From patchwork Sat Jan 9 00:47:02 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Sean Christopherson X-Patchwork-Id: 12007821 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-26.6 required=3.0 tests=BAYES_00,DKIMWL_WL_MED, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_CR_TRAILER,INCLUDES_PATCH,MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS, USER_AGENT_GIT,USER_IN_DEF_DKIM_WL autolearn=unavailable autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 816BBC433E0 for ; Sat, 9 Jan 2021 00:48:35 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 5D2F923AC0 for ; Sat, 9 Jan 2021 00:48:35 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726469AbhAIAsT (ORCPT ); Fri, 8 Jan 2021 19:48:19 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:39876 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726120AbhAIAsS (ORCPT ); Fri, 8 Jan 2021 19:48:18 -0500 Received: from mail-yb1-xb49.google.com (mail-yb1-xb49.google.com [IPv6:2607:f8b0:4864:20::b49]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 2E5E4C061757 for ; Fri, 8 Jan 2021 16:47:38 -0800 (PST) Received: by mail-yb1-xb49.google.com with SMTP id k7so17298169ybm.13 for ; Fri, 08 Jan 2021 16:47:38 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=sender:reply-to:date:in-reply-to:message-id:mime-version:references :subject:from:to:cc; bh=vDh4eKmFYAmn/pACCaUYHAK8byzvJFHct+dqDkZvWfA=; b=Ab+7KA0qdYGMnAlMWUILK6GjCUGeaAGIXD1IgpqBsA+n84nWw3Hu9UJnAsDhcSgg/E vJOCJ/HYzKN3TK4VsDF1VD7KLG8mLeDQRhDcT/kpC2PCxVmj2Z7uaDzGYH5nX5ZdUMZf XpVCD90r9FJ+UE30VWduFe/RfljbpsZsnAfgsv7S0aiICdA3UzSwRxKpPUpuj9e+5Y9V 6prkzbU2veqaKHV6H7tNxm/EMvVW2ciZFiXMxv65XkiRkO7M3shcIHwtk6Buxg1s6qzM ZCQLN2K5UHdNrLG4UL2Ouikn2MEiZVvNbSExcgR501mWeMJRWw3BtRLva4c5x2SnJLr1 wn2A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:sender:reply-to:date:in-reply-to:message-id :mime-version:references:subject:from:to:cc; bh=vDh4eKmFYAmn/pACCaUYHAK8byzvJFHct+dqDkZvWfA=; b=fQdRWMSqJLNF1PpDidFy/ub2eUwu+MVjZQw9UnzZnrbiY2ZH8B2dIlI2rmFmKKh5rr 8DUnUBTNlYS1UZMBu3xtjdsqSG+kJKII5tGOqyfrtfEP1Ab6kaFQoc12We5UqACWHmc3 5IF+hZnx2gwnOGEuaV6rVUmYt6REZZj6CXJ5528LST+SoqAsGog9bAXCFQZwuLx+Byc7 ENCNhs+B8AzkINtQppiNlbS7pS30SM9P6c1lkgWg0l+fagTOFWU7uSxXomw3CBpqtw20 PwflK9obekXeRVaI8TO4qCP1INiPD0ucMjj8nj/2OD83telKNjv8LUWbf3kfqphnaxBu djkQ== X-Gm-Message-State: AOAM5304bhUwz2ZHGlgl3+Brods/eaiCjGvbyUu31GqBscjwAE/VvWxt u7lrSgAm6utgmFHn9tDp0Yr0ato9xRg= X-Google-Smtp-Source: ABdhPJzFpFPedRE22hMJwVQdeGOf/7DAB6URy8FyAahzhV7B7CbCorTQlmBb0br5xFhkKkBa7AoYbUOolUU= Sender: "seanjc via sendgmr" X-Received: from seanjc798194.pdx.corp.google.com ([2620:15c:f:10:1ea0:b8ff:fe73:50f5]) (user=seanjc job=sendgmr) by 2002:a05:6902:6d4:: with SMTP id m20mr9411689ybt.434.1610153257450; Fri, 08 Jan 2021 16:47:37 -0800 (PST) Reply-To: Sean Christopherson Date: Fri, 8 Jan 2021 16:47:02 -0800 In-Reply-To: <20210109004714.1341275-1-seanjc@google.com> Message-Id: <20210109004714.1341275-2-seanjc@google.com> Mime-Version: 1.0 References: <20210109004714.1341275-1-seanjc@google.com> X-Mailer: git-send-email 2.30.0.284.gd98b1dd5eaa7-goog Subject: [PATCH 01/13] KVM: SVM: Free sev_asid_bitmap during init if SEV setup fails From: Sean Christopherson To: Paolo Bonzini , Dave Hansen , Andy Lutomirski , Peter Zijlstra Cc: Sean Christopherson , Vitaly Kuznetsov , Wanpeng Li , Jim Mattson , Joerg Roedel , kvm@vger.kernel.org, linux-kernel@vger.kernel.org, Tom Lendacky , Borislav Petkov , Brijesh Singh Precedence: bulk List-ID: X-Mailing-List: kvm@vger.kernel.org Free sev_asid_bitmap if the reclaim bitmap allocation fails, othwerise it will be leaked as sev_hardware_teardown() frees the bitmaps if and only if SEV is fully enabled (which obviously isn't the case if SEV setup fails). Fixes: 33af3a7ef9e6 ("KVM: SVM: Reduce WBINVD/DF_FLUSH invocations") Cc: Tom Lendacky Cc: stable@vger.kernel.org Signed-off-by: Sean Christopherson --- arch/x86/kvm/svm/sev.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c index c8ffdbc81709..0eeb6e1b803d 100644 --- a/arch/x86/kvm/svm/sev.c +++ b/arch/x86/kvm/svm/sev.c @@ -1274,8 +1274,10 @@ void __init sev_hardware_setup(void) goto out; sev_reclaim_asid_bitmap = bitmap_zalloc(max_sev_asid, GFP_KERNEL); - if (!sev_reclaim_asid_bitmap) + if (!sev_reclaim_asid_bitmap) { + bitmap_free(sev_asid_bitmap); goto out; + } pr_info("SEV supported: %u ASIDs\n", max_sev_asid - min_sev_asid + 1); sev_supported = true; From patchwork Sat Jan 9 00:47:03 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Sean Christopherson X-Patchwork-Id: 12007819 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-26.6 required=3.0 tests=BAYES_00,DKIMWL_WL_MED, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_CR_TRAILER,INCLUDES_PATCH,MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS, USER_AGENT_GIT,USER_IN_DEF_DKIM_WL autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 757F3C433E6 for ; Sat, 9 Jan 2021 00:48:35 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 4916123AAC for ; Sat, 9 Jan 2021 00:48:35 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726508AbhAIAsV (ORCPT ); Fri, 8 Jan 2021 19:48:21 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:39892 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726448AbhAIAsV (ORCPT ); Fri, 8 Jan 2021 19:48:21 -0500 Received: from mail-yb1-xb4a.google.com (mail-yb1-xb4a.google.com [IPv6:2607:f8b0:4864:20::b4a]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id B17CBC0613CF for ; Fri, 8 Jan 2021 16:47:40 -0800 (PST) Received: by mail-yb1-xb4a.google.com with SMTP id w8so17175796ybj.14 for ; Fri, 08 Jan 2021 16:47:40 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=sender:reply-to:date:in-reply-to:message-id:mime-version:references :subject:from:to:cc; bh=+lfNaOH1CNuPDcxuYVHAHObVf+9wEEDIr0zVJxlAHxg=; b=h3Wt3u4muRLH+lXrqIZcA9i7ZR1kMlwr2sNCooqL0o/afHVcCmVMDixQVZykwIWhpI SoT2dXW9hyUw53ILva1+YJ42KLVyJYVy3GM/QjrTtyASQvEWFA/xUuugwWbpff/eVEJd T4VumfbyKVrsR/X1mFgTZM1ydMNF9ezzzo9dzZukgfmTuv/xe6HH4b70qLDXBljGYyv7 FmnSa9rrQhBj6Z1f+pKCsuQEQ3B/deoEMiUianx9eqhWpXZU4nziesX8PI1BsRG+Rlvk dk3YYdyqqFmwuURNNwnItdQNKb1s+Dg5XpcUkd2dytMLvhXIO7gfwG9SJThcSOxEkVkE RSBg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:sender:reply-to:date:in-reply-to:message-id :mime-version:references:subject:from:to:cc; bh=+lfNaOH1CNuPDcxuYVHAHObVf+9wEEDIr0zVJxlAHxg=; b=duZWxBsR8gVoJkcLftdn/PD9gE2j68Q/9lHgM73+w9lRHc0HaaPcKOB747ARbiqs6d 4zpT33/QYB5tbQf32y9u+4UqiAHsWZIJql01UEx6aNGce4CzVmiJj0kXHuwaA6MrSwcI Nf1bI4EH6HMZKKcCsA5iUmzpELoGjYRKS2cKnjUPTt2n6uDdENsOFlhOP2R8UJfcqQNX p2LC6tac1DE9VxfuhJ32S0A6LjuhrHYMGuR7Ab0dV+ygjugY++sjtNN1gDIanPUdTiOv 69qPTarWQgDOVX5uVRHJ6V1f5hRp2XO9x4mFP1L1TsoF+LbiXAVwww2RiFEzMVLyMILr MIBA== X-Gm-Message-State: AOAM530iUBg/BHKEd5WSCXWuf/gkLnZQYijFEYqqV98I+vIKkxXlPFkA Qhke0YDhbFkcJjxegc4r6TGr1ERsHa4= X-Google-Smtp-Source: ABdhPJyO0MPUQEJQ3LhSD+DP0vmLd5WqMFpk4pKCmPq1ODSkbFW504+bpfkEV752j5im3qoBWc8I5tMSC+E= Sender: "seanjc via sendgmr" X-Received: from seanjc798194.pdx.corp.google.com ([2620:15c:f:10:1ea0:b8ff:fe73:50f5]) (user=seanjc job=sendgmr) by 2002:a25:11c2:: with SMTP id 185mr3181184ybr.74.1610153259966; Fri, 08 Jan 2021 16:47:39 -0800 (PST) Reply-To: Sean Christopherson Date: Fri, 8 Jan 2021 16:47:03 -0800 In-Reply-To: <20210109004714.1341275-1-seanjc@google.com> Message-Id: <20210109004714.1341275-3-seanjc@google.com> Mime-Version: 1.0 References: <20210109004714.1341275-1-seanjc@google.com> X-Mailer: git-send-email 2.30.0.284.gd98b1dd5eaa7-goog Subject: [PATCH 02/13] KVM: SVM: Zero out the VMCB array used to track SEV ASID association From: Sean Christopherson To: Paolo Bonzini , Dave Hansen , Andy Lutomirski , Peter Zijlstra Cc: Sean Christopherson , Vitaly Kuznetsov , Wanpeng Li , Jim Mattson , Joerg Roedel , kvm@vger.kernel.org, linux-kernel@vger.kernel.org, Tom Lendacky , Borislav Petkov , Brijesh Singh Precedence: bulk List-ID: X-Mailing-List: kvm@vger.kernel.org Zero out the array of VMCB pointers so that pre_sev_run() won't see garbage when querying the array to detect when an SEV ASID is being associated with a new VMCB. In practice, reading random values is all but guaranteed to be benign as a false negative (which is extremely unlikely on its own) can only happen on CPU0 on the first VMRUN and would only cause KVM to skip the ASID flush. For anything bad to happen, a previous instance of KVM would have to exit without flushing the ASID, _and_ KVM would have to not flush the ASID at any time while building the new SEV guest. Cc: Borislav Petkov Cc: Tom Lendacky Cc: Brijesh Singh Fixes: 70cd94e60c73 ("KVM: SVM: VMRUN should use associated ASID when SEV is enabled") Signed-off-by: Sean Christopherson --- arch/x86/kvm/svm/svm.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c index 7ef171790d02..ccf52c5531fb 100644 --- a/arch/x86/kvm/svm/svm.c +++ b/arch/x86/kvm/svm/svm.c @@ -573,7 +573,7 @@ static int svm_cpu_init(int cpu) if (svm_sev_enabled()) { sd->sev_vmcbs = kmalloc_array(max_sev_asid + 1, sizeof(void *), - GFP_KERNEL); + GFP_KERNEL | __GFP_ZERO); if (!sd->sev_vmcbs) goto free_save_area; } From patchwork Sat Jan 9 00:47:04 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Sean Christopherson X-Patchwork-Id: 12007843 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-26.6 required=3.0 tests=BAYES_00,DKIMWL_WL_MED, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_CR_TRAILER,INCLUDES_PATCH,MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS, USER_AGENT_GIT,USER_IN_DEF_DKIM_WL autolearn=unavailable autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id B9FEFC433DB for ; Sat, 9 Jan 2021 00:50:53 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 85C3323A75 for ; Sat, 9 Jan 2021 00:50:53 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726448AbhAIAs4 (ORCPT ); Fri, 8 Jan 2021 19:48:56 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:40018 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1725861AbhAIAs4 (ORCPT ); Fri, 8 Jan 2021 19:48:56 -0500 Received: from mail-yb1-xb4a.google.com (mail-yb1-xb4a.google.com [IPv6:2607:f8b0:4864:20::b4a]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 30B5CC0613D6 for ; Fri, 8 Jan 2021 16:47:43 -0800 (PST) Received: by mail-yb1-xb4a.google.com with SMTP id h75so17120033ybg.18 for ; Fri, 08 Jan 2021 16:47:43 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=sender:reply-to:date:in-reply-to:message-id:mime-version:references :subject:from:to:cc; bh=Yn6K+Al6keU4qwvbVZAct8COFyc60/5tuafg8uWsv9s=; b=bbeQTlQl3egG62Ts6ELH5KNNB1jDgXjcJJ90vMoAdtAKoeEiqM2CZMAQB5H6m9v8Vu 5m9u58NKIAKLJSRavQpaV8lEz5bYnHTlqyXzGbHJvzD508hT9ojxxTZqEFOSLGaBNy+r QQBpoZY6+8wxikOg3TfgNPg97eayvDZchKJHk0okuKRdxJjdQRVaq3PnCIpGSk77mFHg IaPE51sBvZKJFGwCt6IUs3chaUWzkpILtYdB9fEx3eVTtxIHVfcLZzcw/gUxtggklfgv 3X6oWAK31B4kFg9gihTEFgIJUBwWrbvBrOsJfASBMJ4izzb4iVmB3/zVCxzvJ2gjHE4D pxzA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:sender:reply-to:date:in-reply-to:message-id :mime-version:references:subject:from:to:cc; bh=Yn6K+Al6keU4qwvbVZAct8COFyc60/5tuafg8uWsv9s=; b=ZTKx1sdRJmFz7DgGV78f8CK5HvTBwJr/QZFQ3u95hFVWhWVI8C7nfeX8UsOHTllu9X t+a4PjODKqrKBzcBxQmN8shfhZFZw1uHG9qCS8jraEOAeqawluLQA/r3Oy7w7ZcfwQB2 lqXCTM4To2LmJfxhH//r06I+l8uVxSdTxROdaYqPOC9+IJUyDhwGvYxEE/3Q2nAzy8o3 ROyaHlsPh4qT1eHsyaGydpYK5Uk/VznNENYwoUR8vT8lTILWEqAmHBnzbNCwPawQOeR1 U15Do7O0+6c1ypwmlQSu0hXbaFqlidvgxg+6GrpBdHow4t1f9Hork4cGAqly7pxfY82A jLSg== X-Gm-Message-State: AOAM530qh+MIkLX5wHk4J+QLG/vjRJ/W45kLL2CKjLu7Gk/nPi8hYIxc Qt7P8IlcBijHnxWTQHHIQp7p5naOS7Q= X-Google-Smtp-Source: ABdhPJw8Ab/qkwt78ZZE2NGcdQ0yQpXhvA6LzJuzAUzND8QoHjON60IqsbbpXsOwcij2k7Iq2cO93ORPWng= Sender: "seanjc via sendgmr" X-Received: from seanjc798194.pdx.corp.google.com ([2620:15c:f:10:1ea0:b8ff:fe73:50f5]) (user=seanjc job=sendgmr) by 2002:a5b:b49:: with SMTP id b9mr8648623ybr.310.1610153262395; Fri, 08 Jan 2021 16:47:42 -0800 (PST) Reply-To: Sean Christopherson Date: Fri, 8 Jan 2021 16:47:04 -0800 In-Reply-To: <20210109004714.1341275-1-seanjc@google.com> Message-Id: <20210109004714.1341275-4-seanjc@google.com> Mime-Version: 1.0 References: <20210109004714.1341275-1-seanjc@google.com> X-Mailer: git-send-email 2.30.0.284.gd98b1dd5eaa7-goog Subject: [PATCH 03/13] KVM: SVM: Move SEV module params/variables to sev.c From: Sean Christopherson To: Paolo Bonzini , Dave Hansen , Andy Lutomirski , Peter Zijlstra Cc: Sean Christopherson , Vitaly Kuznetsov , Wanpeng Li , Jim Mattson , Joerg Roedel , kvm@vger.kernel.org, linux-kernel@vger.kernel.org, Tom Lendacky , Borislav Petkov , Brijesh Singh Precedence: bulk List-ID: X-Mailing-List: kvm@vger.kernel.org Unconditionally invoke sev_hardware_setup() when configuring SVM and handle clearing the module params/variable 'sev' and 'sev_es' in sev_hardware_setup(). This allows making said variables static within sev.c and reduces the odds of a collision with guest code, e.g. the guest side of things has already laid claim to 'sev_enabled'. Signed-off-by: Sean Christopherson --- arch/x86/kvm/svm/sev.c | 11 +++++++++++ arch/x86/kvm/svm/svm.c | 15 +-------------- arch/x86/kvm/svm/svm.h | 2 -- 3 files changed, 12 insertions(+), 16 deletions(-) diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c index 0eeb6e1b803d..8ba93b8fa435 100644 --- a/arch/x86/kvm/svm/sev.c +++ b/arch/x86/kvm/svm/sev.c @@ -27,6 +27,14 @@ #define __ex(x) __kvm_handle_fault_on_reboot(x) +/* enable/disable SEV support */ +static int sev = IS_ENABLED(CONFIG_AMD_MEM_ENCRYPT_ACTIVE_BY_DEFAULT); +module_param(sev, int, 0444); + +/* enable/disable SEV-ES support */ +static int sev_es = IS_ENABLED(CONFIG_AMD_MEM_ENCRYPT_ACTIVE_BY_DEFAULT); +module_param(sev_es, int, 0444); + static u8 sev_enc_bit; static int sev_flush_asids(void); static DECLARE_RWSEM(sev_deactivate_lock); @@ -1249,6 +1257,9 @@ void __init sev_hardware_setup(void) bool sev_es_supported = false; bool sev_supported = false; + if (!IS_ENABLED(CONFIG_KVM_AMD_SEV) || !sev) + goto out; + /* Does the CPU support SEV? */ if (!boot_cpu_has(X86_FEATURE_SEV)) goto out; diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c index ccf52c5531fb..f89f702b2a58 100644 --- a/arch/x86/kvm/svm/svm.c +++ b/arch/x86/kvm/svm/svm.c @@ -189,14 +189,6 @@ module_param(vls, int, 0444); static int vgif = true; module_param(vgif, int, 0444); -/* enable/disable SEV support */ -int sev = IS_ENABLED(CONFIG_AMD_MEM_ENCRYPT_ACTIVE_BY_DEFAULT); -module_param(sev, int, 0444); - -/* enable/disable SEV-ES support */ -int sev_es = IS_ENABLED(CONFIG_AMD_MEM_ENCRYPT_ACTIVE_BY_DEFAULT); -module_param(sev_es, int, 0444); - bool __read_mostly dump_invalid_vmcb; module_param(dump_invalid_vmcb, bool, 0644); @@ -976,12 +968,7 @@ static __init int svm_hardware_setup(void) kvm_enable_efer_bits(EFER_SVME | EFER_LMSLE); } - if (IS_ENABLED(CONFIG_KVM_AMD_SEV) && sev) { - sev_hardware_setup(); - } else { - sev = false; - sev_es = false; - } + sev_hardware_setup(); svm_adjust_mmio_mask(); diff --git a/arch/x86/kvm/svm/svm.h b/arch/x86/kvm/svm/svm.h index 0fe874ae5498..8e169835f52a 100644 --- a/arch/x86/kvm/svm/svm.h +++ b/arch/x86/kvm/svm/svm.h @@ -408,8 +408,6 @@ static inline bool gif_set(struct vcpu_svm *svm) #define MSR_CR3_LONG_MBZ_MASK 0xfff0000000000000U #define MSR_INVALID 0xffffffffU -extern int sev; -extern int sev_es; extern bool dump_invalid_vmcb; u32 svm_msrpm_offset(u32 msr); From patchwork Sat Jan 9 00:47:05 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Sean Christopherson X-Patchwork-Id: 12007839 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-26.6 required=3.0 tests=BAYES_00,DKIMWL_WL_MED, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_CR_TRAILER,INCLUDES_PATCH,MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS, USER_AGENT_GIT,USER_IN_DEF_DKIM_WL autolearn=unavailable autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 30730C43331 for ; Sat, 9 Jan 2021 00:49:37 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 0118923A7C for ; Sat, 9 Jan 2021 00:49:36 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726532AbhAIAs4 (ORCPT ); Fri, 8 Jan 2021 19:48:56 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:40022 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726301AbhAIAs4 (ORCPT ); Fri, 8 Jan 2021 19:48:56 -0500 Received: from mail-yb1-xb49.google.com (mail-yb1-xb49.google.com [IPv6:2607:f8b0:4864:20::b49]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 98873C061786 for ; Fri, 8 Jan 2021 16:47:45 -0800 (PST) Received: by mail-yb1-xb49.google.com with SMTP id w8so17176016ybj.14 for ; Fri, 08 Jan 2021 16:47:45 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=sender:reply-to:date:in-reply-to:message-id:mime-version:references :subject:from:to:cc; bh=Cnc0lgQscc6cmGJmpq+PiVOdWNnTD3AWpalFSPCSq8A=; b=j0UBUbBlvz9P4SBRlQ5jevul0s9YBhD+sNTaWORGnKBuM5mZaUB7CAlt3a1fDesIal x+hSNgOnKSVE/eg1bOuCNQqCpYFs0PpHaIk7ZZTHY66G/jihyDAZNyqMRvCFW2/6euy7 oc5PlE6q5fH4sNRXTQmUnYvZ/AO8450gp87zXz/RIAE9s+C3qupx07Hw82j+35ictl87 22DeU4Lpha3YJwnGlzQ7ATSMAgeFNtVaJVQpH3CDMqtePLLQk7iGnR4jdBER+UxSEmLf 7/LOY74bmGlsUVJSjqw5jQkhLKjwKFnCfCTRgKIs6A50Cccc61uUoKnFNC842S0KkT1P 2/mA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:sender:reply-to:date:in-reply-to:message-id :mime-version:references:subject:from:to:cc; bh=Cnc0lgQscc6cmGJmpq+PiVOdWNnTD3AWpalFSPCSq8A=; b=N8M/9CIM9PrFphEuur8nlXZvjuFflHPPIgrhX6E2q6Zg93EvzrWoTafp/hUyO+xxEC vRlQJ7+R8EPMPc4sWGcxT59ZEULECVRPLebNe3xUYyvyQhFDs8B/5mvfH71zHbSiTZL5 5AQ/TKFc00T5eNTLmpkKSv8IshrjeohrtN5hB6W6FFW/ovlancn/iyL7/I4gRk/DiJ9m AFNZkzxXEU9QoEKDkUVaBOULkWPVTFLwB+EQIAvjUwJglsdbZXwdXywykyXdJyhANQQ9 PHBgG/z7iOiKIq4jbACY/PCn2H1Awm1CXseH3E7xLHSziHf74YoVuZ9swmQXfaAfaMpn 3xXQ== X-Gm-Message-State: AOAM530TS1ojaTAIKAxrRuoVIIkpLqPN9TAjM263leVTPEf2wCOo2sQI nWMYvNB4OdVMaxoFGoPHMNFKHn70ww8= X-Google-Smtp-Source: ABdhPJy9iWK262zuy3POQibI1Cg78COs0fwMMY7BKHbp3DvriOMshkoaJo+cf6mYvgEWP2SnzZ5dCCO6mjA= Sender: "seanjc via sendgmr" X-Received: from seanjc798194.pdx.corp.google.com ([2620:15c:f:10:1ea0:b8ff:fe73:50f5]) (user=seanjc job=sendgmr) by 2002:a25:9248:: with SMTP id e8mr2467826ybo.283.1610153264880; Fri, 08 Jan 2021 16:47:44 -0800 (PST) Reply-To: Sean Christopherson Date: Fri, 8 Jan 2021 16:47:05 -0800 In-Reply-To: <20210109004714.1341275-1-seanjc@google.com> Message-Id: <20210109004714.1341275-5-seanjc@google.com> Mime-Version: 1.0 References: <20210109004714.1341275-1-seanjc@google.com> X-Mailer: git-send-email 2.30.0.284.gd98b1dd5eaa7-goog Subject: [PATCH 04/13] x86/cpufeatures: Assign dedicated feature word for AMD mem encryption From: Sean Christopherson To: Paolo Bonzini , Dave Hansen , Andy Lutomirski , Peter Zijlstra Cc: Sean Christopherson , Vitaly Kuznetsov , Wanpeng Li , Jim Mattson , Joerg Roedel , kvm@vger.kernel.org, linux-kernel@vger.kernel.org, Tom Lendacky , Borislav Petkov , Brijesh Singh Precedence: bulk List-ID: X-Mailing-List: kvm@vger.kernel.org Collect the scattered SME/SEV related feature flags into a dedicated word. There are now five recognized features in CPUID.0x8000001F.EAX, with at least one more on the horizon (SEV-SNP). Using a dedicated word allows KVM to use its automagic CPUID adjustment logic when reporting the set of supported features to userspace. No functional change intended. Signed-off-by: Sean Christopherson --- arch/x86/include/asm/cpufeature.h | 7 +++++-- arch/x86/include/asm/cpufeatures.h | 17 +++++++++++------ arch/x86/include/asm/disabled-features.h | 3 ++- arch/x86/include/asm/required-features.h | 3 ++- arch/x86/kernel/cpu/common.c | 3 +++ arch/x86/kernel/cpu/scattered.c | 5 ----- tools/arch/x86/include/asm/disabled-features.h | 3 ++- tools/arch/x86/include/asm/required-features.h | 3 ++- 8 files changed, 27 insertions(+), 17 deletions(-) diff --git a/arch/x86/include/asm/cpufeature.h b/arch/x86/include/asm/cpufeature.h index 59bf91c57aa8..1728d4ce5730 100644 --- a/arch/x86/include/asm/cpufeature.h +++ b/arch/x86/include/asm/cpufeature.h @@ -30,6 +30,7 @@ enum cpuid_leafs CPUID_7_ECX, CPUID_8000_0007_EBX, CPUID_7_EDX, + CPUID_8000_001F_EAX, }; #ifdef CONFIG_X86_FEATURE_NAMES @@ -88,8 +89,9 @@ extern const char * const x86_bug_flags[NBUGINTS*32]; CHECK_BIT_IN_MASK_WORD(REQUIRED_MASK, 16, feature_bit) || \ CHECK_BIT_IN_MASK_WORD(REQUIRED_MASK, 17, feature_bit) || \ CHECK_BIT_IN_MASK_WORD(REQUIRED_MASK, 18, feature_bit) || \ + CHECK_BIT_IN_MASK_WORD(REQUIRED_MASK, 19, feature_bit) || \ REQUIRED_MASK_CHECK || \ - BUILD_BUG_ON_ZERO(NCAPINTS != 19)) + BUILD_BUG_ON_ZERO(NCAPINTS != 20)) #define DISABLED_MASK_BIT_SET(feature_bit) \ ( CHECK_BIT_IN_MASK_WORD(DISABLED_MASK, 0, feature_bit) || \ @@ -111,8 +113,9 @@ extern const char * const x86_bug_flags[NBUGINTS*32]; CHECK_BIT_IN_MASK_WORD(DISABLED_MASK, 16, feature_bit) || \ CHECK_BIT_IN_MASK_WORD(DISABLED_MASK, 17, feature_bit) || \ CHECK_BIT_IN_MASK_WORD(DISABLED_MASK, 18, feature_bit) || \ + CHECK_BIT_IN_MASK_WORD(DISABLED_MASK, 19, feature_bit) || \ DISABLED_MASK_CHECK || \ - BUILD_BUG_ON_ZERO(NCAPINTS != 19)) + BUILD_BUG_ON_ZERO(NCAPINTS != 20)) #define cpu_has(c, bit) \ (__builtin_constant_p(bit) && REQUIRED_MASK_BIT_SET(bit) ? 1 : \ diff --git a/arch/x86/include/asm/cpufeatures.h b/arch/x86/include/asm/cpufeatures.h index 9f9e9511f7cd..7c0bb1a20050 100644 --- a/arch/x86/include/asm/cpufeatures.h +++ b/arch/x86/include/asm/cpufeatures.h @@ -13,7 +13,7 @@ /* * Defines x86 CPU feature bits */ -#define NCAPINTS 19 /* N 32-bit words worth of info */ +#define NCAPINTS 20 /* N 32-bit words worth of info */ #define NBUGINTS 1 /* N 32-bit bug flags */ /* @@ -96,7 +96,7 @@ #define X86_FEATURE_SYSCALL32 ( 3*32+14) /* "" syscall in IA32 userspace */ #define X86_FEATURE_SYSENTER32 ( 3*32+15) /* "" sysenter in IA32 userspace */ #define X86_FEATURE_REP_GOOD ( 3*32+16) /* REP microcode works well */ -#define X86_FEATURE_SME_COHERENT ( 3*32+17) /* "" AMD hardware-enforced cache coherency */ +/* FREE! ( 3*32+17) */ #define X86_FEATURE_LFENCE_RDTSC ( 3*32+18) /* "" LFENCE synchronizes RDTSC */ #define X86_FEATURE_ACC_POWER ( 3*32+19) /* AMD Accumulated Power Mechanism */ #define X86_FEATURE_NOPL ( 3*32+20) /* The NOPL (0F 1F) instructions */ @@ -201,7 +201,7 @@ #define X86_FEATURE_INVPCID_SINGLE ( 7*32+ 7) /* Effectively INVPCID && CR4.PCIDE=1 */ #define X86_FEATURE_HW_PSTATE ( 7*32+ 8) /* AMD HW-PState */ #define X86_FEATURE_PROC_FEEDBACK ( 7*32+ 9) /* AMD ProcFeedbackInterface */ -#define X86_FEATURE_SME ( 7*32+10) /* AMD Secure Memory Encryption */ +/* FREE! ( 7*32+10) */ #define X86_FEATURE_PTI ( 7*32+11) /* Kernel Page Table Isolation enabled */ #define X86_FEATURE_RETPOLINE ( 7*32+12) /* "" Generic Retpoline mitigation for Spectre variant 2 */ #define X86_FEATURE_RETPOLINE_AMD ( 7*32+13) /* "" AMD Retpoline mitigation for Spectre variant 2 */ @@ -211,7 +211,7 @@ #define X86_FEATURE_SSBD ( 7*32+17) /* Speculative Store Bypass Disable */ #define X86_FEATURE_MBA ( 7*32+18) /* Memory Bandwidth Allocation */ #define X86_FEATURE_RSB_CTXSW ( 7*32+19) /* "" Fill RSB on context switches */ -#define X86_FEATURE_SEV ( 7*32+20) /* AMD Secure Encrypted Virtualization */ +/* FREE! ( 7*32+20) */ #define X86_FEATURE_USE_IBPB ( 7*32+21) /* "" Indirect Branch Prediction Barrier enabled */ #define X86_FEATURE_USE_IBRS_FW ( 7*32+22) /* "" Use IBRS during runtime firmware calls */ #define X86_FEATURE_SPEC_STORE_BYPASS_DISABLE ( 7*32+23) /* "" Disable Speculative Store Bypass. */ @@ -236,8 +236,6 @@ #define X86_FEATURE_EPT_AD ( 8*32+17) /* Intel Extended Page Table access-dirty bit */ #define X86_FEATURE_VMCALL ( 8*32+18) /* "" Hypervisor supports the VMCALL instruction */ #define X86_FEATURE_VMW_VMMCALL ( 8*32+19) /* "" VMware prefers VMMCALL hypercall instruction */ -#define X86_FEATURE_SEV_ES ( 8*32+20) /* AMD Secure Encrypted Virtualization - Encrypted State */ -#define X86_FEATURE_VM_PAGE_FLUSH ( 8*32+21) /* "" VM Page Flush MSR is supported */ /* Intel-defined CPU features, CPUID level 0x00000007:0 (EBX), word 9 */ #define X86_FEATURE_FSGSBASE ( 9*32+ 0) /* RDFSBASE, WRFSBASE, RDGSBASE, WRGSBASE instructions*/ @@ -383,6 +381,13 @@ #define X86_FEATURE_CORE_CAPABILITIES (18*32+30) /* "" IA32_CORE_CAPABILITIES MSR */ #define X86_FEATURE_SPEC_CTRL_SSBD (18*32+31) /* "" Speculative Store Bypass Disable */ +/* AMD-defined memory encryption features, CPUID level 0x8000001f (EAX), word 19 */ +#define X86_FEATURE_SME (19*32+ 0) /* AMD Secure Memory Encryption */ +#define X86_FEATURE_SEV (19*32+ 1) /* AMD Secure Encrypted Virtualization */ +#define X86_FEATURE_VM_PAGE_FLUSH (19*32+ 2) /* "" VM Page Flush MSR is supported */ +#define X86_FEATURE_SEV_ES (19*32+ 3) /* AMD Secure Encrypted Virtualization - Encrypted State */ +#define X86_FEATURE_SME_COHERENT (19*32+10) /* "" AMD hardware-enforced cache coherency */ + /* * BUG word(s) */ diff --git a/arch/x86/include/asm/disabled-features.h b/arch/x86/include/asm/disabled-features.h index 5861d34f9771..2216077676c8 100644 --- a/arch/x86/include/asm/disabled-features.h +++ b/arch/x86/include/asm/disabled-features.h @@ -85,6 +85,7 @@ DISABLE_ENQCMD) #define DISABLED_MASK17 0 #define DISABLED_MASK18 0 -#define DISABLED_MASK_CHECK BUILD_BUG_ON_ZERO(NCAPINTS != 19) +#define DISABLED_MASK19 0 +#define DISABLED_MASK_CHECK BUILD_BUG_ON_ZERO(NCAPINTS != 20) #endif /* _ASM_X86_DISABLED_FEATURES_H */ diff --git a/arch/x86/include/asm/required-features.h b/arch/x86/include/asm/required-features.h index 3ff0d48469f2..b2d504f11937 100644 --- a/arch/x86/include/asm/required-features.h +++ b/arch/x86/include/asm/required-features.h @@ -101,6 +101,7 @@ #define REQUIRED_MASK16 0 #define REQUIRED_MASK17 0 #define REQUIRED_MASK18 0 -#define REQUIRED_MASK_CHECK BUILD_BUG_ON_ZERO(NCAPINTS != 19) +#define REQUIRED_MASK19 0 +#define REQUIRED_MASK_CHECK BUILD_BUG_ON_ZERO(NCAPINTS != 20) #endif /* _ASM_X86_REQUIRED_FEATURES_H */ diff --git a/arch/x86/kernel/cpu/common.c b/arch/x86/kernel/cpu/common.c index 35ad8480c464..9215b91bc044 100644 --- a/arch/x86/kernel/cpu/common.c +++ b/arch/x86/kernel/cpu/common.c @@ -960,6 +960,9 @@ void get_cpu_cap(struct cpuinfo_x86 *c) if (c->extended_cpuid_level >= 0x8000000a) c->x86_capability[CPUID_8000_000A_EDX] = cpuid_edx(0x8000000a); + if (c->extended_cpuid_level >= 0x8000001f) + c->x86_capability[CPUID_8000_001F_EAX] = cpuid_eax(0x8000001f); + init_scattered_cpuid_features(c); init_speculation_control(c); diff --git a/arch/x86/kernel/cpu/scattered.c b/arch/x86/kernel/cpu/scattered.c index 236924930bf0..972ec3bfa9c0 100644 --- a/arch/x86/kernel/cpu/scattered.c +++ b/arch/x86/kernel/cpu/scattered.c @@ -40,11 +40,6 @@ static const struct cpuid_bit cpuid_bits[] = { { X86_FEATURE_CPB, CPUID_EDX, 9, 0x80000007, 0 }, { X86_FEATURE_PROC_FEEDBACK, CPUID_EDX, 11, 0x80000007, 0 }, { X86_FEATURE_MBA, CPUID_EBX, 6, 0x80000008, 0 }, - { X86_FEATURE_SME, CPUID_EAX, 0, 0x8000001f, 0 }, - { X86_FEATURE_SEV, CPUID_EAX, 1, 0x8000001f, 0 }, - { X86_FEATURE_SEV_ES, CPUID_EAX, 3, 0x8000001f, 0 }, - { X86_FEATURE_SME_COHERENT, CPUID_EAX, 10, 0x8000001f, 0 }, - { X86_FEATURE_VM_PAGE_FLUSH, CPUID_EAX, 2, 0x8000001f, 0 }, { 0, 0, 0, 0, 0 } }; diff --git a/tools/arch/x86/include/asm/disabled-features.h b/tools/arch/x86/include/asm/disabled-features.h index 5861d34f9771..2216077676c8 100644 --- a/tools/arch/x86/include/asm/disabled-features.h +++ b/tools/arch/x86/include/asm/disabled-features.h @@ -85,6 +85,7 @@ DISABLE_ENQCMD) #define DISABLED_MASK17 0 #define DISABLED_MASK18 0 -#define DISABLED_MASK_CHECK BUILD_BUG_ON_ZERO(NCAPINTS != 19) +#define DISABLED_MASK19 0 +#define DISABLED_MASK_CHECK BUILD_BUG_ON_ZERO(NCAPINTS != 20) #endif /* _ASM_X86_DISABLED_FEATURES_H */ diff --git a/tools/arch/x86/include/asm/required-features.h b/tools/arch/x86/include/asm/required-features.h index 3ff0d48469f2..b2d504f11937 100644 --- a/tools/arch/x86/include/asm/required-features.h +++ b/tools/arch/x86/include/asm/required-features.h @@ -101,6 +101,7 @@ #define REQUIRED_MASK16 0 #define REQUIRED_MASK17 0 #define REQUIRED_MASK18 0 -#define REQUIRED_MASK_CHECK BUILD_BUG_ON_ZERO(NCAPINTS != 19) +#define REQUIRED_MASK19 0 +#define REQUIRED_MASK_CHECK BUILD_BUG_ON_ZERO(NCAPINTS != 20) #endif /* _ASM_X86_REQUIRED_FEATURES_H */ From patchwork Sat Jan 9 00:47:06 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Sean Christopherson X-Patchwork-Id: 12007837 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-26.6 required=3.0 tests=BAYES_00,DKIMWL_WL_MED, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_CR_TRAILER,INCLUDES_PATCH,MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS, URIBL_BLOCKED,USER_AGENT_GIT,USER_IN_DEF_DKIM_WL autolearn=unavailable autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 073B4C4332B for ; Sat, 9 Jan 2021 00:49:37 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id DF6BE23A75 for ; Sat, 9 Jan 2021 00:49:36 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726629AbhAIAs7 (ORCPT ); Fri, 8 Jan 2021 19:48:59 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:40034 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726612AbhAIAs6 (ORCPT ); Fri, 8 Jan 2021 19:48:58 -0500 Received: from mail-yb1-xb4a.google.com (mail-yb1-xb4a.google.com [IPv6:2607:f8b0:4864:20::b4a]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 2D93AC061796 for ; Fri, 8 Jan 2021 16:47:48 -0800 (PST) Received: by mail-yb1-xb4a.google.com with SMTP id o9so17248823yba.4 for ; Fri, 08 Jan 2021 16:47:48 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=sender:reply-to:date:in-reply-to:message-id:mime-version:references :subject:from:to:cc; bh=6IjwYJ9nQQQ0VcUn254Dijwa+O3I16q70UCT60xMF6g=; b=VLOPOJ9HSsvTYI90Ybol+JWVm/ZNX/feHYo0aiZshBkwP0suEzToNYT24Su9ecnntO ZuApO308Gmd2c14dpt8Ud+2/e+qchelVHkY2rH+MhykB2bFMYNq0rjypZO6q3Be5pFB/ +b/C1bvmytV4mG4LZNiGQJxZH0QoMVCjemAHoswQT/yvF4Y3pBpPyKHIDPnGE0qZKGJv 91eXGEFz04FyD8+vuuTbcpt6zZ+hb/CDfroTVZyIS8EFZWORlueLiiq7/URseIL2tecP OdbK1msOXVq4ThCk79bcTIdjo2uP9ib3rl1pnBotny/0Y/JZImFEjEmpAy64+s02GUzo /BIA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:sender:reply-to:date:in-reply-to:message-id :mime-version:references:subject:from:to:cc; bh=6IjwYJ9nQQQ0VcUn254Dijwa+O3I16q70UCT60xMF6g=; b=h5c3zf/n96ykoCOwQccnkThj22remuIuU5YFS1bIU6WIpOhr1mIBsTtdRw6H+jMbdw MMUkUxcB30IigR42+44WqLTuFgipBTWUHuSKQSU+gcGg2yLJCS4QtbvYPgklTsTVlxuo sSfDVYnHwxTtcMpcG9IdXJ4BZfCBIt1TZO42Aiexymm1P97pTO777GUTcSqL7ZGFukRw KiI0XLZkhwwUuYGIafu+Gdt6tHErDCxoHusJ2QCYWozgE6Rxq63S2KxLlRLeZSlQL5su iuvNFzjcDWTJppb0I0WSRw79yYPKuBjQrjMiLIko8H9EHuchMjw2/ODhejikB86g2pHx ULYA== X-Gm-Message-State: AOAM5320gRkC6lLPpKXYohxLcb1U1W2XrvBlXyslln+vYK77dbg00QfC 9+MYL7ivrMjyh5K797ewAxfjj+PoY4Q= X-Google-Smtp-Source: ABdhPJzYPDKo26cD95Eoyaw8zqWykJfVRWquY1kv7ix//qit0AEvzQGBLaZGGOLoBQYS8n3IvAUsf7nILo8= Sender: "seanjc via sendgmr" X-Received: from seanjc798194.pdx.corp.google.com ([2620:15c:f:10:1ea0:b8ff:fe73:50f5]) (user=seanjc job=sendgmr) by 2002:a25:6902:: with SMTP id e2mr9172424ybc.97.1610153267416; Fri, 08 Jan 2021 16:47:47 -0800 (PST) Reply-To: Sean Christopherson Date: Fri, 8 Jan 2021 16:47:06 -0800 In-Reply-To: <20210109004714.1341275-1-seanjc@google.com> Message-Id: <20210109004714.1341275-6-seanjc@google.com> Mime-Version: 1.0 References: <20210109004714.1341275-1-seanjc@google.com> X-Mailer: git-send-email 2.30.0.284.gd98b1dd5eaa7-goog Subject: [PATCH 05/13] KVM: x86: Override reported SME/SEV feature flags with host mask From: Sean Christopherson To: Paolo Bonzini , Dave Hansen , Andy Lutomirski , Peter Zijlstra Cc: Sean Christopherson , Vitaly Kuznetsov , Wanpeng Li , Jim Mattson , Joerg Roedel , kvm@vger.kernel.org, linux-kernel@vger.kernel.org, Tom Lendacky , Borislav Petkov , Brijesh Singh Precedence: bulk List-ID: X-Mailing-List: kvm@vger.kernel.org Add a reverse-CPUID entry for the memory encryption word, 0x8000001F.EAX, and use it to override the supported CPUID flags reported to userspace. Masking the reported CPUID flags avoids over-reporting KVM support, e.g. without the mask a SEV-SNP capable CPU may incorrectly advertise SNP support to userspace. Cc: Brijesh Singh Cc: Tom Lendacky Signed-off-by: Sean Christopherson --- arch/x86/kvm/cpuid.c | 2 ++ arch/x86/kvm/cpuid.h | 1 + 2 files changed, 3 insertions(+) diff --git a/arch/x86/kvm/cpuid.c b/arch/x86/kvm/cpuid.c index 13036cf0b912..b7618cdd06b5 100644 --- a/arch/x86/kvm/cpuid.c +++ b/arch/x86/kvm/cpuid.c @@ -855,6 +855,8 @@ static inline int __do_cpuid_func(struct kvm_cpuid_array *array, u32 function) case 0x8000001F: if (!boot_cpu_has(X86_FEATURE_SEV)) entry->eax = entry->ebx = entry->ecx = entry->edx = 0; + else + cpuid_entry_override(entry, CPUID_8000_001F_EAX); break; /*Add support for Centaur's CPUID instruction*/ case 0xC0000000: diff --git a/arch/x86/kvm/cpuid.h b/arch/x86/kvm/cpuid.h index dc921d76e42e..8b6fc9bde248 100644 --- a/arch/x86/kvm/cpuid.h +++ b/arch/x86/kvm/cpuid.h @@ -63,6 +63,7 @@ static const struct cpuid_reg reverse_cpuid[] = { [CPUID_8000_0007_EBX] = {0x80000007, 0, CPUID_EBX}, [CPUID_7_EDX] = { 7, 0, CPUID_EDX}, [CPUID_7_1_EAX] = { 7, 1, CPUID_EAX}, + [CPUID_8000_001F_EAX] = {0x8000001f, 1, CPUID_EAX}, }; /* From patchwork Sat Jan 9 00:47:07 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Sean Christopherson X-Patchwork-Id: 12007827 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-26.6 required=3.0 tests=BAYES_00,DKIMWL_WL_MED, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_CR_TRAILER,INCLUDES_PATCH,MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS, USER_AGENT_GIT,USER_IN_DEF_DKIM_WL autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 70938C4332E for ; Sat, 9 Jan 2021 00:49:13 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 4777E23AC0 for ; Sat, 9 Jan 2021 00:49:13 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726640AbhAIAs7 (ORCPT ); Fri, 8 Jan 2021 19:48:59 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:40040 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726620AbhAIAs6 (ORCPT ); Fri, 8 Jan 2021 19:48:58 -0500 Received: from mail-yb1-xb49.google.com (mail-yb1-xb49.google.com [IPv6:2607:f8b0:4864:20::b49]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id B6638C061799 for ; Fri, 8 Jan 2021 16:47:50 -0800 (PST) Received: by mail-yb1-xb49.google.com with SMTP id o9so17248933yba.4 for ; Fri, 08 Jan 2021 16:47:50 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=sender:reply-to:date:in-reply-to:message-id:mime-version:references :subject:from:to:cc; bh=d4pr2++w40O0CLns88f/iirKEVNPW2czC2n8QXn3KSs=; b=jOYGQisjm9xhAXR+CLMMyJg7LdjSdq9yi0HPO1bF6wAKQ1S7bheGPmquyLr2unxV0i Z/GUQBpPxP0mtbaANOzCBQKkFoy3XLHtGui971CsN2lIon9nV0kJC6PdCjXTbKMWGMsS bGg4C6ztOfSm3OdTjJnOBjkwVV6EWXSmm/9skbaRspNARSCewKDPS8xFb4SxjTPqiERL TO/Ml7hd71+URP+m8JdvZWHhOF3+3tHpGoE0biUtDFojYQgKFZzgL7jubpKjIpzWvJ2G Q1tYaGoZQJgxUGpty5T/RMnqFrRDHPjLI7GaxRPkPMou56tSjCJrgihNqJNCKbFFjG+s E2Jw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:sender:reply-to:date:in-reply-to:message-id :mime-version:references:subject:from:to:cc; bh=d4pr2++w40O0CLns88f/iirKEVNPW2czC2n8QXn3KSs=; b=JU3kBwU1q1a0efQi9IHGKLbOPNAGYsrF5VR84pUgH9Jqz+7ZpGpQTrWMyFzN90DAW9 ZQfpk1ZRPozfVO31Gph29NICL79fXzRsh15ydZ9ap331PJtBsO5Fy/Oy9tCIaZJdq0Ks ntmZ8cJn3/FYmG8tFEJ1Vez1MbAj1BXZS0nm9tJOob/dCsSpmlrSqlgg7lMyrWm86vJ/ rgWpf/tbRzfYtd1Mf6/u6L5ej56fWoT7IXVltY8EA2WiMIWqM0SJEeZ11yaH00sdQL0L 3bHYyyGebn0qY+B/P9q0xdzKuoUeMMW9kVNbwrVwK1xz0ulyAlOFNqHEN+eFV+XF4b7H jusA== X-Gm-Message-State: AOAM532qYrSDnvTgoiyXGR1oKmMfPzPQ0gF6E01MYnBcdCbBDvO6/sEl wQyCtwDz/ZvhIsqlpQAjoktNUi95liE= X-Google-Smtp-Source: ABdhPJxM39JuPDl5IOydMdQW3d2GaPMtqTBVSEufrjpujCuiHWOYifsHOltB/A/6IgqsOGYr4Vw3IoAvxU0= Sender: "seanjc via sendgmr" X-Received: from seanjc798194.pdx.corp.google.com ([2620:15c:f:10:1ea0:b8ff:fe73:50f5]) (user=seanjc job=sendgmr) by 2002:a25:743:: with SMTP id 64mr8822114ybh.333.1610153269944; Fri, 08 Jan 2021 16:47:49 -0800 (PST) Reply-To: Sean Christopherson Date: Fri, 8 Jan 2021 16:47:07 -0800 In-Reply-To: <20210109004714.1341275-1-seanjc@google.com> Message-Id: <20210109004714.1341275-7-seanjc@google.com> Mime-Version: 1.0 References: <20210109004714.1341275-1-seanjc@google.com> X-Mailer: git-send-email 2.30.0.284.gd98b1dd5eaa7-goog Subject: [PATCH 06/13] x86/sev: Rename global "sev_enabled" flag to "sev_guest" From: Sean Christopherson To: Paolo Bonzini , Dave Hansen , Andy Lutomirski , Peter Zijlstra Cc: Sean Christopherson , Vitaly Kuznetsov , Wanpeng Li , Jim Mattson , Joerg Roedel , kvm@vger.kernel.org, linux-kernel@vger.kernel.org, Tom Lendacky , Borislav Petkov , Brijesh Singh Precedence: bulk List-ID: X-Mailing-List: kvm@vger.kernel.org Use "guest" instead of "enabled" for the global "running as an SEV guest" flag to avoid confusion over whether "sev_enabled" refers to the guest or the host. This will also allow KVM to usurp "sev_enabled" for its own purposes. No functional change intended. Signed-off-by: Sean Christopherson Acked-by: Tom Lendacky --- arch/x86/include/asm/mem_encrypt.h | 2 +- arch/x86/mm/mem_encrypt.c | 4 ++-- arch/x86/mm/mem_encrypt_identity.c | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/arch/x86/include/asm/mem_encrypt.h b/arch/x86/include/asm/mem_encrypt.h index 2f62bbdd9d12..9b3990928674 100644 --- a/arch/x86/include/asm/mem_encrypt.h +++ b/arch/x86/include/asm/mem_encrypt.h @@ -20,7 +20,7 @@ extern u64 sme_me_mask; extern u64 sev_status; -extern bool sev_enabled; +extern bool sev_guest; void sme_encrypt_execute(unsigned long encrypted_kernel_vaddr, unsigned long decrypted_kernel_vaddr, diff --git a/arch/x86/mm/mem_encrypt.c b/arch/x86/mm/mem_encrypt.c index bc0833713be9..0f798355de03 100644 --- a/arch/x86/mm/mem_encrypt.c +++ b/arch/x86/mm/mem_encrypt.c @@ -44,7 +44,7 @@ EXPORT_SYMBOL(sme_me_mask); DEFINE_STATIC_KEY_FALSE(sev_enable_key); EXPORT_SYMBOL_GPL(sev_enable_key); -bool sev_enabled __section(".data"); +bool sev_guest __section(".data"); /* Buffer used for early in-place encryption by BSP, no locking needed */ static char sme_early_buffer[PAGE_SIZE] __initdata __aligned(PAGE_SIZE); @@ -344,7 +344,7 @@ int __init early_set_memory_encrypted(unsigned long vaddr, unsigned long size) */ bool sme_active(void) { - return sme_me_mask && !sev_enabled; + return sme_me_mask && !sev_guest; } bool sev_active(void) diff --git a/arch/x86/mm/mem_encrypt_identity.c b/arch/x86/mm/mem_encrypt_identity.c index 6c5eb6f3f14f..91b6b899c02b 100644 --- a/arch/x86/mm/mem_encrypt_identity.c +++ b/arch/x86/mm/mem_encrypt_identity.c @@ -545,7 +545,7 @@ void __init sme_enable(struct boot_params *bp) /* SEV state cannot be controlled by a command line option */ sme_me_mask = me_mask; - sev_enabled = true; + sev_guest = true; physical_mask &= ~sme_me_mask; return; } From patchwork Sat Jan 9 00:47:08 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Sean Christopherson X-Patchwork-Id: 12007825 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-26.6 required=3.0 tests=BAYES_00,DKIMWL_WL_MED, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_CR_TRAILER,INCLUDES_PATCH,MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS, USER_AGENT_GIT,USER_IN_DEF_DKIM_WL autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 45001C433DB for ; Sat, 9 Jan 2021 00:49:13 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 0998323B04 for ; Sat, 9 Jan 2021 00:49:13 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726705AbhAIAtC (ORCPT ); Fri, 8 Jan 2021 19:49:02 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:40052 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726687AbhAIAtB (ORCPT ); Fri, 8 Jan 2021 19:49:01 -0500 Received: from mail-qv1-xf49.google.com (mail-qv1-xf49.google.com [IPv6:2607:f8b0:4864:20::f49]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 72A5BC06179B for ; Fri, 8 Jan 2021 16:47:53 -0800 (PST) Received: by mail-qv1-xf49.google.com with SMTP id t18so9435841qva.6 for ; Fri, 08 Jan 2021 16:47:53 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=sender:reply-to:date:in-reply-to:message-id:mime-version:references :subject:from:to:cc; bh=dyPlu6qMQUJ5LjPtUc+nebDh2loDqHfHQ3wm6f9Tp5o=; b=dVRnIHGiQJSzr0UHXeto2OOOBaBXSN2owjt2UtrYDw4giQKl05OFRVg+fq3hekxNB5 +GMPBB47eVpf8p41AmnbiYXBcAD9TsbX4wEEqZo1vYFa+UaBMmzjygCmkVPYIqlQOLV4 9uFMoM7R1qnv1XvlIKdKHfYQc1eI6g69Kd/k0L95Qzi2k2i5trEMAWRDKfuJntVA5WT6 ERRv91xXWkUkLPLUsUjxUwjZvtql2PVE2RbOht/e/jg7RMKGzfItHs/+E4ARkczFkGfY RKRK/yc2LQkW8C0QCh41LQhkIEEDJEStv4SKdS6kMNrwDJHWptb2k52doX9O/A8k55DE sgDw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:sender:reply-to:date:in-reply-to:message-id :mime-version:references:subject:from:to:cc; bh=dyPlu6qMQUJ5LjPtUc+nebDh2loDqHfHQ3wm6f9Tp5o=; b=crquqQFO6UHuyXWKLzjUHK6uuQRAOwXPW1YKCY3hfI9bOLM5OCglF2oUwH+CCLJEfa Z1+4I7MeI85tmvP0hZldIOdYl2W7+bI5nLCP7GV2xhmSTziF/airLAG7dKSx3ZyuOxaT maL4qZrRTDdd+ICFvlHcs/twQYuws/WfJ2WQcQU18IUH1y01POUGt6IbUbMFDSBoMQvO KONIaFfP/nyCmr0XqwUbFEWRrtEFJGeCzjq2dV4uBl/AmTlRQeldDECAxAO40lGGYNFO VQhrTmEZeviH3SutQXM5ywXLpHuf4PM5e0JaXQTKIY/7ZZqdPAFvkKWachccCasvg98O Annw== X-Gm-Message-State: AOAM5309hL4IawLov2u6GFGX85JgfivgGz6ok8NMwrgfo7+zF2L/Gke9 4oo1N03y2NXBn8QAOkPem6sLxyKq8ZU= X-Google-Smtp-Source: ABdhPJx5uNFlnXoBmo29Hg2qrMf8X5oxWz9P6URzdT9YeG34B54qUi08KKILd1696s4SZ+fig3pUMd/8Q0s= Sender: "seanjc via sendgmr" X-Received: from seanjc798194.pdx.corp.google.com ([2620:15c:f:10:1ea0:b8ff:fe73:50f5]) (user=seanjc job=sendgmr) by 2002:a05:6214:1868:: with SMTP id eh8mr6375071qvb.50.1610153272597; Fri, 08 Jan 2021 16:47:52 -0800 (PST) Reply-To: Sean Christopherson Date: Fri, 8 Jan 2021 16:47:08 -0800 In-Reply-To: <20210109004714.1341275-1-seanjc@google.com> Message-Id: <20210109004714.1341275-8-seanjc@google.com> Mime-Version: 1.0 References: <20210109004714.1341275-1-seanjc@google.com> X-Mailer: git-send-email 2.30.0.284.gd98b1dd5eaa7-goog Subject: [PATCH 07/13] KVM: SVM: Append "_enabled" to module-scoped SEV/SEV-ES control variables From: Sean Christopherson To: Paolo Bonzini , Dave Hansen , Andy Lutomirski , Peter Zijlstra Cc: Sean Christopherson , Vitaly Kuznetsov , Wanpeng Li , Jim Mattson , Joerg Roedel , kvm@vger.kernel.org, linux-kernel@vger.kernel.org, Tom Lendacky , Borislav Petkov , Brijesh Singh Precedence: bulk List-ID: X-Mailing-List: kvm@vger.kernel.org Rename sev and sev_es to sev_enabled and sev_es_enabled respectively to better align with other KVM terminology, and to avoid pseudo-shadowing when the variables are moved to sev.c in a future patch ('sev' is often used for local struct kvm_sev_info pointers). No functional change intended. Signed-off-by: Sean Christopherson Acked-by: Tom Lendacky --- arch/x86/kvm/svm/sev.c | 20 ++++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c index 8ba93b8fa435..a024edabaca5 100644 --- a/arch/x86/kvm/svm/sev.c +++ b/arch/x86/kvm/svm/sev.c @@ -28,12 +28,12 @@ #define __ex(x) __kvm_handle_fault_on_reboot(x) /* enable/disable SEV support */ -static int sev = IS_ENABLED(CONFIG_AMD_MEM_ENCRYPT_ACTIVE_BY_DEFAULT); -module_param(sev, int, 0444); +static bool sev_enabled = IS_ENABLED(CONFIG_AMD_MEM_ENCRYPT_ACTIVE_BY_DEFAULT); +module_param_named(sev, sev_enabled, bool, 0444); /* enable/disable SEV-ES support */ -static int sev_es = IS_ENABLED(CONFIG_AMD_MEM_ENCRYPT_ACTIVE_BY_DEFAULT); -module_param(sev_es, int, 0444); +static bool sev_es_enabled = IS_ENABLED(CONFIG_AMD_MEM_ENCRYPT_ACTIVE_BY_DEFAULT); +module_param_named(sev_es, sev_es_enabled, bool, 0444); static u8 sev_enc_bit; static int sev_flush_asids(void); @@ -213,7 +213,7 @@ static int sev_guest_init(struct kvm *kvm, struct kvm_sev_cmd *argp) static int sev_es_guest_init(struct kvm *kvm, struct kvm_sev_cmd *argp) { - if (!sev_es) + if (!sev_es_enabled) return -ENOTTY; to_kvm_svm(kvm)->sev_info.es_active = true; @@ -1052,7 +1052,7 @@ int svm_mem_enc_op(struct kvm *kvm, void __user *argp) struct kvm_sev_cmd sev_cmd; int r; - if (!svm_sev_enabled() || !sev) + if (!svm_sev_enabled() || !sev_enabled) return -ENOTTY; if (!argp) @@ -1257,7 +1257,7 @@ void __init sev_hardware_setup(void) bool sev_es_supported = false; bool sev_supported = false; - if (!IS_ENABLED(CONFIG_KVM_AMD_SEV) || !sev) + if (!IS_ENABLED(CONFIG_KVM_AMD_SEV) || !sev_enabled) goto out; /* Does the CPU support SEV? */ @@ -1294,7 +1294,7 @@ void __init sev_hardware_setup(void) sev_supported = true; /* SEV-ES support requested? */ - if (!sev_es) + if (!sev_es_enabled) goto out; /* Does the CPU support SEV-ES? */ @@ -1309,8 +1309,8 @@ void __init sev_hardware_setup(void) sev_es_supported = true; out: - sev = sev_supported; - sev_es = sev_es_supported; + sev_enabled = sev_supported; + sev_es_enabled = sev_es_supported; } void sev_hardware_teardown(void) From patchwork Sat Jan 9 00:47:09 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Sean Christopherson X-Patchwork-Id: 12007835 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-26.6 required=3.0 tests=BAYES_00,DKIMWL_WL_MED, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_CR_TRAILER,INCLUDES_PATCH,MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS, USER_AGENT_GIT,USER_IN_DEF_DKIM_WL autolearn=unavailable autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id E26FCC4332D for ; Sat, 9 Jan 2021 00:49:36 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id CB90723A3C for ; Sat, 9 Jan 2021 00:49:36 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726773AbhAIAtM (ORCPT ); Fri, 8 Jan 2021 19:49:12 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:40020 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726754AbhAIAtL (ORCPT ); Fri, 8 Jan 2021 19:49:11 -0500 Received: from mail-yb1-xb49.google.com (mail-yb1-xb49.google.com [IPv6:2607:f8b0:4864:20::b49]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id C8BE4C06179F for ; Fri, 8 Jan 2021 16:47:55 -0800 (PST) Received: by mail-yb1-xb49.google.com with SMTP id c9so17214160ybs.8 for ; Fri, 08 Jan 2021 16:47:55 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=sender:reply-to:date:in-reply-to:message-id:mime-version:references :subject:from:to:cc; bh=292fZgTlFSUh9sat6hWygwmIzdDrAIVyQe5fuEoV9fw=; b=hR96DdZVhDK+6qksQXwJIuiZ/+XOj3ixyaTOVgExtrmCRA9k9BiJ8s3YgNFLU3xKuU fWsRiWw1w1gvEMoYm/4WwT2wYvA/XzG2nxmCkgdQN5lEU2o7K8hCtDpjCtGO+NTumXRP uplxJLr4QbseEMJyzcTJM6Q79qZ9JbZZ4t3fZakIvTFj+eHpG3u+xWYc795ob+Fklal2 v1ZYK++qgNSSeAcaV1RbXR+IIrS7iZfwAe9eYOQ39xfL4eyYQxA0lnKKwIlQ1poZJRtD CXIharTpYAkcZdwr3+0lweYIN+Vul/f/q7ZrGWHMQPR5tLgWCzd/9snJlJ8sjvSsBIAk YwOQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:sender:reply-to:date:in-reply-to:message-id :mime-version:references:subject:from:to:cc; bh=292fZgTlFSUh9sat6hWygwmIzdDrAIVyQe5fuEoV9fw=; b=oXOvbUEh3/hpEZb09S2EpAn00nQTPMMwmzQlb5pGI0PuGvpKiTzaHVzC83J2RwY1jY Ajy18HaJtlIEEB1pW/gs9KnhLlBpLriLhelKrkEAWhUUKW/lQ1s5GEPvxssrcpJTjV9M EuVhR7Weaj423tR4ZX8wlyelBvPl4CXyEuliyTAFNPyaQQtGu6e78YTzlu5XutRm0vsW 1ghuNZYLhu73xDwJYvm1M8gxakb91SuL1+zugzoBYnhoywG0psq6DOvmxzvBosxWvsEs gTRuGeIFqf29WOoYL74yMCVSxg8FX+IV6a4jkqXwE5ZSwZQDvcH9DxJjTUYV/18eEuKA m+Cg== X-Gm-Message-State: AOAM532s0ujqEqy7lB1kz/CBgbHxVeapGMqH3Vu0DpfGwLrpJ+dmhrqX rdJvXVnNkeqB4qZ0OpTkSvPYicXfW4Y= X-Google-Smtp-Source: ABdhPJw3HsMyJQjGxgzaMAsKqmp4qMnS3gGyTkKUApJqynd6ijFrp0GM3mYvd7UgiHpqBBeZTNZSLHGABVk= Sender: "seanjc via sendgmr" X-Received: from seanjc798194.pdx.corp.google.com ([2620:15c:f:10:1ea0:b8ff:fe73:50f5]) (user=seanjc job=sendgmr) by 2002:a25:5:: with SMTP id 5mr9415276yba.478.1610153275053; Fri, 08 Jan 2021 16:47:55 -0800 (PST) Reply-To: Sean Christopherson Date: Fri, 8 Jan 2021 16:47:09 -0800 In-Reply-To: <20210109004714.1341275-1-seanjc@google.com> Message-Id: <20210109004714.1341275-9-seanjc@google.com> Mime-Version: 1.0 References: <20210109004714.1341275-1-seanjc@google.com> X-Mailer: git-send-email 2.30.0.284.gd98b1dd5eaa7-goog Subject: [PATCH 08/13] KVM: SVM: Unconditionally invoke sev_hardware_teardown() From: Sean Christopherson To: Paolo Bonzini , Dave Hansen , Andy Lutomirski , Peter Zijlstra Cc: Sean Christopherson , Vitaly Kuznetsov , Wanpeng Li , Jim Mattson , Joerg Roedel , kvm@vger.kernel.org, linux-kernel@vger.kernel.org, Tom Lendacky , Borislav Petkov , Brijesh Singh Precedence: bulk List-ID: X-Mailing-List: kvm@vger.kernel.org Remove the redundant svm_sev_enabled() check when calling sev_hardware_teardown(), the teardown helper itself does the check. Removing the check from svm.c will eventually allow dropping svm_sev_enabled() entirely. No functional change intended. Signed-off-by: Sean Christopherson --- arch/x86/kvm/svm/svm.c | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c index f89f702b2a58..bb7b99743bea 100644 --- a/arch/x86/kvm/svm/svm.c +++ b/arch/x86/kvm/svm/svm.c @@ -887,8 +887,7 @@ static void svm_hardware_teardown(void) { int cpu; - if (svm_sev_enabled()) - sev_hardware_teardown(); + sev_hardware_teardown(); for_each_possible_cpu(cpu) svm_cpu_uninit(cpu); From patchwork Sat Jan 9 00:47:10 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Sean Christopherson X-Patchwork-Id: 12007829 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-26.6 required=3.0 tests=BAYES_00,DKIMWL_WL_MED, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_CR_TRAILER,INCLUDES_PATCH,MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS, USER_AGENT_GIT,USER_IN_DEF_DKIM_WL autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 866FDC4332D for ; Sat, 9 Jan 2021 00:49:13 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 6678423AAA for ; Sat, 9 Jan 2021 00:49:13 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726795AbhAIAtM (ORCPT ); Fri, 8 Jan 2021 19:49:12 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:40022 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726761AbhAIAtL (ORCPT ); Fri, 8 Jan 2021 19:49:11 -0500 Received: from mail-yb1-xb4a.google.com (mail-yb1-xb4a.google.com [IPv6:2607:f8b0:4864:20::b4a]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 69709C0617A2 for ; Fri, 8 Jan 2021 16:47:58 -0800 (PST) Received: by mail-yb1-xb4a.google.com with SMTP id d187so17449877ybc.6 for ; Fri, 08 Jan 2021 16:47:58 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=sender:reply-to:date:in-reply-to:message-id:mime-version:references :subject:from:to:cc; bh=wNuz2MXteWLoYNC08f6B+I2//IVLsJEJ/GyZH+0v0jU=; b=OPcuUIG+0PBDu5E5I2V6/6DWcHof9ko8dH84q87ij20/D1XroEw7Epfd4H+uCKnPta PfzhoikXGyMmVPx0RGK5bgaClU7qR8xW5bLHuu68SOkeGw26rkfS4S9i+SIIqK660zQq m/dsPJqxWSCAVb6SyyysLorqWdOu9ZlZHXwXFtm6RDX25cSf0UmQG7+WzEu6lgLlGZvf ewOAr2Xlb++ezYaVmhXyVi3bOqQHrqXZFomrlW3UCOMJKMeavyedMk95nPKPR3j2EVzN eDrfAk6eIhBUX5Njn61PiL99MCr38RlX2A8azdvg9Y1ezpyIH9uwRLMBrma/YutwaH3i AzOw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:sender:reply-to:date:in-reply-to:message-id :mime-version:references:subject:from:to:cc; bh=wNuz2MXteWLoYNC08f6B+I2//IVLsJEJ/GyZH+0v0jU=; b=HfWIQx/CxWWtz2dUNcaq1JzEOcCn/4xZCZi7KFcbw4PoUISJ3vzrURIJXP+F4fCnf3 PD/o5sLiKB7iNLc6g9qZ+luUBJSKFH1YwnDp9VVClR+2oWxzxlf0i6UNvcqzgpCu2ePg EXz/H/crfQBgxNNmGAjunWvrLRY3yhXK1+Gw9TGhc7n6VcO870fu30gfKz0QkiZefnPS lQygLVNkJgTb0ttwuzzG/66dD4On9u1N/Gip9PrRYmCEJCUtIiXV0XommYcWw2nf7ufb as6XJSDfxuNMMtWRd4UIfWGmmy/wEPn8aA29yn0FzjzjOQttUjidOgYauBaYm7funfL8 QZng== X-Gm-Message-State: AOAM532DkeZJE8X+hd5QiT9QiZigjxqAJA30tBsQbhR3QGz194IK3hj8 4avjnaMy/6E5GQKrZozHaKghRkOEKA4= X-Google-Smtp-Source: ABdhPJwLb6+N1nSXsCxoI5Fb6X4bdbTQ5A7peRNyMkYnd5Ubl1hltrhpMuXjprYk22tnvJ2xiSOJ80a8U6U= Sender: "seanjc via sendgmr" X-Received: from seanjc798194.pdx.corp.google.com ([2620:15c:f:10:1ea0:b8ff:fe73:50f5]) (user=seanjc job=sendgmr) by 2002:a25:5582:: with SMTP id j124mr9345524ybb.309.1610153277629; Fri, 08 Jan 2021 16:47:57 -0800 (PST) Reply-To: Sean Christopherson Date: Fri, 8 Jan 2021 16:47:10 -0800 In-Reply-To: <20210109004714.1341275-1-seanjc@google.com> Message-Id: <20210109004714.1341275-10-seanjc@google.com> Mime-Version: 1.0 References: <20210109004714.1341275-1-seanjc@google.com> X-Mailer: git-send-email 2.30.0.284.gd98b1dd5eaa7-goog Subject: [PATCH 09/13] KVM: SVM: Explicitly check max SEV ASID during sev_hardware_setup() From: Sean Christopherson To: Paolo Bonzini , Dave Hansen , Andy Lutomirski , Peter Zijlstra Cc: Sean Christopherson , Vitaly Kuznetsov , Wanpeng Li , Jim Mattson , Joerg Roedel , kvm@vger.kernel.org, linux-kernel@vger.kernel.org, Tom Lendacky , Borislav Petkov , Brijesh Singh Precedence: bulk List-ID: X-Mailing-List: kvm@vger.kernel.org Query max_sev_asid directly after setting it instead of bouncing through its wrapper, svm_sev_enabled(). Using the wrapper is unnecessary obfuscation. No functional change intended. Signed-off-by: Sean Christopherson --- arch/x86/kvm/svm/sev.c | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c index a024edabaca5..3d25d24bcb48 100644 --- a/arch/x86/kvm/svm/sev.c +++ b/arch/x86/kvm/svm/sev.c @@ -1272,8 +1272,7 @@ void __init sev_hardware_setup(void) /* Maximum number of encrypted guests supported simultaneously */ max_sev_asid = ecx; - - if (!svm_sev_enabled()) + if (!max_sev_asid) goto out; /* Minimum ASID value that should be used for SEV guest */ From patchwork Sat Jan 9 00:47:11 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Sean Christopherson X-Patchwork-Id: 12007845 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-26.6 required=3.0 tests=BAYES_00,DKIMWL_WL_MED, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_CR_TRAILER,INCLUDES_PATCH,MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS, USER_AGENT_GIT,USER_IN_DEF_DKIM_WL autolearn=unavailable autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id CB98EC433E6 for ; Sat, 9 Jan 2021 00:50:53 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 9D04023A7C for ; Sat, 9 Jan 2021 00:50:53 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726904AbhAIAth (ORCPT ); Fri, 8 Jan 2021 19:49:37 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:40182 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726890AbhAIAtg (ORCPT ); Fri, 8 Jan 2021 19:49:36 -0500 Received: from mail-qt1-x849.google.com (mail-qt1-x849.google.com [IPv6:2607:f8b0:4864:20::849]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id DDAFEC0617A4 for ; Fri, 8 Jan 2021 16:48:00 -0800 (PST) Received: by mail-qt1-x849.google.com with SMTP id h18so9518136qtr.2 for ; Fri, 08 Jan 2021 16:48:00 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=sender:reply-to:date:in-reply-to:message-id:mime-version:references :subject:from:to:cc; bh=GZIGOjVPda+c+O82UamW1h7IewucBItkY9B2sexVha8=; b=nDFk3WbLzXD2CBf61X7QA3DO3OSq5V59DWDGCi6i+KTqpxvu+JJDnXm3xHU+hr6Bz7 xmHonSFW0NOY6zZ0SktkyIxYosOmBgSbl/Dr6AYd4lPimUvBH0Td6tMW8DMG31TkLHom VpfhFYL7V+SgXAC7JTaCjbbSkEdKeUP1dB/tf5vCInrJcPRkNI96DOrFb8/8Jla1CzGm UqSF530amN0qmVtPLEIW8GP8DnKTrfea+KCeyDlbtCykDakVgdLpVki40DgzRfjcw+r6 yBSwX8nA8lx1SIq+Z2Sv4b5t8qHskOQUVQLzhqi7JydBbrPOKPCubmhhK/fizNOJsCo1 ioIw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:sender:reply-to:date:in-reply-to:message-id :mime-version:references:subject:from:to:cc; bh=GZIGOjVPda+c+O82UamW1h7IewucBItkY9B2sexVha8=; b=FY24vk9+CZGk74IibmSP8aC5wSWvwfA15Xro5nZajyElO2MDgQ0qbK2FBlhzcoZHBu 8AWWxl0vKngOMhRZSKUJInVsIkC6lswQSY8/nbLnjmXX/TagPKLE2eRL+VMnJuly7yFa H1tAhnabT0/2VVbuiXVl7ZCiburpnZ1WAdKZNZb9tQ5qwLfeXwS1r14vCsCc4Jc336YI AF5p4ycqF071P4R+OXYPeBx3Qznkm/EW6j3nKeUkMLunabguc7vUr22gbL7Rz4EUXJyG AABFgwPiDs5iY4CbJEHOMFKbmrIrXAKeVxTm4evpnLG59+zsRytZ7TagZRS0f5ZfOLD6 WX5A== X-Gm-Message-State: AOAM530yWmlofVTMoNOtwcVNx5lWDZNaNuNKtJdmPmgIB4khzsyUVx/y 5SS+iNkzy+xU6ql8uhzl1EUgUhvHjYw= X-Google-Smtp-Source: ABdhPJzlKxa6a6SGn1UvXiverv1gdWB35eyRHSNHFI7M+3xx/JUIzg/FiWxrsObSt1oY3EUAgGhHAv03Mn4= Sender: "seanjc via sendgmr" X-Received: from seanjc798194.pdx.corp.google.com ([2620:15c:f:10:1ea0:b8ff:fe73:50f5]) (user=seanjc job=sendgmr) by 2002:a05:6214:370:: with SMTP id t16mr6428915qvu.22.1610153280070; Fri, 08 Jan 2021 16:48:00 -0800 (PST) Reply-To: Sean Christopherson Date: Fri, 8 Jan 2021 16:47:11 -0800 In-Reply-To: <20210109004714.1341275-1-seanjc@google.com> Message-Id: <20210109004714.1341275-11-seanjc@google.com> Mime-Version: 1.0 References: <20210109004714.1341275-1-seanjc@google.com> X-Mailer: git-send-email 2.30.0.284.gd98b1dd5eaa7-goog Subject: [PATCH 10/13] KVM: SVM: Move SEV VMCB tracking allocation to sev.c From: Sean Christopherson To: Paolo Bonzini , Dave Hansen , Andy Lutomirski , Peter Zijlstra Cc: Sean Christopherson , Vitaly Kuznetsov , Wanpeng Li , Jim Mattson , Joerg Roedel , kvm@vger.kernel.org, linux-kernel@vger.kernel.org, Tom Lendacky , Borislav Petkov , Brijesh Singh Precedence: bulk List-ID: X-Mailing-List: kvm@vger.kernel.org Move the allocation of the SEV VMCB array to sev.c to help pave the way toward encapsulating SEV enabling wholly within sev.c. No functional change intended. Signed-off-by: Sean Christopherson --- arch/x86/kvm/svm/sev.c | 13 +++++++++++++ arch/x86/kvm/svm/svm.c | 17 ++++++++--------- arch/x86/kvm/svm/svm.h | 1 + 3 files changed, 22 insertions(+), 9 deletions(-) diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c index 3d25d24bcb48..8c34c467a09d 100644 --- a/arch/x86/kvm/svm/sev.c +++ b/arch/x86/kvm/svm/sev.c @@ -1323,6 +1323,19 @@ void sev_hardware_teardown(void) sev_flush_asids(); } +int sev_cpu_init(struct svm_cpu_data *sd) +{ + if (!svm_sev_enabled()) + return 0; + + sd->sev_vmcbs = kmalloc_array(max_sev_asid + 1, sizeof(void *), + GFP_KERNEL | __GFP_ZERO); + if (!sd->sev_vmcbs) + return -ENOMEM; + + return 0; +} + /* * Pages used by hardware to hold guest encrypted state must be flushed before * returning them to the system. diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c index bb7b99743bea..89b95fb87a0c 100644 --- a/arch/x86/kvm/svm/svm.c +++ b/arch/x86/kvm/svm/svm.c @@ -552,23 +552,22 @@ static void svm_cpu_uninit(int cpu) static int svm_cpu_init(int cpu) { struct svm_cpu_data *sd; + int ret; sd = kzalloc(sizeof(struct svm_cpu_data), GFP_KERNEL); if (!sd) return -ENOMEM; sd->cpu = cpu; sd->save_area = alloc_page(GFP_KERNEL); - if (!sd->save_area) + if (!sd->save_area) { + ret = -ENOMEM; goto free_cpu_data; + } clear_page(page_address(sd->save_area)); - if (svm_sev_enabled()) { - sd->sev_vmcbs = kmalloc_array(max_sev_asid + 1, - sizeof(void *), - GFP_KERNEL | __GFP_ZERO); - if (!sd->sev_vmcbs) - goto free_save_area; - } + ret = sev_cpu_init(sd); + if (ret) + goto free_save_area; per_cpu(svm_data, cpu) = sd; @@ -578,7 +577,7 @@ static int svm_cpu_init(int cpu) __free_page(sd->save_area); free_cpu_data: kfree(sd); - return -ENOMEM; + return ret; } diff --git a/arch/x86/kvm/svm/svm.h b/arch/x86/kvm/svm/svm.h index 8e169835f52a..4eb4bab0ca3e 100644 --- a/arch/x86/kvm/svm/svm.h +++ b/arch/x86/kvm/svm/svm.h @@ -583,6 +583,7 @@ int svm_unregister_enc_region(struct kvm *kvm, void pre_sev_run(struct vcpu_svm *svm, int cpu); void __init sev_hardware_setup(void); void sev_hardware_teardown(void); +int sev_cpu_init(struct svm_cpu_data *sd); void sev_free_vcpu(struct kvm_vcpu *vcpu); int sev_handle_vmgexit(struct vcpu_svm *svm); int sev_es_string_io(struct vcpu_svm *svm, int size, unsigned int port, int in); From patchwork Sat Jan 9 00:47:12 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Sean Christopherson X-Patchwork-Id: 12007831 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-26.6 required=3.0 tests=BAYES_00,DKIMWL_WL_MED, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_CR_TRAILER,INCLUDES_PATCH,MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS, USER_AGENT_GIT,USER_IN_DEF_DKIM_WL autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 94731C433E0 for ; Sat, 9 Jan 2021 00:49:36 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 5F13023A75 for ; Sat, 9 Jan 2021 00:49:36 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726865AbhAIAtU (ORCPT ); Fri, 8 Jan 2021 19:49:20 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:40034 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726814AbhAIAtO (ORCPT ); Fri, 8 Jan 2021 19:49:14 -0500 Received: from mail-qk1-x74a.google.com (mail-qk1-x74a.google.com [IPv6:2607:f8b0:4864:20::74a]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 5921DC0617A6 for ; Fri, 8 Jan 2021 16:48:03 -0800 (PST) Received: by mail-qk1-x74a.google.com with SMTP id e25so10635032qka.3 for ; Fri, 08 Jan 2021 16:48:03 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=sender:reply-to:date:in-reply-to:message-id:mime-version:references :subject:from:to:cc; bh=jYzoDTNoVvtxiYfXr7ZVMmi5PaPZLOefqEPk2ReBEho=; b=rYTHs6VtOzbi6t9kEubz4Bd+X+LSpeh5CRREL9KKvWx45B0x4J0JqtXf703AejLdtZ oZd0vk11Abhc/dNaTO6AwGRfWUzPa+15qfOmKU3HE7R5rmTdbuOlJEndJ9HeBFcLKLCx d5OdbCJAuc7xXDH1++YnlhT/Wjk3cDchoMS3Yqhfprh7iobuflp11tBHw1a+E+j06SE2 fdJP6K2FCEV09r1EqKSirOXpb2Bt+orJYtoE1AIdrGg+cmynp9ZM2KT0aShabNNamBGE lAryM1BjRSsxC9owM+IXltC9RJRskBjuF6PV4Mwyh532wHel/6LvgcsYD3s6n6ldH7L3 YFqQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:sender:reply-to:date:in-reply-to:message-id :mime-version:references:subject:from:to:cc; bh=jYzoDTNoVvtxiYfXr7ZVMmi5PaPZLOefqEPk2ReBEho=; b=cZcIE4eRp67Zqxwzci33huUPG81Ch9l5uJmYCJgyVZZplH7tVANrmX5wzaCUdArayD zoP80ffK23qzMMP/TZVWOfkCy78v7HTyUYz0MGDnXj6MRFD7lHEBpbVy+zTgH7Tw8OlM c5wP1sNaAvXHYidGkUWzM2jNpXLwMyAE3km2TsS41rzciGiPJLeaE9o4bLe9l6RwbHuS NJoN9kvYUor0oXtVLM1ZYHxiKMBK4Imn2hmO+52mpKMDN5R0pGLq/SYEv3zDJ4A6Cauj RlSflbZqVG4uH5bGJP+sFhseblF7jpCDsks3WGrJIPHICjg0Z6L1WNrnP0fYjPhf/av3 nIaQ== X-Gm-Message-State: AOAM532a0jszXNy/DJrXZ/ihETI/modnsBOn0uSbmv/rxQUUrpTXpOoU GwnjnC++d/VAabrZNqkGi+M5dp8mVvc= X-Google-Smtp-Source: ABdhPJxpQ3wLhaubUoaRGswmZy7bijjJZZ0cyMCOzgTd51mh8LwTMxQc3nOKUrHHjQDFkTl1m85lzfclaVs= Sender: "seanjc via sendgmr" X-Received: from seanjc798194.pdx.corp.google.com ([2620:15c:f:10:1ea0:b8ff:fe73:50f5]) (user=seanjc job=sendgmr) by 2002:a0c:fa11:: with SMTP id q17mr6347369qvn.55.1610153282514; Fri, 08 Jan 2021 16:48:02 -0800 (PST) Reply-To: Sean Christopherson Date: Fri, 8 Jan 2021 16:47:12 -0800 In-Reply-To: <20210109004714.1341275-1-seanjc@google.com> Message-Id: <20210109004714.1341275-12-seanjc@google.com> Mime-Version: 1.0 References: <20210109004714.1341275-1-seanjc@google.com> X-Mailer: git-send-email 2.30.0.284.gd98b1dd5eaa7-goog Subject: [PATCH 11/13] KVM: SVM: Drop redundant svm_sev_enabled() helper From: Sean Christopherson To: Paolo Bonzini , Dave Hansen , Andy Lutomirski , Peter Zijlstra Cc: Sean Christopherson , Vitaly Kuznetsov , Wanpeng Li , Jim Mattson , Joerg Roedel , kvm@vger.kernel.org, linux-kernel@vger.kernel.org, Tom Lendacky , Borislav Petkov , Brijesh Singh Precedence: bulk List-ID: X-Mailing-List: kvm@vger.kernel.org Replace calls to svm_sev_enabled() with direct checks on sev_enabled, or in the case of svm_mem_enc_op, simply drop the call to svm_sev_enabled(). This effectively replaces checks against a valid max_sev_asid with checks against sev_enabled. sev_enabled is forced off by sev_hardware_setup() if max_sev_asid is invalid, all call sites are guaranteed to run after sev_hardware_setup(), and all of the checks care about SEV being fully enabled (as opposed to intentionally handling the scenario where max_sev_asid is valid but SEV enabling fails due to OOM). Signed-off-by: Sean Christopherson --- arch/x86/kvm/svm/sev.c | 6 +++--- arch/x86/kvm/svm/svm.h | 5 ----- 2 files changed, 3 insertions(+), 8 deletions(-) diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c index 8c34c467a09d..1b9174a49b65 100644 --- a/arch/x86/kvm/svm/sev.c +++ b/arch/x86/kvm/svm/sev.c @@ -1052,7 +1052,7 @@ int svm_mem_enc_op(struct kvm *kvm, void __user *argp) struct kvm_sev_cmd sev_cmd; int r; - if (!svm_sev_enabled() || !sev_enabled) + if (!sev_enabled) return -ENOTTY; if (!argp) @@ -1314,7 +1314,7 @@ void __init sev_hardware_setup(void) void sev_hardware_teardown(void) { - if (!svm_sev_enabled()) + if (!sev_enabled) return; bitmap_free(sev_asid_bitmap); @@ -1325,7 +1325,7 @@ void sev_hardware_teardown(void) int sev_cpu_init(struct svm_cpu_data *sd) { - if (!svm_sev_enabled()) + if (!sev_enabled) return 0; sd->sev_vmcbs = kmalloc_array(max_sev_asid + 1, sizeof(void *), diff --git a/arch/x86/kvm/svm/svm.h b/arch/x86/kvm/svm/svm.h index 4eb4bab0ca3e..8cb4395b58a0 100644 --- a/arch/x86/kvm/svm/svm.h +++ b/arch/x86/kvm/svm/svm.h @@ -569,11 +569,6 @@ void svm_vcpu_unblocking(struct kvm_vcpu *vcpu); extern unsigned int max_sev_asid; -static inline bool svm_sev_enabled(void) -{ - return IS_ENABLED(CONFIG_KVM_AMD_SEV) ? max_sev_asid : 0; -} - void sev_vm_destroy(struct kvm *kvm); int svm_mem_enc_op(struct kvm *kvm, void __user *argp); int svm_register_enc_region(struct kvm *kvm, From patchwork Sat Jan 9 00:47:13 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Sean Christopherson X-Patchwork-Id: 12007833 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-26.6 required=3.0 tests=BAYES_00,DKIMWL_WL_MED, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_CR_TRAILER,INCLUDES_PATCH,MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS, USER_AGENT_GIT,USER_IN_DEF_DKIM_WL autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id D616CC433E9 for ; Sat, 9 Jan 2021 00:49:36 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id B559023AC2 for ; Sat, 9 Jan 2021 00:49:36 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726845AbhAIAtU (ORCPT ); Fri, 8 Jan 2021 19:49:20 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:40032 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726817AbhAIAtO (ORCPT ); Fri, 8 Jan 2021 19:49:14 -0500 Received: from mail-yb1-xb4a.google.com (mail-yb1-xb4a.google.com [IPv6:2607:f8b0:4864:20::b4a]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 10CDBC0617A9 for ; Fri, 8 Jan 2021 16:48:06 -0800 (PST) Received: by mail-yb1-xb4a.google.com with SMTP id e74so17313959ybh.19 for ; Fri, 08 Jan 2021 16:48:06 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=sender:reply-to:date:in-reply-to:message-id:mime-version:references :subject:from:to:cc; bh=kFsJmkb8M3ufAjXEZxfMS0MYb/t7DHhSQPFJmc4E3xo=; b=rwWV2rTcTh3ZbcOtWceFowsWqu8ZhEM+Zob5/myHWaq1UWg3OPjKSnndZK5sSABA8z /+p+ODXqLrx0qeslKe3E79H6kObTc1J6uBvTvEX8EPn8HW8nO/ywvYe3moIsuwj5otyY VraQ0gmOF6Ok0nKjiG0XDTDUOY39Vv8XxjJciWbj7oBpUyk5B7uD8221neIUcvwew7CE XvOwLpZ47hFnLaatlJhiBslX7xRVVP7FJbQVcGXYNqcLTs5iGuyg0jEzqF8pIXdvw7gL sKfm7inYaWjEALlOsq9qOOsnOpf9QMzVeMPUdedlw2HRaIzOB8Hk3etokpBeVi/SQclf 2qrA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:sender:reply-to:date:in-reply-to:message-id :mime-version:references:subject:from:to:cc; bh=kFsJmkb8M3ufAjXEZxfMS0MYb/t7DHhSQPFJmc4E3xo=; b=p/MDNffAwBT3djwGQF0guyAoeSCFUK/Ck9CxPFjqpPsrEt2oJGzsMOsNKhhhJpAs4s x8kaztZ9kMhDUCNUDh/k0sVoct5E+YA6z00vr7MaBrZw2gS+62k8u28y1ztBZhqNAXtE /Pb/nl0o5mljmC4D2FhIxhyFuwHKVMaLzptGyw96oTjLOzRnE2zrNf/KebTl7NapY9UV Fma4HkiW/FfKUFLtFT6Me/hJxgrM8IDAu0HMJgUvp2O3a4fNkA5TzcSM9m01cK86ZT1j RcwoV9IlE5qlvRL/OX9AUGRLWA905QFS3PaB8l4nl3ilBD9jVkeRozYiq60QuXRvy93z goyQ== X-Gm-Message-State: AOAM531KQBkKx8b/GApWB1QjlEP4k3nEQDr2X4onzHXpfS28wdb+CQ/j v2CtIapSNT8pJMhHid8srejx5R23m0c= X-Google-Smtp-Source: ABdhPJy4XZ0rEH8KPPWmFdqnCvmHl68ytC6NY7FVMOSj9YpCUewZM24l9cH9T/l9Ot7RR2FnXxxPo9aOwHI= Sender: "seanjc via sendgmr" X-Received: from seanjc798194.pdx.corp.google.com ([2620:15c:f:10:1ea0:b8ff:fe73:50f5]) (user=seanjc job=sendgmr) by 2002:a25:1386:: with SMTP id 128mr9070481ybt.374.1610153285308; Fri, 08 Jan 2021 16:48:05 -0800 (PST) Reply-To: Sean Christopherson Date: Fri, 8 Jan 2021 16:47:13 -0800 In-Reply-To: <20210109004714.1341275-1-seanjc@google.com> Message-Id: <20210109004714.1341275-13-seanjc@google.com> Mime-Version: 1.0 References: <20210109004714.1341275-1-seanjc@google.com> X-Mailer: git-send-email 2.30.0.284.gd98b1dd5eaa7-goog Subject: [PATCH 12/13] KVM: SVM: Remove an unnecessary prototype declaration of sev_flush_asids() From: Sean Christopherson To: Paolo Bonzini , Dave Hansen , Andy Lutomirski , Peter Zijlstra Cc: Sean Christopherson , Vitaly Kuznetsov , Wanpeng Li , Jim Mattson , Joerg Roedel , kvm@vger.kernel.org, linux-kernel@vger.kernel.org, Tom Lendacky , Borislav Petkov , Brijesh Singh Precedence: bulk List-ID: X-Mailing-List: kvm@vger.kernel.org Remove the forward declaration of sev_flush_asids(), which is only a few lines above the function itself. No functional change intended. Signed-off-by: Sean Christopherson --- arch/x86/kvm/svm/sev.c | 1 - 1 file changed, 1 deletion(-) diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c index 1b9174a49b65..b4a9c12cf8ce 100644 --- a/arch/x86/kvm/svm/sev.c +++ b/arch/x86/kvm/svm/sev.c @@ -36,7 +36,6 @@ static bool sev_es_enabled = IS_ENABLED(CONFIG_AMD_MEM_ENCRYPT_ACTIVE_BY_DEFAULT module_param_named(sev_es, sev_es_enabled, bool, 0444); static u8 sev_enc_bit; -static int sev_flush_asids(void); static DECLARE_RWSEM(sev_deactivate_lock); static DEFINE_MUTEX(sev_bitmap_lock); unsigned int max_sev_asid; From patchwork Sat Jan 9 00:47:14 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Sean Christopherson X-Patchwork-Id: 12007841 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-26.6 required=3.0 tests=BAYES_00,DKIMWL_WL_MED, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_CR_TRAILER,INCLUDES_PATCH,MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS, USER_AGENT_GIT,USER_IN_DEF_DKIM_WL autolearn=unavailable autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id C81FBC4332B for ; Sat, 9 Jan 2021 00:50:00 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 984D823B09 for ; Sat, 9 Jan 2021 00:50:00 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726886AbhAIAtp (ORCPT ); Fri, 8 Jan 2021 19:49:45 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:40196 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726960AbhAIAtj (ORCPT ); Fri, 8 Jan 2021 19:49:39 -0500 Received: from mail-yb1-xb4a.google.com (mail-yb1-xb4a.google.com [IPv6:2607:f8b0:4864:20::b4a]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id EF7B7C0617AA for ; Fri, 8 Jan 2021 16:48:08 -0800 (PST) Received: by mail-yb1-xb4a.google.com with SMTP id o8so17219460ybq.22 for ; Fri, 08 Jan 2021 16:48:08 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=sender:reply-to:date:in-reply-to:message-id:mime-version:references :subject:from:to:cc; bh=fVKJcIBGyQ8ofth+2r+58SAdhl2FPbPE0WCNDEMMDk4=; b=sV2kXazNx3+wC2Yq0tFCfvFkxuQ8uXG6rdN9zX9NROD55PWnPh0AprGhmarvvrE/Ks srn/Y6hNixdWjZTmVJ7muGoFZ8Y2hVc645/zNmkyR+beufPJ/zSPTPJuLharLBkugmvg kBwiMT3XRfhsnHEuUNh8KkhGlHZwZX8EijET8Vi0AkNpX28n/ZQij+4/fdsEhC5K161y YrtOpmHIbDWQ6sIYluL6KJfdJo4h2nER3g3BkRS2UvRgqMbQjNBMWM1LAovL62/sCMKI 1GM+jxKOyBr3luJeuF1iy4bYYqD6cdjeBXn3RSgV67SvlDWQutqGDxRzBaSIGFCh5hKg 6EAw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:sender:reply-to:date:in-reply-to:message-id :mime-version:references:subject:from:to:cc; bh=fVKJcIBGyQ8ofth+2r+58SAdhl2FPbPE0WCNDEMMDk4=; b=kb+ks/q4x41HHuxd3/rcwqrxmmqlHstAMAL7J2HC94h5Y+GvmSZ/SFzGHEURtZGTi3 y5zfVQ0DJMuOEcViGRCEFhaiaCYoxNKkmNeCBGzmCyzgvRR3K5mglizsq3tzwS5+1Cfd CQcf6p0YrkhzJ1s7udP6dFHVbDv1az5jn6GvJD1pQ4dxYgf25h0YxKZfxQ3/Y70SuIri vnGxRaB7VDQt5y2vRDWlAOMARDD67RMaEPidekdeF7dUVzf/Zx8XRR6rHZHS7RYPk60w lcrGqzQOrfIywBZnzT/DY/OEakTMdczdQmv0+LjQJnZpWKdmhtxlmc3wtRxeaxI7vLpA Rjpg== X-Gm-Message-State: AOAM530jtY+a8Am46MaO2xwqzqO3JTHXMeZG25PD4z2On0RwIjo9dsvr AjbzorYA5gI3oAGSUuOfvGL8TjpP0Qk= X-Google-Smtp-Source: ABdhPJwkUpCfLMqhX7OFP7/TPxLCfPGVqnIV++qq6RbW6+AzZ8TZu4ZGF0NRg7hqrAiAuHqTHJm1tlBGHBk= Sender: "seanjc via sendgmr" X-Received: from seanjc798194.pdx.corp.google.com ([2620:15c:f:10:1ea0:b8ff:fe73:50f5]) (user=seanjc job=sendgmr) by 2002:a25:3ac3:: with SMTP id h186mr8587398yba.155.1610153288080; Fri, 08 Jan 2021 16:48:08 -0800 (PST) Reply-To: Sean Christopherson Date: Fri, 8 Jan 2021 16:47:14 -0800 In-Reply-To: <20210109004714.1341275-1-seanjc@google.com> Message-Id: <20210109004714.1341275-14-seanjc@google.com> Mime-Version: 1.0 References: <20210109004714.1341275-1-seanjc@google.com> X-Mailer: git-send-email 2.30.0.284.gd98b1dd5eaa7-goog Subject: [PATCH 13/13] KVM: SVM: Skip SEV cache flush if no ASIDs have been used From: Sean Christopherson To: Paolo Bonzini , Dave Hansen , Andy Lutomirski , Peter Zijlstra Cc: Sean Christopherson , Vitaly Kuznetsov , Wanpeng Li , Jim Mattson , Joerg Roedel , kvm@vger.kernel.org, linux-kernel@vger.kernel.org, Tom Lendacky , Borislav Petkov , Brijesh Singh Precedence: bulk List-ID: X-Mailing-List: kvm@vger.kernel.org Skip SEV's expensive WBINVD and DF_FLUSH if there are no SEV ASIDs waiting to be reclaimed, e.g. if SEV was never used. This "fixes" an issue where the DF_FLUSH fails during hardware teardown if the original SEV_INIT failed. Ideally, SEV wouldn't be marked as enabled in KVM if SEV_INIT fails, but that's a problem for another day. Signed-off-by: Sean Christopherson --- arch/x86/kvm/svm/sev.c | 22 ++++++++++------------ 1 file changed, 10 insertions(+), 12 deletions(-) diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c index b4a9c12cf8ce..eb8e4dca4bf2 100644 --- a/arch/x86/kvm/svm/sev.c +++ b/arch/x86/kvm/svm/sev.c @@ -51,9 +51,14 @@ struct enc_region { unsigned long size; }; -static int sev_flush_asids(void) +static int sev_flush_asids(int min_asid, int max_asid) { - int ret, error = 0; + int ret, pos, error = 0; + + /* Check if there are any ASIDs to reclaim before performing a flush */ + pos = find_next_bit(sev_reclaim_asid_bitmap, max_sev_asid, min_asid); + if (pos >= max_asid) + return -EBUSY; /* * DEACTIVATE will clear the WBINVD indicator causing DF_FLUSH to fail, @@ -75,14 +80,7 @@ static int sev_flush_asids(void) /* Must be called with the sev_bitmap_lock held */ static bool __sev_recycle_asids(int min_asid, int max_asid) { - int pos; - - /* Check if there are any ASIDs to reclaim before performing a flush */ - pos = find_next_bit(sev_reclaim_asid_bitmap, max_sev_asid, min_asid); - if (pos >= max_asid) - return false; - - if (sev_flush_asids()) + if (sev_flush_asids(min_asid, max_asid)) return false; /* The flush process will flush all reclaimable SEV and SEV-ES ASIDs */ @@ -1316,10 +1314,10 @@ void sev_hardware_teardown(void) if (!sev_enabled) return; + sev_flush_asids(0, max_sev_asid); + bitmap_free(sev_asid_bitmap); bitmap_free(sev_reclaim_asid_bitmap); - - sev_flush_asids(); } int sev_cpu_init(struct svm_cpu_data *sd)