:
>> This is to use another AMD SEV-ES hardware assisted register swap,
>> more detail in 6/9. In the process it's been suggested to fix other
>> things, here is the attempt, with the great help of amders.
>>
>> The previous conversation is here:
>> https://lore.kernel.org/r/20230411125718.2297768-1-aik@amd.com
>>
>> [...]
> 
> Finally applied to kvm-x86 svm, thanks!  Though I was *really* tempted to see
> just how snarky the pings would get at week 5+ ;-)

Thanks!
Here is a gist what it could look like:
https://www.spinics.net/lists/kvm-ppc/msg20903.html :)


> 
> [1/9] KVM: SEV: move set_dr_intercepts/clr_dr_intercepts from the header
>        https://github.com/kvm-x86/linux/commit/b265ee7bae11
> [2/9] KVM: SEV: Move SEV's GP_VECTOR intercept setup to SEV
>        https://github.com/kvm-x86/linux/commit/29de732cc95c
> [3/9] KVM: SVM: Rewrite sev_es_prepare_switch_to_guest()'s comment about swap types
>        https://github.com/kvm-x86/linux/commit/f8d808ed1ba0
> [4/9] KVM: SEV-ES: explicitly disable debug
>        https://github.com/kvm-x86/linux/commit/2837dd00f8fc
> [5/9] KVM: SVM/SEV/SEV-ES: Rework intercepts
>        https://github.com/kvm-x86/linux/commit/5aefd3a05fe1
> [6/9] KVM: SEV: Enable data breakpoints in SEV-ES
>        https://github.com/kvm-x86/linux/commit/fb71b1298709
> [7/9] KVM: SEV-ES: Eliminate #DB intercept when DebugSwap enabled
>        https://github.com/kvm-x86/linux/commit/8b54cc7e1817
> [8/9] KVM: SVM: Don't defer NMI unblocking until next exit for SEV-ES guests
>        https://github.com/kvm-x86/linux/commit/c54268e1036f
> [9/9] KVM: SVM: Don't try to pointlessly single-step SEV-ES guests for NMI window
>        https://github.com/kvm-x86/linux/commit/e11f81043a12
> 
> --
> https://github.com/kvm-x86/linux/tree/next
> https://github.com/kvm-x86/linux/tree/fixes