[v5,2/9] KVM: SEV: Disable SEV on platform init failure

Message ID	20250123220100.339867-3-prsampat@amd.com (mailing list archive)
State	New
Headers	show Received: from NAM12-DM6-obe.outbound.protection.outlook.com (mail-dm6nam12on2083.outbound.protection.outlook.com [40.107.243.83]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id A88C21C5F34; Thu, 23 Jan 2025 22:01:35 +0000 (UTC) Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C From: "Pratik R. Sampat" <prsampat@amd.com> To: <linux-kernel@vger.kernel.org>, <x86@kernel.org>, <kvm@vger.kernel.org>, <linux-crypto@vger.kernel.org>, <linux-kselftest@vger.kernel.org> CC: <seanjc@google.com>, <pbonzini@redhat.com>, <thomas.lendacky@amd.com>, <tglx@linutronix.de>, <mingo@redhat.com>, <bp@alien8.de>, <dave.hansen@linux.intel.com>, <shuah@kernel.org>, <pgonda@google.com>, <ashish.kalra@amd.com>, <nikunj@amd.com>, <michael.roth@amd.com>, <sraithal@amd.com>, <prsampat@amd.com> Subject: [PATCH v5 2/9] KVM: SEV: Disable SEV on platform init failure Date: Thu, 23 Jan 2025 16:00:53 -0600 Message-ID: <20250123220100.339867-3-prsampat@amd.com> In-Reply-To: <20250123220100.339867-1-prsampat@amd.com> References: <20250123220100.339867-1-prsampat@amd.com> Precedence: bulk MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Content-Type: text/plain
Series	Basic SEV-SNP Selftests \| expand [v5,0/9] Basic SEV-SNP Selftests [v5,1/9] KVM: SEV: Disable SEV-SNP on FW validation failure [v5,2/9] KVM: SEV: Disable SEV on platform init failure [v5,3/9] KVM: selftests: SEV-SNP test for KVM_SEV_INIT2 [v5,4/9] KVM: selftests: Add VMGEXIT helper [v5,5/9] KVM: selftests: Introduce SEV VM type check [v5,6/9] KVM: selftests: Add library support for interacting with SNP [v5,7/9] KVM: selftests: Force GUEST_MEMFD flag for SNP VM type [v5,8/9] KVM: selftests: Abstractions for SEV to decouple policy from type [v5,9/9] KVM: selftests: Add a basic SEV-SNP smoke test

Message ID

20250123220100.339867-3-prsampat@amd.com (mailing list archive)

State

New

Headers

Received-SPF: Pass (protection.outlook.com: domain of amd.com designates
 165.204.84.17 as permitted sender) receiver=protection.outlook.com;
 client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C
From: "Pratik R. Sampat" <prsampat@amd.com>
To: <linux-kernel@vger.kernel.org>, <x86@kernel.org>, <kvm@vger.kernel.org>,
	<linux-crypto@vger.kernel.org>, <linux-kselftest@vger.kernel.org>
CC: <seanjc@google.com>, <pbonzini@redhat.com>, <thomas.lendacky@amd.com>,
	<tglx@linutronix.de>, <mingo@redhat.com>, <bp@alien8.de>,
	<dave.hansen@linux.intel.com>, <shuah@kernel.org>, <pgonda@google.com>,
	<ashish.kalra@amd.com>, <nikunj@amd.com>, <michael.roth@amd.com>,
	<sraithal@amd.com>, <prsampat@amd.com>
Subject: [PATCH v5 2/9] KVM: SEV: Disable SEV on platform init failure
Date: Thu, 23 Jan 2025 16:00:53 -0600
Message-ID: <20250123220100.339867-3-prsampat@amd.com>
In-Reply-To: <20250123220100.339867-1-prsampat@amd.com>
References: <20250123220100.339867-1-prsampat@amd.com>
Precedence: bulk
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
Content-Type: text/plain
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 23 Jan 2025 22:01:30.9004
 (UTC)
X-MS-Exchange-CrossTenant-Network-Message-Id: 
 f3acf061-3f0c-473b-d4a8-08dd3bf97e6e
X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d
X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: 
 TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com]
X-MS-Exchange-CrossTenant-AuthSource: 
	CO1PEPF000042A8.namprd03.prod.outlook.com
X-MS-Exchange-CrossTenant-AuthAs: Anonymous
X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem
X-MS-Exchange-Transport-CrossTenantHeadersStamped: CH0PR12MB8577

Series

Basic SEV-SNP Selftests | expand

Commit Message

Pratik Rajesh Sampat Jan. 23, 2025, 10 p.m. UTC

If the platform initialization sev_platform_init() fails, SEV cannot be
set up and a secure VM cannot be spawned. Therefore, in this case,
ensure that KVM does not set up, nor advertise support for SEV, SEV-ES,
and SEV-SNP.

Suggested-by: Nikunj A Dadhania <nikunj@amd.com>
Signed-off-by: Pratik R. Sampat <prsampat@amd.com>
---
v4..v5
* Export the failure of platform_init() to disable SEV+ support
---
---
 arch/x86/kvm/svm/sev.c       |  2 +-
 drivers/crypto/ccp/sev-dev.c | 10 ++++++++++
 include/linux/psp-sev.h      |  3 +++
 3 files changed, 14 insertions(+), 1 deletion(-)

Comments

Nikunj A Dadhania Jan. 24, 2025, 9:56 a.m. UTC | #1

On 1/24/2025 3:30 AM, Pratik R. Sampat wrote:
> diff --git a/include/linux/psp-sev.h b/include/linux/psp-sev.h
> index e841a8fbbb15..3a40b79fb37f 100644
> --- a/include/linux/psp-sev.h
> +++ b/include/linux/psp-sev.h
> @@ -946,6 +946,7 @@ void *psp_copy_user_blob(u64 uaddr, u32 len);
>  void *snp_alloc_firmware_page(gfp_t mask);
>  void snp_free_firmware_page(void *addr);
>  bool snp_fw_valid(void);
> +bool is_sev_platform_init(void);
>  
>  #else	/* !CONFIG_CRYPTO_DEV_SP_PSP */
>  
> @@ -982,6 +983,8 @@ static inline void snp_free_firmware_page(void *addr) { }
>  
>  static inline bool snp_fw_valid(void) { return false; }
>  
> +static inline bool is_sev_platform_init(void) { return false; }
> +

The naming does not sound right, sev_platform_init() does the SEV firmware platform
INIT, so how about calling it sev_fw_initialized()?

Regards,
Nikunj

Pratik Rajesh Sampat Jan. 24, 2025, 5:03 p.m. UTC | #2

Hi Nikunj,

On 1/24/25 3:56 AM, Nikunj A. Dadhania wrote:
> 
> 
> On 1/24/2025 3:30 AM, Pratik R. Sampat wrote:
>> diff --git a/include/linux/psp-sev.h b/include/linux/psp-sev.h
>> index e841a8fbbb15..3a40b79fb37f 100644
>> --- a/include/linux/psp-sev.h
>> +++ b/include/linux/psp-sev.h
>> @@ -946,6 +946,7 @@ void *psp_copy_user_blob(u64 uaddr, u32 len);
>>  void *snp_alloc_firmware_page(gfp_t mask);
>>  void snp_free_firmware_page(void *addr);
>>  bool snp_fw_valid(void);
>> +bool is_sev_platform_init(void);
>>  
>>  #else	/* !CONFIG_CRYPTO_DEV_SP_PSP */
>>  
>> @@ -982,6 +983,8 @@ static inline void snp_free_firmware_page(void *addr) { }
>>  
>>  static inline bool snp_fw_valid(void) { return false; }
>>  
>> +static inline bool is_sev_platform_init(void) { return false; }
>> +
> 
> The naming does not sound right, sev_platform_init() does the SEV firmware platform
> INIT, so how about calling it sev_fw_initialized()?
> 

Sure, this name sounds much better. I can have it renamed.

Best,
Pratik

diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c
index b709c2f0945c..188f04247dcf 100644
--- a/arch/x86/kvm/svm/sev.c
+++ b/arch/x86/kvm/svm/sev.c
@@ -2957,7 +2957,7 @@  void __init sev_hardware_setup(void)
 	bool sev_es_supported = false;
 	bool sev_supported = false;
 
-	if (!sev_enabled || !npt_enabled || !nrips)
+	if (!is_sev_platform_init() || !sev_enabled || !npt_enabled || !nrips)
 		goto out;
 
 	/*
diff --git a/drivers/crypto/ccp/sev-dev.c b/drivers/crypto/ccp/sev-dev.c
index b45cd60c19b0..374ca2dd5730 100644
--- a/drivers/crypto/ccp/sev-dev.c
+++ b/drivers/crypto/ccp/sev-dev.c
@@ -81,6 +81,8 @@  MODULE_FIRMWARE("amd/amd_sev_fam19h_model1xh.sbin"); /* 4th gen EPYC */
 static bool psp_dead;
 static int psp_timeout;
 
+static bool platform_init;
+
 /* Trusted Memory Region (TMR):
  *   The TMR is a 1MB area that must be 1MB aligned.  Use the page allocator
  *   to allocate the memory, which will return aligned memory for the specified
@@ -1358,6 +1360,12 @@  int sev_platform_init(struct sev_platform_init_args *args)
 }
 EXPORT_SYMBOL_GPL(sev_platform_init);
 
+bool is_sev_platform_init(void)
+{
+	return platform_init;
+}
+EXPORT_SYMBOL_GPL(is_sev_platform_init);
+
 static int __sev_platform_shutdown_locked(int *error)
 {
 	struct psp_device *psp = psp_master;
@@ -2427,6 +2435,8 @@  void sev_pci_init(void)
 	if (rc)
 		dev_err(sev->dev, "SEV: failed to INIT error %#x, rc %d\n",
 			args.error, rc);
+	else
+		platform_init = true;
 
 	dev_info(sev->dev, "SEV%s API:%d.%d build:%d\n", sev->snp_initialized ?
 		"-SNP" : "", sev->api_major, sev->api_minor, sev->build);
diff --git a/include/linux/psp-sev.h b/include/linux/psp-sev.h
index e841a8fbbb15..3a40b79fb37f 100644
--- a/include/linux/psp-sev.h
+++ b/include/linux/psp-sev.h
@@ -946,6 +946,7 @@  void *psp_copy_user_blob(u64 uaddr, u32 len);
 void *snp_alloc_firmware_page(gfp_t mask);
 void snp_free_firmware_page(void *addr);
 bool snp_fw_valid(void);
+bool is_sev_platform_init(void);
 
 #else	/* !CONFIG_CRYPTO_DEV_SP_PSP */
 
@@ -982,6 +983,8 @@  static inline void snp_free_firmware_page(void *addr) { }
 
 static inline bool snp_fw_valid(void) { return false; }
 
+static inline bool is_sev_platform_init(void) { return false; }
+
 #endif	/* CONFIG_CRYPTO_DEV_SP_PSP */
 
 #endif	/* __PSP_SEV_H__ */

[v5,2/9] KVM: SEV: Disable SEV on platform init failure

Commit Message

Comments

Patch