From patchwork Mon Feb 20 18:38:47 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Roth X-Patchwork-Id: 13146983 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 54A39C6379F for ; Mon, 20 Feb 2023 19:01:30 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id E2A516B0095; Mon, 20 Feb 2023 14:01:29 -0500 (EST) Received: by kanga.kvack.org (Postfix, from userid 40) id DDAA16B0096; Mon, 20 Feb 2023 14:01:29 -0500 (EST) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id C7B686B0098; Mon, 20 Feb 2023 14:01:29 -0500 (EST) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0016.hostedemail.com [216.40.44.16]) by kanga.kvack.org (Postfix) with ESMTP id B85736B0095 for ; Mon, 20 Feb 2023 14:01:29 -0500 (EST) Received: from smtpin10.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay03.hostedemail.com (Postfix) with ESMTP id 88259A0893 for ; Mon, 20 Feb 2023 19:01:29 +0000 (UTC) X-FDA: 80488588698.10.347CBAA Received: from NAM12-BN8-obe.outbound.protection.outlook.com (mail-bn8nam12on2052.outbound.protection.outlook.com [40.107.237.52]) by imf11.hostedemail.com (Postfix) with ESMTP id 08E924002B for ; Mon, 20 Feb 2023 19:01:25 +0000 (UTC) Authentication-Results: imf11.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b=sCzOp8ro; spf=pass (imf11.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.237.52 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com; arc=pass ("microsoft.com:s=arcselector9901:i=1"); dmarc=pass (policy=quarantine) header.from=amd.com ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1676919686; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=xfgvNgPkzXxiD3rUfJwSEsnsZDwFqlVnWGrip+638u0=; b=EDV1pTEtQVIig3mppOyA7bZUZ6txPXeLonx431PIYiTyfrS/on93DPge7muscvoSLbo03i E4+1c9GNX1GQGF/UNYfa4sRPIP7YSbZ7+9CriaCDLuH8jNMLz/cU6plFIPYUacxAK30rxX RDT5GtUbcNNdQFvBykIpVBzwtd+yJ6w= ARC-Authentication-Results: i=2; imf11.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b=sCzOp8ro; spf=pass (imf11.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.237.52 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com; arc=pass ("microsoft.com:s=arcselector9901:i=1"); dmarc=pass (policy=quarantine) header.from=amd.com ARC-Seal: i=2; s=arc-20220608; d=hostedemail.com; t=1676919686; a=rsa-sha256; cv=pass; b=h3Pwt0quWsMI51t3x68Fi8eYeTHVrVMnPrvqIgj0CK4zUISpSrrZv47ruffbD2KuZ1mq0O UOLZJQ7k1qPxBdvR0MRdja7ufdD68XL6OB9PHcHqnoPydtxwbA68PVj2MxKyN0gQxnxkq7 zq/emZ1JM5C2uda2J8ATSQKCcZ56/Rc= ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=Z/Zt95TYguED0j75IMIetOmHnYQyZDjUneQsiw/UtNo+/1/LFd0iGB4Jb6hA4EUY/tIOYSWGFcJnxgAysB6TRUo5o/jN2ROgz6mtJr4g8o5fthDxhPtCSs4/R9B74gsB1VTAIR0chLuF5DBD/jZxGF/mGrn9XjZVwO+tqWB6e+1plYOvzYfChsQxGv3Fb3TC4YIa9tdXH8CloAHaMqtKjHeRs6E4s5FvyHtIk5IuvmvjafnGvhySMQStzeXYFG3PUACBMF/f+P+JnqrU4e6wMUIlOAylDveCievsQmHlJZurdRACyMQkh9ThsmXOKy0RnWpTPB+1UIZdrhcceZejhw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=xfgvNgPkzXxiD3rUfJwSEsnsZDwFqlVnWGrip+638u0=; b=CdXECGTskGdUt58NZqxEZg3D0Bd9XbtEUzzArPSedjhUqpkDjCI8FLlvBAkqL7ZM8MLwBQoBW1xRGrtAjaPdrnICSWdrT4Q22isicUOEmYN2+ZzPPj0ANTzqk/dKoEDHz72occEP3UGlvbI6BXoHgu4qelN2wNVlhZvsHlaZtc+vCyTGJgKoJL5fI8m9FtP8TDDbE7O08oMcuEjKk46MtWfaUCWXKbxkwqSKmjk8PdvFqqplHh5TouuQidiajZTvK8ByZrpQlKXVVNxr93I4vf+vnwNq0QHp/0VUWttL3O+4GNDTvDxjwrWrd1urA1Z6g/c68vemr3NnmEOi0X/FLA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=xfgvNgPkzXxiD3rUfJwSEsnsZDwFqlVnWGrip+638u0=; b=sCzOp8ro4SFWXtWwIr143m2wbwzFpF050yzqxY2bzyhR3kRQ3HL4X+XUgAohQ92O4Vw2qZjSwUcwLc+ek7MPGY/hGlMpj+dl0nWFNgogWUojUI4WJYemHiI0S8AvvZ+q8g30e5FC2DfbuW7OSR7fINPOCnq9zJviZ2aLX0+/+kw= Received: from MW4PR04CA0049.namprd04.prod.outlook.com (2603:10b6:303:6a::24) by SN7PR12MB7936.namprd12.prod.outlook.com (2603:10b6:806:347::20) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6111.20; Mon, 20 Feb 2023 19:01:23 +0000 Received: from CO1NAM11FT003.eop-nam11.prod.protection.outlook.com (2603:10b6:303:6a:cafe::48) by MW4PR04CA0049.outlook.office365.com (2603:10b6:303:6a::24) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6111.20 via Frontend Transport; Mon, 20 Feb 2023 19:01:23 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by CO1NAM11FT003.mail.protection.outlook.com (10.13.175.93) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.6111.20 via Frontend Transport; Mon, 20 Feb 2023 19:01:23 +0000 Received: from localhost (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.34; Mon, 20 Feb 2023 13:01:22 -0600 From: Michael Roth To: CC: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , Subject: [PATCH RFC v8 56/56] iommu/amd: Add IOMMU_SNP_SHUTDOWN support Date: Mon, 20 Feb 2023 12:38:47 -0600 Message-ID: <20230220183847.59159-57-michael.roth@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20230220183847.59159-1-michael.roth@amd.com> References: <20230220183847.59159-1-michael.roth@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: CO1NAM11FT003:EE_|SN7PR12MB7936:EE_ X-MS-Office365-Filtering-Correlation-Id: b369f4ba-f405-4719-1d71-08db1374dc2d X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: InLlUBpeVAYIg/MCVuuByIk89FbaZCdlRaVm9cviSpw20tuDsXRgA7avVWo8QYnwlZN17YjjLQ1/KsRHm/aWU9M2vHCrf+TMo+f/h8R5z4zMBvoU8O5PzvJ/IV5J9yGQ6TdnTP+5lbhdvXvkamd66QLV2bwaQbxZ6ZeLK+4UUuffBQQwZoTcQhigB2WF7AhbRIGD3S45WUzjPqc0pH2ETKCfWaGzTIogSRvkXrYIjdM/d6wu4JDUnQ+WJMYO3Eygl/Y1zlxyzGNVuOxRiZm2kBOr7l0OI9GadNKqI2b2Sdl5hfCEuA55R9gfAwiZz2V/agopa/l18f0gMm0uMC7VWndPfUx7xPtrxrS8zIPyGbUbREjJnqyrvUKVYYzYN4quVnyzQycZz+nY63ZjjjblwF1eAC1EGXGGRYnMjVm+o+l6XTluFOEHakbmPLpaJPCbj2EwQeQlhys/KEcP6EOKGnNHXDudZelvxmIlWZbzz5MqFV/uZ95pgzq/egpJTrHrZJEbbCSV7VlphcF1HFJM712E6TjqvPCubfaXk+L7hNyX0N2Q2gvSeazIgNPqqqtwV9KcaUj/ZyekjquDo8B+Chu4wdKoMveoIiAlz+OGrenHpQ4W721ACZPDcEGQTsX42kJmYeMm2YDmtML5buV6gx9qa13bxcMJT2ICIdkdIn/Rt24stqrklW8X5b1tSzp6uy7cC7VD+Sv7CV98WrVoQCYEROplhYxd4OpIZlKxZlY= X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230025)(4636009)(376002)(346002)(136003)(39860400002)(396003)(451199018)(46966006)(40470700004)(36840700001)(2906002)(186003)(26005)(16526019)(5660300002)(7406005)(6666004)(7416002)(44832011)(2616005)(36860700001)(47076005)(426003)(40480700001)(86362001)(40460700003)(1076003)(336012)(8676002)(6916009)(70206006)(356005)(70586007)(4326008)(81166007)(41300700001)(54906003)(82310400005)(316002)(83380400001)(478600001)(8936002)(82740400003)(36756003)(36900700001);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 20 Feb 2023 19:01:23.2729 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: b369f4ba-f405-4719-1d71-08db1374dc2d X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: CO1NAM11FT003.eop-nam11.prod.protection.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: SN7PR12MB7936 X-Rspam-User: X-Rspamd-Server: rspam04 X-Rspamd-Queue-Id: 08E924002B X-Stat-Signature: adcwfxcf7xi77hupkh3ff7z5icmyqg6n X-HE-Tag: 1676919685-208506 X-HE-Meta: U2FsdGVkX1+gmM+uWIJg0MxL3QIR7yIfOw2G3vlsMhOChBiy1WddIJhro+YfeR7js2z+9e8DhuPBNFq6msHdEoxO9jtErH59WKUf4cJxLtnHX5aaHgtqF0NNlGdeXV/Oai6Hvlla7TajEygDk+JQ2pef7WfmmyAeg9fUjhbxcEmhDZOv/yLA2Z/YB+UrbZUh6M4DUOeKDYvQgTOfflkKsmWnOgY57x7yEP+wmMZWeOM/0gZMgZZ95xKoNTXN1ah1IqDoLPjSWgPvz1G9kGTdUH6p/rIYkbNhoWi9r7gGgN13IWpqtqWeNplBd5wsHzFCmnpbC/KtKhGrcwI3k4sZeZ02gRB6T2WfpoQTZSmBzUVyl4dLkUe6T8lKWvq/39rFOxz6YWkm8tBG50c3CKfqd2fnht0FOwy0Wa9myy2K8IShShJIIH5GC9TjbCPJA33QgZ7zTSBn327pQ3n2YwUqXnaOvuPsIrYZ9xcEhcZ57QxkEq7RPE5NJ1z2rXl/HoB99QOSmcgFNk/LgRHLTqREDCKbzotdlBduhrlC6EH7OLnsOl82s8COgnO+cXSTVmiTBySH37JhIj3rH6hHVlihwoF5gEiDXJhQkHBtDdooF7AC2wmtw0shW+af0aHYG+Z8CunaTVdGzhFDlXKwyh8a/mEhczSnSTzJHVdbj1QwKyyW+z8+hV0Ug7qjidR66cVxTMkTFeEqb1BhzMVoluCVKclGaEosg72h2lKycbax1uAIa05u56q0fBwaJLA8fH93Bfpf1fRRNAZkbh7aZ3+5vkKonN2YzfGLinUTfnoahO7G5/YbRwHIvd1fLNaYtkm5QjtIJwVYcckeApNe9o4tPYxDQIqJbew7KCQ51H2igPPgl9av9pITQ4YgMzHAN6jP8wKScA9e7kQ0mIDoYMMdQwMy8wQTS/S/lzaBGMBwMKPecMLv6v0UXsf3dXpOmB1Gub5Y+Z/BJ/5dIvihEIf gByCLqUV xgEkSTmK6K/Q02JWal16bWvlOSyHKlzud1zJwbcsRdRnsu+Z1WeDtocTsDTPeqsIW52uht0Ku1iaJ1a8F0TB81kdD1JOFwuy55IROBdQSwl29aE4roANL8MKW3wRx79Fvm7anXBwNmjqEhwyy9spb8oa/7buodccYAEVh8mo6AwP6r3Lrsp2u6W0s0YdDuCZcYGKfvx27MzdM2FLX5H1YI++Dt4BuD/eQFvxjT2H8mC12vr+XF4mSxb97KnNgG6v6d3Oljz8Jm9LhnOmFvUMThN7cUZcMXAxmCtxszWxAReK3VwASHjAkaWgYkNz9+sw+2tjqyYNfc4T9y7NxiDxmndQGnX8JBgoXJFGZkrGo7IduTwh/ugg6KODKJg== X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: From: Ashish Kalra Add a new IOMMU API interface amd_iommu_snp_disable() to transition IOMMU pages to Hypervisor state from Reclaim state after SNP_SHUTDOWN_EX command. Invoke this API from the CCP driver after SNP_SHUTDOWN_EX command. Signed-off-by: Ashish Kalra Signed-off-by: Michael Roth --- drivers/crypto/ccp/sev-dev.c | 20 ++++++++++++++ drivers/iommu/amd/init.c | 53 ++++++++++++++++++++++++++++++++++++ include/linux/amd-iommu.h | 1 + 3 files changed, 74 insertions(+) diff --git a/drivers/crypto/ccp/sev-dev.c b/drivers/crypto/ccp/sev-dev.c index bf5167b2acfc..7ded2f9111e0 100644 --- a/drivers/crypto/ccp/sev-dev.c +++ b/drivers/crypto/ccp/sev-dev.c @@ -24,6 +24,7 @@ #include #include #include +#include #include #include @@ -1503,6 +1504,25 @@ static int __sev_snp_shutdown_locked(int *error) return ret; } + /* + * SNP_SHUTDOWN_EX with IOMMU_SNP_SHUTDOWN set to 1 disables SNP + * enforcement by the IOMMU and also transitions all pages + * associated with the IOMMU to the Reclaim state. + * Firmware was transitioning the IOMMU pages to Hypervisor state + * before version 1.53. But, accounting for the number of assigned + * 4kB pages in a 2M page was done incorrectly by not transitioning + * to the Reclaim state. This resulted in RMP #PF when later accessing + * the 2M page containing those pages during kexec boot. Hence, the + * firmware now transitions these pages to Reclaim state and hypervisor + * needs to transition these pages to shared state. SNP Firmware + * version 1.53 and above are needed for kexec boot. + */ + ret = amd_iommu_snp_disable(); + if (ret) { + dev_err(sev->dev, "SNP IOMMU shutdown failed\n"); + return ret; + } + sev->snp_initialized = false; dev_dbg(sev->dev, "SEV-SNP firmware shutdown\n"); diff --git a/drivers/iommu/amd/init.c b/drivers/iommu/amd/init.c index 1a2d425bf568..d1270e3c5baf 100644 --- a/drivers/iommu/amd/init.c +++ b/drivers/iommu/amd/init.c @@ -30,6 +30,7 @@ #include #include #include +#include #include @@ -3651,4 +3652,56 @@ int amd_iommu_snp_enable(void) return 0; } + +static int iommu_page_make_shared(void *page) +{ + unsigned long pfn; + + pfn = iommu_virt_to_phys(page) >> PAGE_SHIFT; + return rmp_make_shared(pfn, PG_LEVEL_4K); +} + +static int iommu_make_shared(void *va, size_t size) +{ + void *page; + int ret; + + if (!va) + return 0; + + for (page = va; page < (va + size); page += PAGE_SIZE) { + ret = iommu_page_make_shared(page); + if (ret) + return ret; + } + + return 0; +} + +int amd_iommu_snp_disable(void) +{ + struct amd_iommu *iommu; + int ret; + + if (!amd_iommu_snp_en) + return 0; + + for_each_iommu(iommu) { + ret = iommu_make_shared(iommu->evt_buf, EVT_BUFFER_SIZE); + if (ret) + return ret; + + ret = iommu_make_shared(iommu->ppr_log, PPR_LOG_SIZE); + if (ret) + return ret; + + ret = iommu_make_shared((void *)iommu->cmd_sem, PAGE_SIZE); + if (ret) + return ret; + } + + amd_iommu_snp_en = false; + return 0; +} +EXPORT_SYMBOL_GPL(amd_iommu_snp_disable); #endif diff --git a/include/linux/amd-iommu.h b/include/linux/amd-iommu.h index 953e6f12fa1c..a1b33b838842 100644 --- a/include/linux/amd-iommu.h +++ b/include/linux/amd-iommu.h @@ -208,6 +208,7 @@ struct amd_iommu *get_amd_iommu(unsigned int idx); #ifdef CONFIG_AMD_MEM_ENCRYPT int amd_iommu_snp_enable(void); +int amd_iommu_snp_disable(void); #endif #endif /* _ASM_X86_AMD_IOMMU_H */