From patchwork Mon Oct 16 13:27:30 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Roth X-Patchwork-Id: 13423272 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 10DD6CDB474 for ; Mon, 16 Oct 2023 13:34:30 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 9F81D8D007A; Mon, 16 Oct 2023 09:34:29 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 980478D0001; Mon, 16 Oct 2023 09:34:29 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 7FA088D007A; Mon, 16 Oct 2023 09:34:29 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0011.hostedemail.com [216.40.44.11]) by kanga.kvack.org (Postfix) with ESMTP id 692658D0001 for ; Mon, 16 Oct 2023 09:34:29 -0400 (EDT) Received: from smtpin24.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay10.hostedemail.com (Postfix) with ESMTP id 41F53C071E for ; Mon, 16 Oct 2023 13:34:29 +0000 (UTC) X-FDA: 81351419058.24.EA8AA0B Received: from NAM10-DM6-obe.outbound.protection.outlook.com (mail-dm6nam10on2044.outbound.protection.outlook.com [40.107.93.44]) by imf05.hostedemail.com (Postfix) with ESMTP id 61BF6100020 for ; Mon, 16 Oct 2023 13:34:26 +0000 (UTC) Authentication-Results: imf05.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b=D3xU2YMX; spf=pass (imf05.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.93.44 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com; arc=pass ("microsoft.com:s=arcselector9901:i=1"); dmarc=pass (policy=quarantine) header.from=amd.com ARC-Seal: i=2; s=arc-20220608; d=hostedemail.com; t=1697463266; a=rsa-sha256; cv=pass; b=dkz5nn3mOHOp5jq9FF9kPyo+hN424xYjLsDK6yUC0laypBbvcJ5jln7Fql6faWOxuHYQZ+ 3MLSi5seOk5SfBuGW0tNtlObs5X/qyqxHUnzCaAj6d8rwuH0HkmnIvGhfL4eA2pI5IBUWj PQG2UFwURHmr2zqU046pMndY1izVRQ8= ARC-Authentication-Results: i=2; imf05.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b=D3xU2YMX; spf=pass (imf05.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.93.44 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com; arc=pass ("microsoft.com:s=arcselector9901:i=1"); dmarc=pass (policy=quarantine) header.from=amd.com ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1697463266; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=N9C/ZG3T7++Fj+seA9VNp4Z7hIxro7PtZW0AauElUUI=; b=JrOO/AZ8RA+SsQsC4wSY2SCHHPo7NbYpBg1mQ1yH5Lb/c6/o1NXSr7ZtNLuj7wTxUGl/f8 0NgV/JkAC842uxA8UIt1UP/tSVMauTXZIx0/F6SHEEeR+GEmtNMngDSbtU/PHu0OIQlWUC 5iSyZETPnL4oDQmFgShiEgxdxGwCVVo= ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=dgg0JJo1eAjfpGKpHa1gAsdQvAlLERM5u/aq9JuOf5FRiqON8E5PptIsLENq/Xn5uq3sy7jlHsLOkNlpr5RURuC4BsJ+nuag/KOUnRKUcSgCMdp0xbuL4HLhPwpO+CCU09V3VJZjQUuJyVCr1EgKhBc/qUoshqsIQlFSYAnXJ+2SS0/FHCZt1vwKYKz9jd/x7uDHpHoWPhk20Gz1zd8aeeuelIy5rhmmfbDSfWot9Xb7rIO4D0B1nZ39tmCI/UjhPnBSU6hkVgqi+o7PLxLgOySWeuo8IlQiu6sWMmCMbRenDTWTLirpDqXVJjQxzsQWmzM6OdkE93ulr4qwa5tqsg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=N9C/ZG3T7++Fj+seA9VNp4Z7hIxro7PtZW0AauElUUI=; b=fdLBcV1MVUK2jxqyFw67/MdIKg27+NZ5p41T+w5lVySHo2/MxsEW2RGTl8eA9G/UT8lUnz176ZfoRE2Qhrhw6IQobWkycdQCBLO+t4D2PHZO5925bB7sEtyahdnihDrQf8tR2pyUIJLpDhHUkjQtHYZ5ujST/bqlmIbburlTQEQs38g/RZ5QzT+mTAIRsxNe3e8jI1fS+1EiqDDurpVZkMbDcWs51VSqO9ehbWez2gZNjQgK5huZu0kP6x/Cv5CAWKnLLyDnzmZfZG5F6YyHZ2G9+2VvMC0WDb/pU3T9O6jgtuNl63kan1iKNaujYIcJmCX0Yyi1owRycpGRPwuBqw== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=N9C/ZG3T7++Fj+seA9VNp4Z7hIxro7PtZW0AauElUUI=; b=D3xU2YMX3W25qrFRp4X6jA/99+Id9hDSa7Yal51Yn3khOyRDszCe5EouC324yjgHDIrXbvHe2zIUqk7u7rJnHFD8YAFpSjJIDAYSoP2W3FsLE4Gjb5uz7AmifzQwWYVTiPgEawHRAxG9ayxJD4Q+QjpU56EMyRm1Hx/856iQgOc= Received: from MW2PR16CA0041.namprd16.prod.outlook.com (2603:10b6:907:1::18) by DM6PR12MB4106.namprd12.prod.outlook.com (2603:10b6:5:221::7) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6863.37; Mon, 16 Oct 2023 13:34:22 +0000 Received: from MWH0EPF000989EB.namprd02.prod.outlook.com (2603:10b6:907:1:cafe::71) by MW2PR16CA0041.outlook.office365.com (2603:10b6:907:1::18) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6886.35 via Frontend Transport; Mon, 16 Oct 2023 13:34:22 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by MWH0EPF000989EB.mail.protection.outlook.com (10.167.241.138) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.6838.22 via Frontend Transport; Mon, 16 Oct 2023 13:34:22 +0000 Received: from localhost (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.27; Mon, 16 Oct 2023 08:34:21 -0500 From: Michael Roth To: CC: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , Subject: [PATCH v10 01/50] KVM: SVM: INTERCEPT_RDTSCP is never intercepted anyway Date: Mon, 16 Oct 2023 08:27:30 -0500 Message-ID: <20231016132819.1002933-2-michael.roth@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20231016132819.1002933-1-michael.roth@amd.com> References: <20231016132819.1002933-1-michael.roth@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: MWH0EPF000989EB:EE_|DM6PR12MB4106:EE_ X-MS-Office365-Filtering-Correlation-Id: 6a4cc97a-60de-4128-5476-08dbce4c9b79 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: Bceig7A/dbpt4tNnp4S0Edoa7UxGXuz+cGZDU13JlD2OXce5z7TjMKTWcTUt3Gd1Juyxhf+cIkR8XHXIbunyJrmmsyRAfKR3Qj3o7yBBASwqUJGcE6fRTddu2bQFqq1rlqAtT8snNsRvtUU2//l3PJetI2Driy2fOBCVssZhBFx87VibPVT3RO+39IdfRDdYli02ujcQTKxxU4iDDRjpziHUzeSLdlCjuEe9eW456jKtM5/3IvxqiUCo3T4gE3YeIUvvVHVGhQH1dExDOlP+fCM7yGbXHnL8h0OhJNqb5x3hL78WHYl1DS83s5bJsDcT1/h7Q359+aMgyII/+xLnXaeGNW1UjX1QZUr10mIxQEs2hiGKguRjLsKMXKyA7WnqLfM8AvZGf/EzzFoCT9GKre3fv2a9rNxAKRm/VoolyHruY0IXtsnVcQwhsIuNfy1q+uZ8uTCOqt0ze8LR5TgRyPjGeSeL2BuWlfNVe3ilTDsp1f2uCccg4IhXxAv6Kf5+zbFQ4Gwzo11Qvc0AAgcPOAAGhrxkOIgKZSWK5kIfrk5x9kK/nm0rKG9F4v+waRTRW/1/l5+YUBZqWmcDtcOlQulMRm7XDORzUGKa06H1pXHCDhtAHlQQyJBkrmwCqIVOeAHrrPXHMz1Hj8UGxKX2XN0fenURBtOpCRDcesWeaFW3eA1SVsvIcvMNkBsoDxB51s2VY+hnMpvWiuX3p8nA7LR0q5ZcYPBHCLzD0lbLU5YthIafV30iVAGohuMi8LefeWBumt/88++5PWEtzmkZaw== X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230031)(4636009)(346002)(376002)(396003)(136003)(39860400002)(230922051799003)(1800799009)(186009)(64100799003)(82310400011)(451199024)(46966006)(40470700004)(36840700001)(6666004)(1076003)(2616005)(82740400003)(356005)(36860700001)(86362001)(81166007)(36756003)(40460700003)(47076005)(44832011)(7416002)(6916009)(316002)(478600001)(41300700001)(336012)(70586007)(2906002)(426003)(7406005)(83380400001)(5660300002)(26005)(8936002)(16526019)(4326008)(8676002)(40480700001)(70206006)(54906003)(36900700001);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 16 Oct 2023 13:34:22.2594 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 6a4cc97a-60de-4128-5476-08dbce4c9b79 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: MWH0EPF000989EB.namprd02.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM6PR12MB4106 X-Rspamd-Server: rspam08 X-Rspamd-Queue-Id: 61BF6100020 X-Stat-Signature: 3gxukcexnbuwn6jprbte1wh36eubyhbd X-Rspam-User: X-HE-Tag: 1697463266-231914 X-HE-Meta: U2FsdGVkX18cvoOgGYhINu4rBl7pWaaXfWhrNLhFE4WvfkWCcf2sNG6eURLn5lfNgas7zv6BMlCQhNg+txR2fM2JNTQWnIgUfy4WIR/2rCpabx1Ko03zGbC6LP0vgsQueYM63KbXBp0mRGnn+upBrlvUoKFwVGz0fEyaGOb8kua33OTPyTMgldXRAlVylHH51JyOr7z6YcNVqiVN0FEn2RlGMj+NPDa5JNRsA1rPnBCgD4kzCe9fL/COejr8lnXwcOQM3D8AJVM42HmlE3xtF1pwkc4gVoG01ZRO/k1bFcMwGVIZQ0Meoa1vGmCAKxx8nQPw+jLYPuUY24vbm3ChZeRb7J0OwLc0WeYuw6xxCKbDdkqEaxrvwoIZZwLwJRQvlTUpvYkt6mO2AH2zsn55Kaxlkzj79yc/CP+hig+FJ4L3ERzas5YbbbExh+hmQeW/QSmi4SXaw51oPJMac0eHXeZjxaZ+EgFl1YBf9Gi9vN8XG19U243Avsd/WzbEQ0OOR7wkU8SqMJ1dpt4z6z1Id9wqFj5G1nH5I+xvsN9TwBEVn7WAyzFX0m3nX8A/mLrYSwAncfwbFLAJwLzCA7ZFHPL0jk+/q5wej2/E0WCRB/WSzMoQ+ORmlGUaCIWy6pRmkmaGgDq7QdPKcQrhS4b0PDtxKo0F+63/nlwHPV8LQGdXfa3xe549mOAsb4K15YuTe3BCMOXr9OD4IxAS4MPY7Zvwt1FqDfkj3TAfztTNQZA9pAXr5HJqyDrrFhk5PFE0sPTbIK0U9Ti6m3jqGHahsT3uvCAE+R+EhWYBxiORkvkyjHy4HqKuIQ+6u4hd6xkXgSZYAGzGveK0ht8MuZajXQZUDcSkiptLWrs0zXPf8NOcp+uLfm5plrkZDXujGBv5RObj5F/vn+P9Ca7s4Agl2BA1LV2/38FcYuEKlI8LcMPPCp7shAW3siStaabctAfU/ftsYrcJhlL1gclLW82 /xeWwrn+ LXloMYAd2uHd/LVik9ILyM8dY3bLTv76jZ21DY8P/RnFXv3A/Xbcq5OHoMWcNANX8MI/E2znSIWHwSeQQXSx49D52DJrdZu9mjBvYDeRgUBsmabSGJKC+e1ZrWCmd6uhuqUQQkdEpeLCvvhHHGOlwS9qQPul/l+wRCV1ZQyJ+6CK1UtJUcc6Ew90bqQ0Gn9/q/gWwHhExUBaXu7HcYrL8WwMJ3Yjk7hGXWpvnrBb56TM0jnG+rmdMTmUs51mM4rqPYU66awydhUR4jHyGz722ZTYhWgvxcnLLYkSkp1kSHld31ZMtF4wl8LNYxh7lXUlU1t7GjXSc7Emsnd390xVN4vVVkV+FNVU5QAAEDGCTCRfqsMKqetW6qGNVuKtPtM2sSFJO5V+xXyZJcR5piHpwTqhnQ6mXlXKxtTWrNyyQ4+Qqk5SdF/uVWm6v9RFNPs5/tThjiX++G4DdMiPisInv4KJD1g== X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: From: Paolo Bonzini svm_recalc_instruction_intercepts() is always called at least once before the vCPU is started, so the setting or clearing of the RDTSCP intercept can be dropped from the TSC_AUX virtualization support. Extracted from a patch by Tom Lendacky. Cc: stable@vger.kernel.org Fixes: 296d5a17e793 ("KVM: SEV-ES: Use V_TSC_AUX if available instead of RDTSC/MSR_TSC_AUX intercepts") Signed-off-by: Paolo Bonzini (cherry picked from commit e8d93d5d93f85949e7299be289c6e7e1154b2f78) Signed-off-by: Michael Roth --- arch/x86/kvm/svm/sev.c | 5 +---- 1 file changed, 1 insertion(+), 4 deletions(-) diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c index b9a0a939d59f..fa1fb81323b5 100644 --- a/arch/x86/kvm/svm/sev.c +++ b/arch/x86/kvm/svm/sev.c @@ -3027,11 +3027,8 @@ static void sev_es_init_vmcb(struct vcpu_svm *svm) if (boot_cpu_has(X86_FEATURE_V_TSC_AUX) && (guest_cpuid_has(&svm->vcpu, X86_FEATURE_RDTSCP) || - guest_cpuid_has(&svm->vcpu, X86_FEATURE_RDPID))) { + guest_cpuid_has(&svm->vcpu, X86_FEATURE_RDPID))) set_msr_interception(vcpu, svm->msrpm, MSR_TSC_AUX, 1, 1); - if (guest_cpuid_has(&svm->vcpu, X86_FEATURE_RDTSCP)) - svm_clr_intercept(svm, INTERCEPT_RDTSCP); - } } void sev_init_vmcb(struct vcpu_svm *svm) From patchwork Mon Oct 16 13:27:31 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Roth X-Patchwork-Id: 13423307 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id E4727CDB474 for ; Mon, 16 Oct 2023 13:38:55 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 84CEF8D0087; Mon, 16 Oct 2023 09:38:55 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 7FCC98D0001; Mon, 16 Oct 2023 09:38:55 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 69D888D0087; Mon, 16 Oct 2023 09:38:55 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0017.hostedemail.com [216.40.44.17]) by kanga.kvack.org (Postfix) with ESMTP id 5B5CE8D0001 for ; Mon, 16 Oct 2023 09:38:55 -0400 (EDT) Received: from smtpin19.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay10.hostedemail.com (Postfix) with ESMTP id 3681FC0953 for ; Mon, 16 Oct 2023 13:38:55 +0000 (UTC) X-FDA: 81351430230.19.FF2939B Received: from NAM12-BN8-obe.outbound.protection.outlook.com (mail-bn8nam12on2065.outbound.protection.outlook.com [40.107.237.65]) by imf17.hostedemail.com (Postfix) with ESMTP id 2990540025 for ; Mon, 16 Oct 2023 13:38:51 +0000 (UTC) Authentication-Results: imf17.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b=p+DY4fhl; arc=pass ("microsoft.com:s=arcselector9901:i=1"); dmarc=pass (policy=quarantine) header.from=amd.com; spf=pass (imf17.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.237.65 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com ARC-Seal: i=2; s=arc-20220608; d=hostedemail.com; t=1697463532; a=rsa-sha256; cv=pass; b=OMmNLWFARzXgJh53ww8otq0ZgiUZV/H4WGNW8T3QKMpPk+jd1jzrTpm91/b6tBxSYTakHo QZvuDsMspU1cU1MgvTT3mSkU7M/eTVk+h+4+kQDYlTWOr3YehoabZBQUSX2y+RlBUqasr4 cSDIfg0JuOEKgquNWqmIu/442J0kpqs= ARC-Authentication-Results: i=2; imf17.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b=p+DY4fhl; arc=pass ("microsoft.com:s=arcselector9901:i=1"); dmarc=pass (policy=quarantine) header.from=amd.com; spf=pass (imf17.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.237.65 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1697463532; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=pjxZBnS5MLOuqlm9DTDulyqxa8tan8YR6IJ+af5tIDk=; b=5x+cf2iMmOKsNAS2/0nkmJTETu3MZ0LzAOayZN0v824ikfK3q4TLPBr1Y3jtKTvQrKPqqJ sEgPfIgMG6+KtqOQ9pdr9ivNHieOR53lVjHL3ImlGK4zT+x1mLK9+7xZZDbuFzK9xzTLFW dTspj1oSeQIo3WitpE03910m+n2NW/Q= ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=gVjpHvDWmjA0HcM2uQdLqwoE8nzyj56JRn+dmb21yRX7ReqxRWBT2Bpp+s/2e3wQdyVCwyPjXtVgMYFO47MSV7IN8TyKdiDLzx3c7K0BbC3jPpfTuofCIBe4QJpI96X0WZBjE18vs/4inyZjqGLBJRdCyvFTlxh7WRISUX925i46bhsrbuUdbb4p7tJK+79nMBTlIfdFiEkcNy3frDnqKOrGWvyt6X8fDk6iPwB2gFfQMbanciS7E10XvwbfEgOCzBfOVsBPn3UFEMlx6bI7acEyxHS/+FNx9haz9rW4vHcaDOsogg7xU8Ot/Bs/0qwsAXk4ZfYPaHrHVqDPB24qrw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=pjxZBnS5MLOuqlm9DTDulyqxa8tan8YR6IJ+af5tIDk=; b=QKYvzHJRvPw9wAg9dxU1D6+Nrf20/kuBYCWWrJ6g/tqI4xYQLMbBUVjlDyjuIqBJ6bADvp4cVeMA57QTigXf0hEvLVr5NlUeXo/LbTYyUzphKw+unLR5XMV/SwPujQ0Gh1Ct3KPOIYUKlcz2iVB7VPHWrLaKweDYhkKTrWuI7HThT/xr9YLTPNzHmskfi1hu+HMsGA2rdoggIg1UfgUdw6sGms0BPkd8oqjVFI1yitw29HiPtT7hAZXh00ZV1IPZ495uHK3LTOOI15XXqo0XtQMTe/mcDEV4m0jrrFOTaeR2I+5lDBiZvFdPJTgKUZEC0LfQ9PAsttSx3DSnT/ilQQ== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=pjxZBnS5MLOuqlm9DTDulyqxa8tan8YR6IJ+af5tIDk=; b=p+DY4fhlXA++l9ULcECxduJ5lxvKayHFtcuBeoRuhx5VAvsF9KCE7bctpV14+RkL9I26P6nt//c09PxBySW10jezRVNTAO3nnGtcFSwollGz0+Gmk5Kz9nHETosX09vvVPxwH7eNz22fL7BAmYIqRsO+XWK1Dy+QcnlitcDDxVM= Received: from MN2PR22CA0019.namprd22.prod.outlook.com (2603:10b6:208:238::24) by PH8PR12MB7254.namprd12.prod.outlook.com (2603:10b6:510:225::18) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6863.45; Mon, 16 Oct 2023 13:38:49 +0000 Received: from BL02EPF0001A0FD.namprd03.prod.outlook.com (2603:10b6:208:238:cafe::97) by MN2PR22CA0019.outlook.office365.com (2603:10b6:208:238::24) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6886.36 via Frontend Transport; Mon, 16 Oct 2023 13:38:49 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by BL02EPF0001A0FD.mail.protection.outlook.com (10.167.242.104) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.6838.22 via Frontend Transport; Mon, 16 Oct 2023 13:38:48 +0000 Received: from localhost (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.27; Mon, 16 Oct 2023 08:38:48 -0500 From: Michael Roth To: CC: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , Subject: [PATCH v10 02/50] KVM: SVM: Fix TSC_AUX virtualization setup Date: Mon, 16 Oct 2023 08:27:31 -0500 Message-ID: <20231016132819.1002933-3-michael.roth@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20231016132819.1002933-1-michael.roth@amd.com> References: <20231016132819.1002933-1-michael.roth@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: BL02EPF0001A0FD:EE_|PH8PR12MB7254:EE_ X-MS-Office365-Filtering-Correlation-Id: 0b2be24d-3e98-4789-0ab6-08dbce4d3a64 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: XCpATVppVTG8UeklejD8+NnQx3KrdH1Eyw+EpUEkdvZEzwsxLxmBRW0B0gSWDqTCnmrbUCMs1/wXVP1XbhaJaJ34tXJedo75s/oFdXumTNIf5jH4ps3JI0WYSJodsDtXMCChnY9LlHn7tc5OOczogWmkusxXQWazDWaAERsPqgHSV29IzmbGnGaNjrqTXQVrwnTF7VsmzfgHyQ1dOVXvAQA/dXNUSmEELyeIUV170jI73kBQ4Gc6DSHfYC1sOtOqMR3Kvqyk5DIH18lIxJFrcD6H/vtd2CdpI3fhXbjGrOq43Co8T8Nv7I9CLqmxcQrZ3BGALScNeX5XEnYF/llfYXdfmwMCwuFQY2fOsaAgbrctEHJ4vyDR9nTaN5c3ck89tPMGfNlPrcOLP1dTgxAEK7E4pz41N/XgKApgIoOVB8yZF+hGuiHZ5hzb8i1vYxy+7ekHrzRnhcWwG+RenU9PbmCx5VJO7ZE9xbsy78tJyTKdoepo+CJiJIzIHi+1XgjbLhZZ1IeWfqnabO5eAkGZSCRpWpgQjCNbxZqJu6ccUprvZYFS4ZfsaOdVmXG1aArJqaNOE5M6eJj7bfamYSGgvlJxtN8e+lxcwT9axFBrNt1mxTVMKA4seYjQsVplSmgblKG9r0HSRl0PtCpC9eWEvmvZJjjre2Ijuq7K3G3nvoTzqZgSkXEbY6OAeA9PBCW3EmhgAA8Hkh8zI9XpYRZBtEV37VEtayzUkXnmbqCSQYA/KKulyD5T2FTVohHSn5SkkhHytdjt4FyWevHNNQe0yI1n7DrSPYG0v/Cuewl39vI= X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230031)(4636009)(39860400002)(396003)(376002)(136003)(346002)(230922051799003)(451199024)(82310400011)(186009)(1800799009)(64100799003)(36840700001)(40470700004)(46966006)(47076005)(44832011)(8936002)(8676002)(4326008)(41300700001)(40460700003)(5660300002)(83380400001)(7416002)(2906002)(36756003)(356005)(81166007)(36860700001)(7406005)(1076003)(26005)(426003)(40480700001)(336012)(2616005)(316002)(16526019)(6916009)(82740400003)(478600001)(86362001)(70586007)(70206006)(54906003)(6666004)(36900700001)(309714004);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 16 Oct 2023 13:38:48.9870 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 0b2be24d-3e98-4789-0ab6-08dbce4d3a64 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: BL02EPF0001A0FD.namprd03.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: PH8PR12MB7254 X-Rspam-User: X-Rspamd-Server: rspam06 X-Rspamd-Queue-Id: 2990540025 X-Stat-Signature: s6fdmhx145wug1r9dx7skbs63xjtornp X-HE-Tag: 1697463531-48212 X-HE-Meta: U2FsdGVkX1+/6mGyi7pvkQs4m6oGyTmousZe9txQWaqK5edes58+9rOj0jsk8EDh2hTUgQuXR0XC3xVPVm1eMkISojR5W/7v2Gtc/7KB1MA09SJW+EObhEUswqUJwdiM+SN6c2/CJ0iFZxytSd57F1gUvqt5Fvb3WRPiBxMzuGeYNYJeHNxGqDuYjZ9+YQeM+52Tt31wZgQ4Fa/HmL0dCEki5knX0wOA8+dw4diJwlgIyPkN4R0pAuwHgHtRJcWzqDuPlTfmj1+mlx4iroH/NzMHImzm24DuUd9OYM6+S+F5LN26APp6MRilVuRXAeAGOfOWVTH8KO+3tlKZ33ocZolVaXxMoMCKKe3lmIcpT5pJIZogxv3ZXcdGgO0Gc4gKhn6yOOinW23k5CHXsbB3f/AUn0SKRlCHOTeU/CGo7f4nbeOXWeDbsV3Zo1r9VmeV/xB2rUI94zc9SOju4AenZzXQiKo7/xpIAVH6Q02ifF6I1w6WNfvbItlhuj5snAZ3QthPW5bISCu5b3kDBeLwmb7yaOu9y2NNJul8WRlq5RHabdzlHYD/SNj/MaL1QlylDXhjMeXHH0Hpj4iYbSuVsBr4yh5ZQbDUNDrlFHr9tC/Sbm+0Co35ksa77PCTq7/6Pp097PTKOnUCiE88AF7UaIka1mo8U+RlBYMp88JNRrD2nOOqSul39CY2dD01d1mBXZvjSQ9/zBjOhlB/bdjVjcOenkO0buu4givYFxZJUL2HuP9muEgR0QFss4k8wIjAOaO1apbdKzlNsWYkpdtwzJBSXrb8WYVyDn2ybSNwi7hyMn19Ecgo4Sm99mq6hIkcYWH/Lne5smceR5A8l06NjcvOJrVJte/j8AjiLlKJjvHY6LNUhhGacP2VwkvyinxngHGJsT6G/DKsFybBLtAd2rkM20tVwusrkbl33N91c57KJSAeo6S9+w4To+kTMR5bMNg+3w7JB40XqY3rx5k z0T8FYbo EKD+Yj3qcRUiWTsRVBAZuj6s4I1fzMm7h1VQuwUOWEL+XtxSVBdJYSgCSBh0jzt6riaXn1yikGYPzTzl4rcEHSWT4UW3cbp794N+Nh78sOeqANE4KHTXy9pl+QcGxmF+T0BST0PmCO9XHMyxnDeUco8anacO0wsJErf4s4QuuJSLNjzjkYTU7tPYRv9u9N4HpVdsGFsN+wmIionnTDF+kutRUDB0trKD+42BMpAQqw0BlMVLIO8k8iJSeJxjwvaw4yNbimTOq7MFLr9Yknt46i2Wgocdfw3A7D35NOVTYW7UetVQeogu1iiDN7I4F9rrVkNoIXTamckJ/2b/xDwVvjOfti7AOtdv9M7LgunhKtCgerMFV5H1a1IOYngx4Tln8KxIDquq36QC667Gj6SaWCS2K29pAN4tYAfKFPZECo84VnsporBjabL6bVEgXJKjWXXRYVOuHbz6iLvDeGuiPhOCXsw== X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: From: Tom Lendacky The checks for virtualizing TSC_AUX occur during the vCPU reset processing path. However, at the time of initial vCPU reset processing, when the vCPU is first created, not all of the guest CPUID information has been set. In this case the RDTSCP and RDPID feature support for the guest is not in place and so TSC_AUX virtualization is not established. This continues for each vCPU created for the guest. On the first boot of an AP, vCPU reset processing is executed as a result of an APIC INIT event, this time with all of the guest CPUID information set, resulting in TSC_AUX virtualization being enabled, but only for the APs. The BSP always sees a TSC_AUX value of 0 which probably went unnoticed because, at least for Linux, the BSP TSC_AUX value is 0. Move the TSC_AUX virtualization enablement out of the init_vmcb() path and into the vcpu_after_set_cpuid() path to allow for proper initialization of the support after the guest CPUID information has been set. With the TSC_AUX virtualization support now in the vcpu_set_after_cpuid() path, the intercepts must be either cleared or set based on the guest CPUID input. Fixes: 296d5a17e793 ("KVM: SEV-ES: Use V_TSC_AUX if available instead of RDTSC/MSR_TSC_AUX intercepts") Signed-off-by: Tom Lendacky Message-Id: <4137fbcb9008951ab5f0befa74a0399d2cce809a.1694811272.git.thomas.lendacky@amd.com> Cc: stable@vger.kernel.org Signed-off-by: Paolo Bonzini (cherry picked from commit e0096d01c4fcb8c96c05643cfc2c20ab78eae4da) Signed-off-by: Michael Roth --- arch/x86/kvm/svm/sev.c | 31 ++++++++++++++++++++++++++----- arch/x86/kvm/svm/svm.c | 9 ++------- arch/x86/kvm/svm/svm.h | 1 + 3 files changed, 29 insertions(+), 12 deletions(-) diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c index fa1fb81323b5..4900c078045a 100644 --- a/arch/x86/kvm/svm/sev.c +++ b/arch/x86/kvm/svm/sev.c @@ -2962,6 +2962,32 @@ int sev_es_string_io(struct vcpu_svm *svm, int size, unsigned int port, int in) count, in); } +static void sev_es_vcpu_after_set_cpuid(struct vcpu_svm *svm) +{ + struct kvm_vcpu *vcpu = &svm->vcpu; + + if (boot_cpu_has(X86_FEATURE_V_TSC_AUX)) { + bool v_tsc_aux = guest_cpuid_has(vcpu, X86_FEATURE_RDTSCP) || + guest_cpuid_has(vcpu, X86_FEATURE_RDPID); + + set_msr_interception(vcpu, svm->msrpm, MSR_TSC_AUX, v_tsc_aux, v_tsc_aux); + } +} + +void sev_vcpu_after_set_cpuid(struct vcpu_svm *svm) +{ + struct kvm_vcpu *vcpu = &svm->vcpu; + struct kvm_cpuid_entry2 *best; + + /* For sev guests, the memory encryption bit is not reserved in CR3. */ + best = kvm_find_cpuid_entry(vcpu, 0x8000001F); + if (best) + vcpu->arch.reserved_gpa_bits &= ~(1UL << (best->ebx & 0x3f)); + + if (sev_es_guest(svm->vcpu.kvm)) + sev_es_vcpu_after_set_cpuid(svm); +} + static void sev_es_init_vmcb(struct vcpu_svm *svm) { struct vmcb *vmcb = svm->vmcb01.ptr; @@ -3024,11 +3050,6 @@ static void sev_es_init_vmcb(struct vcpu_svm *svm) set_msr_interception(vcpu, svm->msrpm, MSR_IA32_LASTBRANCHTOIP, 1, 1); set_msr_interception(vcpu, svm->msrpm, MSR_IA32_LASTINTFROMIP, 1, 1); set_msr_interception(vcpu, svm->msrpm, MSR_IA32_LASTINTTOIP, 1, 1); - - if (boot_cpu_has(X86_FEATURE_V_TSC_AUX) && - (guest_cpuid_has(&svm->vcpu, X86_FEATURE_RDTSCP) || - guest_cpuid_has(&svm->vcpu, X86_FEATURE_RDPID))) - set_msr_interception(vcpu, svm->msrpm, MSR_TSC_AUX, 1, 1); } void sev_init_vmcb(struct vcpu_svm *svm) diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c index f283eb47f6ac..aef1ddf0b705 100644 --- a/arch/x86/kvm/svm/svm.c +++ b/arch/x86/kvm/svm/svm.c @@ -4284,7 +4284,6 @@ static bool svm_has_emulated_msr(struct kvm *kvm, u32 index) static void svm_vcpu_after_set_cpuid(struct kvm_vcpu *vcpu) { struct vcpu_svm *svm = to_svm(vcpu); - struct kvm_cpuid_entry2 *best; /* * SVM doesn't provide a way to disable just XSAVES in the guest, KVM @@ -4328,12 +4327,8 @@ static void svm_vcpu_after_set_cpuid(struct kvm_vcpu *vcpu) set_msr_interception(vcpu, svm->msrpm, MSR_IA32_FLUSH_CMD, 0, !!guest_cpuid_has(vcpu, X86_FEATURE_FLUSH_L1D)); - /* For sev guests, the memory encryption bit is not reserved in CR3. */ - if (sev_guest(vcpu->kvm)) { - best = kvm_find_cpuid_entry(vcpu, 0x8000001F); - if (best) - vcpu->arch.reserved_gpa_bits &= ~(1UL << (best->ebx & 0x3f)); - } + if (sev_guest(vcpu->kvm)) + sev_vcpu_after_set_cpuid(svm); init_vmcb_after_set_cpuid(vcpu); } diff --git a/arch/x86/kvm/svm/svm.h b/arch/x86/kvm/svm/svm.h index f41253958357..be67ab7fdd10 100644 --- a/arch/x86/kvm/svm/svm.h +++ b/arch/x86/kvm/svm/svm.h @@ -684,6 +684,7 @@ void __init sev_hardware_setup(void); void sev_hardware_unsetup(void); int sev_cpu_init(struct svm_cpu_data *sd); void sev_init_vmcb(struct vcpu_svm *svm); +void sev_vcpu_after_set_cpuid(struct vcpu_svm *svm); void sev_free_vcpu(struct kvm_vcpu *vcpu); int sev_handle_vmgexit(struct kvm_vcpu *vcpu); int sev_es_string_io(struct vcpu_svm *svm, int size, unsigned int port, int in); From patchwork Mon Oct 16 13:27:32 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Roth X-Patchwork-Id: 13423350 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 08625CDB465 for ; Mon, 16 Oct 2023 13:43:45 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 9882D8D0092; Mon, 16 Oct 2023 09:43:44 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 938CE8D0001; Mon, 16 Oct 2023 09:43:44 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 7D9728D0092; Mon, 16 Oct 2023 09:43:44 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0017.hostedemail.com [216.40.44.17]) by kanga.kvack.org (Postfix) with ESMTP id 6F36D8D0001 for ; Mon, 16 Oct 2023 09:43:44 -0400 (EDT) Received: from smtpin18.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay10.hostedemail.com (Postfix) with ESMTP id 4DF41C061B for ; Mon, 16 Oct 2023 13:43:44 +0000 (UTC) X-FDA: 81351442368.18.A506672 Received: from NAM11-BN8-obe.outbound.protection.outlook.com (mail-bn8nam11on2041.outbound.protection.outlook.com [40.107.236.41]) by imf12.hostedemail.com (Postfix) with ESMTP id 5F15140028 for ; Mon, 16 Oct 2023 13:43:41 +0000 (UTC) Authentication-Results: imf12.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b=oms8JKIO; arc=pass ("microsoft.com:s=arcselector9901:i=1"); dmarc=pass (policy=quarantine) header.from=amd.com; spf=pass (imf12.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.236.41 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com ARC-Seal: i=2; s=arc-20220608; d=hostedemail.com; t=1697463821; a=rsa-sha256; cv=pass; b=q7H4WcupCtdMYRB4/Zvv4caxFaKmAXk8E/h++gw6z6cKyvHqNZ/1ZXiFOEDwoE+aHksn4d jUSILWw/x1CQM+SbV4mGq9AyO0KqQs+HmRfh5GoBqTGzxu/wxROpbHhtjaQ1IIViOsvopY kvOZdJxTHOebjeD4NlxcGXrNATiSRtU= ARC-Authentication-Results: i=2; imf12.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b=oms8JKIO; arc=pass ("microsoft.com:s=arcselector9901:i=1"); dmarc=pass (policy=quarantine) header.from=amd.com; spf=pass (imf12.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.236.41 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1697463821; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=ioKmdW5u8oz4n/hSrjYaU7DKRMzHLf2Sn+it5+ignoY=; b=qY4i1L03SMlPjIpr0apckUi9lkfPIgQ+7js6sDVP/0UJYuxNL72FDX2ZJYkavC71b2RjTQ m0lp1bIpB/LIsCdlF3GqP7AsCOwIrM7WArYua7bu6z4W8hvkrI1AvLc8+6tMehYsF/Pg5p QdGoM23f3okBywn/CxcnC6YVd236tao= ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=OziGier9QWcAuC5tkgO0vk+FdV7SKYpdDj4XSL9LL9Lo1mpIpLkQAH+DFA4i9dw7tAb74rxOLzKPIMNTKeh+F0uxrMSNmUXzJOUlekarjFMuI4dllS99YFFNwB6GOYnGT3rF3MwBxgAXyF73Qn/+byr2IB51pIf96hmg03OfpUNg01/AfX/oZ5wa+8lL52w1CXH0/nCdK64CM61z1zQugkdyrueKubI1ukClGtyEcTCU7vCySXpfunnMyCQQ7zVgX/XX4X/otXOY7WGywqe5aw6eCQar636rz3y4+Ba78prgvBCnCYDktCvefDnWfKZDdFCUJA9iz9XJIeBvFAGKQQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=ioKmdW5u8oz4n/hSrjYaU7DKRMzHLf2Sn+it5+ignoY=; b=PIx/h3EOYbPj95eVLC/qKb1jFu2aiQkhAQ74dkV8Ymugrmp7G4L0Y/W3QEXq2s6m8nli0j94W/9btW3GgXPaZuaSP9c3W0WMx5ZF94CMH+T5DXcaIwJOxcTdjAHgMmH6RqySUfeal+Xolq9IinNpCbs5UFdlqThQ7nntvi4N9sOPvhbZjR8JyaABHZGKi40NUZIeJdUxXluTUZTi3ywPqF+P5vBMrHhWeKcyixDqfBMdFxWKM2VV2S4ruP+tHV/P1c4rkrGtFaXNZZ16w24B39BaBIr4yysa+vLfVfr8CqlckZsTjLbDVni0EjqdbS2OiKL0oI6tVVyQdlrzJ9BAgw== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=ioKmdW5u8oz4n/hSrjYaU7DKRMzHLf2Sn+it5+ignoY=; b=oms8JKIOCW/xd8qNvYdhlF3UZBOBQMePpXci2kc4pMY59veu03uMC/Mwq4QAegWNtJhFcwrfc9v1jT9ZOdBomTRpiIIBh+ykXUWn5Fp7s1atzkejfWWqLfikSsaQ56Mk4DUQYtcGin+Ubu6NNxdjD99PWnkujKfNusEDWgpmuxY= Received: from BY3PR03CA0003.namprd03.prod.outlook.com (2603:10b6:a03:39a::8) by DS7PR12MB5861.namprd12.prod.outlook.com (2603:10b6:8:78::12) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6863.46; Mon, 16 Oct 2023 13:43:36 +0000 Received: from SN1PEPF000252A2.namprd05.prod.outlook.com (2603:10b6:a03:39a:cafe::5c) by BY3PR03CA0003.outlook.office365.com (2603:10b6:a03:39a::8) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6886.36 via Frontend Transport; Mon, 16 Oct 2023 13:43:35 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by SN1PEPF000252A2.mail.protection.outlook.com (10.167.242.9) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.6838.22 via Frontend Transport; Mon, 16 Oct 2023 13:43:35 +0000 Received: from localhost (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.27; Mon, 16 Oct 2023 08:43:35 -0500 From: Michael Roth To: CC: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , Alexey Kardashevskiy Subject: [PATCH v10 03/50] KVM: SEV: Do not intercept accesses to MSR_IA32_XSS for SEV-ES guests Date: Mon, 16 Oct 2023 08:27:32 -0500 Message-ID: <20231016132819.1002933-4-michael.roth@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20231016132819.1002933-1-michael.roth@amd.com> References: <20231016132819.1002933-1-michael.roth@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: SN1PEPF000252A2:EE_|DS7PR12MB5861:EE_ X-MS-Office365-Filtering-Correlation-Id: 122ef2e9-87d3-4050-0962-08dbce4de54c X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: rGaBheoYLRenzJNrFLuyPdNgoNtGtm1+bWO2c/zpabtGOeQhvvlhyskQDrpyb67W3np3JxzwKojtsomG4BIIbkI21ffz02i1Z0cRPKOcs2P2RmhD1w/Kp01Y6QRsL6TBMpV2VtdODodaOrp9T0XTaCAk+zWboNWXrcehwr8nitLW602RcYdaVP9i+ypaTo5myPOonQ5nmVasjRH3itkfC3Etayt+OAIgao6jUNAZHSAdBMww8W3ub2i0HXylw0iwfTKyW2UjFAIHIez0e5y/9v6MTEWiLFn3OTO5uiTQHVa6JavRPbvba6HjMQ92aIUjcYTFXGL5WP7msR6U8d8lh+zbMlErdongym/BOFKi8CTZGnqz4dh0OQ/CIhYeGHV1veFy1Cx8CWJyPZczDzF2ffF/xScRE5Mm/az0Vjdt3EDA5rakPRKYYeOtDTZ04a9JMwmWhkK/JmDEyfcU4+gkxiOVAa/UVqGhb3PS8yR5PFgFUTcUIUtsRmiWvoxy4dr7q7SwF4V9u1wppVX8UiKekNptIPWOL2nYuGvB44ShXgYPKWqXGMGUeAQ1b8ZiRv2uEAbsOqdgp4Ex8HUo0JgY+FM5J+fNEYjorV+gyLA5MHS2QKcih7SgdJvlWF0b2c3IsTNOBXBNfLrl4WDiT+edEp3shb9se7CIAuz34Og1u1VHuZ1oDtsFwB4euFdM+SSTyVKpXndC8lH3KASLTFNInWrctg1tAzj0S9Q/bTKSMspd2S6d0NZelGpS0kXqEC0IuxhkqKCHjWLvgUpBgl8ptg== X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230031)(4636009)(346002)(376002)(39860400002)(136003)(396003)(230922051799003)(1800799009)(451199024)(186009)(64100799003)(82310400011)(40470700004)(46966006)(36840700001)(47076005)(40460700003)(40480700001)(82740400003)(26005)(1076003)(16526019)(81166007)(36756003)(2616005)(356005)(336012)(7406005)(8936002)(70586007)(7416002)(54906003)(316002)(41300700001)(6916009)(70206006)(4326008)(8676002)(6666004)(86362001)(2906002)(478600001)(5660300002)(426003)(44832011)(83380400001)(36860700001)(36900700001);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 16 Oct 2023 13:43:35.7201 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 122ef2e9-87d3-4050-0962-08dbce4de54c X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: SN1PEPF000252A2.namprd05.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: DS7PR12MB5861 X-Rspam-User: X-Rspamd-Server: rspam06 X-Rspamd-Queue-Id: 5F15140028 X-Stat-Signature: rrafapu1fhnh7oqfa3wbizw71p1ubnfk X-HE-Tag: 1697463821-505195 X-HE-Meta: U2FsdGVkX1/sX+bE8HmVLKFMaqvhCz7P6DTQrT/24t6M6TUUHib7NJCNrsHnbI0HfIlNSQVFAtgB4ACFYuzfFZ70yal04hx8SnUbFfkuzO6vSNusshrmbblKZhclxm+KoAIb6gIplyI4KpXMcOA4EbL6SDLdtDWlYxuY7RP/bExGRR5E6F/xFMB7mGv5Y4YB1H7V7jxR3gwIvMJAPSj2TfxG852ZTYOsnSdJbBDbCC294IWp0q8hy0Wm071VFwgNjbQCxgB77FFfXdSqNt5cUtRSYCPxUGoCE1+oT6WLHUY1cO8fqzKDSiHONW2ggMJptNPnwv/lyNrDN9oLpT+pC9IXXvnRRi741kmcjFfIqjJtm0BcjvyhVkXFfvTeHSASdYOC2cYb7kG75ORoTT80kpcxhmP1lFSwDj9Eh1mRmCoRTWkZEHoQBZKY5Y1Nzrhq4NLclxQCulFhXEm6gQbyTDw/rJyuvSCS0fzVm0QY0eks2k2+YJNPcm0p7Edl84smLSXzCmEXAoz6OGtM8GOzSsVSQ0M70bRjPjBdWKkBVQdJnTSGhemXcCUc7/crGeG5PPUZVehYFSic0e0JZ6AxAOjdyR0/IY+daqnnSh4RdG7shIJTCJIVJstZyjV/Fw9BKkdhCYGknMnEwc22CEa2/3valtTkiZN3UaNGvVYoqgYEXWy4ZNIjs+u2oqsgN8rW058CBkQEGwRYj3sxaTDF0FZpo+rqhT9w7G78vHKyPLVTF2TcYbzctIeE0XQZy2mAktm0Wl4u+eZQSbKuTo24/0GtXdFhe0xngbIK/WYTS5Dm7DLVukNATD9p+qOz/Qg5RCd5Jh4wfS64uaRr3IBOAxpLYDIEwyil6MUpIo9gg2q9+EuveiqyjCN1ONJQbOKTa+DvvCm7G7zz6pvMjSokvVbX+VOzb5kseNbKheBOVpMKrcyuRh2oj1N6Fg5xRtqKSpbBI7ffHEt6STlsSab OLl8AZRj NPFAgY5EiLb3nQopNAW0Qovmp4H5rhkwK2JKnvQryHvrVu1nWIDzm5vSPZOXptwGT4oUVEDvQ/EXmyLtiuWIpTEMBo8vosE2r30Hkkm7klWVSeOsDghWFLmO0gUYRYmKyQgzIKRAsvDyYXYxN6wP72FggeqJzYHgEeA+xFLJs8xU/JdAwQ+UvvewvPqK71OJdACPLbWJz2PCzA2Qd8CtgH4uZms3tSiZwyIcqbsqmPTv8B50xa00a0P2DSZNYFQ6/GAmmTiseKpanPZPlO00RjnHTGhJOF5FJiJRVWoagglQzVh/L9xz54pTiQzHJHAfl4Zq7zVZQkproZD/HBbb/gwyfVap4jGcCu7Aj3x+Vw3Rd+XdrxD3dxOR8LLoqfq3p5SH4 X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: When intercepts are enabled for MSR_IA32_XSS, the host will swap in/out the guest-defined values while context-switching to/from guest mode. However, in the case of SEV-ES, vcpu->arch.guest_state_protected is set, so the guest-defined value is effectively ignored when switching to guest mode with the understanding that the VMSA will handle swapping in/out this register state. However, SVM is still configured to intercept these accesses for SEV-ES guests, so the values in the initial MSR_IA32_XSS are effectively read-only, and a guest will experience undefined behavior if it actually tries to write to this MSR. Fortunately, only CET/shadowstack makes use of this register on SEV-ES-capable systems currently, which isn't yet widely used, but this may become more of an issue in the future. Additionally, enabling intercepts of MSR_IA32_XSS results in #VC exceptions in the guest in certain paths that can lead to unexpected #VC nesting levels. One example is SEV-SNP guests when handling #VC exceptions for CPUID instructions involving leaf 0xD, subleaf 0x1, since they will access MSR_IA32_XSS as part of servicing the CPUID #VC, then generate another #VC when accessing MSR_IA32_XSS, which can lead to guest crashes if an NMI occurs at that point in time. Running perf on a guest while it is issuing such a sequence is one example where these can be problematic. Address this by disabling intercepts of MSR_IA32_XSS for SEV-ES guests if the host/guest configuration allows it. If the host/guest configuration doesn't allow for MSR_IA32_XSS, leave it intercepted so that it can be caught by the existing checks in kvm_{set,get}_msr_common() if the guest still attempts to access it. Fixes: 376c6d285017 ("KVM: SVM: Provide support for SEV-ES vCPU creation/loading") Cc: Alexey Kardashevskiy Suggested-by: Tom Lendacky Signed-off-by: Michael Roth Reported-by: Michael Roth Signed-off-by: Paolo Bonzini --- arch/x86/kvm/svm/sev.c | 19 +++++++++++++++++++ arch/x86/kvm/svm/svm.c | 1 + arch/x86/kvm/svm/svm.h | 2 +- 3 files changed, 21 insertions(+), 1 deletion(-) diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c index 4900c078045a..6ee925d66648 100644 --- a/arch/x86/kvm/svm/sev.c +++ b/arch/x86/kvm/svm/sev.c @@ -2972,6 +2972,25 @@ static void sev_es_vcpu_after_set_cpuid(struct vcpu_svm *svm) set_msr_interception(vcpu, svm->msrpm, MSR_TSC_AUX, v_tsc_aux, v_tsc_aux); } + + /* + * For SEV-ES, accesses to MSR_IA32_XSS should not be intercepted if + * the host/guest supports its use. + * + * guest_can_use() checks a number of requirements on the host/guest to + * ensure that MSR_IA32_XSS is available, but it might report true even + * if X86_FEATURE_XSAVES isn't configured in the guest to ensure host + * MSR_IA32_XSS is always properly restored. For SEV-ES, it is better + * to further check that the guest CPUID actually supports + * X86_FEATURE_XSAVES so that accesses to MSR_IA32_XSS by misbehaved + * guests will still get intercepted and caught in the normal + * kvm_emulate_rdmsr()/kvm_emulated_wrmsr() paths. + */ + if (guest_can_use(vcpu, X86_FEATURE_XSAVES) && + guest_cpuid_has(vcpu, X86_FEATURE_XSAVES)) + set_msr_interception(vcpu, svm->msrpm, MSR_IA32_XSS, 1, 1); + else + set_msr_interception(vcpu, svm->msrpm, MSR_IA32_XSS, 0, 0); } void sev_vcpu_after_set_cpuid(struct vcpu_svm *svm) diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c index aef1ddf0b705..1e7fb1ea45f7 100644 --- a/arch/x86/kvm/svm/svm.c +++ b/arch/x86/kvm/svm/svm.c @@ -103,6 +103,7 @@ static const struct svm_direct_access_msrs { { .index = MSR_IA32_LASTBRANCHTOIP, .always = false }, { .index = MSR_IA32_LASTINTFROMIP, .always = false }, { .index = MSR_IA32_LASTINTTOIP, .always = false }, + { .index = MSR_IA32_XSS, .always = false }, { .index = MSR_EFER, .always = false }, { .index = MSR_IA32_CR_PAT, .always = false }, { .index = MSR_AMD64_SEV_ES_GHCB, .always = true }, diff --git a/arch/x86/kvm/svm/svm.h b/arch/x86/kvm/svm/svm.h index be67ab7fdd10..c409f934c377 100644 --- a/arch/x86/kvm/svm/svm.h +++ b/arch/x86/kvm/svm/svm.h @@ -30,7 +30,7 @@ #define IOPM_SIZE PAGE_SIZE * 3 #define MSRPM_SIZE PAGE_SIZE * 2 -#define MAX_DIRECT_ACCESS_MSRS 46 +#define MAX_DIRECT_ACCESS_MSRS 47 #define MSRPM_OFFSETS 32 extern u32 msrpm_offsets[MSRPM_OFFSETS] __read_mostly; extern bool npt_enabled; From patchwork Mon Oct 16 13:27:33 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Roth X-Patchwork-Id: 13423396 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 0CA75CDB465 for ; Mon, 16 Oct 2023 13:48:26 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 98E818D009D; Mon, 16 Oct 2023 09:48:25 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 933318D0001; Mon, 16 Oct 2023 09:48:25 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 71ABE8D009D; Mon, 16 Oct 2023 09:48:25 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0012.hostedemail.com [216.40.44.12]) by kanga.kvack.org (Postfix) with ESMTP id 5D3248D0001 for ; Mon, 16 Oct 2023 09:48:25 -0400 (EDT) Received: from smtpin10.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay08.hostedemail.com (Postfix) with ESMTP id 24A46140971 for ; Mon, 16 Oct 2023 13:48:25 +0000 (UTC) X-FDA: 81351454170.10.54C4DBD Received: from NAM02-SN1-obe.outbound.protection.outlook.com (mail-sn1nam02on2068.outbound.protection.outlook.com [40.107.96.68]) by imf13.hostedemail.com (Postfix) with ESMTP id D91112000C for ; Mon, 16 Oct 2023 13:48:21 +0000 (UTC) Authentication-Results: imf13.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b=nMrUdFpa; dmarc=pass (policy=quarantine) header.from=amd.com; spf=pass (imf13.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.96.68 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com; arc=pass ("microsoft.com:s=arcselector9901:i=1") ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1697464102; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=3+JCtj3ASOKkhljKB2Eu8gzmxNkQyvn/YzFk7ZCXbFg=; b=pQ++sIkdgpJioXvCHQXzgTKRU9yjDkYUvBfARD3cPHulPjkINAWjUBD+lVlyLPp0fzPuCH ks8o8utO3UItot77e3f85JMk/8Zkv2TBaQc5+gTY171pJmveG3oQ6C/84rfZQqy5vnk+eQ mP7ASpjjgv/jhLeqnu+5ZVj1o91qYXU= ARC-Authentication-Results: i=2; imf13.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b=nMrUdFpa; dmarc=pass (policy=quarantine) header.from=amd.com; spf=pass (imf13.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.96.68 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com; arc=pass ("microsoft.com:s=arcselector9901:i=1") ARC-Seal: i=2; s=arc-20220608; d=hostedemail.com; t=1697464102; a=rsa-sha256; cv=pass; b=ZZMDfWx08eroHi64t64tpVaTy4z9FTPPWFC8qQBdlsTZzIdUqqXEkUQ5zaobBDb/T9gZB1 XeKy++ccW/tJnD4Kz5f5FM4GrvMv+Dr2mtnAKpzzkLArmwgQ4BnxzMDBsJcA6pH8vaFAkP 2pazqbDG0Zj394csQbzjU9yhfuCSNU4= ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=W75ayojfAnzWRfgUMl3zW5Bj4u94ap7WkL1hQ09KNwfwWlRBNKCmwPr0l9Nlh7LlqJhKBwhJqFgJppW3R8GwUjtRrbZihTUbDD6XV8PsABLXEt135Xv8V2l6QBiX+ayj1jDI+nGNw1KywkFitsHrk13z+VGAlBo6eKxVhQrIb6u+UU8IlMKtUOs676pWkrtH5XcvtbxrfYdVYvkXfFfW3avsUYy5cLMnEkGtvDaqPO2kvMq7UGbmHUw5SNv4LCz17WLPKy/9916TJEtF+kiArcdj9Rjq3ZUS7S2S4bv8wq2v4aBHxpmovM4LQ1HrFHeDQWJ/QKtWwQqR6SnwbwAWsQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=3+JCtj3ASOKkhljKB2Eu8gzmxNkQyvn/YzFk7ZCXbFg=; b=jsN2yZAhdxr1PylZJusjfSMHD5hQ7qbE1toJucjTIVomXZs6mjkdKXPQWP5ORth58DqaoX0swj8QE2G5yuJcZ/MYO78nd/8w+wiDwbCqs3cRSwZU/PGchPxY3gbqS3o7Fu2WGarZrgiBLGLbrdynff2h8jANqjZSFMhBDfGQvuCkkxm4Hnw2slzHPlr5aXadrKTv/1X37i3Ar4o19vvZECuIITcsZY9rLffU+x6f/iYBZ5l688mQwFWgbls0Z1h0QNohCpo5/AjRXg0n6kppJQtRboMsgOSSW6l2B+rY3FOXl+T9BM+/4lOMeulQBn9+84TPmN3aA1jZq8hwvDD2lg== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=3+JCtj3ASOKkhljKB2Eu8gzmxNkQyvn/YzFk7ZCXbFg=; b=nMrUdFpayLVy4ZnqWFNDDa3eloJV/yURxbuR0pwbNwOZW6+QUVm5KyKyZd3aaoM1N1RGlEWxFg92EU7KTb1tW7fvDzxEuLEjC4h/93AAJEGltZKJwwRBrp4TRdyWgMEl0NdhHnb1pS6xXbEH9Va1ATcXoPd8YgplPnqnQpmxHUY= Received: from BL1PR13CA0139.namprd13.prod.outlook.com (2603:10b6:208:2bb::24) by BY5PR12MB4275.namprd12.prod.outlook.com (2603:10b6:a03:20a::18) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6863.38; Mon, 16 Oct 2023 13:48:18 +0000 Received: from MN1PEPF0000F0E5.namprd04.prod.outlook.com (2603:10b6:208:2bb:cafe::e8) by BL1PR13CA0139.outlook.office365.com (2603:10b6:208:2bb::24) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6907.17 via Frontend Transport; Mon, 16 Oct 2023 13:48:18 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by MN1PEPF0000F0E5.mail.protection.outlook.com (10.167.242.43) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.6838.22 via Frontend Transport; Mon, 16 Oct 2023 13:48:18 +0000 Received: from localhost (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.27; Mon, 16 Oct 2023 08:48:04 -0500 From: Michael Roth To: CC: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , Brijesh Singh , Jarkko Sakkinen , Ashish Kalra Subject: [PATCH v10 04/50] x86/cpufeatures: Add SEV-SNP CPU feature Date: Mon, 16 Oct 2023 08:27:33 -0500 Message-ID: <20231016132819.1002933-5-michael.roth@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20231016132819.1002933-1-michael.roth@amd.com> References: <20231016132819.1002933-1-michael.roth@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: MN1PEPF0000F0E5:EE_|BY5PR12MB4275:EE_ X-MS-Office365-Filtering-Correlation-Id: d5ef2022-c8c3-4c22-d16c-08dbce4e8dc4 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: ioBpLAic7HOUAApfm9MZ5s/sFi4mzT0X4C3CElX2lWX2Dy5ynnyXstwdc+5gvz0nfzSNVPXV+afsBtFysPmlerxPuU7THUGNaH+g/3fUrs/A36G+cOhv9p1kmTVRtksvXy1cBAxI4/e9gKmKlXmyLW3GsIDzdtiA7Ycy5BAAnmFVrotuGqKGVow7JYZ75lGSYxi4fsyfxc4JSaodM4MhU2u/I/rlS8f2qJ5pvS1SOQfM34Uzvmilyz2WUiDKiIRS7i1nXeptcdfecUX5sxKDEX5L+EMJiK4Fkq37mUJT1eD5KaHI7aCPBs49DCsc3NExO8KWf5GqusE2OTR4XpVUyclO6UrG/DeOuMhdkQV8FannJA6ZVt/76X8gM8/lw1E4I3KmRNMv0WqqCWb3/Gm7JYNn9cgheOel45ttoQ20F4Sq0Vy/NnjyQ70bWwmRA9geTbTOB3L/hGJko8PLrbN66hYAs4YvXUUz6CLICQTshD4f/FM1yTJ/aS6u4S6bBhf5iq7I3iA0r/AV8c+Xl0UXOYM9Uudfd4IOhkS8rbfxFY7Ue/p6ZjXtDTrzPhh62psmaeuyX5xXe3nnsJ+Q0zMa19VAHQN9OMPz2Iwzzp0AqPCnU8UGIXWQomGDOQyuFGBJfdZeMLsjBo+berP0oF5AIrH3A5IjCLMFVC8FkKgJMVNEOT9a233Q5GE++ysn5kv1pmGR6eRQH0z0NMnHCFzH0I7EW5EVnUM6hesikXVuQZzmFSqzaiaFuK60CzKBy+zwwpIKWW/J8Qj4AE3oEGJfcQ== X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230031)(4636009)(376002)(396003)(346002)(39860400002)(136003)(230922051799003)(186009)(82310400011)(451199024)(1800799009)(64100799003)(36840700001)(40470700004)(46966006)(5660300002)(41300700001)(1076003)(16526019)(426003)(2616005)(26005)(336012)(83380400001)(6666004)(8936002)(47076005)(70206006)(316002)(8676002)(478600001)(7416002)(44832011)(7406005)(6916009)(4326008)(54906003)(70586007)(40480700001)(36756003)(86362001)(81166007)(82740400003)(2906002)(40460700003)(356005)(36860700001)(36900700001);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 16 Oct 2023 13:48:18.3689 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: d5ef2022-c8c3-4c22-d16c-08dbce4e8dc4 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: MN1PEPF0000F0E5.namprd04.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: BY5PR12MB4275 X-Rspamd-Queue-Id: D91112000C X-Rspam-User: X-Rspamd-Server: rspam02 X-Stat-Signature: wsc4wdg5htymohx7rdwz9957x3yyao1q X-HE-Tag: 1697464101-351329 X-HE-Meta: U2FsdGVkX1+ldMR3M342y37AEoAOaaorPEjkOerxKrU+eFKzfAOm+bdoSdQnQFVHBI6Oz/Kvp55mS6yn38nvIeg7837Cenz9GWE7dgIVnSluOwOa9kki6QeA3PIgDwoGttj12rF2wpQQ2soattXwNnyE0JNBcxjcTKeENx9R3LUMXlOLL7hd3yFZbrIJ0bEjJDEanEVIYYusSQrbhSIE6ONMA8dYW7LqBtaD/Mni7VqfZazH/3EXUJWxYOU16Y+q121VcvSRhyPFGlVvAhnRHsw8OzVIYg0W4SgTdG0Z7da5xo9CEaRc6fhR4BxA5W3P8u1QjtnUWgjApdtuIcKkIoL813oQog1WhY9vDfjj4xavCp0GvkYiHz4VoClari0S/yhQq+c9iLTJBXAQrJjTBipinQytNZFU/GR4ULGcN0W/Qq1fOC7RZkfkIE42ilyviiJafoBCqoluSYMEb+WxqQD7DFJg3r8HhDAbw2USqG6p5yI1/vNHnJ/AIx3Hg3EzSG6z+2J9HQXkAETz8SGDLldfc42UJ/0cHkcYaxMIUWhSlQ41lsOsAHVRJQN9mYuNAtnNi7jz47LGdeJXXadMEHld6T+crif9q9rghIhUYSrOEpKKaZ4zfxT5lk2MBld32Y5dMcyvP6ktdxM3KSKzjGRNRKXBgIYBUkmeFO5tbrJCjJWCyAHVQCoHTgJOWw+dj0EH8w+DJo7Ohx8pXsxdRrJtUqWokkMtDD52hxdmZK7pUeZ8uIrhpuOLwCeb9cARyXKpL7hxMSAv1iEYTmJ047y6tRhDQpjmzeqVBXhuQlTO7+nwzqIcEQO2nyi5PeYEZ5F6O5MGpMFaDSTLF2n4WDz3+Qo03uYPDqo7S8NKyuXbfqdDqf3+3Iaq//Lni9BGvp0FAFD2eeuVpYyl878yx9I6F3KZjc3Dv/UACzH5L9BINcbZfNxSC7SyKRcCiNbUeREB4ARPmAP5rAAvCSu lVxrjf2e coVq7BD6ShN/41F93BRQT0xWd01sWPfsvQFIAZbJXlOkLCxCc7QT/+TH8DtgCOuhXPz54yYyswjqTF9fsC61G2eGuu2SC9CkJWJzQNvzfJ1/x9RKNRw5+fTX3FaCMflB8rJdqu7icr0XZTgoy9NDOFxrFlu3Cv4u5UVm3T3+X3y23NWnp5A0c9lAG3eIme0RrQ8mJGNqx3jYgN/5I6NaME+7UQflrB95dSV0AdpVBoXYDxVOhuN32GvdkMJpoS8U6L79o8DrSUwdncvviG/10sEPEREPjt5D1yACTvruQD8GmjFtLW0i6OocOdJwL7ki6Nbo+Ht3EtmMUcQmAFZpigY7MOTucAYMjwUlJQ94aGweZGfQy5FBr+ZtjSw== X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: From: Brijesh Singh Add CPU feature detection for Secure Encrypted Virtualization with Secure Nested Paging. This feature adds a strong memory integrity protection to help prevent malicious hypervisor-based attacks like data replay, memory re-mapping, and more. Signed-off-by: Brijesh Singh Signed-off-by: Jarkko Sakkinen Signed-off-by: Ashish Kalra Signed-off-by: Michael Roth --- arch/x86/include/asm/cpufeatures.h | 1 + arch/x86/kernel/cpu/amd.c | 5 +++-- tools/arch/x86/include/asm/cpufeatures.h | 1 + 3 files changed, 5 insertions(+), 2 deletions(-) diff --git a/arch/x86/include/asm/cpufeatures.h b/arch/x86/include/asm/cpufeatures.h index 58cb9495e40f..1640cedd77f1 100644 --- a/arch/x86/include/asm/cpufeatures.h +++ b/arch/x86/include/asm/cpufeatures.h @@ -437,6 +437,7 @@ #define X86_FEATURE_SEV (19*32+ 1) /* AMD Secure Encrypted Virtualization */ #define X86_FEATURE_VM_PAGE_FLUSH (19*32+ 2) /* "" VM Page Flush MSR is supported */ #define X86_FEATURE_SEV_ES (19*32+ 3) /* AMD Secure Encrypted Virtualization - Encrypted State */ +#define X86_FEATURE_SEV_SNP (19*32+ 4) /* AMD Secure Encrypted Virtualization - Secure Nested Paging */ #define X86_FEATURE_V_TSC_AUX (19*32+ 9) /* "" Virtual TSC_AUX */ #define X86_FEATURE_SME_COHERENT (19*32+10) /* "" AMD hardware-enforced cache coherency */ #define X86_FEATURE_DEBUG_SWAP (19*32+14) /* AMD SEV-ES full debug state swap support */ diff --git a/arch/x86/kernel/cpu/amd.c b/arch/x86/kernel/cpu/amd.c index dd8379d84445..14ee7f750cc7 100644 --- a/arch/x86/kernel/cpu/amd.c +++ b/arch/x86/kernel/cpu/amd.c @@ -630,8 +630,8 @@ static void early_detect_mem_encrypt(struct cpuinfo_x86 *c) * SME feature (set in scattered.c). * If the kernel has not enabled SME via any means then * don't advertise the SME feature. - * For SEV: If BIOS has not enabled SEV then don't advertise the - * SEV and SEV_ES feature (set in scattered.c). + * For SEV: If BIOS has not enabled SEV then don't advertise SEV and + * any additional functionality based on it. * * In all cases, since support for SME and SEV requires long mode, * don't advertise the feature under CONFIG_X86_32. @@ -666,6 +666,7 @@ static void early_detect_mem_encrypt(struct cpuinfo_x86 *c) clear_sev: setup_clear_cpu_cap(X86_FEATURE_SEV); setup_clear_cpu_cap(X86_FEATURE_SEV_ES); + setup_clear_cpu_cap(X86_FEATURE_SEV_SNP); } } diff --git a/tools/arch/x86/include/asm/cpufeatures.h b/tools/arch/x86/include/asm/cpufeatures.h index 798e60b5454b..669f45eefa0c 100644 --- a/tools/arch/x86/include/asm/cpufeatures.h +++ b/tools/arch/x86/include/asm/cpufeatures.h @@ -432,6 +432,7 @@ #define X86_FEATURE_SEV (19*32+ 1) /* AMD Secure Encrypted Virtualization */ #define X86_FEATURE_VM_PAGE_FLUSH (19*32+ 2) /* "" VM Page Flush MSR is supported */ #define X86_FEATURE_SEV_ES (19*32+ 3) /* AMD Secure Encrypted Virtualization - Encrypted State */ +#define X86_FEATURE_SEV_SNP (19*32+ 4) /* AMD Secure Encrypted Virtualization - Secure Nested Paging */ #define X86_FEATURE_V_TSC_AUX (19*32+ 9) /* "" Virtual TSC_AUX */ #define X86_FEATURE_SME_COHERENT (19*32+10) /* "" AMD hardware-enforced cache coherency */ #define X86_FEATURE_DEBUG_SWAP (19*32+14) /* AMD SEV-ES full debug state swap support */ From patchwork Mon Oct 16 13:27:34 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Roth X-Patchwork-Id: 13423397 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id C7278CDB465 for ; Mon, 16 Oct 2023 13:49:34 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 6A5758D009E; Mon, 16 Oct 2023 09:49:34 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 655D38D0001; Mon, 16 Oct 2023 09:49:34 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 4FCBD8D009E; Mon, 16 Oct 2023 09:49:34 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0016.hostedemail.com [216.40.44.16]) by kanga.kvack.org (Postfix) with ESMTP id 40BA28D0001 for ; Mon, 16 Oct 2023 09:49:34 -0400 (EDT) Received: from smtpin10.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay06.hostedemail.com (Postfix) with ESMTP id 03407B5AA0 for ; Mon, 16 Oct 2023 13:49:33 +0000 (UTC) X-FDA: 81351457068.10.F8862BA Received: from NAM12-MW2-obe.outbound.protection.outlook.com (mail-mw2nam12on2072.outbound.protection.outlook.com [40.107.244.72]) by imf05.hostedemail.com (Postfix) with ESMTP id 8743D100017 for ; Mon, 16 Oct 2023 13:49:30 +0000 (UTC) Authentication-Results: imf05.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b="lIuD16s/"; spf=pass (imf05.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.244.72 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com; arc=pass ("microsoft.com:s=arcselector9901:i=1"); dmarc=pass (policy=quarantine) header.from=amd.com ARC-Seal: i=2; s=arc-20220608; d=hostedemail.com; t=1697464171; a=rsa-sha256; cv=pass; b=BpFJB9ZReYzTjAVQfQucDPAzx4FJtapgnPuSBRSGBo4hORc2lK91CzrSrtLTl4WxoDJOd3 ytGx/tJJ4mejyda2G1MCI0EoyartjQPLPt/bni5Pe5HkNLAsKGf3Ws8UZkPv1kwsz8jQ8R YU1i9PV4LDLqbdcl6Kg7sJ7t3mPyYHQ= ARC-Authentication-Results: i=2; imf05.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b="lIuD16s/"; spf=pass (imf05.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.244.72 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com; arc=pass ("microsoft.com:s=arcselector9901:i=1"); dmarc=pass (policy=quarantine) header.from=amd.com ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1697464171; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=70mqkiCj04QYAqaioqMmcv5wp7tH073pBX3KBUuoK/8=; b=fh/xclMqwcF/07orbHY0qUSIDhSUCQmPHU5yiTkoQmVX+gx2NzPk0mDXUzH0xq43Yu406y Tjwnh8vHbQS+SD5NVYroFCsh31Q6bM9JKaccXGCs9phXyQsnW7Lr85VnASz0AdNdb/agrC utQJ+FKnidKTjLOax9m+RJwFD0cLoJ0= ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=D7Jh2FyYiWbDm77vWQfKp/3OGov0pRFGDZlP+jgTcejUGbAWOFuwlhG/ejjVr3c+CmUT5JT2bl2HOboHMB2vcbFXCBoUvK7vbT5XKK3R0uEA0UNz/AH0je0D8nk6bruyhS0rS0bq4axiQ9UIH5SD/qJaHkliEsRM24o5dyU3MyqIJ6XuGF5ZhwzGJ8Le5TSZcQJEgD/X+kRBSIoSE3VN3sNvscnhpSnKRuuabWq8weQLSExN8f9Fy+7W8qm7VMsHnqxJvNInKj6tVz5XqLcI6GFTyiXg2QDYitLx4Nk0uLEWhNXWPZfFGWuWH3QtMqdc5lGetUPaEFs0GDx2ILe6WQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=70mqkiCj04QYAqaioqMmcv5wp7tH073pBX3KBUuoK/8=; b=eWcw49WlSht7JrUX5nkBiZ0DDfe9aI1ElbvuJNOOYLsBSLzkNcWPzQ8mP3ELSzlgR0nq046idjj7IOEfZicu2OPAJHy+6FxaZJoG6jSlDN2Sc30ZSe2zqEChUJEn4G1bVs11yiPW1G0NJs6TUaZBtD+D2x1O7KSkfbp+XDn6R/fxpDbBUwQnQg25x2cy2gfqS9+FfdDyd9Ux42F1ZhXrI2G/I4Tq69jFR2E0VC/4W1rEKn4/zqxtxIy5HvR/TTuihRoBj7IBOUZXo/X+RwNUJ71pBtteIh6RPGYjcbnVbbSmZVsFTfu2UFt9TLWm1ukXveoaj1ikrsVxvTqCgVI0pg== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=70mqkiCj04QYAqaioqMmcv5wp7tH073pBX3KBUuoK/8=; b=lIuD16s/Tk5Jy45POllgVh3kdtMjxp6tcZD7JuOKucqbbTfiOMvRS/7UTuddQbbsnOVphR64SAIIsS7mi4ZXPUHVcPw5BGPWRUt4coODXcc/OSkPSqfNyDcQBD4Mli+Wr8ixyb4VeZWlN/Ogw8LATP2GHAJ8LwTDHjmDC3IIs78= Received: from BL1PR13CA0399.namprd13.prod.outlook.com (2603:10b6:208:2c2::14) by CH3PR12MB7521.namprd12.prod.outlook.com (2603:10b6:610:143::14) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6886.35; Mon, 16 Oct 2023 13:49:25 +0000 Received: from MN1PEPF0000F0E0.namprd04.prod.outlook.com (2603:10b6:208:2c2:cafe::c0) by BL1PR13CA0399.outlook.office365.com (2603:10b6:208:2c2::14) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6907.17 via Frontend Transport; Mon, 16 Oct 2023 13:49:25 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by MN1PEPF0000F0E0.mail.protection.outlook.com (10.167.242.38) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.6838.22 via Frontend Transport; Mon, 16 Oct 2023 13:49:02 +0000 Received: from localhost (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.27; Mon, 16 Oct 2023 08:48:56 -0500 From: Michael Roth To: CC: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , Kim Phillips Subject: [PATCH v10 05/50] x86/speculation: Do not enable Automatic IBRS if SEV SNP is enabled Date: Mon, 16 Oct 2023 08:27:34 -0500 Message-ID: <20231016132819.1002933-6-michael.roth@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20231016132819.1002933-1-michael.roth@amd.com> References: <20231016132819.1002933-1-michael.roth@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: MN1PEPF0000F0E0:EE_|CH3PR12MB7521:EE_ X-MS-Office365-Filtering-Correlation-Id: f336c685-3899-4420-41de-08dbce4eb560 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: aU/qkVmNuf514+nCEYgHmKIUkCsZhGPuIPrIPQXM5GHs/1Rv2Kgq4dV6rY3TEYTk3JL+0G/7O7GZpzFqzbzk8xxjSj3JVwNpgBJQ7qk8IlQKXFE9oWo6AZAvrAiM+BeM1yspL+qFm3xMIDKnHqQjTyGKg8YPJzKcjKGODM5s4hmE7HGQF8q1hX2ktv6YSWgJMs8keFYnvlJQ8z+F3lCZysqfRY6Kbm5U28RBhc5VU8JHINiwYSCjipg1jrW+VFAth/zkwDvc7CYX48qLsjIkwtI2bYuY+Ln2xQTpYu6zetWZd83qxdMpLbqVxw0jvCQMgRHVH7QrPJdI59VnPXLgq2NDHRbQU62d4qQJ5Di320iuFfR4+2vH1j46j0s3uQCMP4aXIWOyYKWZIYLRY4Fb+/lQ0WtgPrxXadEEt3W1sLkt3uovQFCs4gIVqII/PwkSiatc3WrVFjhbi0aZZJzAtnCRNSjwv+Ukh3tm/H/ckBE96soRZbvEO6jnnKQdjztRSonwW1EfXT39sLs+1xSdu4DFrSqd91LlYN+5yxoUKy/4fViEfu3a66wQdORpk3pXq3Y7CITI4VSuC/l0yiQK/qalSE4N6vGKD+HWYLs5U/yaQsdbFU3SA7iGZW9epjiBgOEf9OAnxu7LR0luwU9c23ecjX1l/+UaHf8+dzp0u/v+Dx59/c2fwBBqXidBm5/S5CuuWNNa9xTLMt8MyRhDqK3d2/T6AnBuQ50aTNmD8n4lOq+GZdebdTgZAN2DEo0TvZnElHDaizsc/2YwLdrplg== X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230031)(4636009)(39860400002)(346002)(376002)(396003)(136003)(230922051799003)(64100799003)(1800799009)(186009)(82310400011)(451199024)(46966006)(36840700001)(40470700004)(478600001)(54906003)(70206006)(70586007)(6666004)(6916009)(47076005)(16526019)(26005)(1076003)(41300700001)(336012)(2616005)(316002)(426003)(7416002)(8676002)(8936002)(4326008)(2906002)(7406005)(5660300002)(44832011)(36756003)(81166007)(86362001)(36860700001)(83380400001)(82740400003)(356005)(40480700001)(40460700003)(36900700001);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 16 Oct 2023 13:49:02.1467 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: f336c685-3899-4420-41de-08dbce4eb560 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: MN1PEPF0000F0E0.namprd04.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: CH3PR12MB7521 X-Rspamd-Server: rspam08 X-Rspamd-Queue-Id: 8743D100017 X-Stat-Signature: rhsi6rrrgdn1xmjszbfk5z5fzshp3agi X-Rspam-User: X-HE-Tag: 1697464170-842287 X-HE-Meta: U2FsdGVkX18v0U6TaGVTDrvEnuImoQutkPuGb6yRNZUWKUl3ZQ1DIN6RM99kHHgPa+jI7lPWojFU633dPiEIwS4I4FDMLwLjpEqNPf06EBGM82Q+9YDOybq50AZMFS7HuiF7uAMNhuptYf+xy6Fcugi4ejlKBZ13YhDCHGlC0zrNTneIIDoOcpf9pCIFHlST6tL5SyEm68TSO9YAC4AMNSvDv8FXoJmQT4XxoJrCBoitctrL+KVmPMOHWoTH+83Er3bTcv/r3Loyg5h2tlNFmbyCcPk9QEM6M34K2GGm9+4JkrEk1yHltj50ETOr4JneJWNyJAwh4YAZ1Rc9KDekf2xy2h/odqEC8mI0/s3gTL05Tu7S+Ykcl/38wu498Bn2f6zWyvJEE4+Adt8LmAEyvJ3umonmQprfLgHBYD21z4T2x8A9U9ojhoytPE6qpwwPZv99XtH6grn/KwmsoZdQZkkvvkcZvtHf22vnZeTvauh3UbCB/Uj5m/fYJIDvsHggFOz9aibhkA1J/9u+k2YxqZ4F9cBbwE5zk/kl0b+PasukGtTafb3TBAFT/0UubgHAiwFp2+gIYMzWaQ9ZOKipeJhlA0s3l2UgdCoksLQOVIg0Mf+8rqM7Sn4Q6Ym/R2W/fhPRoRCvMAdpAvljZGOAVeWE4KudNF31J0gUa+UqCPTfr8XdGQ3xNSKQB+1mFQO1hxS3Cth77yU5E41egYNrdfYPNaPD2y55pCmBuLwVf7PQh0rhARxUZ2FObQ2qW/y7zhgkQhfuBr/Xt71UaD1J99IOwa2aY8NMPFVgC3iyym83kkQ7a2C9JtDVMO+lSjQPPFHe2TuFbXBTgUWdQHEpSWc9MLn/DqChCk5Cu800pQNSJpOqKCRhvwv+ethW736j1w9xlPTuM6FWyigYp9jinStaPNrR/2BBHlgwq/HPQRSH5rKh9PQH2a5egaBAl0TRhoG50bQsDSygG5okOcF Hb+ZwMnJ n+LAVF+qECSpsWqjZcUodErWglAI1598WEDlEaZfwwjvQ4jQSNw9QDDHtGgstwaFSEDz8ZBVibgZF+SVdNVQV+nhVCOiXI4qOyYkB1jKGYn/tElwzGzacBThjMzvEGu7CjL0OMyL2lGV0Ywt6CMJQryAYolHfOU50dJ2Ch+rSrBx/ko6zcx4jnBQPDq5BtWD39G6q5/swiaDIatrkfEbAebU2tycFVei/afmvMMRUEcXy2jTljyWOWzENNcfTImLkVfQdIWOn9Yn7H/b9DLzKaEWNWl3Cl+O9vvVtUdHBJqZLM90pKBckz8Iour5Zv0MkGiMMYfAVsGRdZ18= X-Bogosity: Ham, tests=bogofilter, spamicity=0.000004, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: From: Kim Phillips Without SEV-SNP, Automatic IBRS protects only the kernel. But when SEV-SNP is enabled, the Automatic IBRS protection umbrella widens to all host-side code, including userspace. This protection comes at a cost: reduced userspace indirect branch performance. To avoid this performance loss, don't use Automatic IBRS on SEV-SNP hosts. Fall back to retpolines instead. Signed-off-by: Kim Phillips [mdr: squash in changes from review discussion] Signed-off-by: Michael Roth Acked-by: Borislav Petkov (AMD) Acked-by: Dave Hansen --- arch/x86/kernel/cpu/common.c | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/arch/x86/kernel/cpu/common.c b/arch/x86/kernel/cpu/common.c index 382d4e6b848d..11fae89b799e 100644 --- a/arch/x86/kernel/cpu/common.c +++ b/arch/x86/kernel/cpu/common.c @@ -1357,8 +1357,13 @@ static void __init cpu_set_bug_bits(struct cpuinfo_x86 *c) /* * AMD's AutoIBRS is equivalent to Intel's eIBRS - use the Intel feature * flag and protect from vendor-specific bugs via the whitelist. + * + * Don't use AutoIBRS when SNP is enabled because it degrades host + * userspace indirect branch performance. */ - if ((ia32_cap & ARCH_CAP_IBRS_ALL) || cpu_has(c, X86_FEATURE_AUTOIBRS)) { + if ((ia32_cap & ARCH_CAP_IBRS_ALL) || + (cpu_has(c, X86_FEATURE_AUTOIBRS) && + !cpu_feature_enabled(X86_FEATURE_SEV_SNP))) { setup_force_cpu_cap(X86_FEATURE_IBRS_ENHANCED); if (!cpu_matches(cpu_vuln_whitelist, NO_EIBRS_PBRSB) && !(ia32_cap & ARCH_CAP_PBRSB_NO)) From patchwork Mon Oct 16 13:27:35 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Roth X-Patchwork-Id: 13423398 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id D2E11CDB482 for ; Mon, 16 Oct 2023 13:49:35 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 6A6018D009F; Mon, 16 Oct 2023 09:49:35 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 656438D0001; Mon, 16 Oct 2023 09:49:35 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 45C368D009F; Mon, 16 Oct 2023 09:49:35 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0013.hostedemail.com [216.40.44.13]) by kanga.kvack.org (Postfix) with ESMTP id 1FECC8D0001 for ; Mon, 16 Oct 2023 09:49:35 -0400 (EDT) Received: from smtpin05.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay09.hostedemail.com (Postfix) with ESMTP id D8A3380635 for ; Mon, 16 Oct 2023 13:49:34 +0000 (UTC) X-FDA: 81351457068.05.45EE1F1 Received: from NAM02-DM3-obe.outbound.protection.outlook.com (mail-dm3nam02on2088.outbound.protection.outlook.com [40.107.95.88]) by imf08.hostedemail.com (Postfix) with ESMTP id B9760160026 for ; Mon, 16 Oct 2023 13:49:31 +0000 (UTC) Authentication-Results: imf08.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b=AtUj9Oe5; dmarc=pass (policy=quarantine) header.from=amd.com; arc=pass ("microsoft.com:s=arcselector9901:i=1"); spf=pass (imf08.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.95.88 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1697464171; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=PaqUouGlsYXtY0U9PF+0ZlezqzxFih9kU8fhmzX1CWs=; b=v6dgQDffd1m6FR7KQymkqBmZHunWxVUpen+I2IFuts3/UfoQCK7103pA8Cvg4PmSVuzZMb 88Z81NfJEvpOdOLOcyyANv99ZQVCGuTZD6cwAwQlwQc1daa8FluHE0ByqZU29wpZ9oElb5 KyGp5m7C718Pi6jONw2aH9NHifTYz6E= ARC-Authentication-Results: i=2; imf08.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b=AtUj9Oe5; dmarc=pass (policy=quarantine) header.from=amd.com; arc=pass ("microsoft.com:s=arcselector9901:i=1"); spf=pass (imf08.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.95.88 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com ARC-Seal: i=2; s=arc-20220608; d=hostedemail.com; t=1697464171; a=rsa-sha256; cv=pass; b=QkIlbuZIsRgUV6oOafFociv9SVaYtq7KSMa3Tqu1fZwjSbCDt1SINdfdVkjBM00chxWwFm Wg48n1UbvxD8vmLJnY+E5EH5y67iZjS8fSJo+n6FLEPYJQ2nzE91RW56oISSGUYvVDfCdm XQQN9rPmRKza0cbPALbBiqPsZ2ynHtY= ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=S6j2xcICb1WAYW5katjxyQMK2ypvYMDkXjd4opOZ4jQCUn+h2V/mRKpqs0PbSUH/m6ZAQGP2usA78Jq+rNqA/IYMeMc+4442ssWSV+K/obeqvoGkdnW3YYy9RiA7FvXpefdIOVkGOl8FUWuymnmxE371ldqOq/goPVOtMyw0clS+uljZ8q9IEW7rnkyfh5g4tH3pvOAevA6BLrw2+Bnfp64+GRIq5IRPOcczTex+76C2BJ+jK3c1RdBdPl3p4qeCG6HZ17h87MviP2bJ9qI2Eqb2snN7TBMUZUSKnPzHnzFNcih0uoz4/QZYjlea3a1t4aMkubWoTZ7K8XFHDHMxGw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=PaqUouGlsYXtY0U9PF+0ZlezqzxFih9kU8fhmzX1CWs=; b=MYiLHN+dHD8Dxl9XRxrJvFbOkwGo5mX+Tv5jB42AYJktxjHLXq5zj9ucLpFaaI2keagdv2xOT40ZUIjWHfOWuRwni2Q/DDhwNPIEyNStmQWQQ4Go4EGcCj4vYqXft/1NtlDiwcKETF7NaA6ivDbfh8OyvocQd8pPkr3NJLLgGeV1q+KqcOOAMNML4pax2jmfvv/zxaNwKLtO/GHY4tsy8oHfsS22LTztvGwWF40Z/3RG0KUPsyLU4XXMFmqvG86MFfHYGrKPZrwbsoodbWTqjeA/ZsVE0krt+MBLtBFLIImaSIHgK/UZLjR9Hh3SyfR1srSholn/1N7PRyebItQcjQ== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=PaqUouGlsYXtY0U9PF+0ZlezqzxFih9kU8fhmzX1CWs=; b=AtUj9Oe5EWPTX447mi9BJrfAk8zbh1nvHMwaUdyebkw++ow/u/5esyvTYVSlNnfINvPfzH1ZFqrx3uN3Mw33sLE2tn4QkqehM0WIjdeUDdy7bweYM2tpJDVkabj+xbbtC1tWNh2M6eoriKtJxa1QW/2NYOaov6ZJtVut0wrBBSI= Received: from BL1PR13CA0399.namprd13.prod.outlook.com (2603:10b6:208:2c2::14) by SJ2PR12MB8956.namprd12.prod.outlook.com (2603:10b6:a03:53a::6) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6886.35; Mon, 16 Oct 2023 13:49:28 +0000 Received: from MN1PEPF0000F0E0.namprd04.prod.outlook.com (2603:10b6:208:2c2:cafe::4e) by BL1PR13CA0399.outlook.office365.com (2603:10b6:208:2c2::14) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6907.17 via Frontend Transport; Mon, 16 Oct 2023 13:49:28 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by MN1PEPF0000F0E0.mail.protection.outlook.com (10.167.242.38) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.6838.22 via Frontend Transport; Mon, 16 Oct 2023 13:49:25 +0000 Received: from localhost (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.27; Mon, 16 Oct 2023 08:49:25 -0500 From: Michael Roth To: CC: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , Brijesh Singh Subject: [PATCH v10 06/50] x86/sev: Add the host SEV-SNP initialization support Date: Mon, 16 Oct 2023 08:27:35 -0500 Message-ID: <20231016132819.1002933-7-michael.roth@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20231016132819.1002933-1-michael.roth@amd.com> References: <20231016132819.1002933-1-michael.roth@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: MN1PEPF0000F0E0:EE_|SJ2PR12MB8956:EE_ X-MS-Office365-Filtering-Correlation-Id: ee9467dc-b333-407f-a278-08dbce4eb746 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: sDxYiY0XsI3LBawxOu3aet6qCy52U5gLQgvnKsFkShy5ipSezLMfAdrRKYFsYRI97Y2yEy3K3FEoEzYIvZIjYs1vZxuL4zZ0zWcuuRJY/stkvZ3zH36YC74xVeslGEkaV7YDJqT9WLQ8/pDRA7PKh/aC/tYYkChiyGTNMzX4IJ1yhZwdPsLkpDGnEtIepwVCWHyXSQa05DpUxzSYzsocNbAIUtuUaTJtf9LL/9JDliZ3irPPHl8tciSNsDE4vA3olQcBy7r1KxFBFA/O71Y63Jr3q2m7qr79Js7ulK0vwBlTQMsWRNkFTlisty3506Iqyh8ulMBu3CGdkbqiOwDtbAFaZ58rx9Vtn9dN2uVBEXKwEcoYDG3lTr45/2sLNxE5HoeCus5LYOLP1pO/c4yeWUUS3cToD8D6vJf01O27z71A15fA5Ek8HDI6+zm5KCPXzxVxBVaP+xAuDiy/eBUy/AcAdRX6BsWN9b6ZjGIVvLnQUlfPtajp061BHMTdsbW8vHlkHSRBlyiveyYPuAIW4V+6sPBeddxEoPNSCsZCJskY5noBJhc16kN26Y6ywqgg6ajvAuQE9g4Fv1eliHEjmgfZfWfg+hd04M30ZEWAB9mSeyQGdqPHcRzAQwObgpvDmUd5QHjnkQICFAppGe6NbV6v99RugJ0TWIj1h8rHg914qLnnONgqrt/sTK87RjW2zJ8n0TmFCz16GKKAGR46Ir6vRS4u1PjCSPRGmQAc3aJxHgeJy++nITedyL4wOtsTncQXJ6SNKxB2TwRzIeadtg== X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230031)(4636009)(396003)(376002)(39860400002)(346002)(136003)(230922051799003)(1800799009)(186009)(82310400011)(64100799003)(451199024)(46966006)(36840700001)(40470700004)(40460700003)(336012)(426003)(2616005)(16526019)(1076003)(36860700001)(30864003)(83380400001)(47076005)(7416002)(7406005)(54906003)(70206006)(8676002)(4326008)(316002)(8936002)(70586007)(6916009)(6666004)(41300700001)(5660300002)(44832011)(81166007)(478600001)(2906002)(82740400003)(356005)(40480700001)(86362001)(36756003)(26005)(36900700001);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 16 Oct 2023 13:49:25.4906 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: ee9467dc-b333-407f-a278-08dbce4eb746 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: MN1PEPF0000F0E0.namprd04.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: SJ2PR12MB8956 X-Rspam-User: X-Stat-Signature: 9b7cg769bageqkj9n5bom9d5gn3owpxx X-Rspamd-Server: rspam07 X-Rspamd-Queue-Id: B9760160026 X-HE-Tag: 1697464171-637462 X-HE-Meta: U2FsdGVkX19XWZ4JhCmbCTjp3/mVHhJF2JLuEROXQy2+X93gvhoG9FI0lcwIVx39il9p3B2uVrACWY6hsgY/K4lmngtSwZeSTKBdmSH56+26AgOCgRqvGgclgaWIoU14MSRMGrUKm3o96wiVH7C6FmjpkbKztCbSepyvopcGvx8s9DvI1p+8FmSAnkdP7Qy/ielNEYgpsuBSJ9boxm7sthWh+F/48+h4hzPzR8Hf7xt4dBIKzBIQcQxBXP2/9PZbll6hPd3yL0nWn4d2r/IQ6hhGwkixqtlVJzywrPZUmjJjIizqxM/nE/a+xIe+WEojQ8G42r3MV9yUYEiqkBegvjG92dhsHE+0/KPkrCa04AroszZmR7NbOn0Zzi7i4fzdcX9cs/bHXu6dhr96THWg+QIwqyST+wt4OdSR86FjzJddjflviuT/HBh0543gdU2MrxUqNWx1D9OYaovzqqpdsTy3tbrAyCwPvJBlkDTasXizrijR6H5yhaOwsBZnSrSRLPHX6pHSjLhzHJ5CcytFMJztboG0aV9sZ8gepb6U3oOEu0wAB9Nwt/H+rCbte5VwDuVeebcesjitxUVXXftgJi2CwVTEN+bJ0etO1gklBkRRafrIzwbVprRy4TjUg+gkvqoidIdSq8QrChE7KC0bE+jxJVjh+Zb6NWyf3V7nZb+xLUI4VylejNXIsCZtn31gZWmi4vllobBY4/nwfasJlThwkRcdx1yIGf808isf+QXYAtBdLGJoex+P6kyXGOlMqrLBAEDMMzddPnYKrIhp40OgyHP03nqEQU6dAktx1CSCROaM6TS08GG0s2SX1ViI4TmNB2gMVLuCK51AesoEDZGBWi42L1Y0AyeDgsENx9h6jlkFfs0OqIISTtmtHPylXvvbCvaIX5LDtYVYUh/MiqHXiFwFu45x3osNgAxn3kBCfLbN+Z8Yf8RRkPH/xkV+4ZdtGWDpxBkNjRNNNpV rQpdrmZW XUfCpsP79F6VNzZPz19n+js92llfHb4lU3D9sXyutFOPSK/Aubini8sNa3sKGsFMPmHeOrLgE8VY2fd34sc5rqW1zsKVD9ED4GtgG5osm0lORymE222I1//BOmObGz3V69IDDBEirQe/wM68T/+W3iZyscZ74zT+6Ch+unXqGeTuUCgbFVImfalzhAGTlyGw8648hoCu0BMsq1peJkRgQ3q2EoFuwoQEAgt9JI3siCybJd+oVo0bKTm/XA6PKo3H51eBrkQ4k6HO9IwJv5aHABICp+mZ79PmtlE36vIhnM5Imj9h3wb5Cme4JGtdq3NnHKUf+4L42EnUaZHQ= X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: From: Brijesh Singh The memory integrity guarantees of SEV-SNP are enforced through a new structure called the Reverse Map Table (RMP). The RMP is a single data structure shared across the system that contains one entry for every 4K page of DRAM that may be used by SEV-SNP VMs. APM2 section 15.36 details a number of steps needed to detect/enable SEV-SNP and RMP table support on the host: - Detect SEV-SNP support based on CPUID bit - Initialize the RMP table memory reported by the RMP base/end MSR registers and configure IOMMU to be compatible with RMP access restrictions - Set the MtrrFixDramModEn bit in SYSCFG MSR - Set the SecureNestedPagingEn and VMPLEn bits in the SYSCFG MSR - Configure IOMMU RMP table entry format is non-architectural and it can vary by processor. It is defined by the PPR. Restrict SNP support to CPU models/families which are compatible with the current RMP table entry format to guard against any undefined behavior when running on other system types. Future models/support will handle this through an architectural mechanism to allow for broader compatibility. SNP host code depends on CONFIG_KVM_AMD_SEV config flag, which may be enabled even when CONFIG_AMD_MEM_ENCRYPT isn't set, so update the SNP-specific IOMMU helpers used here to rely on CONFIG_KVM_AMD_SEV instead of CONFIG_AMD_MEM_ENCRYPT. Co-developed-by: Ashish Kalra Signed-off-by: Ashish Kalra Co-developed-by: Tom Lendacky Signed-off-by: Tom Lendacky Signed-off-by: Brijesh Singh [mdr: rework commit message to be clearer about what patch does, squash in early_rmptable_check() handling from Tom] Signed-off-by: Michael Roth --- arch/x86/Kbuild | 2 + arch/x86/include/asm/disabled-features.h | 8 +- arch/x86/include/asm/msr-index.h | 11 +- arch/x86/include/asm/sev.h | 6 + arch/x86/kernel/cpu/amd.c | 19 ++ arch/x86/virt/svm/Makefile | 3 + arch/x86/virt/svm/sev.c | 239 +++++++++++++++++++++++ drivers/iommu/amd/init.c | 2 +- include/linux/amd-iommu.h | 2 +- 9 files changed, 288 insertions(+), 4 deletions(-) create mode 100644 arch/x86/virt/svm/Makefile create mode 100644 arch/x86/virt/svm/sev.c diff --git a/arch/x86/Kbuild b/arch/x86/Kbuild index 5a83da703e87..6a1f36df6a18 100644 --- a/arch/x86/Kbuild +++ b/arch/x86/Kbuild @@ -28,5 +28,7 @@ obj-y += net/ obj-$(CONFIG_KEXEC_FILE) += purgatory/ +obj-y += virt/svm/ + # for cleaning subdir- += boot tools diff --git a/arch/x86/include/asm/disabled-features.h b/arch/x86/include/asm/disabled-features.h index 702d93fdd10e..83efd407033b 100644 --- a/arch/x86/include/asm/disabled-features.h +++ b/arch/x86/include/asm/disabled-features.h @@ -117,6 +117,12 @@ #define DISABLE_IBT (1 << (X86_FEATURE_IBT & 31)) #endif +#ifdef CONFIG_KVM_AMD_SEV +# define DISABLE_SEV_SNP 0 +#else +# define DISABLE_SEV_SNP (1 << (X86_FEATURE_SEV_SNP & 31)) +#endif + /* * Make sure to add features to the correct mask */ @@ -141,7 +147,7 @@ DISABLE_ENQCMD) #define DISABLED_MASK17 0 #define DISABLED_MASK18 (DISABLE_IBT) -#define DISABLED_MASK19 0 +#define DISABLED_MASK19 (DISABLE_SEV_SNP) #define DISABLED_MASK20 0 #define DISABLED_MASK_CHECK BUILD_BUG_ON_ZERO(NCAPINTS != 21) diff --git a/arch/x86/include/asm/msr-index.h b/arch/x86/include/asm/msr-index.h index 1d111350197f..2be74afb4cbd 100644 --- a/arch/x86/include/asm/msr-index.h +++ b/arch/x86/include/asm/msr-index.h @@ -589,6 +589,8 @@ #define MSR_AMD64_SEV_ENABLED BIT_ULL(MSR_AMD64_SEV_ENABLED_BIT) #define MSR_AMD64_SEV_ES_ENABLED BIT_ULL(MSR_AMD64_SEV_ES_ENABLED_BIT) #define MSR_AMD64_SEV_SNP_ENABLED BIT_ULL(MSR_AMD64_SEV_SNP_ENABLED_BIT) +#define MSR_AMD64_RMP_BASE 0xc0010132 +#define MSR_AMD64_RMP_END 0xc0010133 /* SNP feature bits enabled by the hypervisor */ #define MSR_AMD64_SNP_VTOM BIT_ULL(3) @@ -690,7 +692,14 @@ #define MSR_K8_TOP_MEM2 0xc001001d #define MSR_AMD64_SYSCFG 0xc0010010 #define MSR_AMD64_SYSCFG_MEM_ENCRYPT_BIT 23 -#define MSR_AMD64_SYSCFG_MEM_ENCRYPT BIT_ULL(MSR_AMD64_SYSCFG_MEM_ENCRYPT_BIT) +#define MSR_AMD64_SYSCFG_MEM_ENCRYPT BIT_ULL(MSR_AMD64_SYSCFG_MEM_ENCRYPT_BIT) +#define MSR_AMD64_SYSCFG_SNP_EN_BIT 24 +#define MSR_AMD64_SYSCFG_SNP_EN BIT_ULL(MSR_AMD64_SYSCFG_SNP_EN_BIT) +#define MSR_AMD64_SYSCFG_SNP_VMPL_EN_BIT 25 +#define MSR_AMD64_SYSCFG_SNP_VMPL_EN BIT_ULL(MSR_AMD64_SYSCFG_SNP_VMPL_EN_BIT) +#define MSR_AMD64_SYSCFG_MFDM_BIT 19 +#define MSR_AMD64_SYSCFG_MFDM BIT_ULL(MSR_AMD64_SYSCFG_MFDM_BIT) + #define MSR_K8_INT_PENDING_MSG 0xc0010055 /* C1E active bits in int pending message */ #define K8_INTP_C1E_ACTIVE_MASK 0x18000000 diff --git a/arch/x86/include/asm/sev.h b/arch/x86/include/asm/sev.h index 5b4a1ce3d368..b05fcd0ab7e4 100644 --- a/arch/x86/include/asm/sev.h +++ b/arch/x86/include/asm/sev.h @@ -243,4 +243,10 @@ static inline u64 snp_get_unsupported_features(u64 status) { return 0; } static inline u64 sev_get_status(void) { return 0; } #endif +#ifdef CONFIG_KVM_AMD_SEV +bool snp_get_rmptable_info(u64 *start, u64 *len); +#else +static inline bool snp_get_rmptable_info(u64 *start, u64 *len) { return false; } +#endif + #endif diff --git a/arch/x86/kernel/cpu/amd.c b/arch/x86/kernel/cpu/amd.c index 14ee7f750cc7..6cc2074fcea3 100644 --- a/arch/x86/kernel/cpu/amd.c +++ b/arch/x86/kernel/cpu/amd.c @@ -20,6 +20,7 @@ #include #include #include +#include #ifdef CONFIG_X86_64 # include @@ -618,6 +619,20 @@ static void bsp_init_amd(struct cpuinfo_x86 *c) resctrl_cpu_detect(c); } +static bool early_rmptable_check(void) +{ + u64 rmp_base, rmp_size; + + /* + * For early BSP initialization, max_pfn won't be set up yet, wait until + * it is set before performing the RMP table calculations. + */ + if (!max_pfn) + return true; + + return snp_get_rmptable_info(&rmp_base, &rmp_size); +} + static void early_detect_mem_encrypt(struct cpuinfo_x86 *c) { u64 msr; @@ -659,6 +674,9 @@ static void early_detect_mem_encrypt(struct cpuinfo_x86 *c) if (!(msr & MSR_K7_HWCR_SMMLOCK)) goto clear_sev; + if (cpu_has(c, X86_FEATURE_SEV_SNP) && !early_rmptable_check()) + goto clear_snp; + return; clear_all: @@ -666,6 +684,7 @@ static void early_detect_mem_encrypt(struct cpuinfo_x86 *c) clear_sev: setup_clear_cpu_cap(X86_FEATURE_SEV); setup_clear_cpu_cap(X86_FEATURE_SEV_ES); +clear_snp: setup_clear_cpu_cap(X86_FEATURE_SEV_SNP); } } diff --git a/arch/x86/virt/svm/Makefile b/arch/x86/virt/svm/Makefile new file mode 100644 index 000000000000..ef2a31bdcc70 --- /dev/null +++ b/arch/x86/virt/svm/Makefile @@ -0,0 +1,3 @@ +# SPDX-License-Identifier: GPL-2.0 + +obj-$(CONFIG_KVM_AMD_SEV) += sev.o diff --git a/arch/x86/virt/svm/sev.c b/arch/x86/virt/svm/sev.c new file mode 100644 index 000000000000..8b9ed72489e4 --- /dev/null +++ b/arch/x86/virt/svm/sev.c @@ -0,0 +1,239 @@ +// SPDX-License-Identifier: GPL-2.0-only +/* + * AMD SVM-SEV Host Support. + * + * Copyright (C) 2023 Advanced Micro Devices, Inc. + * + * Author: Ashish Kalra + * + */ + +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include + +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include + +/* + * The RMP entry format is not architectural. The format is defined in PPR + * Family 19h Model 01h, Rev B1 processor. + */ +struct rmpentry { + u64 assigned : 1, + pagesize : 1, + immutable : 1, + rsvd1 : 9, + gpa : 39, + asid : 10, + vmsa : 1, + validated : 1, + rsvd2 : 1; + u64 rsvd3; +} __packed; + +/* + * The first 16KB from the RMP_BASE is used by the processor for the + * bookkeeping, the range needs to be added during the RMP entry lookup. + */ +#define RMPTABLE_CPU_BOOKKEEPING_SZ 0x4000 + +static struct rmpentry *rmptable_start __ro_after_init; +static u64 rmptable_max_pfn __ro_after_init; + +#undef pr_fmt +#define pr_fmt(fmt) "SEV-SNP: " fmt + +static int __mfd_enable(unsigned int cpu) +{ + u64 val; + + if (!cpu_feature_enabled(X86_FEATURE_SEV_SNP)) + return 0; + + rdmsrl(MSR_AMD64_SYSCFG, val); + + val |= MSR_AMD64_SYSCFG_MFDM; + + wrmsrl(MSR_AMD64_SYSCFG, val); + + return 0; +} + +static __init void mfd_enable(void *arg) +{ + __mfd_enable(smp_processor_id()); +} + +static int __snp_enable(unsigned int cpu) +{ + u64 val; + + if (!cpu_feature_enabled(X86_FEATURE_SEV_SNP)) + return 0; + + rdmsrl(MSR_AMD64_SYSCFG, val); + + val |= MSR_AMD64_SYSCFG_SNP_EN; + val |= MSR_AMD64_SYSCFG_SNP_VMPL_EN; + + wrmsrl(MSR_AMD64_SYSCFG, val); + + return 0; +} + +static __init void snp_enable(void *arg) +{ + __snp_enable(smp_processor_id()); +} + +#define RMP_ADDR_MASK GENMASK_ULL(51, 13) + +bool snp_get_rmptable_info(u64 *start, u64 *len) +{ + u64 max_rmp_pfn, calc_rmp_sz, rmp_sz, rmp_base, rmp_end; + + rdmsrl(MSR_AMD64_RMP_BASE, rmp_base); + rdmsrl(MSR_AMD64_RMP_END, rmp_end); + + if (!(rmp_base & RMP_ADDR_MASK) || !(rmp_end & RMP_ADDR_MASK)) { + pr_err("Memory for the RMP table has not been reserved by BIOS\n"); + return false; + } + + if (rmp_base > rmp_end) { + pr_err("RMP configuration not valid: base=%#llx, end=%#llx\n", rmp_base, rmp_end); + return false; + } + + rmp_sz = rmp_end - rmp_base + 1; + + /* + * Calculate the amount the memory that must be reserved by the BIOS to + * address the whole RAM, including the bookkeeping area. The RMP itself + * must also be covered. + */ + max_rmp_pfn = max_pfn; + if (PHYS_PFN(rmp_end) > max_pfn) + max_rmp_pfn = PHYS_PFN(rmp_end); + + calc_rmp_sz = (max_rmp_pfn << 4) + RMPTABLE_CPU_BOOKKEEPING_SZ; + + if (calc_rmp_sz > rmp_sz) { + pr_err("Memory reserved for the RMP table does not cover full system RAM (expected 0x%llx got 0x%llx)\n", + calc_rmp_sz, rmp_sz); + return false; + } + + *start = rmp_base; + *len = rmp_sz; + + return true; +} + +static __init int __snp_rmptable_init(void) +{ + u64 rmp_base, rmp_size; + void *rmp_start; + u64 val; + + if (!snp_get_rmptable_info(&rmp_base, &rmp_size)) + return 1; + + pr_info("RMP table physical address [0x%016llx - 0x%016llx]\n", + rmp_base, rmp_base + rmp_size - 1); + + rmp_start = memremap(rmp_base, rmp_size, MEMREMAP_WB); + if (!rmp_start) { + pr_err("Failed to map RMP table addr 0x%llx size 0x%llx\n", rmp_base, rmp_size); + return 1; + } + + /* + * Check if SEV-SNP is already enabled, this can happen in case of + * kexec boot. + */ + rdmsrl(MSR_AMD64_SYSCFG, val); + if (val & MSR_AMD64_SYSCFG_SNP_EN) + goto skip_enable; + + /* Initialize the RMP table to zero */ + memset(rmp_start, 0, rmp_size); + + /* Flush the caches to ensure that data is written before SNP is enabled. */ + wbinvd_on_all_cpus(); + + /* MFDM must be enabled on all the CPUs prior to enabling SNP. */ + on_each_cpu(mfd_enable, NULL, 1); + + /* Enable SNP on all CPUs. */ + on_each_cpu(snp_enable, NULL, 1); + +skip_enable: + rmp_start += RMPTABLE_CPU_BOOKKEEPING_SZ; + rmp_size -= RMPTABLE_CPU_BOOKKEEPING_SZ; + + rmptable_start = (struct rmpentry *)rmp_start; + rmptable_max_pfn = rmp_size / sizeof(struct rmpentry) - 1; + + return 0; +} + +static int __init snp_rmptable_init(void) +{ + int family, model; + + if (!cpu_feature_enabled(X86_FEATURE_SEV_SNP)) + return 0; + + family = boot_cpu_data.x86; + model = boot_cpu_data.x86_model; + + /* + * RMP table entry format is not architectural and it can vary by processor and + * is defined by the per-processor PPR. Restrict SNP support on the known CPU + * model and family for which the RMP table entry format is currently defined for. + */ + if (family != 0x19 || model > 0xaf) + goto nosnp; + + if (amd_iommu_snp_enable()) + goto nosnp; + + if (__snp_rmptable_init()) + goto nosnp; + + cpuhp_setup_state(CPUHP_AP_ONLINE_DYN, "x86/rmptable_init:online", __snp_enable, NULL); + + return 0; + +nosnp: + setup_clear_cpu_cap(X86_FEATURE_SEV_SNP); + return -ENOSYS; +} + +/* + * This must be called after the PCI subsystem. This is because amd_iommu_snp_enable() + * is called to ensure the IOMMU supports the SEV-SNP feature, which can only be + * called after subsys_initcall(). + * + * NOTE: IOMMU is enforced by SNP to ensure that hypervisor cannot program DMA + * directly into guest private memory. In case of SNP, the IOMMU ensures that + * the page(s) used for DMA are hypervisor owned. + */ +fs_initcall(snp_rmptable_init); diff --git a/drivers/iommu/amd/init.c b/drivers/iommu/amd/init.c index 45efb7e5d725..1c9924de607a 100644 --- a/drivers/iommu/amd/init.c +++ b/drivers/iommu/amd/init.c @@ -3802,7 +3802,7 @@ int amd_iommu_pc_set_reg(struct amd_iommu *iommu, u8 bank, u8 cntr, u8 fxn, u64 return iommu_pc_get_set_reg(iommu, bank, cntr, fxn, value, true); } -#ifdef CONFIG_AMD_MEM_ENCRYPT +#ifdef CONFIG_KVM_AMD_SEV int amd_iommu_snp_enable(void) { /* diff --git a/include/linux/amd-iommu.h b/include/linux/amd-iommu.h index 99a5201d9e62..55fc03cb3968 100644 --- a/include/linux/amd-iommu.h +++ b/include/linux/amd-iommu.h @@ -205,7 +205,7 @@ int amd_iommu_pc_get_reg(struct amd_iommu *iommu, u8 bank, u8 cntr, u8 fxn, u64 *value); struct amd_iommu *get_amd_iommu(unsigned int idx); -#ifdef CONFIG_AMD_MEM_ENCRYPT +#ifdef CONFIG_KVM_AMD_SEV int amd_iommu_snp_enable(void); #endif From patchwork Mon Oct 16 13:27:36 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Roth X-Patchwork-Id: 13423421 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 69CF6CDB465 for ; Mon, 16 Oct 2023 13:49:56 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 0B3028D00A0; Mon, 16 Oct 2023 09:49:56 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 063148D0001; Mon, 16 Oct 2023 09:49:56 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id E6D078D00A0; Mon, 16 Oct 2023 09:49:55 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0017.hostedemail.com [216.40.44.17]) by kanga.kvack.org (Postfix) with ESMTP id D47138D0001 for ; Mon, 16 Oct 2023 09:49:55 -0400 (EDT) Received: from smtpin22.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay04.hostedemail.com (Postfix) with ESMTP id 930D11A08F1 for ; Mon, 16 Oct 2023 13:49:55 +0000 (UTC) X-FDA: 81351457950.22.12E6472 Received: from NAM10-BN7-obe.outbound.protection.outlook.com (mail-bn7nam10on2045.outbound.protection.outlook.com [40.107.92.45]) by imf07.hostedemail.com (Postfix) with ESMTP id 6AE2940022 for ; Mon, 16 Oct 2023 13:49:52 +0000 (UTC) Authentication-Results: imf07.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b=HKb+VgnC; dmarc=pass (policy=quarantine) header.from=amd.com; spf=pass (imf07.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.92.45 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com; arc=pass ("microsoft.com:s=arcselector9901:i=1") ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1697464192; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=+o0s1fiCnrdKryYp9V6EEAV3T1cs6BBbqrNpjMPuQT0=; b=MYXWPwvqlGseUWgDXYqHJnI3muL4RUaUi2SpBoD1Cin+IMHakJYFBDaHSGAVefbJGWUggH pcKWyLtZyUtweNq1RcK9AzPfDhd98INUSi0DhOIwTYBO0NF0h+Rf3kmxZyHm07ijruH53O RVE9ChQRFBE7mfAiAJm69f+Mid6JqDQ= ARC-Authentication-Results: i=2; imf07.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b=HKb+VgnC; dmarc=pass (policy=quarantine) header.from=amd.com; spf=pass (imf07.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.92.45 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com; arc=pass ("microsoft.com:s=arcselector9901:i=1") ARC-Seal: i=2; s=arc-20220608; d=hostedemail.com; t=1697464192; a=rsa-sha256; cv=pass; b=JWM1zBI75LXAf3JG26UxQQHROQfPeDvFhhz3qZDgLst6hfAKRQQVjN+HWmUQ95BjxEIDfo EjI0kfBkFaOO7tng35cYndNPoEqmfDrFeK0KZ5HmMarfibI1e9fyeyO4YPu3AcKpwoxMin wxcctim7Pn3NqaqzTOzVdDA0NqhDLrw= ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=JbAfEmYF+8YgDV+ROtzoPKEfYN89424ZPdQ+DtJhwYnra+2pPge8zZi576ANZzXDZjoTMm0u/v1SAbzucEyAHw9jCFnNpAhA5xTVrH+23F49EPkjHTvpNDogDF9BzVe6OYDXrr+GWLHTnZ7H9mKGxCS+0ao1L2uYB7JGMCDM5VmO7xJQzRm8tt17DMQI2rcHbdOoFAnGalNt0IJbLT7GIKB9vwqSN3udMmAeRDO1dGN++CuRfIlNrkNdDVKpkjzphlimYGdhMAhIhINHtjpQoD3XYe4YfxUTwxuZk0X8A7077E2DTVQys6kPF1/+5E8Fx28Hs7rK0ZP373ADIMz5WA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=+o0s1fiCnrdKryYp9V6EEAV3T1cs6BBbqrNpjMPuQT0=; b=dvM5PIiLKEx29NDKRPYmWb5fTwO6XQMKeAIqvoaHxDVs09Kx9qmgpnBJD3U5JLdPGQ0pNMNwe+jJdIwfjTt65Jm9eWVZNolX1DXVHRXF2b9Rkn51N/9Qpe1f5nnvqOoK+r1vONxer3YBib+LT8w/G+JGwzKsvahW61S9WEhOA+/tVpzHWnsq4ORYV/gOnK9FEMrb5kb0JAiFeGNottu+I/LQRC/Z1tJDXFbQcat0ilgoMFYkuydjQB6DChwr6xSTWUcSuWC4BxrgkT0RRJJOsIRKhZXHTc3Qepk+e6qHgjPOtxd/ToTTWKhSThPwmda7MSkd3QRFfKNX7HfW7Bp0bA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=+o0s1fiCnrdKryYp9V6EEAV3T1cs6BBbqrNpjMPuQT0=; b=HKb+VgnCj5Hh9+T+q+ahkgJswIKX2lOOTwBVHsgzrtEowX0GSMJZhNX0SFkd1ZyRmXXL8Ie4OPFvXOQh4AJ+EBD18+jM2/pMmIq23iugnE6CvBRhLkeZFZsrK32k7wemJ2mAXNLqb8EImxlDvtK0V4f0iW7qTYkcNg3SN5fLBoo= Received: from BL1PR13CA0149.namprd13.prod.outlook.com (2603:10b6:208:2bb::34) by MW4PR12MB7381.namprd12.prod.outlook.com (2603:10b6:303:219::17) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6886.35; Mon, 16 Oct 2023 13:49:46 +0000 Received: from MN1PEPF0000F0E5.namprd04.prod.outlook.com (2603:10b6:208:2bb:cafe::f4) by BL1PR13CA0149.outlook.office365.com (2603:10b6:208:2bb::34) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6907.18 via Frontend Transport; Mon, 16 Oct 2023 13:49:46 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by MN1PEPF0000F0E5.mail.protection.outlook.com (10.167.242.43) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.6838.22 via Frontend Transport; Mon, 16 Oct 2023 13:49:46 +0000 Received: from localhost (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.27; Mon, 16 Oct 2023 08:49:45 -0500 From: Michael Roth To: CC: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , Brijesh Singh Subject: [PATCH v10 07/50] x86/sev: Add RMP entry lookup helpers Date: Mon, 16 Oct 2023 08:27:36 -0500 Message-ID: <20231016132819.1002933-8-michael.roth@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20231016132819.1002933-1-michael.roth@amd.com> References: <20231016132819.1002933-1-michael.roth@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: MN1PEPF0000F0E5:EE_|MW4PR12MB7381:EE_ X-MS-Office365-Filtering-Correlation-Id: 85a6f4ac-4dfc-4c14-746a-08dbce4ec23d X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: YT6g/3KhLb3PZBmdYGW/nAz+e3zuQRyv5j+/4stL0VWytWIpGx0wydcw30rX+tK7HvJx0IhFWndKLoTkDVW4O20gNb5Wte2oheJuMOhTzW7m1FaXo7/bkSv0390YblxYngsBwOak7BX01TV/3XADCcPq+xCpRy+MgfYe5YE6gu9+mpTDvCgV558K1e682nOOGpn+qtCY/v7P2MpEIzjuLvWyIR5KDII4+XrzxGtS+LGwy6ooe1aB+7xMotrdeIOAM+c52YX9Hd2/EmaZKhyGZI7SK0kzaPtkRsbfhp6zALCtYFnHikHHc7lmaSbcmbRdB7C57GxmDmsjNCiuSvbf5Fun0yxf/pPz3wSSqvZf3B3xRVHz02PL2rW0k1HcBcbOp1xnECa7Luunh4N3lFQbSvQrnwTgQlNEfpfiIVFLaBZmLKK0e32J37mDlq9oh/+fZIckEjJbc7KEmhe1rVSzumDLousQNPDdaJK/Zfifu+bMm4GOlfwsgLXJ5pJyOq3SQcWgsCV+aBOtjrdSnmJ/jLn9LxvQm/p1rpK82n37FP2PSVsVPk2CeTZGaAvOC4vWin2yDMNJbB1QgOZY69N7bgidUTnSDcUDsRCWDVW9lKidEWPLTFYGjokMLiP3rboZt3zs58E6hgZikPyGSfm5rh4ZZ+Uxzl8VNvnShY2SAtjpET1F722aWPdL0s0gWKAcCfTqnvQxjytleK/yeBPsgKFniarHnQ10ra6YdMhbD+Lo6PgTXLxfZCtkUbd0AViEWxJtNompV67HzQ1uQnUsNDzD9BKFXqApifr0lc6Pfaw= X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230031)(4636009)(39860400002)(346002)(376002)(396003)(136003)(230922051799003)(64100799003)(186009)(82310400011)(1800799009)(451199024)(46966006)(40470700004)(36840700001)(478600001)(966005)(54906003)(70206006)(70586007)(6666004)(6916009)(47076005)(16526019)(26005)(1076003)(41300700001)(336012)(426003)(2616005)(8676002)(8936002)(7406005)(7416002)(2906002)(44832011)(5660300002)(316002)(36756003)(4326008)(81166007)(86362001)(356005)(36860700001)(82740400003)(40480700001)(40460700003)(36900700001)(309714004);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 16 Oct 2023 13:49:46.4010 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 85a6f4ac-4dfc-4c14-746a-08dbce4ec23d X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: MN1PEPF0000F0E5.namprd04.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: MW4PR12MB7381 X-Rspamd-Queue-Id: 6AE2940022 X-Rspam-User: X-Rspamd-Server: rspam04 X-Stat-Signature: oxrat73toutxohj1suyq7gwcdiynao43 X-HE-Tag: 1697464192-724405 X-HE-Meta: U2FsdGVkX1+dRFR2HKwZUHQKaF/9tNt7JqLd0zP9fgWpUMJYLwS6hLRCGKRwX0StOx8i+P0mXFzI9rh1iWKrJxOTCNPMyMDDbti4SZqsfjqmmuDBUUPC0nIK0DiR/tOSeGVQZPLUjt/8WAkVhwraNeIg81BBncEBhVWEiOYtCe4tdz3IghM7uwe5EBNXGUjHi8mI4CSaOaW7DgDRmrLRCvh9ReP6zFYo3qmn9RNcfiBXRoQjutNTJ7LSgmicAVISaxFXHYd/ikUOV8XV84fl6jnzpQ6Y7Mu49sCZGPcDAzHNiCOZbnEcaNV4TSGSbbwgopBwRM7HFf7VszomCLGPXdJSmG4uvmqSDOTdJyDxShzv6c8rgFAtK/wJ5vLs0xE4WbfGRWdgP4Nw93UndyVh9pinPYGsjAaoXB7tOZ647UC6QtZDqMP0EzZ8dRUPpyPVAWCNfjBDLmmYfueWR7gD5RpPgDQLaLqrI/kCKWcYZxZSxFNucuWDSA48LRbR+0r2zc8WOdqmZxIShI822nimho7ZIIWJ0ANorv5P4gHDkACn1m25TVFmOdVYkGuYJmpzWjC+nQB0XcTbJYszDJq8EHRs5jsRXrXEKoygKP0KBFD5POLbpOO8HBGosjENcUeI2MrCeL9MVMWCyNVjl+UK+vLKAnjSrKC4+rR0ivCh1Squ9nXp9+R1lmimT4cOj2Fvub1GB949PcUjp8IIcz2aeMYddiREiklIhcOughb4G5OCaMZHuwHACkbRY6QI6TPPEC/kgcDZqLMJbUYfIF8qnFNHZEgJGz1gtsLOSpNCBpmL/EAkRdESc7ISVk3McuwtHn0zUrCN32KwBYumohndPw9IIgV3Y2f+dA3axgW5sutynlv5qut8Il3SW1R0P0NTQ8WaNkwPQXSXQ13fY7twuHfyOTU3DuW1grKLB18AogDiUP5ZKikRsU4ZnMDIJ53WgbHk/NgL7BFrs6dpMnO SzhjGRWe 6W1oEtJiakXwcnfPX1F+FvvsAYvTFKy+aRhv0dELHoM+LdS13VLOPH7zFOh8QQMnUe5Km+UIY1Y1g9O3+K5v4/NMLosGJ+QlGcIYIuGfwUopsISvfD35csZKiivWRrLiCpO9cQbk5qh2keqTu4GXWVy1bhSOunyRGCF4ouxs5BwihZzrr82CQ4F1cOnFpKjF76+ZlRnHF8nls9FoGo1KG8S9SpdTJyd6UophcLsVxJL1n6jC6ERstQfI1IpLUE9A0KlXwbyo4TLqLt9FE7GbG8YCnhQIiuE4zmg7uQ9qghSvt0SDQpLhRKX7yVpIowecnfj2n7s85S26Mp8Sbu1mFJRT9QNHGz2yhLV542WCQkOgl0ukpPlQCOjS4RYz+iLDcGz13hmnr5mUcS4c= X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: From: Brijesh Singh The snp_lookup_page_in_rmptable() can be used by the host to read the RMP entry for a given page. The RMP entry format is documented in AMD PPR, see https://bugzilla.kernel.org/attachment.cgi?id=296015. Co-developed-by: Ashish Kalra Signed-off-by: Ashish Kalra Signed-off-by: Brijesh Singh [mdr: separate 'assigned' indicator from return code] Signed-off-by: Michael Roth --- arch/x86/include/asm/sev-common.h | 4 +++ arch/x86/include/asm/sev-host.h | 22 +++++++++++++ arch/x86/virt/svm/sev.c | 53 +++++++++++++++++++++++++++++++ 3 files changed, 79 insertions(+) create mode 100644 arch/x86/include/asm/sev-host.h diff --git a/arch/x86/include/asm/sev-common.h b/arch/x86/include/asm/sev-common.h index b463fcbd4b90..1e6fb93d8ab0 100644 --- a/arch/x86/include/asm/sev-common.h +++ b/arch/x86/include/asm/sev-common.h @@ -173,4 +173,8 @@ struct snp_psc_desc { #define GHCB_ERR_INVALID_INPUT 5 #define GHCB_ERR_INVALID_EVENT 6 +/* RMP page size */ +#define RMP_PG_SIZE_4K 0 +#define RMP_TO_X86_PG_LEVEL(level) (((level) == RMP_PG_SIZE_4K) ? PG_LEVEL_4K : PG_LEVEL_2M) + #endif diff --git a/arch/x86/include/asm/sev-host.h b/arch/x86/include/asm/sev-host.h new file mode 100644 index 000000000000..4c487ce8457f --- /dev/null +++ b/arch/x86/include/asm/sev-host.h @@ -0,0 +1,22 @@ +/* SPDX-License-Identifier: GPL-2.0-only */ +/* + * AMD SVM-SEV Host Support. + * + * Copyright (C) 2023 Advanced Micro Devices, Inc. + * + * Author: Ashish Kalra + * + */ + +#ifndef __ASM_X86_SEV_HOST_H +#define __ASM_X86_SEV_HOST_H + +#include + +#ifdef CONFIG_KVM_AMD_SEV +int snp_lookup_rmpentry(u64 pfn, bool *assigned, int *level); +#else +static inline int snp_lookup_rmpentry(u64 pfn, bool *assigned, int *level) { return -ENXIO; } +#endif + +#endif diff --git a/arch/x86/virt/svm/sev.c b/arch/x86/virt/svm/sev.c index 8b9ed72489e4..7d3802605376 100644 --- a/arch/x86/virt/svm/sev.c +++ b/arch/x86/virt/svm/sev.c @@ -53,6 +53,9 @@ struct rmpentry { */ #define RMPTABLE_CPU_BOOKKEEPING_SZ 0x4000 +/* Mask to apply to a PFN to get the first PFN of a 2MB page */ +#define PFN_PMD_MASK (~((1ULL << (PMD_SHIFT - PAGE_SHIFT)) - 1)) + static struct rmpentry *rmptable_start __ro_after_init; static u64 rmptable_max_pfn __ro_after_init; @@ -237,3 +240,53 @@ static int __init snp_rmptable_init(void) * the page(s) used for DMA are hypervisor owned. */ fs_initcall(snp_rmptable_init); + +static int rmptable_entry(u64 pfn, struct rmpentry *entry) +{ + if (WARN_ON_ONCE(pfn > rmptable_max_pfn)) + return -EFAULT; + + *entry = rmptable_start[pfn]; + + return 0; +} + +static int __snp_lookup_rmpentry(u64 pfn, struct rmpentry *entry, int *level) +{ + struct rmpentry large_entry; + int ret; + + if (!cpu_feature_enabled(X86_FEATURE_SEV_SNP)) + return -ENXIO; + + ret = rmptable_entry(pfn, entry); + if (ret) + return ret; + + /* + * Find the authoritative RMP entry for a PFN. This can be either a 4K + * RMP entry or a special large RMP entry that is authoritative for a + * whole 2M area. + */ + ret = rmptable_entry(pfn & PFN_PMD_MASK, &large_entry); + if (ret) + return ret; + + *level = RMP_TO_X86_PG_LEVEL(large_entry.pagesize); + + return 0; +} + +int snp_lookup_rmpentry(u64 pfn, bool *assigned, int *level) +{ + struct rmpentry e; + int ret; + + ret = __snp_lookup_rmpentry(pfn, &e, level); + if (ret) + return ret; + + *assigned = !!e.assigned; + return 0; +} +EXPORT_SYMBOL_GPL(snp_lookup_rmpentry); From patchwork Mon Oct 16 13:27:37 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Roth X-Patchwork-Id: 13423422 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 8738DCDB465 for ; Mon, 16 Oct 2023 13:50:15 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 287938D00A1; Mon, 16 Oct 2023 09:50:15 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 237E18D0001; Mon, 16 Oct 2023 09:50:15 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 0FFAB8D00A1; Mon, 16 Oct 2023 09:50:15 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0014.hostedemail.com [216.40.44.14]) by kanga.kvack.org (Postfix) with ESMTP id F2D9B8D0001 for ; Mon, 16 Oct 2023 09:50:14 -0400 (EDT) Received: from smtpin20.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay04.hostedemail.com (Postfix) with ESMTP id C905D1A0935 for ; Mon, 16 Oct 2023 13:50:14 +0000 (UTC) X-FDA: 81351458748.20.3667E86 Received: from NAM12-MW2-obe.outbound.protection.outlook.com (mail-mw2nam12on2084.outbound.protection.outlook.com [40.107.244.84]) by imf07.hostedemail.com (Postfix) with ESMTP id AA58540012 for ; Mon, 16 Oct 2023 13:50:11 +0000 (UTC) Authentication-Results: imf07.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b=cR4TA750; dmarc=pass (policy=quarantine) header.from=amd.com; arc=pass ("microsoft.com:s=arcselector9901:i=1"); spf=pass (imf07.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.244.84 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1697464211; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=K2jPFq3zSaAuWNyG4jBNg/BHf5AYOaiRiCgR8TmXnYg=; b=0G0+QtFAJ7FKjBxKBfgqFK/fthddsX7BfEBGQV4uRzQ6MDJG4Ju3MoXxw9fZ6lx69SEtYM 9mYfOvclFJ4tCkME//PMEVqkCzNu/8sbZk9AFpar2w7ILlwzq9UeVfJbuIbm/J1/SDvB5o h6o6L0sJrQgqJeQBOTO6B15DPiXcvcI= ARC-Authentication-Results: i=2; imf07.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b=cR4TA750; dmarc=pass (policy=quarantine) header.from=amd.com; arc=pass ("microsoft.com:s=arcselector9901:i=1"); spf=pass (imf07.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.244.84 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com ARC-Seal: i=2; s=arc-20220608; d=hostedemail.com; t=1697464211; a=rsa-sha256; cv=pass; b=hYFQOx6DMXzGc6ayNDl1NL/CtctyH7Am+5bcJrZ1AFB0gbftO27wm82JnMC9eFpMjoSnP1 Vm/4AeT1Qji5TqxZl/KXAY4df3+1cOKm7SUoKS/NE0CMYbTTxphZPpimxRbTDCoBQCXyYq rA9OkuZrMplNIEMLWyA0t+xnjaDNy/0= ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=XKpySyAJZPf2sjy/vhRkOozeDbbz6J95hoqLT5gXiqfLL7rgM4PoeYNMFRMfkoUCZySsdehDD08Dja3QRXLQt6R/QS8jHVqr+xfNhPkWWmG4fHilhf+C/n0/JAmn6aVPv3J6aoUfvwi56TsDVb4Di6QQ5YEnh6QhPb8k4A5gntosXsbUwXcqk/OLHWnkfq2Xx5a+dryOS/0cGS1OIQtNgQNj5x0jQhk0HQAYAcNlGvtlDlKIP4zEuNdPhQuclmItDv4Cptm8pkvHV0K6pLkg54lHtElABbNsDuHGD8SEcB8h4fFifXnGaIH0nSRB5KYZI+OkoWouqPIPiMohy8DkEA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=K2jPFq3zSaAuWNyG4jBNg/BHf5AYOaiRiCgR8TmXnYg=; b=GCHUujVsvgCGpwoL/fe6+uEEevCrdXc50t2+Wwm5Xkw8AdsYcEekW8Njft46Pqzhk/qpG5iT5byzujs8AuprVad3+Zck0TaLL6b0I849ZOt1EKz2duCND9xJXKd/3+atB9szdiJP86HxEFePe5TDyeXuBrs/aga6ivGjCyGf3o3TfT9SSQ5WR7uhlDZ96eQajOrQDvW10/YXJtG9JJZ7ijNBZTdZIA139ycnuN9Tx5lca2ibH0vQvLus5Vbko46RfRVgg5ElzuUkwXW15TFuFXGbwkVfu6OMkwKRAXhBpwGUm2HSKDszQBuateRWzxku1++H68S9XMipseJcG7JCpg== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=K2jPFq3zSaAuWNyG4jBNg/BHf5AYOaiRiCgR8TmXnYg=; b=cR4TA750sF6P35N4nqGNslFPyR8MCRn3QMbBCE48P0pdmQXcuKhX6VVSu74sl5kIQdyf5eMUon9nHmJx1yPyBoJC2P5Yuoz/IciQhAEfBHQF/sZEF3yDkRZNCwNZ+b6wq9tEqToD5Yiju9emXM/8Yx7aLKITk8YHCyT4NGAPw9I= Received: from MN2PR05CA0034.namprd05.prod.outlook.com (2603:10b6:208:c0::47) by DM8PR12MB5399.namprd12.prod.outlook.com (2603:10b6:8:34::5) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6886.34; Mon, 16 Oct 2023 13:50:08 +0000 Received: from MN1PEPF0000F0E0.namprd04.prod.outlook.com (2603:10b6:208:c0:cafe::45) by MN2PR05CA0034.outlook.office365.com (2603:10b6:208:c0::47) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6907.18 via Frontend Transport; Mon, 16 Oct 2023 13:50:08 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by MN1PEPF0000F0E0.mail.protection.outlook.com (10.167.242.38) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.6838.22 via Frontend Transport; Mon, 16 Oct 2023 13:50:08 +0000 Received: from localhost (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.27; Mon, 16 Oct 2023 08:50:07 -0500 From: Michael Roth To: CC: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , Brijesh Singh Subject: [PATCH v10 08/50] x86/fault: Add helper for dumping RMP entries Date: Mon, 16 Oct 2023 08:27:37 -0500 Message-ID: <20231016132819.1002933-9-michael.roth@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20231016132819.1002933-1-michael.roth@amd.com> References: <20231016132819.1002933-1-michael.roth@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: MN1PEPF0000F0E0:EE_|DM8PR12MB5399:EE_ X-MS-Office365-Filtering-Correlation-Id: 3171d637-841f-4052-16dd-08dbce4ecf87 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: xl20aVboR70WIe8Xh3rdB/oQQ0cWBgrRIpCUPBzbusv4mW+tf9Ewae/m7p3fOCc871IpzYU2/NYedPgOHtvWVcmBwbXz01XU2WPx5UJrehdFG9DXoFdlun5UPg2XCYbPoDFhqyOt9/5aX1M4e13E9Yqp+16VHNV7/2fil3w2FqOCM/36GzweyVGX3zYkNgYgZPRgl3sidam548O/ZfmAIIBdaVY29pxQLIHDzjg7zoPi6No6B6xwxsB8kfPN4bpkqXimKyHekMWGv183+2ox9ULLv0io4/Hr82jhLAevZvdXPbxP67isM8OzrgL8Rg56XGlqHOP0HKeQmp6QdpAWi80Dn/aNd523mIUPfVqysd3y4FvaJVg6483e6+tnmow8Mc5fu9stZfVUB8tHL7N40Amist/vU30n0qokTeCK42Tg77dwM0RgT0uCEoWAlmVsWU1/7ay5aPJq2CUlFmvalyxCtzSFvnba461r1KkHPEXhmtErgaDUzZThZr11zUchpWCcEqkIKuyFXby6Sup57NDkijevrDCfRFZHCMxBeydE5ajobcu3uOZptsx3U9bn8Ofh2zbXHSBbIAo+mMtK3u7L9WFyFUlzGFplYPmuqx3Ll06SnxQQ0XCgRPQ604T7fHmkc2yC6Q2U/3Z96BlMZHC5LUUJ5Wqx2KhTHofReEKZG/YcFPtq33BQOAxHxzlupUhs6Y6ja+ru6IDcUkV3s616vCTsXpJCkdmJJI0XD4p+6uds/qfhOs0cA7nb/G1T6lu09bvNmfsRGVZaH+9GLw== X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230031)(4636009)(136003)(376002)(346002)(39860400002)(396003)(230922051799003)(451199024)(82310400011)(186009)(64100799003)(1800799009)(40470700004)(36840700001)(46966006)(40460700003)(40480700001)(82740400003)(36756003)(81166007)(36860700001)(47076005)(83380400001)(356005)(26005)(6666004)(16526019)(316002)(70586007)(70206006)(6916009)(478600001)(336012)(1076003)(54906003)(2616005)(426003)(2906002)(7416002)(7406005)(44832011)(41300700001)(86362001)(8676002)(8936002)(4326008)(5660300002)(36900700001);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 16 Oct 2023 13:50:08.6783 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 3171d637-841f-4052-16dd-08dbce4ecf87 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: MN1PEPF0000F0E0.namprd04.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM8PR12MB5399 X-Rspamd-Queue-Id: AA58540012 X-Rspam-User: X-Rspamd-Server: rspam05 X-Stat-Signature: zekb6ikn7h5iis1q1epyme1apzm1hznk X-HE-Tag: 1697464211-979336 X-HE-Meta: U2FsdGVkX1/UFdEHkWC9RStw8iFbkOXXCyMA7GrCGeQfY7005K1OOwtySMf8VP9p+OADmmKLg2cfRWOdgqc64RX/A6lPlEYzd2tCbeXF13dSpQ7mfCemq9UgJY3yXMwa7P3NXXpJpk4i6DF4SQeOu5OiNSuvFnXgyjXMUUfuxjYJGjF92Vludu6CMJep5j8Txfl898Sdr5Uh2YredUE8qv+b2yCNZAxzroyA/l1fSUHYKOlYXswxQWIjLPSQCIoP56xft9mm+rRdi+92Acs4cb07NpjUT2c0wcme0OV2ZifhNsYqwxjgr8/jZ34HxzE844LNLkritF/trBQpiQG+gnSmamm7FMN6X8wgXQH4vTTF7Dhy12NGIFA18f1OehKlsG+I/ozoA6wvI6dPS5xg2rS5RY0zHkckhSGCuHKQsEM+27WCZcU06SlIpPxjNJTtXmpP/8w3fPogohRRfSH7LkkDsNgms3L4iZSf6N7wm9Q4qk/pBcBhXK2Q0sWFLeYWPC6Ok0HfjX6NneiGdu/HC7r4mfaZy007Y8l6kQyj10NZnI0Of2Dlx2ZWaVErEa8bevAs7ljZIFAABpsvFuznrUi0ePWbrdmoQNqEtoXCV7iCu+WbL/GdNs9yIKqF07V0YMElS/jlrICWJoNkJr+/n9LTI2AtRFgtxAli+BJpKyDJNcP9rLjYuziDlKB7r/nlExozOWZ7i82vLR+sXFqBj9/XV8WxlKc4uiZPQsr6P+WvLu4iC8ZZlEBFlKAs/IAYls4cb6ATVpdu9+Wj40G2xUVXMoTQp4zMwnO2i68zbm+YMzn8RATiDsfe/3CYreRO4c0/lbtKCvdLquqKbLw0GZa/wSZlkEL1k7ZwpeyBlLYauAW4EOKz97XtghCoMn3MmVfHvYzn4mfXe0aAkq2ZrnBcqFTPAKW19Lsw4vf2n6uTf99qLyoz7iRwiV8uXJcGFr9UGsw+2empyDOuzLq H7WYmWSD Hw3rJtNXSckobmKcC+Y3eRUcI3QIr3v7bBZ8OgNLpoiwLlOBgzUvSvvTF7WBMoB/XV1XXSoypbSxpRPciZ2hE0kAmA+Um7CVvllmAsx34HEud0NXGyDYacBHkWHltEoQH28zSJfESpV5/MDcVdHWcgaVNbHF6MbwFniRv4judp3xeqb+v6E693auHYg+GD4dGMG0vMUUtV8Of1cRhPdnT/otxkbKN5pr3jNSSy91kXfqAIlrmfYYJeAYNogVjEba5svbhdrVnt0fEIxjYFfNnVdqq54GMe7aYW0OTTrG/88G7qr9DmlbbKdH12yi2D7cX3pEnR4/20YBvet4= X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: From: Brijesh Singh This information will be useful for debugging things like page faults due to RMP access violations and RMPUPDATE failures. Signed-off-by: Brijesh Singh Signed-off-by: Ashish Kalra [mdr: move helper to standalone patch] Signed-off-by: Michael Roth --- arch/x86/include/asm/sev-host.h | 2 + arch/x86/virt/svm/sev.c | 77 +++++++++++++++++++++++++++++++++ 2 files changed, 79 insertions(+) diff --git a/arch/x86/include/asm/sev-host.h b/arch/x86/include/asm/sev-host.h index 4c487ce8457f..bb06c57f2909 100644 --- a/arch/x86/include/asm/sev-host.h +++ b/arch/x86/include/asm/sev-host.h @@ -15,8 +15,10 @@ #ifdef CONFIG_KVM_AMD_SEV int snp_lookup_rmpentry(u64 pfn, bool *assigned, int *level); +void sev_dump_hva_rmpentry(unsigned long address); #else static inline int snp_lookup_rmpentry(u64 pfn, bool *assigned, int *level) { return -ENXIO; } +static inline void sev_dump_hva_rmpentry(unsigned long address) {} #endif #endif diff --git a/arch/x86/virt/svm/sev.c b/arch/x86/virt/svm/sev.c index 7d3802605376..cac3e311c38f 100644 --- a/arch/x86/virt/svm/sev.c +++ b/arch/x86/virt/svm/sev.c @@ -290,3 +290,80 @@ int snp_lookup_rmpentry(u64 pfn, bool *assigned, int *level) return 0; } EXPORT_SYMBOL_GPL(snp_lookup_rmpentry); + +/* + * Dump the raw RMP entry for a particular PFN. These bits are documented in the + * PPR for a particular CPU model and provide useful information about how a + * particular PFN is being utilized by the kernel/firmware at the time certain + * unexpected events occur, such as RMP faults. + */ +static void sev_dump_rmpentry(u64 dumped_pfn) +{ + struct rmpentry e; + u64 pfn, pfn_end; + int level, ret; + u64 *e_data; + + ret = __snp_lookup_rmpentry(dumped_pfn, &e, &level); + if (ret) { + pr_info("Failed to read RMP entry for PFN 0x%llx, error %d\n", + dumped_pfn, ret); + return; + } + + e_data = (u64 *)&e; + if (e.assigned) { + pr_info("RMP entry for PFN 0x%llx: [high=0x%016llx low=0x%016llx]\n", + dumped_pfn, e_data[1], e_data[0]); + return; + } + + /* + * If the RMP entry for a particular PFN is not in an assigned state, + * then it is sometimes useful to get an idea of whether or not any RMP + * entries for other PFNs within the same 2MB region are assigned, since + * those too can affect the ability to access a particular PFN in + * certain situations, such as when the PFN is being accessed via a 2MB + * mapping in the host page table. + */ + pfn = ALIGN(dumped_pfn, PTRS_PER_PMD); + pfn_end = pfn + PTRS_PER_PMD; + + while (pfn < pfn_end) { + ret = __snp_lookup_rmpentry(pfn, &e, &level); + if (ret) { + pr_info_ratelimited("Failed to read RMP entry for PFN 0x%llx\n", pfn); + pfn++; + continue; + } + + if (e_data[0] || e_data[1]) { + pr_info("No assigned RMP entry for PFN 0x%llx, but the 2MB region contains populated RMP entries, e.g.: PFN 0x%llx: [high=0x%016llx low=0x%016llx]\n", + dumped_pfn, pfn, e_data[1], e_data[0]); + return; + } + pfn++; + } + + pr_info("No populated RMP entries in the 2MB region containing PFN 0x%llx\n", + dumped_pfn); +} + +void sev_dump_hva_rmpentry(unsigned long hva) +{ + unsigned int level; + pgd_t *pgd; + pte_t *pte; + + pgd = __va(read_cr3_pa()); + pgd += pgd_index(hva); + pte = lookup_address_in_pgd(pgd, hva, &level); + + if (pte) { + pr_info("Can't dump RMP entry for HVA %lx: no PTE/PFN found\n", hva); + return; + } + + sev_dump_rmpentry(pte_pfn(*pte)); +} +EXPORT_SYMBOL_GPL(sev_dump_hva_rmpentry); From patchwork Mon Oct 16 13:27:38 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Roth X-Patchwork-Id: 13423242 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 94EA5CDB482 for ; Mon, 16 Oct 2023 13:29:15 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id DC4DD6B0199; Mon, 16 Oct 2023 09:29:14 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id D73CA6B019A; Mon, 16 Oct 2023 09:29:14 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id C14886B019C; Mon, 16 Oct 2023 09:29:14 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0012.hostedemail.com [216.40.44.12]) by kanga.kvack.org (Postfix) with ESMTP id B16D46B0199 for ; Mon, 16 Oct 2023 09:29:14 -0400 (EDT) Received: from smtpin10.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay02.hostedemail.com (Postfix) with ESMTP id 7B25C1208AA for ; Mon, 16 Oct 2023 13:29:14 +0000 (UTC) X-FDA: 81351405828.10.A081BE0 Received: from NAM11-DM6-obe.outbound.protection.outlook.com (mail-dm6nam11on2059.outbound.protection.outlook.com [40.107.223.59]) by imf08.hostedemail.com (Postfix) with ESMTP id 32D9316000B for ; Mon, 16 Oct 2023 13:29:10 +0000 (UTC) Authentication-Results: imf08.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b=j1LUaar8; arc=pass ("microsoft.com:s=arcselector9901:i=1"); dmarc=pass (policy=quarantine) header.from=amd.com; spf=pass (imf08.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.223.59 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com ARC-Seal: i=2; s=arc-20220608; d=hostedemail.com; t=1697462951; a=rsa-sha256; cv=pass; b=lmTog10aDfN0Cs0yjZtGdJ6ojSWxclmgY+5BRqx3uy5l2HVWBolJCcJy44aL9mEqyAvl/K wsWuJW9OmkKQlHO3S6ZyjKjl0sp8Ta2muCjmgmLJK3TrvSeJ/swrI3Gij38uPZ4WNMxy60 x7UmrCBrul33uUuzzWo3fHNGQWM7G7o= ARC-Authentication-Results: i=2; imf08.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b=j1LUaar8; arc=pass ("microsoft.com:s=arcselector9901:i=1"); dmarc=pass (policy=quarantine) header.from=amd.com; spf=pass (imf08.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.223.59 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1697462951; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=sxkTby7lFTzFsWFAMnJrm3V9qcqFNOGCwHnaQwzNcgE=; b=wcSdXyq4JM8nNYo3J8FRUhl7i2QR4WrbCmRkSApdnv+PP+lP7KUhyySwqNAcAtyg/gFM+j m6br95JeqSzCAc5bEsXcCeR/5aSLSzC0cUyb5m9E8/G8sp5cdZzEt5ocN04yVeKUN5ezti r/4Hfj9kLe1f3RruumUI4MvS5kGDU0k= ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=E2W7CrFhrZM45yHzRepEirhaFjhqOaAl1HHHlFoZB/SfsGUCFcT9oYVd9iWRlX7/1aNPDiPX0v0LbXn7ciwLVcdFWNtF3/flsT2phwu/bwGxABOpx8lB3fVwB6uk1rHAwSVZ9xyU+HVRoKVyiHsBUUKb1XcVwI52FAGclAIFPLut/XXm9XhHCEl4cAmfDYLUn8fS5Ys+MZ9GSWRHC0+zdnJohZeIEFX55Rm4DhZ3Z7vJq7AoursWxjmMG72zO8+ljrigeh8J6imWiDBm+6SPDb4qVwiKytpGpwsfUG3R38p1d/qdnEQipBOu/OuwEStGTNTD3Y5Ku8D1aDzKi/qbvA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=sxkTby7lFTzFsWFAMnJrm3V9qcqFNOGCwHnaQwzNcgE=; b=atebdNL17GJlrRhAUoRr9rCmS8bDduyEAkIjnFezUkAOqkAqM5sVOg7wh5iflgffZwSV8Nm+pLNEZ2w2RoGKxyP5Ol4fhB14PJfjim8DHP7bAr2QqFbAavVN4nb+/SevFp9Lb8qgj5rojketL69hEcUgnnskAmH8EsrIDzFQeev1E9iHxbhP71oe+hcjPBzunZHwrUysMSD4aq4+V3wQWRa+DqknLzFL/GmpKMpPQZkyPjTpM0a5JS+QOZHuGce/WQJPc9CbXQu63s89ZSmVKQzXGWIFNTTPnRPfEWoA7bKi4yz/Odng/74W/Jt22QR4ZUwbrTf9OI10ggH9nYw27w== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=sxkTby7lFTzFsWFAMnJrm3V9qcqFNOGCwHnaQwzNcgE=; b=j1LUaar81RoDxEoEbPcjQPwktefhABhKc8NY4SeaKSdIV8d7B5UT8iKGz3fz/zjgdE7tkPbZdhaK0Yhsf/M+sRT3PfyfJwia7SPB1Fh7/z6Cf9r63Huw4aAuoJZhzR3NN5VvRXHUcmZX/GNWRchQMJYVY21TB1fVb3S6I/PhoMY= Received: from DM6PR11CA0042.namprd11.prod.outlook.com (2603:10b6:5:14c::19) by CY5PR12MB6431.namprd12.prod.outlook.com (2603:10b6:930:39::8) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6886.34; Mon, 16 Oct 2023 13:29:07 +0000 Received: from CY4PEPF0000E9D6.namprd05.prod.outlook.com (2603:10b6:5:14c:cafe::f5) by DM6PR11CA0042.outlook.office365.com (2603:10b6:5:14c::19) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6886.35 via Frontend Transport; Mon, 16 Oct 2023 13:29:07 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by CY4PEPF0000E9D6.mail.protection.outlook.com (10.167.241.80) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.6838.22 via Frontend Transport; Mon, 16 Oct 2023 13:29:06 +0000 Received: from localhost (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.27; Mon, 16 Oct 2023 08:29:06 -0500 From: Michael Roth To: CC: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , Brijesh Singh , Dave Hansen Subject: [PATCH v10 09/50] x86/traps: Define RMP violation #PF error code Date: Mon, 16 Oct 2023 08:27:38 -0500 Message-ID: <20231016132819.1002933-10-michael.roth@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20231016132819.1002933-1-michael.roth@amd.com> References: <20231016132819.1002933-1-michael.roth@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: CY4PEPF0000E9D6:EE_|CY5PR12MB6431:EE_ X-MS-Office365-Filtering-Correlation-Id: 03a75589-b38e-49a8-8f50-08dbce4bdf68 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: vdi0/kGZRy0P4FRirFxTF5xYWfdMAuOY/FLUYc+kjt0UPtXQE34Dxvz2U7AcCNqi0qK0Q2qTOVtwrjOPcdCURuJ4bnRdkynES6rll9EOVDpEvK7ftk9cRSNX0NNevK31APjCgtWH6eyudIjo2Ei7FqgGNfErMRU3+B4MEO0NLRSx1oX1TDfO2WMf42sKWay0XPaS1k4i0zuqiuABxQib+evTeJkRSp/UxnDKbTUlbR/LMVVFbeYZuA8SNXtajgL4+AgmG+trap0ArnJIOlw0lliq7eIoFNGf9/nDBS+Jepw7WJKwzH8dWGp2PXwYLYibDEq1lq58BtpN6po+HntPohC6DzVYjSYSgF48pEgVW90eCy7XKlQ93wYxFwg3crysfOAQ6nNsi9lWa3KXLde2WCoWiAE1j77CcnNfEz0Tq4X6f9QOWekTXqscKBxSu/1eCwzO2jrl3m+CCTbQ3M0zXAWALSTQapsMXydPC10pPnc1AttawKgGtrAYTzyoEoIVO08MekS7dcGQNzc6ITWpiAjQm3zy6ieHsikfS8UKNnV4J3Aw+hRbVhw8M+siLbdK4XVgd+edtL4hgWPA4E03YPpfINDEDiNNqeoDDjiN2+tBTUTEedgIYAdlGtw/x6hPzxBPvcuRHM1ZtrWgPEEVxBj1frvYm5YbMQDwJChBTX35OfA/gL78x8xEXoE3oGun1Y6fYXLDAzLKOy+Mk5z5gSgNSwL0qGB0ZvDxqZD2ApukHMHIZ3d+8aBQf0NijOSQiYbEPNmSCWZPZJFh1GuQjw== X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230031)(4636009)(136003)(376002)(346002)(396003)(39860400002)(230922051799003)(186009)(1800799009)(82310400011)(451199024)(64100799003)(40470700004)(46966006)(36840700001)(40460700003)(40480700001)(478600001)(70586007)(70206006)(54906003)(6916009)(6666004)(47076005)(36860700001)(83380400001)(86362001)(356005)(82740400003)(316002)(336012)(16526019)(26005)(1076003)(2616005)(426003)(41300700001)(44832011)(36756003)(81166007)(7416002)(4326008)(7406005)(8936002)(5660300002)(8676002)(2906002)(36900700001);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 16 Oct 2023 13:29:06.8004 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 03a75589-b38e-49a8-8f50-08dbce4bdf68 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: CY4PEPF0000E9D6.namprd05.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: CY5PR12MB6431 X-Rspam-User: X-Rspamd-Server: rspam06 X-Rspamd-Queue-Id: 32D9316000B X-Stat-Signature: k3qdc1okoo7imza8oad85ejwrnu6cpd9 X-HE-Tag: 1697462950-343761 X-HE-Meta: U2FsdGVkX1/i6IZwIDwHpsuLpzhIyz59zZwlmYkthmCfD3d7KLdbxg5/mprOUH/6nMExpwdiZ2wDlWdIKpXxvRuscE04poz2H2xHpcz3LkPCSixGGs+kqlbEo7+S3BhA7ufHYsB/JI5D5lRBXw85vQeULRkgpC3iJBJ1eFt7Tf9mt/fmnrFWWsjwtU1GR6RG97S+zlo96Oi/+5VXUm5/lANgWZcXcHBg/vDz9CpeJMaJ0QkWmZIIr1QLtryrUhLIphPTd44TL3vzCipqbSU3Jfxyva6Bj1E85+ejblIqp8u+lFfJSmbV8Tzzao3xoaksXcBHwRiDNWMeVZVQQfIKZk4aXGDeT7pMEwrXm7/TFPWRIb53OZ/z0WTNj0uJ0cKV6ApCj+IqBeK/TS/yr2rlkuY0ApgXStFR6ayFtJ3ZveTcTfn2VuGvz23W7zTdvZGK+P291UpPba3OvhuqroecjKn4RecY/Pitouif2KB0gxd5kiByj44vSrrTNuUc9vka1XDYG7BrZIARjN6HD/AtfmN3Hrp59iC0p40/xjlI2HqhJgnTOYobUNpttVL12kDrO+tKXhmVaAsAZU0mt/hnF+iJoRAaln0VVxVW9jAKLrEM85zoyOVabJlKBfQvdplY0qQSji841w0jw3Da2JJbcKB+HJEkTEVN3qPqVl0yXE0B4zuGH6ld2uls6AggNYgVtACGoE4V3eg2G4M9MjJoLsfLSbJ8rQw2dhyVznPfL9y6KIVTWPGry90EV3WJ8aNIuRpJnDatjV5G0SMexCEX2UZWD7PndnkgVTVDFDwH8TfL9XxlLCNmgSCPUN5N4vMCVN8F9kvIyFJRGpfOOLUJgebh4R/3QoVXtLi6dx5W/wHsMIBds/3NAF8u5rbOrMKhVdaVnrft6oTyqln+Rk0FpXi7ZG5UodZ6fwK1HULYZZ3Yh/T0kGMG/AdXiJVD4vio7ffHLkvQYaHK2TkhhMO 7odxq2yZ cOE1aLPnp3bzduH++eLvBJCPO2RQxt+w3uwHtVKrkD29lcQ186N5gMh7p0LymU3um2MvE/i4MUTdqttw+EoLNBfucnm5eOCxbSNJFnXwfQc1WTjzyaS0tf4O4zR0iyyGtsV/WuzVUoBPdvs6EqgoKumClAfs/DVNiUQ+gCWPALYxlywQyIWckEUkoUCb7jZJlKf1uwN87MTaloyHHWQLUJ2rad9edAZqoUtQbEWBZmY2kPLVBLvMQZrfqE84CP8im0/v0VQFj2lGlBdUzdZoJ/EKgrdMcjijULEoJK+imHVaoLxm22FwK5lAtyOsoTBQA6QpYnrx2E3rp8BGCohzcu+AKNUJsvX4v7DzQ7Ee0H0Y63zE= X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: From: Brijesh Singh Bit 31 in the page fault-error bit will be set when processor encounters an RMP violation. While at it, use the BIT() macro. Signed-off-by: Brijesh Singh Signed-off by: Ashish Kalra Acked-by: Dave Hansen Signed-off-by: Michael Roth --- arch/x86/include/asm/trap_pf.h | 4 ++++ arch/x86/mm/fault.c | 1 + 2 files changed, 5 insertions(+) diff --git a/arch/x86/include/asm/trap_pf.h b/arch/x86/include/asm/trap_pf.h index afa524325e55..136707d7a961 100644 --- a/arch/x86/include/asm/trap_pf.h +++ b/arch/x86/include/asm/trap_pf.h @@ -2,6 +2,8 @@ #ifndef _ASM_X86_TRAP_PF_H #define _ASM_X86_TRAP_PF_H +#include /* BIT() macro */ + /* * Page fault error code bits: * @@ -13,6 +15,7 @@ * bit 5 == 1: protection keys block access * bit 6 == 1: shadow stack access fault * bit 15 == 1: SGX MMU page-fault + * bit 31 == 1: fault was due to RMP violation */ enum x86_pf_error_code { X86_PF_PROT = 1 << 0, @@ -23,6 +26,7 @@ enum x86_pf_error_code { X86_PF_PK = 1 << 5, X86_PF_SHSTK = 1 << 6, X86_PF_SGX = 1 << 15, + X86_PF_RMP = 1 << 31, }; #endif /* _ASM_X86_TRAP_PF_H */ diff --git a/arch/x86/mm/fault.c b/arch/x86/mm/fault.c index ab778eac1952..7858b9515d4a 100644 --- a/arch/x86/mm/fault.c +++ b/arch/x86/mm/fault.c @@ -547,6 +547,7 @@ show_fault_oops(struct pt_regs *regs, unsigned long error_code, unsigned long ad !(error_code & X86_PF_PROT) ? "not-present page" : (error_code & X86_PF_RSVD) ? "reserved bit violation" : (error_code & X86_PF_PK) ? "protection keys violation" : + (error_code & X86_PF_RMP) ? "RMP violation" : "permissions violation"); if (!(error_code & X86_PF_USER) && user_mode(regs)) { From patchwork Mon Oct 16 13:27:39 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Roth X-Patchwork-Id: 13423260 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 61517CDB465 for ; Mon, 16 Oct 2023 13:29:34 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 0300D8D006E; Mon, 16 Oct 2023 09:29:34 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id F22578D0001; Mon, 16 Oct 2023 09:29:33 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id DEA228D006E; Mon, 16 Oct 2023 09:29:33 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0015.hostedemail.com [216.40.44.15]) by kanga.kvack.org (Postfix) with ESMTP id CD5A68D0001 for ; Mon, 16 Oct 2023 09:29:33 -0400 (EDT) Received: from smtpin03.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay05.hostedemail.com (Postfix) with ESMTP id A24ED407B8 for ; Mon, 16 Oct 2023 13:29:33 +0000 (UTC) X-FDA: 81351406626.03.919A7CD Received: from NAM11-BN8-obe.outbound.protection.outlook.com (mail-bn8nam11on2041.outbound.protection.outlook.com [40.107.236.41]) by imf28.hostedemail.com (Postfix) with ESMTP id 67144C001E for ; Mon, 16 Oct 2023 13:29:30 +0000 (UTC) Authentication-Results: imf28.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b=ubfXJqKW; dmarc=pass (policy=quarantine) header.from=amd.com; arc=pass ("microsoft.com:s=arcselector9901:i=1"); spf=pass (imf28.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.236.41 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1697462970; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=QSrfszyDN0MVEcnDdRGYnVhbUsWlnIjoZwQuXE4U5P8=; b=f2TzUW9O7HMuJMTIr53arxSXJb/TX05/wC6EZ4l1xpNTkS/87M7wCq7f4hAiWdMk1W5Cuk Gs2QaiiYruBTMtAab097j+ASynHmvtXg1sMy5IoTrwGsc5234fuKeaxEJb1d5s0cFPjv+q GGXc6v5r2TUUrfP8i223KMGoXpruw0A= ARC-Authentication-Results: i=2; imf28.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b=ubfXJqKW; dmarc=pass (policy=quarantine) header.from=amd.com; arc=pass ("microsoft.com:s=arcselector9901:i=1"); spf=pass (imf28.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.236.41 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com ARC-Seal: i=2; s=arc-20220608; d=hostedemail.com; t=1697462970; a=rsa-sha256; cv=pass; b=cEj4PZLUnXNAesv16+CUknN9z0e7TqG8A+uAAdiZdjQiyWkDTkFZDbNPqJL0JGLwSm34ju TeyfNuO0kkh829tF1u5fcYhBXKDekrEs9KOic/KpRYkqI5/DZRw4qom8q2olVYqwbAjQK7 ecfeh87DFmDNi49kH/ZZT3d30B/z4oM= ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=S/K7wvRMvsj6b4rlYfNzi4Gd2AELJSOiQ7nIFzSZ4v2ywghDzkx1z0oiylabI1iK11UOC6CqnpWnIGH5KyxYTepfIED9kRHAWePF13sp7+qmUnsV9qPhCdCaroyTVuKDnyRUCQTDdhNiaIBBzc29MbW2t4LVv/Cj2x9qDMzZUgTTT+bqVeVyM6VcLBuFJqdEBpKto6dvwBbJe+vxUCuMFWHMHLK8IMY55szvaQnz+AuWk2mqLZS4S5tUrw7csKWEcVJuXy5h+1lbm2P4oSwE213hZQymCEUVU4g+UyfgPP9boAV/MNW8vdWDkrEvv8cxMMXs31KyMHZxx+owHITNsg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=QSrfszyDN0MVEcnDdRGYnVhbUsWlnIjoZwQuXE4U5P8=; b=CWwguQ1cBhy2EhVsDJnEn5I0WwaVUQveU8dkLvjuQOdun5rchjVP6QZfhwyTrT3iFecSdn+3v+gdzYZM5Y998km2FT2fnyg7srJMXPL0xliDifrBLH5Yx3aLHgkEVhmE9UMw2AVpKA4zV4l0N9eTm+Lcy9crKkV6TFtcTwSsJFuSCqjfEu6kfaLScdWEulnVpPgJZ6D28PWKaqWO3WxezDSD+7NkuwfJp68ABwRX03GWJWGkuV7HYm2aoOmpDfmCaOGE9s4zBpgAXFGsWebbZra9Tepht9q06r+VGooVUW29abP9U85kcb0iUpsUS436kSSofZmxRnazIkoEGF3PIw== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=QSrfszyDN0MVEcnDdRGYnVhbUsWlnIjoZwQuXE4U5P8=; b=ubfXJqKWPbIjHP3gseN+6u780hTNfHqI/owwnxOEfeE2TQM4PaJ8w4wPMTikL1vUASrkUHLkWbsIO8QlxDAz743zf13tPtddTgnJ0jCmCj0hxdwk2c3LVXVdt1g4kRWCT5lJzcwpSRPZhcRed5wM5EZUJHjSgw/HwDB+zmoktFA= Received: from CY5PR15CA0031.namprd15.prod.outlook.com (2603:10b6:930:1b::33) by BN9PR12MB5083.namprd12.prod.outlook.com (2603:10b6:408:134::18) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6886.35; Mon, 16 Oct 2023 13:29:28 +0000 Received: from CY4PEPF0000E9DB.namprd05.prod.outlook.com (2603:10b6:930:1b::4) by CY5PR15CA0031.outlook.office365.com (2603:10b6:930:1b::33) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6886.35 via Frontend Transport; Mon, 16 Oct 2023 13:29:27 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by CY4PEPF0000E9DB.mail.protection.outlook.com (10.167.241.81) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.6838.22 via Frontend Transport; Mon, 16 Oct 2023 13:29:27 +0000 Received: from localhost (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.27; Mon, 16 Oct 2023 08:29:26 -0500 From: Michael Roth To: CC: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , Subject: [PATCH v10 10/50] x86/fault: Report RMP page faults for kernel addresses Date: Mon, 16 Oct 2023 08:27:39 -0500 Message-ID: <20231016132819.1002933-11-michael.roth@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20231016132819.1002933-1-michael.roth@amd.com> References: <20231016132819.1002933-1-michael.roth@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: CY4PEPF0000E9DB:EE_|BN9PR12MB5083:EE_ X-MS-Office365-Filtering-Correlation-Id: 1585aa88-caec-4557-80f3-08dbce4beba9 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: YQaBtfwkenTDfWKT+Y6ba4Q0xRb6xQR+M07E5X2d23TdENIfAneLpechJSzJOs4quboeb5eMYPs3p4HBwMsCH2k2DTjE6ji5DGluQvWWil13SWDrIbutVcN+PwRrhiwSU0d526ZgYm2qvKEMxMB6SB9Ml5LIMiU7dIo/8aHBswdtYJJLSnIxW0ijVkgp7QvfP5IDyQSyxxnJfV5emxrnCavz07pji8vk/vqvuk3BtgQSnugtwHgRITHA0inbd5uxZAzKiplJR4EO5JU537/028DIevU9mqA6zXVhW9lF+xhmxWNJgCg1Tn7RjHUfA4pmf+G0vdhURJWHvEAH+rw+pglcU91OhOaHmOX5vJLpweHde1eKV1yXT7sCCW2MwM/nL1ZKIgDRcmxei7K0dsaaT2iAnKjh1lV68cth5qTTdgi5wZpGcQoIAH9H+U9CixdP1hEVfueg4ui72lAPxrVIEyy1bZHvlIJKNaOPsmlvJNB7yAyJg+C5IlDkiH1S5G77xq7Y2E2JDPFYxGtokZ33baUI/kVQcEuDP5ul07Bg3x7/dCQf2greYiaLWCKNwzx6dBCNhgvJAtCdAIAU1X6kQDytEpNVHGuG3HaMXvke3g2QVS7gdUtBsJ4Xu659SWV010fvB1AQ4vHoBjbs6ZHwuvRrcSRddHXyYuCGhMjHVwS48t7rGibxu/8QQCQ1B7PYVnIEoq9E6eVtPznCvEaMMXl051Px/8CbZano879lu3xkp06XglKyUGA0zSqN2de75irEeRPrphwsDRZ8kSuV1w== X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230031)(4636009)(39860400002)(396003)(376002)(346002)(136003)(230922051799003)(186009)(1800799009)(82310400011)(64100799003)(451199024)(40470700004)(36840700001)(46966006)(40460700003)(336012)(426003)(16526019)(36860700001)(1076003)(2616005)(4744005)(7406005)(7416002)(47076005)(54906003)(70206006)(8676002)(4326008)(316002)(8936002)(70586007)(6916009)(6666004)(41300700001)(44832011)(81166007)(5660300002)(478600001)(2906002)(82740400003)(356005)(40480700001)(86362001)(36756003)(26005)(36900700001);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 16 Oct 2023 13:29:27.3586 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 1585aa88-caec-4557-80f3-08dbce4beba9 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: CY4PEPF0000E9DB.namprd05.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: BN9PR12MB5083 X-Rspam-User: X-Stat-Signature: ef75r1qupkadirwtfo9te1ozqdgxnyt5 X-Rspamd-Server: rspam07 X-Rspamd-Queue-Id: 67144C001E X-HE-Tag: 1697462970-479336 X-HE-Meta: U2FsdGVkX1/k4q6chdE1LoxoHU6y+1H/hPHSZqZzlx4dvax2mWFfgZHZYef+kNmcKlRcm1+bow+HzSyPx6MySmGMWDNlIJQ5npLjKZ3lsQQyxbiG8OvMl5DqG8ARvcCao9wzxEknXGqJTIesliotyFTg+YRoS4avAsw80ESewvb+gSZF4CAwd8jPYzWnOCelUTf7xyOoqc68x/+MkOdbyyL0bPaGOQzVFUxQJ+CRv1bEQiLGk0s/Cn10bDTWU9tZV4E2CbjTMbjowQPVugKluKJZ0Y2T3cX+qMBx6JgPi68BMcErFRYT6nSlohgcRwmSJcaipxr3y8docP/gDyCtl7vZgIRM3NHWGrYrFZfczJMQlxFZuPq4bF4msk+hsuORHX6zM6Qjhu7BQIm+IevaDRECddRDnChIG+WqUAiNmMaP6r8rH1unN5k10lGw3pR57k9mekgCrFgFRupSon9WppIcVofUY+kIuGdekwuuhg74GocBwzw5pGZeEPcUKpir/2u5BSW/xsp+qQPBtzafVR9Jqf4K4AhrJ5IV9Fg/TE2wr35GkD/3xV6/i26mItko/glWcJ8zr2nym8HbyYDdMZh1njde1fU0gaEwqTSwZh2q9b54Ykt3OMPnuE6B/i2kVTWY33+6yY3l+PZXAJ1wNNp22sR5MYUL2XPNFHyXXmzuBmBwy64SuXYxjgPKt1xSUKPb/4AMTEOYwnl6vmAiOveTM4p4cjEHpdHBSPwnQm4Gyg0PRAU5t1CE0Hxvxyy6NrDV9yn9zm24vKSS24RyG+mGQBfWQmgdekN7MZAz5Nt6WD5jmDiJ51GjA1df+Qobz1L9uYcOPcc7aeHaIJbYVfa0YL5ztzCYBwaRu3JhcTVZprrrEsZDyhMOEgvebgCwpbveRdG2LDIq4PA7XYGbKzJfCmNnUTuPdqj+Deq4+zhehLC+fX8miITodc6nOdMhoINCXaosUl3D/E8P+KV 9BZx6aHo wjPO9grOOqCeYz3VAPluCEf8AGuTi+FgvjOt2X9j8R6SFYtelz/nx5H8VM2w5fADFfjVN1/n7CgFwAIA0XjyXakiVgFVBSNTwLmQYOt2vWLs5RzchWo5fsXZHrgpI2Jz4YWDK435uo+EB7Mho3wNQ3I87+sPR7WSiNrXYEzLp/e0ob6BxcTwTaaHx80/xsXYkW074zDLyHyfvw5IZkDg1ZVg10VLdiQnj9PfRD2fQb7NijLs6nYI3SVmpC8SLAVbwk3TF5YtRShnQ7NP+hxnKlbRT2EnRaiqIn8vUpb3qoafT0wm9xR0ZSEqtGf+xq8myKDtK+jwq1CFJZ5zGCdda4enp9gN4bf3Eth188Lbiq4t9FBMnY8nvuxk/Nw== X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: RMP #PFs on kernel addresses are fatal and should never happen in practice. They indicate a bug in the host kernel somewhere, so dump some information about any RMP entries related to the faulting address to aid with debugging. Signed-off-by: Michael Roth --- arch/x86/mm/fault.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/arch/x86/mm/fault.c b/arch/x86/mm/fault.c index 7858b9515d4a..9f154beef9c7 100644 --- a/arch/x86/mm/fault.c +++ b/arch/x86/mm/fault.c @@ -34,6 +34,7 @@ #include /* kvm_handle_async_pf */ #include /* fixup_vdso_exception() */ #include +#include /* sev_dump_rmpentry() */ #define CREATE_TRACE_POINTS #include @@ -580,6 +581,9 @@ show_fault_oops(struct pt_regs *regs, unsigned long error_code, unsigned long ad } dump_pagetable(address); + + if (error_code & X86_PF_RMP) + sev_dump_hva_rmpentry(address); } static noinline void From patchwork Mon Oct 16 13:27:40 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Roth X-Patchwork-Id: 13423262 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 42929CDB465 for ; Mon, 16 Oct 2023 13:30:22 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id D01A78D0070; Mon, 16 Oct 2023 09:30:21 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id CB1838D0001; Mon, 16 Oct 2023 09:30:21 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id B79CA8D0070; Mon, 16 Oct 2023 09:30:21 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0017.hostedemail.com [216.40.44.17]) by kanga.kvack.org (Postfix) with ESMTP id A8DD78D0001 for ; Mon, 16 Oct 2023 09:30:21 -0400 (EDT) Received: from smtpin06.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay09.hostedemail.com (Postfix) with ESMTP id 7B529804D9 for ; Mon, 16 Oct 2023 13:30:21 +0000 (UTC) X-FDA: 81351408642.06.E4CF1E6 Received: from NAM02-BN1-obe.outbound.protection.outlook.com (mail-bn1nam02on2050.outbound.protection.outlook.com [40.107.212.50]) by imf13.hostedemail.com (Postfix) with ESMTP id 75A4E2001C for ; Mon, 16 Oct 2023 13:30:18 +0000 (UTC) Authentication-Results: imf13.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b=Z1d+UQoS; dmarc=pass (policy=quarantine) header.from=amd.com; arc=pass ("microsoft.com:s=arcselector9901:i=1"); spf=pass (imf13.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.212.50 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1697463018; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=U1+y3wfu/XrPWjk6IeufF6Nsc1TJN1LoCddCx5qbXng=; b=vYLDXRc2YhHymx/FTVqCtw174JUV1plcA7ZiQ8JSQ7+hgDW1SVG5pHgWh3jONe/Eby2ZIv GkB58AkBVGtV2AO2RHexzFkdpU3PWHbvaLgLYPhhs5oaVR2EYpAwoIgsU63Z9DygDbgxrW lCNoDonuXZko0umsM3Yakhau9eijc0A= ARC-Authentication-Results: i=2; imf13.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b=Z1d+UQoS; dmarc=pass (policy=quarantine) header.from=amd.com; arc=pass ("microsoft.com:s=arcselector9901:i=1"); spf=pass (imf13.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.212.50 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com ARC-Seal: i=2; s=arc-20220608; d=hostedemail.com; t=1697463018; a=rsa-sha256; cv=pass; b=C7VRSL6cAyeYxx4BfTGIG4MrX9MbUIt+4kTy/mBl33WTYz1H7i66e5bJFS9UjOmj3E7KSs iPDcBXeE0dIvUKQnQ2wDw+RV1mmX6WpImtPVo4UyFn+5uaWaPiOZ3wlVouXnqhOAB1DRHj CitXy/Sfj3neHKNqM55DTtSp475Hj1g= ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=FYpQMrW4zcE5x1Xc0Z5lci7we+lq8y33FQKSpm20V2GvNW7jlPttw9VKCfuuJ1aCfRZUL2Gn1BfUtleAVzPLxeUwOjk894Cw/sgtqEn0wGA2HHw0Ml7zSpcgme0smbN+PoVrnEBKEmxnMlwgaRv97QfZhrPwD02YP9p9qkldX9/ukU+jVvmKkexsj6Iy6+g7DcXwiHf2Kd+o0f0JxZEiSOwSY76Kd9ru7DZlsj4zyUAxwHgjAdxNhfMKjqkJUnw3bC+cl8q/Vq7ZAqFTntAN8EkH7mrSoFrQbatJGjc0kTEUd37W69pwZu8s6SPQh8cnQNIcVW/1DlmwWcGYc8bI7w== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=U1+y3wfu/XrPWjk6IeufF6Nsc1TJN1LoCddCx5qbXng=; b=GIY5CYNDckwvsJEyz2LEODUWkKZlyZUId+WB7YWc5hOuIl0RBRzbZw6tlFXmNL6ajOMI15HERBrCYk2qK8se6ZqlPExCp1WzRjp8ncRUX2Tdwktez8OOlBoHQHSjrY+Im0fmzGee15RSNbxxZvTamjOtSW5MO8toeKc0f5kGvHqgKpZVysExQSVvysP6wNB7FoC6+O2DyRyb8oV2l29KoQr2UMeT2laYPI6ZozClUmA8sMF3VlsPmy8cedUfHHOWx86tMIBs0ZiToub//GYYD2cLbIuo7V+HNdudUsu/jJnlMuGSNJXQDvbPExHkTos1vh5qJcy9ap5hBZSvwNgnpg== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=U1+y3wfu/XrPWjk6IeufF6Nsc1TJN1LoCddCx5qbXng=; b=Z1d+UQoSClFfkvJ987QxE0Ou5hucEf6bisC7lfAjcEGIVy7J513EUZpqEot/0u8lwxBD2CiattwQqRSEcuXk75eI9EOu5U4xv49PKmfSLM2XWZoWRLFLL14xMoSZa+gkrxMg8ivWqL6IwWVqlmxV/i9NC71omStqlYgNvugBc8A= Received: from CYXPR03CA0054.namprd03.prod.outlook.com (2603:10b6:930:d1::24) by BY5PR12MB5512.namprd12.prod.outlook.com (2603:10b6:a03:1df::16) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6886.35; Mon, 16 Oct 2023 13:30:15 +0000 Received: from CY4PEPF0000E9D8.namprd05.prod.outlook.com (2603:10b6:930:d1:cafe::1a) by CYXPR03CA0054.outlook.office365.com (2603:10b6:930:d1::24) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6886.36 via Frontend Transport; Mon, 16 Oct 2023 13:30:15 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by CY4PEPF0000E9D8.mail.protection.outlook.com (10.167.241.83) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.6838.22 via Frontend Transport; Mon, 16 Oct 2023 13:30:14 +0000 Received: from localhost (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.27; Mon, 16 Oct 2023 08:30:13 -0500 From: Michael Roth To: CC: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , Brijesh Singh Subject: [PATCH v10 11/50] x86/sev: Add helper functions for RMPUPDATE and PSMASH instruction Date: Mon, 16 Oct 2023 08:27:40 -0500 Message-ID: <20231016132819.1002933-12-michael.roth@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20231016132819.1002933-1-michael.roth@amd.com> References: <20231016132819.1002933-1-michael.roth@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: CY4PEPF0000E9D8:EE_|BY5PR12MB5512:EE_ X-MS-Office365-Filtering-Correlation-Id: 52558e21-ba98-4b01-ddea-08dbce4c0805 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: cpW8BjRbu9BRGw8TUleBq2S+6bo1mfCs6/VBy63cNzF5RIiL+o8h1lYVxkPrXlqseyi+cuaNH+7TnIt/iZ5/nREUZz/7zNNHrQTYWnCIUgKfAuLGUsQZ2rx34rrarBG2hF1QiQMMmiPpwdNuNEr5VCxCQ9BlqbpSHOKS6x88+fYJDPSMzsQTLiz7D/TozEZXatTVnlJIYVlji5wj3p45IdDOud5NU0iapewNMhx/Jn9l4JyTUfyoTBe1i2koF320fDT4RDMIKTg0TKLfIqlRKCO5PpQ+PbRPEACo7DA9OLE356B1iPUy4is0SQuBHXV5dJ2iwm/UmzVMCwy6WSPBQ2NRr5Mo1ah2O6cshmj7mIYpduFogVH+RVV0vsVW917vThvxUSVGh+0xj4Z1NJIJXMdpuTIGqQyyrfzmJmR5N2RYEs3GTAj5vgj6ScK2B/yudbUxg7IZ8ID8b3YkM1AgQyuX6i0Ry1dySDw3VH6pJmNnO7ZiA6BBFCvxB1ikBhXVdnzHac3CIIL+HoGelE5lyjKjKz3CPBgazjxz9r83ycYYDx0dZeDXoBmxjeuG4XAQ0FzameYnWD2DQPnd6f3VPU8AFSh0EaRJHWHnO/ik5g5mU+1rlJDULy6nG3C+Eni2utnvh4P2Vl9VA5yHDuleVxhmU7Td4WcXSpevWXay281fgGiK960gIUU0VtL09iVjc7ZpW6R9R9HGW9Oo2KsHqhombxWm1NkiJGCsW94WV+RPXHYkVU44GkilZcWDPBZKlzksPtraE1EAEkkhrQoKxg== X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230031)(4636009)(39860400002)(376002)(136003)(346002)(396003)(230922051799003)(82310400011)(1800799009)(186009)(64100799003)(451199024)(40470700004)(46966006)(36840700001)(70206006)(70586007)(2616005)(6916009)(54906003)(478600001)(316002)(7406005)(426003)(1076003)(336012)(26005)(16526019)(5660300002)(8676002)(8936002)(4326008)(44832011)(2906002)(7416002)(41300700001)(86362001)(6666004)(36756003)(82740400003)(356005)(47076005)(83380400001)(36860700001)(81166007)(40460700003)(40480700001)(36900700001);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 16 Oct 2023 13:30:14.9245 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 52558e21-ba98-4b01-ddea-08dbce4c0805 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: CY4PEPF0000E9D8.namprd05.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: BY5PR12MB5512 X-Rspamd-Queue-Id: 75A4E2001C X-Rspam-User: X-Rspamd-Server: rspam05 X-Stat-Signature: s8urgrfge7fo8xdu9yy9woy47buxhzod X-HE-Tag: 1697463018-895913 X-HE-Meta: U2FsdGVkX1+dIlhCjpQ7oTffFxmZxOx7QfWmMFkvcxSU057MZQ/X6t1RHf/3kcHEgcCuCoF5t4bKsnMFBnODFpz2Kn4tBuqz95g0+yRQ7BFLk7RysEmfomDVy6A9Qo/ReRAazBHgOc6afkw9MsfmGlBTUHwliuGZHxVPzAZgNLnI5wgPN7ZQ/cVDSyTblA3dsUTQUZF4BN1PUD9o5bfVMcquypLlyTcRKgeE6+PrzuV0klyDU4qZ7tkv0V+IV0nITyPxgnFXdNXRdJtF+N5JNb3lbni6W8BwdHYEEDLSm+MlF5hDJUerr4nlGOVFK5/C8G919+BDdDMZE6ItVFG3cNQPHIaNSO7c3jDerU/pyiD5FCZN/4jT2CSkMsQxxkBoY1EOf7bgj0dPAMhetscs8TA2+7IgelejHrkn5aTWfwTpp11ixj/O/V41FSz6rMPgunGncuv5J7pSU2rWhjYnftrVysl0ezfyfTsBWHzYjYv7hDfZWIxPQdUxOZrYHI7G2s8bV4Jx0z26JBJHgNAGpDZbOsVAUz0nDDOh9xKiu+YCVZ7XGZxdrH1N7nOBfgFC3Clu6EaFwGCP6CZ0FH2efAddI80V3bFzhui9sW60TNTtnyPPbsu8U5CUe0lbLpmo+Fj4Z9N/ITFvuGTmtgtYPFAL7wNFMIPSOiW7Qf/Nj5Vl+1T1CXkUsq0gFmz/kczyfW9B75/YL/PHK3Lwv5ysUBvPQ2RoyRl+15KD7I8ZaRitG+8qi0dKLdsqnMgZoSXPWe/zmJVXy4ZE98oCPD0d1082165EuMbof2tYvAED3BaUEuCAVfBYUVZgwcwe8RzRykOW/zm1HRixPfD33i/rQZnxLEDi+/PAB0morQ0zIiASerxaPQCyraf2kCnNOI1uplrSbISdhuuiSlBLUS1TeKXot1ugikvp4Z8cJU7FqZxk9lmSY7uULbSSjJCxnfzB/VKzS6oSyqyfMkrSW8A Uuu19OQT UF2KwYN+udnTLe3irQEv4mmC0/z0TSDKkhob1tWQZCW8j+RouRQ1SOmep+5VUbpctrVPYsWtb+OdGuQOqdYIaR1me8/rkN/7ZCuu8VuIWJLyQLUKl9qd1KoMN/iGSgakouqtBJNuHam4lV1R+Si73IRDV4gwDkKXrbzdYiB4dPOuH0ZZpliEHy6rwu9KIFvpwyx1Wrzc7jIGgoYUN9mjR99FpFjl2dQ3rrCVZeo5GFbInMauY7mYnExHAndItJ6U6gJQMPH+Y1BPw5lkJ2yY+VAnX6y2mAbkHEUQuLIHYuZ8ogdnm8El+pJQz9HRo3zOCv3S8pfyqYQ4JYaY= X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: From: Brijesh Singh The RMPUPDATE instruction writes a new RMP entry in the RMP Table. The hypervisor will use the instruction to add pages to the RMP table. See APM3 for details on the instruction operations. The PSMASH instruction expands a 2MB RMP entry into a corresponding set of contiguous 4KB-Page RMP entries. The hypervisor will use this instruction to adjust the RMP entry without invalidating the previous RMP entry. Add the following external interface API functions: psmash(): Used to smash a 2MB aligned page into 4K pages while preserving the Validated bit in the RMP. rmp_make_private(): Used to assign a page to guest using the RMPUPDATE instruction. rmp_make_shared(): Used to transition a page to hypervisor/shared state using the RMPUPDATE instruction. Signed-off-by: Ashish Kalra Signed-off-by: Brijesh Singh [mdr: add RMPUPDATE retry logic for transient FAIL_OVERLAP errors] Signed-off-by: Michael Roth --- arch/x86/include/asm/sev-common.h | 14 +++++ arch/x86/include/asm/sev-host.h | 10 ++++ arch/x86/virt/svm/sev.c | 89 +++++++++++++++++++++++++++++++ 3 files changed, 113 insertions(+) diff --git a/arch/x86/include/asm/sev-common.h b/arch/x86/include/asm/sev-common.h index 1e6fb93d8ab0..93ec8c12c91d 100644 --- a/arch/x86/include/asm/sev-common.h +++ b/arch/x86/include/asm/sev-common.h @@ -173,8 +173,22 @@ struct snp_psc_desc { #define GHCB_ERR_INVALID_INPUT 5 #define GHCB_ERR_INVALID_EVENT 6 +/* RMUPDATE detected 4K page and 2MB page overlap. */ +#define RMPUPDATE_FAIL_OVERLAP 4 + /* RMP page size */ #define RMP_PG_SIZE_4K 0 +#define RMP_PG_SIZE_2M 1 #define RMP_TO_X86_PG_LEVEL(level) (((level) == RMP_PG_SIZE_4K) ? PG_LEVEL_4K : PG_LEVEL_2M) +#define X86_TO_RMP_PG_LEVEL(level) (((level) == PG_LEVEL_4K) ? RMP_PG_SIZE_4K : RMP_PG_SIZE_2M) + +struct rmp_state { + u64 gpa; + u8 assigned; + u8 pagesize; + u8 immutable; + u8 rsvd; + u32 asid; +} __packed; #endif diff --git a/arch/x86/include/asm/sev-host.h b/arch/x86/include/asm/sev-host.h index bb06c57f2909..1df989411334 100644 --- a/arch/x86/include/asm/sev-host.h +++ b/arch/x86/include/asm/sev-host.h @@ -16,9 +16,19 @@ #ifdef CONFIG_KVM_AMD_SEV int snp_lookup_rmpentry(u64 pfn, bool *assigned, int *level); void sev_dump_hva_rmpentry(unsigned long address); +int psmash(u64 pfn); +int rmp_make_private(u64 pfn, u64 gpa, enum pg_level level, int asid, bool immutable); +int rmp_make_shared(u64 pfn, enum pg_level level); #else static inline int snp_lookup_rmpentry(u64 pfn, bool *assigned, int *level) { return -ENXIO; } static inline void sev_dump_hva_rmpentry(unsigned long address) {} +static inline int psmash(u64 pfn) { return -ENXIO; } +static inline int rmp_make_private(u64 pfn, u64 gpa, enum pg_level level, int asid, + bool immutable) +{ + return -ENXIO; +} +static inline int rmp_make_shared(u64 pfn, enum pg_level level) { return -ENXIO; } #endif #endif diff --git a/arch/x86/virt/svm/sev.c b/arch/x86/virt/svm/sev.c index cac3e311c38f..24a695af13a5 100644 --- a/arch/x86/virt/svm/sev.c +++ b/arch/x86/virt/svm/sev.c @@ -367,3 +367,92 @@ void sev_dump_hva_rmpentry(unsigned long hva) sev_dump_rmpentry(pte_pfn(*pte)); } EXPORT_SYMBOL_GPL(sev_dump_hva_rmpentry); + +/* + * PSMASH a 2MB aligned page into 4K pages in the RMP table while preserving the + * Validated bit. + */ +int psmash(u64 pfn) +{ + unsigned long paddr = pfn << PAGE_SHIFT; + int ret; + + pr_debug("%s: PFN: 0x%llx\n", __func__, pfn); + + if (!pfn_valid(pfn)) + return -EINVAL; + + if (!cpu_feature_enabled(X86_FEATURE_SEV_SNP)) + return -ENXIO; + + /* Binutils version 2.36 supports the PSMASH mnemonic. */ + asm volatile(".byte 0xF3, 0x0F, 0x01, 0xFF" + : "=a"(ret) + : "a"(paddr) + : "memory", "cc"); + + return ret; +} +EXPORT_SYMBOL_GPL(psmash); + +static int rmpupdate(u64 pfn, struct rmp_state *val) +{ + unsigned long paddr = pfn << PAGE_SHIFT; + int ret, level, npages; + int attempts = 0; + + if (!cpu_feature_enabled(X86_FEATURE_SEV_SNP)) + return -ENXIO; + + do { + /* Binutils version 2.36 supports the RMPUPDATE mnemonic. */ + asm volatile(".byte 0xF2, 0x0F, 0x01, 0xFE" + : "=a"(ret) + : "a"(paddr), "c"((unsigned long)val) + : "memory", "cc"); + + attempts++; + } while (ret == RMPUPDATE_FAIL_OVERLAP); + + if (ret) { + pr_err("RMPUPDATE failed after %d attempts, ret: %d, pfn: %llx, npages: %d, level: %d\n", + attempts, ret, pfn, npages, level); + sev_dump_rmpentry(pfn); + dump_stack(); + return -EFAULT; + } + + return 0; +} + +/* + * Assign a page to guest using the RMPUPDATE instruction. + */ +int rmp_make_private(u64 pfn, u64 gpa, enum pg_level level, int asid, bool immutable) +{ + struct rmp_state val; + + memset(&val, 0, sizeof(val)); + val.assigned = 1; + val.asid = asid; + val.immutable = immutable; + val.gpa = gpa; + val.pagesize = X86_TO_RMP_PG_LEVEL(level); + + return rmpupdate(pfn, &val); +} +EXPORT_SYMBOL_GPL(rmp_make_private); + +/* + * Transition a page to hypervisor/shared state using the RMPUPDATE instruction. + */ +int rmp_make_shared(u64 pfn, enum pg_level level) +{ + struct rmp_state val; + + memset(&val, 0, sizeof(val)); + val.pagesize = X86_TO_RMP_PG_LEVEL(level); + + return rmpupdate(pfn, &val); +} +EXPORT_SYMBOL_GPL(rmp_make_shared); From patchwork Mon Oct 16 13:27:41 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Roth X-Patchwork-Id: 13423263 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id B423ECDB465 for ; Mon, 16 Oct 2023 13:30:57 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 539B98D0071; Mon, 16 Oct 2023 09:30:57 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 4E9DD8D0001; Mon, 16 Oct 2023 09:30:57 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 3D9238D0071; Mon, 16 Oct 2023 09:30:57 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0013.hostedemail.com [216.40.44.13]) by kanga.kvack.org (Postfix) with ESMTP id 2E8B48D0001 for ; Mon, 16 Oct 2023 09:30:57 -0400 (EDT) Received: from smtpin28.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay04.hostedemail.com (Postfix) with ESMTP id B70301A08AF for ; Mon, 16 Oct 2023 13:30:56 +0000 (UTC) X-FDA: 81351410112.28.56F455B Received: from NAM04-BN8-obe.outbound.protection.outlook.com (mail-bn8nam04on2074.outbound.protection.outlook.com [40.107.100.74]) by imf07.hostedemail.com (Postfix) with ESMTP id 9864340038 for ; Mon, 16 Oct 2023 13:30:53 +0000 (UTC) Authentication-Results: imf07.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b=l814euXk; spf=pass (imf07.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.100.74 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com; arc=pass ("microsoft.com:s=arcselector9901:i=1"); dmarc=pass (policy=quarantine) header.from=amd.com ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1697463053; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=CYrbyDcHXWtSbej9FlmrAnCuP7pJWHMGL7rWpm0bZ8Q=; b=MRFVVRAsvkw7hSZMb7RceGynMkSZQnxrjEaN/vMejLeZHW7tN9r2Y6L3KgaNsf6q+7mLKd sE8uyMqYJGKwv3/8PUdM6i6yxnQNfNkx2oUBOYXJcR+M7AGSltK+ZISpF4afNBGFFcD2LV 2m4keyJvsd58k67x3GXoxeqvz/vVfqk= ARC-Authentication-Results: i=2; imf07.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b=l814euXk; spf=pass (imf07.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.100.74 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com; arc=pass ("microsoft.com:s=arcselector9901:i=1"); dmarc=pass (policy=quarantine) header.from=amd.com ARC-Seal: i=2; s=arc-20220608; d=hostedemail.com; t=1697463053; a=rsa-sha256; cv=pass; b=xkPhNXSjsFuM916GTv9iobzrYBLDE2ia0XLC4b4gA5cWSJtM9ebw14yxbGlCN/+pVjMEPx 7BWMn8BE5i36heYMR1uF2O3XIJRXXgazSlXeRWZFPgv0JVtkJXjujL4I9O1U3xzFOrsMAZ 4sGD72Z/+aaDf3Wy+Wr0qgZeNGkok1E= ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=dvYRiSGtxTPR31VZ9Nz+PSpZZr6Vb76UmTXccXliHSQmZg5m4scWbSrlAikoB2OyoDzDPEH8r/y6S92CN4AC8/fgLhUsHWxKcaY72NaOMrxxhOnYSXIyZObg1KJ/Tqta3ennU6RayJVPYdUW7K5n7rhbCxVPzYVAPVfcvsjpHA30yr6XFItGgsFxGAYuG+tMALrIlji+LpPQA/WlH6Jun9He0dAI3VXnCPx6XMzmcjNTWKCquDJ6rzeK3nUTg0rfDCicD9kZbbqqkGProegxR/wygPXvmzhmpgqpXv3VKN0H4E7+tfh8l8UvZ08KAqmk5vpOKiWNjanpT9wqRjr30Q== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=CYrbyDcHXWtSbej9FlmrAnCuP7pJWHMGL7rWpm0bZ8Q=; b=cAP2gJnBe0k4jI5JlTwRF1cs9UmSUbaMfkMgmsO26eLeePgeRipTTm6u1xq1e7XeqTujgRaMmIDCb1LlNc+9Dy7Y6laFPx+ZQcORsXGzgt2iYO4emNzcO9lb1tzQvjQpdHiU2H4EjYLQG8ahbwFtW3xlGgDgW0daQCkkBXH4k/NQVhsYmQaJ/r1IYNT4wfwnjhqyPbHPxnIqDjer6wHX7JHwWCgQoDevPeeU8FFj++4OQH7Si/uFwCCfYHkBWI8+HAlo8PsBxEw6jIgTUcDrLgFxX7OfhM0jw/aDhBIioyHREBdQsPIlUjGe/43qtHBBykn0RwJgWO8sUWv1rPvVGw== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=CYrbyDcHXWtSbej9FlmrAnCuP7pJWHMGL7rWpm0bZ8Q=; b=l814euXkGiLDmn6zdj1IvUzUudJv/QHZnZQ+bCTXGsai7y7hQyHiDlAOub9YZqlNgLDOsnsrHWaztnncvSlNLQfvpstKg+VPu6A5S/7fvNNRVRSL4IrrFq1Xqb79uYZL5QQYOK/mMhohmbufV9JGsydgrv2vZFNAcTOQZoX4V8U= Received: from CY8PR19CA0038.namprd19.prod.outlook.com (2603:10b6:930:6::26) by MW6PR12MB8664.namprd12.prod.outlook.com (2603:10b6:303:23c::16) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6886.35; Mon, 16 Oct 2023 13:30:50 +0000 Received: from CY4PEPF0000E9DB.namprd05.prod.outlook.com (2603:10b6:930:6:cafe::a6) by CY8PR19CA0038.outlook.office365.com (2603:10b6:930:6::26) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6886.35 via Frontend Transport; Mon, 16 Oct 2023 13:30:50 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by CY4PEPF0000E9DB.mail.protection.outlook.com (10.167.241.81) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.6838.22 via Frontend Transport; Mon, 16 Oct 2023 13:30:49 +0000 Received: from localhost (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.27; Mon, 16 Oct 2023 08:30:48 -0500 From: Michael Roth To: CC: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , Brijesh Singh Subject: [PATCH v10 12/50] x86/sev: Invalidate pages from the direct map when adding them to the RMP table Date: Mon, 16 Oct 2023 08:27:41 -0500 Message-ID: <20231016132819.1002933-13-michael.roth@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20231016132819.1002933-1-michael.roth@amd.com> References: <20231016132819.1002933-1-michael.roth@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: CY4PEPF0000E9DB:EE_|MW6PR12MB8664:EE_ X-MS-Office365-Filtering-Correlation-Id: 95859bed-5e69-47a4-b395-08dbce4c1cdf X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: N/mHF0YBqcSVZOmd1jJJHlcYF+JQc+b2AaCLn+U0GfWi/mYkEehsiEOUmUIIProLVf1XDEVBv11UuFyooAC7xby+2xsonMQjvRq6wANNiC6HZxDMrYFE/KZg1dgL/efKGUQXGo8/hVMJg6Tbw2bpX86rqne33DnjTl5R3oZvdcRQTpqhgVATugiQAtqMnN0yRCsF4+5HYbkNXam14rW6A3Mt8abCnvVuZmtDfJI21EAfwB4r0rK4tTlWQFmK3dyELPW2KOoU3BT6iW3/DHNnvoBMmJJh9c/P3SrVXIWuG9PVe+MK0tLJkZnRVb76hnpn/sX0gStTl0Sz9TPCqo2uS/upl0IMPrKtlw7JL5eLDYJ5rC966kHbBb8kpAFVvtbYUqTLJbpj2kpb2x7/Dbwx3/PlGWlEGGxr5pddzZAz1XEpOx5Dc1u0Jl8fFLY5xPY/L3EsdMoL+Uu/FnJ20egwOQQZiYpwsaQNUUhXC/8Bp5uvbZ97TwtcIpnbtEtp7+ZL7iZ0CHGlgeR2rSsIGGc3UCrmUxIfJ8ea5879paxxsG8M+cq/eGFgnPlyyaqxRv+O47m4Udmi6WqlBd5EXKpvGvqBNgGi4u5iAxTZvsoUkdNVvXzyK9X2/vyWGiC0Nq5geGXaJIvluD3X269VZlG2rahdtBNOFc1X2DRcRePPfVDmt7ZWpU2acmN4QE4HT2mN02wozL8Nef8JZe7fGdmT2/Kmlxb5OWDicwoSIvgoYqVlnNMsql9RaXhZm2HlwaYzMlXaspZgTU4yWwzF9SLCBw== X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230031)(4636009)(136003)(346002)(396003)(376002)(39860400002)(230922051799003)(82310400011)(451199024)(1800799009)(186009)(64100799003)(40470700004)(36840700001)(46966006)(40480700001)(5660300002)(44832011)(40460700003)(6666004)(2906002)(1076003)(26005)(36756003)(2616005)(426003)(336012)(83380400001)(16526019)(82740400003)(356005)(81166007)(86362001)(36860700001)(47076005)(7406005)(7416002)(41300700001)(316002)(6916009)(54906003)(70586007)(70206006)(8676002)(4326008)(8936002)(478600001)(36900700001);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 16 Oct 2023 13:30:49.9222 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 95859bed-5e69-47a4-b395-08dbce4c1cdf X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: CY4PEPF0000E9DB.namprd05.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: MW6PR12MB8664 X-Rspamd-Queue-Id: 9864340038 X-Rspam-User: X-Stat-Signature: pkwnrs7nwehdq1dzmzektqds6wm9s51c X-Rspamd-Server: rspam01 X-HE-Tag: 1697463053-694322 X-HE-Meta: U2FsdGVkX1/JaDNaDrzoevgqKAIYIcy288auH83mmMqXZilXU2IhCZn+CSQbkWH4kumFeB6DdkQJ2GsMLxBvjoSN5/8bfbHihQKtHQkJzci9pAfy04Z7YWtp3wDWF5ZkKb5AiY+6cthn0LQ7hSv87j5qWd+4QR2GOMcvxoQ4MEILaCC1CDRvO7qguRIriPqajf+E72ZeYhoWukk1vjfFBupFE+0GawO7riljD4JqYEzofKDA3q6fjgHBuFcJdYDiKXwO993hAjHvVcMNK4Pdr++194N1vu+aarY2KmXNziyC1O82dR2aJ9gcqWU3WSU6F9gXfRrdgF0+fv9UFOJwa+xIM4OpIln8WiBUQ/RKgqV8ndSoMRktD7LO5cUyHHS/pqAaTtQwn/NOC59iMqAPuDgUVC/dz9RKzauFf+Efaue45T+NEP68P9055z7ApkoVSPkrvU7FWVdgW8rPfU0WW7Bz2oLJHobZe3mdeTuBKflXvF3GJ5YMwitfV+2U+KSBV1LvquI2GQqVKGBRqVqmAXnR5VVGoql39BZ1hkQdNQ7x5uVu/dlhjcpEiP4eHfqywP0Qh6ujH1FOILTkiwhlPmO3jnmdgr2tDaUgbhozFb8RtDKBVuwrJIC8yGHi5iQpcCkfBFKKsMqqFVwXnqM1Qq8r0FFAWmV+xPWK87BRm+9ZUutNz1rYe3cKoUXVzd6jbCBCn2p+zIM3kcGxtA/SW5wxZln2JwPh2MMz2o7VhPSxPfexPhhDaNY2x16tQp918BsVeIn1O+3JdyT2qoH7UrkXNoAIvwG7WRuKWjab+Py/Mg5YYvy9hkbEt8gWhYNets6MZwc/0v9KNfCtriXNl21e/LDYp9j59nKHE+DbvFzj4/M/3qelzjL/RngAapuwjPi+8xHFWFD98jJ8tAZ8qjxPwQ3yn/TenGZh/zuZV1P7nkG7MTFwbGcLpPxkTxit1JQXiv9E5Zpj0mmh9kY oyGP+FTR Q+OkZCbI08OZwdcQEeS0M0NTNC7vHipX+iyFliiZCqi+CEr3+LaLjMBUFy/F5bO9z/ABetS8WDL5nNu/HV7ILOmNza4p5HYJ5H730f3l76Ho8VhFVbMh8rHTBsEg5fDShR6/OU0HzA/If44Hej2NO2gWGYX21zfBnz6ie47pj5hezNpoBAIUpHDtGMPHakNsHPMiKw7vH48faNiJqYP6o3bAuju3onnpFuXZafHs+5G3kLqUU+7Hs7tuSbbo1AZ1YQcd3nPGoLZKgbX5tubSCwdAnVxnBIPCEmpL9OBX3kkx++2XRRjF1d1iN5HOSIg0O67+w56P/RMLHDEQ= X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: From: Brijesh Singh The integrity guarantee of SEV-SNP is enforced through the RMP table. The RMP is used with standard x86 and IOMMU page tables to enforce memory restrictions and page access rights. The RMP check is enforced as soon as SEV-SNP is enabled globally in the system. When hardware encounters an RMP-check failure, it raises a page-fault exception. The rmp_make_private() and rmp_make_shared() helpers are used to add or remove the pages from the RMP table. Improve the rmp_make_private() to invalidate state so that pages cannot be used in the direct-map after they are added the RMP table, and restored to their default valid permission after the pages are removed from the RMP table. Co-developed-by: Ashish Kalra Signed-off-by: Ashish Kalra Signed-off-by: Brijesh Singh --- arch/x86/virt/svm/sev.c | 62 +++++++++++++++++++++++++++++++++++++++++ 1 file changed, 62 insertions(+) diff --git a/arch/x86/virt/svm/sev.c b/arch/x86/virt/svm/sev.c index 24a695af13a5..bf9b97046e05 100644 --- a/arch/x86/virt/svm/sev.c +++ b/arch/x86/virt/svm/sev.c @@ -395,6 +395,42 @@ int psmash(u64 pfn) } EXPORT_SYMBOL_GPL(psmash); +static int restore_direct_map(u64 pfn, int npages) +{ + int i, ret = 0; + + for (i = 0; i < npages; i++) { + ret = set_direct_map_default_noflush(pfn_to_page(pfn + i)); + if (ret) + break; + } + + if (ret) + pr_warn("Failed to restore direct map for pfn 0x%llx, ret: %d\n", + pfn + i, ret); + + return ret; +} + +static int invalidate_direct_map(u64 pfn, int npages) +{ + int i, ret = 0; + + for (i = 0; i < npages; i++) { + ret = set_direct_map_invalid_noflush(pfn_to_page(pfn + i)); + if (ret) + break; + } + + if (ret) { + pr_warn("Failed to invalidate direct map for pfn 0x%llx, ret: %d\n", + pfn + i, ret); + restore_direct_map(pfn, i); + } + + return ret; +} + static int rmpupdate(u64 pfn, struct rmp_state *val) { unsigned long paddr = pfn << PAGE_SHIFT; @@ -404,6 +440,21 @@ static int rmpupdate(u64 pfn, struct rmp_state *val) if (!cpu_feature_enabled(X86_FEATURE_SEV_SNP)) return -ENXIO; + level = RMP_TO_X86_PG_LEVEL(val->pagesize); + npages = page_level_size(level) / PAGE_SIZE; + + /* + * If page is getting assigned in the RMP table then unmap it from the + * direct map. + */ + if (val->assigned) { + if (invalidate_direct_map(pfn, npages)) { + pr_err("Failed to unmap %d pages at pfn 0x%llx from the direct_map\n", + npages, pfn); + return -EFAULT; + } + } + do { /* Binutils version 2.36 supports the RMPUPDATE mnemonic. */ asm volatile(".byte 0xF2, 0x0F, 0x01, 0xFE" @@ -422,6 +473,17 @@ static int rmpupdate(u64 pfn, struct rmp_state *val) return -EFAULT; } + /* + * Restore the direct map after the page is removed from the RMP table. + */ + if (!val->assigned) { + if (restore_direct_map(pfn, npages)) { + pr_err("Failed to map %d pages at pfn 0x%llx into the direct_map\n", + npages, pfn); + return -EFAULT; + } + } + return 0; } From patchwork Mon Oct 16 13:27:42 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Roth X-Patchwork-Id: 13423264 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id C5352CDB465 for ; Mon, 16 Oct 2023 13:31:18 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 5FE3B8D0072; Mon, 16 Oct 2023 09:31:18 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 586AD8D0001; Mon, 16 Oct 2023 09:31:18 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 3DA8E8D0072; Mon, 16 Oct 2023 09:31:18 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0015.hostedemail.com [216.40.44.15]) by kanga.kvack.org (Postfix) with ESMTP id 275258D0001 for ; Mon, 16 Oct 2023 09:31:18 -0400 (EDT) Received: from smtpin24.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay07.hostedemail.com (Postfix) with ESMTP id DD29F16077F for ; Mon, 16 Oct 2023 13:31:17 +0000 (UTC) X-FDA: 81351410994.24.E17A1A9 Received: from NAM12-MW2-obe.outbound.protection.outlook.com (mail-mw2nam12on2089.outbound.protection.outlook.com [40.107.244.89]) by imf12.hostedemail.com (Postfix) with ESMTP id D181C40029 for ; Mon, 16 Oct 2023 13:31:14 +0000 (UTC) Authentication-Results: imf12.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b=oNoNJ8pK; spf=pass (imf12.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.244.89 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com; dmarc=pass (policy=quarantine) header.from=amd.com; arc=pass ("microsoft.com:s=arcselector9901:i=1") ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1697463075; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=eyEF9O0ywmF6JiSarJDT5v2g/yzKNUxtNdL5BiC9QDU=; b=gIItH4mYi8PghQUMiATFGd6fq+qDq6XJRyWzehBIzRkm98qofjQiFzv10xeuukh3rXACf0 JijFlFeFYlxlVv9NzaL1OB8daprQNzX2403kj+nBT+Bk9o0maF3F5GGBQLHje9Q/9S3wXy Xd2ZU9aNQSzmJceRk/4fh0ofHJ5pgK0= ARC-Seal: i=2; s=arc-20220608; d=hostedemail.com; t=1697463075; a=rsa-sha256; cv=pass; b=QGtjdUSB7qw5EJrjDHbkWeVTQBIIY8hqlk1j9eW68gyeRYDQg9f6CVli9/u2s6sPoG05qg hXkKnh/XeOdwwyw3ID+XcqbAs7k4ufKl+vCKIuRPk3SHbL0aOL3784NYFjRNp11p1R98Qt 8HLsYocTs26SrYd9cKCAY62Fhp68X7k= ARC-Authentication-Results: i=2; imf12.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b=oNoNJ8pK; spf=pass (imf12.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.244.89 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com; dmarc=pass (policy=quarantine) header.from=amd.com; arc=pass ("microsoft.com:s=arcselector9901:i=1") ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=WFQ3+9bb54tUElpJcMe7RcfF7RVFwTAxtq8swxwp82dTF7yid1rZRcu2ic9syrn0yoxvgiq2Q0hoelvGaiBvX4Vp3cBmTgLtD7nBU7//t0vNDUi63c1xYNHTDrfExzRF0ScqCI0ekNSl6klnBITDdxs2PEgrVkss5FmaB6yHfnGjgvQWnMd4pxTGP55uK8cCkXF4pb4PStYQMct4UkDrjOptf+OS160wskDLr6MpcAg+kzLv/zSxMhdgd3k3WYxwghoyhoRGIhl1JaKnuHgiMdVYWmn4jlMOie/T5FUw+hwq4t6YWyyuMa4saRUQ24HpFSLDhfNLYHB8vkt2pj4A0A== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=eyEF9O0ywmF6JiSarJDT5v2g/yzKNUxtNdL5BiC9QDU=; b=GF+2i9YnoDsiZZq6tKG6s7jES+KyLUtGOAHWvf2ojT9XxCeMd1QASEJZ4LPDgrRLuKWKAWLzcd8+R7gUlujLwakkiYogVs1yvcF1GSqYn4XkSTr3VVf7BwWH2pNnz2UkCo4Vk6Mj3qfKmpFUBNAX0x9kiTzYEWl3280whg3WuoM1Wv/oS6yv9UxuZb7MmLiu9VIJl7dbHryoNcjQEPEFmYPJZ5pve9Ftk0HAcs4vjtUwLi8FPiYvi6NGae5w93dwNFqe2DLNiqAPwSy7B5EDqFNAqOaZWk39ZZ85KRiwRi+7etRyOGtBV9ywVKy8i1O1mnpBTk2iHwsOBMw6s8mLGw== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=eyEF9O0ywmF6JiSarJDT5v2g/yzKNUxtNdL5BiC9QDU=; b=oNoNJ8pKVCaZf+5v3w6VqRelz/OzUvO8oe4TagDxrBCFAypW41mrAC7phr1lzv57hGTmP2w7i6jszyTAk7fyxUTzEL5jRERwW6z+GEPEeH5/5VHbjciC89yyydiTApNrvkPNuGL+/RWiiwzkX3nOr1q+r/t1mEeLRozSmHr0B5I= Received: from CH0PR03CA0017.namprd03.prod.outlook.com (2603:10b6:610:b0::22) by MW4PR12MB7192.namprd12.prod.outlook.com (2603:10b6:303:22a::15) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6886.35; Mon, 16 Oct 2023 13:31:11 +0000 Received: from MWH0EPF000989E6.namprd02.prod.outlook.com (2603:10b6:610:b0:cafe::7d) by CH0PR03CA0017.outlook.office365.com (2603:10b6:610:b0::22) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6886.35 via Frontend Transport; Mon, 16 Oct 2023 13:31:10 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by MWH0EPF000989E6.mail.protection.outlook.com (10.167.241.133) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.6838.22 via Frontend Transport; Mon, 16 Oct 2023 13:31:10 +0000 Received: from localhost (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.27; Mon, 16 Oct 2023 08:31:08 -0500 From: Michael Roth To: CC: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , Brijesh Singh Subject: [PATCH v10 13/50] crypto: ccp: Define the SEV-SNP commands Date: Mon, 16 Oct 2023 08:27:42 -0500 Message-ID: <20231016132819.1002933-14-michael.roth@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20231016132819.1002933-1-michael.roth@amd.com> References: <20231016132819.1002933-1-michael.roth@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: MWH0EPF000989E6:EE_|MW4PR12MB7192:EE_ X-MS-Office365-Filtering-Correlation-Id: c2e123aa-a01e-4e73-c34e-08dbce4c28e5 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: Yl7BfwSLGfTRSMFCpEV1AHI2XCqL/mxTLVrWzD2Rr10g6idHpMRf3oCvkTKOQoyResrXMp3HRrpgmZgNwuvtC6rjKpgW14lC//tIr9BAwsxgfxGm44wr2sMa8/9igdR6mUrd7xmitueZS+T0JHwDQQWuZHUSMJWMvZRIoj6/n2W7WfTg4wq59DggiQepA9Tfkx068eo2Qg3zCF4q6+NlsLz5VkFSRVSd3yyrKYsx1q6hPrHIPcBJs+ew/Q9O/D3Q94FAizGleQUKoxcvlAyVnkJebqn4b3uXSwihGpTZlFTZ1q1QXXZzhPFtyHqDmwGiqK2wTHVdgv3K+VB7eBapOVKPElWL/Jm7JUOkQQuEXVOrL9ItLptioFW7XqldWNjpdXRcfZXkB05iKV4Bdx+gfUB2YcLZfpoLj+2BzC2u+riXr8yE6K2gKgOukUV27M+GnaGmzVLgQy+CYBLA2+WT44YMHwWbADf5hiINFiiRsI4tvEwWGdrcVgeWRyKgU2ztcqTpzLEdUOs8tL5IY/q7ltFk8N0MjZaXa9VERmWHLMbs6I7bn84hGysCDwkm5TGwqySe1X0z1sNwzA//S1YNIIZnrZeBxj1TLvXs/ogMuqX4ffCL0+7glgs8GEFzLBD42O2o8qv4v1o5wfW9AOi2E3TTATjpVjMSg3Gtf+FC5UAapO1SGFfwnscgLSHW3kK38WzawUaAuPknSupoXGBOreQZvfLZ1iXq0LlqNMUHIIWEHHTIlIDqQxMqRy2T/Iio9PL2eqaddxiaw1Y/x99hWQ== X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230031)(4636009)(376002)(396003)(136003)(39860400002)(346002)(230922051799003)(451199024)(186009)(1800799009)(64100799003)(82310400011)(46966006)(36840700001)(40470700004)(44832011)(40460700003)(16526019)(1076003)(26005)(2616005)(336012)(82740400003)(426003)(8676002)(8936002)(4326008)(5660300002)(47076005)(83380400001)(81166007)(40480700001)(41300700001)(356005)(478600001)(86362001)(7416002)(7406005)(30864003)(2906002)(84970400001)(36860700001)(316002)(6666004)(70206006)(36756003)(54906003)(70586007)(6916009)(36900700001);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 16 Oct 2023 13:31:10.0477 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: c2e123aa-a01e-4e73-c34e-08dbce4c28e5 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: MWH0EPF000989E6.namprd02.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: MW4PR12MB7192 X-Rspamd-Queue-Id: D181C40029 X-Rspam-User: X-Stat-Signature: wpyx3zdt1yi57kn5dzhs1khxh8jj4tur X-Rspamd-Server: rspam03 X-HE-Tag: 1697463074-78772 X-HE-Meta: U2FsdGVkX18Ihf2hSQQgqEeGoBQCA81wUKilutSPGJhujyxyHuuDLyybZpH6ezztLY0vdmTn9swj0KiEqkkO4GyaoPQOODB18WVl5iMt6uYyAzvvSfIUcfl3Whb1PTqjs6Tw/zyeVER8hr4t1a3cKwNyjgdAkxESIYul0nV0IT6abKC46ddQNk5scaFkSGflMHhGEFDO+pm6ljzIql/V1hYifxozR+8cpPpFFIe3awXHn6er0BWX5ckODZuQs7jlhwOwSINO70Qi99oPgRXSCZh4iGypYuI9oUjg9/u09jPUIJSSCmE5upNDlubGxA0V8IrUOCoDZ1Nx8w3XIkIftVSieLdcciJP1GHhJqTOtaqqLMNOKL41OSV4A4uCNp608kwVoI7Pcuh1+Ax0iEKlnhKWnPQeu2OCnO3WNa4+dEEiY6B/5DFkbDDys5fKxPjA1U5SnI5z/PjVlzTosERUNVMBFJje1nwuqiC4GZSn3zL9N3A8fpNTdLZx2LH65hFtNhx/H47Wrnr5BXjE1W4jBHIdmPQtvyIksNNCYboRKqaqtLrRv4uxc62dSdKbFm7NjocMYfOyT60ZkD/D9zpjYHuhPERPz1khsU598k2Nl8EQGuy6CDtEARaCySN31S5qvGQHZQIWMKJP3zu1/KQc0qlKjOI/kB1XlFLW18HUjP+2cH55tI8lA/pMYb2xD1yCVu69+1+qM0zBA52PmoC1u81xen+vpX4mJ0KthXGl5hkgT99qtKx+Uk200QiNAbDJEPh5eO9eNPhRsscfBdBVPKG14riR3DIjtFnWi85Kiyvw9VKE4zfIDyyKlkXBi70qnO73/Q+xmej0wZNMuVaNooxWbIp9eWtIVsXKCpm56JjYjm65VntyezUKXlVR8nACcA6uINe6gSG7v0NhcxGXeLY5aTdqH9zPAukY0FHb62ud281316WbqlkhfHStlEDiuGQw3keR4ia1STT4sel Rwwct8VC mivUiTFRzU19RKigLjzk03NT0PO2wgTL9T5iWdz5ajOMYrU/dbkDoBtgdXWdU85F0SCOnR1mIacZ2j0oYHD+rV6iaFFdfgg9ai6PwW+QYtcPWldkygkN0mxNdOYIafhV4YgNE5DrGiUM76Wpy/ysvJCliwAnZ71aJr1nlDOIz4kvDirbwGAo6TCH7LpWwMsP3SAlUSFZRoIfLUTRF2cyXaW0wsH4qQMO7PICSgDUkOemFiNIB+SwzIQYp3Il+p2NCsFGZnhAU2sh1vITOmA56y/UPor9T0u+zHsSCE84oTQPPNCA1mvGoUPIPsYUoWXhuP6EZSdqFhlvTOmA= X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: From: Brijesh Singh AMD introduced the next generation of SEV called SEV-SNP (Secure Nested Paging). SEV-SNP builds upon existing SEV and SEV-ES functionality while adding new hardware security protection. Define the commands and structures used to communicate with the AMD-SP when creating and managing the SEV-SNP guests. The SEV-SNP firmware spec is available at developer.amd.com/sev. Co-developed-by: Ashish Kalra Signed-off-by: Ashish Kalra Signed-off-by: Brijesh Singh [mdr: update SNP command list and SNP status struct based on current spec, use C99 flexible arrays] Signed-off-by: Michael Roth --- drivers/crypto/ccp/sev-dev.c | 16 +++ include/linux/psp-sev.h | 246 +++++++++++++++++++++++++++++++++++ include/uapi/linux/psp-sev.h | 53 ++++++++ 3 files changed, 315 insertions(+) diff --git a/drivers/crypto/ccp/sev-dev.c b/drivers/crypto/ccp/sev-dev.c index f97166fba9d9..c2da92f19ccd 100644 --- a/drivers/crypto/ccp/sev-dev.c +++ b/drivers/crypto/ccp/sev-dev.c @@ -130,6 +130,8 @@ static int sev_cmd_buffer_len(int cmd) switch (cmd) { case SEV_CMD_INIT: return sizeof(struct sev_data_init); case SEV_CMD_INIT_EX: return sizeof(struct sev_data_init_ex); + case SEV_CMD_SNP_SHUTDOWN_EX: return sizeof(struct sev_data_snp_shutdown_ex); + case SEV_CMD_SNP_INIT_EX: return sizeof(struct sev_data_snp_init_ex); case SEV_CMD_PLATFORM_STATUS: return sizeof(struct sev_user_data_status); case SEV_CMD_PEK_CSR: return sizeof(struct sev_data_pek_csr); case SEV_CMD_PEK_CERT_IMPORT: return sizeof(struct sev_data_pek_cert_import); @@ -158,6 +160,20 @@ static int sev_cmd_buffer_len(int cmd) case SEV_CMD_GET_ID: return sizeof(struct sev_data_get_id); case SEV_CMD_ATTESTATION_REPORT: return sizeof(struct sev_data_attestation_report); case SEV_CMD_SEND_CANCEL: return sizeof(struct sev_data_send_cancel); + case SEV_CMD_SNP_GCTX_CREATE: return sizeof(struct sev_data_snp_addr); + case SEV_CMD_SNP_LAUNCH_START: return sizeof(struct sev_data_snp_launch_start); + case SEV_CMD_SNP_LAUNCH_UPDATE: return sizeof(struct sev_data_snp_launch_update); + case SEV_CMD_SNP_ACTIVATE: return sizeof(struct sev_data_snp_activate); + case SEV_CMD_SNP_DECOMMISSION: return sizeof(struct sev_data_snp_addr); + case SEV_CMD_SNP_PAGE_RECLAIM: return sizeof(struct sev_data_snp_page_reclaim); + case SEV_CMD_SNP_GUEST_STATUS: return sizeof(struct sev_data_snp_guest_status); + case SEV_CMD_SNP_LAUNCH_FINISH: return sizeof(struct sev_data_snp_launch_finish); + case SEV_CMD_SNP_DBG_DECRYPT: return sizeof(struct sev_data_snp_dbg); + case SEV_CMD_SNP_DBG_ENCRYPT: return sizeof(struct sev_data_snp_dbg); + case SEV_CMD_SNP_PAGE_UNSMASH: return sizeof(struct sev_data_snp_page_unsmash); + case SEV_CMD_SNP_PLATFORM_STATUS: return sizeof(struct sev_data_snp_addr); + case SEV_CMD_SNP_GUEST_REQUEST: return sizeof(struct sev_data_snp_guest_request); + case SEV_CMD_SNP_CONFIG: return sizeof(struct sev_user_data_snp_config); default: return 0; } diff --git a/include/linux/psp-sev.h b/include/linux/psp-sev.h index 7fd17e82bab4..a7f92e74564d 100644 --- a/include/linux/psp-sev.h +++ b/include/linux/psp-sev.h @@ -78,6 +78,36 @@ enum sev_cmd { SEV_CMD_DBG_DECRYPT = 0x060, SEV_CMD_DBG_ENCRYPT = 0x061, + /* SNP specific commands */ + SEV_CMD_SNP_INIT = 0x81, + SEV_CMD_SNP_SHUTDOWN = 0x82, + SEV_CMD_SNP_PLATFORM_STATUS = 0x83, + SEV_CMD_SNP_DF_FLUSH = 0x84, + SEV_CMD_SNP_INIT_EX = 0x85, + SEV_CMD_SNP_SHUTDOWN_EX = 0x86, + SEV_CMD_SNP_DECOMMISSION = 0x90, + SEV_CMD_SNP_ACTIVATE = 0x91, + SEV_CMD_SNP_GUEST_STATUS = 0x92, + SEV_CMD_SNP_GCTX_CREATE = 0x93, + SEV_CMD_SNP_GUEST_REQUEST = 0x94, + SEV_CMD_SNP_ACTIVATE_EX = 0x95, + SEV_CMD_SNP_LAUNCH_START = 0xA0, + SEV_CMD_SNP_LAUNCH_UPDATE = 0xA1, + SEV_CMD_SNP_LAUNCH_FINISH = 0xA2, + SEV_CMD_SNP_DBG_DECRYPT = 0xB0, + SEV_CMD_SNP_DBG_ENCRYPT = 0xB1, + SEV_CMD_SNP_PAGE_SWAP_OUT = 0xC0, + SEV_CMD_SNP_PAGE_SWAP_IN = 0xC1, + SEV_CMD_SNP_PAGE_MOVE = 0xC2, + SEV_CMD_SNP_PAGE_MD_INIT = 0xC3, + SEV_CMD_SNP_PAGE_SET_STATE = 0xC6, + SEV_CMD_SNP_PAGE_RECLAIM = 0xC7, + SEV_CMD_SNP_PAGE_UNSMASH = 0xC8, + SEV_CMD_SNP_CONFIG = 0xC9, + SEV_CMD_SNP_DOWNLOAD_FIRMWARE_EX = 0xCA, + SEV_CMD_SNP_COMMIT = 0xCB, + SEV_CMD_SNP_VLEK_LOAD = 0xCD, + SEV_CMD_MAX, }; @@ -523,6 +553,222 @@ struct sev_data_attestation_report { u32 len; /* In/Out */ } __packed; +/** + * struct sev_data_snp_download_firmware - SNP_DOWNLOAD_FIRMWARE command params + * + * @address: physical address of firmware image + * @len: len of the firmware image + */ +struct sev_data_snp_download_firmware { + u64 address; /* In */ + u32 len; /* In */ +} __packed; + +/** + * struct sev_data_snp_activate - SNP_ACTIVATE command params + * + * @gctx_paddr: system physical address guest context page + * @asid: ASID to bind to the guest + */ +struct sev_data_snp_activate { + u64 gctx_paddr; /* In */ + u32 asid; /* In */ +} __packed; + +/** + * struct sev_data_snp_addr - generic SNP command params + * + * @address: system physical address guest context page + */ +struct sev_data_snp_addr { + u64 gctx_paddr; /* In */ +} __packed; + +/** + * struct sev_data_snp_launch_start - SNP_LAUNCH_START command params + * + * @gctx_addr: system physical address of guest context page + * @policy: guest policy + * @ma_gctx_addr: system physical address of migration agent + * @imi_en: launch flow is launching an IMI for the purpose of + * guest-assisted migration. + * @ma_en: the guest is associated with a migration agent + */ +struct sev_data_snp_launch_start { + u64 gctx_paddr; /* In */ + u64 policy; /* In */ + u64 ma_gctx_paddr; /* In */ + u32 ma_en:1; /* In */ + u32 imi_en:1; /* In */ + u32 rsvd:30; + u8 gosvw[16]; /* In */ +} __packed; + +/* SNP support page type */ +enum { + SNP_PAGE_TYPE_NORMAL = 0x1, + SNP_PAGE_TYPE_VMSA = 0x2, + SNP_PAGE_TYPE_ZERO = 0x3, + SNP_PAGE_TYPE_UNMEASURED = 0x4, + SNP_PAGE_TYPE_SECRET = 0x5, + SNP_PAGE_TYPE_CPUID = 0x6, + + SNP_PAGE_TYPE_MAX +}; + +/** + * struct sev_data_snp_launch_update - SNP_LAUNCH_UPDATE command params + * + * @gctx_addr: system physical address of guest context page + * @imi_page: indicates that this page is part of the IMI of the guest + * @page_type: encoded page type + * @page_size: page size 0 indicates 4K and 1 indicates 2MB page + * @address: system physical address of destination page to encrypt + * @vmpl1_perms: VMPL permission mask for VMPL1 + * @vmpl2_perms: VMPL permission mask for VMPL2 + * @vmpl3_perms: VMPL permission mask for VMPL3 + */ +struct sev_data_snp_launch_update { + u64 gctx_paddr; /* In */ + u32 page_size:1; /* In */ + u32 page_type:3; /* In */ + u32 imi_page:1; /* In */ + u32 rsvd:27; + u32 rsvd2; + u64 address; /* In */ + u32 rsvd3:8; + u32 vmpl1_perms:8; /* In */ + u32 vmpl2_perms:8; /* In */ + u32 vmpl3_perms:8; /* In */ + u32 rsvd4; +} __packed; + +/** + * struct sev_data_snp_launch_finish - SNP_LAUNCH_FINISH command params + * + * @gctx_addr: system physical address of guest context page + */ +struct sev_data_snp_launch_finish { + u64 gctx_paddr; + u64 id_block_paddr; + u64 id_auth_paddr; + u8 id_block_en:1; + u8 auth_key_en:1; + u64 rsvd:62; + u8 host_data[32]; +} __packed; + +/** + * struct sev_data_snp_guest_status - SNP_GUEST_STATUS command params + * + * @gctx_paddr: system physical address of guest context page + * @address: system physical address of guest status page + */ +struct sev_data_snp_guest_status { + u64 gctx_paddr; + u64 address; +} __packed; + +/** + * struct sev_data_snp_page_reclaim - SNP_PAGE_RECLAIM command params + * + * @paddr: system physical address of page to be claimed. The 0th bit + * in the address indicates the page size. 0h indicates 4 kB and + * 1h indicates 2 MB page. + */ +struct sev_data_snp_page_reclaim { + u64 paddr; +} __packed; + +/** + * struct sev_data_snp_page_unsmash - SNP_PAGE_UNSMASH command params + * + * @paddr: system physical address of page to be unsmashed. The 0th bit + * in the address indicates the page size. 0h indicates 4 kB and + * 1h indicates 2 MB page. + */ +struct sev_data_snp_page_unsmash { + u64 paddr; +} __packed; + +/** + * struct sev_data_dbg - DBG_ENCRYPT/DBG_DECRYPT command parameters + * + * @handle: handle of the VM to perform debug operation + * @src_addr: source address of data to operate on + * @dst_addr: destination address of data to operate on + */ +struct sev_data_snp_dbg { + u64 gctx_paddr; /* In */ + u64 src_addr; /* In */ + u64 dst_addr; /* In */ +} __packed; + +/** + * struct sev_snp_guest_request - SNP_GUEST_REQUEST command params + * + * @gctx_paddr: system physical address of guest context page + * @req_paddr: system physical address of request page + * @res_paddr: system physical address of response page + */ +struct sev_data_snp_guest_request { + u64 gctx_paddr; /* In */ + u64 req_paddr; /* In */ + u64 res_paddr; /* In */ +} __packed; + +/** + * struct sev_data_snp_init - SNP_INIT_EX structure + * + * @init_rmp: indicate that the RMP should be initialized. + * @list_paddr_en: indicate that list_paddr is valid + * @list_paddr: system physical address of range list + */ +struct sev_data_snp_init_ex { + u32 init_rmp:1; + u32 list_paddr_en:1; + u32 rsvd:30; + u32 rsvd1; + u64 list_paddr; + u8 rsvd2[48]; +} __packed; + +/** + * struct sev_data_range - RANGE structure + * + * @base: system physical address of first byte of range + * @page_count: number of 4KB pages in this range + */ +struct sev_data_range { + u64 base; + u32 page_count; + u32 rsvd; +} __packed; + +/** + * struct sev_data_range_list - RANGE_LIST structure + * + * @num_elements: number of elements in RANGE_ARRAY + * @ranges: array of num_elements of type RANGE + */ +struct sev_data_range_list { + u32 num_elements; + u32 rsvd; + struct sev_data_range ranges[]; +} __packed; + +/** + * struct sev_data_snp_shutdown_ex - SNP_SHUTDOWN_EX structure + * + * @length: len of the command buffer read by the PSP + * @iommu_snp_shutdown: Disable enforcement of SNP in the IOMMU + */ +struct sev_data_snp_shutdown_ex { + u32 length; + u32 iommu_snp_shutdown:1; + u32 rsvd1:31; +} __packed; + #ifdef CONFIG_CRYPTO_DEV_SP_PSP /** diff --git a/include/uapi/linux/psp-sev.h b/include/uapi/linux/psp-sev.h index 1c9da485318f..48e3ef91559c 100644 --- a/include/uapi/linux/psp-sev.h +++ b/include/uapi/linux/psp-sev.h @@ -68,6 +68,13 @@ typedef enum { SEV_RET_INVALID_PARAM, SEV_RET_RESOURCE_LIMIT, SEV_RET_SECURE_DATA_INVALID, + SEV_RET_INVALID_PAGE_SIZE, + SEV_RET_INVALID_PAGE_STATE, + SEV_RET_INVALID_MDATA_ENTRY, + SEV_RET_INVALID_PAGE_OWNER, + SEV_RET_INVALID_PAGE_AEAD_OFLOW, + SEV_RET_RMP_INIT_REQUIRED, + SEV_RET_MAX, } sev_ret_code; @@ -154,6 +161,52 @@ struct sev_user_data_get_id2 { __u32 length; /* In/Out */ } __packed; +/** + * struct sev_user_data_snp_status - SNP status + * + * @major: API major version + * @minor: API minor version + * @state: current platform state + * @is_rmp_initialized: whether RMP is initialized or not + * @build: firmware build id for the API version + * @mask_chip_id: whether chip id is present in attestation reports or not + * @mask_chip_key: whether attestation reports are signed or not + * @vlek_en: VLEK hashstick is loaded + * @guest_count: the number of guest currently managed by the firmware + * @current_tcb_version: current TCB version + * @reported_tcb_version: reported TCB version + */ +struct sev_user_data_snp_status { + __u8 api_major; /* Out */ + __u8 api_minor; /* Out */ + __u8 state; /* Out */ + __u8 is_rmp_initialized:1; /* Out */ + __u8 rsvd:7; + __u32 build_id; /* Out */ + __u32 mask_chip_id:1; /* Out */ + __u32 mask_chip_key:1; /* Out */ + __u32 vlek_en:1; /* Out */ + __u32 rsvd1:29; + __u32 guest_count; /* Out */ + __u64 current_tcb_version; /* Out */ + __u64 reported_tcb_version; /* Out */ +} __packed; + +/* + * struct sev_user_data_snp_config - system wide configuration value for SNP. + * + * @reported_tcb: The TCB version to report in the guest attestation report. + * @mask_chip_id: Indicates that the CHID_ID field in the attestation report + * will always be zero. + */ +struct sev_user_data_snp_config { + __u64 reported_tcb ; /* In */ + __u32 mask_chip_id:1; /* In */ + __u32 mask_chip_key:1; /* In */ + __u32 rsvd:30; /* In */ + __u8 rsvd1[52]; +} __packed; + /** * struct sev_issue_cmd - SEV ioctl parameters * From patchwork Mon Oct 16 13:27:43 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Roth X-Patchwork-Id: 13423265 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 16EF6CDB465 for ; Mon, 16 Oct 2023 13:31:47 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 90C0C8D0073; Mon, 16 Oct 2023 09:31:47 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 8943F8D0001; Mon, 16 Oct 2023 09:31:47 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 6C1548D0073; Mon, 16 Oct 2023 09:31:47 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0013.hostedemail.com [216.40.44.13]) by kanga.kvack.org (Postfix) with ESMTP id 54C578D0001 for ; Mon, 16 Oct 2023 09:31:47 -0400 (EDT) Received: from smtpin01.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay09.hostedemail.com (Postfix) with ESMTP id 3051380952 for ; Mon, 16 Oct 2023 13:31:47 +0000 (UTC) X-FDA: 81351412254.01.C8B27C3 Received: from NAM04-MW2-obe.outbound.protection.outlook.com (mail-mw2nam04on2083.outbound.protection.outlook.com [40.107.101.83]) by imf17.hostedemail.com (Postfix) with ESMTP id 052C240025 for ; Mon, 16 Oct 2023 13:31:43 +0000 (UTC) Authentication-Results: imf17.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b=zN62vXPs; spf=pass (imf17.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.101.83 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com; arc=pass ("microsoft.com:s=arcselector9901:i=1"); dmarc=pass (policy=quarantine) header.from=amd.com ARC-Seal: i=2; s=arc-20220608; d=hostedemail.com; t=1697463104; a=rsa-sha256; cv=pass; b=hHRZ61AnFg1OgIO4hOfu50T66rYUlDLtMcGjFczJTqcK47skhUkq7wowSqt0Hux6NRtaH4 t2cnnxIezJBM37jGxyYHMnVqlZKHbU7cdLyzKT3ZbVqrOPQc7p+CoCnjKOx7/4ta43P8NL V2MrA7W33qNXNcPc1UJXkirzekvbndU= ARC-Authentication-Results: i=2; imf17.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b=zN62vXPs; spf=pass (imf17.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.101.83 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com; arc=pass ("microsoft.com:s=arcselector9901:i=1"); dmarc=pass (policy=quarantine) header.from=amd.com ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1697463104; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=c0HLqEo8WqgfDKO9YsYruiIitgtkLVF63U1PvkAKfnU=; b=zKN4rs9hC/80VehjIxHw+oXOKH+LvgxUj/6xyw/+EflfPcXMH2cuujMH09d3J0RHRvYwtL 5aAyW9yQc+39oUrBo8p9uCy2z49s6ip8kvqX9MgXTRNX5SFQ6OOOpsSyR6hdwXPIpmER2X wSsp4lH9Lf3BL6t/yzaQjVoD6JrtZd8= ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=UgO9nBRJJFHhO9TAg40rBXiljAoZtciwMQfcNBNKpasldoo1gyWJj7ItmxbYJiM3GOIB/CYmI9ut4mMeu6bql+FUVsPKA+ttK6Gmwr8xrDPZMELryFWT/yW45L32QoiKZPBEt/S5iisrdEJFuUXD9YFrN9CUDyKW+ozUtcjHq+hUPq9zmF0h+f0T1yZpfG4pgITNbfUcdtEe3iyyZLZAjAbJSWsxV6pQOJJ9pCr8+kPkzDS1i42EN3uPWRX/nDO2md6gW+t7+UdpjsWrpMZYbR4kYja/S/W9uyC0/vb2Dlwk4fY7phRm4sHCWwTZVByhL1VNT5GnrTsRibIHVzyVww== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=c0HLqEo8WqgfDKO9YsYruiIitgtkLVF63U1PvkAKfnU=; b=c5W2VnBKPSs45irV/+5OoGJ8b0idSDJD8ZYtIkjdMMjlAEeJojbT5QJqlrEFUSgpjoKcXUkZFxk7H2jsXKuMuk+1eyOzwybaAqBf5kp1CiBwGrGDJw6ePJIFg66WOAWh8N1CTs7qsGqWdh4jT8EMMsQZ+d1GFdNcPZjfOwQUrk8+JhGvOIG5hcd5fXmVN9ILf8IFfitDpkUdiSNxYFiIPz1cE7RP+Gm3+jPrNnl5xexK+nPbHGie3hkKcsIYVXsTYM9OFEEnQOfqyOW+F2R/5dR9qBD8gshHJ/LdmMlkiVzVMuphYUcg4/cEZso5nCq/wGeW2tjwOCAu04iEBM8+pA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=c0HLqEo8WqgfDKO9YsYruiIitgtkLVF63U1PvkAKfnU=; b=zN62vXPs5ubQJZDgELRD0T4bHYe6NhC19BKxAyjv7A+GWyYosmpxFEJhu4CoRUD2rFjgQCV8rxw4YnXIgELoqFJ9tgMvhsFppHUL/ZoFF+u8gsfRkV/VVkV+vhNIiSPQR1e7YoT/4W38GvIrv/apf+KzeiQgkFm2I4L4/k4K2o0= Received: from MW2PR16CA0072.namprd16.prod.outlook.com (2603:10b6:907:1::49) by MN0PR12MB6368.namprd12.prod.outlook.com (2603:10b6:208:3d2::15) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6886.35; Mon, 16 Oct 2023 13:31:38 +0000 Received: from MWH0EPF000989EB.namprd02.prod.outlook.com (2603:10b6:907:1:cafe::d7) by MW2PR16CA0072.outlook.office365.com (2603:10b6:907:1::49) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6886.35 via Frontend Transport; Mon, 16 Oct 2023 13:31:37 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by MWH0EPF000989EB.mail.protection.outlook.com (10.167.241.138) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.6838.22 via Frontend Transport; Mon, 16 Oct 2023 13:31:37 +0000 Received: from localhost (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.27; Mon, 16 Oct 2023 08:31:33 -0500 From: Michael Roth To: CC: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , Brijesh Singh , Jarkko Sakkinen Subject: [PATCH v10 14/50] crypto: ccp: Add support to initialize the AMD-SP for SEV-SNP Date: Mon, 16 Oct 2023 08:27:43 -0500 Message-ID: <20231016132819.1002933-15-michael.roth@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20231016132819.1002933-1-michael.roth@amd.com> References: <20231016132819.1002933-1-michael.roth@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: MWH0EPF000989EB:EE_|MN0PR12MB6368:EE_ X-MS-Office365-Filtering-Correlation-Id: f5abca28-f05f-45fc-2385-08dbce4c396a X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: pNdIdV5NUnP5khNyHn/uztlzqsFhodf0PubCxPYeyL7r6f6DK5ckwzSMB5GfXGoJA/ApujUvawRxpAC3nZEIGRB5mstsD3oSQgv4cwMtBxyRBrtQ7XVUB7ZlNy9LX5n8oUTxpS44cFXNMMrle96Dg9h2VXvcDPNJlTMkBFohpbJrb9kTu2X+6MFk/sXEIAzgvSRTIIwEroNg0XCdtNp1XeNfhvG+k0BWUG1JRtYhFDZ4+WqOZaFO+kg5zncvI3CLnFW1enTjaG6SbPKhWCmVjGzuLWRw39GjfWE4lVjlTS9mTG3WORoR8NED5huAPsjvEYG38wtlNOPGteTRc1GP3/f2Kp5oPRBJEkxE7Brwtoc+jeaXX+3quPZMAUdZGCuESLQ1fAfA6dTfS/hyIxb7h3nn2JWV/OTWItvC/K3Ik4EcjZxOTccsyOb/X9ZqIPLW/H8md9LDgW4B+uVMU+S4W4lUb9//mvkTOoR5K1oBv1idXp10SwL44xdiLpJ7MJPvfp7Y3//49krCWmjZS29YurkqQyO3/1kpBMqnJLIZZoTxrezbBZYQDkywIREZD+gRDyFAH7SMs84x58LBQmWNh4QGDkRd5T9GG+KmJXzNkQKSYlhx4f8UP/6iyXhpVg47433e7W1F6lKubumoxsEMeWh5NvsQsJ1v1p4t6WMdosGBwDQ4Jq6iBSt9ZTR72e9B6csdb69MyvZu5WnSjc0t2AmpGU4/QyUHdrvsWxHhyoFdbRq7IFanj6k9PT38D1MaV1lDq6KSmBtdWflpMcj3Lw== X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230031)(4636009)(39860400002)(396003)(376002)(346002)(136003)(230922051799003)(186009)(1800799009)(82310400011)(64100799003)(451199024)(40470700004)(36840700001)(46966006)(40460700003)(336012)(426003)(16526019)(36860700001)(1076003)(2616005)(30864003)(7406005)(83380400001)(7416002)(47076005)(54906003)(70206006)(8676002)(4326008)(316002)(8936002)(70586007)(6916009)(6666004)(41300700001)(44832011)(81166007)(5660300002)(478600001)(2906002)(82740400003)(356005)(40480700001)(86362001)(36756003)(26005)(36900700001);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 16 Oct 2023 13:31:37.7588 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: f5abca28-f05f-45fc-2385-08dbce4c396a X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: MWH0EPF000989EB.namprd02.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: MN0PR12MB6368 X-Rspamd-Server: rspam08 X-Rspamd-Queue-Id: 052C240025 X-Stat-Signature: dhsrfdon9egmzb3wo16poyikrpwy58p4 X-Rspam-User: X-HE-Tag: 1697463103-958813 X-HE-Meta: U2FsdGVkX18qwS4P2iPJW+GlJVE9bYJl4odEWikvd6515kKWH187pqgHPT7Mgv94vqweIXVtEkXttyyT2Jmrq5y2RG/tIAihfbCCkJ/smGRhe+RY7yrercSg8UbzTEQYp8E3dELr7ZYZg0NgU9mIHVm0lQc9+9KioV4yD/AGd+o/KCieAnwEsNorCwMtFbqvsLSnGMVEOjp0JA6qPQVrzOvrLQX9po9HOOXay3errDfSvE00YrdnHNYi6KxJta+AK+QOzbHvWEVoofvzDiZFPQamZi0T0s47HeI2KaUBjBRul4zuRpz+FTfMJIY6H7OeWMuhzC1pvtcrqG19ycSyEY+9hbTMuSNyr3OymvmYuQsp1qIpbP1AdFcFezDPru4aLfV6AlfyEDPzpphv7SIHlBBFn8BW/OJ9u+PNdK6mbtLgUPHTc49xr9fOXeeq3PoqnutwlotRVJN7qTy59SRb/Gh8ajX+6cUVg+/iJObsoMXlGZ2xAVUNDjoCwjJz6iCfiu2ExnTKEn1UmzdKFDfmPP7KQmrlhcdhLw/ECCNP3jACoaTIOhHbb4l5R1WeJ+vOsGtsyy/XH6ibnF/3nzGqMi7oKQ8bUZoOEQB2FTy+HIGsAboqygnfZQouYLU9pnYrtW+5VswoJ5teNq+8qnSWkzO1RVg2NUr15XOVJXCnG7Upfyel8bRYhZXK4tm2/mRHzWFMdIf+61oCw+85Xg+PzJ85FtnwLaH5PD24Yiif+A/+WRC2UdnYaivfZgaeqsZhI6YOrMH5GP9nIfV3MbY29TLcqrTpCZoaGU3rRxshA2usII7bgd37IwqH4cZYG9w3ZLgY7fo7iwlgAK+dbNWGh+HzFLaIEcnD/cqSu/w/4Km4Y7z90Yt+ew1aS+dQ46vxx6935Yn/ow+NwJfCb7CE5GnVHLTzU+aO0CIlXd4HFTomapfC62zTCMYO0ux1ezcfnYiBmWLi4QwrTF5H0Ec p1gcpGSM kDXo71F1bMhOPaNDAHZZNdKG27YY3RjyM89dRQlUPGDnA77EpjQtRMsj3QcXnUrsNbWml4CGnaVLa/osqKF9q33XJkNGm4ucTIj1C2uLYARe21qUXIZFLtbvKu5P4Fqq9To1UzQNr6gUsY+qdx7eM3jJJBony3k5y+SkWLu97b7FQvHYf+Di8mrBeuBNMWIofiEHOB6pbskOWdnzrdrS28yHlpwluL4q9wUH0P+nUy4g39KZ7kt44jA4To5ZgbWP9bfoQVZKMW0C1WQrfm7qCVMgvHnXkdR5fx3yftUS7KKSOOnibrNAVv9TYIlXIed1OooFRYJQImv7heoiMSmWDpxvY9osMYaC2LX5dvvFAgzG1CTUZijS2MIlzzoi4NMu6RJ7ZJjAS4EKe4G8= X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: From: Brijesh Singh Before SNP VMs can be launched, the platform must be appropriately configured and initialized. Platform initialization is accomplished via the SNP_INIT command. Make sure to do a WBINVD and issue DF_FLUSH command to prepare for the first SNP guest launch after INIT. During the execution of SNP_INIT command, the firmware configures and enables SNP security policy enforcement in many system components. Some system components write to regions of memory reserved by early x86 firmware (e.g. UEFI). Other system components write to regions provided by the operation system, hypervisor, or x86 firmware. Such system components can only write to HV-fixed pages or Default pages. They will error when attempting to write to other page states after SNP_INIT enables their SNP enforcement. Starting in SNP firmware v1.52, the SNP_INIT_EX command takes a list of system physical address ranges to convert into the HV-fixed page states during the RMP initialization. If INIT_RMP is 1, hypervisors should provide all system physical address ranges that the hypervisor will never assign to a guest until the next RMP re-initialization. For instance, the memory that UEFI reserves should be included in the range list. This allows system components that occasionally write to memory (e.g. logging to UEFI reserved regions) to not fail due to RMP initialization and SNP enablement. Note that SNP_INIT(_EX) must not be executed while non-SEV guests are executing, otherwise it is possible that the system could reset or hang. The psp_init_on_probe module parameter was added for SEV/SEV-ES support and the init_ex_path module parameter to allow for time for the necessary file system to be mounted/available. SNP_INIT(_EX) does not use the file associated with init_ex_path. So, to avoid running into issues where SNP_INIT(_EX) is called while there are other running guests, issue it during module probe regardless of the psp_init_on_probe setting, but maintain the previous deferrable handling for SEV/SEV-ES initialization. Co-developed-by: Ashish Kalra Signed-off-by: Ashish Kalra Co-developed-by: Jarkko Sakkinen Signed-off-by: Jarkko Sakkinen Signed-off-by: Brijesh Singh Signed-off-by: Tom Lendacky [mdr: squash in psp_init_on_probe changes from Tom] Signed-off-by: Michael Roth --- drivers/crypto/ccp/sev-dev.c | 272 +++++++++++++++++++++++++++++++++-- drivers/crypto/ccp/sev-dev.h | 2 + 2 files changed, 259 insertions(+), 15 deletions(-) diff --git a/drivers/crypto/ccp/sev-dev.c b/drivers/crypto/ccp/sev-dev.c index c2da92f19ccd..fae1fd45eccd 100644 --- a/drivers/crypto/ccp/sev-dev.c +++ b/drivers/crypto/ccp/sev-dev.c @@ -29,6 +29,7 @@ #include #include +#include #include "psp-dev.h" #include "sev-dev.h" @@ -37,6 +38,10 @@ #define SEV_FW_FILE "amd/sev.fw" #define SEV_FW_NAME_SIZE 64 +/* Minimum firmware version required for the SEV-SNP support */ +#define SNP_MIN_API_MAJOR 1 +#define SNP_MIN_API_MINOR 51 + static DEFINE_MUTEX(sev_cmd_mutex); static struct sev_misc_dev *misc_dev; @@ -80,6 +85,14 @@ static void *sev_es_tmr; #define NV_LENGTH (32 * 1024) static void *sev_init_ex_buffer; +/* + * SEV_DATA_RANGE_LIST: + * Array containing range of pages that firmware transitions to HV-fixed + * page state. + */ +struct sev_data_range_list *snp_range_list; +static int __sev_snp_init_locked(int *error); + static inline bool sev_version_greater_or_equal(u8 maj, u8 min) { struct sev_device *sev = psp_master->sev_data; @@ -466,9 +479,9 @@ static inline int __sev_do_init_locked(int *psp_ret) return __sev_init_locked(psp_ret); } -static int __sev_platform_init_locked(int *error) +static int ___sev_platform_init_locked(int *error, bool probe) { - int rc = 0, psp_ret = SEV_RET_NO_FW_CALL; + int rc, psp_ret = SEV_RET_NO_FW_CALL; struct psp_device *psp = psp_master; struct sev_device *sev; @@ -480,6 +493,34 @@ static int __sev_platform_init_locked(int *error) if (sev->state == SEV_STATE_INIT) return 0; + /* + * Legacy guests cannot be running while SNP_INIT(_EX) is executing, + * so perform SEV-SNP initialization at probe time. + */ + rc = __sev_snp_init_locked(error); + if (rc && rc != -ENODEV) { + /* + * Don't abort the probe if SNP INIT failed, + * continue to initialize the legacy SEV firmware. + */ + dev_err(sev->dev, "SEV-SNP: failed to INIT rc %d, error %#x\n", rc, *error); + } + + /* Delay SEV/SEV-ES support initialization */ + if (probe && !psp_init_on_probe) + return 0; + + if (!sev_es_tmr) { + /* Obtain the TMR memory area for SEV-ES use */ + sev_es_tmr = sev_fw_alloc(SEV_ES_TMR_SIZE); + if (sev_es_tmr) + /* Must flush the cache before giving it to the firmware */ + clflush_cache_range(sev_es_tmr, SEV_ES_TMR_SIZE); + else + dev_warn(sev->dev, + "SEV: TMR allocation failed, SEV-ES support unavailable\n"); + } + if (sev_init_ex_buffer) { rc = sev_read_init_ex_file(); if (rc) @@ -522,6 +563,11 @@ static int __sev_platform_init_locked(int *error) return 0; } +static int __sev_platform_init_locked(int *error) +{ + return ___sev_platform_init_locked(error, false); +} + int sev_platform_init(int *error) { int rc; @@ -534,6 +580,17 @@ int sev_platform_init(int *error) } EXPORT_SYMBOL_GPL(sev_platform_init); +static int sev_platform_init_on_probe(int *error) +{ + int rc; + + mutex_lock(&sev_cmd_mutex); + rc = ___sev_platform_init_locked(error, true); + mutex_unlock(&sev_cmd_mutex); + + return rc; +} + static int __sev_platform_shutdown_locked(int *error) { struct sev_device *sev = psp_master->sev_data; @@ -838,6 +895,191 @@ static int sev_update_firmware(struct device *dev) return ret; } +static void snp_set_hsave_pa(void *arg) +{ + wrmsrl(MSR_VM_HSAVE_PA, 0); +} + +static int snp_filter_reserved_mem_regions(struct resource *rs, void *arg) +{ + struct sev_data_range_list *range_list = arg; + struct sev_data_range *range = &range_list->ranges[range_list->num_elements]; + size_t size; + + if ((range_list->num_elements * sizeof(struct sev_data_range) + + sizeof(struct sev_data_range_list)) > PAGE_SIZE) + return -E2BIG; + + switch (rs->desc) { + case E820_TYPE_RESERVED: + case E820_TYPE_PMEM: + case E820_TYPE_ACPI: + range->base = rs->start & PAGE_MASK; + size = (rs->end + 1) - rs->start; + range->page_count = size >> PAGE_SHIFT; + range_list->num_elements++; + break; + default: + break; + } + + return 0; +} + +static int __sev_snp_init_locked(int *error) +{ + struct psp_device *psp = psp_master; + struct sev_data_snp_init_ex data; + struct sev_device *sev; + int rc = 0; + + if (!cpu_feature_enabled(X86_FEATURE_SEV_SNP)) + return -ENODEV; + + if (!psp || !psp->sev_data) + return -ENODEV; + + sev = psp->sev_data; + + if (sev->snp_initialized) + return 0; + + if (!sev_version_greater_or_equal(SNP_MIN_API_MAJOR, SNP_MIN_API_MINOR)) { + dev_dbg(sev->dev, "SEV-SNP support requires firmware version >= %d:%d\n", + SNP_MIN_API_MAJOR, SNP_MIN_API_MINOR); + return 0; + } + + /* + * The SNP_INIT requires the MSR_VM_HSAVE_PA must be set to 0h + * across all cores. + */ + on_each_cpu(snp_set_hsave_pa, NULL, 1); + + /* + * Starting in SNP firmware v1.52, the SNP_INIT_EX command takes a list of + * system physical address ranges to convert into the HV-fixed page states + * during the RMP initialization. For instance, the memory that UEFI + * reserves should be included in the range list. This allows system + * components that occasionally write to memory (e.g. logging to UEFI + * reserved regions) to not fail due to RMP initialization and SNP enablement. + */ + if (sev_version_greater_or_equal(SNP_MIN_API_MAJOR, 52)) { + /* + * Firmware checks that the pages containing the ranges enumerated + * in the RANGES structure are either in the Default page state or in the + * firmware page state. + */ + snp_range_list = kzalloc(PAGE_SIZE, GFP_KERNEL); + if (!snp_range_list) { + dev_err(sev->dev, + "SEV: SNP_INIT_EX range list memory allocation failed\n"); + return -ENOMEM; + } + + /* + * Retrieve all reserved memory regions setup by UEFI from the e820 memory map + * to be setup as HV-fixed pages. + */ + + rc = walk_iomem_res_desc(IORES_DESC_NONE, IORESOURCE_MEM, 0, ~0, + snp_range_list, snp_filter_reserved_mem_regions); + if (rc) { + dev_err(sev->dev, + "SEV: SNP_INIT_EX walk_iomem_res_desc failed rc = %d\n", rc); + return rc; + } + + memset(&data, 0, sizeof(data)); + data.init_rmp = 1; + data.list_paddr_en = 1; + data.list_paddr = __psp_pa(snp_range_list); + + /* + * Before invoking SNP_INIT_EX with INIT_RMP=1, make sure that + * all dirty cache lines containing the RMP are flushed. + * + * NOTE: that includes writes via RMPUPDATE instructions, which + * are also cacheable writes. + */ + wbinvd_on_all_cpus(); + + rc = __sev_do_cmd_locked(SEV_CMD_SNP_INIT_EX, &data, error); + if (rc) + return rc; + } else { + /* + * SNP_INIT is equivalent to SNP_INIT_EX with INIT_RMP=1, so + * just as with that case, make sure all dirty cache lines + * containing the RMP are flushed. + */ + wbinvd_on_all_cpus(); + + rc = __sev_do_cmd_locked(SEV_CMD_SNP_INIT, NULL, error); + if (rc) + return rc; + } + + /* Prepare for first SNP guest launch after INIT */ + wbinvd_on_all_cpus(); + rc = __sev_do_cmd_locked(SEV_CMD_SNP_DF_FLUSH, NULL, error); + if (rc) + return rc; + + sev->snp_initialized = true; + dev_dbg(sev->dev, "SEV-SNP firmware initialized\n"); + + return rc; +} + +static int __sev_snp_shutdown_locked(int *error) +{ + struct sev_device *sev = psp_master->sev_data; + struct sev_data_snp_shutdown_ex data; + int ret; + + if (!sev->snp_initialized) + return 0; + + memset(&data, 0, sizeof(data)); + data.length = sizeof(data); + data.iommu_snp_shutdown = 1; + + wbinvd_on_all_cpus(); + +retry: + ret = __sev_do_cmd_locked(SEV_CMD_SNP_SHUTDOWN_EX, &data, error); + /* SHUTDOWN may require DF_FLUSH */ + if (*error == SEV_RET_DFFLUSH_REQUIRED) { + ret = __sev_do_cmd_locked(SEV_CMD_SNP_DF_FLUSH, NULL, NULL); + if (ret) { + dev_err(sev->dev, "SEV-SNP DF_FLUSH failed\n"); + return ret; + } + goto retry; + } + if (ret) { + dev_err(sev->dev, "SEV-SNP firmware shutdown failed\n"); + return ret; + } + + sev->snp_initialized = false; + dev_dbg(sev->dev, "SEV-SNP firmware shutdown\n"); + + return ret; +} + +static int sev_snp_shutdown(int *error) +{ + int rc; + + mutex_lock(&sev_cmd_mutex); + rc = __sev_snp_shutdown_locked(error); + mutex_unlock(&sev_cmd_mutex); + + return rc; +} + static int sev_ioctl_do_pek_import(struct sev_issue_cmd *argp, bool writable) { struct sev_device *sev = psp_master->sev_data; @@ -1285,6 +1527,8 @@ int sev_dev_init(struct psp_device *psp) static void sev_firmware_shutdown(struct sev_device *sev) { + int error; + sev_platform_shutdown(NULL); if (sev_es_tmr) { @@ -1301,6 +1545,13 @@ static void sev_firmware_shutdown(struct sev_device *sev) get_order(NV_LENGTH)); sev_init_ex_buffer = NULL; } + + if (snp_range_list) { + kfree(snp_range_list); + snp_range_list = NULL; + } + + sev_snp_shutdown(&error); } void sev_dev_destroy(struct psp_device *psp) @@ -1356,24 +1607,15 @@ void sev_pci_init(void) } } - /* Obtain the TMR memory area for SEV-ES use */ - sev_es_tmr = sev_fw_alloc(SEV_ES_TMR_SIZE); - if (sev_es_tmr) - /* Must flush the cache before giving it to the firmware */ - clflush_cache_range(sev_es_tmr, SEV_ES_TMR_SIZE); - else - dev_warn(sev->dev, - "SEV: TMR allocation failed, SEV-ES support unavailable\n"); - - if (!psp_init_on_probe) - return; - /* Initialize the platform */ - rc = sev_platform_init(&error); + rc = sev_platform_init_on_probe(&error); if (rc) dev_err(sev->dev, "SEV: failed to INIT error %#x, rc %d\n", error, rc); + dev_info(sev->dev, "SEV%s API:%d.%d build:%d\n", sev->snp_initialized ? + "-SNP" : "", sev->api_major, sev->api_minor, sev->build); + return; err: diff --git a/drivers/crypto/ccp/sev-dev.h b/drivers/crypto/ccp/sev-dev.h index 778c95155e74..85506325051a 100644 --- a/drivers/crypto/ccp/sev-dev.h +++ b/drivers/crypto/ccp/sev-dev.h @@ -52,6 +52,8 @@ struct sev_device { u8 build; void *cmd_buf; + + bool snp_initialized; }; int sev_dev_init(struct psp_device *psp); From patchwork Mon Oct 16 13:27:44 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Roth X-Patchwork-Id: 13423266 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id B92DECDB474 for ; Mon, 16 Oct 2023 13:32:02 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 4EF448D0074; Mon, 16 Oct 2023 09:32:02 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 477C98D0001; Mon, 16 Oct 2023 09:32:02 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 2D4198D0074; Mon, 16 Oct 2023 09:32:02 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0017.hostedemail.com [216.40.44.17]) by kanga.kvack.org (Postfix) with ESMTP id 132BD8D0001 for ; Mon, 16 Oct 2023 09:32:02 -0400 (EDT) Received: from smtpin06.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay09.hostedemail.com (Postfix) with ESMTP id D943680900 for ; Mon, 16 Oct 2023 13:32:01 +0000 (UTC) X-FDA: 81351412842.06.C046165 Received: from NAM12-MW2-obe.outbound.protection.outlook.com (mail-mw2nam12on2066.outbound.protection.outlook.com [40.107.244.66]) by imf11.hostedemail.com (Postfix) with ESMTP id A16B940012 for ; Mon, 16 Oct 2023 13:31:58 +0000 (UTC) Authentication-Results: imf11.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b=D4LypZbw; dmarc=pass (policy=quarantine) header.from=amd.com; arc=pass ("microsoft.com:s=arcselector9901:i=1"); spf=pass (imf11.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.244.66 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1697463118; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=JMVnZdaIedORILVsVs2LBp9XD6mE89r1G8/d8uG0pK0=; b=YJwUF4VkiZ0DXpmhw0p7YFztvJtlBzuXPYi8taEQkijr4cSIRpXfE9qusUZGS+b6UsBota S8AXruDa9/5fCAr+IMwxQgx3+I8Ee6Pb1VND28GNu9MiW8Zv0bCJm8JQOQctg5sLhWsyIc aDNY+OJZ9UvlOI0ReTYFEtl3deYbKwM= ARC-Authentication-Results: i=2; imf11.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b=D4LypZbw; dmarc=pass (policy=quarantine) header.from=amd.com; arc=pass ("microsoft.com:s=arcselector9901:i=1"); spf=pass (imf11.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.244.66 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com ARC-Seal: i=2; s=arc-20220608; d=hostedemail.com; t=1697463118; a=rsa-sha256; cv=pass; b=LC03TmGuDAs1Vbw6R+P8gd8s5cBz+d0cf9ZAxzGIa+oA161PCQH1Gcxl9AKtvWex1d5XU/ uO+T0Ctpe+nr5M8B2kxJnxfpRyyaLRVOBhwlABslS8YjWJpmMJ4+v8Brpn+4y8jX0pkPwh ZYEQ6iQEtT6tnXT1cS1SF4WAqOHh8tQ= ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=Fuzp+IXwgjlj3Edgkly7UVmdc42Nfj505mpiPaESNNYNY5qrbTIbeegN2vya+RHu6Uh0A55JFTgjaWWZ/p69/Ws3wBVfjOAqaGDX4Hl7T7rWUBGoGog5647qFiT+JplUHCwCm6FVV8a4WtUJIx+sD1Q02dnGTmCIlG3ufvASZ14T+MfXN0vgY/psIRXVlq60LPcF5GR7gagxn3rOZBBhVgb1Ic0Y/oC68NwdaPI6yWNFPulRezMt7gMVPglKzeFlLK7JKVGRUFWh0lgdlUc4JidY+FoBQmk2RgHuV7+/rGOPo0F6pjFNCDwBh0zME1pfuIxoexVycGkrjF3hFBoYow== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=JMVnZdaIedORILVsVs2LBp9XD6mE89r1G8/d8uG0pK0=; b=UhCvJbJPo3yhjkcLBqoPg+QGdut7J6FJWhtOeBEfWgpIqqR857qo6XyCkbH0Wf17Ys5j103MhlA5BH3ZTwECzchY+9+d+hGnNfeeUUbHZyH4WsKqfKiB+8h6+pjuOEB8UMPtVZ5dWpI+UxCCkMT2CuSwUzLsgkt1fKDo6aRuIcdSdWd3hGZKT30xnwNbdIy3lu9hmG2tveK1/FjjFhxN9vJCUUWNNinwYpU/yf7K4RuZazre7OzHIGuNTl349xJiFdecXrZEwk4qkn46pLMXA/9CnW/Cn+IoyAMZPA5opY/53uzvTlZBgHYPybRnA9nW3iInvW+gPv1SDPTGh3X7KA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=JMVnZdaIedORILVsVs2LBp9XD6mE89r1G8/d8uG0pK0=; b=D4LypZbwtyjnujiAKST5xnD+8tCROT0eI540JUIRnbDvlsKNZEWAatzkUe/N/yxw8EtFyf+1vnSEOhiwmFkuIn8fi7It/0hFkpLvDDAO4i7AnLuhsWmbF/Bg940tazsk17fQxOwcO36kxRugynFwwotxJAn6VRSxUne3xAq57wk= Received: from MW4PR03CA0291.namprd03.prod.outlook.com (2603:10b6:303:b5::26) by PH7PR12MB7870.namprd12.prod.outlook.com (2603:10b6:510:27b::10) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6886.36; Mon, 16 Oct 2023 13:31:56 +0000 Received: from MWH0EPF000989EA.namprd02.prod.outlook.com (2603:10b6:303:b5:cafe::f5) by MW4PR03CA0291.outlook.office365.com (2603:10b6:303:b5::26) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6886.35 via Frontend Transport; Mon, 16 Oct 2023 13:31:55 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by MWH0EPF000989EA.mail.protection.outlook.com (10.167.241.137) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.6838.22 via Frontend Transport; Mon, 16 Oct 2023 13:31:55 +0000 Received: from localhost (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.27; Mon, 16 Oct 2023 08:31:54 -0500 From: Michael Roth To: CC: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , Brijesh Singh Subject: [PATCH v10 15/50] crypto: ccp: Provide API to issue SEV and SNP commands Date: Mon, 16 Oct 2023 08:27:44 -0500 Message-ID: <20231016132819.1002933-16-michael.roth@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20231016132819.1002933-1-michael.roth@amd.com> References: <20231016132819.1002933-1-michael.roth@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: MWH0EPF000989EA:EE_|PH7PR12MB7870:EE_ X-MS-Office365-Filtering-Correlation-Id: b0701ea1-c92c-4e7f-e5e8-08dbce4c43db X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: 1QAkLh19SkfcyEIiUIBAdWjGPTI6CMFDrzy7VJrS5+eG7rJVsIPsN2tziCi+uzcttl0a6zyAZ+jH/BBtG2ySCvSfGEyPBmAY6Zenf+RsBZQoPt0vZOZMzpPf5qTKXMgTepEmmAsBeLyBHgC4fMoA14HyAz+bBVWYZd/PDyPEWvmjEUWPr0Vv4yykyFQlImofKXKXFiF6Egq+mdnli6v6LYqliBNbICI1l3qpMN82kHoIJqKHImeKmC+gaR+So7EAZYh33rO6UTYudSWVs6xvX1FZ5VYwlvqCT7WeTWQLZvVRK+P5AXvLK505erlHL7hJCmsL2Z5Hv3XlEDJjVkRqa2Q98fZh8aHOQWRjNuCMpsJzVQEsNdDtI4ll6uPU971ASEOSzPGNrhZdXKNFgkJqfTENOqMlqTXL9ZGcWdZ0jxNqLqziJXTsEvb0SQUXHpLfsJNC+FcMACOnaAmZPoo/AaIhtcYyC52p8eFz5K2rsStuj5xinlCNOQHT/92LkkeqiY3qszu7owZ1V/5thxlIiQVacfkBTlZ7Dzj6gos23Kml14IVjfwEQX+X3hO2QGGEv97iJQeywLHB3DLJFw/AI3mGLxEp+PXTtEraWtuYxfLxaeYEvovgCjXz2u6RsSXey2t9e73d+VMcbuiuemenqcFeFGon7m+d2xM9/XsL6yrz7RBwRvZrviEVLzyHsDjIrgckfhDKzf/7PiF6nJZk8r1M0QMFJa6whEXLnNFWVIuc7CAsTkhnkrcy5xdb28Qqu+6b4Sk3YC1ZjC6rlzwPFhYu/cNNuOm0Pv1QKVwdLNY= X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230031)(4636009)(136003)(396003)(376002)(346002)(39860400002)(230922051799003)(1800799009)(82310400011)(186009)(64100799003)(451199024)(40470700004)(46966006)(36840700001)(54906003)(70206006)(70586007)(478600001)(316002)(6916009)(336012)(426003)(1076003)(2616005)(16526019)(26005)(5660300002)(8676002)(8936002)(4326008)(6666004)(7406005)(7416002)(44832011)(2906002)(41300700001)(86362001)(81166007)(356005)(36756003)(82740400003)(36860700001)(47076005)(83380400001)(40460700003)(40480700001)(36900700001)(134885004);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 16 Oct 2023 13:31:55.2971 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: b0701ea1-c92c-4e7f-e5e8-08dbce4c43db X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: MWH0EPF000989EA.namprd02.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: PH7PR12MB7870 X-Rspamd-Queue-Id: A16B940012 X-Rspam-User: X-Rspamd-Server: rspam05 X-Stat-Signature: iwt7r8ojmboo569q1sdckg76akg9amt8 X-HE-Tag: 1697463118-871121 X-HE-Meta: U2FsdGVkX191xkKiR5Mo3ZH+V+IoGQjQFXk2Pz8O1TWo2Dr2B+NLbyy6I4ZXqqc4xFLUvsMyCqzwg4r/9sRh8qc19lBBAOd3ZIHtq2oSUAVKso2PlEzf2+DUwd2ByRjwf21IJscROU+aLIHC3pLGOHrCc4CHRCz2f0s/eD/QKnlul7TL+JnpjeAfn/RdUhyeq5yc9horBW6BzYLRbEASBw9XGCUGTWlrBIhy9rULhLy/etIamSVlLOppttnmKroibz101DMHyTEjtNr4Q1+qWR9uGSQxLGcmV9Uu4UCKQivyqEFfULVGWPQZvXYNPLDdNAJR5g6vS85kPeRd7cnIiNoTm0iBG4w2he8brm2iXFTcSqB2ndVI93wcMfZD9HghV5NL/yMlDVv8bU73cN24suibcEaPYcUK4QWaevtqB2AwVfO66yAJPYyfdZ/IfUEBg5/aaZ4AAM1Vmkfq+Zt26RKAVkTnmnIXTZYin9Tq8LEtY7ZzOHHdNiVr+ygvaxE/csSiTHXFrC1bqpd0Emf/zCRiFgQ6G3idSFCfW5MHlHMW7NsY937LlCI/7vzo5OUBHBX0Aeh9EBAC149au2831x3Z5YGjl3HfYMcGjMA9aTp9e/CiEQW5Q4SDyxEGgFvGuH/x7LPuTGj3XIGDKggW1fMJfv4MhENWECO2w8RN+QgYv5eNOqFjjzfGiIyN7NYA9bunWw6hrNYGHt2SVBAt15BbKSjVVvOQwUFujifvtofi0rYAlF1cAWp+ZRauAe6Kj+FwHKW0U6xzU/SOHudzCSoM0yIrGzAt2HyUXdVEstZlaSxwIoJA4GijBkzKD6ewYEfOQUxieDBxvAj3uRdkikIpXvFrXxQ8/bYOanSkAHwq04lhYkW8+lRf3uNW/ycDNmPC84FSINXMsaTuXz/L2kPpaj3SW6UtnNBb6Y8/Xwo4XZAf7sQLJHetBXQAjQmLAg0D65E/nNPbva/Jwzw gWTVs98S mN1E5B/cqAECk7GJgZ92u/4aJYnBS29GUoyBea0s8xzPsq6RvCJmP36AQ1+Br2uHOF/yje5Rvp9KZ/aXj+Q9yQEfrDszAxqVL356wVcrUV3nwKjAcStMLbdjsHhXVPs4AYT6xZZunu23adkwNj84dSQyKA0d66mw6pp+en4EiSpPYm5ws6/2QuPpW90Zw8ztQmGQ/B2vcvDCSv6+7nUvFrw9h9Ak35/Q71qMyfDenCl7DQe6KJ17/aEa1uoRs4f0eTyonEaJUSoLzr3UDNt6RNWvUB1nNvWs28vVzYfO5t8EXzmdgWSIASGNemfVknBidyN2GcvC1ydNNX4Q= X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: From: Brijesh Singh Make sev_do_cmd() a generic API interface for the hypervisor to issue commands to manage an SEV and SNP guest. The commands for SEV and SNP are defined in the SEV and SEV-SNP firmware specifications. Signed-off-by: Brijesh Singh Signed-off-by: Ashish Kalra --- drivers/crypto/ccp/sev-dev.c | 3 ++- include/linux/psp-sev.h | 17 +++++++++++++++++ 2 files changed, 19 insertions(+), 1 deletion(-) diff --git a/drivers/crypto/ccp/sev-dev.c b/drivers/crypto/ccp/sev-dev.c index fae1fd45eccd..613b25f81498 100644 --- a/drivers/crypto/ccp/sev-dev.c +++ b/drivers/crypto/ccp/sev-dev.c @@ -418,7 +418,7 @@ static int __sev_do_cmd_locked(int cmd, void *data, int *psp_ret) return ret; } -static int sev_do_cmd(int cmd, void *data, int *psp_ret) +int sev_do_cmd(int cmd, void *data, int *psp_ret) { int rc; @@ -428,6 +428,7 @@ static int sev_do_cmd(int cmd, void *data, int *psp_ret) return rc; } +EXPORT_SYMBOL_GPL(sev_do_cmd); static int __sev_init_locked(int *error) { diff --git a/include/linux/psp-sev.h b/include/linux/psp-sev.h index a7f92e74564d..61bb5849ebf2 100644 --- a/include/linux/psp-sev.h +++ b/include/linux/psp-sev.h @@ -883,6 +883,20 @@ int sev_guest_df_flush(int *error); */ int sev_guest_decommission(struct sev_data_decommission *data, int *error); +/** + * sev_do_cmd - perform SEV command + * + * @error: SEV command return code + * + * Returns: + * 0 if the SEV successfully processed the command + * -%ENODEV if the SEV device is not available + * -%ENOTSUPP if the SEV does not support SEV + * -%ETIMEDOUT if the SEV command timed out + * -%EIO if the SEV returned a non-zero return code + */ +int sev_do_cmd(int cmd, void *data, int *psp_ret); + void *psp_copy_user_blob(u64 uaddr, u32 len); #else /* !CONFIG_CRYPTO_DEV_SP_PSP */ @@ -898,6 +912,9 @@ sev_guest_deactivate(struct sev_data_deactivate *data, int *error) { return -ENO static inline int sev_guest_decommission(struct sev_data_decommission *data, int *error) { return -ENODEV; } +static inline int +sev_do_cmd(int cmd, void *data, int *psp_ret) { return -ENODEV; } + static inline int sev_guest_activate(struct sev_data_activate *data, int *error) { return -ENODEV; } From patchwork Mon Oct 16 13:27:45 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Roth X-Patchwork-Id: 13423267 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id BE828CDB465 for ; Mon, 16 Oct 2023 13:32:25 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 5DA568D0075; Mon, 16 Oct 2023 09:32:25 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 587678D0001; Mon, 16 Oct 2023 09:32:25 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 401528D0075; Mon, 16 Oct 2023 09:32:25 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0013.hostedemail.com [216.40.44.13]) by kanga.kvack.org (Postfix) with ESMTP id 2AD6A8D0001 for ; Mon, 16 Oct 2023 09:32:25 -0400 (EDT) Received: from smtpin10.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay06.hostedemail.com (Postfix) with ESMTP id E7012B5AD7 for ; Mon, 16 Oct 2023 13:32:24 +0000 (UTC) X-FDA: 81351413808.10.39D8FB4 Received: from NAM10-DM6-obe.outbound.protection.outlook.com (mail-dm6nam10on2065.outbound.protection.outlook.com [40.107.93.65]) by imf07.hostedemail.com (Postfix) with ESMTP id CD0E740012 for ; Mon, 16 Oct 2023 13:32:21 +0000 (UTC) Authentication-Results: imf07.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b=l0QBYrYd; dmarc=pass (policy=quarantine) header.from=amd.com; arc=pass ("microsoft.com:s=arcselector9901:i=1"); spf=pass (imf07.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.93.65 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1697463141; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=fSDz8HX83fzrJWcQ6dpqgPzz9CCVnpNKgbpzcgQZtjY=; b=ifHCmSXzUY6+tF/ngRqjPuVLzkA+Rr0Bvy+OFpgUaAM+mkhG15SeLmZ3fCGGfUL+4Revev TOl/lIydTydFkkhIzpl+QUsY/B8+LlCj12dw4gLlJNStgNBS6sXLVacYzWnSLK4QpGxjS2 UHJ2lCK0N9e5eaHO9wihCFpvcrH/7yI= ARC-Authentication-Results: i=2; imf07.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b=l0QBYrYd; dmarc=pass (policy=quarantine) header.from=amd.com; arc=pass ("microsoft.com:s=arcselector9901:i=1"); spf=pass (imf07.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.93.65 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com ARC-Seal: i=2; s=arc-20220608; d=hostedemail.com; t=1697463141; a=rsa-sha256; cv=pass; b=jI+Qm+8qQDmIJV+mWc9uheBVDOntFTPx0budpgeVPmFM4c6523Votph0wy5P1KlWuUkcHD uSL71R6Yo+7UU3/866nNn0H7pWM005QQT2g7DpuuHBfPUiUAAf/MOc1k1Hpw95l2UTwSoo vEnuB0m2IQdlEjj5TFmGQORCHZ9W/QE= ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=d6l/2zHK4BwlLFLbgiwlR0FazVsnumqmgG2Fln8fp/fvVFAnDWtBoe1Z3WBYf3yhBQ81xwI5BlTviQZc/HnHURUOBNn7sQdmnlF/OCI+iCQXLEfxbWibg26gUtVwqUpUseH8oIH94oPV9k9MFDa1gJMIqa9xEZQM8WL3aKbjGibzfzgnO2VM4W1o7PwVFuqMBoTLbu+LZliFghhPSq0ZztWvZxmkwzWSgU+sfKUVqjzYQB53DBIAsCGvK9xy/NBWE+JMamgFHR2YOPCulDICyR5O4ndVIN4SkKmKCTTJChvvSA6V1F+d+K9Rid9zm0ENXZhBfEXq4PTaPWe5980wzw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=fSDz8HX83fzrJWcQ6dpqgPzz9CCVnpNKgbpzcgQZtjY=; b=Pusi5vCkpCqnIIO8UH41mMy2cF+tSs4v8dfKQXFh3MLm6wRIDI4fRkCseYlThtx835vy8tU0WjDea3mti/yvSHcWKYbh9qxkQv+8OYGZWOVdRGyA8nBE5KfzeRTW/ZobvmN2eQ2ASSCxRVXzi5oOReyGNKMqvtGgtKxS35nZm6jlC53+Hy4xFphlcj0+IHIGoRDL4pP6vzjd4i0zCGzMEr4HoXFEm8HBVRjaSUg5tfahr2WL/RSK4mYrDiy+Q3fyIFC014cw8rVcPcE3fPFx6W9CIxi2IzmxEvH5unbXXOsTz9z46YXaHKMsr0z0MSw8+7porOZUWJvS0h8oQsLB8A== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=fSDz8HX83fzrJWcQ6dpqgPzz9CCVnpNKgbpzcgQZtjY=; b=l0QBYrYdaXfYiBTwhDO3O3k+o0dPgdSH1fPKt+clsOgsVcxLsm09bAry2SZe5Lg7L7pPQqECR/HnhFeBN97VO62v62qpo3neqlvN6d3xJrL6KHf85S3ZUEqBp5QizPDXcAInYUYzOICcD9p6rlJSyALmccu6e/5SD7VA1wa48BM= Received: from MW2PR16CA0021.namprd16.prod.outlook.com (2603:10b6:907::34) by DM6PR12MB5007.namprd12.prod.outlook.com (2603:10b6:5:20d::18) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6886.34; Mon, 16 Oct 2023 13:32:17 +0000 Received: from MWH0EPF000989E9.namprd02.prod.outlook.com (2603:10b6:907:0:cafe::b) by MW2PR16CA0021.outlook.office365.com (2603:10b6:907::34) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6886.35 via Frontend Transport; Mon, 16 Oct 2023 13:32:17 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by MWH0EPF000989E9.mail.protection.outlook.com (10.167.241.136) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.6838.22 via Frontend Transport; Mon, 16 Oct 2023 13:32:17 +0000 Received: from localhost (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.27; Mon, 16 Oct 2023 08:32:15 -0500 From: Michael Roth To: CC: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , Subject: [PATCH v10 16/50] x86/sev: Introduce snp leaked pages list Date: Mon, 16 Oct 2023 08:27:45 -0500 Message-ID: <20231016132819.1002933-17-michael.roth@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20231016132819.1002933-1-michael.roth@amd.com> References: <20231016132819.1002933-1-michael.roth@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: MWH0EPF000989E9:EE_|DM6PR12MB5007:EE_ X-MS-Office365-Filtering-Correlation-Id: 77a81225-271a-4813-a9cf-08dbce4c5100 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: 3NaBGp4rvhpt6y23/ihvigh+xP4Y9+mcIlneZGBLXQK+kl3jiasXj3Hw5IjuLq0JG2z1/eTeILKM/Hv9Q1UZJ8zdzE9KYvRQEoggOz5jeprCVK+/yTWcWlgVyHEa95Ub/DZR0HT59VByNxDfR5S8E0qcvdhLCQ/4qQsaqzuT0W/BZiXtdl8soKTd+E9zmZ8Dygc5F/vT2uf4vlIDc0cs9sl8rcvIqbNkiP7mPP9X1aiBenLb5cvw3JO8B4eXnAFgNl2Ucixp+ixGQvkAwG+IsQGcsh9FX8TC6JXIO4Kx6MIxWKT1ATtoPXCMW9IDN+95igs0gTb08Tx617i4X7TT6OI47shsEHAbCRZ3lqhCjx4dQiFfDTDvOv9aA0JHgn/fNARmZiaNayzkx5LoHx4hidWUbQm3BpLECLyOiDDvMGNYLjfo3QjEbyPynGAkLLyjdhQl6Wi9BCNyVWLW7M2LLbIAOQBFig8UWvSdBl3Qq4EhFpqmk3TB3TTWhjI7gDmbJ2pkkObqb0za1L9nUtz3dCRPq3nQJ5SeUdowCGTVHO6e0uB1bSE+yEqpbDmM1D9zTXOQtRFfTXQZZ0lW87Sp6USoNo9uUq7LlgbxzWe3vrkvPLZnhgC52IU3qVouWUk5TnzhzWS3jNEz7CNWJLJ/EmxCCFVN5C61vaqUu78iandkZYUdwqsd6BKnc/tgxm+ypl5Axh3493hpgoBfBphni6mnhZySCdYL9J2BmcGP3r35nm7W/2UPE9eatWSgFdMk3zR/5yEEW7dQcJSo/iVhpw== X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230031)(4636009)(396003)(136003)(39860400002)(376002)(346002)(230922051799003)(82310400011)(64100799003)(451199024)(1800799009)(186009)(36840700001)(40470700004)(46966006)(6666004)(40460700003)(36860700001)(70206006)(8936002)(54906003)(6916009)(356005)(316002)(70586007)(478600001)(81166007)(82740400003)(2616005)(1076003)(26005)(16526019)(8676002)(47076005)(426003)(83380400001)(336012)(4326008)(7406005)(7416002)(40480700001)(5660300002)(2906002)(36756003)(86362001)(41300700001)(44832011)(36900700001);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 16 Oct 2023 13:32:17.3485 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 77a81225-271a-4813-a9cf-08dbce4c5100 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: MWH0EPF000989E9.namprd02.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM6PR12MB5007 X-Rspamd-Queue-Id: CD0E740012 X-Rspam-User: X-Rspamd-Server: rspam05 X-Stat-Signature: frw5144ebcj8d6njiu79yhiy4joz61z9 X-HE-Tag: 1697463141-608283 X-HE-Meta: U2FsdGVkX1+mPuDCDzDzsIOvcbwhHZqnql2LtCvNyuBPYk5hIGbmS8AzFPqjllQzuEdYwGauhiOD/NEYL2W8pL20NQPzJRBW2rPcv3DKB3mIFIuZpl/LFcroKepY/wOPe/Ac984Qm9RyiSOvoNF4vO20S5n4UDe6uFxidozAJou9EjmKHpUVZ9loLA73hyEltGGRyvcKrFi9jFpfTE7lCv37uyNuufZitwTTAyrOjsQre/IWIzuZSWe+hv5zPacD7LNe4+OeJLtPklWXNIohUwsSWjx8Oompg3csZPht8kJaG86mvTQ0mWzW6E9KpiMwmDBWHMoMhzhzeOsPky8Mm2Yg2JC3UDAd+pZ6YVBY9/6pUztMaHwOtJ+OrdqppQD9ur6xG7Xh7kPSi7dXPgbUhEeoFSGmT6kvwe4cDIB3sZ17TPrni4zCV47BlZjdFQFYyHffaj/3rrnfdCiCJYhjU+h6KJhes5XphtUtO3cT+LDgtdLY/Kci0i1W46DKMEmShFWjllnLm1hXILFu9EoYiXhHWFENVojF99ANKFdZBbpYE0sFDrlpec4UuoGsBZ46ASWbS6ajq4b1ycutbKKTiY5Twh1l+/s2hRzcPpuGZWlCszqEPDapyunBSWcE24uJ266mRXg/Bi+3Ox4XXVz/eXcFnDJJdyTm8vCVybtLE61+PxNPt4LghcTavCm2dxQExYgT2e1AfIsA1NEZYcDEaWB2DqFPCjSMuuJzu6K48gXxlgz1YWeOekSbGH8Dr9JUlzlyV7s3dQNLluMV1dCxa/YTKM+QKfoM3fxyI7VZNXBijd2QipNyGWCOVMWKfy9ZlGn2qwkkif500E+eP9kwD4T3BiYb4GIHj8oBq3u3ogfb1zglq8+ZzKinPUwpomGVKV83AjiD4s3SKdPLzunDj66NsG2IGD9YiZ35VLU7uUGb9aFHPGpa0TyiB1G25JTzfNRBF7SQBh5U+miCba+ 1NHYsRCf WStFrlFfxnjfT0RhsaPUlNgshWlHLA4vIo4HAf7471ZaM14S4+VYpOebZYbI7BUueuLI/wG8ldTVt0JDr36DoqQuzglpGcGozXZqyuA64DFNb93lfDDyRpbwMWVvjFmwSk2LYz4S/7EUK3R+M6u/a25/SIDEKBLuwRq8gGG3/Sv1//Q9njvWlttYkWiPDpsUvj6oZ/0Z80HddYPWe4spfRV4MQL+/FYeovGh9Y3MaA/XzyVsjP3cNQjnlFKa1+bH/1L6aUcWX89/7ZTrmE5kFZHr927YSIPVgIt/7i9ZVvxXeeOTAxZryGctG0s6Mofwb7oPw1uQcRS2eIcI= X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: From: Ashish Kalra Pages are unsafe to be released back to the page-allocator, if they have been transitioned to firmware/guest state and can't be reclaimed or transitioned back to hypervisor/shared state. In this case add them to an internal leaked pages list to ensure that they are not freed or touched/accessed to cause fatal page faults. Signed-off-by: Ashish Kalra [mdr: relocate to arch/x86/coco/sev/host.c] Signed-off-by: Michael Roth --- arch/x86/include/asm/sev-host.h | 3 +++ arch/x86/virt/svm/sev.c | 28 ++++++++++++++++++++++++++++ 2 files changed, 31 insertions(+) diff --git a/arch/x86/include/asm/sev-host.h b/arch/x86/include/asm/sev-host.h index 1df989411334..7490a665e78f 100644 --- a/arch/x86/include/asm/sev-host.h +++ b/arch/x86/include/asm/sev-host.h @@ -19,6 +19,8 @@ void sev_dump_hva_rmpentry(unsigned long address); int psmash(u64 pfn); int rmp_make_private(u64 pfn, u64 gpa, enum pg_level level, int asid, bool immutable); int rmp_make_shared(u64 pfn, enum pg_level level); +void snp_leak_pages(u64 pfn, unsigned int npages); + #else static inline int snp_lookup_rmpentry(u64 pfn, bool *assigned, int *level) { return -ENXIO; } static inline void sev_dump_hva_rmpentry(unsigned long address) {} @@ -29,6 +31,7 @@ static inline int rmp_make_private(u64 pfn, u64 gpa, enum pg_level level, int as return -ENXIO; } static inline int rmp_make_shared(u64 pfn, enum pg_level level) { return -ENXIO; } +static inline void snp_leak_pages(u64 pfn, unsigned int npages) {} #endif #endif diff --git a/arch/x86/virt/svm/sev.c b/arch/x86/virt/svm/sev.c index bf9b97046e05..29a69f4b8cfb 100644 --- a/arch/x86/virt/svm/sev.c +++ b/arch/x86/virt/svm/sev.c @@ -59,6 +59,12 @@ struct rmpentry { static struct rmpentry *rmptable_start __ro_after_init; static u64 rmptable_max_pfn __ro_after_init; +/* list of pages which are leaked and cannot be reclaimed */ +static LIST_HEAD(snp_leaked_pages_list); +static DEFINE_SPINLOCK(snp_leaked_pages_list_lock); + +static atomic_long_t snp_nr_leaked_pages = ATOMIC_LONG_INIT(0); + #undef pr_fmt #define pr_fmt(fmt) "SEV-SNP: " fmt @@ -518,3 +524,25 @@ int rmp_make_shared(u64 pfn, enum pg_level level) return rmpupdate(pfn, &val); } EXPORT_SYMBOL_GPL(rmp_make_shared); + +void snp_leak_pages(u64 pfn, unsigned int npages) +{ + struct page *page = pfn_to_page(pfn); + + pr_debug("%s: leaking PFN range 0x%llx-0x%llx\n", __func__, pfn, pfn + npages); + + spin_lock(&snp_leaked_pages_list_lock); + while (npages--) { + /* + * Reuse the page's buddy list for chaining into the leaked + * pages list. This page should not be on a free list currently + * and is also unsafe to be added to a free list. + */ + list_add_tail(&page->buddy_list, &snp_leaked_pages_list); + sev_dump_rmpentry(pfn); + pfn++; + } + spin_unlock(&snp_leaked_pages_list_lock); + atomic_long_inc(&snp_nr_leaked_pages); +} +EXPORT_SYMBOL_GPL(snp_leak_pages); From patchwork Mon Oct 16 13:27:46 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Roth X-Patchwork-Id: 13423268 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 7293DCDB465 for ; Mon, 16 Oct 2023 13:33:03 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 143638D0076; Mon, 16 Oct 2023 09:33:03 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 0CD808D0001; Mon, 16 Oct 2023 09:33:03 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id E62168D0076; Mon, 16 Oct 2023 09:33:02 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0014.hostedemail.com [216.40.44.14]) by kanga.kvack.org (Postfix) with ESMTP id CFE478D0001 for ; Mon, 16 Oct 2023 09:33:02 -0400 (EDT) Received: from smtpin03.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay10.hostedemail.com (Postfix) with ESMTP id AA0E3C0743 for ; Mon, 16 Oct 2023 13:33:02 +0000 (UTC) X-FDA: 81351415404.03.F9F7436 Received: from NAM04-MW2-obe.outbound.protection.outlook.com (mail-mw2nam04on2040.outbound.protection.outlook.com [40.107.101.40]) by imf30.hostedemail.com (Postfix) with ESMTP id A437880026 for ; Mon, 16 Oct 2023 13:32:59 +0000 (UTC) Authentication-Results: imf30.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b=mPJgtZua; spf=pass (imf30.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.101.40 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com; dmarc=pass (policy=quarantine) header.from=amd.com; arc=pass ("microsoft.com:s=arcselector9901:i=1") ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1697463179; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=ZFt5V0e7LrKLJVVAo96/SeOF9jgQQeuE0xqDr9KtCno=; b=dTrH3/6+g6sPQUwYKANtLEaVG+BboiLfeN70Pr7Jl4MypbG6USjd7fwUwhjmtyLCyXaBWj HC9H7EBX9FhQsVPlXLVRHTq5lWQpRkwHiNjhuViVrA4pxl0o03zisc0+ZC8j/xd4T/vdKQ 8fkNpggMV8XwgR9mX6BoNujktovEhjQ= ARC-Seal: i=2; s=arc-20220608; d=hostedemail.com; t=1697463179; a=rsa-sha256; cv=pass; b=1jSuFyb/+QGE/xl9J0BL1RE8FgFopARbqvYzFxQItWQYDZNOMrpFIVYEFqOXf+BsKzeO8z bI+DS22h+HPMbbe1IWNqH62TqUOmM0JYWqScU7EG875Cdsszl3PsD8pldLM5FC1PgSvWNB TXXObMA6UfWCZYCqIvcACigzXIZ2aJg= ARC-Authentication-Results: i=2; imf30.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b=mPJgtZua; spf=pass (imf30.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.101.40 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com; dmarc=pass (policy=quarantine) header.from=amd.com; arc=pass ("microsoft.com:s=arcselector9901:i=1") ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=QguyCBb3Bwfa8nIqQwjUVcy1e5GOBh9zFIkpiEEjjEz8ipmGDDG1prAiaQQRd2YHHSIPQPbN5LjHaUCIJOV5T1oTsg+FuOFd8M1Wwi6M1K4P5NcrGunXcbBPCsjI50ZBoKOWwvh6/qeiEi1a8L4chrztkcn1D/4bScik7Ye24bYmyeHp7w+/B5T9S7eNuuymAiQB57vsw/oYiIkHpj3YheY5tirKvxfeEFUl8LcLBjocrnMg7lSwedwjR8fIOFREHVjXM+rlXLoZt/JYXqUDSGA2nwYtH2LjEAMqvR9y2PkQ1v5TaTP6lcJwCOXbHvDiI6FN3vy4YQRWUfX7klVR7A== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=ZFt5V0e7LrKLJVVAo96/SeOF9jgQQeuE0xqDr9KtCno=; b=e/YBUcvfZRX7S6N+qo7ZAMxOycE5T5SROln5koT0ZePbRoSxnmIU/dudApnTCCMftRhO1nOcfYTlXMNbeiGzriF+wRpY6ksiJ0ttfvyTGwxspBH5dTMXqYiVL05d3ani/NtU/hG821+HRVgJd/bLU674ONKSuTB93By+B8LQsSCvky6cNMwEBvlAV5tCMr+6uHMXgmj9uhz6eRCQf4cDY1HflZ3SmRklypt1pJEg6NfaGoiXIldPyUfxcOSoG1O3u1nL5iPtcJrDBGZNhSBAcL5i2oMvF1x25hFJDvp3E39E6pQRUdUr7C5SJgxmMFXi5Z5i117Qp60X/iUHHt0txg== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=ZFt5V0e7LrKLJVVAo96/SeOF9jgQQeuE0xqDr9KtCno=; b=mPJgtZuatEDf3nOaNNRpUqoY4HKwsu4J23FB05GmzD98mCJHOgHNXrcxL665S4sqcJYHfm87YOg0KTMBoq4+cluNEMMO1o0o21lwnBmYuHwxDtfVWbpKETLtJd5n1p0aPeZmudbDTNmWJigy6EHbKeSQsnozUsS1YmGOOSWbq+8= Received: from SJ0PR13CA0216.namprd13.prod.outlook.com (2603:10b6:a03:2c1::11) by PH7PR12MB9074.namprd12.prod.outlook.com (2603:10b6:510:2f4::16) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6863.45; Mon, 16 Oct 2023 13:32:56 +0000 Received: from MWH0EPF000989EC.namprd02.prod.outlook.com (2603:10b6:a03:2c1:cafe::2b) by SJ0PR13CA0216.outlook.office365.com (2603:10b6:a03:2c1::11) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6907.17 via Frontend Transport; Mon, 16 Oct 2023 13:32:56 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by MWH0EPF000989EC.mail.protection.outlook.com (10.167.241.139) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.6838.22 via Frontend Transport; Mon, 16 Oct 2023 13:32:56 +0000 Received: from localhost (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.27; Mon, 16 Oct 2023 08:32:54 -0500 From: Michael Roth To: CC: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , Brijesh Singh Subject: [PATCH v10 17/50] crypto: ccp: Handle the legacy TMR allocation when SNP is enabled Date: Mon, 16 Oct 2023 08:27:46 -0500 Message-ID: <20231016132819.1002933-18-michael.roth@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20231016132819.1002933-1-michael.roth@amd.com> References: <20231016132819.1002933-1-michael.roth@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: MWH0EPF000989EC:EE_|PH7PR12MB9074:EE_ X-MS-Office365-Filtering-Correlation-Id: 4a1f2ecb-ae87-4fb0-d4ba-08dbce4c681e X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: 7iRFI702YMXV9YFJx/zdSpQMpWDt9Ftv8v/tD6eXcTWTS1mUOJnEwsblz2dvfn+CUt1fcusGxqDeNp+w2pxJziZtAOtPppyEwrrXNG4NOz6o2KOhJ+QUsk7fE9O2sq20/Pvx2nCMZthoNFzCFr4xKjsAmgmbVLVzCAMlX42UE7qbCeASKo/WgZZn40DetFiSvCh/YejOKMfNk1AjQ9B7lJpG+YhyF4k/yiAs16CC7xLfoB0iE+WF8WlYDpY8dqxVA4Z5pC7C11jYia/Zg5gX3xSAbbBctLh0g6rqK54Z4INCCFZM8iOvzpQutZn+C4HK1IkgwCLzN/2IcK/woNt+k9lesvMofIzgrL6BOHcLoEqXyj28qdscfnIuPS+6E7vfKEwwiIgWpZVgRmQ7kM2JXx6fZxQ6PrEpV0q+Hay0iOkDO68MZ1BFZtrxHMmO9VJvX0yc5+/o4HR+QoH6QVREJgW6yptLwYLD8WSUhGHgi4HMr4jtKcPxpXd28OqSPtc4SBS2o3g8Neq4A3ZyqdaMMxBoBLb+nFlxONX1rzWHHWArQVbu1CdX2xgILbywHEZocC90UZpT32vx4SZgjO5KbNiwVmDkUkOeH8+25CVIM0+onz3BKaKstNJIngLQDKQRADjr5VwilcpaYHCbhichyNZ3LjKGhBI01b2x8yByuMb/kRBoHNTO9fwnU6pBu2LXPJi0DXqtZovJ3obgnWc9dMLAwln4GY+bALvSz6kyWQVoXAwdlnDG2QJUHCkqygEv527qEkFCFSqW0HzMSSRGQw== X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230031)(4636009)(39860400002)(136003)(396003)(346002)(376002)(230922051799003)(64100799003)(451199024)(82310400011)(1800799009)(186009)(46966006)(36840700001)(40470700004)(16526019)(6666004)(70206006)(70586007)(2616005)(6916009)(316002)(478600001)(54906003)(41300700001)(26005)(4326008)(426003)(8936002)(336012)(40480700001)(8676002)(36756003)(81166007)(356005)(1076003)(83380400001)(5660300002)(36860700001)(44832011)(2906002)(40460700003)(7406005)(82740400003)(7416002)(86362001)(47076005)(36900700001);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 16 Oct 2023 13:32:56.1181 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 4a1f2ecb-ae87-4fb0-d4ba-08dbce4c681e X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: MWH0EPF000989EC.namprd02.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: PH7PR12MB9074 X-Rspamd-Queue-Id: A437880026 X-Rspam-User: X-Rspamd-Server: rspam11 X-Stat-Signature: nd6petj5ns9qybfntzakackgd66d9618 X-HE-Tag: 1697463179-539028 X-HE-Meta: U2FsdGVkX19A84ZVBUpr/lTD+3HnGCNqe6JNqPpOnzfzvksVIKOSspeqnri8OXSb/A98rXdoTqqELiLEXNX2oi28KI1CcSCKJBv3ugEGlIG2u+2aEBESS2wCBilMoTx1VkXDy7/CN3o4+twrVjwBbQ4/VzYHOiJo/lJLR67b/K0I4iH5o+7prEEWLRuK0gmQKo7AWo/X7kaddRNE7QkWvnketEn34o+8K7As/KZoD1v0gW/Swm+s754XYfxHH1UwPy7vgRbVMxU88H/OYA8tNlF+DZ1LmymqfWFcPTVUbyFhQHX4m9uPOczJcgE8/1nZiYWKJMNRc7/AziCvxC+pvz+ecZdT/jkGg2lstyWirCKmThtjMz2hI5ISLdlmziT6XNp6qiNYVeLG9NKGgUwLEwlL/GQ3KJv5Qu4QRxKpZNORwzFLxmemJ/U8E94m1XPOskPRxYM/z0uqr3hH8aiwY7g+htiAVvQl7OsMleGrUrnt/0il0BkaUP3v/irqKFZXFZCqC7ivBocmhFrxppF0gmtwWsFYY/w2qVu/qj4ssU9Ru3BVt2msCouIkzlRaxDVF8zS8cMf/wRt9FUg7NpphjfWORicN7Wz06V2a9VfaCEhzg5Os/3XUJTWT+knBBMZGgRQ1VDTpmCv0/C8jsLt7/W3b7+gBt4mgWrfaQMInRhO0FVplMWpFFyjPY7C4tjlxoSDau+bSeYXzrmBZWAbo0Cclq1qkobR/SaSUS0vF2kdYyyR3jfI+bjN5KBpVRDRHkrnx+LhulK9fvzrmFu5SekhxoPyGdxBXft7sEyr2alYQBbXV6SD75AgNPrhE5SwKt5aas6XfHNVcx9vAV/Ulp+I6n/clwMZ9iqLJTdL3UeewShps44H+NoTHWanS9yLEX2j7Yb0pre/wnKx1XljTHwgqiq+CVct4yHMva/G3CBlEAHA9vMrPXAtqgLVQNzKCJdeHQl3amMbggFWDqq w9f6AIU2 RIbcM76wPA8s7/Ntqp1JjMw4XVMUKk4R+FhEStNhGQN7r0FucTVQjRzO6TWuL8jRGPU93yDbnRqglidcxeaZRQcs/FegeB64TKxqgN9pSyX5TEeEryiK3XNZG39+FVy0unkO+s6mRRdEVwbW9UufWBcT8kAgFacM5sMMo+ui0ENLuOOYeUC557mfTxx9dsO4Yr/vCQVee5BuI3eoXq5vPMxKLUyl/JlfKYxx0s6XkQzxdKBPGADU/bwavDHhkXIp2qJdHkaCUFE+zL7ucxhGWPYbfSNl8Zdk9OoWAyi635UqO3mCyNf6i3+qN2Svy1jDNjA3Y1AdqtWnGsKE= X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: From: Brijesh Singh The behavior and requirement for the SEV-legacy command is altered when the SNP firmware is in the INIT state. See SEV-SNP firmware specification for more details. Allocate the Trusted Memory Region (TMR) as a 2mb sized/aligned region when SNP is enabled to satisfy new requirements for the SNP. Continue allocating a 1mb region for !SNP configuration. While at it, provide API that can be used by others to allocate a page that can be used by the firmware. The immediate user for this API will be the KVM driver. The KVM driver to need to allocate a firmware context page during the guest creation. The context page need to be updated by the firmware. See the SEV-SNP specification for further details. Co-developed-by: Ashish Kalra Signed-off-by: Ashish Kalra Signed-off-by: Brijesh Singh [mdr: use struct sev_data_snp_page_reclaim instead of passing paddr directly to SEV_CMD_SNP_PAGE_RECLAIM] Signed-off-by: Michael Roth --- drivers/crypto/ccp/sev-dev.c | 151 ++++++++++++++++++++++++++++++++--- include/linux/psp-sev.h | 9 +++ 2 files changed, 151 insertions(+), 9 deletions(-) diff --git a/drivers/crypto/ccp/sev-dev.c b/drivers/crypto/ccp/sev-dev.c index 613b25f81498..ea21307a2b34 100644 --- a/drivers/crypto/ccp/sev-dev.c +++ b/drivers/crypto/ccp/sev-dev.c @@ -30,6 +30,7 @@ #include #include #include +#include #include "psp-dev.h" #include "sev-dev.h" @@ -93,6 +94,13 @@ static void *sev_init_ex_buffer; struct sev_data_range_list *snp_range_list; static int __sev_snp_init_locked(int *error); +/* When SEV-SNP is enabled the TMR needs to be 2MB aligned and 2MB size. */ +#define SEV_SNP_ES_TMR_SIZE (2 * 1024 * 1024) + +static size_t sev_es_tmr_size = SEV_ES_TMR_SIZE; + +static int __sev_do_cmd_locked(int cmd, void *data, int *psp_ret); + static inline bool sev_version_greater_or_equal(u8 maj, u8 min) { struct sev_device *sev = psp_master->sev_data; @@ -193,11 +201,131 @@ static int sev_cmd_buffer_len(int cmd) return 0; } +static int snp_reclaim_pages(unsigned long paddr, unsigned int npages, bool locked) +{ + /* Cbit maybe set in the paddr */ + unsigned long pfn = __sme_clr(paddr) >> PAGE_SHIFT; + int ret, err, i, n = 0; + + for (i = 0; i < npages; i++, pfn++, n++) { + struct sev_data_snp_page_reclaim data = {0}; + + data.paddr = pfn << PAGE_SHIFT; + + if (locked) + ret = __sev_do_cmd_locked(SEV_CMD_SNP_PAGE_RECLAIM, &data, &err); + else + ret = sev_do_cmd(SEV_CMD_SNP_PAGE_RECLAIM, &data, &err); + + if (ret) + goto cleanup; + + ret = rmp_make_shared(pfn, PG_LEVEL_4K); + if (ret) + goto cleanup; + } + + return 0; + +cleanup: + /* + * If failed to reclaim the page then page is no longer safe to + * be release back to the system, leak it. + */ + snp_leak_pages(pfn, npages - n); + return ret; +} + +static int rmp_mark_pages_firmware(unsigned long paddr, unsigned int npages, bool locked) +{ + /* Cbit maybe set in the paddr */ + unsigned long pfn = __sme_clr(paddr) >> PAGE_SHIFT; + int rc, n = 0, i; + + for (i = 0; i < npages; i++, n++, pfn++) { + rc = rmp_make_private(pfn, 0, PG_LEVEL_4K, 0, true); + if (rc) + goto cleanup; + } + + return 0; + +cleanup: + /* + * Try unrolling the firmware state changes by + * reclaiming the pages which were already changed to the + * firmware state. + */ + snp_reclaim_pages(paddr, n, locked); + + return rc; +} + +static struct page *__snp_alloc_firmware_pages(gfp_t gfp_mask, int order, bool locked) +{ + unsigned long npages = 1ul << order, paddr; + struct sev_device *sev; + struct page *page; + + if (!psp_master || !psp_master->sev_data) + return NULL; + + page = alloc_pages(gfp_mask, order); + if (!page) + return NULL; + + /* If SEV-SNP is initialized then add the page in RMP table. */ + sev = psp_master->sev_data; + if (!sev->snp_initialized) + return page; + + paddr = __pa((unsigned long)page_address(page)); + if (rmp_mark_pages_firmware(paddr, npages, locked)) + return NULL; + + return page; +} + +void *snp_alloc_firmware_page(gfp_t gfp_mask) +{ + struct page *page; + + page = __snp_alloc_firmware_pages(gfp_mask, 0, false); + + return page ? page_address(page) : NULL; +} +EXPORT_SYMBOL_GPL(snp_alloc_firmware_page); + +static void __snp_free_firmware_pages(struct page *page, int order, bool locked) +{ + struct sev_device *sev = psp_master->sev_data; + unsigned long paddr, npages = 1ul << order; + + if (!page) + return; + + paddr = __pa((unsigned long)page_address(page)); + if (sev->snp_initialized && + snp_reclaim_pages(paddr, npages, locked)) + return; + + __free_pages(page, order); +} + +void snp_free_firmware_page(void *addr) +{ + if (!addr) + return; + + __snp_free_firmware_pages(virt_to_page(addr), 0, false); +} +EXPORT_SYMBOL_GPL(snp_free_firmware_page); + static void *sev_fw_alloc(unsigned long len) { struct page *page; - page = alloc_pages(GFP_KERNEL, get_order(len)); + page = __snp_alloc_firmware_pages(GFP_KERNEL, get_order(len), false); if (!page) return NULL; @@ -443,7 +571,7 @@ static int __sev_init_locked(int *error) data.tmr_address = __pa(sev_es_tmr); data.flags |= SEV_INIT_FLAGS_SEV_ES; - data.tmr_len = SEV_ES_TMR_SIZE; + data.tmr_len = sev_es_tmr_size; } return __sev_do_cmd_locked(SEV_CMD_INIT, &data, error); @@ -466,7 +594,7 @@ static int __sev_init_ex_locked(int *error) data.tmr_address = __pa(sev_es_tmr); data.flags |= SEV_INIT_FLAGS_SEV_ES; - data.tmr_len = SEV_ES_TMR_SIZE; + data.tmr_len = sev_es_tmr_size; } return __sev_do_cmd_locked(SEV_CMD_INIT_EX, &data, error); @@ -513,14 +641,16 @@ static int ___sev_platform_init_locked(int *error, bool probe) if (!sev_es_tmr) { /* Obtain the TMR memory area for SEV-ES use */ - sev_es_tmr = sev_fw_alloc(SEV_ES_TMR_SIZE); - if (sev_es_tmr) + sev_es_tmr = sev_fw_alloc(sev_es_tmr_size); + if (sev_es_tmr) { /* Must flush the cache before giving it to the firmware */ - clflush_cache_range(sev_es_tmr, SEV_ES_TMR_SIZE); - else + if (!sev->snp_initialized) + clflush_cache_range(sev_es_tmr, sev_es_tmr_size); + } else { dev_warn(sev->dev, "SEV: TMR allocation failed, SEV-ES support unavailable\n"); } + } if (sev_init_ex_buffer) { rc = sev_read_init_ex_file(); @@ -1030,6 +1160,8 @@ static int __sev_snp_init_locked(int *error) sev->snp_initialized = true; dev_dbg(sev->dev, "SEV-SNP firmware initialized\n"); + sev_es_tmr_size = SEV_SNP_ES_TMR_SIZE; + return rc; } @@ -1536,8 +1668,9 @@ static void sev_firmware_shutdown(struct sev_device *sev) /* The TMR area was encrypted, flush it from the cache */ wbinvd_on_all_cpus(); - free_pages((unsigned long)sev_es_tmr, - get_order(SEV_ES_TMR_SIZE)); + __snp_free_firmware_pages(virt_to_page(sev_es_tmr), + get_order(sev_es_tmr_size), + false); sev_es_tmr = NULL; } diff --git a/include/linux/psp-sev.h b/include/linux/psp-sev.h index 61bb5849ebf2..9342cee1a1e6 100644 --- a/include/linux/psp-sev.h +++ b/include/linux/psp-sev.h @@ -898,6 +898,8 @@ int sev_guest_decommission(struct sev_data_decommission *data, int *error); int sev_do_cmd(int cmd, void *data, int *psp_ret); void *psp_copy_user_blob(u64 uaddr, u32 len); +void *snp_alloc_firmware_page(gfp_t mask); +void snp_free_firmware_page(void *addr); #else /* !CONFIG_CRYPTO_DEV_SP_PSP */ @@ -925,6 +927,13 @@ sev_issue_cmd_external_user(struct file *filep, unsigned int id, void *data, int static inline void *psp_copy_user_blob(u64 __user uaddr, u32 len) { return ERR_PTR(-EINVAL); } +static inline void *snp_alloc_firmware_page(gfp_t mask) +{ + return NULL; +} + +static inline void snp_free_firmware_page(void *addr) { } + #endif /* CONFIG_CRYPTO_DEV_SP_PSP */ #endif /* __PSP_SEV_H__ */ From patchwork Mon Oct 16 13:27:47 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Roth X-Patchwork-Id: 13423269 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id B0088CDB474 for ; Mon, 16 Oct 2023 13:33:44 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 53BB08D0077; Mon, 16 Oct 2023 09:33:44 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 4C4CC8D0001; Mon, 16 Oct 2023 09:33:44 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 317BC8D0077; Mon, 16 Oct 2023 09:33:44 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0011.hostedemail.com [216.40.44.11]) by kanga.kvack.org (Postfix) with ESMTP id 161F48D0001 for ; Mon, 16 Oct 2023 09:33:44 -0400 (EDT) Received: from smtpin29.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay09.hostedemail.com (Postfix) with ESMTP id C89138095A for ; Mon, 16 Oct 2023 13:33:43 +0000 (UTC) X-FDA: 81351417126.29.E0DB903 Received: from NAM04-MW2-obe.outbound.protection.outlook.com (mail-mw2nam04on2085.outbound.protection.outlook.com [40.107.101.85]) by imf12.hostedemail.com (Postfix) with ESMTP id A587A4002E for ; Mon, 16 Oct 2023 13:33:40 +0000 (UTC) Authentication-Results: imf12.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b=vpnsgwBI; spf=pass (imf12.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.101.85 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com; arc=pass ("microsoft.com:s=arcselector9901:i=1"); dmarc=pass (policy=quarantine) header.from=amd.com ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1697463220; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=m1EseM+qug2yazkXZcm0+97UcrNJ8g5Ws2bNLaE9gHs=; b=ezjpkbpZcsbtRfgnR2kOcRqylTh/fhTRYica9frd5xKQn2w5zOt99PpXEtE00jrZBptgof YqY5yCh9m9C9gKYKHf6Ndou2rFHkhA0K9uX4XeSNJueX8YIWAxy6jf7jW4AJMpvo6BUXSq ZpfJX/uUkuh7T7q9R6LiEGHatSCC/UQ= ARC-Authentication-Results: i=2; imf12.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b=vpnsgwBI; spf=pass (imf12.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.101.85 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com; arc=pass ("microsoft.com:s=arcselector9901:i=1"); dmarc=pass (policy=quarantine) header.from=amd.com ARC-Seal: i=2; s=arc-20220608; d=hostedemail.com; t=1697463220; a=rsa-sha256; cv=pass; b=U57oirhtTfDoMbjiw0om+5971wRUD8Tvt6+EI3bWewYajBRYty3M8qMwsGwDb9qWA6Bjuu 4Bu4EgnUStAI0fxPNbsG8aLN92ete3invULZauOy/OdVMvclH4E41IYBrP2Tn+teHxBqTE AOoEf3JpiA89lM1TWAvOuWpcdXUanMU= ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=amk7/njUkVJbFqlbSH26csxinOcUVzKRe7bI2hOwupbSLDuaISU9/pyWIMKy3UiSwWhj0n65QPKqfepMmA8yvOZPRkiIE5NrDlF68aTylnu89n+y05p1l9zApi78d76FCpb2t9M/knp0VAGhWp8XoLdU4A2ilgZtGkck7sOdKPdd2WbkpoQhdIvc6VurCDu4LA0YkTst/Rv2N5KpfWgTH0L01U6FOD1xbdilA4ScY678w1GzbRUatWlxdkPWRlDtfLKN7eJtFQs/5dFR+HYSd5nIUPG34OwEX8hFTDD4rCJGG8oK8+09aooWQrvGs2nUYTKAjN/sisI3y6bYeGkUWg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=m1EseM+qug2yazkXZcm0+97UcrNJ8g5Ws2bNLaE9gHs=; b=oXKSvqZjKGOf7TNza67ZSfQhR0iu1AAyC9g6dZAuTivhHP3zKhEmkIpK7LMcN3J58bfzbDxY9KFYXuprNa7WJTKfLvEKVnalt/Qp5h+NJsgkyjVsRgeK6pNI496mNv65YBLTljLX3k+JvnFcFSAgB05gYWHArEBKRWYTOG3A4LzDbbAeKUOJYhI30BYXKtvyefjokWvI7UwVjbyS5crS3D9fy4jnl/xTYAvlivDdggofSEMpGO2ppQOPCWrNhr0KQdjho1EtaOJwz73D8BLy9iG5RM5XvnDv4dIrFzYnPAjuOagfOxB/5MX4gAi/dQLSNJmGb2rQqHYoz+OvLUPqhg== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=m1EseM+qug2yazkXZcm0+97UcrNJ8g5Ws2bNLaE9gHs=; b=vpnsgwBIwnzZR87qwean+LTYl8eJUhPLq7U8ek5LlgwpOzHSJ/OSxzb5uGZxIf7fsDYpPEbJXLwZvbSE1tPr5yuzBN2SqQDDlBrbyDhn+3k46iuPsWQTtEg5iwugnZDz4cDUEc3JyYAypFnK6IfzZwChzyzuHmgPseqmjOlDzUY= Received: from CH0PR03CA0002.namprd03.prod.outlook.com (2603:10b6:610:b0::7) by IA0PR12MB7506.namprd12.prod.outlook.com (2603:10b6:208:442::14) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6886.35; Mon, 16 Oct 2023 13:33:35 +0000 Received: from MWH0EPF000989E6.namprd02.prod.outlook.com (2603:10b6:610:b0:cafe::e3) by CH0PR03CA0002.outlook.office365.com (2603:10b6:610:b0::7) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6886.35 via Frontend Transport; Mon, 16 Oct 2023 13:33:35 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by MWH0EPF000989E6.mail.protection.outlook.com (10.167.241.133) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.6838.22 via Frontend Transport; Mon, 16 Oct 2023 13:33:35 +0000 Received: from localhost (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.27; Mon, 16 Oct 2023 08:33:14 -0500 From: Michael Roth To: CC: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , Brijesh Singh Subject: [PATCH v10 18/50] crypto: ccp: Handle the legacy SEV command when SNP is enabled Date: Mon, 16 Oct 2023 08:27:47 -0500 Message-ID: <20231016132819.1002933-19-michael.roth@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20231016132819.1002933-1-michael.roth@amd.com> References: <20231016132819.1002933-1-michael.roth@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: MWH0EPF000989E6:EE_|IA0PR12MB7506:EE_ X-MS-Office365-Filtering-Correlation-Id: 6d595931-3fb6-43c4-9b2d-08dbce4c7f7b X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: 8RHeMkAXBHFrUu9TKG3/cO8shRfXqwN6cuzmYnpWkIiP1lQOLDjLa3o3ioyTEw7brCDScHw47tHy3oeUyciHaZaw+RddO7l2TXeKXo+IzxhqAxZxvZ0ywPz9Ci3bZ8vAYaBD6vJlquvXtX2ixLhQfTYarDq6U/yQKeR+sK24nUDozSSzyrqs7pAFcSbij1b2aDFF5a1E3aajovJtRReecmICBAAn/Fz5sV9ZbXt0hRiV727sHwXBAutbfb8roRmd4SZpW925FV9UL/GwERmB0nul+MSlV1Vd7uF32/b6VTTpVYMpJ7CUITmR7mUyeGETuvJrY0WHsDaLiYmPMvZB3CIrAzHITWiEybtf+OEhOZhN+72L2E/0Bi3khVvWkJGHroTBkON1qutJ7dgS/yC55i+AEwrbpsuuM34Z/dgfTHWdA9eo9kfyFySLcFcYRJbJ0hL7ajneZk6QZRS5XGR3fh0xyZ7BX0QpnH7FBXAtyMhIG0GiB/6UOApQmCnUTXp6aSfh+3DtjdMDs9PRv9Q3jufZafF++Q8419xkIBii9RhFOvK6wF3omFE/b5ft/PYGiDs6cMU837+aSrVQmZ5xlr8FDD/vQDfxNmx2YDKBVy4mLDU2di3jvHkzsKAF6ACcWvL8qatJ2t883NWoKJPM8FHZMpZkRiQuvyl8sXx2d26SR6mMRXYyFDOUckBXJweoW/7Mxy0WnorVnG+Wl9wMux5fS1XnBE+swar6vsRtA3zgvT70rL5WKba/Rc6gjHnuxKBaBwXBnwFM0KD9QnagLg== X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230031)(4636009)(376002)(396003)(136003)(39860400002)(346002)(230922051799003)(451199024)(186009)(1800799009)(64100799003)(82310400011)(46966006)(36840700001)(40470700004)(44832011)(40460700003)(16526019)(1076003)(26005)(2616005)(336012)(82740400003)(426003)(8676002)(8936002)(4326008)(5660300002)(47076005)(83380400001)(81166007)(40480700001)(41300700001)(356005)(478600001)(86362001)(7416002)(7406005)(30864003)(2906002)(36860700001)(316002)(6666004)(70206006)(36756003)(54906003)(70586007)(6916009)(36900700001);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 16 Oct 2023 13:33:35.3138 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 6d595931-3fb6-43c4-9b2d-08dbce4c7f7b X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: MWH0EPF000989E6.namprd02.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: IA0PR12MB7506 X-Rspamd-Queue-Id: A587A4002E X-Rspam-User: X-Stat-Signature: rh8sp48r6ia7trwnjufdurb19fjpeth9 X-Rspamd-Server: rspam01 X-HE-Tag: 1697463220-954984 X-HE-Meta: U2FsdGVkX19I2hNSbPofAhHeJJbUDABMz8PUkkzn1TWwVeOyjnTNrWoh9GeOfU2Kx7EuJCVq3ERT8SzdjdwKsVpcXdxQefpMtUmCsvUcY4lfrfWdB8tN8oSo8MSX9Wku3MLK8Q7E0c5+h0Xl+utro5ByDVFppZs80plGGPIHiCMjvXvDmj9R9MfGoQrc0/6iwqYrlLCft+X1iSgMYdFWR+vbj5MMiczGOJvmmhqQXi7/jlLcBu7pszS4p6SjC3mgBcKGlWbhUHoUH84OsQpoRRCY5op+7B3SRNunHvremb/W3CN7s8c/r3uAoADgcxX2NK8NdQSTUsibj7r711V7GXRiuvh8PMQpGc1SyYOBWRhRxiWTMD8qkxA5rjQSa+B0fa00bgk/NB5hM81Pv1RRF+cX7r3OqxVsV+tHjFf6/QbbEhqX+7bPcO0Goiq1Cute25dq2Yn7MQJ/GSqUS4mK9gigazzLqBp1TX2lkprAM3VPHlXK5gdU5NmRdrDlLFr5GhxC8vwcA5RT6+vISUVjblFYHbz+SIZwqPl4HHAB7A2X4PmJ1eNYcpzgpcb8zAWgFrS74FqJnR34ws3C+49N2D332SyP8FbiC/RZ5v7MqBSgXU2kPkej9Hjykf/IjaRrBKxbyXhVUiJ4ENhfDrI7CoOYAbQ8u6To3p7xjEGDNo7xTxba79c90L8ReILaZdb/rN08XlhXGMYtz7DSV/tiviOUlJlJ3T/12FwLBvx8heqkHPBHwo/WIdrSFL3WuP/L3avO6TUFZpFhp95wLdDLapbnI7RmrMPdtWx+ElqSGj8OaLMx7bJ/lSVjfg9mAjBTIX7zt50Yqe4crtCFT6Kh28vfjLVH1Loju6Ns572c4CW0yzf+kpgZH+85RfFNDu2pJM2PlnjKqRL5S4jLnwsFaAYIjQNs0aWOhu98Et7tV7Y96vCTxgW1wIqECiDrE7SlV0tNNqjNk2MAdU7onvI RxdIrT2V DajQj8atAUxnDVJq3diPB9+ZClZR3pXxIdV4VXBGL3DVdbETTx4fWPsX8S6UaBhZb1oYAPmkMaKNuXxMD8+oNK0dzWkNyTpemnllUdeMlP9ZxCKhG98u6qPApCttxxbRrkYiVd8aMRJ9oeXyV7WY6AqC06lJiyUSsvoLVm0UM63EHaB5M/SfLUfZ6DsH8+/q366dJa+9t0AJpvVXZKFVDwnSQZsoB+VxM1+SaGEqh3+qdq5GCjDi5RErBD0GX0yCgbnDE+GDAeI1GRnWEOuwdPbjcNxcEdPuxSjdpSwT1KlyMrqakBy37Nbn3Rs8toUZsxAKCfugmnJb56hY= X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: From: Brijesh Singh The behavior of the SEV-legacy commands is altered when the SNP firmware is in the INIT state. When SNP is in INIT state, all the SEV-legacy commands that cause the firmware to write to memory must be in the firmware state before issuing the command.. A command buffer may contains a system physical address that the firmware may write to. There are two cases that need to be handled: 1) system physical address points to a guest memory 2) system physical address points to a host memory To handle the case #1, change the page state to the firmware in the RMP table before issuing the command and restore the state to shared after the command completes. For the case #2, use a bounce buffer to complete the request. Signed-off-by: Brijesh Singh Signed-off-by: Ashish Kalra Signed-off-by: Michael Roth --- drivers/crypto/ccp/sev-dev.c | 346 ++++++++++++++++++++++++++++++++++- drivers/crypto/ccp/sev-dev.h | 12 ++ 2 files changed, 348 insertions(+), 10 deletions(-) diff --git a/drivers/crypto/ccp/sev-dev.c b/drivers/crypto/ccp/sev-dev.c index ea21307a2b34..b574b0ef2b1f 100644 --- a/drivers/crypto/ccp/sev-dev.c +++ b/drivers/crypto/ccp/sev-dev.c @@ -462,12 +462,295 @@ static int sev_write_init_ex_file_if_required(int cmd_id) return sev_write_init_ex_file(); } +static int alloc_snp_host_map(struct sev_device *sev) +{ + struct page *page; + int i; + + for (i = 0; i < MAX_SNP_HOST_MAP_BUFS; i++) { + struct snp_host_map *map = &sev->snp_host_map[i]; + + memset(map, 0, sizeof(*map)); + + page = alloc_pages(GFP_KERNEL_ACCOUNT, get_order(SEV_FW_BLOB_MAX_SIZE)); + if (!page) + return -ENOMEM; + + map->host = page_address(page); + } + + return 0; +} + +static void free_snp_host_map(struct sev_device *sev) +{ + int i; + + for (i = 0; i < MAX_SNP_HOST_MAP_BUFS; i++) { + struct snp_host_map *map = &sev->snp_host_map[i]; + + if (map->host) { + __free_pages(virt_to_page(map->host), get_order(SEV_FW_BLOB_MAX_SIZE)); + memset(map, 0, sizeof(*map)); + } + } +} + +static int map_firmware_writeable(u64 *paddr, u32 len, bool guest, struct snp_host_map *map) +{ + unsigned int npages = PAGE_ALIGN(len) >> PAGE_SHIFT; + + map->active = false; + + if (!paddr || !len) + return 0; + + map->paddr = *paddr; + map->len = len; + + /* If paddr points to a guest memory then change the page state to firmwware. */ + if (guest) { + if (rmp_mark_pages_firmware(*paddr, npages, true)) + return -EFAULT; + + goto done; + } + + if (!map->host) + return -ENOMEM; + + /* Check if the pre-allocated buffer can be used to fullfil the request. */ + if (len > SEV_FW_BLOB_MAX_SIZE) + return -EINVAL; + + /* Transition the pre-allocated buffer to the firmware state. */ + if (rmp_mark_pages_firmware(__pa(map->host), npages, true)) + return -EFAULT; + + /* Set the paddr to use pre-allocated firmware buffer */ + *paddr = __psp_pa(map->host); + +done: + map->active = true; + return 0; +} + +static int unmap_firmware_writeable(u64 *paddr, u32 len, bool guest, struct snp_host_map *map) +{ + unsigned int npages = PAGE_ALIGN(len) >> PAGE_SHIFT; + + if (!map->active) + return 0; + + /* If paddr points to a guest memory then restore the page state to hypervisor. */ + if (guest) { + if (snp_reclaim_pages(*paddr, npages, true)) + return -EFAULT; + + goto done; + } + + /* + * Transition the pre-allocated buffer to hypervisor state before the access. + * + * This is because while changing the page state to firmware, the kernel unmaps + * the pages from the direct map, and to restore the direct map the pages must + * be transitioned back to the shared state. + */ + if (snp_reclaim_pages(__pa(map->host), npages, true)) + return -EFAULT; + + /* Copy the response data firmware buffer to the callers buffer. */ + memcpy(__va(__sme_clr(map->paddr)), map->host, min_t(size_t, len, map->len)); + *paddr = map->paddr; + +done: + map->active = false; + return 0; +} + +static bool sev_legacy_cmd_buf_writable(int cmd) +{ + switch (cmd) { + case SEV_CMD_PLATFORM_STATUS: + case SEV_CMD_GUEST_STATUS: + case SEV_CMD_LAUNCH_START: + case SEV_CMD_RECEIVE_START: + case SEV_CMD_LAUNCH_MEASURE: + case SEV_CMD_SEND_START: + case SEV_CMD_SEND_UPDATE_DATA: + case SEV_CMD_SEND_UPDATE_VMSA: + case SEV_CMD_PEK_CSR: + case SEV_CMD_PDH_CERT_EXPORT: + case SEV_CMD_GET_ID: + case SEV_CMD_ATTESTATION_REPORT: + return true; + default: + return false; + } +} + +#define prep_buffer(name, addr, len, guest, map) \ + func(&((typeof(name *))cmd_buf)->addr, ((typeof(name *))cmd_buf)->len, guest, map) + +static int __snp_cmd_buf_copy(int cmd, void *cmd_buf, bool to_fw, int fw_err) +{ + int (*func)(u64 *paddr, u32 len, bool guest, struct snp_host_map *map); + struct sev_device *sev = psp_master->sev_data; + bool from_fw = !to_fw; + + /* + * After the command is completed, change the command buffer memory to + * hypervisor state. + * + * The immutable bit is automatically cleared by the firmware, so + * no not need to reclaim the page. + */ + if (from_fw && sev_legacy_cmd_buf_writable(cmd)) { + if (snp_reclaim_pages(__pa(cmd_buf), 1, true)) + return -EFAULT; + + /* No need to go further if firmware failed to execute command. */ + if (fw_err) + return 0; + } + + if (to_fw) + func = map_firmware_writeable; + else + func = unmap_firmware_writeable; + + /* + * A command buffer may contains a system physical address. If the address + * points to a host memory then use an intermediate firmware page otherwise + * change the page state in the RMP table. + */ + switch (cmd) { + case SEV_CMD_PDH_CERT_EXPORT: + if (prep_buffer(struct sev_data_pdh_cert_export, pdh_cert_address, + pdh_cert_len, false, &sev->snp_host_map[0])) + goto err; + if (prep_buffer(struct sev_data_pdh_cert_export, cert_chain_address, + cert_chain_len, false, &sev->snp_host_map[1])) + goto err; + break; + case SEV_CMD_GET_ID: + if (prep_buffer(struct sev_data_get_id, address, len, + false, &sev->snp_host_map[0])) + goto err; + break; + case SEV_CMD_PEK_CSR: + if (prep_buffer(struct sev_data_pek_csr, address, len, + false, &sev->snp_host_map[0])) + goto err; + break; + case SEV_CMD_LAUNCH_UPDATE_DATA: + if (prep_buffer(struct sev_data_launch_update_data, address, len, + true, &sev->snp_host_map[0])) + goto err; + break; + case SEV_CMD_LAUNCH_UPDATE_VMSA: + if (prep_buffer(struct sev_data_launch_update_vmsa, address, len, + true, &sev->snp_host_map[0])) + goto err; + break; + case SEV_CMD_LAUNCH_MEASURE: + if (prep_buffer(struct sev_data_launch_measure, address, len, + false, &sev->snp_host_map[0])) + goto err; + break; + case SEV_CMD_LAUNCH_UPDATE_SECRET: + if (prep_buffer(struct sev_data_launch_secret, guest_address, guest_len, + true, &sev->snp_host_map[0])) + goto err; + break; + case SEV_CMD_DBG_DECRYPT: + if (prep_buffer(struct sev_data_dbg, dst_addr, len, false, + &sev->snp_host_map[0])) + goto err; + break; + case SEV_CMD_DBG_ENCRYPT: + if (prep_buffer(struct sev_data_dbg, dst_addr, len, true, + &sev->snp_host_map[0])) + goto err; + break; + case SEV_CMD_ATTESTATION_REPORT: + if (prep_buffer(struct sev_data_attestation_report, address, len, + false, &sev->snp_host_map[0])) + goto err; + break; + case SEV_CMD_SEND_START: + if (prep_buffer(struct sev_data_send_start, session_address, + session_len, false, &sev->snp_host_map[0])) + goto err; + break; + case SEV_CMD_SEND_UPDATE_DATA: + if (prep_buffer(struct sev_data_send_update_data, hdr_address, hdr_len, + false, &sev->snp_host_map[0])) + goto err; + if (prep_buffer(struct sev_data_send_update_data, trans_address, + trans_len, false, &sev->snp_host_map[1])) + goto err; + break; + case SEV_CMD_SEND_UPDATE_VMSA: + if (prep_buffer(struct sev_data_send_update_vmsa, hdr_address, hdr_len, + false, &sev->snp_host_map[0])) + goto err; + if (prep_buffer(struct sev_data_send_update_vmsa, trans_address, + trans_len, false, &sev->snp_host_map[1])) + goto err; + break; + case SEV_CMD_RECEIVE_UPDATE_DATA: + if (prep_buffer(struct sev_data_receive_update_data, guest_address, + guest_len, true, &sev->snp_host_map[0])) + goto err; + break; + case SEV_CMD_RECEIVE_UPDATE_VMSA: + if (prep_buffer(struct sev_data_receive_update_vmsa, guest_address, + guest_len, true, &sev->snp_host_map[0])) + goto err; + break; + default: + break; + } + + /* The command buffer need to be in the firmware state. */ + if (to_fw && sev_legacy_cmd_buf_writable(cmd)) { + if (rmp_mark_pages_firmware(__pa(cmd_buf), 1, true)) + return -EFAULT; + } + + return 0; + +err: + return -EINVAL; +} + +static inline bool need_firmware_copy(int cmd) +{ + struct sev_device *sev = psp_master->sev_data; + + /* After SNP is INIT'ed, the behavior of legacy SEV command is changed. */ + return ((cmd < SEV_CMD_SNP_INIT) && sev->snp_initialized) ? true : false; +} + +static int snp_aware_copy_to_firmware(int cmd, void *data) +{ + return __snp_cmd_buf_copy(cmd, data, true, 0); +} + +static int snp_aware_copy_from_firmware(int cmd, void *data, int fw_err) +{ + return __snp_cmd_buf_copy(cmd, data, false, fw_err); +} + static int __sev_do_cmd_locked(int cmd, void *data, int *psp_ret) { struct psp_device *psp = psp_master; struct sev_device *sev; unsigned int phys_lsb, phys_msb; unsigned int reg, ret = 0; + void *cmd_buf; int buf_len; if (!psp || !psp->sev_data) @@ -487,12 +770,28 @@ static int __sev_do_cmd_locked(int cmd, void *data, int *psp_ret) * work for some memory, e.g. vmalloc'd addresses, and @data may not be * physically contiguous. */ - if (data) - memcpy(sev->cmd_buf, data, buf_len); + if (data) { + if (sev->cmd_buf_active > 2) + return -EBUSY; + + cmd_buf = sev->cmd_buf_active ? sev->cmd_buf_backup : sev->cmd_buf; + + memcpy(cmd_buf, data, buf_len); + sev->cmd_buf_active++; + + /* + * The behavior of the SEV-legacy commands is altered when the + * SNP firmware is in the INIT state. + */ + if (need_firmware_copy(cmd) && snp_aware_copy_to_firmware(cmd, cmd_buf)) + return -EFAULT; + } else { + cmd_buf = sev->cmd_buf; + } /* Get the physical address of the command buffer */ - phys_lsb = data ? lower_32_bits(__psp_pa(sev->cmd_buf)) : 0; - phys_msb = data ? upper_32_bits(__psp_pa(sev->cmd_buf)) : 0; + phys_lsb = data ? lower_32_bits(__psp_pa(cmd_buf)) : 0; + phys_msb = data ? upper_32_bits(__psp_pa(cmd_buf)) : 0; dev_dbg(sev->dev, "sev command id %#x buffer 0x%08x%08x timeout %us\n", cmd, phys_msb, phys_lsb, psp_timeout); @@ -533,15 +832,24 @@ static int __sev_do_cmd_locked(int cmd, void *data, int *psp_ret) ret = sev_write_init_ex_file_if_required(cmd); } - print_hex_dump_debug("(out): ", DUMP_PREFIX_OFFSET, 16, 2, data, - buf_len, false); - /* * Copy potential output from the PSP back to data. Do this even on * failure in case the caller wants to glean something from the error. */ - if (data) - memcpy(data, sev->cmd_buf, buf_len); + if (data) { + /* + * Restore the page state after the command completes. + */ + if (need_firmware_copy(cmd) && + snp_aware_copy_from_firmware(cmd, cmd_buf, ret)) + return -EFAULT; + + memcpy(data, cmd_buf, buf_len); + sev->cmd_buf_active--; + } + + print_hex_dump_debug("(out): ", DUMP_PREFIX_OFFSET, 16, 2, data, + buf_len, false); return ret; } @@ -639,6 +947,14 @@ static int ___sev_platform_init_locked(int *error, bool probe) if (probe && !psp_init_on_probe) return 0; + /* + * Allocate the intermediate buffers used for the legacy command handling. + */ + if (rc != -ENODEV && alloc_snp_host_map(sev)) { + dev_notice(sev->dev, "Failed to alloc host map (disabling legacy SEV)\n"); + goto skip_legacy; + } + if (!sev_es_tmr) { /* Obtain the TMR memory area for SEV-ES use */ sev_es_tmr = sev_fw_alloc(sev_es_tmr_size); @@ -691,6 +1007,7 @@ static int ___sev_platform_init_locked(int *error, bool probe) dev_info(sev->dev, "SEV API:%d.%d build:%d\n", sev->api_major, sev->api_minor, sev->build); +skip_legacy: return 0; } @@ -1616,10 +1933,12 @@ int sev_dev_init(struct psp_device *psp) if (!sev) goto e_err; - sev->cmd_buf = (void *)devm_get_free_pages(dev, GFP_KERNEL, 0); + sev->cmd_buf = (void *)devm_get_free_pages(dev, GFP_KERNEL, 1); if (!sev->cmd_buf) goto e_sev; + sev->cmd_buf_backup = (uint8_t *)sev->cmd_buf + PAGE_SIZE; + psp->sev_data = sev; sev->dev = dev; @@ -1685,6 +2004,12 @@ static void sev_firmware_shutdown(struct sev_device *sev) snp_range_list = NULL; } + /* + * The host map need to clear the immutable bit so it must be free'd before the + * SNP firmware shutdown. + */ + free_snp_host_map(sev); + sev_snp_shutdown(&error); } @@ -1753,6 +2078,7 @@ void sev_pci_init(void) return; err: + free_snp_host_map(sev); psp_master->sev_data = NULL; } diff --git a/drivers/crypto/ccp/sev-dev.h b/drivers/crypto/ccp/sev-dev.h index 85506325051a..2c2fe42189a5 100644 --- a/drivers/crypto/ccp/sev-dev.h +++ b/drivers/crypto/ccp/sev-dev.h @@ -29,11 +29,20 @@ #define SEV_CMD_COMPLETE BIT(1) #define SEV_CMDRESP_IOC BIT(0) +#define MAX_SNP_HOST_MAP_BUFS 2 + struct sev_misc_dev { struct kref refcount; struct miscdevice misc; }; +struct snp_host_map { + u64 paddr; + u32 len; + void *host; + bool active; +}; + struct sev_device { struct device *dev; struct psp_device *psp; @@ -52,8 +61,11 @@ struct sev_device { u8 build; void *cmd_buf; + void *cmd_buf_backup; + int cmd_buf_active; bool snp_initialized; + struct snp_host_map snp_host_map[MAX_SNP_HOST_MAP_BUFS]; }; int sev_dev_init(struct psp_device *psp); From patchwork Mon Oct 16 13:27:48 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Roth X-Patchwork-Id: 13423270 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id ADE30CDB474 for ; Mon, 16 Oct 2023 13:33:48 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 49F8E8D0078; Mon, 16 Oct 2023 09:33:48 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 4288D8D0001; Mon, 16 Oct 2023 09:33:48 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 27B4E8D0078; Mon, 16 Oct 2023 09:33:48 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0013.hostedemail.com [216.40.44.13]) by kanga.kvack.org (Postfix) with ESMTP id 124DA8D0001 for ; Mon, 16 Oct 2023 09:33:48 -0400 (EDT) Received: from smtpin12.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay07.hostedemail.com (Postfix) with ESMTP id E8C1916037A for ; Mon, 16 Oct 2023 13:33:47 +0000 (UTC) X-FDA: 81351417294.12.D9FCF9E Received: from NAM11-CO1-obe.outbound.protection.outlook.com (mail-co1nam11on2060.outbound.protection.outlook.com [40.107.220.60]) by imf27.hostedemail.com (Postfix) with ESMTP id C65334000A for ; Mon, 16 Oct 2023 13:33:44 +0000 (UTC) Authentication-Results: imf27.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b="UQ+m/DXR"; dmarc=pass (policy=quarantine) header.from=amd.com; spf=pass (imf27.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.220.60 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com; arc=pass ("microsoft.com:s=arcselector9901:i=1") ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1697463225; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=lXcQILof/l/QK7fWQXg1rZMQQPkO2ffgeXV/f0lvuGE=; b=ZATzvH6R3W0yY4IhWZujWvnI0ppMvavuZlvelpBjcKo5j4wzn1WghbbacLvgeMFQLnDX/N mwFKYXS+w1SDK2ZNr0D9SxhdNLidpFh2rHNlRgfoXsaQKpnEQk8J4YmcICNLvsA3Dp1cW6 ARRpPKCtQQLxFEitil5x1Y/iGTRG7uA= ARC-Authentication-Results: i=2; imf27.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b="UQ+m/DXR"; dmarc=pass (policy=quarantine) header.from=amd.com; spf=pass (imf27.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.220.60 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com; arc=pass ("microsoft.com:s=arcselector9901:i=1") ARC-Seal: i=2; s=arc-20220608; d=hostedemail.com; t=1697463225; a=rsa-sha256; cv=pass; b=k/g6mQDWDTOVfL0Efo8leqwBzrwWqZjwHoM8lh1q1lms8R0/94EVaA6aLN1gBowrNtGvYA yb7FflWmomlRR1seN98egdrMt2C2JVe/5NXJYsECLSSG4nZm/a2GKO7gTJYiLddaSa0FLA 5waFTH4tvyXCejqpPV5aQ+QZvE7Rwg8= ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=PAi2buTiq+H/izJ5fTh9M/590/HAlqHbRsPLPVoHoFsuqHMpdJvFCNeJKMXgUzVeEnl3ex0RmtnV2bfRJ2JAXEGLxVLBWAS5kow2dEOniO++UYTYfIpaKCwk/R3nybC4/bz9BMYUXt7TLVPUtTVi4aZg8McoSTsXFTFCqjxfWnvoP8XXWEwR7Q/3fuRz7AGNUzf+XmJViN1ufEpmTXThR0ZCcfqAw+4jNoSD7FZgcqR9gcLWPLQ6Y7RF84v5cdag7j0nV7HH2g+ygFkYvuUQWBxNrmCmSLlE8aO5zVS80F4FJokCaDBJmDYTgkpC/jyKUgdw+XZN5s63X0j+oNZThg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=lXcQILof/l/QK7fWQXg1rZMQQPkO2ffgeXV/f0lvuGE=; b=dOlrx26Lz/9XO/jh9T3olTyLeX45bHVRdbFRj7HLuwaJs8a+qGzDZuPd3JcbAanKuizmbR/AXzpqkLVob+9C8T5CCa9Zmo2ZQmx0Siu6KSNxFHcfj1yTi9fDx36k27LMWbhfKGxYwuWE5fiC7anI0q5/sKKBxaOt+iq8UEtN/P6kXJ6iWFUImaW9+Na0v7GaHN6CCvI5Ld33XYLyfseF+hbNddUHZA4CUyiSuq0dNlWN+j8BtjlmnlDyWfgEWxYqPk2sp7OW2KLaXFv9bt5YKAXL1epXV9ZAJ6bquxHBHuP0NMDmwDw7UkOigQASq7EDWUNJsOVaEmoTUiDIpBM2ng== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=lXcQILof/l/QK7fWQXg1rZMQQPkO2ffgeXV/f0lvuGE=; b=UQ+m/DXReuJWwVnSZqfEaxaaS/DT4PGmu4UtpHyYuygWqsRJAzl55pd2kOO++G5X6wKYGE/2mWfuXtbQQh0kBchiuqaqnUKVQwbRgDPV7FM/tX30wJEjleAoYT/nF4Ur5k/eJBPiQoXNDdNtskZv9k6S8Sk6iPvkJIormAUzujM= Received: from BYAPR06CA0053.namprd06.prod.outlook.com (2603:10b6:a03:14b::30) by BN9PR12MB5353.namprd12.prod.outlook.com (2603:10b6:408:102::15) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6886.36; Mon, 16 Oct 2023 13:33:41 +0000 Received: from MWH0EPF000989E9.namprd02.prod.outlook.com (2603:10b6:a03:14b:cafe::49) by BYAPR06CA0053.outlook.office365.com (2603:10b6:a03:14b::30) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6886.30 via Frontend Transport; Mon, 16 Oct 2023 13:33:41 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by MWH0EPF000989E9.mail.protection.outlook.com (10.167.241.136) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.6838.22 via Frontend Transport; Mon, 16 Oct 2023 13:33:40 +0000 Received: from localhost (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.27; Mon, 16 Oct 2023 08:33:39 -0500 From: Michael Roth To: CC: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , Brijesh Singh Subject: [PATCH v10 19/50] crypto: ccp: Add the SNP_PLATFORM_STATUS command Date: Mon, 16 Oct 2023 08:27:48 -0500 Message-ID: <20231016132819.1002933-20-michael.roth@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20231016132819.1002933-1-michael.roth@amd.com> References: <20231016132819.1002933-1-michael.roth@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: MWH0EPF000989E9:EE_|BN9PR12MB5353:EE_ X-MS-Office365-Filtering-Correlation-Id: d08bd776-4bdd-4783-3ec1-08dbce4c82bc X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: k5ni9QG62QhO6o74mEm1Gp7OruyYUd2gjPYuuqRf9ZEDMmQJpDFu46Ld+6oHdKATJw5G0qM040mtNevV23pecK8eq426fEgEC0DBeEzchndd0QaIKUb2FPhCDvdsEVLJuPdnUBOSWCafXVoujCkFv3vix25i/lvXyN3WCL2N7MeQWPg/aW/Mdg3Ccpk9niKgyDr5zxgZOX5F/UT17RrF2sR7MidzgfS/AfdkUwphXvl7E53eRhraAxmJBXX3RVZGdPj60P51ZhyEwhz8chRVJfz8+x/FwWIeJWhf0EdcQnOFxnOZZnd4NSuEZul4c3UeuONhq8+6iwHJD7QHgr31LvgUVG6AUWv2wBvZ7YUsnjJBAEKY9bOxxuWXVP7pBoOgdC3DaFh31d467fPFTzEF2cxEEFuAPAYVx8LTpCFNd4jV7iZjcyvL28RVAa0npzMV7PQM1KifRDrsgHXhDKHfQyCCsKs3h0wrolbO23vcv+MWQVYdwZhWnD0Ux0t9XPSJ/ROh1sUyvtUh4wADNFo00k68u4mVGqdipq4SEVRYxmlXM75wCcCfOs+F5xiGPpqjuCdtHSCJwNFESej65QseaLN7RiB2zsgx8JZqGoPNbt9XlSlVs9g1xNSxy6Djud7evNrnoiI/c+5YOgXWEQ4DD1npyP9zUQZv4XKz63mr7hCEndDdVprkoWgU024n0vsXC9LCEFyWPEepQA9QP+2EazMdbuolBInzX1M9kG59njGTAvowAODlmr9zVJBGZQS1X7kHVARFiYFbEquFZKlQyg== X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230031)(4636009)(376002)(39860400002)(346002)(136003)(396003)(230922051799003)(451199024)(82310400011)(64100799003)(186009)(1800799009)(36840700001)(40470700004)(46966006)(40460700003)(40480700001)(82740400003)(356005)(36756003)(47076005)(36860700001)(83380400001)(6666004)(16526019)(26005)(70586007)(70206006)(6916009)(54906003)(316002)(478600001)(2616005)(1076003)(426003)(336012)(41300700001)(44832011)(7416002)(7406005)(81166007)(86362001)(2906002)(5660300002)(8936002)(8676002)(4326008)(36900700001);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 16 Oct 2023 13:33:40.7705 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: d08bd776-4bdd-4783-3ec1-08dbce4c82bc X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: MWH0EPF000989E9.namprd02.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: BN9PR12MB5353 X-Rspamd-Queue-Id: C65334000A X-Rspam-User: X-Rspamd-Server: rspam04 X-Stat-Signature: xfwu1kodk8i9wjy1jxxsboigd85wa31k X-HE-Tag: 1697463224-185117 X-HE-Meta: U2FsdGVkX1+rQ7uiWEWhzlU/GEjTTM0zE9GEFYo+Llo+BSnFugY4NnZZjjaYi76BfkGvUemjS68yYL3lNVm/U0f5In7Bq+Y4CliK/A4KFnOdwSHrBP22liJPMHLT91gUYM7pYlEcVf7OmPJKKC+uFKM6cpJ8qT4eYXo0ZsI8uYAllgKAMKLWIq4AATR3Huo+gn6DhJ0xrleJY2l4mFZAlNaJopEouYe6RCmHD6P3SOYXy7ojV0D7PfGzFzGS8EFTOnJzSEiXJ0aL0pcuafn44TyeE/EQjUjKJ0cGQ1fovfuVtX4dTDKd9HTeTJwi/34piGv9dev+5xdJGKWI7BhGtXxpfwXiGd1EaiOIoZH7FcHntZyxvaCXRvuTku0B+vVfnGYs9qyGH5sgSZCvU+QeEXvC1JA5nF32KtiHbuNLsRqtzv+hv4BJnfi2gONwLGIg1+J5S8HZd8JRk3GriryCNubfuUvKpxupEtZRY2w0ZdcWBuhDGoZZEG6vZSZp7gDwc5tk4UF3E7gtwuAYyW18G8kmYXU4kBs5yoRdXhcl56O4ZZ7Ob88Y7VmUn3v9Gjo/pepxdMBBP1weBLeRsfM8g2X6QlAMJBMFeHEatGQsPT2EHagp6C/MLs60tJwZGJR111VpGco4GGRLOIG7YBx8AY0boqI7rxpcZfqVOeriCayP0inRtrstWSYzbFOcSK8bVXVncnaATjLdd8nC5j/wjtlEYWFGCzuICbuEUEf9a3QVOvedQvHXHr328Ep30GLdtPDDza5TArlUruKpTpEwbJnkzmDvjqA3MpaHSo5WvTpUzQkz+/bl2Rg57YDe3ntGunSDs8majz4DX0LCa37qrAVGTl6gHtLSIOyu2vhBxcC4HN/qeoLtQ3bp2tBbYQJSyIPyFQgTGjwXXRBVCOqtJGgz2OIUn+PtRv7Nz51z78DknBK/SRT7m0DF0BsLMC4SdLaIY0Vp6XciM5Ft2We evpxu9yz AIGEUMyXIpA+izBWEVOWSrPDO8ArCp0WlpSMPzBvF1cbItIkpaCvT0if08BiJWVNH+YRzQWAOeop9wj67sfI5etTLz2WzePTVXCu2DhRJRPUzRd+aDrzqfVvimy/kJyWyo/st/ezZLaRaRLzdP2ver/4NYODHA7oqJcW1p9DXBNiGXtTdzO56SDh0vJ2n0BymLaLvAyNMCLMcBFEsljY8XOFlDl+0P31FqUwuWvljZgkdXRjO4PS8kUIeW5FOyjQkkf8L2N+WdwJBhJMTEJmPuYu4tADekMrWa2JEc+E/W8Ui54IqSHOZD8rPi7eEZAAy0k2ECG7vglMP+yBA4n7n1cw29Az8QIcZKOaYI1AQ71M3576c8B+7DSoulST6EyfSNwNT X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: From: Brijesh Singh The command can be used by the userspace to query the SNP platform status report. See the SEV-SNP spec for more details. Signed-off-by: Brijesh Singh Signed-off-by: Ashish Kalra --- Documentation/virt/coco/sev-guest.rst | 27 ++++++++++++++++ drivers/crypto/ccp/sev-dev.c | 45 +++++++++++++++++++++++++++ include/uapi/linux/psp-sev.h | 1 + 3 files changed, 73 insertions(+) diff --git a/Documentation/virt/coco/sev-guest.rst b/Documentation/virt/coco/sev-guest.rst index 68b0d2363af8..e828c5326936 100644 --- a/Documentation/virt/coco/sev-guest.rst +++ b/Documentation/virt/coco/sev-guest.rst @@ -67,6 +67,22 @@ counter (e.g. counter overflow), then -EIO will be returned. }; }; +The host ioctl should be called to /dev/sev device. The ioctl accepts command +id and command input structure. + +:: + struct sev_issue_cmd { + /* Command ID */ + __u32 cmd; + + /* Command request structure */ + __u64 data; + + /* firmware error code on failure (see psp-sev.h) */ + __u32 error; + }; + + 2.1 SNP_GET_REPORT ------------------ @@ -124,6 +140,17 @@ be updated with the expected value. See GHCB specification for further detail on how to parse the certificate blob. +2.4 SNP_PLATFORM_STATUS +----------------------- +:Technology: sev-snp +:Type: hypervisor ioctl cmd +:Parameters (in): struct sev_data_snp_platform_status +:Returns (out): 0 on success, -negative on error + +The SNP_PLATFORM_STATUS command is used to query the SNP platform status. The +status includes API major, minor version and more. See the SEV-SNP +specification for further details. + 3. SEV-SNP CPUID Enforcement ============================ diff --git a/drivers/crypto/ccp/sev-dev.c b/drivers/crypto/ccp/sev-dev.c index b574b0ef2b1f..679b8d6fc09a 100644 --- a/drivers/crypto/ccp/sev-dev.c +++ b/drivers/crypto/ccp/sev-dev.c @@ -1772,6 +1772,48 @@ static int sev_ioctl_do_pdh_export(struct sev_issue_cmd *argp, bool writable) return ret; } +static int sev_ioctl_snp_platform_status(struct sev_issue_cmd *argp) +{ + struct sev_device *sev = psp_master->sev_data; + struct sev_data_snp_addr buf; + struct page *status_page; + void *data; + int ret; + + if (!sev->snp_initialized || !argp->data) + return -EINVAL; + + status_page = alloc_page(GFP_KERNEL_ACCOUNT); + if (!status_page) + return -ENOMEM; + + data = page_address(status_page); + if (rmp_mark_pages_firmware(__pa(data), 1, true)) { + __free_pages(status_page, 0); + return -EFAULT; + } + + buf.gctx_paddr = __psp_pa(data); + ret = __sev_do_cmd_locked(SEV_CMD_SNP_PLATFORM_STATUS, &buf, &argp->error); + + /* Change the page state before accessing it */ + if (snp_reclaim_pages(__pa(data), 1, true)) { + snp_leak_pages(__pa(data) >> PAGE_SHIFT, 1); + return -EFAULT; + } + + if (ret) + goto cleanup; + + if (copy_to_user((void __user *)argp->data, data, + sizeof(struct sev_user_data_snp_status))) + ret = -EFAULT; + +cleanup: + __free_pages(status_page, 0); + return ret; +} + static long sev_ioctl(struct file *file, unsigned int ioctl, unsigned long arg) { void __user *argp = (void __user *)arg; @@ -1823,6 +1865,9 @@ static long sev_ioctl(struct file *file, unsigned int ioctl, unsigned long arg) case SEV_GET_ID2: ret = sev_ioctl_do_get_id2(&input); break; + case SNP_PLATFORM_STATUS: + ret = sev_ioctl_snp_platform_status(&input); + break; default: ret = -EINVAL; goto out; diff --git a/include/uapi/linux/psp-sev.h b/include/uapi/linux/psp-sev.h index 48e3ef91559c..b94b3687edbb 100644 --- a/include/uapi/linux/psp-sev.h +++ b/include/uapi/linux/psp-sev.h @@ -28,6 +28,7 @@ enum { SEV_PEK_CERT_IMPORT, SEV_GET_ID, /* This command is deprecated, use SEV_GET_ID2 */ SEV_GET_ID2, + SNP_PLATFORM_STATUS, SEV_MAX, }; From patchwork Mon Oct 16 13:27:49 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Roth X-Patchwork-Id: 13423271 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 84600CDB465 for ; Mon, 16 Oct 2023 13:34:10 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 27D2C8D0079; Mon, 16 Oct 2023 09:34:10 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 2065D8D0001; Mon, 16 Oct 2023 09:34:10 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 07FED8D0079; Mon, 16 Oct 2023 09:34:10 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0017.hostedemail.com [216.40.44.17]) by kanga.kvack.org (Postfix) with ESMTP id E817E8D0001 for ; Mon, 16 Oct 2023 09:34:09 -0400 (EDT) Received: from smtpin22.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay07.hostedemail.com (Postfix) with ESMTP id C30C1160974 for ; Mon, 16 Oct 2023 13:34:09 +0000 (UTC) X-FDA: 81351418218.22.B411250 Received: from NAM10-MW2-obe.outbound.protection.outlook.com (mail-mw2nam10on2053.outbound.protection.outlook.com [40.107.94.53]) by imf24.hostedemail.com (Postfix) with ESMTP id B12C918001F for ; Mon, 16 Oct 2023 13:34:06 +0000 (UTC) Authentication-Results: imf24.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b=suN6sdi9; dmarc=pass (policy=quarantine) header.from=amd.com; arc=pass ("microsoft.com:s=arcselector9901:i=1"); spf=pass (imf24.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.94.53 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1697463246; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=wsAfKNMAPFhTgdRyhK+t5rk/oQLLqXKvgTPOydWXrvk=; b=iYjJAqVGyHDfiXoTMwOfJ9jIvwMKuWTRxy3Nn8FNqgGYQ0m9BVlKKHmyzHea5rVa+rcYTo /HgGOAzBE8xwxeYQYc+a6qZB01cV7oUTq9htserBvASolte3RJiVewRX3AKtskV1cGC5oo hIJXfJ90a5NDY+HIGrCzK6KRolGRxyc= ARC-Authentication-Results: i=2; imf24.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b=suN6sdi9; dmarc=pass (policy=quarantine) header.from=amd.com; arc=pass ("microsoft.com:s=arcselector9901:i=1"); spf=pass (imf24.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.94.53 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com ARC-Seal: i=2; s=arc-20220608; d=hostedemail.com; t=1697463246; a=rsa-sha256; cv=pass; b=FCPMaj7PtfPZqvODfzfY823IAKzrufmFhWyZk8bQ3/1Za1Bl6ur5wCONrYqPewY1p4rbxW AN/Qvgd9qgZSEaGxLsDc7waePac/YabScCyE8M7q1Y0x1oqiz8tPmZDhaGcQNX5LYfjTxf TsXuSnD12/mOsxXNiA8aaArP537HgUM= ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=WT3EnXEn88VbDl5+qAV9Xuc5J6aFadnjZ2CPBpc+a9s0yq+gls96fo7jIcYXqLZICKNR8l4/SuFennUcJbb/1aMRa1fIeOdD44jS1Onkuu+Qeb0/tzZac9EojJqLpbUFRhnAXu/vplzABNfFHnNs8LqFpcCLSTQQTEaANBn9WUlI6KaEKx5BlbYa7kLREgtyFDhxnuh2PBVgkEDpx26b1v9G6zgsmOuFnGMnF6AQGX6cBZ9+C6eH0pHNSrPVpB12ZOJLIAFW4DkbCk0luCI03ys0IH+0enrzaz7D4rxhSAEXwcPpzux1bd+4fntaf9lmHxchy915FXxefg+/SxBPxw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=wsAfKNMAPFhTgdRyhK+t5rk/oQLLqXKvgTPOydWXrvk=; b=f8wAve2bYczAN73Pf47eqyTFwOeKhdb4WZMT6ClSuBS7FwBjFfqaSyUoAViBJG9vCWu1JNrYnrv6iMB2szhCbuMaywQFbZ4xdhviwLpStv1vbGHHi1CabyFk1u21P/PzO+ugMKB6XxuiGvEstMnWJTgCEDIN1wfIcdzFpozwCeS7rZ61sLUt4CRJhYl6Xup+h3Vz4vCq7VaCZTZy7zsr2Ql+cYzgiZFCLC7z9UvEO0+VbiX9bQc4RwLPA/d5gTOt4lHgmfqovP8B7/506abl0df14C1RRzoRMopdmmMohSWf70g1MsFEhHeI/ToFxoCSHTHIPMt+INpcGxOTT3SfKA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=wsAfKNMAPFhTgdRyhK+t5rk/oQLLqXKvgTPOydWXrvk=; b=suN6sdi9dmnU4yOmo+0lMVpySg9oNSHiBZkemMRL/nBIIFLB3Q+UHiD9NXZoliaezapXyvnzhn7Tw7mKrSwpH+xxwEUywiGbI96pvS4g4tIXexlefQZFfVy6APiSP+FRvA9pXxZYT88H9Vkt7W0Z9yP4FoEfnadh//oLgFA013o= Received: from CH0PR03CA0023.namprd03.prod.outlook.com (2603:10b6:610:b0::28) by LV3PR12MB9331.namprd12.prod.outlook.com (2603:10b6:408:219::21) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6886.36; Mon, 16 Oct 2023 13:34:04 +0000 Received: from MWH0EPF000989E6.namprd02.prod.outlook.com (2603:10b6:610:b0:cafe::12) by CH0PR03CA0023.outlook.office365.com (2603:10b6:610:b0::28) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6886.35 via Frontend Transport; Mon, 16 Oct 2023 13:34:03 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by MWH0EPF000989E6.mail.protection.outlook.com (10.167.241.133) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.6838.22 via Frontend Transport; Mon, 16 Oct 2023 13:34:03 +0000 Received: from localhost (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.27; Mon, 16 Oct 2023 08:34:00 -0500 From: Michael Roth To: CC: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , Subject: [PATCH v10 20/50] KVM: SEV: Select CONFIG_KVM_SW_PROTECTED_VM when CONFIG_KVM_AMD_SEV=y Date: Mon, 16 Oct 2023 08:27:49 -0500 Message-ID: <20231016132819.1002933-21-michael.roth@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20231016132819.1002933-1-michael.roth@amd.com> References: <20231016132819.1002933-1-michael.roth@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: MWH0EPF000989E6:EE_|LV3PR12MB9331:EE_ X-MS-Office365-Filtering-Correlation-Id: f63d2624-af08-4c51-2777-08dbce4c903f X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: hQIUvsCU4k8v4G5jN9HSHJVQLA/rQk1bBWq2rc5btrIDxdOuWHDDW8gTYbg7Gch+9L7/I+v0607Gu+B98c/P7xTJV5UbuDe4nd1CwowLID47d+4RCAKbhzsLttwWf4WoNryw75TEVA6Ab/fSStEgKNjdufBbyQ5xM/d4NLqJlfgaOyhhpj0Ts2SpdQzgNxJ/b/r6+P/al9qJgE+uHHCgjbFs+DCV9nvDAomCe8QOTHPoNSvmKKOohEbMsBv3ssmxktmeOkuXBB3YnztlqxbTTT4Fnsiz5friA2S5fQwBUZ2B4eEPmmarK3Z+S1VqHMj+2kZ3l13KZ7U7bNKzFZ84iSqOjNG+92ScSbpLfMVH29EHAiR1Ural6k+6GlhniGgZH4bhtbHAMBno7ePQRv9HaJh9JgnBfvhYxCRWvmn2tjAfdCq9y95W9BQM8q8HeYh8XcHdq4MFPEyeTNyqpvB8jmy+xxcqZZYt66CxzJU9OaxacqsoXRsFvXtGexZ+hnHgdYSBqjyD1nGgMO26TBBCaQtWv5ek1d2WSjNBMQmvQEajXNLeSUYWxmWhEkz0EjfO3zT0vOllkU7TAHfezpACSsLeB9+e+Z+IRa10hdXPFCusZczDqR/KRzzFQu3YCEWNUfYT9htrh+hfNcxbSFqdUJMDf57mQcp2YR9DULXy3uYraBeE1zN6/8g4hhPjMAT1k9VBQA1keziIXBPOAze/k7BFKSDYMiQgHV1a3tEgr+wvKdIbgvob9t9N3Hfma0zavQjoHYgNofOL8cnmcM2+0A== X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230031)(4636009)(396003)(346002)(39860400002)(136003)(376002)(230922051799003)(451199024)(82310400011)(1800799009)(186009)(64100799003)(46966006)(40470700004)(36840700001)(40480700001)(5660300002)(44832011)(40460700003)(6666004)(2906002)(1076003)(26005)(36756003)(336012)(2616005)(16526019)(426003)(4744005)(356005)(81166007)(86362001)(82740400003)(36860700001)(47076005)(7406005)(7416002)(54906003)(316002)(6916009)(70586007)(70206006)(8936002)(4326008)(8676002)(41300700001)(478600001)(36900700001);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 16 Oct 2023 13:34:03.4232 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: f63d2624-af08-4c51-2777-08dbce4c903f X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: MWH0EPF000989E6.namprd02.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: LV3PR12MB9331 X-Rspamd-Server: rspam09 X-Rspamd-Queue-Id: B12C918001F X-Stat-Signature: np4q1ox339he3j7dfhjdfpbdi53x3mfs X-Rspam-User: X-HE-Tag: 1697463246-873946 X-HE-Meta: U2FsdGVkX1+OpBMkfoD1VW8KHlZV/MPKAst6O6lP2Im4qWDQZPO7L11HnPnm6ana/oVe5FQ0d26OZbjoSYEB6glXsbMiwk0sZNyD9On31JO8Sm2ZpUySUrzFVYi679tgJfBlZAjMV/p55Na7BBwBtF0xYMRSdU+dJt5mm/QYeO74It0Uj11ehE0yBrfE0fRgG5NGJMuIMkFlhf62yeIqK+dk4rpc/lDE4hLotW/s8mooA+SbZeCItnE3WCviowMGlbi2QMXOQBnKEoxYmeYIweH3Lxng065GRZZshO1rdVrIVQbQKX2FU+OW8DD+sVQk5AcAh/4JiOFKz4e1zQjp5poW6KLhqRTqn35w5wcpGiaxeoW96S1E7KAMVcD8TOA/Err3CT+6eK8fjU/hPIzOXHsCv5JqSf0EYKS9MYibWfQLql9dHOvcqMsHFXEzExzENafNl6cXmlX9xfQg4P/gjmreyLEYiMExP/9FZUx4DtMnXsxuRg3AC/YAaqO0J2eCP87RUBbkraYt2lB/2XFy0XHNpk3AVOTT7iIilssP96oLFlxh1YzLm/0izVlF5Zpbz9qKuLZuPBe5m/+v5HewBWE4Nwp6qeZEZqxgXFwYPG+X12uTxtqIXxbFT1K/4DmBK5gITrY1KH66vNnFVn83vViykYXuBUObgKGuvihXulq54ZLsx+nnGBX50lrHvqbfnF0TN+rYMdfvHUcJ8r2JokKhvCymdLZ/j5I3KN5cU90YRktic1HX2vImZnk49sRPn54qqCznAQIHWTTUFmdnDBz7VXefPTTLDn/r2Veog5nCCIXM1G7ZJkmpw5qoEgOyWCJEL0jZTxX2Z2G/mc9EUyBn2suAybK5k8FvOEd7ZcvzdtOfDoZHGl5KibMTW6Qb0lSmZw9ic6Xg4QP37NUzvzWwQtVNPbhUTqADB4TMkrL7cUadx5NijiAQzCcykWuoZi1t2x9XK9JP42j6eDG MNvRJzn5 nl39bbXaf1h9UnENtSySR0IRXrx5YasIjdMU5qxLVa18gYSn7O0z4dpp2FbqhNhyi15Be+eNrw9mkAR4isgERwIIx3RCU2ijAXQWtz36lwX02M95A++SesZwQxOvX7bKiVaZ0AAwCtAF1nYN2Ij+IjL6q316lDuZS/MU+1ksDNnUQ0aHxeg4dRgRmJ89zm4ecuaRqouo4OYEr4tAgkJx5knmEWoJ8fQ6O2IL09gSN+zT0ZcCr05GRhKX/hbx2Kh1hCayZ5PM+rygUgvMi1sMyWdUK2UI20zeEFc2qO5Ne1IQ9on5NpYCjQR0N021hNhjbdAXZRDhhqQ+M/vK6itCsuZvpDo80ZIEH+v5thgyt3dhxW6NIbEbXU1BKO2yTs3mJOKTa X-Bogosity: Ham, tests=bogofilter, spamicity=0.000005, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: SEV-SNP relies on the restricted/protected memory support to run guests, so make sure to enable that support with the CONFIG_KVM_SW_PROTECTED_VM build option. Signed-off-by: Michael Roth --- arch/x86/kvm/Kconfig | 1 + 1 file changed, 1 insertion(+) diff --git a/arch/x86/kvm/Kconfig b/arch/x86/kvm/Kconfig index 8452ed0228cb..71dc506aa3fb 100644 --- a/arch/x86/kvm/Kconfig +++ b/arch/x86/kvm/Kconfig @@ -126,6 +126,7 @@ config KVM_AMD_SEV bool "AMD Secure Encrypted Virtualization (SEV) support" depends on KVM_AMD && X86_64 depends on CRYPTO_DEV_SP_PSP && !(KVM_AMD=y && CRYPTO_DEV_CCP_DD=m) + select KVM_SW_PROTECTED_VM help Provides support for launching Encrypted VMs (SEV) and Encrypted VMs with Encrypted State (SEV-ES) on AMD processors. From patchwork Mon Oct 16 13:27:50 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Roth X-Patchwork-Id: 13423297 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 2836FCDB474 for ; Mon, 16 Oct 2023 13:34:58 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id C41548D007B; Mon, 16 Oct 2023 09:34:57 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id BCA238D0001; Mon, 16 Oct 2023 09:34:57 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id A6B1B8D007B; Mon, 16 Oct 2023 09:34:57 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0017.hostedemail.com [216.40.44.17]) by kanga.kvack.org (Postfix) with ESMTP id 97E668D0001 for ; Mon, 16 Oct 2023 09:34:57 -0400 (EDT) Received: from smtpin30.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay03.hostedemail.com (Postfix) with ESMTP id 65594A0916 for ; Mon, 16 Oct 2023 13:34:57 +0000 (UTC) X-FDA: 81351420234.30.6FCEE72 Received: from NAM04-MW2-obe.outbound.protection.outlook.com (mail-mw2nam04on2067.outbound.protection.outlook.com [40.107.101.67]) by imf17.hostedemail.com (Postfix) with ESMTP id 4682740016 for ; Mon, 16 Oct 2023 13:34:53 +0000 (UTC) Authentication-Results: imf17.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b=SV0mMhEd; arc=pass ("microsoft.com:s=arcselector9901:i=1"); spf=pass (imf17.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.101.67 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com; dmarc=pass (policy=quarantine) header.from=amd.com ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1697463294; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=AE4GksiataJH38qe5d8aubQhmfPm1P38EUM2AdHOb10=; b=qFip2AqlAm+LHYINV7NfUCWXBDU3QYN9ddQvMdGav6qprBUkk+G+djm9MzOxOUzAYjN4/A W18GCd2fQA2phJBofGw816IXqSs41J/41JAs0X20NrRvrjF1hcuFw+XMDpeJ/sjY4eYggl j42sWslKhlJF2whBwJk+fJMsC+b8XwM= ARC-Seal: i=2; s=arc-20220608; d=hostedemail.com; t=1697463294; a=rsa-sha256; cv=pass; b=pQzoPE22YfDA2blV7VGDk4QUjp2OhahjtlMUKwol21S/opV7VaKReaatcrOMsL9zPMt6U0 kVLKb6ldhCnxoHRWnKvv0xDqfmYCC/xKBAeGA5zRzyB+/dC/0UICQb/nnwPkc784VRZ5Fa W8/paImBrv7/G7Hy8H9M5C9cWm8DOJY= ARC-Authentication-Results: i=2; imf17.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b=SV0mMhEd; arc=pass ("microsoft.com:s=arcselector9901:i=1"); spf=pass (imf17.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.101.67 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com; dmarc=pass (policy=quarantine) header.from=amd.com ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=ZPyDDeXog7cARI6NkEIBt3/xqvPPbGG588ySXcVgDK88cwheTqVYEqWSvxb/nrYbFjsEszujcyI0DT5K7UFBPGteKEmzHzClqbs0AZ7hFWeRNFjI2WBMHH4gA0Z1yk2Pp7WL/PdiAwEspKCFaOJw09cPw+qFxfcHOPp7ctdhHd5/CxbFOlmx2JCHfXfaWtTUZptACQCpZ63kzdgG/jttGDUEkJXOrwDqy+NuBzI4CNtYjOWHR0DbScVgTz/gVd38JxDVdundsDjZqcdTcY4HwclU5lCAatHkGCatN9hQynuSL1lBP4EAobVVsHxpjY9RUHpo56+QykmBCQxSDfADug== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=AE4GksiataJH38qe5d8aubQhmfPm1P38EUM2AdHOb10=; b=bsm5pBEJdQK+cm69S/MbCHQh3MDuSK6KWa2WqRNKyl9DTyHQ1JAlicQLIU9q3NalCDFDzszNZrcQzVflLRycytj4J0775Cj1feS40+dSsmMcxaviF+l/TbMSONdD7P+WsI6GppMhj0f7Z9dp0CnGpiL5J5YhmpoJRuvLbAchQ2DWG95zN//Cweaa+wtnRaDOMNCfg9bXINWkBi/xg2OFl6AxvYt8dgajgpcbib57241uPHaJeVR+11jDxY8zhotnA3+U63i6ixU7F8FLg8R3Juzbj662AfbxKOCk68olRYNTw3g93R702lGHJl+qM44Q6z3kBtS+IqfMVzlmAqYrNg== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=AE4GksiataJH38qe5d8aubQhmfPm1P38EUM2AdHOb10=; b=SV0mMhEda7j4gpGqqwEk8VaNrVADgt16gpOjgDtUwjIiE9igk+2Tg+Fzq3rJ9O88OeFnQ9qPy+bFNiFE1PSstDQOfO7Viz2nfjNl8R87HTIVV46ciEKD75qaOEclHlGViyPEVQkoW1UQY1WbbcdTu00sbSMjxg9viGH7bFNX+7Y= Received: from SJ0PR03CA0003.namprd03.prod.outlook.com (2603:10b6:a03:33a::8) by CH2PR12MB4087.namprd12.prod.outlook.com (2603:10b6:610:7f::21) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6863.37; Mon, 16 Oct 2023 13:34:48 +0000 Received: from MWH0EPF000989EA.namprd02.prod.outlook.com (2603:10b6:a03:33a:cafe::de) by SJ0PR03CA0003.outlook.office365.com (2603:10b6:a03:33a::8) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6886.35 via Frontend Transport; Mon, 16 Oct 2023 13:34:47 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by MWH0EPF000989EA.mail.protection.outlook.com (10.167.241.137) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.6838.22 via Frontend Transport; Mon, 16 Oct 2023 13:34:47 +0000 Received: from localhost (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.27; Mon, 16 Oct 2023 08:34:42 -0500 From: Michael Roth To: CC: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , Brijesh Singh Subject: [PATCH v10 21/50] KVM: SEV: Add support to handle AP reset MSR protocol Date: Mon, 16 Oct 2023 08:27:50 -0500 Message-ID: <20231016132819.1002933-22-michael.roth@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20231016132819.1002933-1-michael.roth@amd.com> References: <20231016132819.1002933-1-michael.roth@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: MWH0EPF000989EA:EE_|CH2PR12MB4087:EE_ X-MS-Office365-Filtering-Correlation-Id: 7af4c1ff-5b88-45e6-9ba7-08dbce4caa76 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: CN2Dvujy9XcXqhc6fvW9EZRgl7qxIdsZcHvQu5956o5OtpLd7oFCCaF6fvoivV3a0FktGoTpYNbq95kE/MWwy0hx7jeBJVtDiTc9mDwcQormLQdvuEgYF4XNEFT6fDsxbn6d7aNJ2/KiirGMwcNimE9honQMjrVoIb+5W1QTUkg3M1I+6Pvp3RpTSoKqongaHypQAoU/F2J+FCUkrdZfNMJKwK50LmPuCTNtyqpKMtUbs1OUwzkBZZYpVERQ/D/Ok/WaMYZkCjGqWsC3MllUlKc5HP8wCbBKGmAI3brdSzLgSaFItXUrdHewunm1CJVpME5acJntlG9OYNODIn95/gmA44zGHnf5bXnaeU6kdyvoVYA36XM69zF3SSk/QKPyEXEHSXLnLaMN1Y9MnlLyoAHwkT0JwL6d04fbb/O6vIqnlimszyfOoWKg2taRPN5rtA8wvy7FKooaeR8iPERJMf/wHQBCTfA5NMb9ueiCE3giwZDL1+PMHN2D18elYKyeyMyzP3yVpclb3vv+gARQ+c++O0vLaq64llJ2EtmLFUN+B42XGlhPt6Ga4bpEFPs5fvoID8H5rbm5SOs2amktRE+h7U8uCSe2JsDoBCw1jV1ROnuTrIEG+NBoMnybY0tKlGl1k6DniPWGc7CdIUefDpS5YBsz2dQVRv8X7trieGrVDdSVV6j6yhcjGLDmEqJFxle3CI+iTKbc2DkkrLj+83zWcK+GW1E4nHQQ+ABneobTa+9rMqU7FHLLpcrAX7hglsW08wsJ4Td5piVXovYNtg== X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230031)(4636009)(136003)(376002)(346002)(396003)(39860400002)(230922051799003)(1800799009)(186009)(82310400011)(64100799003)(451199024)(46966006)(40470700004)(36840700001)(40480700001)(6666004)(47076005)(26005)(5660300002)(40460700003)(426003)(1076003)(316002)(2616005)(54906003)(336012)(6916009)(16526019)(7416002)(70206006)(83380400001)(70586007)(36860700001)(7406005)(82740400003)(4326008)(44832011)(478600001)(8936002)(8676002)(41300700001)(2906002)(36756003)(81166007)(356005)(86362001)(36900700001);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 16 Oct 2023 13:34:47.4230 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 7af4c1ff-5b88-45e6-9ba7-08dbce4caa76 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: MWH0EPF000989EA.namprd02.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: CH2PR12MB4087 X-Stat-Signature: u3gz4nmx58aqiio6mcm1yzn5f8n1ahzg X-Rspamd-Server: rspam10 X-Rspamd-Queue-Id: 4682740016 X-Rspam-User: X-HE-Tag: 1697463293-282437 X-HE-Meta: U2FsdGVkX18feD0TnSHNr6rHCY3rF32Danuv2CA5bpeVXNhviYVAQQbiOitUYyy+OvhHm2PT6PhyJEu9ix13aRihMRAJ9IePnZarqnqTO51QD/LpSHvFy8S0/oy85t9VFKDyzRvHC7l16X3HOiUz7AnKOYbXOpBI4Vm8A0sMM+CeGACw+D5MfcXb2+LfyANjpXA4v4EwAyPsrLEcqzCA1KonmImXgBIPvsW/PMjQDc8t0/Y8R4msIddBs0pGSF3IQAVwOUpoHDVMg7h/mbpf/bDf6mrvRrx3ar1A7CjJuwAza7PV1UzqT5p/L26X5hG8r/pCRxxiT2GcZymnbGOWCP19djrUUnOs4gLHVTR9LgEc7Dmt5amPLJ2iW4OoC/MDpkwXLkldKM1drNSnXQ7mwNmehstM/Bdj/GIYtdI5NZ8epWV35cmn9auAqjIgSIMYUd1EAdafcjcNDeLaIdsvBMrHzeMpC4Aj0azvmUCecovziWxVsZuxEn28ePKrA6C1KztcQT+SIpYe7nr4Mf6hsLJyj11ax1y7kPPyiV5Fd6/fs9BQlkIwffMoWVWhGUgd/NKE6NEtEnQHvPJI5rhzDTN+gkT8L8y9n4BS6KkFh4FOFLHDdGPsQ3+4ekmoggyg3bSBgTcBZ1184b6FFO7XsSYoK2lhHfmiKGrs9i7fBEzlwyIKuykY5z/wW0XT7k9EdGan7sjMuUag7bfDtp5q8+DA+OtagMHXsPbyiUDly+fYp1432MNPH36O4HsNLQFlKhd3ZAgF4cmTxktIdR+XhGWRHB8uTfWoUz+w4I5JJXqfmFh4YI0bxDvN4QydzRa80Uq9MheK98g4TA/EOfdmBI2qIzI+lGjAJ5mEL/g3yMipHCH0aQT1n+Vm+ta7uoY2+GkAW8WiMAK6r3tqIOyz8iX/kkFqNNV0UJFwCHQdKU9Lr/iTD+x0sH2Ua4CC4cbFp1w8eL56BGOojeAeAae UM/fGA3A 3FhUz8nu5KcosstO6C8YIjW8MT5TH/NnFE+FEWM8y2Ad0kLt7m6zTE5TKe2Xx+mZvGY5Y1qLnFnU5IOQkfpckAG6syJvEwbn06FYhlpX23j2zNO6ZX8P072tqRHgI7IwhD2D9mKkaZroUysT1TU9ANtssLH3X2V1FcLor33ydjA57NsgRkNoQUaoPTu3/EBhYGqHBgQP3L49sCzwJ9b7nolwf5YZn1pcBxvpxlreBEnh6Y/TBUvtvXXFAE4tB85BFPNRPmsDYfL5bLyYxC6x+RR230cm6mC0xKYbZ2LGMWY2Cn5zaiCl32DnGLAQrCjvV+oOax6pNbgXX+5M= X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: From: Tom Lendacky Add support for AP Reset Hold being invoked using the GHCB MSR protocol, available in version 2 of the GHCB specification. Signed-off-by: Tom Lendacky Signed-off-by: Brijesh Singh Signed-off-by: Ashish Kalra --- arch/x86/include/asm/sev-common.h | 2 ++ arch/x86/kvm/svm/sev.c | 56 ++++++++++++++++++++++++++----- arch/x86/kvm/svm/svm.h | 1 + 3 files changed, 51 insertions(+), 8 deletions(-) diff --git a/arch/x86/include/asm/sev-common.h b/arch/x86/include/asm/sev-common.h index 93ec8c12c91d..57ced29264ce 100644 --- a/arch/x86/include/asm/sev-common.h +++ b/arch/x86/include/asm/sev-common.h @@ -56,6 +56,8 @@ /* AP Reset Hold */ #define GHCB_MSR_AP_RESET_HOLD_REQ 0x006 #define GHCB_MSR_AP_RESET_HOLD_RESP 0x007 +#define GHCB_MSR_AP_RESET_HOLD_RESULT_POS 12 +#define GHCB_MSR_AP_RESET_HOLD_RESULT_MASK GENMASK_ULL(51, 0) /* GHCB GPA Register */ #define GHCB_MSR_REG_GPA_REQ 0x012 diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c index 6ee925d66648..4f895a7201ed 100644 --- a/arch/x86/kvm/svm/sev.c +++ b/arch/x86/kvm/svm/sev.c @@ -65,6 +65,10 @@ module_param_named(debug_swap, sev_es_debug_swap_enabled, bool, 0444); #define sev_es_debug_swap_enabled false #endif /* CONFIG_KVM_AMD_SEV */ +#define AP_RESET_HOLD_NONE 0 +#define AP_RESET_HOLD_NAE_EVENT 1 +#define AP_RESET_HOLD_MSR_PROTO 2 + static u8 sev_enc_bit; static DECLARE_RWSEM(sev_deactivate_lock); static DEFINE_MUTEX(sev_bitmap_lock); @@ -2594,6 +2598,9 @@ static int sev_es_validate_vmgexit(struct vcpu_svm *svm) void sev_es_unmap_ghcb(struct vcpu_svm *svm) { + /* Clear any indication that the vCPU is in a type of AP Reset Hold */ + svm->sev_es.ap_reset_hold_type = AP_RESET_HOLD_NONE; + if (!svm->sev_es.ghcb) return; @@ -2805,6 +2812,22 @@ static int sev_handle_vmgexit_msr_protocol(struct vcpu_svm *svm) GHCB_MSR_INFO_POS); break; } + case GHCB_MSR_AP_RESET_HOLD_REQ: + svm->sev_es.ap_reset_hold_type = AP_RESET_HOLD_MSR_PROTO; + ret = kvm_emulate_ap_reset_hold(&svm->vcpu); + + /* + * Preset the result to a non-SIPI return and then only set + * the result to non-zero when delivering a SIPI. + */ + set_ghcb_msr_bits(svm, 0, + GHCB_MSR_AP_RESET_HOLD_RESULT_MASK, + GHCB_MSR_AP_RESET_HOLD_RESULT_POS); + + set_ghcb_msr_bits(svm, GHCB_MSR_AP_RESET_HOLD_RESP, + GHCB_MSR_INFO_MASK, + GHCB_MSR_INFO_POS); + break; case GHCB_MSR_TERM_REQ: { u64 reason_set, reason_code; @@ -2904,6 +2927,7 @@ int sev_handle_vmgexit(struct kvm_vcpu *vcpu) ret = 1; break; case SVM_VMGEXIT_AP_HLT_LOOP: + svm->sev_es.ap_reset_hold_type = AP_RESET_HOLD_NAE_EVENT; ret = kvm_emulate_ap_reset_hold(vcpu); break; case SVM_VMGEXIT_AP_JUMP_TABLE: { @@ -3147,13 +3171,29 @@ void sev_vcpu_deliver_sipi_vector(struct kvm_vcpu *vcpu, u8 vector) return; } - /* - * Subsequent SIPI: Return from an AP Reset Hold VMGEXIT, where - * the guest will set the CS and RIP. Set SW_EXIT_INFO_2 to a - * non-zero value. - */ - if (!svm->sev_es.ghcb) - return; + /* Subsequent SIPI */ + switch (svm->sev_es.ap_reset_hold_type) { + case AP_RESET_HOLD_NAE_EVENT: + /* + * Return from an AP Reset Hold VMGEXIT, where the guest will + * set the CS and RIP. Set SW_EXIT_INFO_2 to a non-zero value. + */ + ghcb_set_sw_exit_info_2(svm->sev_es.ghcb, 1); + break; + case AP_RESET_HOLD_MSR_PROTO: + /* + * Return from an AP Reset Hold VMGEXIT, where the guest will + * set the CS and RIP. Set GHCB data field to a non-zero value. + */ + set_ghcb_msr_bits(svm, 1, + GHCB_MSR_AP_RESET_HOLD_RESULT_MASK, + GHCB_MSR_AP_RESET_HOLD_RESULT_POS); - ghcb_set_sw_exit_info_2(svm->sev_es.ghcb, 1); + set_ghcb_msr_bits(svm, GHCB_MSR_AP_RESET_HOLD_RESP, + GHCB_MSR_INFO_MASK, + GHCB_MSR_INFO_POS); + break; + default: + break; + } } diff --git a/arch/x86/kvm/svm/svm.h b/arch/x86/kvm/svm/svm.h index c409f934c377..b74231511493 100644 --- a/arch/x86/kvm/svm/svm.h +++ b/arch/x86/kvm/svm/svm.h @@ -195,6 +195,7 @@ struct vcpu_sev_es_state { u8 valid_bitmap[16]; struct kvm_host_map ghcb_map; bool received_first_sipi; + unsigned int ap_reset_hold_type; /* SEV-ES scratch area support */ u64 sw_scratch; From patchwork Mon Oct 16 13:27:51 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Roth X-Patchwork-Id: 13423298 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 6A03ACDB465 for ; Mon, 16 Oct 2023 13:35:14 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 0F6FE8D007C; Mon, 16 Oct 2023 09:35:14 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 080568D0001; Mon, 16 Oct 2023 09:35:14 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id E63098D007C; Mon, 16 Oct 2023 09:35:13 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0017.hostedemail.com [216.40.44.17]) by kanga.kvack.org (Postfix) with ESMTP id D4E858D0001 for ; Mon, 16 Oct 2023 09:35:13 -0400 (EDT) Received: from smtpin15.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay10.hostedemail.com (Postfix) with ESMTP id 9FE19C08C5 for ; Mon, 16 Oct 2023 13:35:13 +0000 (UTC) X-FDA: 81351420906.15.63C47E5 Received: from NAM10-MW2-obe.outbound.protection.outlook.com (mail-mw2nam10on2057.outbound.protection.outlook.com [40.107.94.57]) by imf17.hostedemail.com (Postfix) with ESMTP id 7FA0040014 for ; Mon, 16 Oct 2023 13:35:10 +0000 (UTC) Authentication-Results: imf17.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b=5HD2mmZZ; spf=pass (imf17.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.94.57 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com; arc=pass ("microsoft.com:s=arcselector9901:i=1"); dmarc=pass (policy=quarantine) header.from=amd.com ARC-Seal: i=2; s=arc-20220608; d=hostedemail.com; t=1697463310; a=rsa-sha256; cv=pass; b=G08lAqroLl1HTmzvbhR04BSOWgS5DWJsjvKhG+b6KtSyEbUH1Hd6LXiRcmACWKWFhr1Y3t pDLOQt2MoOnIFOSpZq1F48wnjjAOE2PkHRbfDK/U85YkRendQs9rccJr8SIQUFdh7Q4aep LzxRF3qt1GoSDBwZp61J5FudaTHunfQ= ARC-Authentication-Results: i=2; imf17.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b=5HD2mmZZ; spf=pass (imf17.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.94.57 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com; arc=pass ("microsoft.com:s=arcselector9901:i=1"); dmarc=pass (policy=quarantine) header.from=amd.com ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1697463310; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=4RrXZlIvfGDBBifiC396TqziXB7qceYDwH3mF86alNY=; b=mmFyycK0rM75jHKwyCH2cTbRwoTZxwRyMg+EhfZEOZ90xXf1HD7AfMzIx8L5cJf+I/vj06 sQvSaf7jEfYOjyhykXniLRo7mLRv4RZmA1UVpqwfQjnH197gldoPObGnycPtgSJIG/4olO vtRkE9hYOfzBau7GdlrW8LFYMJgMLJ4= ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=biTCQeeeEbCa8G9YHtphd5jyCPv9k5KZnrbkvnyx3+zqz0l/8KYNFxd++Nmf1kmov5KicE6N3hJOb3tNgR+oUm6WIPxYCS5nnst06uTk0NdX5G+9lvxKIl0utIrHyooWmm8GXwqVKYDVbvPIiTS1TcWiMtUy/3zC6ijRh4pTgbIXjszxHPNT4nFPVR1ctUaMYhSez0sEwBa50Z0bHllEQYMF+rzdPq95OKHIZf0N1SLgkf0gZBabZOUg4YeFmcP3k4xaMoXVMUKozlVH/21NF7D9LOPZuEx0d00TSqkPqENGu3cAjWdOl4YVzgIVC5CBfGSOQ5did7YMq1fs6cqb2A== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=4RrXZlIvfGDBBifiC396TqziXB7qceYDwH3mF86alNY=; b=j923pFthXTaAEjuQ7u+bEhyPqNgHubXTA6ji3Sh5C9nkwmFjyhW0GGAy239v9ivVuV1vHKn0Z42MD0QDQx+eyzx1Ggo0v5DSwwBGkOJD+DZSH33Eshh4KS4zPwkyvE0J16UNgwgQ0wEOf40famIYfN7Q4F5J3miU7eMuAKCJH4TPqPXDFdmkQvu6DijY214CrKU+Ylhw8sUQ3KnwrFvODuFkPMAS7841zOtbTTPmUuQJTAclSGpKSEFqI0GKW8j4TN1cmSN4625rn/gaXQq83ofgMb/7pKl+OYM91SL7hzlgtr6upr4+U4tko9330Ip6YOxHHJSVJYB6gYijfBw4lw== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=4RrXZlIvfGDBBifiC396TqziXB7qceYDwH3mF86alNY=; b=5HD2mmZZs6AL1xBA68EY7Z1L1XG5lbVuY9WkoYO+/tE6BK/5LuzSArO3Zaaa29WL9AjYjf4tNTq2QRtd9UOwEvZdkrcOzT/MH8hKJxltO9pEF4gtc56vIaLnimm6PIFbCX2Oycs+MMxogD5DETXMjnG+P+775kx55KEdqJa19NU= Received: from SJ0PR03CA0026.namprd03.prod.outlook.com (2603:10b6:a03:33a::31) by CY8PR12MB7587.namprd12.prod.outlook.com (2603:10b6:930:9a::16) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6886.35; Mon, 16 Oct 2023 13:35:07 +0000 Received: from MWH0EPF000989EA.namprd02.prod.outlook.com (2603:10b6:a03:33a:cafe::2c) by SJ0PR03CA0026.outlook.office365.com (2603:10b6:a03:33a::31) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6863.47 via Frontend Transport; Mon, 16 Oct 2023 13:35:06 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by MWH0EPF000989EA.mail.protection.outlook.com (10.167.241.137) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.6838.22 via Frontend Transport; Mon, 16 Oct 2023 13:35:06 +0000 Received: from localhost (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.27; Mon, 16 Oct 2023 08:35:03 -0500 From: Michael Roth To: CC: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , Brijesh Singh Subject: [PATCH v10 22/50] KVM: SEV: Add GHCB handling for Hypervisor Feature Support requests Date: Mon, 16 Oct 2023 08:27:51 -0500 Message-ID: <20231016132819.1002933-23-michael.roth@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20231016132819.1002933-1-michael.roth@amd.com> References: <20231016132819.1002933-1-michael.roth@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: MWH0EPF000989EA:EE_|CY8PR12MB7587:EE_ X-MS-Office365-Filtering-Correlation-Id: bcf3b2a8-e7a2-4d30-5360-08dbce4cb5f2 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: 43bZGeIWh4pS92moqTSgzAOgkeBILxAwBnRMrN5fEjrRQD75vpDqjNa1/TcLwkD+4BaMkyIMQ5xQrqXM6ceV/Lv7MTEci43qIVcsIlaW/fKaM9RPohFx3N1q1F5knQsm8O1B8LZ1pNW/n8l7Khp80fDmx6pEI1lO6iI3zybK/UHZOzLqKTLbLNp/pdBab8b+48bj8D6l0Vy0+2UG1op1IMDdD7nPvpy0tpVN1lj1xRfKPFSPOp35VDJBaqj0eifYnD7rRLGd5C4raybrCbvikTj0GCBIgQeVAT2bokMIo3UznHwcGxyNOGAclNA4sKAJnUiH0iJQM3j+eih4L5Yp2po1Jw7bgLL/RKvhzTBBmrRBbVOqLKQx5azUEnsQpWl6JrHXJrFlYKkUaOSaHxlyCOhVAe/s3JGiLD8DStW5p5rBxqKC6Ae+gUdPWPk0vKkod9vZDxO8JtE01SLOEyLKVWzJsxLhEC8pSsJgTtrbKYlYCEJPEWgnTHBtRGv9Z2ktzlWXjaDywwZhN8HTP3ffqc1LXaFrdOJ6U+Y9NH2+oYnU7eXGxyxuYtQHNM1FqpzcIkoPtykU2c10UDzuZv/20HxJfolBrATMWGJQnU8lJ4D/pVTpBCPcin7AqULU5E1NTWEtEoyuWaZ9f8pp6fDdFKZMTQ4fFnfbRodHdqOfHpiMYmbedcylIS6DKqMi6nUfpbAYESvekC6wRvs6mkLVGI8rrBpVWwjKQiQaVstExg3BtF5SycOsuTckVLbYQfVdc3x5llJGwZett4fUvzmw0A== X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230031)(4636009)(136003)(396003)(39860400002)(346002)(376002)(230922051799003)(1800799009)(451199024)(82310400011)(186009)(64100799003)(40470700004)(46966006)(36840700001)(40480700001)(5660300002)(44832011)(40460700003)(6666004)(2906002)(1076003)(26005)(36756003)(2616005)(426003)(336012)(83380400001)(16526019)(82740400003)(356005)(81166007)(86362001)(36860700001)(47076005)(7416002)(7406005)(478600001)(41300700001)(6916009)(316002)(54906003)(70586007)(70206006)(4326008)(8936002)(8676002)(36900700001);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 16 Oct 2023 13:35:06.7044 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: bcf3b2a8-e7a2-4d30-5360-08dbce4cb5f2 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: MWH0EPF000989EA.namprd02.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: CY8PR12MB7587 X-Rspamd-Server: rspam08 X-Rspamd-Queue-Id: 7FA0040014 X-Stat-Signature: i66om51nmq5ajpg67peodpeze86fffxj X-Rspam-User: X-HE-Tag: 1697463310-463899 X-HE-Meta: U2FsdGVkX1+LejdrfWtcT0BT8Ia0iFXw4bAa+8QYp8jWMOjtgryDNiegZPB+7MhytJA70WbY4IV5vHIsv3dIjZK/f2ukeerWb+hJGLsLFOZMWeJ07OHkrKKa8c0FrKooLHqsiTrLVqK62Opsg12Cobaukd4HRJhP9ZgD/+N/wOpJc8A/S8DRWsSORkpiwIh3aqFsDw8euSRXOE/bpBKPwCwg5pvHRmBn3iLJl8F7mDso+BR7e8aJ//jZhPyNQno92rKhNBxA141CFNKfOSPAA5hNshXGmFSCeyAZR7VBS2MZVqdD1xwmD5y4xVA3n2T5xBIPu9gZLtKL3bInXQUK5LjbQXTKHhChRLCubhxOpQUo99Sh/M9n37sFSz/jKdnZ6OdGjlrPvk7U24vHUQ7kt2ZwPTTOiwIaaU9HcR/ZzKA4jJ16gS9/HtmikmCjJ+9R/N9W0UENZR64zKuU23Bk7S2Vhs4aS6ylldqoCpTbgijJs9GoM6kA7qN7Qf9chcpAjWtI6CSIjYZMPboOfQoVY+h0juZsiUiS06ZR2oKaiQAK3tV0M3ENb7qLiryhgQk9IC7xxHi+zryVkcFKsFl17XdgsQiC4R8YKn2hfCaoF5wdz9//mCJz2U+dx1xjVry2OEQJkdl3Gd3ge6coflPo7EOQlLr1vNLnDrCWfiUuwmeM9k7X2wlSCeTzHaUBkcCZSWUzzIx84YOAQNPgWpi+dD8mbOjh8W50f7scncKaQk8mtu2PYkr1wo3YwtvOdla4gbmQPQugUUefRZ6JF3FCdTfHC8DJOcWpbp6DnESRNYDk+iLPNM2Kp9/gnABZPajXgSFqGA1kJ/AOLKf8UU0rqvsOvhWGZPOImcq0NH5LXjVCrBLOBPhuZiYaholzHl/aJLDDv7nBeTkmeAGPTNuW1EUt2+iAwLMzL04Zi1UXLyCgsxeOs8Q5pbMR0jSk384v0iE5PFmErV81bO6Qy1j gnJGhUKH zUTEDlIbf/BPfd+8uyewON6ufT7LcmdPl7pFFU75rtxTJc1EMuAQcKG8S40UnJumdOOnGtYAq859DXN1aVrj/hPkkBgc1aClWeqa8LP4nX24AM+ga92IaejkjTaXu7gCksRbR9ttodyEq6bF2uG8pFo5MCzLRThLUgwCqYGuYO2PlejSS4eT6BH5Jwlwbxe1popioK0lonTG8Bs5eCFDH+A5Kp6BfTWDn0nSekSdddXdgdhrtIhHHRumEiKN5usiyZhM+O5St8An7F/6pQ+lQWPPRZAvgFJmunJfgG3RMLKUry2X9QJn6HEwAEhhAh627YQQnYD37DbwQQS0= X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: From: Brijesh Singh Version 2 of the GHCB specification introduced advertisement of features that are supported by the Hypervisor. Now that KVM supports version 2 of the GHCB specification, bump the maximum supported protocol version. Signed-off-by: Brijesh Singh Signed-off-by: Ashish Kalra --- arch/x86/include/asm/sev-common.h | 2 ++ arch/x86/kvm/svm/sev.c | 14 ++++++++++++++ arch/x86/kvm/svm/svm.h | 3 ++- 3 files changed, 18 insertions(+), 1 deletion(-) diff --git a/arch/x86/include/asm/sev-common.h b/arch/x86/include/asm/sev-common.h index 57ced29264ce..9ba88973a187 100644 --- a/arch/x86/include/asm/sev-common.h +++ b/arch/x86/include/asm/sev-common.h @@ -101,6 +101,8 @@ enum psc_op { /* GHCB Hypervisor Feature Request/Response */ #define GHCB_MSR_HV_FT_REQ 0x080 #define GHCB_MSR_HV_FT_RESP 0x081 +#define GHCB_MSR_HV_FT_POS 12 +#define GHCB_MSR_HV_FT_MASK GENMASK_ULL(51, 0) #define GHCB_MSR_HV_FT_RESP_VAL(v) \ /* GHCBData[63:12] */ \ (((u64)(v) & GENMASK_ULL(63, 12)) >> 12) diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c index 4f895a7201ed..088b32657f46 100644 --- a/arch/x86/kvm/svm/sev.c +++ b/arch/x86/kvm/svm/sev.c @@ -2568,6 +2568,7 @@ static int sev_es_validate_vmgexit(struct vcpu_svm *svm) case SVM_VMGEXIT_AP_HLT_LOOP: case SVM_VMGEXIT_AP_JUMP_TABLE: case SVM_VMGEXIT_UNSUPPORTED_EVENT: + case SVM_VMGEXIT_HV_FEATURES: break; default: reason = GHCB_ERR_INVALID_EVENT; @@ -2828,6 +2829,13 @@ static int sev_handle_vmgexit_msr_protocol(struct vcpu_svm *svm) GHCB_MSR_INFO_MASK, GHCB_MSR_INFO_POS); break; + case GHCB_MSR_HV_FT_REQ: { + set_ghcb_msr_bits(svm, GHCB_HV_FT_SUPPORTED, + GHCB_MSR_HV_FT_MASK, GHCB_MSR_HV_FT_POS); + set_ghcb_msr_bits(svm, GHCB_MSR_HV_FT_RESP, + GHCB_MSR_INFO_MASK, GHCB_MSR_INFO_POS); + break; + } case GHCB_MSR_TERM_REQ: { u64 reason_set, reason_code; @@ -2952,6 +2960,12 @@ int sev_handle_vmgexit(struct kvm_vcpu *vcpu) ret = 1; break; } + case SVM_VMGEXIT_HV_FEATURES: { + ghcb_set_sw_exit_info_2(svm->sev_es.ghcb, GHCB_HV_FT_SUPPORTED); + + ret = 1; + break; + } case SVM_VMGEXIT_UNSUPPORTED_EVENT: vcpu_unimpl(vcpu, "vmgexit: unsupported event - exit_info_1=%#llx, exit_info_2=%#llx\n", diff --git a/arch/x86/kvm/svm/svm.h b/arch/x86/kvm/svm/svm.h index b74231511493..c13070d00910 100644 --- a/arch/x86/kvm/svm/svm.h +++ b/arch/x86/kvm/svm/svm.h @@ -663,9 +663,10 @@ void avic_refresh_virtual_apic_mode(struct kvm_vcpu *vcpu); /* sev.c */ -#define GHCB_VERSION_MAX 1ULL +#define GHCB_VERSION_MAX 2ULL #define GHCB_VERSION_MIN 1ULL +#define GHCB_HV_FT_SUPPORTED GHCB_HV_FT_SNP extern unsigned int max_sev_asid; From patchwork Mon Oct 16 13:27:52 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Roth X-Patchwork-Id: 13423299 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id EA28ECDB465 for ; Mon, 16 Oct 2023 13:35:36 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 8982C8D007D; Mon, 16 Oct 2023 09:35:36 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 821DC8D0001; Mon, 16 Oct 2023 09:35:36 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 6C2938D007D; Mon, 16 Oct 2023 09:35:36 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0017.hostedemail.com [216.40.44.17]) by kanga.kvack.org (Postfix) with ESMTP id 5B5538D0001 for ; Mon, 16 Oct 2023 09:35:36 -0400 (EDT) Received: from smtpin03.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay01.hostedemail.com (Postfix) with ESMTP id 3DBE21CB3B3 for ; Mon, 16 Oct 2023 13:35:36 +0000 (UTC) X-FDA: 81351421872.03.D6755DB Received: from NAM12-MW2-obe.outbound.protection.outlook.com (mail-mw2nam12on2063.outbound.protection.outlook.com [40.107.244.63]) by imf05.hostedemail.com (Postfix) with ESMTP id 2FB43100003 for ; Mon, 16 Oct 2023 13:35:32 +0000 (UTC) Authentication-Results: imf05.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b=OalkfUaP; dmarc=pass (policy=quarantine) header.from=amd.com; spf=pass (imf05.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.244.63 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com; arc=pass ("microsoft.com:s=arcselector9901:i=1") ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1697463333; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=HxXeAwCDwUa4LM2Qj3jEtVVTyfAMEIpIluDpcBM/B+Q=; b=zncCFdUU/YoVOU+JapPnfXpybcl8EuoV2bEfoBeN8LPDmeATKQR0kS/9Sao6b9upeFCXAl IMjB8g6xHAd7x6OTw42PHvdqf64ecucJVIsFcBU3qPcbfBm/mYE0s/vAt3m0AV1Jk/EQsc b0kLmN1t3KuKH+pfCcGYr/q5g1zzu3s= ARC-Authentication-Results: i=2; imf05.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b=OalkfUaP; dmarc=pass (policy=quarantine) header.from=amd.com; spf=pass (imf05.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.244.63 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com; arc=pass ("microsoft.com:s=arcselector9901:i=1") ARC-Seal: i=2; s=arc-20220608; d=hostedemail.com; t=1697463333; a=rsa-sha256; cv=pass; b=FxK4T9tq9MQR2BQXzRjds0n5muCqz+FDHCmrzdkqitEHJVAoItStVEMqTxvlwcEf8dExmD 5agKRMK7zfRjV6sJjDYQs7TEeJUWM+2vr8ZZLDvxnso6qrDd1Fv+khA4P2YqdDrKaNHbZH wxDW/nIRYRe4Q1l7USSnidW8xaEfVes= ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=SPRpTkzDvH7+cCrkt8OtXIWr8OtMEQt0Bepeo1PVhcQmM1YLbakM3CbV9R0UEpiHyyM4SPWSQ9cOKKm0IqZaht9C6lt/v79EyQxiNFvgFXFnmcPA/teOvfkkRawlsRvreK6l8vT/Qk0uo1wMyQYKrrl0demiKdd0C+PkVY50GLQls4TTT3BPzox8Er+yzLrwQHmvXC00RETPMrjX0Tiqic6aEywRcIL4HBZbxroLDOc07Qoz+DCFZ6Bzfg8AB4sTHJb5tWtCCdDWDJxO2TP3q/ORrwjCkBdVMEq3Z2DlnFC1D7N8z2XgweDoORcQyQD5DeKclAZ8EGE1DAd8t58X1Q== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=HxXeAwCDwUa4LM2Qj3jEtVVTyfAMEIpIluDpcBM/B+Q=; b=E0A5dL5cjoqcmJos+3eQkZqKMZkynkHn8D04/zJNkr3yXIiYGhMoc/CZiAMyStlrpvU/hxAMJMQA68gTS85XfsdGqy35b5wYXxshyQ6wakJlFDSVAcl335MkR8J9Xv2FzXxFSBCdIgHk02+1RTX0lU4aMf3Yu480/PGgX5gd40o1+N9V3pq2XL6IeJ5hYXx3R/rbkbTTR3cXR9FjBx6BAK336lYp7Pg0fEJLkgnLGTrjAR4d8uRt6oldKDvzTNlSO66+9k0ZMzX81PplNyJGky/BM9nvoFpocRuWbBBd/zslZUbNE72gehyXwMZ+xSiDuA4lATMRMDZoTckF7LUAXw== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=HxXeAwCDwUa4LM2Qj3jEtVVTyfAMEIpIluDpcBM/B+Q=; b=OalkfUaPjBjNsGOVDGAkCUt2HPS6FkxndmlxUMdQIa8mLfCVI1aj/aEv0CMOrNoiqw4TzS9CYE0OrpQZDhyUwMgbA66oRLia6uWWVaQ71fNAKOV/QrUxu8XKs5JRCbsGmAN2FAvN+stQXKV8MLNXGyXoyGXo961KsWIS8ktzNUw= Received: from BYAPR05CA0028.namprd05.prod.outlook.com (2603:10b6:a03:c0::41) by PH7PR12MB7284.namprd12.prod.outlook.com (2603:10b6:510:20b::18) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6886.36; Mon, 16 Oct 2023 13:35:27 +0000 Received: from MWH0EPF000989E6.namprd02.prod.outlook.com (2603:10b6:a03:c0:cafe::2f) by BYAPR05CA0028.outlook.office365.com (2603:10b6:a03:c0::41) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6907.18 via Frontend Transport; Mon, 16 Oct 2023 13:35:27 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by MWH0EPF000989E6.mail.protection.outlook.com (10.167.241.133) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.6838.22 via Frontend Transport; Mon, 16 Oct 2023 13:35:27 +0000 Received: from localhost (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.27; Mon, 16 Oct 2023 08:35:26 -0500 From: Michael Roth To: CC: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , Brijesh Singh Subject: [PATCH v10 23/50] KVM: SEV: Make AVIC backing, VMSA and VMCB memory allocation SNP safe Date: Mon, 16 Oct 2023 08:27:52 -0500 Message-ID: <20231016132819.1002933-24-michael.roth@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20231016132819.1002933-1-michael.roth@amd.com> References: <20231016132819.1002933-1-michael.roth@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: MWH0EPF000989E6:EE_|PH7PR12MB7284:EE_ X-MS-Office365-Filtering-Correlation-Id: bfd04760-752c-4fde-a922-08dbce4cc225 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: M3MuEZvhCu5ASTByvdQRKDfIxS7nv3vzlxjoxSaDj23zNVVLIcJWZxvTXg+hLWTt2+AoIsmRGWq0BtDHB2mvjHWGZwILPc/UvQBeFPeO/rmjdxuA0ekxR+/TPghPPqZhGq+sA5BXBp691OaV2H1H5BMTVVfoGhnsGB6q+ARvUMdH/LlJSjkWKECi0w6nBYeYr11QPi6t9JkWqykgWSbm3f4dfOEQmR/PP21nP6I9doMBBc8hXvf6dYUXQOxC6+DhzyJosvxqFGWFPGCrOlnM8U/Q0v2QssMkFWSBTN9omr+DddDeJUEkDSZzQXCr//898uyvKaoRLFoKhQBXyAWtCa/FN1LvR+I8wEg7/ueYYR5Z1mOl8QCCHHr19BxYQkQSpZuvTyyB0R2gIj/tct/jUzM9zFgQpTfIshlXIrNs3sWPC4BgmRUSTEin1jwkDK0C0EkBDWhLZoSs60m8/KqbsE3NhhOA0rPGtmjzKeBACV7+Xvw0bMhbzDBk5Cz0v4ut0lzJdekJM0gjqrNeEhl76TUx71XomsY1BbUUFabktBXNtBUbzVEhpFQU73gQcYC0DUbLAbZ6qTWxHRQk2iwU3d+DzSZIxJ75I+cs4XH/FkCP8cPbE04Z/+GB6Ar94tfNRCCKM2gbQZx2K922i6W2+SGkQYz8rZvL8Mi6onobXSmktOscRIcxlxF8edocb6Z9dhteQxgRTbsAGBMciFhUziQjk4DEYJy200FITgMKLTXeBOR4LC2D2h/KCAafyKQsJzJ0vAmle/EeAsiVbMD31Q== X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230031)(4636009)(346002)(396003)(136003)(39860400002)(376002)(230922051799003)(64100799003)(1800799009)(451199024)(82310400011)(186009)(36840700001)(46966006)(40470700004)(44832011)(86362001)(41300700001)(5660300002)(36860700001)(7416002)(7406005)(47076005)(36756003)(83380400001)(8936002)(4326008)(8676002)(2906002)(70586007)(316002)(70206006)(6916009)(336012)(426003)(54906003)(1076003)(356005)(81166007)(2616005)(40480700001)(82740400003)(478600001)(26005)(40460700003)(16526019)(6666004)(36900700001);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 16 Oct 2023 13:35:27.1579 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: bfd04760-752c-4fde-a922-08dbce4cc225 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: MWH0EPF000989E6.namprd02.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: PH7PR12MB7284 X-Rspamd-Queue-Id: 2FB43100003 X-Rspam-User: X-Rspamd-Server: rspam04 X-Stat-Signature: mpfgo1uybw7ofmj4k7juk37q7qens9z5 X-HE-Tag: 1697463332-88260 X-HE-Meta: U2FsdGVkX19jGwFn09kwUr/HhJ8OY1R/RetNT8Scxqvl4mfOYN0P53b9hcBDo0rspFHxLoZu1isQVmP5cHQRtMefS/9udZoNDe6RmNIE6TI0P9yuOxP8ZASQlgv0XeBP3PUgSXVJn5rD323Ou5c95gR9sNW0zJk0QlcE2V+2VPhzuTpNxW990nJtxDSw5CnaZNm1D0DiJwxO5mQmjP5s2jZ9A+qR+g8L8T5kq9C+Cr/ytNSIRNnOQdaf/eSDOZZywgpIjfr5YL2n0kx7aBocufDX6wQDtjGnhHlClbkifMJjYlHHTI5KN9vpu4mjDvEgvGVAqjVgaBRuqq0KJDpklJSOh6Pr8EjEAIlAnf/eWSE53ZqS4YDvxiEH6UDrERqv1DAw/ymfJgNqzPQdacHVNSIdaOzJEj+jo8IMnxgGYZwOkKQKz47hOApNvAe87qoAcG5JAslpTKxnS+xRAWiiObEbWA1uvOkMh8RAQFyAM46SI4DVtBoE6XZVTpG/qXGoErvLdVpG09/izH1CqC3J0PiW8BeFnaAhi6lCQP2BX+bQRTeLTllHBRLpmByMyluft27WGACOLTZHBCUXr5lWhV0Snl8MZBpjQDIeoyKDon/eemSx7S56SPf6tNHQtKHsWCqS2sscf8cp+08pbLW/Zgk7qAMiRlz8ToJlgSjDudgRp3bUWb53sjEUtXlR4pZAtExQ0XlQ95BxK+o14lZPw/dOPvucX824+s/4TpB26HqX9raLP0GavO1VxCPNq3tBMG+nyOG3tk6A32uVysvaRdRyQKo9k+QvGdqja8QCAJ0YtbEpfcb3nC6YjN0INEl6soTYdUbVgPtwoKtBMhmk3t4miHAqoGkO6QoSFnH/2Y4XFXCVLuh15eE8NNP/Sy2n9hZTnP4t8ULvdSTmwBuTEH3ClGFukQ9z7yF/3s0U0d/8nr4xws2FyHR6slvajoOZQgYYU8IjglABEKkU8GM DSDbfiOz 8GYup0zzSfXpWHA6DLU/oVjkleKP7OE7bX7DryGQustHHR8zuMK1dCm93/6zOfwibhrJ7M8QzZX4HQ+FnIXMb5MGiC7rDi7JFKnve9eF4Wa8M0uMqNlMUcPZtPjLfi9fGfz/Ygvaij+hFsAfgc4avuwASOw6BFXGBLdW+wlcAWT6dwoG5L7V5NRFeN6ixyFX+SvbOI8kjNt9CELlRYNFNVq37vNiNN3tTPgq5f/5K1OBp1JrC1wDQv75VcsloGJtpjy2vg0N9yR6aPnSW4kTxr1rppA5bPfO7pfOG4XTygswth6yzkDn2c0GZDdCZOQb6bHwqvNVXT68uV+hykxKbSL/OAKw4cyqYH9AlAGE6HtzEqlA= X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: From: Brijesh Singh Implement a workaround for an SNP erratum where the CPU will incorrectly signal an RMP violation #PF if a hugepage (2mb or 1gb) collides with the RMP entry of a VMCB, VMSA or AVIC backing page. When SEV-SNP is globally enabled, the CPU marks the VMCB, VMSA, and AVIC backing pages as "in-use" via a reserved bit in the corresponding RMP entry after a successful VMRUN. This is done for _all_ VMs, not just SNP-Active VMs. If the hypervisor accesses an in-use page through a writable translation, the CPU will throw an RMP violation #PF. On early SNP hardware, if an in-use page is 2mb aligned and software accesses any part of the associated 2mb region with a hupage, the CPU will incorrectly treat the entire 2mb region as in-use and signal a spurious RMP violation #PF. The recommended is to not use the hugepage for the VMCB, VMSA or AVIC backing page for similar reasons. Add a generic allocator that will ensure that the page returns is not hugepage (2mb or 1gb) and is safe to be used when SEV-SNP is enabled. Also implement similar handling for the VMCB/VMSA pages of nested guests. Co-developed-by: Marc Orr Signed-off-by: Marc Orr Reported-by: Alper Gun # for nested VMSA case Co-developed-by: Ashish Kalra Signed-off-by: Ashish Kalra Signed-off-by: Brijesh Singh [mdr: squash in nested guest handling from Ashish] Signed-off-by: Michael Roth Acked-by: Vlastimil Babka --- arch/x86/include/asm/kvm-x86-ops.h | 1 + arch/x86/include/asm/kvm_host.h | 1 + arch/x86/kvm/lapic.c | 5 ++++- arch/x86/kvm/svm/nested.c | 2 +- arch/x86/kvm/svm/sev.c | 33 ++++++++++++++++++++++++++++++ arch/x86/kvm/svm/svm.c | 17 ++++++++++++--- arch/x86/kvm/svm/svm.h | 1 + 7 files changed, 55 insertions(+), 5 deletions(-) diff --git a/arch/x86/include/asm/kvm-x86-ops.h b/arch/x86/include/asm/kvm-x86-ops.h index f1505a5fa781..4ef2eca14287 100644 --- a/arch/x86/include/asm/kvm-x86-ops.h +++ b/arch/x86/include/asm/kvm-x86-ops.h @@ -136,6 +136,7 @@ KVM_X86_OP(vcpu_deliver_sipi_vector) KVM_X86_OP_OPTIONAL_RET0(vcpu_get_apicv_inhibit_reasons); KVM_X86_OP_OPTIONAL_RET0(gmem_prepare) KVM_X86_OP_OPTIONAL(gmem_invalidate) +KVM_X86_OP_OPTIONAL(alloc_apic_backing_page) #undef KVM_X86_OP #undef KVM_X86_OP_OPTIONAL diff --git a/arch/x86/include/asm/kvm_host.h b/arch/x86/include/asm/kvm_host.h index fa401cb1a552..a3983271ea28 100644 --- a/arch/x86/include/asm/kvm_host.h +++ b/arch/x86/include/asm/kvm_host.h @@ -1763,6 +1763,7 @@ struct kvm_x86_ops { int (*gmem_prepare)(struct kvm *kvm, kvm_pfn_t pfn, gfn_t gfn, int max_order); void (*gmem_invalidate)(kvm_pfn_t start, kvm_pfn_t end); + void *(*alloc_apic_backing_page)(struct kvm_vcpu *vcpu); }; struct kvm_x86_nested_ops { diff --git a/arch/x86/kvm/lapic.c b/arch/x86/kvm/lapic.c index dcd60b39e794..631a554c0f48 100644 --- a/arch/x86/kvm/lapic.c +++ b/arch/x86/kvm/lapic.c @@ -2810,7 +2810,10 @@ int kvm_create_lapic(struct kvm_vcpu *vcpu, int timer_advance_ns) vcpu->arch.apic = apic; - apic->regs = (void *)get_zeroed_page(GFP_KERNEL_ACCOUNT); + if (kvm_x86_ops.alloc_apic_backing_page) + apic->regs = static_call(kvm_x86_alloc_apic_backing_page)(vcpu); + else + apic->regs = (void *)get_zeroed_page(GFP_KERNEL_ACCOUNT); if (!apic->regs) { printk(KERN_ERR "malloc apic regs error for vcpu %x\n", vcpu->vcpu_id); diff --git a/arch/x86/kvm/svm/nested.c b/arch/x86/kvm/svm/nested.c index dd496c9e5f91..1f9a3f9eb985 100644 --- a/arch/x86/kvm/svm/nested.c +++ b/arch/x86/kvm/svm/nested.c @@ -1194,7 +1194,7 @@ int svm_allocate_nested(struct vcpu_svm *svm) if (svm->nested.initialized) return 0; - vmcb02_page = alloc_page(GFP_KERNEL_ACCOUNT | __GFP_ZERO); + vmcb02_page = snp_safe_alloc_page(&svm->vcpu); if (!vmcb02_page) return -ENOMEM; svm->nested.vmcb02.ptr = page_address(vmcb02_page); diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c index 088b32657f46..1cfb9232fc74 100644 --- a/arch/x86/kvm/svm/sev.c +++ b/arch/x86/kvm/svm/sev.c @@ -3211,3 +3211,36 @@ void sev_vcpu_deliver_sipi_vector(struct kvm_vcpu *vcpu, u8 vector) break; } } + +struct page *snp_safe_alloc_page(struct kvm_vcpu *vcpu) +{ + unsigned long pfn; + struct page *p; + + if (!cpu_feature_enabled(X86_FEATURE_SEV_SNP)) + return alloc_page(GFP_KERNEL_ACCOUNT | __GFP_ZERO); + + /* + * Allocate an SNP safe page to workaround the SNP erratum where + * the CPU will incorrectly signal an RMP violation #PF if a + * hugepage (2mb or 1gb) collides with the RMP entry of VMCB, VMSA + * or AVIC backing page. The recommeded workaround is to not use the + * hugepage. + * + * Allocate one extra page, use a page which is not 2mb aligned + * and free the other. + */ + p = alloc_pages(GFP_KERNEL_ACCOUNT | __GFP_ZERO, 1); + if (!p) + return NULL; + + split_page(p, 1); + + pfn = page_to_pfn(p); + if (IS_ALIGNED(pfn, PTRS_PER_PMD)) + __free_page(p++); + else + __free_page(p + 1); + + return p; +} diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c index 1e7fb1ea45f7..8e4ef0cd968a 100644 --- a/arch/x86/kvm/svm/svm.c +++ b/arch/x86/kvm/svm/svm.c @@ -706,7 +706,7 @@ static int svm_cpu_init(int cpu) int ret = -ENOMEM; memset(sd, 0, sizeof(struct svm_cpu_data)); - sd->save_area = alloc_page(GFP_KERNEL | __GFP_ZERO); + sd->save_area = snp_safe_alloc_page(NULL); if (!sd->save_area) return ret; @@ -1425,7 +1425,7 @@ static int svm_vcpu_create(struct kvm_vcpu *vcpu) svm = to_svm(vcpu); err = -ENOMEM; - vmcb01_page = alloc_page(GFP_KERNEL_ACCOUNT | __GFP_ZERO); + vmcb01_page = snp_safe_alloc_page(vcpu); if (!vmcb01_page) goto out; @@ -1434,7 +1434,7 @@ static int svm_vcpu_create(struct kvm_vcpu *vcpu) * SEV-ES guests require a separate VMSA page used to contain * the encrypted register state of the guest. */ - vmsa_page = alloc_page(GFP_KERNEL_ACCOUNT | __GFP_ZERO); + vmsa_page = snp_safe_alloc_page(vcpu); if (!vmsa_page) goto error_free_vmcb_page; @@ -4876,6 +4876,16 @@ static int svm_vm_init(struct kvm *kvm) return 0; } +static void *svm_alloc_apic_backing_page(struct kvm_vcpu *vcpu) +{ + struct page *page = snp_safe_alloc_page(vcpu); + + if (!page) + return NULL; + + return page_address(page); +} + static struct kvm_x86_ops svm_x86_ops __initdata = { .name = KBUILD_MODNAME, @@ -5007,6 +5017,7 @@ static struct kvm_x86_ops svm_x86_ops __initdata = { .vcpu_deliver_sipi_vector = svm_vcpu_deliver_sipi_vector, .vcpu_get_apicv_inhibit_reasons = avic_vcpu_get_apicv_inhibit_reasons, + .alloc_apic_backing_page = svm_alloc_apic_backing_page, }; /* diff --git a/arch/x86/kvm/svm/svm.h b/arch/x86/kvm/svm/svm.h index c13070d00910..b7b8bf73cbb9 100644 --- a/arch/x86/kvm/svm/svm.h +++ b/arch/x86/kvm/svm/svm.h @@ -694,6 +694,7 @@ void sev_es_vcpu_reset(struct vcpu_svm *svm); void sev_vcpu_deliver_sipi_vector(struct kvm_vcpu *vcpu, u8 vector); void sev_es_prepare_switch_to_guest(struct sev_es_save_area *hostsa); void sev_es_unmap_ghcb(struct vcpu_svm *svm); +struct page *snp_safe_alloc_page(struct kvm_vcpu *vcpu); /* vmenter.S */ From patchwork Mon Oct 16 13:27:53 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Roth X-Patchwork-Id: 13423300 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id D2701CDB465 for ; Mon, 16 Oct 2023 13:35:57 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 7600E8D007F; Mon, 16 Oct 2023 09:35:57 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 7100A8D0001; Mon, 16 Oct 2023 09:35:57 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 5B1528D007F; Mon, 16 Oct 2023 09:35:57 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0011.hostedemail.com [216.40.44.11]) by kanga.kvack.org (Postfix) with ESMTP id 485FA8D0001 for ; Mon, 16 Oct 2023 09:35:57 -0400 (EDT) Received: from smtpin07.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay06.hostedemail.com (Postfix) with ESMTP id 2699BB5AB5 for ; Mon, 16 Oct 2023 13:35:57 +0000 (UTC) X-FDA: 81351422754.07.751A236 Received: from NAM02-SN1-obe.outbound.protection.outlook.com (mail-sn1nam02on2057.outbound.protection.outlook.com [40.107.96.57]) by imf16.hostedemail.com (Postfix) with ESMTP id 2022B180021 for ; Mon, 16 Oct 2023 13:35:53 +0000 (UTC) Authentication-Results: imf16.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b=Tj7eQeZR; spf=pass (imf16.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.96.57 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com; arc=pass ("microsoft.com:s=arcselector9901:i=1"); dmarc=pass (policy=quarantine) header.from=amd.com ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1697463354; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=JuJoqfCdXMwUqg1oHzVgH/cyQVXFDLh+EUhvApa61is=; b=fTu3J5FgACKZafvMEv2ggIjc1QyI/Ze5tCDAU219URM377FHjTwKcOSTTzaRcPX+B5m8t6 EXBQlN+TSa4p2HTJCEQoOWC7AIMUpSatnBvObzcrR/npq98wsxRxXYZ/MmbFsCi98FjAkZ QCQnp4Zf/9Ha7eRSIJ3yWX5f50ptNDw= ARC-Authentication-Results: i=2; imf16.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b=Tj7eQeZR; spf=pass (imf16.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.96.57 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com; arc=pass ("microsoft.com:s=arcselector9901:i=1"); dmarc=pass (policy=quarantine) header.from=amd.com ARC-Seal: i=2; s=arc-20220608; d=hostedemail.com; t=1697463354; a=rsa-sha256; cv=pass; b=Nj00fcKOuJwUNjIUmS1SqzDZAQElyIoVKcm35tax25AYdD0/c2soQXyzg3k2HJq3ODlyuV Wlz5jaGA9i1cJOSqmsDFfN8Y30/AuFeMx4DqR1kHvrlXWblxWYl0NWVbzC40eJ192wZ1Jv SfQUqpAOVwiHrMCx3v4xZM2XDq9JLAk= ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=Wk5dtdYMalD+jx9z+J7Lqonusr51BPvlCzHyrUS9wUuDMnTGeKUG5gpo355eZMHYZ4uBBC2xCJzzolspXFStauULX0fsj/OJ8sYzFrx0UnWc3zxyXejcx4JO05JCMgqiW24OgjVE2voTXzQdEYmTOLvVXu+ORxJnXwkcfy17MAt3a4njyFWnSioR1OrAGZWgbWIMDiGXryliseJfwHWz0e0CKKFmN42C9HqxwurbUYQshRNUFx7E7cF5Xb4t29EkOiF7MUa2nh+0N47qrOuZsCIOiATym3v46vwRDjlQgNxWrdNdn1NyUciSVcKFN+hOfWsDuh5Kz8nhNisoQZcvbw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=JuJoqfCdXMwUqg1oHzVgH/cyQVXFDLh+EUhvApa61is=; b=LoQB2jjXbRw82+IIqm/UqZirX7ENqXx4g+jdfqH5nJ27eOBFpohVwvJEGI7VfwRKNHPfXkEXg/BvsoAr756O89M7AB1HWwr6DkaUSNp1tEVaBNPLmZppwcgWX2gJnXnmKmh2EWTcTBb3jCPnlP5P5dHu1VTiHkPVYNd1i4/imaS1oe/kedkaenDnXqWS0QrUWQyWRAf+G9qGN7VtKPDVZCY6nJvVbW++pycV/VLfwm8GKNgdHcF6lEUd8ZGksgswPdTLt2tDi6QAC2RLBMlE5mJSSnrSwYyMnjsroIm0rGK6hEh/Cfhdy0fHhuz/kkHc9DsIgHrHV9mCrHZHMjNCmw== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=JuJoqfCdXMwUqg1oHzVgH/cyQVXFDLh+EUhvApa61is=; b=Tj7eQeZRktIxOSIAHqm8k6el4bxD32OCLwQV3g3Ib8bwQqxFJ88z5WHXTi0uA78jKxXLKtfVDgmaQ2Qw1RBWCA10Rr4zyZ/rV8UOx2QriX/s2KYYqrvIqg7WoetkAojBpaNUsYQCsTj2/aQqpab0KlqTO/pKdkvjl5r6IkvMzns= Received: from SJ0PR03CA0019.namprd03.prod.outlook.com (2603:10b6:a03:33a::24) by BL1PR12MB5205.namprd12.prod.outlook.com (2603:10b6:208:308::17) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6863.46; Mon, 16 Oct 2023 13:35:49 +0000 Received: from MWH0EPF000989EA.namprd02.prod.outlook.com (2603:10b6:a03:33a:cafe::81) by SJ0PR03CA0019.outlook.office365.com (2603:10b6:a03:33a::24) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6886.35 via Frontend Transport; Mon, 16 Oct 2023 13:35:48 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by MWH0EPF000989EA.mail.protection.outlook.com (10.167.241.137) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.6838.22 via Frontend Transport; Mon, 16 Oct 2023 13:35:48 +0000 Received: from localhost (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.27; Mon, 16 Oct 2023 08:35:47 -0500 From: Michael Roth To: CC: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , Brijesh Singh Subject: [PATCH v10 24/50] KVM: SEV: Add initial SEV-SNP support Date: Mon, 16 Oct 2023 08:27:53 -0500 Message-ID: <20231016132819.1002933-25-michael.roth@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20231016132819.1002933-1-michael.roth@amd.com> References: <20231016132819.1002933-1-michael.roth@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: MWH0EPF000989EA:EE_|BL1PR12MB5205:EE_ X-MS-Office365-Filtering-Correlation-Id: e461c7f0-c2e4-4b7a-5bf2-08dbce4ccf09 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: 2Y0BmHP21rEIyHAKJ3/BTUdjKAprnamLSBQttgITvBC6RXsrz+78EdHw7qkP1OMWOJpLMeXK1wCJFsC9pY2Shf31g2HMPjw8ygKikBUtCZjs4O3Ka5ENIKPBG+xZrfjb+v1if9OwuP8AYQib9PBFjTSpImy6ozlp6ikc3ZxDhg0ACfSW3/4Rm9EKigAU+jK/fAtRdc2HB2s45Pl+sktp0A0uYTGWOs/7gpsRUfij3AVUSr13aKxBbNA5FGKV4TJbGYA6A3DCX1zUywtJDxHUI3duR1VGXQJxA3rNCxzAtiHa0gIMRszSIz7FYRzZpNb0rVAy3enIiJFL9HUke0seHVQqayAS/ZzLj/ZBEJ7AS0YB+PFa6RbpPaM5FTgm+OT44tdrY3La0cJb2Nn4Q4vKEkRnsXM7WqpFZlpYtwnuF2ClHvH0HE+QjbosUhnXZrpR3u4oOqcjl20sSKS6xPAFPnFeNDBjxwKNO4wUwS1kxR3wducAqzWTT4b5CFa8gD5cEJZwaoNHBRlWv8/akpNjqS06FKN5zNw4Dp1eyFMN7YZz+rDfTK+vqFGSSu0YSxCU56DaqbV/lSDXK+sOq+LJWlH+AXj6lfGWzTPGbfplIizVxkEsr/7lGF+qWbz+oVT7U8tgdRaVqpeb3rwn0DQdk3A0X0PN36U2wfi9H76mmhIP9mPe0vOhBGog+qIgc7lpVf3l35i9TrvXHqF2dJDEjWUruyQFXq/VzNgUlKBIam6zX3vUnAXUN2yMo4D4//5fvg66wPlIoQggmfE/lfnjDQ== X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230031)(4636009)(39860400002)(346002)(376002)(396003)(136003)(230922051799003)(1800799009)(451199024)(64100799003)(186009)(82310400011)(36840700001)(40470700004)(46966006)(40460700003)(40480700001)(6666004)(478600001)(36860700001)(47076005)(81166007)(36756003)(356005)(86362001)(82740400003)(7406005)(2906002)(7416002)(1076003)(16526019)(426003)(336012)(26005)(2616005)(83380400001)(4326008)(70206006)(54906003)(5660300002)(6916009)(8936002)(8676002)(316002)(70586007)(44832011)(41300700001)(36900700001);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 16 Oct 2023 13:35:48.7671 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: e461c7f0-c2e4-4b7a-5bf2-08dbce4ccf09 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: MWH0EPF000989EA.namprd02.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: BL1PR12MB5205 X-Rspamd-Queue-Id: 2022B180021 X-Rspam-User: X-Stat-Signature: gjsw6exqmcwhrjuomtasr9wqwbewes49 X-Rspamd-Server: rspam01 X-HE-Tag: 1697463353-763263 X-HE-Meta: U2FsdGVkX19J2Ap9YGZGsDaNd6+ggNXNb7CtaA7zuBKnrZRJMbHKsVoBDC1pMVggs9Nev6ToHn1uc0C5C62+Mo57ehMjxf6rreo8Bb1WtaH6r8DsdloFpvkacLjyk6n3f+EyN1RKPVIy6Rd/LqduCcftR8h8XcoPoYbCExohGDpwKLAE8RhQl2sYoXTM95p8AhEvTDhBHonjjW94LU6bBAoz8hbS0y/KgD6Cc/K1NFwfz/FTKC0AmHKtOVKoqbKubJWOJet+o6VtGBeKXQQ45i4TKmNFJD57rF7frUfptXIqLTfZrZRa2ejhCcsE+ZQ5sG+a0CmQcEJAhFSfiejogoHXa8Mf8qAW0eBDDjTHreYQe77rGzkgOiP6OvKnDAR4BeaxT3wnw8/8UQ20Dv65Pgqi34Hs2TSgcCbeRi7od/BvQ36tO/W5XgOZFka8Dv9u+DQVM0+Bqeh+YGKmbEN07xJB2O1hywBQVENXKCTDy4ieQvUDZ2b55TwAphiCob9SgaDv8kCatzMIiHQ1m696EpbcQOpjFTRYf8QrNq6uWccToH588AtrRUn+BhVVvQU7odAcltmG86PhxdA+45+WNBA93exbVXbsQMMwvHJU7jk1W50XnyECGXyMG8bSWHOyqdY1pTTXyNoH4uE+zzORN0BLvzLlCVGiIef6c7yLL8SjxUFjPFlfF4YQEfvbGPhw/TIdhtzYts05OhXo6kPexy7qM9wheDoBPEC/4xJy3K13NGfUP6KanNnvK9CUSCZQVmlDgDz/tr4xCcEFoJkIsRoeafOTB+fTCHjgh54JTsuhrc5o85QOCcUhjBLfmAvKnWD8T4C8+aV6misHmOrf0bI1xPgV3u96KYH4yZQb91vSZZ1sEZJH6/nt09MYvc2/T7hC6HhDSZonhK65xjOH+V+RXZkMWurAthO+iRW1lF8COm6/TEm7LppZl8cPalhf1Z73i9hawvBVO7qfjkL v/UP/cIr AqZl1puT5EzGSWZo4z2hY5kwb2wHtE+pZ5PIIqLJ4UmBTqEVjcbcbrTChAt7lJXvXNWltQbY2iJly9EAo9NRp2+iOwz8HBnSv3Nyk1vz5v8ImVNSgLWaZgjVATL5gt/WivTdUD+YUy/y4fxfbrrEPQMfXxzmmj4H8rO9LuGBHNX+gBQ3rm23x0uEwi1YYbqFMesNA104BRlRYTIKHhXgLdl6SIzCY545XlajWJuG6kdmcdE/2SeETQOcp7WY/pWDq3/sTOWHTTM35rlfPJYU6RcvRBnZEC9iM7iIj2dwGUsWCyYAb6WtF7I6bwQMRim+e0sci4Jjw8H2qCD8= X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: From: Brijesh Singh The next generation of SEV is called SEV-SNP (Secure Nested Paging). SEV-SNP builds upon existing SEV and SEV-ES functionality while adding new hardware based security protection. SEV-SNP adds strong memory encryption integrity protection to help prevent malicious hypervisor-based attacks such as data replay, memory re-mapping, and more, to create an isolated execution environment. The SNP feature is added incrementally, the later patches adds a new module parameters that can be used to enabled SEV-SNP in the KVM. Signed-off-by: Brijesh Singh Signed-off-by: Ashish Kalra --- arch/x86/kvm/svm/sev.c | 10 ++++++++++ arch/x86/kvm/svm/svm.h | 8 ++++++++ 2 files changed, 18 insertions(+) diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c index 1cfb9232fc74..4eefc168ebb3 100644 --- a/arch/x86/kvm/svm/sev.c +++ b/arch/x86/kvm/svm/sev.c @@ -59,10 +59,14 @@ module_param_named(sev_es, sev_es_enabled, bool, 0444); /* enable/disable SEV-ES DebugSwap support */ static bool sev_es_debug_swap_enabled = true; module_param_named(debug_swap, sev_es_debug_swap_enabled, bool, 0444); + +/* enable/disable SEV-SNP support */ +static bool sev_snp_enabled; #else #define sev_enabled false #define sev_es_enabled false #define sev_es_debug_swap_enabled false +#define sev_snp_enabled false #endif /* CONFIG_KVM_AMD_SEV */ #define AP_RESET_HOLD_NONE 0 @@ -2186,6 +2190,7 @@ void __init sev_hardware_setup(void) { #ifdef CONFIG_KVM_AMD_SEV unsigned int eax, ebx, ecx, edx, sev_asid_count, sev_es_asid_count; + bool sev_snp_supported = false; bool sev_es_supported = false; bool sev_supported = false; @@ -2261,6 +2266,10 @@ void __init sev_hardware_setup(void) sev_es_asid_count = min_sev_asid - 1; WARN_ON_ONCE(misc_cg_set_capacity(MISC_CG_RES_SEV_ES, sev_es_asid_count)); sev_es_supported = true; + sev_snp_supported = sev_snp_enabled && cpu_feature_enabled(X86_FEATURE_SEV_SNP); + + pr_info("SEV-ES %ssupported: %u ASIDs\n", + sev_snp_supported ? "and SEV-SNP " : "", sev_es_asid_count); out: if (boot_cpu_has(X86_FEATURE_SEV)) @@ -2277,6 +2286,7 @@ void __init sev_hardware_setup(void) if (!sev_es_enabled || !cpu_feature_enabled(X86_FEATURE_DEBUG_SWAP) || !cpu_feature_enabled(X86_FEATURE_NO_NESTED_DATA_BP)) sev_es_debug_swap_enabled = false; + sev_snp_enabled = sev_snp_supported; #endif } diff --git a/arch/x86/kvm/svm/svm.h b/arch/x86/kvm/svm/svm.h index b7b8bf73cbb9..635430fa641b 100644 --- a/arch/x86/kvm/svm/svm.h +++ b/arch/x86/kvm/svm/svm.h @@ -79,6 +79,7 @@ enum { struct kvm_sev_info { bool active; /* SEV enabled guest */ bool es_active; /* SEV-ES enabled guest */ + bool snp_active; /* SEV-SNP enabled guest */ unsigned int asid; /* ASID used for this guest */ unsigned int handle; /* SEV firmware handle */ int fd; /* SEV device fd */ @@ -339,6 +340,13 @@ static __always_inline bool sev_es_guest(struct kvm *kvm) #endif } +static __always_inline bool sev_snp_guest(struct kvm *kvm) +{ + struct kvm_sev_info *sev = &to_kvm_svm(kvm)->sev_info; + + return sev_es_guest(kvm) && sev->snp_active; +} + static inline void vmcb_mark_all_dirty(struct vmcb *vmcb) { vmcb->control.clean = 0; From patchwork Mon Oct 16 13:27:54 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Roth X-Patchwork-Id: 13423301 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 26CBDCDB482 for ; Mon, 16 Oct 2023 13:36:34 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id B7EAC8D0080; Mon, 16 Oct 2023 09:36:33 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id B2F5A8D0001; Mon, 16 Oct 2023 09:36:33 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 9D0818D0080; Mon, 16 Oct 2023 09:36:33 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0012.hostedemail.com [216.40.44.12]) by kanga.kvack.org (Postfix) with ESMTP id 8C5BC8D0001 for ; Mon, 16 Oct 2023 09:36:33 -0400 (EDT) Received: from smtpin03.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay02.hostedemail.com (Postfix) with ESMTP id 5D7D81208F7 for ; Mon, 16 Oct 2023 13:36:33 +0000 (UTC) X-FDA: 81351424266.03.B8394CC Received: from NAM10-BN7-obe.outbound.protection.outlook.com (mail-bn7nam10on2069.outbound.protection.outlook.com [40.107.92.69]) by imf03.hostedemail.com (Postfix) with ESMTP id 359EC2000F for ; Mon, 16 Oct 2023 13:36:29 +0000 (UTC) Authentication-Results: imf03.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b=Ijju2M7d; dmarc=pass (policy=quarantine) header.from=amd.com; arc=pass ("microsoft.com:s=arcselector9901:i=1"); spf=pass (imf03.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.92.69 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1697463390; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=zNAuokPOgccMFjN2RWz2RufrKDHTqANl3XuVQIYgbdI=; b=Y3z3uDLW+PVlEZWuifVgQ9Md0oaDcoBBkCYBIE9HZksTEw46oEXLlWEEPk3CdmG2hRxGAf sPjQnJPPi3KPQO4V38HnmNxGPI4SVvIgIL/Hrr7YTja6vMpYfg7kB0y1e4DE83o/xmtRm8 XUWgsArObqlnivSbRbWB8WEmCSyizSk= ARC-Authentication-Results: i=2; imf03.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b=Ijju2M7d; dmarc=pass (policy=quarantine) header.from=amd.com; arc=pass ("microsoft.com:s=arcselector9901:i=1"); spf=pass (imf03.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.92.69 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com ARC-Seal: i=2; s=arc-20220608; d=hostedemail.com; t=1697463390; a=rsa-sha256; cv=pass; b=Ey5A6VWPSSfqNBBkMBPHuxEvb3Mowwi9vrWAzWdUGpEOVXTz2paU0V7k6zzy4SqnkU3BSD Dgh01MCgNkGHj78It4OqL2kPBl5jxruU8ZOIn/il4SqAsM1Pr3LZAb11q7BaUjB0i5BwrB NnfdiYe9p/4uF+GUF6W0IaZeHgG5Vhk= ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=HeANAigcDqpQUpeaLbBcrVA/Z88zv8Aw36uZOvC3zXOWdN8NE5xbxZvOVtUoxj5pwdCjIyrrbLgsNB6uh9TxzkrLoVMsIGs40UCFOXMViIYXhZvZ9hvxtE8XnVHzScuPskN39fhs/169rEr7scP8YpRa+RrhePBQbiWJXE4zbx00MMRXpcypRQschTGkTE5XVCrRMpamvlvX3H6YrghmxrKAfSMfoDXasw2d+2o2RFxhz8uUkLqsws1gcN0LgYhHBqdPdYDqnPd9B2wHbutrcqNeh8YhUzndDUVohOEHIFcPVRAX8KJGyA/mTSU+E1P1Di0L3ZXMC9zrZuXTiwmx0Q== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=zNAuokPOgccMFjN2RWz2RufrKDHTqANl3XuVQIYgbdI=; b=Al2kDLS8qQqsvl85sIiR1MypDmWd+r8bqJW15omsMv6ulW/cOUenXEB077vPyFl5p8OVa28OGGQGCnXPBL8uNrREGSvNNAOP/jv2tc25y57HFSvvWlgdu98CiusNDMF7gsjbA4tEL6V4to+ye01manbf5Ti1D528EyJf7cj6f54voIEQi69j3Zk8VMHFyXBdpsxbx9/nmIfv6201afy/5DajBQXJ5Z4N+FbAki1kqizYZxinYRUOo/x3Wa4z9UcSXLmdQQAPCbh3mWCeuJKWaD9gL6vutUBnPJoKkoA9+HBPR/8+laYoxsw3ogWBD35LWvR+3Tm9XRHji39NQdErBQ== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=zNAuokPOgccMFjN2RWz2RufrKDHTqANl3XuVQIYgbdI=; b=Ijju2M7dUtTBsitSaZqjr0DTLizJNDbUv6jb+5JqjBdPmYO93uOkl0dOE9LmzQswye2EaptpPHQq/tJXwpRR5122D2g67YIYGWYO8okvwoyYlteDp5oGgoL/L5mM8tepnyYM0mulKFj/x+YlffmtAOnVypQyXQ+Y/ibYaGBX0DM= Received: from BL1PR13CA0130.namprd13.prod.outlook.com (2603:10b6:208:2bb::15) by MW3PR12MB4346.namprd12.prod.outlook.com (2603:10b6:303:58::20) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6886.34; Mon, 16 Oct 2023 13:36:25 +0000 Received: from BL02EPF0001A0FB.namprd03.prod.outlook.com (2603:10b6:208:2bb:cafe::e4) by BL1PR13CA0130.outlook.office365.com (2603:10b6:208:2bb::15) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6907.18 via Frontend Transport; Mon, 16 Oct 2023 13:36:24 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by BL02EPF0001A0FB.mail.protection.outlook.com (10.167.242.102) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.6838.22 via Frontend Transport; Mon, 16 Oct 2023 13:36:24 +0000 Received: from localhost (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.27; Mon, 16 Oct 2023 08:36:22 -0500 From: Michael Roth To: CC: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , Brijesh Singh , Pavan Kumar Paluri Subject: [PATCH v10 25/50] KVM: SEV: Add KVM_SNP_INIT command Date: Mon, 16 Oct 2023 08:27:54 -0500 Message-ID: <20231016132819.1002933-26-michael.roth@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20231016132819.1002933-1-michael.roth@amd.com> References: <20231016132819.1002933-1-michael.roth@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: BL02EPF0001A0FB:EE_|MW3PR12MB4346:EE_ X-MS-Office365-Filtering-Correlation-Id: 6af478b4-06fb-4381-5cd2-08dbce4ce48b X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: GLhkWI3xOHF/52j8bNbmFSGRlRhjAnt64i9T0d10N9sgIT26nUDuiaxm1Nx2hG/YhNjVMK15dal96vbCZ7J2TKPAPRO1grSi+oaisxx28KrIAWE2Ox9EL0oq7YRVTKjQDrMLsouIjkyJv7oQF8ERB/9jwQY7QkWAxdD5Fvnl5mZ/fy9unC8cpXo9ieThrczqRFAorI8UPVS9c8OdWJwEGZOqQN+EBzZCph6L0oKEC9lmf8n8AEyJ9NS0efo0Ss7fR4d8dbT4S89utbfNIxk0o5V1Ls6Us13UCH7ETEM0F8m/VogzplHLGv874QceoyiwBXCDvhU+Dxm8SqyDA4BQ3OtKHevqZ9rNcgUsH0hptVvVpTgwd0SL4lE83zPhu/K2CcZozbGgV2JT4T2L/HmbxVZZonVzCHngrsXORSz0Y8v+tafk/BhQauAK6Gm9W7rpusBSjP+MYLddCS8hAUSONr+h/Knl5tpFG9HS8l8XhOfwjyPcLE7x1N32+MAC+UeUw9N40zwPyJcemZWtKlPSuCnQP3N8MJmpI7fnw/G8HBXef+Dfm2OYdsnnwQDsmeyQMuoOvrLSaxI82NmtNxUJtg4k74WHUO4hphPQONVDY99aTma8jw3dkvlaXNqNT3XcLuPuQmvc9mAo2zgoHQatlH+d0UEP5ZHeNNUBzHT9z1q0bCHS9VUrYA1G1PQnh7EmvURFqiZvfn91tM4LLAuK6JOZfbhwhHns0Fq41VQ0jeKO4QIW9jnzKTQXFfOtQjf7CBEQk5OeaELO6cTUpN3fvw== X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230031)(4636009)(136003)(376002)(346002)(396003)(39860400002)(230922051799003)(186009)(1800799009)(82310400011)(451199024)(64100799003)(40470700004)(46966006)(36840700001)(40460700003)(40480700001)(478600001)(70586007)(70206006)(54906003)(6916009)(6666004)(47076005)(36860700001)(83380400001)(86362001)(356005)(82740400003)(316002)(336012)(16526019)(26005)(1076003)(2616005)(426003)(41300700001)(44832011)(36756003)(81166007)(7416002)(4326008)(7406005)(8936002)(5660300002)(8676002)(2906002)(36900700001);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 16 Oct 2023 13:36:24.9450 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 6af478b4-06fb-4381-5cd2-08dbce4ce48b X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: BL02EPF0001A0FB.namprd03.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: MW3PR12MB4346 X-Rspam-User: X-Stat-Signature: 75drzr46ta9j6a7usrr7ehd4bpy5h3ub X-Rspamd-Server: rspam07 X-Rspamd-Queue-Id: 359EC2000F X-HE-Tag: 1697463389-921691 X-HE-Meta: U2FsdGVkX19TFGYc4xpuU2xj+e/Sdrd90KDoZSu03e8pkiQfwy/uVSBCvxeoU/BkkpTQjMHkBp+d1YbMre5X9FSUBfpRETuMROtrHLNwItjecezCHs3wqZ9U3aownKRF+5xE8CFIUiZJc4zQn6y6uvqvIms5UjunThgUMmEXR5milaMVaYuSrkIC4TfkI9e5VLjKxZ2Op7p0yM1CiIGmKqWmDCDMOJeD5My3+0Dd1zhswo+BTcmbo1DdKDgITMiRl9PXYnEQ9oMcGYxtAJJH7/ufmn0hrfiTYDjSrQu6BtT9D4b2MipvLsGbL7xm5eDu0CImtBDgxKiCvtuxt9ALoV9HyISU7uYAMg4lkmIuQeXBSQBEI1j6ifIhjEZwVcl7r9gAisg43bO9EMJ60jiYy6w5GrZCbRiZzmCdWNb+74PDtzAMRKJEl1oSXkUBRJhgmI9XDPfE8h87JyQXjyet9MSEJT+LOeHM/uEtvhqlt8b3alee2SPUCEAcQtNJCPe+GFoY5yRz2P7Evc0+2sb60WtxDbHnyeOc/qV/+geB8Arxuj40EJLEGGXWG2enGY46sPKseGP2MJP0p9NRFvFqZFc2cDIA2QOqFjeRsRhnwP1XL50LwPu/BEorhgaEr0HAnzBeVbxb0lsfzEuLB3hXQSkVsBPu7uWK92OGc3/5qsZONV/8K8E4T4hhRMiY2JdTNrGzpjQPDfFtzUhK/JC02SlpxOIO56X1kXZB3KJbc2gK+1KmfJRt7QYdreJ//qYbH6J7ad7tRWHgBTph9hV3iYfUViATR8zl92e8poE24l+4zpwY+Y0J1wQIrrNqNswLQqAZlYS04NaqOhThkTZOtuCokTSvP9NIgIGtKF9QELRiUYBzhgg4ZB/75JGYk70sIz8t69f1uNtS+2F38/chnHDWcQlIEWhUBIhA2QWTxQGJSScYL59vl+1bp1u/3IGz+5Hl2d+9FQHky77GsR1 STeWIPfc 7bxsW2osprCjjMFGAtxNHeuYbrVLH7S52JwgHUYr8DYZqLUTMSWbnLkkNP20KdOgzqOFKwHFyKFedfzDyklAyV2z2U/pDaXNe7jYzptmTTgfQQ/cOoeN7n9xj7qka5siAfM5Ays9QmmKeOi6kiytrhyyO7SifH5m66XBdFDQsoi0u//+U9y+Lu/IExryn3Up9QuPcs5QIaKCWuT+sTvwXT8p06Gl3TEWJGycA7944J697R4R4pfSmsjtBQZRivvp0H0AHSfajDDH6MhhavzoTOoBFjq7NUEE4CvN6wHql5HNsYABNBysVohXMvYKIlsG83SgMzRB5/J7sqZ/XjdD1917r3HMEHCJaIou8n0FVPr7dYQsaOpPxeUmST8KBpCFZCxbf X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: From: Brijesh Singh The KVM_SNP_INIT command is used by the hypervisor to initialize the SEV-SNP platform context. In a typical workflow, this command should be the first command issued. When creating SEV-SNP guest, the VMM must use this command instead of the KVM_SEV_INIT or KVM_SEV_ES_INIT. The flags value must be zero, it will be extended in future SNP support to communicate the optional features (such as restricted INT injection etc). Co-developed-by: Pavan Kumar Paluri Signed-off-by: Pavan Kumar Paluri Signed-off-by: Brijesh Singh Signed-off-by: Ashish Kalra --- .../virt/kvm/x86/amd-memory-encryption.rst | 27 +++++++++++++ arch/x86/include/asm/svm.h | 1 + arch/x86/kvm/svm/sev.c | 39 ++++++++++++++++++- arch/x86/kvm/svm/svm.h | 4 ++ include/uapi/linux/kvm.h | 13 +++++++ 5 files changed, 83 insertions(+), 1 deletion(-) diff --git a/Documentation/virt/kvm/x86/amd-memory-encryption.rst b/Documentation/virt/kvm/x86/amd-memory-encryption.rst index 995780088eb2..b1a19c9a577a 100644 --- a/Documentation/virt/kvm/x86/amd-memory-encryption.rst +++ b/Documentation/virt/kvm/x86/amd-memory-encryption.rst @@ -434,6 +434,33 @@ issued by the hypervisor to make the guest ready for execution. Returns: 0 on success, -negative on error +18. KVM_SNP_INIT +---------------- + +The KVM_SNP_INIT command can be used by the hypervisor to initialize SEV-SNP +context. In a typical workflow, this command should be the first command issued. + +Parameters (in/out): struct kvm_snp_init + +Returns: 0 on success, -negative on error + +:: + + struct kvm_snp_init { + __u64 flags; + }; + +The flags bitmap is defined as:: + + /* enable the restricted injection */ + #define KVM_SEV_SNP_RESTRICTED_INJET (1<<0) + + /* enable the restricted injection timer */ + #define KVM_SEV_SNP_RESTRICTED_TIMER_INJET (1<<1) + +If the specified flags is not supported then return -EOPNOTSUPP, and the supported +flags are returned. + References ========== diff --git a/arch/x86/include/asm/svm.h b/arch/x86/include/asm/svm.h index 19bf955b67e0..a901f1daaefc 100644 --- a/arch/x86/include/asm/svm.h +++ b/arch/x86/include/asm/svm.h @@ -289,6 +289,7 @@ static_assert((X2AVIC_MAX_PHYSICAL_ID & AVIC_PHYSICAL_MAX_INDEX_MASK) == X2AVIC_ #define AVIC_HPA_MASK ~((0xFFFULL << 52) | 0xFFF) #define SVM_SEV_FEAT_DEBUG_SWAP BIT(5) +#define SVM_SEV_FEAT_SNP_ACTIVE BIT(0) struct vmcb_seg { u16 selector; diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c index 4eefc168ebb3..0cd2a850cb45 100644 --- a/arch/x86/kvm/svm/sev.c +++ b/arch/x86/kvm/svm/sev.c @@ -251,6 +251,25 @@ static void sev_unbind_asid(struct kvm *kvm, unsigned int handle) sev_decommission(handle); } +static int verify_snp_init_flags(struct kvm *kvm, struct kvm_sev_cmd *argp) +{ + struct kvm_snp_init params; + int ret = 0; + + if (copy_from_user(¶ms, (void __user *)(uintptr_t)argp->data, sizeof(params))) + return -EFAULT; + + if (params.flags & ~SEV_SNP_SUPPORTED_FLAGS) + ret = -EOPNOTSUPP; + + params.flags = SEV_SNP_SUPPORTED_FLAGS; + + if (copy_to_user((void __user *)(uintptr_t)argp->data, ¶ms, sizeof(params))) + ret = -EFAULT; + + return ret; +} + static int sev_guest_init(struct kvm *kvm, struct kvm_sev_cmd *argp) { struct kvm_sev_info *sev = &to_kvm_svm(kvm)->sev_info; @@ -264,12 +283,19 @@ static int sev_guest_init(struct kvm *kvm, struct kvm_sev_cmd *argp) return ret; sev->active = true; - sev->es_active = argp->id == KVM_SEV_ES_INIT; + sev->es_active = (argp->id == KVM_SEV_ES_INIT || argp->id == KVM_SEV_SNP_INIT); + sev->snp_active = argp->id == KVM_SEV_SNP_INIT; asid = sev_asid_new(sev); if (asid < 0) goto e_no_asid; sev->asid = asid; + if (sev->snp_active) { + ret = verify_snp_init_flags(kvm, argp); + if (ret) + goto e_free; + } + ret = sev_platform_init(&argp->error); if (ret) goto e_free; @@ -285,6 +311,7 @@ static int sev_guest_init(struct kvm *kvm, struct kvm_sev_cmd *argp) sev_asid_free(sev); sev->asid = 0; e_no_asid: + sev->snp_active = false; sev->es_active = false; sev->active = false; return ret; @@ -623,6 +650,10 @@ static int sev_es_sync_vmsa(struct vcpu_svm *svm) if (sev_es_debug_swap_enabled) save->sev_features |= SVM_SEV_FEAT_DEBUG_SWAP; + /* Enable the SEV-SNP feature */ + if (sev_snp_guest(svm->vcpu.kvm)) + save->sev_features |= SVM_SEV_FEAT_SNP_ACTIVE; + pr_debug("Virtual Machine Save Area (VMSA):\n"); print_hex_dump_debug("", DUMP_PREFIX_NONE, 16, 1, save, sizeof(*save), false); @@ -1881,6 +1912,12 @@ int sev_mem_enc_ioctl(struct kvm *kvm, void __user *argp) } switch (sev_cmd.id) { + case KVM_SEV_SNP_INIT: + if (!sev_snp_enabled) { + r = -ENOTTY; + goto out; + } + fallthrough; case KVM_SEV_ES_INIT: if (!sev_es_enabled) { r = -ENOTTY; diff --git a/arch/x86/kvm/svm/svm.h b/arch/x86/kvm/svm/svm.h index 635430fa641b..71f56bee0b90 100644 --- a/arch/x86/kvm/svm/svm.h +++ b/arch/x86/kvm/svm/svm.h @@ -76,6 +76,9 @@ enum { /* TPR and CR2 are always written before VMRUN */ #define VMCB_ALWAYS_DIRTY_MASK ((1U << VMCB_INTR) | (1U << VMCB_CR2)) +/* Supported init feature flags */ +#define SEV_SNP_SUPPORTED_FLAGS 0x0 + struct kvm_sev_info { bool active; /* SEV enabled guest */ bool es_active; /* SEV-ES enabled guest */ @@ -91,6 +94,7 @@ struct kvm_sev_info { struct list_head mirror_entry; /* Use as a list entry of mirrors */ struct misc_cg *misc_cg; /* For misc cgroup accounting */ atomic_t migration_in_progress; + u64 snp_init_flags; }; struct kvm_svm { diff --git a/include/uapi/linux/kvm.h b/include/uapi/linux/kvm.h index 65fc983af840..a98a77f4fc4c 100644 --- a/include/uapi/linux/kvm.h +++ b/include/uapi/linux/kvm.h @@ -1962,6 +1962,9 @@ enum sev_cmd_id { /* Guest Migration Extension */ KVM_SEV_SEND_CANCEL, + /* SNP specific commands */ + KVM_SEV_SNP_INIT, + KVM_SEV_NR_MAX, }; @@ -2058,6 +2061,16 @@ struct kvm_sev_receive_update_data { __u32 trans_len; }; +/* enable the restricted injection */ +#define KVM_SEV_SNP_RESTRICTED_INJET (1 << 0) + +/* enable the restricted injection timer */ +#define KVM_SEV_SNP_RESTRICTED_TIMER_INJET (1 << 1) + +struct kvm_snp_init { + __u64 flags; +}; + #define KVM_DEV_ASSIGN_ENABLE_IOMMU (1 << 0) #define KVM_DEV_ASSIGN_PCI_2_3 (1 << 1) #define KVM_DEV_ASSIGN_MASK_INTX (1 << 2) From patchwork Mon Oct 16 13:27:55 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Roth X-Patchwork-Id: 13423302 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id DA138CDB465 for ; Mon, 16 Oct 2023 13:36:58 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 7D59D8D0081; Mon, 16 Oct 2023 09:36:58 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 7862B8D0001; Mon, 16 Oct 2023 09:36:58 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 64DE68D0081; Mon, 16 Oct 2023 09:36:58 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0013.hostedemail.com [216.40.44.13]) by kanga.kvack.org (Postfix) with ESMTP id 53E0B8D0001 for ; Mon, 16 Oct 2023 09:36:58 -0400 (EDT) Received: from smtpin23.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay06.hostedemail.com (Postfix) with ESMTP id 1B623B5AC8 for ; Mon, 16 Oct 2023 13:36:58 +0000 (UTC) X-FDA: 81351425316.23.49EB278 Received: from NAM11-DM6-obe.outbound.protection.outlook.com (mail-dm6nam11on2084.outbound.protection.outlook.com [40.107.223.84]) by imf15.hostedemail.com (Postfix) with ESMTP id 0C2C8A002E for ; Mon, 16 Oct 2023 13:36:54 +0000 (UTC) Authentication-Results: imf15.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b="Xqm/xMZS"; dmarc=pass (policy=quarantine) header.from=amd.com; arc=pass ("microsoft.com:s=arcselector9901:i=1"); spf=pass (imf15.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.223.84 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1697463415; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=GWdaeXF1WpzxovrReWP4uNa5vkCAGXapEZtEfHGIi4Q=; b=HRgiXv0NwmVAQkWcPNdyWQPIfV/Ik6o0cXdX5pBNgaGsnhBNcYxVDa0/+Pa+lirhnpnrEk swh1SYu+GZ1noeVJCAQiee03pPNR7IGrpVcFJ4DgeS/aGltG59G5N5sG6caanyrrMj23e9 lK0Ce1jksRzNodJ+6530yBIOyKezaYE= ARC-Authentication-Results: i=2; imf15.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b="Xqm/xMZS"; dmarc=pass (policy=quarantine) header.from=amd.com; arc=pass ("microsoft.com:s=arcselector9901:i=1"); spf=pass (imf15.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.223.84 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com ARC-Seal: i=2; s=arc-20220608; d=hostedemail.com; t=1697463415; a=rsa-sha256; cv=pass; b=fvsrjC94vTGprDWrvOACysN7h3ISBNM8bprFxe27ETJToAkz/po0ngusV3iBdMsOMZi4/c TVL+gxVHfrLNd1K4VYD8z2LvHCNPTiKCRBJNFIFlct1zUKgF6hfsdWytcyOI0wo1eDp0oa XTenuhvsH52IpW2UMNKqNeZwxqnZEcE= ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=EBlHOgwuoHwotOgi/jEjBap5fNd3Cjjtw979gRMFyBHlpKDkEg2BD9YGdHjiPDxb+nPV4bMF/cIS5v0xTA+pTOzbucBv9XDHhbeoAPCXI137xTO7oKQd7crWX16YXNjPPbDS7ltb3zga+GOKU2vCeChmEe78SG2BQ5TZigModRZmAjVRekKAialXwe+QxWH7k3xVp1NS7HDGyOMi5AXRGNVOV0lcIGkRIbYCkrq94YPj5o7WejqxhExVlX+pq9yyOdlMihNOwjxjH0+mEVF0/HNxcg1Lz9oGt1VmjNEKFPgLlfM9fV0eVn67HaNOsF/AsLfoEUys9x//TG0P52ZDpQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=GWdaeXF1WpzxovrReWP4uNa5vkCAGXapEZtEfHGIi4Q=; b=ko8G28ZuX9s+UvAcMFEUSJRh7XnFXw5Xl8JS0U/TzsigChO2fhAmVfZQrJkV0ML8Z4Zl8t4cTdea/POVFchIE3foQWOJt4dPu8TxyHQmJE2pTveG5zvmRl7KmTIQ32Uj8G0pYMZaYqdEDqbqjNQmZ5oQnByFUlcm5qASk4ZAMnHfmZEjlXrA3OphSpL8i7TzqBQkXtPqWQy7Sp/1aTZ0dHlmy2kNrUjGr34qQTLSNxeur9m/DiqUMfDnq1zRhZfs2G7h5781rTmpuUN8pCwq3ZIXk4GX3bw2l0Cd0yH6o7K2yRyUpT9Sm87A+aAjSDpS6ILKRhfQoe+j6tV+6T7eYw== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=GWdaeXF1WpzxovrReWP4uNa5vkCAGXapEZtEfHGIi4Q=; b=Xqm/xMZSfPQxp1BNNxp+5fqMCaB+qmncO4U0tekyCRE6EGvQ18BGUf3UkF4C/LwR9kGiB2qD7mx8E3LaQsgZi1TC+29hhGz5eyK45WKoJJGVuzhF6OsDzuuKYWILAllQO+bqo4AfbZRTWlcmNgWur1+bdsPNjgo3OqQz35qUP0E= Received: from BL1PR13CA0115.namprd13.prod.outlook.com (2603:10b6:208:2b9::30) by MN0PR12MB6245.namprd12.prod.outlook.com (2603:10b6:208:3c3::21) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6886.35; Mon, 16 Oct 2023 13:36:49 +0000 Received: from BL02EPF0001A0FC.namprd03.prod.outlook.com (2603:10b6:208:2b9:cafe::eb) by BL1PR13CA0115.outlook.office365.com (2603:10b6:208:2b9::30) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6907.17 via Frontend Transport; Mon, 16 Oct 2023 13:36:49 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by BL02EPF0001A0FC.mail.protection.outlook.com (10.167.242.103) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.6838.22 via Frontend Transport; Mon, 16 Oct 2023 13:36:48 +0000 Received: from localhost (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.27; Mon, 16 Oct 2023 08:36:48 -0500 From: Michael Roth To: CC: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , Brijesh Singh Subject: [PATCH v10 26/50] KVM: SEV: Add KVM_SEV_SNP_LAUNCH_START command Date: Mon, 16 Oct 2023 08:27:55 -0500 Message-ID: <20231016132819.1002933-27-michael.roth@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20231016132819.1002933-1-michael.roth@amd.com> References: <20231016132819.1002933-1-michael.roth@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: BL02EPF0001A0FC:EE_|MN0PR12MB6245:EE_ X-MS-Office365-Filtering-Correlation-Id: 2fbf0150-724b-4d54-94e9-08dbce4cf2ea X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: E6agqI9lNN3lBI4vFqsFbcoMnzXErox4kt2TBQI0al5XFQXFZtkt5JcsgkLsTo1IDExCGnj1YXg8kZH7XhY3czbTOMYbLlQLdWvCSBZ5Hrpzbev4RIubXRbzbxKgjQAy5GMp322P/Dbw4fcenqliedJOXXUlkoSkOHUbCiyKBOMLIejxoicTIrpge09colTu0XsdsL40hKh7rJ01AXawCjdilrJYpDvJijqzqK/UsRyrJ5qo+PlhhaCPtpwnggFsFgoo9GbsnOdaKJRiopyJ7C8wcRAVzolCrTJuQthQcfzbY2lSO8cs67ozgM7l+1VRkd7kC1+D0kYYyA8LbLFKnukuKt7Smt/aDi2OBREZt2+OoPnnwx1kYk7Cgav1/SDFzHjeFDIIAZVe0E9r5+3soNt6Y742wHHjAgYHrFmwWl7+C/We0EMHUHm7MCboHJh4DcTX6udSZdcfoqvpMISf7VwtKVMadSlwTJRBIwn9gNWlPAZOGMLLLrou8HPb2SYkFQtUkEvN+holdCdNwnitNiqS827I4Z66hUcQWCFsWUiOKk7c1BUxaXZB67gMcmof5QRBhSWM8yrZzJKZsOv1FkYmCe760RFOU+16YbIZ77JDTCbmE5IEoSSxTmX4KYJN3/sQy9iEjLp7BnGrG20um2jMgu+EXuxPeTW/zoPTgEC+jKw4jT8Joc5OQl2nSmMkmzeYdlvnTcyy30+rCbLFknMsHPoJ6Zaj0WVlVDJWCTBkaorDQnse42oO6yn0Ve9h8DJq1JGZxdERU7jlQcDIsg== X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230031)(4636009)(39860400002)(346002)(376002)(396003)(136003)(230922051799003)(64100799003)(1800799009)(186009)(82310400011)(451199024)(46966006)(36840700001)(40470700004)(478600001)(54906003)(70206006)(70586007)(6666004)(6916009)(47076005)(16526019)(26005)(1076003)(41300700001)(336012)(2616005)(316002)(426003)(7416002)(8676002)(8936002)(4326008)(2906002)(7406005)(5660300002)(44832011)(36756003)(81166007)(86362001)(36860700001)(83380400001)(82740400003)(356005)(40480700001)(40460700003)(36900700001);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 16 Oct 2023 13:36:48.9321 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 2fbf0150-724b-4d54-94e9-08dbce4cf2ea X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: BL02EPF0001A0FC.namprd03.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: MN0PR12MB6245 X-Rspam-User: X-Stat-Signature: cqesfdrfd1cqsjwdy5yfqi5gakpr3m1n X-Rspamd-Server: rspam07 X-Rspamd-Queue-Id: 0C2C8A002E X-HE-Tag: 1697463414-997172 X-HE-Meta: U2FsdGVkX19r9lAv5h/cTJ/XaMe8R8pIp56Cqan8OII8e9H0+d3U2WV5FNyc0VInyd4WdV7ba9ePJBeQ/yiIlmM4XKzBZePbSdY3URKRI5LMdKfgZYqAnevIqLHWsouogWwpde2N8BCAbBwPsLkpoFEJnDmc8yt6szQgl/srXnWWAYk23YoO6xf6QWoYJUpfl5vK55/fUqCVlKhIDNZn0cAmei9cicdUpHZWuNIVVAzWrfComPBzHUI7/7HilHoHDu89m8W3+2yvhXyrchB/mTyAUEHM3OB5fYJTv5AZzWfukdeLhYXXGD8IFwUR23KOcBVwi0ZpXJYaZ9imocmJhgrl8lZrCIMyQO1c2/lx7JfWFRfjUdaKiBcoB+MrfJPwyyhaE8obWaZ5PCAxVUZWw8y19cmDhpOMJnIpAxrzSFkFeszogylippN4VEHKMEIXTzNiUkPj/vv4BTSKNcLkYMpN2TXcXroMFbeBuM2lbN519WPcp/kD+c/R59H0fnvy6jfR44EwTh1HT69Dgxg300Ha7EMshBh4TQahLikHSUHL0M8iSjG7/xEkNn/YJoifQJgMgBTiXIMl+fYcXJDweb/qcN+5+kNZ759u2Q4Myq73GpgeautWj/Ymz5zrXfwTX9hwgWW/xxbKWqeG6uXBJImUAiC9jGyY5OOlevB29Ue2JsTmXlS99QhJSLe2DG8zqkLQ8lOhXmgYJAGtvCyo9w669T7sPGch3ppJu9lywTpZgY65ukfmlujQOqpSVZgGOXUlU8yWqt4wf0lx2hEiMI8iH5aIMUL64wotFWP0sKwZ7LXbwsXXWlxugoFdfYz03aFBm+tf9Z50Esxjue/jjW//GVf7zRwDXNQLfOdTLQlsC+rhhOyesBvT0KiVHQmyNCtUa9VDu5RA5ea6wFraZIJjmSUNHiw+fVFuZDEjEqFBCLTjCiZIU1F/3JU9vM27d1kYDhMHxU2WOj+IgV4 lqwCgtyG RRmrAPxK0R+0ZEaSQg/TOD/QfLPBmOHMBjDvfYOCV/0scbRK1fb2ZOqJutY40KCr4fnQmmi5bpp/W5hLmB3T6Gozi5J/23q+dgGFGcI00gOSXnQwvMIvMsPHyuFQBpUBenj5L5JRv2T0Mk0irsdgmKKS/RI1fdWog3ELOiDZ3GmmVQmgwLIJBdWIHqtWO4ROgXVsgZt4qgLO0PAcuL1tRqLZquOJ4AIUAz3shjMpdA4kFUh6sIzuln3ECgaOwlFpouP/Fzi8MZLDfsqPYG28SXYm8B4PXgRI/JnYnOxjHtG/sdSWwixXmJC+1wQwkkHufNM9U9dWCTxWBC0IJBR9sf0zr3XNgoiuB6rpWSDkg0lK6oTYR56T1XX9X7hzpJmVPmJlx X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: From: Brijesh Singh KVM_SEV_SNP_LAUNCH_START begins the launch process for an SEV-SNP guest. The command initializes a cryptographic digest context used to construct the measurement of the guest. If the guest is expected to be migrated, the command also binds a migration agent (MA) to the guest. For more information see the SEV-SNP specification. Signed-off-by: Brijesh Singh Signed-off-by: Ashish Kalra [mdr: hold sev_deactivate_lock when calling SEV_CMD_SNP_DECOMMISSION] Signed-off-by: Michael Roth --- .../virt/kvm/x86/amd-memory-encryption.rst | 24 +++ arch/x86/kvm/svm/sev.c | 144 +++++++++++++++++- arch/x86/kvm/svm/svm.h | 1 + include/uapi/linux/kvm.h | 10 ++ 4 files changed, 176 insertions(+), 3 deletions(-) diff --git a/Documentation/virt/kvm/x86/amd-memory-encryption.rst b/Documentation/virt/kvm/x86/amd-memory-encryption.rst index b1a19c9a577a..b1beb2fe8766 100644 --- a/Documentation/virt/kvm/x86/amd-memory-encryption.rst +++ b/Documentation/virt/kvm/x86/amd-memory-encryption.rst @@ -461,6 +461,30 @@ The flags bitmap is defined as:: If the specified flags is not supported then return -EOPNOTSUPP, and the supported flags are returned. +19. KVM_SNP_LAUNCH_START +------------------------ + +The KVM_SNP_LAUNCH_START command is used for creating the memory encryption +context for the SEV-SNP guest. To create the encryption context, user must +provide a guest policy, migration agent (if any) and guest OS visible +workarounds value as defined SEV-SNP specification. + +Parameters (in): struct kvm_snp_launch_start + +Returns: 0 on success, -negative on error + +:: + + struct kvm_sev_snp_launch_start { + __u64 policy; /* Guest policy to use. */ + __u64 ma_uaddr; /* userspace address of migration agent */ + __u8 ma_en; /* 1 if the migration agent is enabled */ + __u8 imi_en; /* set IMI to 1. */ + __u8 gosvw[16]; /* guest OS visible workarounds */ + }; + +See the SEV-SNP specification for further detail on the launch input. + References ========== diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c index 0cd2a850cb45..a4efd1858a9c 100644 --- a/arch/x86/kvm/svm/sev.c +++ b/arch/x86/kvm/svm/sev.c @@ -24,6 +24,7 @@ #include #include #include +#include #include "mmu.h" #include "x86.h" @@ -73,6 +74,10 @@ static bool sev_snp_enabled; #define AP_RESET_HOLD_NAE_EVENT 1 #define AP_RESET_HOLD_MSR_PROTO 2 +/* As defined by SEV-SNP Firmware ABI, under "Guest Policy". */ +#define SNP_POLICY_MASK_SMT BIT_ULL(16) +#define SNP_POLICY_MASK_SINGLE_SOCKET BIT_ULL(20) + static u8 sev_enc_bit; static DECLARE_RWSEM(sev_deactivate_lock); static DEFINE_MUTEX(sev_bitmap_lock); @@ -83,6 +88,8 @@ static unsigned int nr_asids; static unsigned long *sev_asid_bitmap; static unsigned long *sev_reclaim_asid_bitmap; +static int snp_decommission_context(struct kvm *kvm); + struct enc_region { struct list_head list; unsigned long npages; @@ -108,12 +115,17 @@ static int sev_flush_asids(int min_asid, int max_asid) down_write(&sev_deactivate_lock); wbinvd_on_all_cpus(); - ret = sev_guest_df_flush(&error); + + if (sev_snp_enabled) + ret = sev_do_cmd(SEV_CMD_SNP_DF_FLUSH, NULL, &error); + else + ret = sev_guest_df_flush(&error); up_write(&sev_deactivate_lock); if (ret) - pr_err("SEV: DF_FLUSH failed, ret=%d, error=%#x\n", ret, error); + pr_err("SEV%s: DF_FLUSH failed, ret=%d, error=%#x\n", + sev_snp_enabled ? "-SNP" : "", ret, error); return ret; } @@ -1888,6 +1900,94 @@ int sev_vm_move_enc_context_from(struct kvm *kvm, unsigned int source_fd) return ret; } +/* + * The guest context contains all the information, keys and metadata + * associated with the guest that the firmware tracks to implement SEV + * and SNP features. The firmware stores the guest context in hypervisor + * provide page via the SNP_GCTX_CREATE command. + */ +static void *snp_context_create(struct kvm *kvm, struct kvm_sev_cmd *argp) +{ + struct sev_data_snp_addr data = {}; + void *context; + int rc; + + /* Allocate memory for context page */ + context = snp_alloc_firmware_page(GFP_KERNEL_ACCOUNT); + if (!context) + return NULL; + + data.gctx_paddr = __psp_pa(context); + rc = __sev_issue_cmd(argp->sev_fd, SEV_CMD_SNP_GCTX_CREATE, &data, &argp->error); + if (rc) { + snp_free_firmware_page(context); + return NULL; + } + + return context; +} + +static int snp_bind_asid(struct kvm *kvm, int *error) +{ + struct kvm_sev_info *sev = &to_kvm_svm(kvm)->sev_info; + struct sev_data_snp_activate data = {0}; + + data.gctx_paddr = __psp_pa(sev->snp_context); + data.asid = sev_get_asid(kvm); + return sev_issue_cmd(kvm, SEV_CMD_SNP_ACTIVATE, &data, error); +} + +static int snp_launch_start(struct kvm *kvm, struct kvm_sev_cmd *argp) +{ + struct kvm_sev_info *sev = &to_kvm_svm(kvm)->sev_info; + struct sev_data_snp_launch_start start = {0}; + struct kvm_sev_snp_launch_start params; + int rc; + + if (!sev_snp_guest(kvm)) + return -ENOTTY; + + if (copy_from_user(¶ms, (void __user *)(uintptr_t)argp->data, sizeof(params))) + return -EFAULT; + + /* Don't allow userspace to allocate memory for more than 1 SNP context. */ + if (sev->snp_context) + return -EINVAL; + + sev->snp_context = snp_context_create(kvm, argp); + if (!sev->snp_context) + return -ENOTTY; + + if (params.policy & SNP_POLICY_MASK_SINGLE_SOCKET) { + pr_warn("SEV-SNP hypervisor does not support limiting guests to a single socket."); + return -EINVAL; + } + + if (!(params.policy & SNP_POLICY_MASK_SMT)) { + pr_warn("SEV-SNP hypervisor does not support limiting guests to a single SMT thread."); + return -EINVAL; + } + + start.gctx_paddr = __psp_pa(sev->snp_context); + start.policy = params.policy; + memcpy(start.gosvw, params.gosvw, sizeof(params.gosvw)); + rc = __sev_issue_cmd(argp->sev_fd, SEV_CMD_SNP_LAUNCH_START, &start, &argp->error); + if (rc) + goto e_free_context; + + sev->fd = argp->sev_fd; + rc = snp_bind_asid(kvm, &argp->error); + if (rc) + goto e_free_context; + + return 0; + +e_free_context: + snp_decommission_context(kvm); + + return rc; +} + int sev_mem_enc_ioctl(struct kvm *kvm, void __user *argp) { struct kvm_sev_cmd sev_cmd; @@ -1978,6 +2078,9 @@ int sev_mem_enc_ioctl(struct kvm *kvm, void __user *argp) case KVM_SEV_RECEIVE_FINISH: r = sev_receive_finish(kvm, &sev_cmd); break; + case KVM_SEV_SNP_LAUNCH_START: + r = snp_launch_start(kvm, &sev_cmd); + break; default: r = -EINVAL; goto out; @@ -2170,6 +2273,33 @@ int sev_vm_copy_enc_context_from(struct kvm *kvm, unsigned int source_fd) return ret; } +static int snp_decommission_context(struct kvm *kvm) +{ + struct kvm_sev_info *sev = &to_kvm_svm(kvm)->sev_info; + struct sev_data_snp_addr data = {}; + int ret; + + /* If context is not created then do nothing */ + if (!sev->snp_context) + return 0; + + data.gctx_paddr = __sme_pa(sev->snp_context); + down_write(&sev_deactivate_lock); + ret = sev_do_cmd(SEV_CMD_SNP_DECOMMISSION, &data, NULL); + if (WARN_ONCE(ret, "failed to release guest context")) { + up_write(&sev_deactivate_lock); + return ret; + } + + up_write(&sev_deactivate_lock); + + /* free the context page now */ + snp_free_firmware_page(sev->snp_context); + sev->snp_context = NULL; + + return 0; +} + void sev_vm_destroy(struct kvm *kvm) { struct kvm_sev_info *sev = &to_kvm_svm(kvm)->sev_info; @@ -2211,7 +2341,15 @@ void sev_vm_destroy(struct kvm *kvm) } } - sev_unbind_asid(kvm, sev->handle); + if (sev_snp_guest(kvm)) { + if (snp_decommission_context(kvm)) { + WARN_ONCE(1, "Failed to free SNP guest context, leaking asid!\n"); + return; + } + } else { + sev_unbind_asid(kvm, sev->handle); + } + sev_asid_free(sev); } diff --git a/arch/x86/kvm/svm/svm.h b/arch/x86/kvm/svm/svm.h index 71f56bee0b90..f86dd7d09441 100644 --- a/arch/x86/kvm/svm/svm.h +++ b/arch/x86/kvm/svm/svm.h @@ -95,6 +95,7 @@ struct kvm_sev_info { struct misc_cg *misc_cg; /* For misc cgroup accounting */ atomic_t migration_in_progress; u64 snp_init_flags; + void *snp_context; /* SNP guest context page */ }; struct kvm_svm { diff --git a/include/uapi/linux/kvm.h b/include/uapi/linux/kvm.h index a98a77f4fc4c..e92da3d4f569 100644 --- a/include/uapi/linux/kvm.h +++ b/include/uapi/linux/kvm.h @@ -1964,6 +1964,7 @@ enum sev_cmd_id { /* SNP specific commands */ KVM_SEV_SNP_INIT, + KVM_SEV_SNP_LAUNCH_START, KVM_SEV_NR_MAX, }; @@ -2071,6 +2072,15 @@ struct kvm_snp_init { __u64 flags; }; +struct kvm_sev_snp_launch_start { + __u64 policy; + __u64 ma_uaddr; + __u8 ma_en; + __u8 imi_en; + __u8 gosvw[16]; + __u8 pad[6]; +}; + #define KVM_DEV_ASSIGN_ENABLE_IOMMU (1 << 0) #define KVM_DEV_ASSIGN_PCI_2_3 (1 << 1) #define KVM_DEV_ASSIGN_MASK_INTX (1 << 2) From patchwork Mon Oct 16 13:27:56 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Roth X-Patchwork-Id: 13423303 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id C0AF9CDB465 for ; Mon, 16 Oct 2023 13:37:16 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 4A2AD8D0082; Mon, 16 Oct 2023 09:37:16 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 451E28D0001; Mon, 16 Oct 2023 09:37:16 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 2F3188D0082; Mon, 16 Oct 2023 09:37:16 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0014.hostedemail.com [216.40.44.14]) by kanga.kvack.org (Postfix) with ESMTP id 200338D0001 for ; Mon, 16 Oct 2023 09:37:16 -0400 (EDT) Received: from smtpin18.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay02.hostedemail.com (Postfix) with ESMTP id 04EB4120905 for ; Mon, 16 Oct 2023 13:37:15 +0000 (UTC) X-FDA: 81351426072.18.C09E459 Received: from NAM04-MW2-obe.outbound.protection.outlook.com (mail-mw2nam04on2069.outbound.protection.outlook.com [40.107.101.69]) by imf21.hostedemail.com (Postfix) with ESMTP id CBF841C0013 for ; Mon, 16 Oct 2023 13:37:12 +0000 (UTC) Authentication-Results: imf21.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b=CY9xfaiH; arc=pass ("microsoft.com:s=arcselector9901:i=1"); dmarc=pass (policy=quarantine) header.from=amd.com; spf=pass (imf21.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.101.69 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com ARC-Seal: i=2; s=arc-20220608; d=hostedemail.com; t=1697463433; a=rsa-sha256; cv=pass; b=E87TJiYRy4Ht1qHx1sJe69Bv6Bl7fxNSUThhUEM5o5xwf93o3LQy0VzeTzA0xQCJkocPe9 TwMRZWkYoDBL1Rv8XjTowq2YzHGU5Gf9gVdmHK0nDqi4qTiFUFjbponyxUusfuOiwHqBEU 3/JhcKl6FXK7JEBUp4LaDnFyoiZGcjc= ARC-Authentication-Results: i=2; imf21.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b=CY9xfaiH; arc=pass ("microsoft.com:s=arcselector9901:i=1"); dmarc=pass (policy=quarantine) header.from=amd.com; spf=pass (imf21.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.101.69 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1697463433; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=ttCY0PAjCssr2vk9Ijn11yJMsq141/jWm+U/FbPX6KA=; b=Q4T0FlLJdT0EfSdvH/OwJGxzbwRuCGAbudvwgqBGkzSyu54t3dwJAvtNJaKiO+LHmXpROv cpIwJw3MickvoN98n4OTKOrffvw4+cgxLa/CICQBNKAuvsHM6reFUOitQYtK0cQ6bkxiOn MkB6BdEUKF4sP0V7EW2HTPfZrQa6/m4= ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=cm2Jz1hxXXpdCgo4lxq3To1U7QMcg144teFGCS6C2/rgsfHUwpIdxNMVb0iwk9yNM43JoETrbRje8kpkebmS1G+iN8mNeGxolhEdkKbR0hdDx9KoxYzeH6R6o4Et+5/LxrZBgg55fdtAQRpQL0aZlCSx+oEgxlA336VAlMh7jJSOMkDXNUY2Q1AomJZHO7K4QZVvA5wC+TQpAQkUWjkk2OOujIgnxz4TtgrZThME0U8VHfRte9MoBDSZEkHOgTJKfrJ5yEWkfzTO+A/rNIDowVpu3PrdxgRoM+m7JA/WkZhjSqGzPwCQOt4vRgjjV12j85e5IufzmIYku1dAzKXYyg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=ttCY0PAjCssr2vk9Ijn11yJMsq141/jWm+U/FbPX6KA=; b=Wbs6XCSPjkamkkLEh4PB9AQIwd18+9tusvlkB8Q+OEQdiBWX+FjsjeXKA5MbNXi2+ffMsJpdy5Zj5jwKvrdOKgySFYixZ8Lx6o6gQvugzrlbdb15Q+6JVnw1zJ2ba5I2HYbY/2FpbYQZEUQx4Y82rYo60PVRXdBWT1J3DdDbee5qndtWWebQ5FuwqQfErHU1gL6A+kCamAVKmEpvgrRSYH5O7EF8Yg0LTqZX2TD8CsKfkJTUonYX1YWLYxFcuY51E1dch++CKMjanALNoKlbDAhc2/08QfFlBsuH6INo7g1bEnkmKSN1Lf0DWLKU4f2CL5TEJXr8eD07QVqB5UAVGA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=ttCY0PAjCssr2vk9Ijn11yJMsq141/jWm+U/FbPX6KA=; b=CY9xfaiHo0BbZpo0FjzC0TQOI9oDCPk+nLrLqZMNDnPETX+ct/YsMizEWWuJdvFioMGz81UwR67bU2Ftpa3KC+GEpEenkIQ7sPWYTN7CtZdoxalfoBHXiQI8HNXcg2zGfib/wVGY86yuZjIHpwKJQ5EVnjFbcyrbXq2jizZwDgY= Received: from MN2PR19CA0020.namprd19.prod.outlook.com (2603:10b6:208:178::33) by BN9PR12MB5145.namprd12.prod.outlook.com (2603:10b6:408:136::20) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6886.35; Mon, 16 Oct 2023 13:37:09 +0000 Received: from BL02EPF0001A0FF.namprd03.prod.outlook.com (2603:10b6:208:178:cafe::8c) by MN2PR19CA0020.outlook.office365.com (2603:10b6:208:178::33) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6886.36 via Frontend Transport; Mon, 16 Oct 2023 13:37:09 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by BL02EPF0001A0FF.mail.protection.outlook.com (10.167.242.106) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.6838.22 via Frontend Transport; Mon, 16 Oct 2023 13:37:09 +0000 Received: from localhost (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.27; Mon, 16 Oct 2023 08:37:08 -0500 From: Michael Roth To: CC: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , Vishal Annapurve Subject: [PATCH v10 27/50] KVM: Add HVA range operator Date: Mon, 16 Oct 2023 08:27:56 -0500 Message-ID: <20231016132819.1002933-28-michael.roth@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20231016132819.1002933-1-michael.roth@amd.com> References: <20231016132819.1002933-1-michael.roth@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: BL02EPF0001A0FF:EE_|BN9PR12MB5145:EE_ X-MS-Office365-Filtering-Correlation-Id: 26e67074-72b9-4eb8-8f80-08dbce4cff01 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: EAI9pJtIoZpIAYc2AotSZPmlaEvun0DhmVRr8sGZIROLdfN/8pPu4Q4OwOidJizeNfFT6TqNwkZIQewIBGImIFdKmzwLXTDL7bT+wcdp66nLMjV9QV2nE4KNWXB4Z5PHFiEoIoxNI7NZX1ImpKu+jqJpGHelWWf4hrXhEEggNxhVseww9vixsPeZM58wMCvV4+9YxUyPOSCUcrfZyT8Y4MZDf2IaZPFcv9FHB3MpaJMhri4iFs6m8WIUoMlNdnXtlMHRhCn1Y/8UlZpk4YJnnn1+LG7ZsfCelYdeB3HnU1kByEIgHTX+8qWuTbk5OV0HGKDoQRaQcB+pPY5P72yDKSr5gmnouMotPudqbJ4C7uiocGrbumv2bEgeasb4TTuZmm/EwJ4IBRT90eZJ452VE1bRS8bxRbzeObNWxtv2ONBYvWPX8aMR1FE2cR26kpWtqcmOgombUouIaJGgmnr9foSrq9M8/mA9qD2+l/7htv2iG7Ixd4awGTwmFa/Tw45UKwFlV+ctXWzVAliOk2RqGkikewZWHOidykUYasjEjycPgwkWhxf7jF/5mv4nCe+BWJhRU4LABr9Bmudn15Fj0prjTRhMk8vlDte8O0znYS1oGmcJEjDW6q/NZGpuWOwiGMYmd3mzfFk/KuN10hI/KdPhQIsWj5gST7kP/6bfrzPldye5WX1Lh7vGI3JXcEWVfzkCPCrSxbIpPWVbp0llJy7VNte9YX9UYmiEjHhz5mWOS6yxTgWNnCzoJDw+dCGxV5sRclv9B3gCFnzcV8laRQ== X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230031)(4636009)(136003)(396003)(39860400002)(346002)(376002)(230922051799003)(1800799009)(451199024)(82310400011)(186009)(64100799003)(40470700004)(46966006)(36840700001)(40480700001)(5660300002)(44832011)(40460700003)(6666004)(2906002)(1076003)(26005)(36756003)(2616005)(426003)(336012)(83380400001)(16526019)(82740400003)(356005)(81166007)(86362001)(36860700001)(47076005)(7416002)(7406005)(478600001)(41300700001)(6916009)(316002)(54906003)(70586007)(70206006)(4326008)(8936002)(8676002)(36900700001);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 16 Oct 2023 13:37:09.3560 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 26e67074-72b9-4eb8-8f80-08dbce4cff01 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: BL02EPF0001A0FF.namprd03.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: BN9PR12MB5145 X-Rspam-User: X-Rspamd-Server: rspam06 X-Rspamd-Queue-Id: CBF841C0013 X-Stat-Signature: fbntrquttxwqxp53xg47cynem6xht8dy X-HE-Tag: 1697463432-667688 X-HE-Meta: U2FsdGVkX1/vo3yjPaP586ROjCpefMNbN8lwjlq5wC1YLgIVdAcA7KlJjXD8oVFLgl+VenWKjWNAiw8Wx8WuRP2+WZ5X3iQfNvgBOsp39vF6xRq4CQe3RgXI8zyOaF5tBheRpLjRb0Dk7HB4jQoHXWry83Cj600Z8vpsxqFlk/TLo0TtYkemVZ9f2bm9UxVKOLjuAvRQghJPuOqHlJaIHeBCy6OmLRPQjpQ0xwdaKh1YMjZPNSq3CEpaKwADpZ+qb5ShBwAPkXdXnu6mECJvm3ovsMYaRCIxoSxWPc9GM5w0vq9LpeXi6Q9kVZNdVY35qCNPiVefSYNFwIRHbQwElk4bXUBe94Q+FjddbW2cKneCOqxIfJsRg/n4JR99w4CC7PaMJ3DlFxXkayYnT0ks/fdOo16pc65GGXLlknA4QfpXcHKy76lYlXgm888waWiXkSN7XZ3pti+MLLRIPnAmPz00rzZ6cF8+rxP7XflyKibuWxjzsm4zN5erPJype+sKENVfJPJ9X8A5F+O8E8Xk63VAtUbTNgx7FjJ8B3TChDM5vFeWzeuY7p61awOiMSkKe3Nuy+7L0qtuWJ0pp8Y6D1GWL0TQywN7dKtTFpvouAEqCZKzVq8u6JBJuGz5JiWRPUNNeqVOdpDvSRWAp7BghbvwoOit9FaLtSJJi+asvQCzt7DQenMjKCo1CLRgruXWfcV1E6uuz6k1ReUZKlWjla9NEOJhYmAdtK0AFN9HT5+Im0X+N4dVYJxR+v1bDA98ma9tcJ0jikhQNd5W+MeawxKAJElg2NFhFsX2sGNJrBbBk1+1Rfi7jG9yw67lylGREeNcd4a5zY7/YI/cLW7IzC370o7UNZr0aQx9cCQg2UAYYJ4+03jVBdcd+614Dt6TAvBeAnsndKGcwc5Izf9xu1s34MwrCFuCiPWL4wX9NFUroEPh5dllsWWybeHxU52Z0gn7dvX4jX55R+FbDrk SIl5M4iJ Uf6bByJX4xKfcxK6GBfkt7HTBVgy1LXpZ96uCQCXuY4W17XYaQ/9JoE/uPfWTg6g4G6K82C0LUbGwQkQIHJv2I2DxVocF04T9rh366z/Hss8uieZh6vKBFjtoIx6Ya4yezX2z2d57ympx2HyzdWbWn3+VseVHvv9BZjD/7QjnhOVpTTHBY7JsxRMoprZV0F7s7UMaTSBbPZnIUZWNA27jkkmwJKeggMhKpC1IyYhuRlL3oY3+NWO5QINulsxTbzJ6LZEBAHtowGhS3xbesj3bPeAGpbKVZ7Cyb9lCmLebyT57d+iJMAYawvXJoZJamVJ9fJ30N7UTyoq3Yk9B0fc03a52ooHM8+geofmY864Gp4KhBhQ= X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: From: Vishal Annapurve Introduce HVA range operator so that other KVM subsystems can operate on HVA range. Signed-off-by: Vishal Annapurve [mdr: minor checkpatch alignment fixups] Signed-off-by: Michael Roth --- include/linux/kvm_host.h | 6 +++++ virt/kvm/kvm_main.c | 49 ++++++++++++++++++++++++++++++++++++++++ 2 files changed, 55 insertions(+) diff --git a/include/linux/kvm_host.h b/include/linux/kvm_host.h index 840a5be5962a..f5453006b98d 100644 --- a/include/linux/kvm_host.h +++ b/include/linux/kvm_host.h @@ -1431,6 +1431,12 @@ void kvm_mmu_invalidate_range_add(struct kvm *kvm, gfn_t start, gfn_t end); void kvm_mmu_invalidate_end(struct kvm *kvm); bool kvm_mmu_unmap_gfn_range(struct kvm *kvm, struct kvm_gfn_range *range); +typedef int (*kvm_hva_range_op_t)(struct kvm *kvm, + struct kvm_gfn_range *range, void *data); + +int kvm_vm_do_hva_range_op(struct kvm *kvm, unsigned long hva_start, + unsigned long hva_end, kvm_hva_range_op_t handler, void *data); + long kvm_arch_dev_ioctl(struct file *filp, unsigned int ioctl, unsigned long arg); long kvm_arch_vcpu_ioctl(struct file *filp, diff --git a/virt/kvm/kvm_main.c b/virt/kvm/kvm_main.c index 959e866c84f0..2ad452a13d82 100644 --- a/virt/kvm/kvm_main.c +++ b/virt/kvm/kvm_main.c @@ -676,6 +676,55 @@ static __always_inline kvm_mn_ret_t __kvm_handle_hva_range(struct kvm *kvm, return r; } +int kvm_vm_do_hva_range_op(struct kvm *kvm, unsigned long hva_start, + unsigned long hva_end, kvm_hva_range_op_t handler, void *data) +{ + int ret = 0; + struct kvm_gfn_range gfn_range; + struct kvm_memory_slot *slot; + struct kvm_memslots *slots; + int i, idx; + + if (WARN_ON_ONCE(hva_end <= hva_start)) + return -EINVAL; + + idx = srcu_read_lock(&kvm->srcu); + + for (i = 0; i < kvm_arch_nr_memslot_as_ids(kvm); i++) { + struct interval_tree_node *node; + + slots = __kvm_memslots(kvm, i); + kvm_for_each_memslot_in_hva_range(node, slots, + hva_start, hva_end - 1) { + unsigned long start, end; + + slot = container_of(node, struct kvm_memory_slot, + hva_node[slots->node_idx]); + start = max(hva_start, slot->userspace_addr); + end = min(hva_end, slot->userspace_addr + + (slot->npages << PAGE_SHIFT)); + + /* + * {gfn(page) | page intersects with [hva_start, hva_end)} = + * {gfn_start, gfn_start+1, ..., gfn_end-1}. + */ + gfn_range.start = hva_to_gfn_memslot(start, slot); + gfn_range.end = hva_to_gfn_memslot(end + PAGE_SIZE - 1, slot); + gfn_range.slot = slot; + + ret = handler(kvm, &gfn_range, data); + if (ret) + goto e_ret; + } + } + +e_ret: + srcu_read_unlock(&kvm->srcu, idx); + + return ret; +} +EXPORT_SYMBOL_GPL(kvm_vm_do_hva_range_op); + static __always_inline int kvm_handle_hva_range(struct mmu_notifier *mn, unsigned long start, unsigned long end, From patchwork Mon Oct 16 13:27:57 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Roth X-Patchwork-Id: 13423304 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 0F952CDB482 for ; Mon, 16 Oct 2023 13:37:52 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 9F9DB8D0083; Mon, 16 Oct 2023 09:37:51 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 9A9358D0001; Mon, 16 Oct 2023 09:37:51 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 822E98D0083; Mon, 16 Oct 2023 09:37:51 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0013.hostedemail.com [216.40.44.13]) by kanga.kvack.org (Postfix) with ESMTP id 707628D0001 for ; Mon, 16 Oct 2023 09:37:51 -0400 (EDT) Received: from smtpin06.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay10.hostedemail.com (Postfix) with ESMTP id 49A0DC093F for ; Mon, 16 Oct 2023 13:37:51 +0000 (UTC) X-FDA: 81351427542.06.9C8409B Received: from NAM11-BN8-obe.outbound.protection.outlook.com (mail-bn8nam11on2041.outbound.protection.outlook.com [40.107.236.41]) by imf02.hostedemail.com (Postfix) with ESMTP id 2A30280016 for ; Mon, 16 Oct 2023 13:37:47 +0000 (UTC) Authentication-Results: imf02.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b=GU2qztOs; spf=pass (imf02.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.236.41 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com; arc=pass ("microsoft.com:s=arcselector9901:i=1"); dmarc=pass (policy=quarantine) header.from=amd.com ARC-Seal: i=2; s=arc-20220608; d=hostedemail.com; t=1697463468; a=rsa-sha256; cv=pass; b=WcirmfsBZEk3zXHrZqAVnKoPcV2yAoOeXW6UMLNg0XPVEwpSAa3KZWEId8Tjy4aqgf3XDG fvv/E5cB0qpSidwsOzG3Z/atk+kup/AssTXnICIvToW599Z68tBlVEQgtMPOY8f5qalrCo MwGV/a3UmU8xt85cKveo6Rq6qqiQt6E= ARC-Authentication-Results: i=2; imf02.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b=GU2qztOs; spf=pass (imf02.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.236.41 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com; arc=pass ("microsoft.com:s=arcselector9901:i=1"); dmarc=pass (policy=quarantine) header.from=amd.com ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1697463468; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=Jd/rJi/JYGrqeBoWHN7tLgjtCMkUtoUlp7tOldubjJI=; b=CdMuMWUQuBdjFgKa1cMsrM5quYoldhkmrE1v8gp5qEa13rfuzp5zYwFaOxZ2MiteSTtK+Z rXqDRxuYaxOJnoepuMays/N/tLaeeavwAIBF6CCJzpPUhAjbKaMXKs9eScMKj6SwpodlrU dk0fe7uIEH1iRFoaFr6GqtGGNGEqVsw= ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=aawbUnU/tAghCQgF6mx2SxJjWDsb5orIA6wPqcsliszVCSYwB9yNQoXwpgspE0zeOUesrTHr60eWUBq/m74josTzKPrLcUbPX+jkju0oP2dB6vecAlgp/bCqpEoMU4ZcdGKGsemBOZIqH6Gwthkcch56GtyDzGAEMyA6MPBtvbeuUFMCz3CZTsBZBNeNHeilCoJKfCyIWaiqzUaatP3jrBd3dy9GTqscnBhdIIWYsK7GcUcMxrJpUaA3AFQTbYrs+ePTsuL5SHG3trvlzkDPDjVO6HzGxaIOBBtDD6RH15yLHt3vOOst7cuDfFRUADG3ukegaehK7meZ2r5/Ei1NyA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=Jd/rJi/JYGrqeBoWHN7tLgjtCMkUtoUlp7tOldubjJI=; b=QkVgj91srrSDnOyYUawBUCS302IdYfO4S/IsPjxoRyxs9podIHS2OZIF8O0muwLS3zBSekbYQH+cGChUNUmk5Psvr9ndkKT/QsEBSx5dd5QXGs3HFF6Jy+vrYBUF10miZG0/DR1bt2DOucbjE7vdlvdJHoIx2g6gjuCJi0wz0LyXf3H/O30vdL4SgJwjylCpugr0kmKgdyS8n/Rci6afas6xn4Z2kM763k8rYPVTmpKTjTCx/oHjgTbiAtvyVi0D3UiTUKED0vN1MApDt2114ZHxYyer7+NqOe4aVE2jNq6AOvFneIhxFwPo9onJEt5sYJjvp5BHE/qgPwUP9VVuDg== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=Jd/rJi/JYGrqeBoWHN7tLgjtCMkUtoUlp7tOldubjJI=; b=GU2qztOscUO2zDuXFolAN3GakEcuD+AS5EBR+j9n7sUG6G0sK3GFDI6BTTts6RKLg3Rf6Iz5HOdFSjP5huqnMUHgetOxgZDBidGEkSZVSYYNeuRj8U5ir2SWwgBHD7wwJzwX7j4cxEcDmG/CjMnyQ0IgMKa4OBAsME7zHS+7+ns= Received: from BL1PR13CA0381.namprd13.prod.outlook.com (2603:10b6:208:2c0::26) by MN0PR12MB6127.namprd12.prod.outlook.com (2603:10b6:208:3c5::11) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6886.36; Mon, 16 Oct 2023 13:37:44 +0000 Received: from BL02EPF0001A0FA.namprd03.prod.outlook.com (2603:10b6:208:2c0:cafe::43) by BL1PR13CA0381.outlook.office365.com (2603:10b6:208:2c0::26) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6907.17 via Frontend Transport; Mon, 16 Oct 2023 13:37:44 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by BL02EPF0001A0FA.mail.protection.outlook.com (10.167.242.101) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.6838.22 via Frontend Transport; Mon, 16 Oct 2023 13:37:44 +0000 Received: from localhost (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.27; Mon, 16 Oct 2023 08:37:43 -0500 From: Michael Roth To: CC: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , Brijesh Singh Subject: [PATCH v10 28/50] KVM: SEV: Add KVM_SEV_SNP_LAUNCH_UPDATE command Date: Mon, 16 Oct 2023 08:27:57 -0500 Message-ID: <20231016132819.1002933-29-michael.roth@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20231016132819.1002933-1-michael.roth@amd.com> References: <20231016132819.1002933-1-michael.roth@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: BL02EPF0001A0FA:EE_|MN0PR12MB6127:EE_ X-MS-Office365-Filtering-Correlation-Id: b9b405b2-fb92-4f7b-c57b-08dbce4d13ad X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: 5ofqVyda5Mr4SX0KjVoQxxjDCbYkinPn48NwbxEsDQ8vESn+ykEzivDJtyZ1xhTptcGDk9kIl9gto1ibiUYrtiE55nvphfAedcVSGI+Zecur+bbFvu6tIr7va7nyjC+o7waDlq3PiZVxPuGOp16Chua2EWIp98dmi+YmaFRtNXDuna6rUmNGx1mG+qgyxXIZhda8gEZ61PCvr8pFZM9+gZOwR3+Ka4mrNgN8oV40xn8gvkuMhl5t1M+QDrDt3nj8PS+zcdWhO7xDIWxMAnWEhohLKXekT9hVArB4xiXmKiSR0I2sVz7SpeP8Fns56vPnjthw4xrSmwUeTGRsIqDaWfwS7WOYuxo79Xk4Flgs3HPck9fkYg5tdBlZJvFx8MrL+arh8IllhPkKmMzLQ5KFL4pdGARyJ30WoVvtPxMPv3Xv8j+kuNIfc2SzbEHdslleNsBAlJ92bcYqtkM48KHus3Gi2xOGYxXhRFpyzIzdtxDJReZKS8AXARrJrIjKSdrwhUdwSHJbNjN9yY1IQBjmKHD+jC/HirLKrvu8BwEquIYykUu1a4Nkmk0bIE5YSe70n8jTql9GxKVncMdof+oYxUhgqk3jqOod5jnuJC++Fbx2k3/UXqwEuwbl5HVHDOeOL0bqN8DDqaWSZF1F4gKJM1B6e0HQSOY2M4OIg+4eHgoQ0uaHZO4OjhAXWfAQh/pEfodUzKfuxZ3ekQzwc0HRJY/SfFPDyhHgVH0lOrL5LAP8W6JsmnkCfxwMh5pJtXRqM20CO/e54SyX26fNAdia6g== X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230031)(4636009)(136003)(396003)(376002)(346002)(39860400002)(230922051799003)(1800799009)(82310400011)(186009)(64100799003)(451199024)(40470700004)(46966006)(36840700001)(54906003)(70206006)(70586007)(478600001)(316002)(6916009)(336012)(426003)(1076003)(2616005)(16526019)(26005)(5660300002)(8676002)(8936002)(4326008)(6666004)(7406005)(7416002)(44832011)(2906002)(41300700001)(86362001)(81166007)(356005)(36756003)(82740400003)(36860700001)(47076005)(83380400001)(40460700003)(40480700001)(36900700001);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 16 Oct 2023 13:37:44.0234 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: b9b405b2-fb92-4f7b-c57b-08dbce4d13ad X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: BL02EPF0001A0FA.namprd03.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: MN0PR12MB6127 X-Rspamd-Server: rspam08 X-Rspamd-Queue-Id: 2A30280016 X-Stat-Signature: n7qmec9sp64bbe5ra58coug8i8szuz1t X-Rspam-User: X-HE-Tag: 1697463467-779152 X-HE-Meta: U2FsdGVkX19sAlmO0fqx3BeaKfCgbjx5AGF2Gwmc59IgfdVjauWTpIeClLINKpUv1mhBNXzhVcBjjDYbOd94+rvxXEt/wWsOMq/m5F/QB+2aEL8YZpSHwZbR/6PjqHKMamKtvHIHfSerdnIwUNGl3i0G/Bg3aTgrHiAmhLU58LjjB4exT4x1mD/j+70B+UyKIeUdfyRcqC+ZW317UHmywNk6CcoK40klrUoKYDT7BrO28Lfx2jEykXhmkn548tGa/iLHUiuCl3lLIfgblK1XcoGMehPB48oKYrZ7iucm16niXgwSV0w/N3F4Fz2+Ia2yXYI7ns19Tchquv48zqy/Dn9CvRM2Cbu8DxFqwet6KBBTpQ0PBEezQ9zTK1cF2p8j1BIl8U6ORcH/Wc/Oo5FST/gVXgP97qb6KFF05xArlTCT8XGR+lkf5nqu0RdiOF9xntGndZQtMoW4LNrnAVtIQs33Tz459lkGYq0bkRNTWUUbEXbXt8SYW1Ds/jdUYkYv/xNJOScdZXxZSjrPkmIs8GwLPo1EbtrYraYNJbi0uYO+5zMNM+Gs8F+4dNUfKgntXxbPMzaXafMWPHubJ1nl7BFNk7rG4bxf5V7+a/PyjJaVCKcpgvmMiv+my2fuGXMrm+woPx6/rFz/8c2cobPCH1fqvZQAGieTVqenAfon+Kl/8qbacV6j3SIHDUuAZS89FNmlBS9jxd56j8AEoAFPIaL709eFtZwp0LUx7K+sZNwZHCvchvjMQ7FLDzzGGmK+XL2CxZS/vsBcuWEXSgfRJXhBCFVUwJUELNjcocjzrDgWtE04Mx2zEnEZX6t3nSdSwxNnhCGc9RW9LVHjsh5fbea9ubzHckxHlAvuSlXr3l6yKf9EZZ0sUsAyCKeH8i/eokSc+iWzRzJueUwnlfzGW6Nzc5jvJ6tyiUCJGazShU+rY3s4a3StjEMtc6D4vxm0NJBsRPI1tI7+e8L0ZUz xVm7SwEe 9ER1tQvlR1kw5m86qxwVEDefrxxZ5hExUWJTyA/Jv11vK3E/dsUxtKeLbbXa93HChsD2ptb6B1Q/Ewmuj/ozuFrpca6cNlsr38EOVZW3Z8Y7rqj6ELNTZz7D93DKzbFvJGpS3z0PMotbEiCFNLkw3tLdQj+X4Kw6JGzbaNX/foQc8RmQFj++jl/ZsGDcZ0WBF2FMeh3eJbFYxQVmlqqSAxDe04VdBVjmnJkCwsN5uXoG5TNr+ty79cUAyHR004sNzeoVHjuzSiTvhklQJREKYFCWWyem8R1ZNf7mj8TbjoxHqIvlRcUVx9P5XkPt2pxsJBeqvoPs0A0KS0W0nsrdNl0bB3sd7rAFQLkvt1S6HKNZs9mmI5JWEJIMlrcjpXc+jjwFr X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: From: Brijesh Singh The KVM_SEV_SNP_LAUNCH_UPDATE command can be used to insert data into the guest's memory. The data is encrypted with the cryptographic context created with the KVM_SEV_SNP_LAUNCH_START. In addition to the inserting data, it can insert a two special pages into the guests memory: the secrets page and the CPUID page. While terminating the guest, reclaim the guest pages added in the RMP table. If the reclaim fails, then the page is no longer safe to be released back to the system and leak them. For more information see the SEV-SNP specification. Co-developed-by: Michael Roth Signed-off-by: Michael Roth Signed-off-by: Brijesh Singh Signed-off-by: Ashish Kalra --- .../virt/kvm/x86/amd-memory-encryption.rst | 28 +++ arch/x86/kvm/svm/sev.c | 181 ++++++++++++++++++ include/uapi/linux/kvm.h | 19 ++ 3 files changed, 228 insertions(+) diff --git a/Documentation/virt/kvm/x86/amd-memory-encryption.rst b/Documentation/virt/kvm/x86/amd-memory-encryption.rst index b1beb2fe8766..d4325b26724c 100644 --- a/Documentation/virt/kvm/x86/amd-memory-encryption.rst +++ b/Documentation/virt/kvm/x86/amd-memory-encryption.rst @@ -485,6 +485,34 @@ Returns: 0 on success, -negative on error See the SEV-SNP specification for further detail on the launch input. +20. KVM_SNP_LAUNCH_UPDATE +------------------------- + +The KVM_SNP_LAUNCH_UPDATE is used for encrypting a memory region. It also +calculates a measurement of the memory contents. The measurement is a signature +of the memory contents that can be sent to the guest owner as an attestation +that the memory was encrypted correctly by the firmware. + +Parameters (in): struct kvm_snp_launch_update + +Returns: 0 on success, -negative on error + +:: + + struct kvm_sev_snp_launch_update { + __u64 start_gfn; /* Guest page number to start from. */ + __u64 uaddr; /* userspace address need to be encrypted */ + __u32 len; /* length of memory region */ + __u8 imi_page; /* 1 if memory is part of the IMI */ + __u8 page_type; /* page type */ + __u8 vmpl3_perms; /* VMPL3 permission mask */ + __u8 vmpl2_perms; /* VMPL2 permission mask */ + __u8 vmpl1_perms; /* VMPL1 permission mask */ + }; + +See the SEV-SNP spec for further details on how to build the VMPL permission +mask and page type. + References ========== diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c index a4efd1858a9c..c505e4620456 100644 --- a/arch/x86/kvm/svm/sev.c +++ b/arch/x86/kvm/svm/sev.c @@ -246,6 +246,36 @@ static void sev_decommission(unsigned int handle) sev_guest_decommission(&decommission, NULL); } +static int snp_page_reclaim(u64 pfn) +{ + struct sev_data_snp_page_reclaim data = {0}; + int err, rc; + + data.paddr = __sme_set(pfn << PAGE_SHIFT); + rc = sev_do_cmd(SEV_CMD_SNP_PAGE_RECLAIM, &data, &err); + if (rc) { + /* + * If the reclaim failed, then page is no longer safe + * to use. + */ + snp_leak_pages(pfn, 1); + } + + return rc; +} + +static int host_rmp_make_shared(u64 pfn, enum pg_level level, bool leak) +{ + int rc; + + rc = rmp_make_shared(pfn, level); + if (rc && leak) + snp_leak_pages(pfn, + page_level_size(level) >> PAGE_SHIFT); + + return rc; +} + static void sev_unbind_asid(struct kvm *kvm, unsigned int handle) { struct sev_data_deactivate deactivate; @@ -1988,6 +2018,154 @@ static int snp_launch_start(struct kvm *kvm, struct kvm_sev_cmd *argp) return rc; } +static int snp_launch_update_gfn_handler(struct kvm *kvm, + struct kvm_gfn_range *range, + void *opaque) +{ + struct kvm_sev_info *sev = &to_kvm_svm(kvm)->sev_info; + struct kvm_memory_slot *memslot = range->slot; + struct sev_data_snp_launch_update data = {0}; + struct kvm_sev_snp_launch_update params; + struct kvm_sev_cmd *argp = opaque; + int *error = &argp->error; + int i, n = 0, ret = 0; + unsigned long npages; + kvm_pfn_t *pfns; + gfn_t gfn; + + if (!kvm_slot_can_be_private(memslot)) { + pr_err("SEV-SNP requires private memory support via guest_memfd.\n"); + return -EINVAL; + } + + if (copy_from_user(¶ms, (void __user *)(uintptr_t)argp->data, sizeof(params))) { + pr_err("Failed to copy user parameters for SEV-SNP launch.\n"); + return -EFAULT; + } + + data.gctx_paddr = __psp_pa(sev->snp_context); + + npages = range->end - range->start; + pfns = kvmalloc_array(npages, sizeof(*pfns), GFP_KERNEL_ACCOUNT); + if (!pfns) + return -ENOMEM; + + pr_debug("%s: GFN range 0x%llx-0x%llx, type %d\n", __func__, + range->start, range->end, params.page_type); + + for (gfn = range->start, i = 0; gfn < range->end; gfn++, i++) { + int order, level; + bool assigned; + void *kvaddr; + + ret = __kvm_gmem_get_pfn(kvm, memslot, gfn, &pfns[i], &order, false); + if (ret) + goto e_release; + + n++; + ret = snp_lookup_rmpentry((u64)pfns[i], &assigned, &level); + if (ret || assigned) { + pr_err("Failed to ensure GFN 0x%llx is in initial shared state, ret: %d, assigned: %d\n", + gfn, ret, assigned); + return -EFAULT; + } + + kvaddr = pfn_to_kaddr(pfns[i]); + if (!virt_addr_valid(kvaddr)) { + pr_err("Invalid HVA 0x%llx for GFN 0x%llx\n", (uint64_t)kvaddr, gfn); + ret = -EINVAL; + goto e_release; + } + + ret = kvm_read_guest_page(kvm, gfn, kvaddr, 0, PAGE_SIZE); + if (ret) { + pr_err("Guest read failed, ret: 0x%x\n", ret); + goto e_release; + } + + ret = rmp_make_private(pfns[i], gfn << PAGE_SHIFT, PG_LEVEL_4K, + sev_get_asid(kvm), true); + if (ret) { + ret = -EFAULT; + goto e_release; + } + + data.address = __sme_set(pfns[i] << PAGE_SHIFT); + data.page_size = X86_TO_RMP_PG_LEVEL(PG_LEVEL_4K); + data.page_type = params.page_type; + data.vmpl3_perms = params.vmpl3_perms; + data.vmpl2_perms = params.vmpl2_perms; + data.vmpl1_perms = params.vmpl1_perms; + ret = __sev_issue_cmd(argp->sev_fd, SEV_CMD_SNP_LAUNCH_UPDATE, + &data, error); + if (ret) { + pr_err("SEV-SNP launch update failed, ret: 0x%x, fw_error: 0x%x\n", + ret, *error); + snp_page_reclaim(pfns[i]); + + /* + * When invalid CPUID function entries are detected, the firmware + * corrects these entries for debugging purpose and leaves the + * page unencrypted so it can be provided users for debugging + * and error-reporting. + * + * Copy the corrected CPUID page back to shared memory so + * userpsace can retrieve this information. + */ + if (params.page_type == SNP_PAGE_TYPE_CPUID && + *error == SEV_RET_INVALID_PARAM) { + int ret; + + host_rmp_make_shared(pfns[i], PG_LEVEL_4K, true); + + ret = kvm_write_guest_page(kvm, gfn, kvaddr, 0, PAGE_SIZE); + if (ret) + pr_err("Failed to write CPUID page back to userspace, ret: 0x%x\n", + ret); + } + + goto e_release; + } + } + +e_release: + /* Content of memory is updated, mark pages dirty */ + for (i = 0; i < n; i++) { + set_page_dirty(pfn_to_page(pfns[i])); + mark_page_accessed(pfn_to_page(pfns[i])); + + /* + * If its an error, then update RMP entry to change page ownership + * to the hypervisor. + */ + if (ret) + host_rmp_make_shared(pfns[i], PG_LEVEL_4K, true); + + put_page(pfn_to_page(pfns[i])); + } + + kvfree(pfns); + return ret; +} + +static int snp_launch_update(struct kvm *kvm, struct kvm_sev_cmd *argp) +{ + struct kvm_sev_info *sev = &to_kvm_svm(kvm)->sev_info; + struct kvm_sev_snp_launch_update params; + + if (!sev_snp_guest(kvm)) + return -ENOTTY; + + if (!sev->snp_context) + return -EINVAL; + + if (copy_from_user(¶ms, (void __user *)(uintptr_t)argp->data, sizeof(params))) + return -EFAULT; + + return kvm_vm_do_hva_range_op(kvm, params.uaddr, params.uaddr + params.len, + snp_launch_update_gfn_handler, argp); +} + int sev_mem_enc_ioctl(struct kvm *kvm, void __user *argp) { struct kvm_sev_cmd sev_cmd; @@ -2081,6 +2259,9 @@ int sev_mem_enc_ioctl(struct kvm *kvm, void __user *argp) case KVM_SEV_SNP_LAUNCH_START: r = snp_launch_start(kvm, &sev_cmd); break; + case KVM_SEV_SNP_LAUNCH_UPDATE: + r = snp_launch_update(kvm, &sev_cmd); + break; default: r = -EINVAL; goto out; diff --git a/include/uapi/linux/kvm.h b/include/uapi/linux/kvm.h index e92da3d4f569..264e6acb7947 100644 --- a/include/uapi/linux/kvm.h +++ b/include/uapi/linux/kvm.h @@ -1965,6 +1965,7 @@ enum sev_cmd_id { /* SNP specific commands */ KVM_SEV_SNP_INIT, KVM_SEV_SNP_LAUNCH_START, + KVM_SEV_SNP_LAUNCH_UPDATE, KVM_SEV_NR_MAX, }; @@ -2081,6 +2082,24 @@ struct kvm_sev_snp_launch_start { __u8 pad[6]; }; +#define KVM_SEV_SNP_PAGE_TYPE_NORMAL 0x1 +#define KVM_SEV_SNP_PAGE_TYPE_VMSA 0x2 +#define KVM_SEV_SNP_PAGE_TYPE_ZERO 0x3 +#define KVM_SEV_SNP_PAGE_TYPE_UNMEASURED 0x4 +#define KVM_SEV_SNP_PAGE_TYPE_SECRETS 0x5 +#define KVM_SEV_SNP_PAGE_TYPE_CPUID 0x6 + +struct kvm_sev_snp_launch_update { + __u64 start_gfn; + __u64 uaddr; + __u32 len; + __u8 imi_page; + __u8 page_type; + __u8 vmpl3_perms; + __u8 vmpl2_perms; + __u8 vmpl1_perms; +}; + #define KVM_DEV_ASSIGN_ENABLE_IOMMU (1 << 0) #define KVM_DEV_ASSIGN_PCI_2_3 (1 << 1) #define KVM_DEV_ASSIGN_MASK_INTX (1 << 2) From patchwork Mon Oct 16 13:27:58 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Roth X-Patchwork-Id: 13423305 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 945FDCDB465 for ; Mon, 16 Oct 2023 13:38:12 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 3B8618D0084; Mon, 16 Oct 2023 09:38:12 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 368438D0001; Mon, 16 Oct 2023 09:38:12 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 209328D0084; Mon, 16 Oct 2023 09:38:12 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0016.hostedemail.com [216.40.44.16]) by kanga.kvack.org (Postfix) with ESMTP id 0EB1B8D0001 for ; Mon, 16 Oct 2023 09:38:12 -0400 (EDT) Received: from smtpin24.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay09.hostedemail.com (Postfix) with ESMTP id D4ABB80929 for ; Mon, 16 Oct 2023 13:38:11 +0000 (UTC) X-FDA: 81351428382.24.06C1B94 Received: from NAM04-DM6-obe.outbound.protection.outlook.com (mail-dm6nam04on2051.outbound.protection.outlook.com [40.107.102.51]) by imf05.hostedemail.com (Postfix) with ESMTP id CAC2E100002 for ; Mon, 16 Oct 2023 13:38:07 +0000 (UTC) Authentication-Results: imf05.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b=NbhEMZLO; spf=pass (imf05.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.102.51 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com; arc=pass ("microsoft.com:s=arcselector9901:i=1"); dmarc=pass (policy=quarantine) header.from=amd.com ARC-Seal: i=2; s=arc-20220608; d=hostedemail.com; t=1697463487; a=rsa-sha256; cv=pass; b=2PUwDYb8UbewXpYtjMTXiFpJq9s7CfvVrc4q7BLsSInsUodsyKuSZsogi3DjmX8ahwv1M+ 46SD8DdhULuRJ6beof2vG55D4056pg+xio8lrL7CeH+iJEsiAPVkoH8RIlvnheoCS+ENr2 Zlkj0GgnXpjfU1Y/TBp0cmrXb6Odp68= ARC-Authentication-Results: i=2; imf05.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b=NbhEMZLO; spf=pass (imf05.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.102.51 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com; arc=pass ("microsoft.com:s=arcselector9901:i=1"); dmarc=pass (policy=quarantine) header.from=amd.com ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1697463487; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=xPoTfOaMRNZg6OigKjxanh/Aj0Aw8yC/W7KGEK4NiIk=; b=XNjlklQ55ADILchbR4BG9DMQR2o3p+o9RcoFUj42TyRzoKX7AfYvjD6cmCVpyPsMz4CT3T lGsOzHe+zgvKssndWnKuABZvk8rcRdmArPKCFZsgdk2wqkeCOm4uFlJrzHEiat8emr0NVN fIouY1WKUOyROVvhy61vtNjojpqZI+I= ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=n0oL0Rz7ZngNJ8gwnlvW2uk+CmwinHzq0MjorG7oIuuZU5n1zGyngHDuuO63zUSLaydZMGlg7gh6WR5fK9TFtjPvUsHIPsA1zrfxQGI0Io0TxJkeDx0BdGlja99BaXiFmgP8MV7h8cQ4pJQdu3eA/v2l/CNVbKvHU55CprKft+gldoRnjeeI7llkIUoliQkp1tdocQS8Al9TRDjNdYtgd6dofqCOwdrweMaRCA46Jgvim3seQRK9iEX22J15M7WKAsZZSaYfNzLN6itcbxzjT2KH2MWxLslWV++gYUg/BvwQ7/yJZKlgEkzMTvqnSTU2A/qkqStSlYH5rYvSc7uBrA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=xPoTfOaMRNZg6OigKjxanh/Aj0Aw8yC/W7KGEK4NiIk=; b=E+OO/uTohiVSbyI4eOjs1Y8chaMqCkkXMY5owlQPdTZUBGcVbeQNQaHWQF5tNZtkcHTQG1LXM2xBRWPaZRjglvh3U+lwxiiQdddw6f+ln6IhNKlFaJiLSkcg6NzQGXoG71T5EUBLyKe+3pQNWr4ySPBLkqed1Y6HAmi5/Qk5qoFFUBH9HkN12e9bPY/rBDynxA8hahkbRY2RvMagHPBpNlAp/drc0eBlkjEzLRNlc77j3gy5p6pR4TuegZB3doIi/nrsuOGTsFdBrhcv8nGvMGPkbSL1GkrSImu4M2QPukS4KlKy1ob3g7ePqNzFjylTOeRxDHRJzqJcTwyAoWEHrw== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=xPoTfOaMRNZg6OigKjxanh/Aj0Aw8yC/W7KGEK4NiIk=; b=NbhEMZLOeVmesWVgg9g2/793QBEQMfGJd5KVawqJzrCTSxwdloSrYzndoXl+MQtjX38iZGj4mhKBuKHO4gaQv3MGuBZ6OF4U5ZsiVyjBa83F4rKS7lOzpL+KTcuOG31ommJ/wSjmRzszrkYWWCPcL0iEOzvCzQNMpQirWvp2jkI= Received: from BL1PR13CA0366.namprd13.prod.outlook.com (2603:10b6:208:2c0::11) by CH2PR12MB4309.namprd12.prod.outlook.com (2603:10b6:610:a4::17) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6863.37; Mon, 16 Oct 2023 13:38:04 +0000 Received: from BL02EPF0001A0FA.namprd03.prod.outlook.com (2603:10b6:208:2c0:cafe::94) by BL1PR13CA0366.outlook.office365.com (2603:10b6:208:2c0::11) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6907.18 via Frontend Transport; Mon, 16 Oct 2023 13:38:04 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by BL02EPF0001A0FA.mail.protection.outlook.com (10.167.242.101) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.6838.22 via Frontend Transport; Mon, 16 Oct 2023 13:38:04 +0000 Received: from localhost (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.27; Mon, 16 Oct 2023 08:38:04 -0500 From: Michael Roth To: CC: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , Brijesh Singh , Harald Hoyer Subject: [PATCH v10 29/50] KVM: SEV: Add KVM_SEV_SNP_LAUNCH_FINISH command Date: Mon, 16 Oct 2023 08:27:58 -0500 Message-ID: <20231016132819.1002933-30-michael.roth@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20231016132819.1002933-1-michael.roth@amd.com> References: <20231016132819.1002933-1-michael.roth@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: BL02EPF0001A0FA:EE_|CH2PR12MB4309:EE_ X-MS-Office365-Filtering-Correlation-Id: 19d62836-d7d0-4547-22c6-08dbce4d2013 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: ToLm0ksb7Et/O8bS/AJoMk8v0Oe6USv4njDsV0dB35I5MiZvXTAmrZ3CdgWLOCf5onkuFNGGm+9qtG+9QJxWbcMGqP+MAWARsA/W/LVr0j5qtocPfixuM/JpXVlg1BSLC/oU8YHADlAq375ZihJXWEJoKcdjDD9Go3JhvQQwe7IDeZWS27x0UE67+bw7hIsgAH6LRYMY9DNnrA45XXryb9kbisLueB0n2/8Ma2o7QhGK0fWPVmCTHEmq1w2PlVBK/JCKloOsMx0zRneTCaQyOAu91r2TkVWIPT8/7B5klw0LaGfzrzwhBU8t3H530AKGHAMH1NTF9dGuhBZDyTrY1LF8m7Ok0s0L7xyl/2pn8wbD9l4ecoR5TeuToXDhsD0WPgPwl7Ntm2wmPjqqvxBZB0L/OZTmOsmAKQeha0N7YIaMpn/BKyhJJA8l1vrfy4mu/097n0F7ENGdZeFNEcyhQI/HS4QjZ11wpEc7k3z3yiy7ImR4oqfz8Zvp650oNQnMvzby5vRYBc1SQ/a4CUDQIZ6Xp/++0lNMH3AgOgYcbYw3SB3tKxwCd6Cj9zYLI8Aabd7LcFWTMscdxwhZoPT85VG0egL1+SCoUJHg9YEG9XtObPGFl+A9g7YfyJtO9ATouYuTy167WQpjGudjmV9L2mSqHeBQRnxIQRXLQbGNwg1z37alKLHwTYQqHe2wRHGSxQ2GC5MvEnUmcyRso32pEtng4oYacqSMa4+IORI+sQjWdmSh64q2YMWYK4+8pJc8VALYQRiZc2pd6LR2SLZxQA== X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230031)(4636009)(396003)(136003)(346002)(376002)(39860400002)(230922051799003)(451199024)(64100799003)(1800799009)(186009)(82310400011)(46966006)(40470700004)(36840700001)(1076003)(2616005)(6666004)(82740400003)(81166007)(40480700001)(40460700003)(86362001)(356005)(36860700001)(316002)(7416002)(36756003)(47076005)(7406005)(44832011)(336012)(41300700001)(478600001)(70586007)(2906002)(426003)(83380400001)(26005)(16526019)(8936002)(4326008)(5660300002)(8676002)(6916009)(70206006)(54906003)(36900700001);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 16 Oct 2023 13:38:04.8360 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 19d62836-d7d0-4547-22c6-08dbce4d2013 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: BL02EPF0001A0FA.namprd03.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: CH2PR12MB4309 X-Rspamd-Server: rspam08 X-Rspamd-Queue-Id: CAC2E100002 X-Stat-Signature: ps4n69d1hg14fwrcrjscynbmj5w55agc X-Rspam-User: X-HE-Tag: 1697463487-372562 X-HE-Meta: U2FsdGVkX18Rjz0lCcg4ixgARpAWML7HkRrmMuQZ5WjsEpT19ODqphxdt+OVgO66uMzwbmnaK/cFkWrA0/NscPJT1EKHJnYWnHz60TmFLbb8fi6Z8+hblrxXV4Yma0eyPyKQMEcdME0WUhVd1rf3hAVMghoW467QNkRBrMIgasb3nlXPyO4CvTqxINBaMmv3xShqhwM2j6UbBZ8HFzPDQCxvp7mTf1yWSME2NAykCAogWW74lUbHqjgzkKcDAeNbH3heugNGvqG9QT0cfEAg0JCbYfLCWyEa8atpbGK0r9+SYqHo3+q+vaiO9q6ol1e+q+sbXchLsGLL+iI1s6PuKBqM3npfYI7muL2z9cdbsxYgEKnyTmQxZUUVS1TX3ZYC+CZ/j2uzdtN9AEN20sYs7oW6ue/9nJZbr81Jlp8NfZ5RHeHpgh+jce0ZudExJrXLwVuGrh4py2BKW8PCgAeTKSMpyIeszrbS60D6VPQVHiJ8NEZVkxaxe2cdM/zd8xg+qb7yQ11PJdZdxOjeVlmOMYpqg8EiuQP12hj2zTXKy9YBKb8B6xsW5VlGMh6MWoUYyWfcVvX8A/RYUyH1Dj46+AEZrodMfdxPONamKlKHF285r+afBDzys74TAUXzIECzpMC8QYQPRIOgf2mux3Ip9hCabyixPfLnBSYHYYuj+7hERCfO3GPhFhenL0q8DnAy2EHTNX81pLVIh+1Yp84wzLIZ7dNQWyqmM8KZ5Sh25cf9VXohWrl5QUyrBawX2iEdTgpBEyqAi4nHsAA0L5Vx3N8/b32Bqrqi15oXejBIQJaxaLMOCag5s5BkZpCn1VFEF2nHKDV7CUqU8umEZmywKE7Jw4oGDur9dOyjlahJsDUTKx0mqcJKPEP1WDh90e+6Oea4JUxu58hPWmPakIXtK+OG0yCisHaqujcHJki1Bxl2OoDwSu4A1OaNXVhTq3cPwEUSAup59pH+cwt4oZF y+XqMwR4 LTZTjxDtKtYkLZxeJeBsKxlmtH3uzDB2bdRSk6kyrtQ03y+o5sbo0CpwCu8DhPZCFEoWiNI1UdsW2fw/AVHXQuXJUFIrtP7lRQgqhehI8s3djANz2o9WqI9Y8f4/HIy1bS+qJDGxMU7TLgw3OJ+5zqESO2sJDGacU8eLmq1l/8txYw9hU8S9bIW+Z+9lvGf4EtE53eQNCmlOwsp5W6rmdXX3ho17qb7medDZIdYKAz7CyxSuPEkmoYPCYKkoq2kGihWOTEpiYf1tLuRO2xR/k3aq//+RfwanCOOd09jvQld9P9NPBREV+DRSn3GH+LNOQDS1TrHl5ohgxjs7T9iztH+su2Edvi44y33eCVMoxarr+2BOhi1MYEoSOL2RMz8hhQHeqZOUYxQuT5m8EYYJbeEZ02V4oxo6SF9lRKvd3mMaziGsmQxC3JVYQ2PjkH1FQrTBR X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: From: Brijesh Singh The KVM_SEV_SNP_LAUNCH_FINISH finalize the cryptographic digest and stores it as the measurement of the guest at launch. While finalizing the launch flow, it also issues the LAUNCH_UPDATE command to encrypt the VMSA pages. If its an SNP guest, then VMSA was added in the RMP entry as a guest owned page and also removed from the kernel direct map so flush it later after it is transitioned back to hypervisor state and restored in the direct map. Signed-off-by: Brijesh Singh Signed-off-by: Harald Hoyer Signed-off-by: Ashish Kalra [mdr: always measure BSP first to get consistent launch measurements] Signed-off-by: Michael Roth --- .../virt/kvm/x86/amd-memory-encryption.rst | 24 +++ arch/x86/kvm/svm/sev.c | 146 ++++++++++++++++++ include/uapi/linux/kvm.h | 14 ++ 3 files changed, 184 insertions(+) diff --git a/Documentation/virt/kvm/x86/amd-memory-encryption.rst b/Documentation/virt/kvm/x86/amd-memory-encryption.rst index d4325b26724c..b89634cfcc06 100644 --- a/Documentation/virt/kvm/x86/amd-memory-encryption.rst +++ b/Documentation/virt/kvm/x86/amd-memory-encryption.rst @@ -513,6 +513,30 @@ Returns: 0 on success, -negative on error See the SEV-SNP spec for further details on how to build the VMPL permission mask and page type. +21. KVM_SNP_LAUNCH_FINISH +------------------------- + +After completion of the SNP guest launch flow, the KVM_SNP_LAUNCH_FINISH command can be +issued to make the guest ready for the execution. + +Parameters (in): struct kvm_sev_snp_launch_finish + +Returns: 0 on success, -negative on error + +:: + + struct kvm_sev_snp_launch_finish { + __u64 id_block_uaddr; + __u64 id_auth_uaddr; + __u8 id_block_en; + __u8 auth_key_en; + __u8 host_data[32]; + __u8 pad[6]; + }; + + +See SEV-SNP specification for further details on launch finish input parameters. + References ========== diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c index c505e4620456..ae9f765dfa95 100644 --- a/arch/x86/kvm/svm/sev.c +++ b/arch/x86/kvm/svm/sev.c @@ -78,6 +78,8 @@ static bool sev_snp_enabled; #define SNP_POLICY_MASK_SMT BIT_ULL(16) #define SNP_POLICY_MASK_SINGLE_SOCKET BIT_ULL(20) +#define INITIAL_VMSA_GPA 0xFFFFFFFFF000 + static u8 sev_enc_bit; static DECLARE_RWSEM(sev_deactivate_lock); static DEFINE_MUTEX(sev_bitmap_lock); @@ -747,7 +749,29 @@ static int sev_launch_update_vmsa(struct kvm *kvm, struct kvm_sev_cmd *argp) if (!sev_es_guest(kvm)) return -ENOTTY; + /* Handle boot vCPU first to ensure consistent measurement of initial state. */ + kvm_for_each_vcpu(i, vcpu, kvm) { + if (vcpu->vcpu_id != 0) + continue; + + ret = mutex_lock_killable(&vcpu->mutex); + if (ret) + return ret; + + ret = __sev_launch_update_vmsa(kvm, vcpu, &argp->error); + + mutex_unlock(&vcpu->mutex); + if (ret) + return ret; + + break; + } + + /* Handle remaining vCPUs. */ kvm_for_each_vcpu(i, vcpu, kvm) { + if (vcpu->vcpu_id == 0) + continue; + ret = mutex_lock_killable(&vcpu->mutex); if (ret) return ret; @@ -2166,6 +2190,109 @@ static int snp_launch_update(struct kvm *kvm, struct kvm_sev_cmd *argp) snp_launch_update_gfn_handler, argp); } +static int snp_launch_update_vmsa(struct kvm *kvm, struct kvm_sev_cmd *argp) +{ + struct kvm_sev_info *sev = &to_kvm_svm(kvm)->sev_info; + struct sev_data_snp_launch_update data = {}; + struct kvm_vcpu *vcpu; + unsigned long i; + int ret; + + data.gctx_paddr = __psp_pa(sev->snp_context); + data.page_type = SNP_PAGE_TYPE_VMSA; + + kvm_for_each_vcpu(i, vcpu, kvm) { + struct vcpu_svm *svm = to_svm(vcpu); + u64 pfn = __pa(svm->sev_es.vmsa) >> PAGE_SHIFT; + + /* Perform some pre-encryption checks against the VMSA */ + ret = sev_es_sync_vmsa(svm); + if (ret) + return ret; + + /* Transition the VMSA page to a firmware state. */ + ret = rmp_make_private(pfn, INITIAL_VMSA_GPA, PG_LEVEL_4K, sev->asid, true); + if (ret) + return ret; + + /* Issue the SNP command to encrypt the VMSA */ + data.address = __sme_pa(svm->sev_es.vmsa); + ret = __sev_issue_cmd(argp->sev_fd, SEV_CMD_SNP_LAUNCH_UPDATE, + &data, &argp->error); + if (ret) { + snp_page_reclaim(pfn); + return ret; + } + + svm->vcpu.arch.guest_state_protected = true; + } + + return 0; +} + +static int snp_launch_finish(struct kvm *kvm, struct kvm_sev_cmd *argp) +{ + struct kvm_sev_info *sev = &to_kvm_svm(kvm)->sev_info; + struct kvm_sev_snp_launch_finish params; + struct sev_data_snp_launch_finish *data; + void *id_block = NULL, *id_auth = NULL; + int ret; + + if (!sev_snp_guest(kvm)) + return -ENOTTY; + + if (!sev->snp_context) + return -EINVAL; + + if (copy_from_user(¶ms, (void __user *)(uintptr_t)argp->data, sizeof(params))) + return -EFAULT; + + /* Measure all vCPUs using LAUNCH_UPDATE before finalizing the launch flow. */ + ret = snp_launch_update_vmsa(kvm, argp); + if (ret) + return ret; + + data = kzalloc(sizeof(*data), GFP_KERNEL_ACCOUNT); + if (!data) + return -ENOMEM; + + if (params.id_block_en) { + id_block = psp_copy_user_blob(params.id_block_uaddr, KVM_SEV_SNP_ID_BLOCK_SIZE); + if (IS_ERR(id_block)) { + ret = PTR_ERR(id_block); + goto e_free; + } + + data->id_block_en = 1; + data->id_block_paddr = __sme_pa(id_block); + + id_auth = psp_copy_user_blob(params.id_auth_uaddr, KVM_SEV_SNP_ID_AUTH_SIZE); + if (IS_ERR(id_auth)) { + ret = PTR_ERR(id_auth); + goto e_free_id_block; + } + + data->id_auth_paddr = __sme_pa(id_auth); + + if (params.auth_key_en) + data->auth_key_en = 1; + } + + memcpy(data->host_data, params.host_data, KVM_SEV_SNP_FINISH_DATA_SIZE); + data->gctx_paddr = __psp_pa(sev->snp_context); + ret = sev_issue_cmd(kvm, SEV_CMD_SNP_LAUNCH_FINISH, data, &argp->error); + + kfree(id_auth); + +e_free_id_block: + kfree(id_block); + +e_free: + kfree(data); + + return ret; +} + int sev_mem_enc_ioctl(struct kvm *kvm, void __user *argp) { struct kvm_sev_cmd sev_cmd; @@ -2262,6 +2389,9 @@ int sev_mem_enc_ioctl(struct kvm *kvm, void __user *argp) case KVM_SEV_SNP_LAUNCH_UPDATE: r = snp_launch_update(kvm, &sev_cmd); break; + case KVM_SEV_SNP_LAUNCH_FINISH: + r = snp_launch_finish(kvm, &sev_cmd); + break; default: r = -EINVAL; goto out; @@ -2730,11 +2860,27 @@ void sev_free_vcpu(struct kvm_vcpu *vcpu) svm = to_svm(vcpu); + /* + * If its an SNP guest, then VMSA was added in the RMP entry as + * a guest owned page. Transition the page to hypervisor state + * before releasing it back to the system. + * Also the page is removed from the kernel direct map, so flush it + * later after it is transitioned back to hypervisor state and + * restored in the direct map. + */ + if (sev_snp_guest(vcpu->kvm)) { + u64 pfn = __pa(svm->sev_es.vmsa) >> PAGE_SHIFT; + + if (host_rmp_make_shared(pfn, PG_LEVEL_4K, true)) + goto skip_vmsa_free; + } + if (vcpu->arch.guest_state_protected) sev_flush_encrypted_page(vcpu, svm->sev_es.vmsa); __free_page(virt_to_page(svm->sev_es.vmsa)); +skip_vmsa_free: if (svm->sev_es.ghcb_sa_free) kvfree(svm->sev_es.ghcb_sa); } diff --git a/include/uapi/linux/kvm.h b/include/uapi/linux/kvm.h index 264e6acb7947..6f7b44b32497 100644 --- a/include/uapi/linux/kvm.h +++ b/include/uapi/linux/kvm.h @@ -1966,6 +1966,7 @@ enum sev_cmd_id { KVM_SEV_SNP_INIT, KVM_SEV_SNP_LAUNCH_START, KVM_SEV_SNP_LAUNCH_UPDATE, + KVM_SEV_SNP_LAUNCH_FINISH, KVM_SEV_NR_MAX, }; @@ -2100,6 +2101,19 @@ struct kvm_sev_snp_launch_update { __u8 vmpl1_perms; }; +#define KVM_SEV_SNP_ID_BLOCK_SIZE 96 +#define KVM_SEV_SNP_ID_AUTH_SIZE 4096 +#define KVM_SEV_SNP_FINISH_DATA_SIZE 32 + +struct kvm_sev_snp_launch_finish { + __u64 id_block_uaddr; + __u64 id_auth_uaddr; + __u8 id_block_en; + __u8 auth_key_en; + __u8 host_data[KVM_SEV_SNP_FINISH_DATA_SIZE]; + __u8 pad[6]; +}; + #define KVM_DEV_ASSIGN_ENABLE_IOMMU (1 << 0) #define KVM_DEV_ASSIGN_PCI_2_3 (1 << 1) #define KVM_DEV_ASSIGN_MASK_INTX (1 << 2) From patchwork Mon Oct 16 13:27:59 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Roth X-Patchwork-Id: 13423306 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 9FB9FCDB482 for ; Mon, 16 Oct 2023 13:38:32 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 3920E8D0086; Mon, 16 Oct 2023 09:38:32 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 341538D0001; Mon, 16 Oct 2023 09:38:32 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 1E2468D0086; Mon, 16 Oct 2023 09:38:32 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0011.hostedemail.com [216.40.44.11]) by kanga.kvack.org (Postfix) with ESMTP id 0F3388D0001 for ; Mon, 16 Oct 2023 09:38:32 -0400 (EDT) Received: from smtpin29.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay03.hostedemail.com (Postfix) with ESMTP id C27A1A06F4 for ; Mon, 16 Oct 2023 13:38:31 +0000 (UTC) X-FDA: 81351429222.29.B4B0DAF Received: from NAM11-DM6-obe.outbound.protection.outlook.com (mail-dm6nam11on2053.outbound.protection.outlook.com [40.107.223.53]) by imf05.hostedemail.com (Postfix) with ESMTP id BBDA610001B for ; Mon, 16 Oct 2023 13:38:28 +0000 (UTC) Authentication-Results: imf05.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b=jw91MUSa; spf=pass (imf05.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.223.53 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com; arc=pass ("microsoft.com:s=arcselector9901:i=1"); dmarc=pass (policy=quarantine) header.from=amd.com ARC-Seal: i=2; s=arc-20220608; d=hostedemail.com; t=1697463508; a=rsa-sha256; cv=pass; b=KeHlR8Q3ge3L4TYqm/kXdnpFTdyXtM6xw55h+J2HWpx80t4hc2bDXG47p5cMiSL6/i7dWs B7k7E68QTYCrLRpJIY+3/aSsHJSoDHuYmc7dzDXvXpDkBCGm8CWIlPrcTwULLFriVbG/Ze 7JqXPmQ/uJ1M7DzT7T3VDxescboF59I= ARC-Authentication-Results: i=2; imf05.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b=jw91MUSa; spf=pass (imf05.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.223.53 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com; arc=pass ("microsoft.com:s=arcselector9901:i=1"); dmarc=pass (policy=quarantine) header.from=amd.com ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1697463508; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=k55dQ64tOYme0nJ4WfA8e+DPwnqu38/mK793OIElavw=; b=8LyqeFyVDNXDbEizJO9dANXytiwygzIBMvhh/wihUF+dvzkl4LDYe6MAa51rfU6qmIeBPA P2oNtP9pvkhetim2Z8ooUyad3hfdakE63Xb9hvRgYgspO2Fv3PM0MUwvRx3vqies+7VqCm JEyPXoNeA7tVnn5s8yx4fsQ9qoSJj4I= ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=fHHPIwPg0vTPkAeGFLtu/ZYNrJvbHE7aTj7BniLWw0h62mLqrIrhNjSRsxUfcH9dpR3tYPfbeDQtqmw6oRbN4vs+q8VUbuG4gWLvdxUNSFw7qPm2j/wEFMAV01ZzpVYvFU09oVbvXK8SuysItkAnZYVEMMQ4TUY1GIPYIe95GASGF28VqOaIFYd3NL4Zg06KR6ig+hhPNpL/SIOz1QYOnm1E32FddiLyl+f07DeT1fG2uXhWy4y5Nn95B5hqEpzB+/cdEf2L0S2l3RF4Kp5y+ySrn0nwmfws6v9joFQKg1PS4z8uaLENzGQtqmwVKU4h1EptPxxyviPDwCDK1WUNsw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=k55dQ64tOYme0nJ4WfA8e+DPwnqu38/mK793OIElavw=; b=oXwd89BR7FkR8qM9CLA9pjjRFgnMA/EbJQUh9mFlGT8syoBlFgSCBFvdGImzubM79YN89+HxBjaUTVth+rJjd8K11KAqHF9z7uS8O0DzWb04YwjeRDJ4yETHpe3DwSV8qSYk5UiTDVAEc0L/Cm/qGPoDPiCzHVPDHRT8zLNLhx8xm16hpB57n5qkDfzahubmDDx7H/KU974oq9DL7/tz5h51L6V+6L3rOBx/8Wg0QSsil01xXKZekIIm5kXD01/Vy0FCUouaOlqyBtmIjMRrTtHubHRCXQzES6Xq70OlLyUMRFp5Ga6HdftFh691SAyVIPQ4dqFjafYO3L5kWlTStQ== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=k55dQ64tOYme0nJ4WfA8e+DPwnqu38/mK793OIElavw=; b=jw91MUSahSUnmTEceIAPuK5O53+4AyRMheUCPjvSzxytS7zJuSjgjuh+CH4a0CLTqWE/SOxWbot1SwJh/pnr+uXLJnXiyBH+o9v4g2tErSqS5OtcGMw8vr8/wwh8RFqAE8emeIiKkpsCxCJhvP0+7x1/nOXFL19zqDRStejVDmI= Received: from MN2PR07CA0027.namprd07.prod.outlook.com (2603:10b6:208:1a0::37) by BL1PR12MB5730.namprd12.prod.outlook.com (2603:10b6:208:385::9) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6886.35; Mon, 16 Oct 2023 13:38:25 +0000 Received: from BL02EPF0001A0FE.namprd03.prod.outlook.com (2603:10b6:208:1a0:cafe::f9) by MN2PR07CA0027.outlook.office365.com (2603:10b6:208:1a0::37) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6886.35 via Frontend Transport; Mon, 16 Oct 2023 13:38:25 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by BL02EPF0001A0FE.mail.protection.outlook.com (10.167.242.105) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.6838.22 via Frontend Transport; Mon, 16 Oct 2023 13:38:25 +0000 Received: from localhost (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.27; Mon, 16 Oct 2023 08:38:25 -0500 From: Michael Roth To: CC: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , Brijesh Singh Subject: [PATCH v10 30/50] KVM: SEV: Add support to handle GHCB GPA register VMGEXIT Date: Mon, 16 Oct 2023 08:27:59 -0500 Message-ID: <20231016132819.1002933-31-michael.roth@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20231016132819.1002933-1-michael.roth@amd.com> References: <20231016132819.1002933-1-michael.roth@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: BL02EPF0001A0FE:EE_|BL1PR12MB5730:EE_ X-MS-Office365-Filtering-Correlation-Id: c1140619-20e3-47aa-a0ea-08dbce4d2c7c X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: 8InASYIr/hWhGHydNbsTigRgHpJOqyGpqssLH6eSI81TDZyVmzQxfucp9UBQrYjYA5GRDQD/BjiCv8sDFgYeLoUNSp82dg3O/8WQJRzgIvzzMTq9OKmaZjWWguoM3kt99iau5eJ5Rf79AWjhe4bae8/A2I3ph4Cv4m/ScVDs+ADELIVBrZMSHa2ni4ZwJr9QvNNz/H2w93toK7j4O+QhIrtpoFlBmQpyeLYKNcmgUknhL5fQvRqITvk+vwQcEt/BxSCljhd7ZNqbSu2bknyvXaub9nag86cAFF0IQKUub8bac5Xw9y0sQ2dEqIzSvWaD3l+EaIqQNPznzfILExstq0S9DcSvk0WXQ+IqwcdYZNVtO3eMgRUQc1qYLcDkI1iyjptO33VzYbYcLxOWayxF0VeDPgyCXZi0pYhaY+qwGlUkw4reWCs85JsXTUrv8fvmvOWgWH89U5tSKGsanGOiWM9WTeBX8oDEtYe7zH9YN/feo9DCp+rPRw9u9YyJkk2dif4NGdMp0iBKzYbz1np94WhYwFSuWt0LB88KMzY7/ze2Vr9eAv0Py7vRZS9P5QgpBX6A7mouCtPw+SdKdFzuuneS8f/KD8ByQ5iPa3wfEGnQEbCKUKZoXYIT+g+i4G/7le0PfHp8kK5R3xDR0JIOdrgx7RDozp2gah2vlIsOd1+Trx66N/t7kAHl+PYS/Sm3VY/8U4KxqU1vpqJZEjNVXBuLJBqFxA5LHVkBCLptH1NfHsETWnUo3u/NoidzGnOKSkWiUi7eHLBXeYDXlGKHNw== X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230031)(4636009)(39860400002)(376002)(136003)(346002)(396003)(230922051799003)(82310400011)(1800799009)(186009)(64100799003)(451199024)(40470700004)(46966006)(36840700001)(70206006)(70586007)(2616005)(6916009)(54906003)(478600001)(316002)(7406005)(426003)(1076003)(336012)(26005)(16526019)(5660300002)(8676002)(8936002)(4326008)(44832011)(2906002)(7416002)(41300700001)(86362001)(6666004)(36756003)(82740400003)(356005)(47076005)(83380400001)(36860700001)(81166007)(40460700003)(40480700001)(36900700001);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 16 Oct 2023 13:38:25.6444 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: c1140619-20e3-47aa-a0ea-08dbce4d2c7c X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: BL02EPF0001A0FE.namprd03.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: BL1PR12MB5730 X-Rspamd-Server: rspam08 X-Rspamd-Queue-Id: BBDA610001B X-Stat-Signature: mo9bawjuh1sgo8uhfm86zou6e6or8fg3 X-Rspam-User: X-HE-Tag: 1697463508-935408 X-HE-Meta: U2FsdGVkX1/AQbEBJZU5SptGlJTwvKDxTckA3tibOQV0fzYZdvGg11YWda54wtDkxjbUsybNDHUwsUc9NaTJLrdGieoXDaPPoK8AGLZhhOfMQSRQxFrttBYCSrLdYNFuwkZp+pqJpoJOJB0QJsMtCKhRFAGKYtsTnzchJL8cuS/D9V15E6+0rpNRH3WK7gL5vWcKfSe8TSY9s0NguXNmlj3yYhUTWcn63cyhuA0OZUemoPwUFMvWhDDXsko4CMRN0zyzvqZ09n7buYgjRUTqK8vW9rbxgUJ459CUeKu+B+xqSfTAju04gkIZ+BRPMBAvdwjIwkM9wa3E0DGhwF+YgC0n5mWFkkFukvyWivEPaWPkyFcuI5J2djqImxfmLu7ZLSFFEx+s3HsBdQfsEFZpw+9ZbfJz51ImDGNvgkntE/0uHzvPUrCvEtwWD3tlLZdwH3otE7/Qh2yprA+AZfYg8uL4Ce1bURlcw/pfEOCQjWpBEh95jBhPaLkHMUw92wkMADy1V6Loe5K9xhdGsD9P45w7isBx0TqYYHRsMAhkl72cQmh3A4gqkTuWH69F3u8MpHnMntVS57H5eoUZ0LhrztQbolBQ/r/ekSDypJMv5Oq+Xtn0I38xpyCUXG4KhQnXXg/ak7zGNhTgexuEzZEndZbCDBJc8KU7217qyy1QpzxMcjJQlVhHrYFXP07abBV75xCCQPwUIf5OhMRlgH7K+1YkemcTYmXbHTWWfptPYSE+Qc+XXumvY898R1h/P0qt9JFXKcUqzKRZWNzMTqZgC++RUDe59vSrRS08t4yEx18Se0m5C9jlbHpFNEo73fT96GvLCgx2mFBhwwqLHiQNxrM5uJjsW0dt7TpER+BAwoIJyAKZm5L6xrJ/oVcQDNO3iRfVQqyVhhTx3VADvBqzb7uacwB5qR698F0h8/D/X9lyPIAsHeTG4QjQnkVchWzusLCiy/4x9TGha72h8qF sDpom30n MMoB0vetGbnYTfSQw9nlibUea9Hv9OosKh7KjP0thFSRju0/P+eguchnhkSZjkR3ydHBuptJ/QpLmFGZWkVaMCRU5TNs1tqpx9lMgChoYLDEnRrOzd7ObLaTr2TZVsi42oQdcWZ0gW/H8upiKfp94HqGDRUrCtNwUTGKaofneoheZLwVrx9mdx2EdryxRE0Rr2q+rhAOsMeszWScNsYs6DTtHjMWVaQEJYd2S8GzL0C3QgcwVRHz9yGfnZMBUdBQIun3GD+3yis0Y1yzeE0fxcQsAQx5Zv6IMbhoNki6Ip644mJ9Tfyga+st+PFckAsnurz3N3W2vacYwoTA= X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: From: Brijesh Singh SEV-SNP guests are required to perform a GHCB GPA registration. Before using a GHCB GPA for a vCPU the first time, a guest must register the vCPU GHCB GPA. If hypervisor can work with the guest requested GPA then it must respond back with the same GPA otherwise return -1. On VMEXIT, Verify that GHCB GPA matches with the registered value. If a mismatch is detected then abort the guest. Signed-off-by: Brijesh Singh Signed-off-by: Ashish Kalra Signed-off-by: Michael Roth --- arch/x86/include/asm/sev-common.h | 8 ++++++++ arch/x86/kvm/svm/sev.c | 28 ++++++++++++++++++++++++++++ arch/x86/kvm/svm/svm.h | 7 +++++++ 3 files changed, 43 insertions(+) diff --git a/arch/x86/include/asm/sev-common.h b/arch/x86/include/asm/sev-common.h index 9ba88973a187..9febc1474a30 100644 --- a/arch/x86/include/asm/sev-common.h +++ b/arch/x86/include/asm/sev-common.h @@ -59,6 +59,14 @@ #define GHCB_MSR_AP_RESET_HOLD_RESULT_POS 12 #define GHCB_MSR_AP_RESET_HOLD_RESULT_MASK GENMASK_ULL(51, 0) +/* Preferred GHCB GPA Request */ +#define GHCB_MSR_PREF_GPA_REQ 0x010 +#define GHCB_MSR_GPA_VALUE_POS 12 +#define GHCB_MSR_GPA_VALUE_MASK GENMASK_ULL(51, 0) + +#define GHCB_MSR_PREF_GPA_RESP 0x011 +#define GHCB_MSR_PREF_GPA_NONE 0xfffffffffffff + /* GHCB GPA Register */ #define GHCB_MSR_REG_GPA_REQ 0x012 #define GHCB_MSR_REG_GPA_REQ_VAL(v) \ diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c index ae9f765dfa95..d9c3ecef2710 100644 --- a/arch/x86/kvm/svm/sev.c +++ b/arch/x86/kvm/svm/sev.c @@ -3348,6 +3348,27 @@ static int sev_handle_vmgexit_msr_protocol(struct vcpu_svm *svm) GHCB_MSR_INFO_MASK, GHCB_MSR_INFO_POS); break; } + case GHCB_MSR_PREF_GPA_REQ: { + set_ghcb_msr_bits(svm, GHCB_MSR_PREF_GPA_NONE, GHCB_MSR_GPA_VALUE_MASK, + GHCB_MSR_GPA_VALUE_POS); + set_ghcb_msr_bits(svm, GHCB_MSR_PREF_GPA_RESP, GHCB_MSR_INFO_MASK, + GHCB_MSR_INFO_POS); + break; + } + case GHCB_MSR_REG_GPA_REQ: { + u64 gfn; + + gfn = get_ghcb_msr_bits(svm, GHCB_MSR_GPA_VALUE_MASK, + GHCB_MSR_GPA_VALUE_POS); + + svm->sev_es.ghcb_registered_gpa = gfn_to_gpa(gfn); + + set_ghcb_msr_bits(svm, gfn, GHCB_MSR_GPA_VALUE_MASK, + GHCB_MSR_GPA_VALUE_POS); + set_ghcb_msr_bits(svm, GHCB_MSR_REG_GPA_RESP, GHCB_MSR_INFO_MASK, + GHCB_MSR_INFO_POS); + break; + } case GHCB_MSR_TERM_REQ: { u64 reason_set, reason_code; @@ -3411,6 +3432,13 @@ int sev_handle_vmgexit(struct kvm_vcpu *vcpu) trace_kvm_vmgexit_enter(vcpu->vcpu_id, svm->sev_es.ghcb); sev_es_sync_from_ghcb(svm); + + /* SEV-SNP guest requires that the GHCB GPA must be registered */ + if (sev_snp_guest(svm->vcpu.kvm) && !ghcb_gpa_is_registered(svm, ghcb_gpa)) { + vcpu_unimpl(&svm->vcpu, "vmgexit: GHCB GPA [%#llx] is not registered.\n", ghcb_gpa); + return -EINVAL; + } + ret = sev_es_validate_vmgexit(svm); if (ret) return ret; diff --git a/arch/x86/kvm/svm/svm.h b/arch/x86/kvm/svm/svm.h index f86dd7d09441..c4449a88e629 100644 --- a/arch/x86/kvm/svm/svm.h +++ b/arch/x86/kvm/svm/svm.h @@ -209,6 +209,8 @@ struct vcpu_sev_es_state { u32 ghcb_sa_len; bool ghcb_sa_sync; bool ghcb_sa_free; + + u64 ghcb_registered_gpa; }; struct vcpu_svm { @@ -352,6 +354,11 @@ static __always_inline bool sev_snp_guest(struct kvm *kvm) return sev_es_guest(kvm) && sev->snp_active; } +static inline bool ghcb_gpa_is_registered(struct vcpu_svm *svm, u64 val) +{ + return svm->sev_es.ghcb_registered_gpa == val; +} + static inline void vmcb_mark_all_dirty(struct vmcb *vmcb) { vmcb->control.clean = 0; From patchwork Mon Oct 16 13:28:00 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Roth X-Patchwork-Id: 13423308 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 5F1E1CDB465 for ; Mon, 16 Oct 2023 13:39:16 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 05D788D0088; Mon, 16 Oct 2023 09:39:16 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 00E228D0001; Mon, 16 Oct 2023 09:39:15 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id E180A8D0088; Mon, 16 Oct 2023 09:39:15 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0011.hostedemail.com [216.40.44.11]) by kanga.kvack.org (Postfix) with ESMTP id D2C938D0001 for ; Mon, 16 Oct 2023 09:39:15 -0400 (EDT) Received: from smtpin13.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay06.hostedemail.com (Postfix) with ESMTP id 9A45BB5AB2 for ; Mon, 16 Oct 2023 13:39:15 +0000 (UTC) X-FDA: 81351431070.13.13ACFA1 Received: from NAM12-DM6-obe.outbound.protection.outlook.com (mail-dm6nam12on2072.outbound.protection.outlook.com [40.107.243.72]) by imf12.hostedemail.com (Postfix) with ESMTP id 9A6A64001A for ; Mon, 16 Oct 2023 13:39:12 +0000 (UTC) Authentication-Results: imf12.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b=ykQlUkyC; arc=pass ("microsoft.com:s=arcselector9901:i=1"); dmarc=pass (policy=quarantine) header.from=amd.com; spf=pass (imf12.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.243.72 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com ARC-Seal: i=2; s=arc-20220608; d=hostedemail.com; t=1697463552; a=rsa-sha256; cv=pass; b=t6GaamwqD8b6wEzDk4r3xpt41HJZRzjjV3Wug6Z6rSSkBEjW++RnHi+pROLemWuX4U644y bQQSSJYVQUZm2QIJhn/beN/2onejUgHP7IgRWrLbYcoilW3BGsrPmI/ZzQ+97eU0Tw9jca kgHMyw+2MFw6F4Ao6W8Za0U1tCDfFpg= ARC-Authentication-Results: i=2; imf12.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b=ykQlUkyC; arc=pass ("microsoft.com:s=arcselector9901:i=1"); dmarc=pass (policy=quarantine) header.from=amd.com; spf=pass (imf12.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.243.72 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1697463552; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=SHw1h6ViRdUzmCcT0hkWmDqDj8ovX0I1Wzl+XULPlrc=; b=Vb2ecSQulihFbYXBOdjuZrePh6KoteIRRYNzd3fjsWxWF9sg9Z36/STVZfap2FLWjhBUWF /u6HC2LOFcnz8JjWk3zupyyidLp9drxNf6dFiOik9WZGsfc6nu0NQT4FPxBm7SkWkG7LOm vS6LBR3dxy+oJUS73Rboi6070k+LdAE= ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=O6naHw8Glf/9Mfz807f1+/mj1U+fSJbDQxzkD5lGqXzzPYlgUrZcEqtCiDjJoJD/0w+xtPJkQLA97e9CL/8PWi07VqTHfsybASZ1vLWTza/0b0089fg+Ga0UcvdjCGUL4hmhCSxB/qmWq4oo6e5bWESV2uNurxDwOsUSz668eW2iBJxHDvi+76JaV0MrDfPG2plTd0XkW0gDRftYZg6xZNM3W/4D2Prt6dZTKXplLW/F5pmKt/yX0j9YMT2QCF9Unwph3AhJHqJjIH8ESZ+4e5B4U97zdfbl6tK7a1dtWt7RN5cSLwnXV/Ro/rfFLARfwAuaexPYu8sAQMA2bftWLQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=SHw1h6ViRdUzmCcT0hkWmDqDj8ovX0I1Wzl+XULPlrc=; b=aFqpyCTFYimWf3TdiWMy9O/ytMcPb9kxXU99HonjF3dPESfIu1s/Hig9xHYM2Zo2WLc/IUBRdvCjgo7RIO/HPqZaq0vp7Pl/Vn/K1xdo2az+YYaO+ZUdnjbffMZLQ+DIq+m7O0b85axpaIBVivD3hva6DEOpNLlH4pZ4bbw6pIB1VvQjrK+mKRrb+4zUdCReD3NrlDhEqvnqeILa5DLpEv+NiAcp0Ig08uxLiq2eBHC+D68s6FnRkz3EzLs6OvwTXB/Onz4EaVZ1RoVKIBsgLIe5ymWX2VDwN+9Jd0kSHlGE+wB8nRfD4CpcXaeDBkhWFh+q+F5GKa8igoSZ3g+kIw== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=SHw1h6ViRdUzmCcT0hkWmDqDj8ovX0I1Wzl+XULPlrc=; b=ykQlUkyCiW4TZAXfGUrxrO76sDgzTRw13322D9BnUUqMM3QtEj/sV6URDnF93+vXqgyMIFEKBUcwlgMIfT4YiuWxitJrTyuTxFJQpUmylpvBpwSAYdL2Kuz+0Xvs6xJf0Wby+kECwrukDWn0drpxBIpJEAyibeqJBK6fbuqqoqs= Received: from MN2PR19CA0022.namprd19.prod.outlook.com (2603:10b6:208:178::35) by SJ0PR12MB6832.namprd12.prod.outlook.com (2603:10b6:a03:47e::12) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6863.45; Mon, 16 Oct 2023 13:39:10 +0000 Received: from BL02EPF0001A0FF.namprd03.prod.outlook.com (2603:10b6:208:178:cafe::c5) by MN2PR19CA0022.outlook.office365.com (2603:10b6:208:178::35) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6886.34 via Frontend Transport; Mon, 16 Oct 2023 13:39:09 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by BL02EPF0001A0FF.mail.protection.outlook.com (10.167.242.106) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.6838.22 via Frontend Transport; Mon, 16 Oct 2023 13:39:09 +0000 Received: from localhost (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.27; Mon, 16 Oct 2023 08:39:09 -0500 From: Michael Roth To: CC: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , Subject: [PATCH v10 31/50] KVM: SEV: Add KVM_EXIT_VMGEXIT Date: Mon, 16 Oct 2023 08:28:00 -0500 Message-ID: <20231016132819.1002933-32-michael.roth@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20231016132819.1002933-1-michael.roth@amd.com> References: <20231016132819.1002933-1-michael.roth@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: BL02EPF0001A0FF:EE_|SJ0PR12MB6832:EE_ X-MS-Office365-Filtering-Correlation-Id: eb41732a-1e0d-4e80-e6c9-08dbce4d46bc X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: a3XoBNJ1O9oUpJ2xHQKDpcTNENU3Pqlc4IbGKyHfPNwv/vABvz6kQAbY3vjiTYmYw5qn2O1nWtU4DNdUV0iKmYI1nyQaTvGmuOPzZD4HEM/QQhNLMddF6M5P/1E6kccH6gUk+3MwAgKpzIspBrfxp6jayRwJbn83s5YL5jIRShuu6mwxx1JobiavVTMXVp0IRqrB1Y6x98tPGhnh31T65JKZKfe3tmD1aCPlA5U3fkfVMKxgHTPNGnOcHkElVamF40P/VeFHj7nQTLvs8Wllvbo6lSPEntKhX+2nMzt0sI1j8t0hzjQ6uZc8KCI8zDJywjUsfzWOduSiHlYa5qVTefQqMsfrAjyNm1EZb82XPLNmmGMP+H+DuIFPyOz0EEgyoPSJKn3xGE7oScLUzn+tZYDMx32cVhj30lQ/sx5ICeXGrJJO0xhVFD74+UVgmvr+5lltoK+gxusbosIlv058v/jMJ71qYJJbiVqQm9aGbf+hXZuPGYlJ10K4LuTA39gvPjPCs59AgZ9JTiSqDPAxWsyDNLrYsL7mpwDyrPKQTyNQ9fc6QckXVYuAtm49O7DpNmGp45gbbF1jioat0YO3SgFqNU7HcLTMrxRs9QfiNNXva0/p6YubyWvSznM8oD1pYVjkmV2DaWT6MW+8NI6HqEO5CpfWNauEYAegT9q/12UXQrK3qXbz1l2S3sa5sM45P0Vxg+o7ExJ/d6U9bDoQZb3bzq/p+rMiVz0y1mmWCJ9Xylt+yJAoKiU7hIf7vZej/viSOI8HW4+O6YkUi7p8hg== X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230031)(4636009)(396003)(136003)(39860400002)(376002)(346002)(230922051799003)(451199024)(82310400011)(64100799003)(1800799009)(186009)(46966006)(40470700004)(36840700001)(40480700001)(26005)(16526019)(81166007)(336012)(40460700003)(426003)(2616005)(8676002)(82740400003)(8936002)(356005)(4326008)(5660300002)(44832011)(86362001)(7416002)(2906002)(6666004)(6916009)(70206006)(70586007)(7406005)(41300700001)(1076003)(316002)(54906003)(36756003)(478600001)(36860700001)(47076005)(83380400001)(36900700001);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 16 Oct 2023 13:39:09.4676 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: eb41732a-1e0d-4e80-e6c9-08dbce4d46bc X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: BL02EPF0001A0FF.namprd03.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: SJ0PR12MB6832 X-Rspam-User: X-Rspamd-Server: rspam06 X-Rspamd-Queue-Id: 9A6A64001A X-Stat-Signature: 1jznii84g1tuco6rfx549sh7hi39rwmu X-HE-Tag: 1697463552-620683 X-HE-Meta: U2FsdGVkX1/Kmq03bBZTGyomG2DU8a22KuEaG2LsgOs9iBCxoFfDXWC+e1Nx64u5gZQybNwXxkZHELpE+SSHnZt66Tb593u8tCW0Rr6bS7PzWZWr9Yl5BRb1Ly/QWBNT2S0YIBbKs9t00CoCGckqxohALZSsA5PugPQAxF7tiVlZDCrCWPd4E6BNN1og+AOnSSjjrY668GIEbBWgdRsVLyPpkBdiDlDWczh5gP/rwOJywBZd7v/Kp4NmSA8DeQBIqaaeM0ZKYjpaqZL/3vhWEzoCrdPe1VeD8mUJcfpCYR5hRO/IgQNltrtAaH6zqSUpU0ftMM80mclJmifL/paUsAtD9J2OJZdznJIvTNDzrXJ2Qx+1/lt64ehNmmFK2yespDv03pPYNLJ+BASct3C+ys3kPLWscLNjxgBrFLBET6ZXTI36gZk74rxaaFPIIEnijeIvRCKmaAFxaf7bX2xRfECe95YyxTTZlnGXPnXN1bwKawSzBUT/q95UM2+JlVVI5CbbrhyKcCs+PkA1yv68aAgYYGaYTMuEb8gGk8TA+3v9ljxVpxLBBPAdo7IEwmVOmXV6wAHTXJvw8G7Njg2yFI8SlyeB4Fw0zjUFJd0Lna70COhbRD82u8pqup2ocJbNwDss3MH+9HdBnV+PrjbXq3V8Yj0il2VsQTbMrgBrJ8zF7SnjW28GpXE6wuBtYndRCfOQKViaWitVOvZzloR7a6u1s/JUdyAKm2Zq1+juK+1JBWWx4/ghcLdgzFvbJ+sjpg5/W6Cq+UkwPrcvB6g23Osv46AIIfZe2/FAePFvCMNeswaLS9Z+F0zclW2FaryiArnHCUi9Ba0K8DqHy8k2LoC1yLYY0fFsclHgL1m6oNH0HwBrw3r4NHRJ4Yl/I6H5k6h+fWnPb3hsmYp9xoaM7t2qK97DhwzcV8T35JCI3zoF47+5g02ASuO1JL4WtYYVjuIzqymI3OmpmWuH6PA MHX/NG9a zqRk8eBRZrr168zi6sFYLdDqV8IwYO1zCY8/ibPXzJXJtKHbwYlEru3o3i0Rc3QJ7a7PHmvr96enFI54L6O7IU1gxIKTo2Ae1aZ5uynyV4Teo8C6xEd4LrYXKZbCoBY/pyHNPyH6oaUsK8SPHu+dE5dZtNpLc/veFBI30/jHEQ/iN6oGLDqzepuF3TGnctISb295vB6eG+DdQwr/mTpyuY3Leo4tKFRtugjlKCBpGoWUG7jWIlDT6v9gSEkHzp1OAe8B6L3ZV8bKzq3pJKMLrbNuc81DtAwRdGNqEDqAxhSwAxf7AWJB6kzCbNJUKuwhpD3kkVozdMCo4fA6LlikSXyOrALrHdf5IhvCICTRg4scZSd506tokhCzc9yjSzrXhNbqQ X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: For private memslots, GHCB page state change requests will be forwarded to userspace for processing. Define a new KVM_EXIT_VMGEXIT for exits of this type, as well as other potential userspace handling for VMGEXITs in the future. Signed-off-by: Michael Roth --- Documentation/virt/kvm/api.rst | 34 ++++++++++++++++++++++++++++++++++ include/uapi/linux/kvm.h | 6 ++++++ 2 files changed, 40 insertions(+) diff --git a/Documentation/virt/kvm/api.rst b/Documentation/virt/kvm/api.rst index 5e08f2a157ef..e84c62423ab7 100644 --- a/Documentation/virt/kvm/api.rst +++ b/Documentation/virt/kvm/api.rst @@ -6847,6 +6847,40 @@ Please note that the kernel is allowed to use the kvm_run structure as the primary storage for certain register types. Therefore, the kernel may use the values in kvm_run even if the corresponding bit in kvm_dirty_regs is not set. +:: + + /* KVM_EXIT_VMGEXIT */ + struct { + __u64 ghcb_msr; /* GHCB MSR contents */ + __u64 ret; /* user -> kernel return value */ + } memory; + +If exit reason is KVM_EXIT_VMGEXIT then it indicates that an SEV-SNP guest has +issued a VMGEXIT instruction (as documented by the AMD Architecture +Programmer's Manual (APM)) to the hypervisor that needs to be serviced by +userspace. This is generally handled via the Guest-Hypervisor Communication +Block (GHCB) specification. The value of 'ghcb_msr' will be the contents of +the GHCB MSR register at the time of the VMGEXIT, which can either be the GPA +of the GHCB page for page-based GHCB requests, or an encoding of an MSR-based +GHCB request. The mechanism to distinguish between these two and determine the +type of request is the same as what is documented in the GHCB specification. + +Not all VMGEXITs or GHCB requests will be forwarded to userspace. Currently +this will only be the case for "SNP Page State Change" requests (PSCs), and +only for the subset of these which involve actual shared <-> private +transition. Userspace is expected to process these requests in accordance +with the GHCB specification and issue KVM_SET_MEMORY_ATTRIBUTE ioctls to +perform the shared/private transitions. + +GHCB page-based PSC requests require returning a 64-bit return value to the +guest via the SW_EXITINFO2 field of the vCPU's VMCB structure, as documented +in the GHCB. Userspace must set 'ret' to what the GHCB specification documents +the SW_EXITINFO2 VMCB field should be set to after processing a PSC request. + +For MSR-based PSC requests, userspace must set the value of 'ghcb_msr' to be +the same as what the GHCB specification documents the actual GHCB MSR register +should be set to after processing a PSC request. + 6. Capabilities that can be enabled on vCPUs ============================================ diff --git a/include/uapi/linux/kvm.h b/include/uapi/linux/kvm.h index 6f7b44b32497..3af546adb962 100644 --- a/include/uapi/linux/kvm.h +++ b/include/uapi/linux/kvm.h @@ -279,6 +279,7 @@ struct kvm_xen_exit { #define KVM_EXIT_RISCV_CSR 36 #define KVM_EXIT_NOTIFY 37 #define KVM_EXIT_MEMORY_FAULT 38 +#define KVM_EXIT_VMGEXIT 50 /* For KVM_EXIT_INTERNAL_ERROR */ /* Emulate instruction failed. */ @@ -525,6 +526,11 @@ struct kvm_run { #define KVM_NOTIFY_CONTEXT_INVALID (1 << 0) __u32 flags; } notify; + /* KVM_EXIT_VMGEXIT */ + struct { + __u64 ghcb_msr; /* GHCB MSR contents */ + __u64 ret; /* user -> kernel */ + } vmgexit; /* Fix the size of the union. */ char padding[256]; }; From patchwork Mon Oct 16 13:28:01 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Roth X-Patchwork-Id: 13423341 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 40CDBCDB465 for ; Mon, 16 Oct 2023 13:40:04 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id DA4528D0089; Mon, 16 Oct 2023 09:40:03 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id D54B28D0001; Mon, 16 Oct 2023 09:40:03 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id C1DCA8D0089; Mon, 16 Oct 2023 09:40:03 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0016.hostedemail.com [216.40.44.16]) by kanga.kvack.org (Postfix) with ESMTP id B14FA8D0001 for ; Mon, 16 Oct 2023 09:40:03 -0400 (EDT) Received: from smtpin07.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay07.hostedemail.com (Postfix) with ESMTP id 6BC19160969 for ; Mon, 16 Oct 2023 13:40:03 +0000 (UTC) X-FDA: 81351433086.07.96B7417 Received: from NAM04-BN8-obe.outbound.protection.outlook.com (mail-bn8nam04on2081.outbound.protection.outlook.com [40.107.100.81]) by imf08.hostedemail.com (Postfix) with ESMTP id 6B69016000B for ; Mon, 16 Oct 2023 13:39:59 +0000 (UTC) Authentication-Results: imf08.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b=CnGs34fj; dmarc=pass (policy=quarantine) header.from=amd.com; arc=pass ("microsoft.com:s=arcselector9901:i=1"); spf=pass (imf08.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.100.81 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1697463599; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=grPGNJHeh+fkzLl1ka1MoAHWzVZEeOTMwibxvprf8Vc=; b=xPYwUXuew0EPSAkYLtiOCe973zqQzLYfp2zaRnz/VlU3xHYEG+uCtO/RoUvalYRW6oBm8J V1508mb8mz4t4hbvX79/ViaGjltUjNuWrnG+dvIh29RxK4DrFKVA4BVTJhH3D/pWqnhP0h en3MoTDwML7daCsNBBVYXF2gToL8Xpk= ARC-Authentication-Results: i=2; imf08.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b=CnGs34fj; dmarc=pass (policy=quarantine) header.from=amd.com; arc=pass ("microsoft.com:s=arcselector9901:i=1"); spf=pass (imf08.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.100.81 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com ARC-Seal: i=2; s=arc-20220608; d=hostedemail.com; t=1697463599; a=rsa-sha256; cv=pass; b=saRXDfwqBJANT8OPwVg2toEIwd/7FnZYLSbpEv/qg5WZu0shsfB+ANQ4AloJ3a/8/+FZcG /b12vs6aSWgXHSNyUvMr5xDzuY4819o+Y3/ptZPUrREPMYZ6GCUBMenDDomRx/j+PiRW0R RoIWYIykhrzQJV8hJb5GcT8IyoaP2FU= ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=joQuYQfr2jx5xIfYtwUycRSQVgwNPBobfID1cEKPpMcvQWvV7CImhbOYmwe7KaY5L6dwHYKb9cS9kOYml3x1A5XFKVHnTNi/8Dkh0MFH7QpkLkD9egBd6GP57M/B2lH6+0xZWMMhc6m8U5LI3BYX6iuni8p1Yb3WPVNHAPWq7necEi03zGTXyIkRNb/dU3jcFRRafGH22pmjcag/ALyYREqyatghAbrMa5fcwRFfGYOE6vV+Qdd65oYfmN49J2URhW6OhuiJkbY+OmeCB2d7Nf8Ekmq+QUvWCWlPzsACZd9YuHRaMLL9eAx1kKbMPtg/Aok/EvoOVd4Yf8/qEKRPMA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=grPGNJHeh+fkzLl1ka1MoAHWzVZEeOTMwibxvprf8Vc=; b=CruOpnG3WRDkDgl1G9CdcvaqT2eSglrPfCR/X3ASQUpdMdeTpf+dIE9PgDq7lq9eo1u1XiBPBfik70JuV4Li3nH9mERJUty8wykIJefauixiwgZSW20dgAe6O/25kkYzrUoiMa3DGXoY88x9IJLCuWgGDXhE+T5FBz6ddGFz1oIEQk/SU3xrRPW+dA/g2V89Vd1HxBUIkx3tPT2nbMlra33DucjZL8vgRgKv51FKKnFJkqXToryrklU9y23uMtRLJJweCkSVCqpC2H4jEwMCeQDM9cz234mCX+iD9DCJq9bFa5i5tivxW1/EmaLZyXpjnqBiZgiUfyDKC86W1DBPUA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=grPGNJHeh+fkzLl1ka1MoAHWzVZEeOTMwibxvprf8Vc=; b=CnGs34fjmnDnSUjZh+2//HBD45jTJgst1I3Ephl2KEcmiLksDNaWWaDsvwTv8QInUXrcEj5qbD+ajNbV4jg3NLnrA6f2ahHvzWZrsFnGQ3iyfW1e0eYE/8aOeEDczX8KgJqqn4FrH0zq377B7v5DoXjD4t/1qoKCqKZhDGyKnAw= Received: from BL1PR13CA0396.namprd13.prod.outlook.com (2603:10b6:208:2c2::11) by MN2PR12MB4341.namprd12.prod.outlook.com (2603:10b6:208:262::24) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6886.34; Mon, 16 Oct 2023 13:39:55 +0000 Received: from BL02EPF0001A0FC.namprd03.prod.outlook.com (2603:10b6:208:2c2:cafe::ac) by BL1PR13CA0396.outlook.office365.com (2603:10b6:208:2c2::11) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6907.17 via Frontend Transport; Mon, 16 Oct 2023 13:39:55 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by BL02EPF0001A0FC.mail.protection.outlook.com (10.167.242.103) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.6838.22 via Frontend Transport; Mon, 16 Oct 2023 13:39:55 +0000 Received: from localhost (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.27; Mon, 16 Oct 2023 08:39:41 -0500 From: Michael Roth To: CC: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , Brijesh Singh Subject: [PATCH v10 32/50] KVM: SEV: Add support to handle MSR based Page State Change VMGEXIT Date: Mon, 16 Oct 2023 08:28:01 -0500 Message-ID: <20231016132819.1002933-33-michael.roth@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20231016132819.1002933-1-michael.roth@amd.com> References: <20231016132819.1002933-1-michael.roth@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: BL02EPF0001A0FC:EE_|MN2PR12MB4341:EE_ X-MS-Office365-Filtering-Correlation-Id: 4be8e5b6-169e-4697-400c-08dbce4d623d X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: fvDOup1UHgZc/uOSlGG8nIRJN2BN/BYiEzMjmU85mgKhNQGRGhhMJ32mJ36cLkbHfk+epY9wjo3lSJJenw5/+3B/kFmbU8oOcM8N1+zrAtYJeaE+zQ7wyrxGhAVTakPOUVclckOSeAUMd3+VZPTudJi8M2aaDELejA7U59FEYvwKsfS35aMCTrUtAp8OX0wHUXv2fmpRw5xLygDK0XBpiwKTX/iumTjuUimocdWA2UhEYKZKCH3PA4UZwPTRI77wjT7/jiTgAwb6Ws7WkP5PqOa6AI8UGeITvYfAk6d1CJvy2+pZU112R+jW++fbtd5kAZVo/ShOk0QGNTPe86M+LnnmNW+xLIPwNgnCOavNE5ue55k2Xx7e32EXCS9I3yJhi5t/zdL5bMi67zGveaukD6uGuAb1+c9c30socIQ6FQSGQ5O8cJ1dSdxbcHx514vpmVyXoXhvSxO8BSWMKiQRYSafuuVAWGuxqkPWlSVWtrHxzUCEhlx+pDGYHorvXzYcrr9x6WWaT2lEYE8/fjIsNiklBPlAUaC0Tg3cEa7aBHayhfaO99YFiMV4c4vTSv9pnLlEwStV5YcoVzboo2nLSkgBlcOfVjNlsMhYm1b+rBL9Ch3zAWaakdXZm6vlBXhujyGdHIy9gi84BhLm6J5lJGZKhLDYLlxFxZYZk5H30qtHnMohrGo6Aq2K0SC3r3pV4Pyqe/PfAJw367oNRbierIodYLEvP2+zR7r1u0gjzHIABkwnuTdC2Mz+3cOfIoQN26i1fHcFm6eDfjoK/74o7A== X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230031)(4636009)(376002)(396003)(136003)(39860400002)(346002)(230922051799003)(1800799009)(64100799003)(82310400011)(186009)(451199024)(46966006)(40470700004)(36840700001)(40460700003)(1076003)(26005)(16526019)(336012)(2616005)(6666004)(426003)(36860700001)(83380400001)(47076005)(7406005)(44832011)(4326008)(7416002)(8676002)(5660300002)(41300700001)(2906002)(478600001)(8936002)(70206006)(6916009)(54906003)(316002)(82740400003)(81166007)(356005)(70586007)(40480700001)(86362001)(36756003)(36900700001);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 16 Oct 2023 13:39:55.8260 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 4be8e5b6-169e-4697-400c-08dbce4d623d X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: BL02EPF0001A0FC.namprd03.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: MN2PR12MB4341 X-Rspamd-Queue-Id: 6B69016000B X-Rspam-User: X-Rspamd-Server: rspam05 X-Stat-Signature: whny7jcwxfu5e1966kzkyfsagt8r8gpj X-HE-Tag: 1697463599-912045 X-HE-Meta: U2FsdGVkX19gx9CP/hHUBj7yc9MGvaRKJV/PCdnpxo0FvfmpU8COwIx7JXapAakfADPZbdVvjPgr+JFeeuJs47XnnhQbu3ryYC0pGqfXQ7ncJ9EH7UbE20POkqTax9hE7DZBVpn6jMtfHBngDl+BlfpcoNPZoEqMzkKFH+9tzteHp0gUDJKSll6wJ7SBa8Hdc0IHElOTiTQAWuARJaMzcM6kV+csC9HltCPUuv0uniNTUiRkb44jWQQtsmLpsMaoARjmQR+WDvB9U5OuD0UtllvzwvrEN24WYZTKSUP+xhIUi0mzMeBmLNdoBDxmkUc5LPIPg1F5mcJCoJ43a2jC7oaWA/f8XaNTwexoqKi9X6QGaBMhEAhQvqvb+2DsiJQ+RN6glt6PAE0khZ3YkAsMDzbFKet/Tq2pFDmDjkPc1Yu8MEEJNphiXDZRu2hqT6IwWgNX7R4lR8BNJbpZ5NU0m44xjA2raw2Znhn8qbR97CKboYF5fwBDxEa4yivDzK12nurLd0iQHkdN+UiaxlLM+hV9OqnnQMtV++fLSCi7Zhzre+33UiDdYkI3ZhqOtfH6fqb+QaqdLxOHJyXIvT102IYPy7flBSUJ7hKRRvXfpL9WlT5aCFpKnvWd57nFo8sncWYPVtLqcRz/O7fBKOuhY7aoYpK7aBDqgerii19yx5wtP3VX3Mkgunw3DPJUcJhmrXNrwTlI0OFGZtNtNzt/XmSTvp3GESXpgN5uKxaCwuXVHos107wbtHzam/Ipsadyrb7CRUn6LVU314J6a4REtyDVUfK9J9vwPUOoLScFvV96VZOwlzDF3r2nIANYxnBliQ2nYwQ3j0BgMpl0zTPz1S8RPthTiEkcI53CeIPnf6q2wE3jpv9AEMa7fZQLy0dxWLR2WYMu2YYllFUiQ/U9oKwYyTeObXJ2k+F9MCzUlRORSjmTaemY8VZf3ufAcC2ZxGtgVkBN7XIFFF7OZtd T8hbb3zf nhy9AX3JzfKhZeYsMv8z8PVTXmH/IvVL1vFrkVNewZBkEcaijQWwU2wrHgZ04LmxkrA75Vhb2HsrxQmTRlNIRX1RP77azrB0ljrbWu5RnlhJm4J+S3lJ8zUNWfZ1WDnZJfmGmfjlb+1Q9x5TKrjhzZiGiZyHKyAliKuNClEznXjGVjsaixdf51Tt8iyG0ingQ3QI5Y07xsM6WsVkHDqd/X00wa2vxDnz115uOnpcKVK7fg1i5qTTw02S26fhG/z5UHKQ55oNrTv39adUhy/7lP5PtCgmBwhYnUSt5MmMVARaMZEAlFcTKsWF4MAd57hjXKJwWrME2ZkiTzgSlA4FunK3GPajCZH6LUOu3phmmFdloVrIjkhUL0PDlvg== X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: From: Brijesh Singh SEV-SNP VMs can ask the hypervisor to change the page state in the RMP table to be private or shared using the Page State Change MSR protocol as defined in the GHCB specification. When using gmem, private/shared memory is allocated through separate pools, and KVM relies on userspace issuing a KVM_SET_MEMORY_ATTRIBUTES KVM ioctl to tell KVM MMU whether or not a particular GFN should be backed by private memory or not. Forward these page state change requests to userspace so that it can issue the expected KVM ioctls. The KVM MMU will handle updating the RMP entries when it is ready to map a private page into a guest. Co-developed-by: Michael Roth Signed-off-by: Michael Roth Signed-off-by: Brijesh Singh Signed-off-by: Ashish Kalra --- arch/x86/kvm/svm/sev.c | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c index d9c3ecef2710..4890e910e6e0 100644 --- a/arch/x86/kvm/svm/sev.c +++ b/arch/x86/kvm/svm/sev.c @@ -3269,6 +3269,15 @@ static void set_ghcb_msr(struct vcpu_svm *svm, u64 value) svm->vmcb->control.ghcb_gpa = value; } +static int snp_complete_psc_msr_protocol(struct kvm_vcpu *vcpu) +{ + struct vcpu_svm *svm = to_svm(vcpu); + + set_ghcb_msr(svm, vcpu->run->vmgexit.ghcb_msr); + + return 1; /* resume */ +} + static int sev_handle_vmgexit_msr_protocol(struct vcpu_svm *svm) { struct vmcb_control_area *control = &svm->vmcb->control; @@ -3369,6 +3378,13 @@ static int sev_handle_vmgexit_msr_protocol(struct vcpu_svm *svm) GHCB_MSR_INFO_POS); break; } + case GHCB_MSR_PSC_REQ: + vcpu->run->exit_reason = KVM_EXIT_VMGEXIT; + vcpu->run->vmgexit.ghcb_msr = control->ghcb_gpa; + vcpu->arch.complete_userspace_io = snp_complete_psc_msr_protocol; + + ret = -1; + break; case GHCB_MSR_TERM_REQ: { u64 reason_set, reason_code; From patchwork Mon Oct 16 13:28:02 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Roth X-Patchwork-Id: 13423342 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 9A195CDB465 for ; Mon, 16 Oct 2023 13:40:34 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 3B9638D008A; Mon, 16 Oct 2023 09:40:34 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 36A5F8D0001; Mon, 16 Oct 2023 09:40:34 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 20B6C8D008A; Mon, 16 Oct 2023 09:40:34 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0016.hostedemail.com [216.40.44.16]) by kanga.kvack.org (Postfix) with ESMTP id 0F2F78D0001 for ; Mon, 16 Oct 2023 09:40:34 -0400 (EDT) Received: from smtpin24.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay05.hostedemail.com (Postfix) with ESMTP id DBC4D4095D for ; Mon, 16 Oct 2023 13:40:33 +0000 (UTC) X-FDA: 81351434346.24.46EE377 Received: from NAM04-BN8-obe.outbound.protection.outlook.com (mail-bn8nam04on2052.outbound.protection.outlook.com [40.107.100.52]) by imf16.hostedemail.com (Postfix) with ESMTP id C867618001C for ; Mon, 16 Oct 2023 13:40:30 +0000 (UTC) Authentication-Results: imf16.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b=uq9xBeFq; spf=pass (imf16.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.100.52 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com; arc=pass ("microsoft.com:s=arcselector9901:i=1"); dmarc=pass (policy=quarantine) header.from=amd.com ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1697463630; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=DUa4LLN/5rx18Dya9AF6PZolJHOKQF5UHzcW/KaErq4=; b=JRO/MWLnj68girgqPQN6bzIbCKfVik0tMBiJH+kUcxkYgTeHoiG28bZZnHZVcYPHbJ8vrR 3x6a1ybowA7/T/GpcWm+WcclnV0awCifEPwXlyQpIV1CwFL/qrmUY1R774Y4xt/ievT714 2nhegVIImpW7Xvfvv74SjEP3dHkrhgk= ARC-Authentication-Results: i=2; imf16.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b=uq9xBeFq; spf=pass (imf16.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.100.52 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com; arc=pass ("microsoft.com:s=arcselector9901:i=1"); dmarc=pass (policy=quarantine) header.from=amd.com ARC-Seal: i=2; s=arc-20220608; d=hostedemail.com; t=1697463630; a=rsa-sha256; cv=pass; b=YrQBSJ1JYDLkTTXYk3LfP6neiwTp+9pWO1c9ZzRDWxqBkW5BHvV2tjG+N2wpwOpHMCtKKE KHoSVV67Ikzm9DkPXcO+sF7K5PhR+ehJpQOFu4rRE9/W6en5jDAYcLnayIhczy+m6o1qo1 UofipxoEmF/adfmz4W7MIgo+dW/QsxY= ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=V+jYcA+pn2G17xiz2r4hu/jjEFmyAlxm/BlXSqkguWhTuEJ5fplC1zOCLBb8IXv4otBDbMrVcYwQ2pmqr1seBUVgVAkOnhPPgfdtFDhFD4btx6zHCTcoYlHmTMazWYOVPmemKK0BjOe9+Skhd3rD+SB5xxX7qvf+47s6O5faLW9xekfaUgWG17itDfGVz785CzkvgcKSDgk6ZYg7EpY8bFa559jS/KWRSvAMAzPytzcjm2ZToaxaM+JdShEUXGX8zdNDirV99En0yGmLn2zYyhv04QxS9Mfjl/korLlT5m56sJmJBiORA43ry4gPSbuhx8jg7eTTFMhyWjYMWurI8Q== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=DUa4LLN/5rx18Dya9AF6PZolJHOKQF5UHzcW/KaErq4=; b=G+o7I4gbtVSkFXPzivo6NWDgWsTCFbcEmnnEg8QWK/26pGE4c49QIZBWRBMEqkzcZvM/2Qc+7hL37Jkd4N2fbWDg1fYBRv6SVpjZsbQZd/XQWkoXRRJoazkP8rXxvDGIW7f7hEwyNXK1P2GGb12sFuc1fxw5mEXnXKsIJ1P8liyduHWvnj75BI/6CV15vTYt/FdDsbPcvDxxWFwj7EkJaLnDHw34IyLbPDynesmUs3NLDd8rlGhpVZQp7f2mEIyvtSAiL7m5Fr9AJm6FiQplcmU/nAkDkg7QyaSSjbCvE4kVumzQ5ruqBIpJWvsbgIjjbKIO+B/QHftdNhzVPNi1iA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=DUa4LLN/5rx18Dya9AF6PZolJHOKQF5UHzcW/KaErq4=; b=uq9xBeFqA/3ZAO+/jRiI4TgjSpIO1VoBn+3D2+/GlNZKHZJglpO3w+WnquWGobCe7IDx9YLnHx1uc2dOh1KMrvVCh1HCKFBsEIBR+WTQI2l/b/sUI5vjigLcLDtam4tQFYY4NLq2zAC26exzn5ZHCjPkfTZBCEiC4TobsMkmqng= Received: from MN2PR22CA0009.namprd22.prod.outlook.com (2603:10b6:208:238::14) by BL1PR12MB5063.namprd12.prod.outlook.com (2603:10b6:208:31a::11) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6886.35; Mon, 16 Oct 2023 13:40:28 +0000 Received: from BL02EPF0001A0FD.namprd03.prod.outlook.com (2603:10b6:208:238:cafe::86) by MN2PR22CA0009.outlook.office365.com (2603:10b6:208:238::14) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6886.36 via Frontend Transport; Mon, 16 Oct 2023 13:40:28 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by BL02EPF0001A0FD.mail.protection.outlook.com (10.167.242.104) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.6838.22 via Frontend Transport; Mon, 16 Oct 2023 13:40:28 +0000 Received: from localhost (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.27; Mon, 16 Oct 2023 08:40:26 -0500 From: Michael Roth To: CC: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , Brijesh Singh Subject: [PATCH v10 33/50] KVM: SEV: Add support to handle Page State Change VMGEXIT Date: Mon, 16 Oct 2023 08:28:02 -0500 Message-ID: <20231016132819.1002933-34-michael.roth@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20231016132819.1002933-1-michael.roth@amd.com> References: <20231016132819.1002933-1-michael.roth@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: BL02EPF0001A0FD:EE_|BL1PR12MB5063:EE_ X-MS-Office365-Filtering-Correlation-Id: ebab6e9f-3d80-4c8c-353a-08dbce4d7591 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: uWM/sit0AX4lrdxh6e5divQtzSDR0AmcQ2infXvZ5YoA7PlPMCQyxY1RWZshW9CqKnYtal1b1mI9JI8/VLgebEHpczat1BknGjRlHmwU9YcRMpIgXu1aKuWEKxN4R/HPBuAJXw+GAeYDR87P7q5KGM4YqCLnpeyaKlCZC9UBhi0GvqRYtY14APvUX4X/I40hcHKW1g715nwltJfylKTumBj7K3/AvF+Kel40UWNZ49u7SyExpJZQM1ZZizwaVFFatgz8Lvy2qwOcqIMGCpcSLIBtqAVX2ZxtR3aU0suuWsxcSjSdOqIZwrk4NUL30SyY0GSeS9SiOLdod+VCFe+YZoEw0Kss4A7t4Bd2EjQhE/OQPaoKPHIREzWV3wmdFXiWwtyZ07jOZtCQyKuIMQIRsoG7PcSy3GxEACj7T00Z7joPBcVEB691NK/+6YOsayMZcZcofpBrJ1plPX7iVLqv/G9B9CiQEcmhBNaJUG7aMoCJBQCqcUVXWIQ6z81MiMzGvQORKp9beWV+SaWMvoKS/KD1QyxGbg7s2BZb4RSeJZ5TntpzA/RvsJ4Y0yMkV+rP+JxsH9sIPNwxF8LqnaGJvAjxXM0uA6E0mJYVTyllRWKtP2auqEQPPtZBCiagYfHkn81sfu8tF9PjZUgAZzAhXzs2JsDtDlz86PoVo69SAYJeee5qzJhxMX1efo1E4cLAFwMgx/00Rgt2XyYTihFLJ5FQIqEZwNtOFeiyi46YJ7Uvh+S72plAwuC4a+hamklafXcVw0PcN2oHpnqg6KAy+w== X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230031)(4636009)(39860400002)(376002)(136003)(346002)(396003)(230922051799003)(82310400011)(1800799009)(186009)(64100799003)(451199024)(40470700004)(46966006)(36840700001)(70206006)(70586007)(2616005)(6916009)(54906003)(478600001)(316002)(7406005)(426003)(1076003)(336012)(26005)(16526019)(5660300002)(8676002)(8936002)(4326008)(44832011)(2906002)(7416002)(41300700001)(86362001)(6666004)(36756003)(82740400003)(356005)(47076005)(83380400001)(36860700001)(81166007)(66899024)(40460700003)(40480700001)(36900700001);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 16 Oct 2023 13:40:28.2686 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: ebab6e9f-3d80-4c8c-353a-08dbce4d7591 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: BL02EPF0001A0FD.namprd03.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: BL1PR12MB5063 X-Rspamd-Queue-Id: C867618001C X-Rspam-User: X-Stat-Signature: n7zec5qo39tg4xrnqd3qd3jcztsusjkm X-Rspamd-Server: rspam01 X-HE-Tag: 1697463630-319891 X-HE-Meta: U2FsdGVkX1+819r+RsFF7RSn0pXXN+fP+NO2C0P8nI72b3HpxQQH13WUjMRHM2CqBurWbWp26H43K7gosH43rOkpAXjg/nekUgmJOryIhDxkRI8SNXSFH5b8tb8LA59b+9gBgDlIU3GJ9BLShpv7s8YB2migwaNyd/TQkWQ27AeJAK2vWuyU320YIQI3H1lSzKmROENE3Ac/L3EJaZwc1sC1cJJ27xX7UqApYja6sKPJvVsXT93kdlSjd1peNILc8QvpNb+0MFrWBzkhypTI1swdO5aWyY01W/wvCEBvQ0OKV/I/UbgTEXyxaFxT5+4ivCTIeEBJKTG1MWXGHJcFiXaX/7WC+vP7tNcZ46dPJtBQIu8KfMTv6F+1+6dZ+HyPo+gvbwXLWUVE/6zwCWT/VnotqCZR0HamdJ8cEn0GLiixs9f2g8zIzsRHscbpkIo4RQL/gUgOrsKFKpUU2mZTYiXbO8yh9bOKYCUHCaFWijdH9ToceTNyZ2JfDcFzLCyC8qBXgKxHVwWNOfTI/ha9WHaDRlkRL4i5uUtk/DulwwnE6niaDrUsV7GBnEA1+6MDStB0H4LG1VvyoS/+idsEquopo3TTUiZD2di7DM0KDla3zc0819QlWI6C0ihJMACgetDgUfAtQ4IuQlNAiGoxg3eO593qaPk7axOAVxaHltTNgJBDyhNYfhhrnFOKZGGz1DDNrxMhu8m69O3JDxVVNU6mk8SgARy5SUtPnvV4IP+6CMjxvj9b0di2r0ocj8+TmLnORUFY8+CMu9Mik1qY+pjR2bt4N8Piiudh/JuzI3afq7JmyhZGZKds4miafBBSqHsNLYEUA/kCxDDCV1C85eGcvug7yGB3LwQiTj3NChVo/oZtwGUsLcTs91zwEhrwy/HGHayTAk3Ub0Axi0tjS1w0eoKwTb/Q/OPVpBOn5Ta8O+J27kP3Nv5Wxx16OdET521Jt+5hmMNGyrAHxOd kkbbtNsa R3GtqRMxr1SUhmVaorhuZJMApfR2Y2UC2FYhX4s62rw00xWYgmyNOo0cpfJsX00hbu7uVaZurnErnSeZne6qeKBQS1URXJA9/clW8BZglP49vIR0i96fcyscLXKynvVLRo+zYA6Xt+h8xQNEipQNwVjrEzWKfgY+iN/BtEVkVjuAOjJg6MjxVFwE2Cmkj8CtHKQPm3DhUL1Ipih8Y8cVsOeG/WjjRJkK6p6Y5JXsrhO94KmmZTfwZjlyOgCVei7/Q6Ptm6GbDHfYLC0pyEH+PCuHbPqge6i7XORxJm4cHhseC2NNtYA4/GnPIVENECJ6pYC56hIuI2JlOHx54LDWYUnMeV8o3aBWY+aLNA32yJ5Iox5hX+88eiodTkg== X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: From: Brijesh Singh SEV-SNP VMs can ask the hypervisor to change the page state in the RMP table to be private or shared using the Page State Change NAE event as defined in the GHCB specification version 2. Forward these requests to userspace as KVM_EXIT_VMGEXITs, similar to how it is done for requests that don't use a GHCB page. Co-developed-by: Michael Roth Signed-off-by: Michael Roth Signed-off-by: Brijesh Singh Signed-off-by: Ashish Kalra --- arch/x86/kvm/svm/sev.c | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c index 4890e910e6e0..0287fadeae76 100644 --- a/arch/x86/kvm/svm/sev.c +++ b/arch/x86/kvm/svm/sev.c @@ -3081,6 +3081,7 @@ static int sev_es_validate_vmgexit(struct vcpu_svm *svm) case SVM_VMGEXIT_AP_JUMP_TABLE: case SVM_VMGEXIT_UNSUPPORTED_EVENT: case SVM_VMGEXIT_HV_FEATURES: + case SVM_VMGEXIT_PSC: break; default: reason = GHCB_ERR_INVALID_EVENT; @@ -3278,6 +3279,15 @@ static int snp_complete_psc_msr_protocol(struct kvm_vcpu *vcpu) return 1; /* resume */ } +static int snp_complete_psc(struct kvm_vcpu *vcpu) +{ + struct vcpu_svm *svm = to_svm(vcpu); + + ghcb_set_sw_exit_info_2(svm->sev_es.ghcb, vcpu->run->vmgexit.ret); + + return 1; /* resume */ +} + static int sev_handle_vmgexit_msr_protocol(struct vcpu_svm *svm) { struct vmcb_control_area *control = &svm->vmcb->control; @@ -3522,6 +3532,12 @@ int sev_handle_vmgexit(struct kvm_vcpu *vcpu) ret = 1; break; } + case SVM_VMGEXIT_PSC: + /* Let userspace handling allocating/deallocating backing pages. */ + vcpu->run->exit_reason = KVM_EXIT_VMGEXIT; + vcpu->run->vmgexit.ghcb_msr = ghcb_gpa; + vcpu->arch.complete_userspace_io = snp_complete_psc; + break; case SVM_VMGEXIT_UNSUPPORTED_EVENT: vcpu_unimpl(vcpu, "vmgexit: unsupported event - exit_info_1=%#llx, exit_info_2=%#llx\n", From patchwork Mon Oct 16 13:28:03 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Roth X-Patchwork-Id: 13423343 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id CA0D5CDB483 for ; Mon, 16 Oct 2023 13:41:01 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 540578D008B; Mon, 16 Oct 2023 09:41:01 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 4F1138D0001; Mon, 16 Oct 2023 09:41:01 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 391B78D008B; Mon, 16 Oct 2023 09:41:01 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0012.hostedemail.com [216.40.44.12]) by kanga.kvack.org (Postfix) with ESMTP id 2A35A8D0001 for ; Mon, 16 Oct 2023 09:41:01 -0400 (EDT) Received: from smtpin01.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay09.hostedemail.com (Postfix) with ESMTP id EA56A806BA for ; Mon, 16 Oct 2023 13:41:00 +0000 (UTC) X-FDA: 81351435480.01.ED72F59 Received: from NAM04-BN8-obe.outbound.protection.outlook.com (mail-bn8nam04on2061.outbound.protection.outlook.com [40.107.100.61]) by imf30.hostedemail.com (Postfix) with ESMTP id F116580021 for ; Mon, 16 Oct 2023 13:40:57 +0000 (UTC) Authentication-Results: imf30.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b=yDXLRJwv; dmarc=pass (policy=quarantine) header.from=amd.com; spf=pass (imf30.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.100.61 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com; arc=pass ("microsoft.com:s=arcselector9901:i=1") ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1697463658; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=mKj6OwdFFKW73cQm+mqVj3AebP/aA4ntoX+PK97Dxi8=; b=LzDayVRiZz3bZsxbW3LZupX5PxjEttNvqwdF9JHhL8Sv2+Sih6xQ6jcS8A2PaLRTHuy/Rt XVWI4zg+LBLxJ3vlpfW6lPzAw/md8xQ45EN+gpv0OlLp/GjxzlYngI19zP1Dd8w0s1WBmk LWAMStIJ4hXEct/LyNrIc6FbEDG4EW8= ARC-Authentication-Results: i=2; imf30.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b=yDXLRJwv; dmarc=pass (policy=quarantine) header.from=amd.com; spf=pass (imf30.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.100.61 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com; arc=pass ("microsoft.com:s=arcselector9901:i=1") ARC-Seal: i=2; s=arc-20220608; d=hostedemail.com; t=1697463658; a=rsa-sha256; cv=pass; b=6QQxm1j4l+4i/hKeORwTcWEg1fFRkMPbtVtbNEfVafNsJILX/m3S36wRFzv9Ehvd+iFHgT f8gKSnwyyKNq/u0LmMHcuNACB0LIp1dwo+WV2y/bXV3hJXw0wIRyctpLPeaQ2tbjg0voQY dRkciuy5x77Sz5utlP1MWZZG28HrYVk= ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=nkPRP3TKScjhsW5vBDEjNwM7EYMwKyGYQnlVxRlsqP+HQrlRgr3StCvXlTMjK9nP4ROU2rZ2+dFtYgFdpCp0nYeWpT7j6FhXa4PZJUAkiU4xV7cryFUF3pVn21KCKr9kKhyuWabV3E2bPjZ5SEYmCLpWkF3nVv0QRfmgWKaSYbdS3yvPe5zTn5OXpM+aDJzH+tQIQcKkgODUw+AXTf+s7t4EETHyzDEI6fTboe5maF4/yZupfwQ3YyewzZOIDJmVmhjQ5EIYOq9Wyl8JSnvYrvFA+LQL0OFRI57ECzyroVSibqjWqg7jS/T8PmSXfON6p8DAY7cuY3Nq9DZ4rY0hhA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=mKj6OwdFFKW73cQm+mqVj3AebP/aA4ntoX+PK97Dxi8=; b=HHjktoRYFSUfQ6fIlBZBxZR3+8htxTGW6PiJn5cMDTAoGkjIPPwyfYbl/4GFynYzy9SnFEmUXdlXAEuEyk/PoNHdJSQf8LBy1TRMwuhe4ItX8ZQZ5X1+JwfRiRDG+Zkex+cJvj9KX3afu+iE7TxaAq2tDXPToyDkBVsF0YVhHmxu8D5BA9D/UwovheNTeWbtLUWLazoLnvgVhnsNPMy+v4Y/OaVxO7UXm7/e/GqaJS/M0rdax5o/dFKgema0xzcFxKZkC6HPvimjIeDOZrVH47YXCGlieDFA83WOor//mfJFcovoteDkcgV0G4slORfP8hs/1A07LeOq0ImSOF3dOQ== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=mKj6OwdFFKW73cQm+mqVj3AebP/aA4ntoX+PK97Dxi8=; b=yDXLRJwvaAPfpQPTs0fVYZoZCsqwM0sBRQSwb9vb00CiPfscSseMK/P6zDhw1YiTN271iBswU5W5wnaV7T36cLhscJ5JvCg6aOfnpQLPO32YfAhAMn8hOo1R8vKqeOG06nYP2CogyXqoDPNz7YFIKlLVdcuwKp9ieLrAh5XzDlw= Received: from MN2PR11CA0024.namprd11.prod.outlook.com (2603:10b6:208:23b::29) by CH2PR12MB4889.namprd12.prod.outlook.com (2603:10b6:610:68::16) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6886.35; Mon, 16 Oct 2023 13:40:52 +0000 Received: from BL02EPF0001A0FB.namprd03.prod.outlook.com (2603:10b6:208:23b:cafe::74) by MN2PR11CA0024.outlook.office365.com (2603:10b6:208:23b::29) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6886.36 via Frontend Transport; Mon, 16 Oct 2023 13:40:52 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by BL02EPF0001A0FB.mail.protection.outlook.com (10.167.242.102) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.6838.22 via Frontend Transport; Mon, 16 Oct 2023 13:40:52 +0000 Received: from localhost (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.27; Mon, 16 Oct 2023 08:40:51 -0500 From: Michael Roth To: CC: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , Brijesh Singh Subject: [PATCH v10 34/50] KVM: x86: Export the kvm_zap_gfn_range() for the SNP use Date: Mon, 16 Oct 2023 08:28:03 -0500 Message-ID: <20231016132819.1002933-35-michael.roth@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20231016132819.1002933-1-michael.roth@amd.com> References: <20231016132819.1002933-1-michael.roth@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: BL02EPF0001A0FB:EE_|CH2PR12MB4889:EE_ X-MS-Office365-Filtering-Correlation-Id: 44cacf42-17ce-4f79-9279-08dbce4d83cc X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: V6Oj7rXSyxI941yFUGCscT2MpwlvnPB9CcWCxh3v0Q8miNwSOuEH6+cSLoUs4ygF1r+ryOBFMQqziCPVTtwalh1gsNByTvj1MbOEc0ycGeXugBOMHeQheSuYjjd/RFwP8gY8FyEH3K6/gsAO0PM4UFAIyouD9GYl08Geky2kWHSlX8s0F0Oo2g34nAmxlIrBvtJfUdQm2Xb6+ay56MwGvnNuMs/9WjGK/o9xqb5a1HHTb0vXI/C4UJDuiqol4+9/fyKcriyrKj/5odOtdr0L/tZ0C3i0QhhbMmvVHAl0rlggmXfAMa1d9tq04xOMGWpSWdJN7//Q51Izsr56mctGkoP0rwnjHOrZamRIRCflNEAbDrXWUIt45xuMaGjzHdVVJXsxrsDdcOVnkLplkQDSj6wrBqYo1ArcQh60HdJF70w6S78otjsEpQiFq2rddsZZZleYnohwQN6bYUfGCmMF++zQWD7iEHLXTmkW2+2SOtLS2tgdJkn67ZvpLHkAc8yU+hclrLi6xscg1BcIPTplB04ZhanEVCql7V/zw8LlPmD5Luzsi2bsoAm2OnmAXcDwG55jvAfI/yayk75dazwMpJkhzLjB+T0UDln85bKAOFx7NMiv8JDbcAq/jzLF4v78Q5wYsebu1aYUEicfsfrAgfuD5G6/0iPgG0h+d3rC32aoDi2Aq1IzYuFB1yBDmhtkCdJgxW1vPc2FuHP8JVsVr0yssd+dVmJWCNNMk6re9c1v3MTdTSU+3dPNUhjXRNLADf4/dOmDE6VRcX4s0wMhHg== X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230031)(4636009)(39860400002)(396003)(376002)(346002)(136003)(230922051799003)(186009)(1800799009)(82310400011)(64100799003)(451199024)(40470700004)(36840700001)(46966006)(40460700003)(336012)(426003)(16526019)(36860700001)(1076003)(2616005)(7406005)(83380400001)(7416002)(47076005)(54906003)(70206006)(8676002)(4326008)(316002)(8936002)(70586007)(6916009)(6666004)(41300700001)(44832011)(81166007)(5660300002)(478600001)(2906002)(82740400003)(356005)(40480700001)(86362001)(36756003)(26005)(36900700001);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 16 Oct 2023 13:40:52.1457 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 44cacf42-17ce-4f79-9279-08dbce4d83cc X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: BL02EPF0001A0FB.namprd03.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: CH2PR12MB4889 X-Rspamd-Queue-Id: F116580021 X-Rspam-User: X-Rspamd-Server: rspam02 X-Stat-Signature: k1f4kkg595zhq9a3hum4ugyrimgsbf4j X-HE-Tag: 1697463657-852855 X-HE-Meta: U2FsdGVkX1+qoQZgEh61sC/GQwd/AcRPjUhGRMR08ByhNngL1Z4Cp7ECVqn/19xHAKyaopUXc9XX2n9J99kqWRPiv0cp4prjp9WeTu4ZVeKy5+VLt2g33CH7zhmHypU6kg4fM7bEagAj/8jgSAvNIuWgyrYpl+B8M2gNgUztH/ta2Ls3vJygPaQr06SjsGu9up6QJ/9Plm2GRF6eMPfkEuao/9MQrjEcJebn6o3kBnlUWM9Q/IAQSO/uxthnRCYvL07URdPLm5FA6pWmffridd2Wij2UQHwfxHtBETZCKCmRMGL4nNrBfpMR3lifMlWJn2m6+bQFWKLPHy0FgJCJpFskmaWsiTbxzk2Y7loezfCJN2zpkFPM5fvcSAx1Caud0ZnzMysAENPL1pRXMtCHGNHNOPi7lMCXM5EP/14Dt4oma4y/BZfmP4YUR8S77lLGcingH7n9w8IwTMlODo287ECjp0UhZsv7JQeZW/5P4tvLoYR0/soa3r4oGq7xg3K/3IJ0CgSRNhXccA4TCxs0EUS2eQXTZla4gxtjOphSXBAT2lhoEcRKyFNFE2dUO9TeivDTsPYHPYHynuBOVIQ31s0EVGrOMeFpGmJeQYAiE1ZVu4iok7Pdp3lFRarHrXDPNuszKiHx7hjmRNcmo5uG7n02T0zZFPQFzpb2QG4/3UClZd2B2vHwhQsPDUl1kEj/VVxE+obqGxxKm8d6cqQoNEr+DddKpb4S9RdT1qzpP6DPhOT0BOFObYhmSF1CPf56exgkE51XDfB/ReUFunEezoKO2CCb3PWJZ4kT0zhgkYI+0DcH35XFVgC3QPIDwTMsc2dr8BSpiIEw7eNvAfNjpAjde4qfRK3T6X/KzH88nVfmzV0ItogOJOaWEQD7tov+AVBuA9YXtj6oKl8GnUV8EMAoksptGDECywiYKtaVwQzh2pelNkqS7P3sqhZX1XAT15T+2N5ZLKEM7mHpuWK CH4CfSs/ bg8hyPxHs5z/+YoI1WsqCoB3WHcdfUSdEYAjygRwMDBGhcsQZzoILzokcvkUUdir2na2QYyDCKgdzvT7wg9TZPP050DenHajxaTyDYy9xOGXt8aO39FiM7ni9ZOVxpDRSOXHYkvAZ6nwHm3Ndaat4fWszLDjGaMIJ0NqMyY+Tp4b7YyFO5mjBXbss4CfloRYN+qihM5vdoETx89PsmrjTW9f3lFAOWBLcOMlZfyX1DUED+IXrduDs6CTrkmW66iczg//zdutt8Qv1XkZjHG+hau6w+C+nRN6xnRS7IJ5nPOk0cKf03aCr/FGW4NHP/x30El4uQOl+LPZESXTtzcAwXUjeCPbMcrN+xTqO9ZCeeY4C0S6VyYjywumerXvbzKJUF1Sr X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: From: Brijesh Singh While resolving the RMP page fault, there may be cases where the page level between the RMP entry and TDP does not match and the 2M RMP entry must be split into 4K RMP entries. Or a 2M TDP page need to be broken into multiple of 4K pages. To keep the RMP and TDP page level in sync, zap the gfn range after splitting the pages in the RMP entry. The zap should force the TDP to gets rebuilt with the new page level. Signed-off-by: Brijesh Singh Signed-off-by: Ashish Kalra --- arch/x86/include/asm/kvm_host.h | 2 ++ arch/x86/kvm/mmu.h | 2 -- arch/x86/kvm/mmu/mmu.c | 1 + 3 files changed, 3 insertions(+), 2 deletions(-) diff --git a/arch/x86/include/asm/kvm_host.h b/arch/x86/include/asm/kvm_host.h index a3983271ea28..b9e783d34e94 100644 --- a/arch/x86/include/asm/kvm_host.h +++ b/arch/x86/include/asm/kvm_host.h @@ -1872,6 +1872,8 @@ void kvm_mmu_slot_leaf_clear_dirty(struct kvm *kvm, const struct kvm_memory_slot *memslot); void kvm_mmu_invalidate_mmio_sptes(struct kvm *kvm, u64 gen); void kvm_mmu_change_mmu_pages(struct kvm *kvm, unsigned long kvm_nr_mmu_pages); +void kvm_zap_gfn_range(struct kvm *kvm, gfn_t gfn_start, gfn_t gfn_end); + int load_pdptrs(struct kvm_vcpu *vcpu, unsigned long cr3); diff --git a/arch/x86/kvm/mmu.h b/arch/x86/kvm/mmu.h index 253fb2093d5d..40111f4dae9e 100644 --- a/arch/x86/kvm/mmu.h +++ b/arch/x86/kvm/mmu.h @@ -237,8 +237,6 @@ static inline u8 permission_fault(struct kvm_vcpu *vcpu, struct kvm_mmu *mmu, return -(u32)fault & errcode; } -void kvm_zap_gfn_range(struct kvm *kvm, gfn_t gfn_start, gfn_t gfn_end); - int kvm_arch_write_log_dirty(struct kvm_vcpu *vcpu); int kvm_mmu_post_init_vm(struct kvm *kvm); diff --git a/arch/x86/kvm/mmu/mmu.c b/arch/x86/kvm/mmu/mmu.c index 10c323e2faa4..8c78807e0f45 100644 --- a/arch/x86/kvm/mmu/mmu.c +++ b/arch/x86/kvm/mmu/mmu.c @@ -6702,6 +6702,7 @@ static bool kvm_mmu_zap_collapsible_spte(struct kvm *kvm, return need_tlb_flush; } +EXPORT_SYMBOL_GPL(kvm_zap_gfn_range); static void kvm_rmap_zap_collapsible_sptes(struct kvm *kvm, const struct kvm_memory_slot *slot) From patchwork Mon Oct 16 13:28:04 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Roth X-Patchwork-Id: 13423344 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id B992FCDB465 for ; Mon, 16 Oct 2023 13:41:42 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 4F3198D008C; Mon, 16 Oct 2023 09:41:42 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 4A2B28D0001; Mon, 16 Oct 2023 09:41:42 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 36BC78D008C; Mon, 16 Oct 2023 09:41:42 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0011.hostedemail.com [216.40.44.11]) by kanga.kvack.org (Postfix) with ESMTP id 26B448D0001 for ; Mon, 16 Oct 2023 09:41:42 -0400 (EDT) Received: from smtpin19.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay07.hostedemail.com (Postfix) with ESMTP id E59B916037A for ; Mon, 16 Oct 2023 13:41:41 +0000 (UTC) X-FDA: 81351437202.19.2C4DB71 Received: from NAM12-BN8-obe.outbound.protection.outlook.com (mail-bn8nam12on2076.outbound.protection.outlook.com [40.107.237.76]) by imf09.hostedemail.com (Postfix) with ESMTP id D1ECD140009 for ; Mon, 16 Oct 2023 13:41:38 +0000 (UTC) Authentication-Results: imf09.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b=dZP3Sa9G; spf=pass (imf09.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.237.76 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com; arc=pass ("microsoft.com:s=arcselector9901:i=1"); dmarc=pass (policy=quarantine) header.from=amd.com ARC-Seal: i=2; s=arc-20220608; d=hostedemail.com; t=1697463699; a=rsa-sha256; cv=pass; b=QgBDwpIYnMOgInpLwJ/vyCrXh81WxmEDaxU8bFUt5Yf3wBR7/ke2Ve8as41mHZv6z35VvM bGYGthAsgF3DTCuaWNI+paRhIkMLLekZxgFIbZqqANdgPCTXmHhtVaMctT9iY2kvKNef+7 bSF6y1DDV6hTiYjB9lK7ZMpC++opW/I= ARC-Authentication-Results: i=2; imf09.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b=dZP3Sa9G; spf=pass (imf09.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.237.76 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com; arc=pass ("microsoft.com:s=arcselector9901:i=1"); dmarc=pass (policy=quarantine) header.from=amd.com ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1697463699; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=8hxv7UWGBvgSMNbe8UkazNxrQaFcb/05VFnmh4EPoMU=; b=o6e/teOdfzodi2pM510QBcVXJc/7aTppEqbIuCkFDgdwwe0SfqimQ4vJa8fC4S8wuX4I3H PWCN8uPz52QZAJ+s9fo8pAk5R+OdjwmMXegFtHF0K//5v6MTWUzIr2k0lx9ZYr5uwePajk TRCB5tStkxoYjKuTTMzqHej+IN74HfM= ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=FQGRn4Px2G5h6JZOrfdpR+Ghnd0PLHO89UvKPM6o2qRsHKTrSIfWh0gF8/hgjU2P+BX6AGkWK/J5llRybKc0hfuoY34ZjOlb4w88ji0EYvBSflNEnR7rDv+I11sx0lZxqs1+hhV18vh7pdnKdVJYkTaHLsKHLpQXwjnwDz+ayFQ8saKRjGPeV3Pjts1Mmy40TUg8tm8TIrgtto3XD383Xp3KIO9DedBzIV0mDU1cIvU/RIopOIcYo2MlB3YdMXEPLEGcsQuHjdaxKID2VmC4hZkRsR5TpKhSRNeu6FcjoMykOo+caMlCkklkQawrj1jEVp/+xWtTJN5Mz7LNjJfwxQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=8hxv7UWGBvgSMNbe8UkazNxrQaFcb/05VFnmh4EPoMU=; b=nRlRpU90hZM95Yuf/zQzjWZFH4cbw9WP+ILxMu/cF47xuuwgfX7WwvFJLvzNLHdSwPDPjhN/4El2z3r4/Ly9NHh2i2cw0MwJzmyLbugtDgMCbR3XSuJljMG6SQFLgThGtJA1lEEW1XYoFv9kSmYt4dtQK1Rpx2SljqG9Fw5KPd6ObAQlSapbpLnxfI+E2iwyrqt6YM9AATI8VeIQiPBKealch/0aSzndbh5375dEeuLFNdaveu7SLOrxFAFarXl6MzBwFl3ARZJwFFqGyPQj/tirIM0lJwUsusLwzkzNdDGwt+0RRwtRQf/UA+4EITqpm+1CjJU+cK8HIF1CUI8tRQ== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=8hxv7UWGBvgSMNbe8UkazNxrQaFcb/05VFnmh4EPoMU=; b=dZP3Sa9GyQ6gnFNpJxdC6fXcsweMqCuDL7pafXkbDdCC+OGI9INImzeouFxnHfU7OYUYTnCXOKY8Qhtp3ZYehXc40h0vrrogpZw940A09bWVz8ZRVBTK3WOYGlmOUiCI6YtLpGbLZm0yVayNaWbxw7saFiw2rpxUTk+R/cA4FCU= Received: from PH7PR17CA0057.namprd17.prod.outlook.com (2603:10b6:510:325::6) by IA1PR12MB8586.namprd12.prod.outlook.com (2603:10b6:208:44e::9) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6886.35; Mon, 16 Oct 2023 13:41:33 +0000 Received: from SN1PEPF000252A1.namprd05.prod.outlook.com (2603:10b6:510:325:cafe::b8) by PH7PR17CA0057.outlook.office365.com (2603:10b6:510:325::6) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6886.35 via Frontend Transport; Mon, 16 Oct 2023 13:41:33 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by SN1PEPF000252A1.mail.protection.outlook.com (10.167.242.8) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.6838.22 via Frontend Transport; Mon, 16 Oct 2023 13:41:33 +0000 Received: from localhost (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.27; Mon, 16 Oct 2023 08:41:30 -0500 From: Michael Roth To: CC: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , Brijesh Singh Subject: [PATCH v10 35/50] KVM: SEV: Add support to handle RMP nested page faults Date: Mon, 16 Oct 2023 08:28:04 -0500 Message-ID: <20231016132819.1002933-36-michael.roth@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20231016132819.1002933-1-michael.roth@amd.com> References: <20231016132819.1002933-1-michael.roth@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: SN1PEPF000252A1:EE_|IA1PR12MB8586:EE_ X-MS-Office365-Filtering-Correlation-Id: 211c9b9a-3f24-4fb9-5a13-08dbce4d9c5a X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: DY4HKDrYW+oRI8XNYyA/ptxyNzE9fqOOmRM0iWYOs/3qyCjdM6yzqCeSLmD9xrSxATlBfd5DfEXtsLbeBx2TlyYJ4OZN0u+hK05Qf+O9La4kywmAnRTK2maNhXop78mHkugRjeOMUk1BGcjb8SWbSSpgwZoQPsLUq7NgnU7o9z3PGNFJL1RrnjBcWlT7dJX3ghQCkfRZ7b1D1jZJRej/hZZhZAjKI3rkJCQ9jjv0BtbxL/dOcfIBC3IIE3yG0UFcMV1utK4YUyEh9JEt+cFu+k9EfPE+hgDb33sqJBbh/Th0Tb62IVAwVA+XAanPpZfgmKJLU5FukGkSd3mCb5J1YXS8QY1ERv3zaYyyYN2on8057JluQUk3eNYzLjYuugt94m/712XiPvK/UTRAWv5NGeHcrh0rCkfmy0Q7ssfCaNPIRRiwI906/MbZnuaQNZp2KX31FEAh9qaDiOOmopNDcCTUXzHObD00s6Y+g2vSoitHPbgWRpzM/sYCtVuW4xOEOo58PHcS75MELq9m3EwOFfF0hunU3qbQS678IraqF6cjHuai574Bygq373l9mAF0fAURr8HqGfEiOhld7bQYJSD4eP555XrWss3iaR+h9zKi4lXutukStdvUMdIX6HR/tAInVf+/rroGYZKImuJxkbE99fpR6pFg6QU8suS/H5/vON3Nx9QgW2yFOGb0OISwkOkhCwu7ZqMw1bYOoAw7qFL/+ZeLYYU+D0S0c+PfclDXhl1QL2ZZhfXwD7Y5r8ptdtuPyEs9viQKtr3sCnUgww== X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230031)(4636009)(39860400002)(346002)(376002)(396003)(136003)(230922051799003)(186009)(1800799009)(64100799003)(82310400011)(451199024)(36840700001)(46966006)(40470700004)(316002)(6916009)(478600001)(70586007)(54906003)(70206006)(6666004)(1076003)(26005)(336012)(2616005)(16526019)(426003)(7406005)(7416002)(8676002)(8936002)(4326008)(2906002)(44832011)(5660300002)(41300700001)(36756003)(81166007)(86362001)(47076005)(356005)(36860700001)(83380400001)(82740400003)(40460700003)(40480700001)(36900700001);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 16 Oct 2023 13:41:33.3246 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 211c9b9a-3f24-4fb9-5a13-08dbce4d9c5a X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: SN1PEPF000252A1.namprd05.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: IA1PR12MB8586 X-Rspamd-Server: rspam08 X-Rspamd-Queue-Id: D1ECD140009 X-Stat-Signature: j39nbdsagpommbxr76d8apxnjnx7cagm X-Rspam-User: X-HE-Tag: 1697463698-111088 X-HE-Meta: U2FsdGVkX1993X8hi3y4GRfiW+RDt7QZ5BGnDJ5GJ1Q39/bfjVaWcbCTtB4sUOksRJKr3NuyI5AEgmvlNi3RFiGf9Om75Eko5rZ6mySBMlvgeN29575IS9UxbIJF18FAoMxh/i0PLc/itg0ZJ0/bEMv9jRZMHVyrfzmCnQtiZ6pEFUI3zobV6zzeYvv8VntyGi4Sjwpqq3BcFHnisiHlXGNSOVTAjchP/pUylr1gByeKCR774DSMgBJEuQsbYi9a0Of0Uy3uKaqNnpTLjDUbYo1+BD8fxXyPGZI+yfBJ243zv/ATY2P/RIKNmGxNMYQAF40wb3utImRcOib50VXbK+GuLS6qrpmW7WjMdFouJWl+vr4HyuoQz8oEIiOZdFGnLTMy4VneE/k4/9J19ktmfdmWm5hYsSr+L0PD7V5JO7ijFC1gpk3WF2UVJSFS2nREc2OZHT59ly7EEiTR46Y2HCEJQyfEzn7x0eeGANpYHdNrOdG0F7s5qxvjCD5PKMh9Jp7J/9+xC8vwLFHRJvzNgT877TpqpSal3MAnGqQbTTG1tS3DkL75OYEPEp3do7sRFb2leJXeLVBsimy/3H6RnYcl8M4h6OBkyG0/IRugG/8JbZOm2FKWrNNUxUJjFuTJ1JO8vYiKVCSgqVcAinkAyyzr6AIhJT31YhuxQ9cfXrQ0yAXz1KNLOIeiCtO3r5voyJYASyz9BY6HhrqiNwa9ls+qwddC3UlhF0lT9bdRT+QouXmh30rFzJepFg1UpRmtKmUug4h2yw/PyiZzXqUXoghCUDzXoerRDHgoV6KqX0L85Ywp/ctfd+W6VYSun1QTWLQTPtziuiDCAoP/a6h+nLRRw1cTpx2yuMgk6bBq3gMu0F9ejSEVJVTQuuaZ1ZpDhQ37mialF9eDWOv0IBfmz6d+10bKirKaEzOFGLy1nTF9eKEhGQV87I0aPP9Wt1FgwaE1s6F1FvpSsCLAiJ2 +CdrxQ73 wfqcks1eV/qR8RTUJhaCNjSg/+J4/o0NmT1LgY6gekWYCsaU+VF3SUMir3DT/X3imFF9SdWEsGjwVmuaa7dtBHplCMw1uxlki2dYQQpU+ZT5KfvE/kJC3XoDCQe8A7ygAfC3T6vaGcJdgvzOK3laibbLxbcysnHYE+qIcwNbKLDTDp6X0nDLtXXrautWMq9O3ERf4z18+z37NPGwic7vIO9ts0nC2rNCpNYqiihXxqqeYFrAx2JbG1EzrEqPcbGkGa1+6eIw0PbGSyL+ORiyJ/dHSWzEawyLW7q9XSYZECk7bdrtRVDpnADiN0tgiD1TX7Xeece73KMUiHyY= X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: From: Brijesh Singh When SEV-SNP is enabled in the guest, the hardware places restrictions on all memory accesses based on the contents of the RMP table. When hardware encounters RMP check failure caused by the guest memory access it raises the #NPF. The error code contains additional information on the access type. See the APM volume 2 for additional information. When using gmem, RMP faults resulting from mismatches between the state in the RMP table vs. what the guest expects via its page table result in KVM_EXIT_MEMORY_FAULTs being forwarded to userspace to handle. This means the only expected case that needs to be handled in the kernel is when the page size of the entry in the RMP table is larger than the mapping in the nested page table, in which case a PSMASH instruction needs to be issued to split the large RMP entry into individual 4K entries so that subsequent accesses can succeed. Co-developed-by: Michael Roth Signed-off-by: Michael Roth Signed-off-by: Brijesh Singh Signed-off-by: Ashish Kalra --- arch/x86/include/asm/sev-common.h | 3 + arch/x86/kvm/svm/sev.c | 92 +++++++++++++++++++++++++++++++ arch/x86/kvm/svm/svm.c | 21 +++++-- arch/x86/kvm/svm/svm.h | 1 + 4 files changed, 113 insertions(+), 4 deletions(-) diff --git a/arch/x86/include/asm/sev-common.h b/arch/x86/include/asm/sev-common.h index 9febc1474a30..15d8e9805963 100644 --- a/arch/x86/include/asm/sev-common.h +++ b/arch/x86/include/asm/sev-common.h @@ -188,6 +188,9 @@ struct snp_psc_desc { /* RMUPDATE detected 4K page and 2MB page overlap. */ #define RMPUPDATE_FAIL_OVERLAP 4 +/* PSMASH failed due to concurrent access by another CPU */ +#define PSMASH_FAIL_INUSE 3 + /* RMP page size */ #define RMP_PG_SIZE_4K 0 #define RMP_PG_SIZE_2M 1 diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c index 0287fadeae76..0a45031386c2 100644 --- a/arch/x86/kvm/svm/sev.c +++ b/arch/x86/kvm/svm/sev.c @@ -3270,6 +3270,13 @@ static void set_ghcb_msr(struct vcpu_svm *svm, u64 value) svm->vmcb->control.ghcb_gpa = value; } +static int snp_rmptable_psmash(kvm_pfn_t pfn) +{ + pfn = pfn & ~(KVM_PAGES_PER_HPAGE(PG_LEVEL_2M) - 1); + + return psmash(pfn); +} + static int snp_complete_psc_msr_protocol(struct kvm_vcpu *vcpu) { struct vcpu_svm *svm = to_svm(vcpu); @@ -3816,3 +3823,88 @@ struct page *snp_safe_alloc_page(struct kvm_vcpu *vcpu) return p; } + +void handle_rmp_page_fault(struct kvm_vcpu *vcpu, gpa_t gpa, u64 error_code) +{ + struct kvm_memory_slot *slot; + struct kvm *kvm = vcpu->kvm; + int order, rmp_level, ret; + bool assigned; + kvm_pfn_t pfn; + gfn_t gfn; + + gfn = gpa >> PAGE_SHIFT; + + /* + * The only time RMP faults occur for shared pages is when the guest is + * triggering an RMP fault for an implicit page-state change from + * shared->private. Implicit page-state changes are forwarded to + * userspace via KVM_EXIT_MEMORY_FAULT events, however, so RMP faults + * for shared pages should not end up here. + */ + if (!kvm_mem_is_private(kvm, gfn)) { + pr_warn_ratelimited("SEV: Unexpected RMP fault, size-mismatch for non-private GPA 0x%llx\n", + gpa); + return; + } + + slot = gfn_to_memslot(kvm, gfn); + if (!kvm_slot_can_be_private(slot)) { + pr_warn_ratelimited("SEV: Unexpected RMP fault, non-private slot for GPA 0x%llx\n", + gpa); + return; + } + + ret = kvm_gmem_get_pfn(kvm, slot, gfn, &pfn, &order); + if (ret) { + pr_warn_ratelimited("SEV: Unexpected RMP fault, no private backing page for GPA 0x%llx\n", + gpa); + return; + } + + ret = snp_lookup_rmpentry(pfn, &assigned, &rmp_level); + if (ret || !assigned) { + pr_warn_ratelimited("SEV: Unexpected RMP fault, no assigned RMP entry found for GPA 0x%llx PFN 0x%llx error %d\n", + gpa, pfn, ret); + goto out; + } + + /* + * There are 2 cases where a PSMASH may be needed to resolve an #NPF + * with PFERR_GUEST_RMP_BIT set: + * + * 1) RMPADJUST/PVALIDATE can trigger an #NPF with PFERR_GUEST_SIZEM + * bit set if the guest issues them with a smaller granularity than + * what is indicated by the page-size bit in the 2MB-aligned RMP + * entry for the PFN that backs the GPA. + * + * 2) Guest access via NPT can trigger an #NPF if the NPT mapping is + * smaller than what is indicated by the 2MB-aligned RMP entry for + * the PFN that backs the GPA. + * + * In both these cases, the corresponding 2M RMP entry needs to + * be PSMASH'd to 512 4K RMP entries. If the RMP entry is already + * split into 4K RMP entries, then this is likely a spurious case which + * can occur when there are concurrent accesses by the guest to a 2MB + * GPA range that is backed by a 2MB-aligned PFN who's RMP entry is in + * the process of being PMASH'd into 4K entries. These cases should + * resolve automatically on subsequent accesses, so just ignore them + * here. + */ + if (rmp_level == PG_LEVEL_4K) { + pr_debug_ratelimited("%s: Spurious RMP fault for GPA 0x%llx, error_code 0x%llx", + __func__, gpa, error_code); + goto out; + } + + pr_debug_ratelimited("%s: Splitting 2M RMP entry for GPA 0x%llx, error_code 0x%llx", + __func__, gpa, error_code); + ret = snp_rmptable_psmash(pfn); + if (ret && ret != PSMASH_FAIL_INUSE) + pr_err_ratelimited("SEV: Unable to split RMP entry for GPA 0x%llx PFN 0x%llx ret %d\n", + gpa, pfn, ret); + + kvm_zap_gfn_range(kvm, gfn, gfn + PTRS_PER_PMD); +out: + put_page(pfn_to_page(pfn)); +} diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c index 8e4ef0cd968a..563c9839428d 100644 --- a/arch/x86/kvm/svm/svm.c +++ b/arch/x86/kvm/svm/svm.c @@ -2046,15 +2046,28 @@ static int pf_interception(struct kvm_vcpu *vcpu) static int npf_interception(struct kvm_vcpu *vcpu) { struct vcpu_svm *svm = to_svm(vcpu); + int rc; u64 fault_address = svm->vmcb->control.exit_info_2; u64 error_code = svm->vmcb->control.exit_info_1; trace_kvm_page_fault(vcpu, fault_address, error_code); - return kvm_mmu_page_fault(vcpu, fault_address, error_code, - static_cpu_has(X86_FEATURE_DECODEASSISTS) ? - svm->vmcb->control.insn_bytes : NULL, - svm->vmcb->control.insn_len); + rc = kvm_mmu_page_fault(vcpu, fault_address, error_code, + static_cpu_has(X86_FEATURE_DECODEASSISTS) ? + svm->vmcb->control.insn_bytes : NULL, + svm->vmcb->control.insn_len); + + /* + * rc == 0 indicates a userspace exit is needed to handle page + * transitions, so do that first before updating the RMP table. + */ + if (error_code & PFERR_GUEST_RMP_MASK) { + if (rc == 0) + return rc; + handle_rmp_page_fault(vcpu, fault_address, error_code); + } + + return rc; } static int db_interception(struct kvm_vcpu *vcpu) diff --git a/arch/x86/kvm/svm/svm.h b/arch/x86/kvm/svm/svm.h index c4449a88e629..c3a37136fa30 100644 --- a/arch/x86/kvm/svm/svm.h +++ b/arch/x86/kvm/svm/svm.h @@ -715,6 +715,7 @@ void sev_vcpu_deliver_sipi_vector(struct kvm_vcpu *vcpu, u8 vector); void sev_es_prepare_switch_to_guest(struct sev_es_save_area *hostsa); void sev_es_unmap_ghcb(struct vcpu_svm *svm); struct page *snp_safe_alloc_page(struct kvm_vcpu *vcpu); +void handle_rmp_page_fault(struct kvm_vcpu *vcpu, gpa_t gpa, u64 error_code); /* vmenter.S */ From patchwork Mon Oct 16 13:28:05 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Roth X-Patchwork-Id: 13423345 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 161DACDB465 for ; Mon, 16 Oct 2023 13:41:58 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 911958D008D; Mon, 16 Oct 2023 09:41:58 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 8C1E08D0001; Mon, 16 Oct 2023 09:41:58 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 763128D008D; Mon, 16 Oct 2023 09:41:58 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0015.hostedemail.com [216.40.44.15]) by kanga.kvack.org (Postfix) with ESMTP id 67EF08D0001 for ; Mon, 16 Oct 2023 09:41:58 -0400 (EDT) Received: from smtpin01.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay09.hostedemail.com (Postfix) with ESMTP id 19E948095E for ; Mon, 16 Oct 2023 13:41:58 +0000 (UTC) X-FDA: 81351437916.01.87790ED Received: from NAM10-DM6-obe.outbound.protection.outlook.com (mail-dm6nam10on2056.outbound.protection.outlook.com [40.107.93.56]) by imf26.hostedemail.com (Postfix) with ESMTP id 06FD114000E for ; Mon, 16 Oct 2023 13:41:54 +0000 (UTC) Authentication-Results: imf26.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b=DXSQnPfZ; spf=pass (imf26.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.93.56 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com; dmarc=pass (policy=quarantine) header.from=amd.com; arc=pass ("microsoft.com:s=arcselector9901:i=1") ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1697463715; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=pOBrlc6modSCEOxUvub452YGuS7hs3qlfXqRI5nxIlw=; b=pdUl/vRDBd/2gYahdSWkZVOfNhh+/5/q2kBxEPRSZDUPQ6hb1eHC/fhVtXbkQN2KZp2Zzl XOgcKwT1YCvOv0S/F0xYQRmTvxM55Hxf0hvQrNH/j+R3Hq+G18hFhIVx4hNlm/1lrC02L0 JHDfQOXIjRhYemfqOaaCBqIzw7CGv54= ARC-Seal: i=2; s=arc-20220608; d=hostedemail.com; t=1697463715; a=rsa-sha256; cv=pass; b=HWwK1i3nyJzRv8mvlmqx04fZguMUdeowW639dlPqiFOGbmUQYCyHHHaLssrFSV9Tb5kTOC MXp/YU/yECQbpaQ1sq5U8kIFxBa+6Zz7pKkL7YkXdf1K6WRwRFxJ69QVVv97liG8nzNcqB DJs6zIGE9BLoAdEG7jlK0y+qyfA+iB8= ARC-Authentication-Results: i=2; imf26.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b=DXSQnPfZ; spf=pass (imf26.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.93.56 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com; dmarc=pass (policy=quarantine) header.from=amd.com; arc=pass ("microsoft.com:s=arcselector9901:i=1") ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=WD4c+sBx+urkYoAuC+8sPksXT/tj/doHWB+DZ/zsd6XtvRLy0hoYa2lS81+pkFOeK1KhfKs0UzRL/zY59qbZwcZOL3WBV6ghe3De4ZLfU0PpuMRdsBZTdeJ6RXlIX37KTg99rv7HOrzxDYP+J1vBBflOP4BYHWE83aipMJk1Nk/aFRwCP6CEXfAOAcPmQC0e0FFzE5b8Py4c2/bjHtZUOkoesB0nONklGf5rE5+uq9IDePhKHggd6H/RpmX1YIm9Qt3GbffjaxHfgjTMhfPx+C4JytVYqxPWbFmm07gKKDAqjGWVXwvu6iH53GjBMlX0keDZzdmzV+IxYuXEQtu4OQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=pOBrlc6modSCEOxUvub452YGuS7hs3qlfXqRI5nxIlw=; b=R6c7ff3EEhMbmFmzP898SuIjfQp/G27fQHwPCDJP7qxYVuvMKHSBZH4fcL1hOvmMiWTHNbj2vGyC4w6HR326d2XHgnF7hkX6iYqSx0quebdziAhkD6yDafcwF3U9fRkf7LLXV7+7crE70w6wRlo60tQx0RCkKcmBpfcJnFnalfbm7B/zYNQdrLFNqlki5/qfFk4aQHnE3i5o7HRPXu3DXfKVXMZSfZJXf+JMozv4VhKzHa7k4mL2GS3frNjm9cNMAr3iK1Lk94R2D9yqdLz9CbFkT9ZUZ3Ac6GHq5oyr0MWDRd+eHSH7jZr2BYdg1IA8+8M3VgscCaT9c//a1H9tQA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=pOBrlc6modSCEOxUvub452YGuS7hs3qlfXqRI5nxIlw=; b=DXSQnPfZVRbFTA7miX6g88lbjwx93bZXMrNlhV02XBk1CwELoHeYVJ6cTh+wcPSc+HlNlQB1cgqR+SmIhSb6TQJ8LMt5Ye+eixyFQjL2/cI9l3JGOYeczIxiVzH4PJCBDjOtgZav3mMqnbwiTwBIS4jjD28DL785kda0n5y95/I= Received: from BY5PR13CA0019.namprd13.prod.outlook.com (2603:10b6:a03:180::32) by MW4PR12MB7384.namprd12.prod.outlook.com (2603:10b6:303:22b::15) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6886.35; Mon, 16 Oct 2023 13:41:52 +0000 Received: from SN1PEPF0002529E.namprd05.prod.outlook.com (2603:10b6:a03:180:cafe::51) by BY5PR13CA0019.outlook.office365.com (2603:10b6:a03:180::32) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6907.18 via Frontend Transport; Mon, 16 Oct 2023 13:41:52 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by SN1PEPF0002529E.mail.protection.outlook.com (10.167.242.5) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.6838.22 via Frontend Transport; Mon, 16 Oct 2023 13:41:51 +0000 Received: from localhost (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.27; Mon, 16 Oct 2023 08:41:51 -0500 From: Michael Roth To: CC: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , Subject: [PATCH v10 36/50] KVM: SEV: Use a VMSA physical address variable for populating VMCB Date: Mon, 16 Oct 2023 08:28:05 -0500 Message-ID: <20231016132819.1002933-37-michael.roth@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20231016132819.1002933-1-michael.roth@amd.com> References: <20231016132819.1002933-1-michael.roth@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: SN1PEPF0002529E:EE_|MW4PR12MB7384:EE_ X-MS-Office365-Filtering-Correlation-Id: 14f8e783-901e-4b93-2796-08dbce4da767 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: XuuqGVj7aOhV5LUtlMxfEqkE+ttbRAdBltxfVx/uob/xe/in/p5sNOjzU8s4eyctdqD4kU6pQyd8+HyMQxITGxSDIndkNtC+5NcmOUdJEdJ+qoWBvQHkymvqB2hedypaNSUf1690MiYHtEa89g5SNxGMYztNYzi/8RgjChBksotYRh08NsESysMe5Cvm9Fk2MBPcotKqyzN75Ma8qxAv7lTHLKUzvqdF10SKdGWR3GwZdgoaL0ryBB/s7y2f3/j031GYQeylyIvs6NA+8RPy+0l8lB9iwa1Saz4fEwh/6TRx5DydEFj1xTdMEvJKqBb0/A9bzkx1k/awy5y0/pcSsh0vXBn3M+72iy4NLbwPpgHtqwxtZGxvzPxbL4d4TD/9sysPqOYJj3f2+mTlf1kelVncZ5KxJz57gLUi5QCMBgeMgqTRQ8IfCl6KVSJzph5KepKgpS2dPc/yznhMX6XvldwV2SQdWizsBprXO4myo4UuhfEZ6AGn2dlmc86TKlA8Zy9YAw6zVZ6JyT6U9M7bxmNZORNcUHau9YXAYv8JRE8y8O8pBGOThYchpO3HY6ySmHELV2c4HSie4hp/j/wvBOk35p34yLzReB6d2xLJx8iyLJ6SuqUA+iNqVOXchRf5Ajf5jw1qABLriqXdFxqz4Z+c4EE7D/QZE4XziTjpuzLxui9lle9BEZR8BcWZTVnXJ4wsDjfYBUyUIYfvgBGOxY2jxOXxI6JdVQe9JmPDeZvCaWokc+C4b1/EFZ8N2XL6EO/6FF9f2Wp7E1pAJF4ubw== X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230031)(4636009)(39860400002)(346002)(376002)(396003)(136003)(230922051799003)(186009)(64100799003)(82310400011)(1800799009)(451199024)(46966006)(40470700004)(36840700001)(6916009)(478600001)(70586007)(54906003)(70206006)(6666004)(26005)(1076003)(316002)(426003)(336012)(2616005)(16526019)(7406005)(7416002)(4326008)(8676002)(8936002)(2906002)(44832011)(5660300002)(41300700001)(36756003)(81166007)(86362001)(356005)(47076005)(36860700001)(83380400001)(82740400003)(40480700001)(40460700003)(36900700001);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 16 Oct 2023 13:41:51.8635 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 14f8e783-901e-4b93-2796-08dbce4da767 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: SN1PEPF0002529E.namprd05.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: MW4PR12MB7384 X-Rspamd-Queue-Id: 06FD114000E X-Rspam-User: X-Stat-Signature: 8ye5jt8hzequjm8yuesg9ybg45ptgz6o X-Rspamd-Server: rspam03 X-HE-Tag: 1697463714-718687 X-HE-Meta: U2FsdGVkX18gQf7e1dTMbiwvQs6QTsETXZb86ugvY8adW3r9mPJYYqDWLSHvTjiJiHschB0RqsRFXb34lrBY4ZWNnO3OsZDSHebqaGQMORftCo4VvnPxGCVrBiSbxYzDndN+beGeSxpIi9QpXWmTgYV/ONDcHahWVyWqOy3Km0tVqvONF8uvUvV7FaUIaXv8OZJ+aOQP/IZ3Fje6ZSNvQT5B4oHPE9a0pVYmAhEwtsyh5J9mVyYr79iXNtDxm/k6YEagzTnx21MQy0k0EqoXa4hPnN4/15LxDrIyolmXwGqM7xwfFaQIaSQRDLOotQhAsBIPGUkNpx1iyaAXITxqX2esTwrIlWlFygHJZbmCuoeLPGcaWeWdO82XUYxHhLGpKskNo3an+zOZuSpnO/NOzhbIQI+LfTCbzJ8jKC0gNLbm/+8rKZGXlAKevlOa7gGqJH+AnFZyFv8iNVmM013nj3e4gdPT6fbfVwwCTMzgMgCOeYRFiYZ6kkKXC5v6s7vOX8iGaLWYYBEpNj8eU0clueBX88UPike3pXBx9/Stc0acZwe6497Z56q1i+4lOHshFleeNJh9aiYqM4c/zM1/2aw2viqU+mnyVqfdNc9UyRkVmOHuPisCJ/coP0DrEiTECjMmt6ZmZrQvC9OCWZgalI+u5c78T/SWd0Yk673+VA2nBqjTNXwh0eU/NhBnoYE+l+601nKeFKAWh4WOszH9bI6a7tEKI/m0p6fVwASouenIIpfYnV0zmrBwHW5s6uKrhr2tHlEQtCszwf4OvqDuxpQBK+ePU+pJ+iIOdSFb/EBJTlkVb4FzQDBvTVKOmU/Sl7Rtjtb773Ao2nCq/bHzH3fO9AVoHqH/jmBATxAz/hatVcXB3lREnx1mWoABzUFIRgMs8LZGBVVd6hL4jVY8dbKgl8xBKplcKLsPGeIW5BFk8t9MMRfFNKmMyoNG0fyhAi8/e7VhAJBIanbjghc gnryfV4c Hex0aQJBmcY4uKsgjRxB5kuKXY7cXre7uGpNat4kD6KK1V5pqcg5OO3fv8lqS+taglk3SRlk2LvpzdQ9GOusNKBxnmmn/Ov3DBZixzzzJ9RqA8iz6pgu9Bv+5+8u0HuMuISreX6WkP/f+bTtFVus2VYt08ouHd3ZaK0TQHcioROiWFqkMIXGFva6xXtF7Azrt4Fj/v91RBEak3v9yYdRWtbZOIyhdlL0U37ABIw0APGeJ0Yz5arCZ6Zzot5KzQ4ApZ2mKwGTPYgYVHxiM9Quky1IKmFeAXMDYFDa5XVNHBVv7dqfbLU5cgW9o4itphn2NMKNxynX16h3akww= X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: From: Tom Lendacky In preparation to support SEV-SNP AP Creation, use a variable that holds the VMSA physical address rather than converting the virtual address. This will allow SEV-SNP AP Creation to set the new physical address that will be used should the vCPU reset path be taken. Signed-off-by: Tom Lendacky Signed-off-by: Ashish Kalra --- arch/x86/kvm/svm/sev.c | 3 +-- arch/x86/kvm/svm/svm.c | 9 ++++++++- arch/x86/kvm/svm/svm.h | 1 + 3 files changed, 10 insertions(+), 3 deletions(-) diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c index 0a45031386c2..f36d72ca2cf7 100644 --- a/arch/x86/kvm/svm/sev.c +++ b/arch/x86/kvm/svm/sev.c @@ -3639,8 +3639,7 @@ static void sev_es_init_vmcb(struct vcpu_svm *svm) * the VMSA will be NULL if this vCPU is the destination for intrahost * migration, and will be copied later. */ - if (svm->sev_es.vmsa) - svm->vmcb->control.vmsa_pa = __pa(svm->sev_es.vmsa); + svm->vmcb->control.vmsa_pa = svm->sev_es.vmsa_pa; /* Can't intercept CR register access, HV can't modify CR registers */ svm_clr_intercept(svm, INTERCEPT_CR0_READ); diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c index 563c9839428d..c04c554e5675 100644 --- a/arch/x86/kvm/svm/svm.c +++ b/arch/x86/kvm/svm/svm.c @@ -1463,9 +1463,16 @@ static int svm_vcpu_create(struct kvm_vcpu *vcpu) svm->vmcb01.pa = __sme_set(page_to_pfn(vmcb01_page) << PAGE_SHIFT); svm_switch_vmcb(svm, &svm->vmcb01); - if (vmsa_page) + if (vmsa_page) { svm->sev_es.vmsa = page_address(vmsa_page); + /* + * Do not include the encryption mask on the VMSA physical + * address since hardware will access it using the guest key. + */ + svm->sev_es.vmsa_pa = __pa(svm->sev_es.vmsa); + } + svm->guest_state_loaded = false; return 0; diff --git a/arch/x86/kvm/svm/svm.h b/arch/x86/kvm/svm/svm.h index c3a37136fa30..0ad76ed4d625 100644 --- a/arch/x86/kvm/svm/svm.h +++ b/arch/x86/kvm/svm/svm.h @@ -200,6 +200,7 @@ struct vcpu_sev_es_state { struct ghcb *ghcb; u8 valid_bitmap[16]; struct kvm_host_map ghcb_map; + hpa_t vmsa_pa; bool received_first_sipi; unsigned int ap_reset_hold_type; From patchwork Mon Oct 16 13:28:06 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Roth X-Patchwork-Id: 13423346 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id D96D3CDB465 for ; Mon, 16 Oct 2023 13:42:32 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 62C9C8D008E; Mon, 16 Oct 2023 09:42:32 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 5DBCD8D0001; Mon, 16 Oct 2023 09:42:32 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 42E8A8D008E; Mon, 16 Oct 2023 09:42:32 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0017.hostedemail.com [216.40.44.17]) by kanga.kvack.org (Postfix) with ESMTP id 327278D0001 for ; Mon, 16 Oct 2023 09:42:32 -0400 (EDT) Received: from smtpin02.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay02.hostedemail.com (Postfix) with ESMTP id 05B371208F0 for ; Mon, 16 Oct 2023 13:42:32 +0000 (UTC) X-FDA: 81351439344.02.6BE0CEA Received: from NAM11-BN8-obe.outbound.protection.outlook.com (mail-bn8nam11on2041.outbound.protection.outlook.com [40.107.236.41]) by imf21.hostedemail.com (Postfix) with ESMTP id 0CD6C1C001F for ; Mon, 16 Oct 2023 13:42:28 +0000 (UTC) Authentication-Results: imf21.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b=DWrPYm5i; spf=pass (imf21.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.236.41 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com; dmarc=pass (policy=quarantine) header.from=amd.com; arc=pass ("microsoft.com:s=arcselector9901:i=1") ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1697463749; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=r45yJPVBsyi6Tp27ZkpOjiP1aawUlKlhwCwzfweavXM=; b=iAkenD68OXAvsCBelcNmPvPLW7FoLR+5FYevVMXw9rxCIPtjgpRSVLK1w/Ay59X+6zJSFE UzI6Fi+z0t7wGPTPQKb1VWoLk77yxUG+/uOGeWvIoVRHO8lDmyhTeiZRLK3bDxKFg0Q/w6 smRa3MxGD8kWZf6XHxVxVUMCRYDEcWg= ARC-Seal: i=2; s=arc-20220608; d=hostedemail.com; t=1697463749; a=rsa-sha256; cv=pass; b=4s/NKA/u36DB5htbMPpnePpFvBtWIplSxDRfWf0ca3VkWRtIRHLL73rBD5m4iRO0CX5YUv PBUkMvSCBYNXuUsVLJ0PVjp8SAf88ivNsmqc3bSPuWLk3udpwIJyl8R5hLsjECN6X+stbf yIzAkdIR5DJ04cOLWkcSzVlOG7IgOi4= ARC-Authentication-Results: i=2; imf21.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b=DWrPYm5i; spf=pass (imf21.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.236.41 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com; dmarc=pass (policy=quarantine) header.from=amd.com; arc=pass ("microsoft.com:s=arcselector9901:i=1") ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=TanYDP25SBtyafAmWDl45gTmhB2uJx7QOeft94QjxlBwFUXPJ2Uq0mGNfoFa1jV8CqQwaY80U76cKrqMjo/Ey8ngvtXsqxGtSALvv0XmhOlkM00h6lIzDnIM0CRMRHqeiJfAEtww1zXnNxckw4VVFksozgMC5avXk0XeocBusbicUW4O6d9LPjenrneDb7283C7CN/v8ZaDeR4WSRTfQ7x7+DqS1gB9bY631CLvthFp+FKq+2jbjy0cyssILDb0vzt6WGKT+swvR4FVTPOmgeiL6ga9mnE/6Vx2LdBXzlg5P+zkTJkxPD5yFgfsFJK48Y6ufBLtodHnUjnFrG9BcEQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=r45yJPVBsyi6Tp27ZkpOjiP1aawUlKlhwCwzfweavXM=; b=i4nT6E9S9+hUh5bAYGDgjtHjaBMImKpbRTk5CjnLMRdM4tatGJep33qf67Dtc0pQfQdjHtGn6f7EDPABEyRtwuDhLCsoz0ZGylpBkstZtMaUUy/axJFmLr3DMbGJW9YjG6F8K9JaZhBC/Q2KDzB4JyOjAwQL6mQQonhDugy0zuooKBTXYEp+m+51cJLWgmCHaEasLt62X5KPIYNaIynXuueUIQcCCpGBin6QA6TEk3RAxQ2dwOFXfTstvIgsaUeQ87gIZlOJdACF4ImURCzgW+BDFSw1ONtHUiEHnR+YeYGIw4e3z5/IqiQiooftJKZN01Vn6ElmNPxh1L/l5EdNXg== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=r45yJPVBsyi6Tp27ZkpOjiP1aawUlKlhwCwzfweavXM=; b=DWrPYm5ieHD4fo8/DWlHRf7VvvTVd2tM8gvLvf8ZUT/zJDL8rDJT1BCZPPO/XophkY6fISt5eQbHm3LumIOkoZIq28XBWnqQI/Esj0N4cK9jm5Kwq/RDJzh1YMMTtwiaLbjqSxo1V7fQh3RSxJcaP3SworI6xFS8Ho/DoB2N49w= Received: from SJ0PR03CA0008.namprd03.prod.outlook.com (2603:10b6:a03:33a::13) by DS0PR12MB8816.namprd12.prod.outlook.com (2603:10b6:8:14f::22) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6886.35; Mon, 16 Oct 2023 13:42:26 +0000 Received: from SN1PEPF000252A0.namprd05.prod.outlook.com (2603:10b6:a03:33a:cafe::60) by SJ0PR03CA0008.outlook.office365.com (2603:10b6:a03:33a::13) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6886.34 via Frontend Transport; Mon, 16 Oct 2023 13:42:25 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by SN1PEPF000252A0.mail.protection.outlook.com (10.167.242.7) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.6838.22 via Frontend Transport; Mon, 16 Oct 2023 13:42:12 +0000 Received: from localhost (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.27; Mon, 16 Oct 2023 08:42:11 -0500 From: Michael Roth To: CC: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , Brijesh Singh Subject: [PATCH v10 37/50] KVM: SEV: Support SEV-SNP AP Creation NAE event Date: Mon, 16 Oct 2023 08:28:06 -0500 Message-ID: <20231016132819.1002933-38-michael.roth@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20231016132819.1002933-1-michael.roth@amd.com> References: <20231016132819.1002933-1-michael.roth@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: SN1PEPF000252A0:EE_|DS0PR12MB8816:EE_ X-MS-Office365-Filtering-Correlation-Id: 27b41b2a-6ac9-4b5a-8b7f-08dbce4dbb8d X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: Csc9YgH+1BqbDMj3zurBRvBzOZiYq01ohkcyqDbwTheCU5b93o1FUK76uDOHbWuUFyRbz1e0mJSgyhXxwKqgGN6lqq248Rp8kdtqwLQ/3mrQXC88hGToG6qSSpRj+fHWY99/9RZcV/poAITC6luWJuMBCSb/QS8n74kPyA3BT3BPRtYpEke7VST67eH1pk65nMfDotKo8wV+jAIEZ0HoNh4sdXHZwWf6KwJ0+k7Nh6ZHGIKH8HwqSUNz7Z5JRA4OPBQBcNHQm/nF58bXT42XUcJnuhe54bj9wBuLp3hsN5iZ7+8BI7RgCmzIka2CtQBPS65jBZzo+s0N2sOjFKbD/Q/zPvIGluSK4u8SLWgp0DFBa87KadO5YG+9n6jzTk/wVMltjbQslTyaFonjiiajP8nGeYqAFcYS3h0gWu4HD0ZTO5CWQlh4brsIThGdnwJSpuZed7pkoAz3Sa92zkj6QMECkVTO3Ndw7Rw/Z++WsvN4m1ai6NtfFPkRDQfY00KVdjmj1ndLlia1u3p5HW9hNhx3O+P3/9W/HY7o4dPvUFcNnk7W5dPOB44HL+p5SpPIftHgPyZJ15EUeS33tkMKONnajw26pYyGs93GkDvysLjOY9LFpPuihZmjp0eDvumrsOaBXIouvOZ3mUTTeuIkKXPm5wF3dnpRmn39mog95s6Q/xWg2S43bqusFO93ri8bMamIxqGWYDBTD7HEb27mjOUsFMqmmt0Ox+iOtum2EBvQjDQFpBha3loWdM3P1J80cYoeyGmv0Hu+Htr8cYW+ag== X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230031)(4636009)(39860400002)(376002)(136003)(346002)(396003)(230922051799003)(82310400011)(1800799009)(186009)(64100799003)(451199024)(40470700004)(46966006)(36840700001)(70206006)(70586007)(2616005)(6916009)(54906003)(478600001)(316002)(7406005)(426003)(1076003)(336012)(26005)(16526019)(5660300002)(8676002)(8936002)(4326008)(30864003)(44832011)(2906002)(7416002)(41300700001)(86362001)(6666004)(36756003)(82740400003)(356005)(47076005)(83380400001)(36860700001)(81166007)(40460700003)(40480700001)(36900700001);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 16 Oct 2023 13:42:12.7789 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 27b41b2a-6ac9-4b5a-8b7f-08dbce4dbb8d X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: SN1PEPF000252A0.namprd05.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: DS0PR12MB8816 X-Rspamd-Queue-Id: 0CD6C1C001F X-Rspam-User: X-Rspamd-Server: rspam11 X-Stat-Signature: sbazdta4k99eu8ijsmj5sei5cf8jbweh X-HE-Tag: 1697463748-122631 X-HE-Meta: U2FsdGVkX19S7qKGs9oKpHEumW+o4nlWxAsb8CBYa3zQCx86e0n3vzFgHoJn5e051MGnvQOP7Ix/alr1TlcMiOXbiTjVil4K5YEoTpGs1FJcKX5/+2qGOBkla5OP9jvYfe/1CWFIfzfamgD6Sv2HcBwEdKNBZcVqlpFdefPlWB5FUmXpSXay3dL7lIw2gUTS6H9Y7CqZ023hs5xruwXOggR6SM/R1NWk1Ruip5jJjTYs3ZX0BEyAgLWHlZBBsMxZeUKfrWq1rpaz9tzEAc7gTC+En3JQOh+qwUDRwN9V+VFcf9Z6GOb8k0rSwRIAwkJH6Z/g2S7F/aMTH67hKKZIrFIvzyy6Wy3bgWDZdRY4F3em97fTNcSWRQM9W6RIlWQxbE55Sv/gLJA6VbqqVAXMDt6rPtDtGsWlnexalbcDLe/Gy+5qBOMZHM0iIJBuV3s/jYIMBQeGBrk1pU+x+jgannvO42jCfeIshzwngLfZ5eQAng72Rcw3w0wxtcnb2hPadUU5ei68s1RuvvPdwJTmSmx6uaYa1auoBK3P8Br+O0XjF0wNHBym5nOVvMB5NqcLdIHzW2tL4tUwdImMLV1z+N+aMbxb+m3X+yvTFGjHQWIDJ2RHk9dxukfeSL2QaDHET2B9zoanlZeqmORP5nloI+IIUQJMSUKPJtRsRzhAOzMBnV33KVTMhBa9ahSLadhbKv5Z8uqt2fcOzOHARifwLX3x/BDIHAfflGopne9wPmPcgqyfznMr+IzHmH3VNJ9ASfZFfrnls0ix0eqAxWJffsxNIlQmQnbmgqj6lqLew3KYlDD9qXrPpuTaKiEyqikFWvZHK2k551By1rtEZyuRGI++/qIZ+UIFYIrV+8aDF7oS/5bfiu2gwRtG5F8oiGh6nl/KHqG7j5lZ+tgwWUEp5oCcPgYf+3dP+P58JWp2eFJOI1OPTWf1jVSLDMqhH/YdNyt/7X6cIN6SlapFF7P XW4q/fWs c4lhfpQKCZRQtLC2/XL15VtjkI9mrNmjyrFF853aiDgoMm0PGXhJUMs5pkIQMvwtvWZvPQE2oFDJ4NQPXI6usm8xghwob1lvpaaJPoX8h5z9+cNju/MK1lv6P00B3EjipZnNsBrCdDLQmJw0dEtoSWwC0FeVCgHCR8SvXNi2JI+pLdxVk2Rb2aNnxhPlAUAzIOG/h1PlqU3vU3nf8tU49nhy+XnMpWLFtVZpEwWj4V4YQ3eK7Cw7CSmBA/r51I2jYrrm0L73IVwACTZC7QCz3GdvW5drMIak6CCXW14bib0XX2WIwenkfYCN6ACSepvwaC4RuL6jdgv8jYHc= X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: From: Tom Lendacky Add support for the SEV-SNP AP Creation NAE event. This allows SEV-SNP guests to alter the register state of the APs on their own. This allows the guest a way of simulating INIT-SIPI. A new event, KVM_REQ_UPDATE_PROTECTED_GUEST_STATE, is created and used so as to avoid updating the VMSA pointer while the vCPU is running. For CREATE The guest supplies the GPA of the VMSA to be used for the vCPU with the specified APIC ID. The GPA is saved in the svm struct of the target vCPU, the KVM_REQ_UPDATE_PROTECTED_GUEST_STATE event is added to the vCPU and then the vCPU is kicked. For CREATE_ON_INIT: The guest supplies the GPA of the VMSA to be used for the vCPU with the specified APIC ID the next time an INIT is performed. The GPA is saved in the svm struct of the target vCPU. For DESTROY: The guest indicates it wishes to stop the vCPU. The GPA is cleared from the svm struct, the KVM_REQ_UPDATE_PROTECTED_GUEST_STATE event is added to vCPU and then the vCPU is kicked. The KVM_REQ_UPDATE_PROTECTED_GUEST_STATE event handler will be invoked as a result of the event or as a result of an INIT. The handler sets the vCPU to the KVM_MP_STATE_UNINITIALIZED state, so that any errors will leave the vCPU as not runnable. Any previous VMSA pages that were installed as part of an SEV-SNP AP Creation NAE event are un-pinned. If a new VMSA is to be installed, the VMSA guest page is pinned and set as the VMSA in the vCPU VMCB and the vCPU state is set to KVM_MP_STATE_RUNNABLE. If a new VMSA is not to be installed, the VMSA is cleared in the vCPU VMCB and the vCPU state is left as KVM_MP_STATE_UNINITIALIZED to prevent it from being run. Signed-off-by: Tom Lendacky Signed-off-by: Brijesh Singh Signed-off-by: Ashish Kalra [mdr: add handling for restrictedmem] Signed-off-by: Michael Roth --- arch/x86/include/asm/kvm_host.h | 1 + arch/x86/include/asm/svm.h | 5 + arch/x86/kvm/svm/sev.c | 219 ++++++++++++++++++++++++++++++++ arch/x86/kvm/svm/svm.c | 3 + arch/x86/kvm/svm/svm.h | 8 +- arch/x86/kvm/x86.c | 11 ++ 6 files changed, 246 insertions(+), 1 deletion(-) diff --git a/arch/x86/include/asm/kvm_host.h b/arch/x86/include/asm/kvm_host.h index b9e783d34e94..cd4bfe0b7deb 100644 --- a/arch/x86/include/asm/kvm_host.h +++ b/arch/x86/include/asm/kvm_host.h @@ -113,6 +113,7 @@ KVM_ARCH_REQ_FLAGS(31, KVM_REQUEST_WAIT | KVM_REQUEST_NO_WAKEUP) #define KVM_REQ_HV_TLB_FLUSH \ KVM_ARCH_REQ_FLAGS(32, KVM_REQUEST_WAIT | KVM_REQUEST_NO_WAKEUP) +#define KVM_REQ_UPDATE_PROTECTED_GUEST_STATE KVM_ARCH_REQ(34) #define CR0_RESERVED_BITS \ (~(unsigned long)(X86_CR0_PE | X86_CR0_MP | X86_CR0_EM | X86_CR0_TS \ diff --git a/arch/x86/include/asm/svm.h b/arch/x86/include/asm/svm.h index a901f1daaefc..3d5e61352290 100644 --- a/arch/x86/include/asm/svm.h +++ b/arch/x86/include/asm/svm.h @@ -290,6 +290,11 @@ static_assert((X2AVIC_MAX_PHYSICAL_ID & AVIC_PHYSICAL_MAX_INDEX_MASK) == X2AVIC_ #define SVM_SEV_FEAT_DEBUG_SWAP BIT(5) #define SVM_SEV_FEAT_SNP_ACTIVE BIT(0) +#define SVM_SEV_FEAT_RESTRICTED_INJECTION BIT(3) +#define SVM_SEV_FEAT_ALTERNATE_INJECTION BIT(4) +#define SVM_SEV_FEAT_INT_INJ_MODES \ + (SVM_SEV_FEAT_RESTRICTED_INJECTION | \ + SVM_SEV_FEAT_ALTERNATE_INJECTION) struct vmcb_seg { u16 selector; diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c index f36d72ca2cf7..e547adddacfa 100644 --- a/arch/x86/kvm/svm/sev.c +++ b/arch/x86/kvm/svm/sev.c @@ -650,6 +650,7 @@ static int sev_launch_update_data(struct kvm *kvm, struct kvm_sev_cmd *argp) static int sev_es_sync_vmsa(struct vcpu_svm *svm) { + struct kvm_sev_info *sev = &to_kvm_svm(svm->vcpu.kvm)->sev_info; struct sev_es_save_area *save = svm->sev_es.vmsa; /* Check some debug related fields before encrypting the VMSA */ @@ -698,6 +699,12 @@ static int sev_es_sync_vmsa(struct vcpu_svm *svm) if (sev_snp_guest(svm->vcpu.kvm)) save->sev_features |= SVM_SEV_FEAT_SNP_ACTIVE; + /* + * Save the VMSA synced SEV features. For now, they are the same for + * all vCPUs, so just save each time. + */ + sev->sev_features = save->sev_features; + pr_debug("Virtual Machine Save Area (VMSA):\n"); print_hex_dump_debug("", DUMP_PREFIX_NONE, 16, 1, save, sizeof(*save), false); @@ -3076,6 +3083,11 @@ static int sev_es_validate_vmgexit(struct vcpu_svm *svm) if (!kvm_ghcb_sw_scratch_is_valid(svm)) goto vmgexit_err; break; + case SVM_VMGEXIT_AP_CREATION: + if (lower_32_bits(control->exit_info_1) != SVM_VMGEXIT_AP_DESTROY) + if (!kvm_ghcb_rax_is_valid(svm)) + goto vmgexit_err; + break; case SVM_VMGEXIT_NMI_COMPLETE: case SVM_VMGEXIT_AP_HLT_LOOP: case SVM_VMGEXIT_AP_JUMP_TABLE: @@ -3295,6 +3307,202 @@ static int snp_complete_psc(struct kvm_vcpu *vcpu) return 1; /* resume */ } +static int __sev_snp_update_protected_guest_state(struct kvm_vcpu *vcpu) +{ + struct vcpu_svm *svm = to_svm(vcpu); + hpa_t cur_pa; + + WARN_ON(!mutex_is_locked(&svm->sev_es.snp_vmsa_mutex)); + + /* Save off the current VMSA PA for later checks */ + cur_pa = svm->sev_es.vmsa_pa; + + /* Mark the vCPU as offline and not runnable */ + vcpu->arch.pv.pv_unhalted = false; + vcpu->arch.mp_state = KVM_MP_STATE_HALTED; + + /* Clear use of the VMSA */ + svm->sev_es.vmsa_pa = INVALID_PAGE; + svm->vmcb->control.vmsa_pa = INVALID_PAGE; + + /* + * sev->sev_es.vmsa holds the virtual address of the VMSA initially + * allocated by the host. If the guest specified a new a VMSA via + * AP_CREATION, it will have been pinned to avoid future issues + * with things like page migration support. Make sure to un-pin it + * before switching to a newer guest-specified VMSA. + */ + if (cur_pa != __pa(svm->sev_es.vmsa) && VALID_PAGE(cur_pa)) + kvm_release_pfn_dirty(__phys_to_pfn(cur_pa)); + + if (VALID_PAGE(svm->sev_es.snp_vmsa_gpa)) { + gfn_t gfn = gpa_to_gfn(svm->sev_es.snp_vmsa_gpa); + struct kvm_memory_slot *slot; + kvm_pfn_t pfn; + + slot = gfn_to_memslot(vcpu->kvm, gfn); + if (!slot) + return -EINVAL; + + /* + * The new VMSA will be private memory guest memory, so + * retrieve the PFN from the gmem backend, and leave the ref + * count of the associated folio elevated to ensure it won't + * ever be migrated. + */ + if (kvm_gmem_get_pfn(vcpu->kvm, slot, gfn, &pfn, NULL)) + return -EINVAL; + + /* Use the new VMSA */ + svm->sev_es.vmsa_pa = pfn_to_hpa(pfn); + svm->vmcb->control.vmsa_pa = svm->sev_es.vmsa_pa; + + /* Mark the vCPU as runnable */ + vcpu->arch.pv.pv_unhalted = false; + vcpu->arch.mp_state = KVM_MP_STATE_RUNNABLE; + + svm->sev_es.snp_vmsa_gpa = INVALID_PAGE; + } + + /* + * When replacing the VMSA during SEV-SNP AP creation, + * mark the VMCB dirty so that full state is always reloaded. + */ + vmcb_mark_all_dirty(svm->vmcb); + + return 0; +} + +/* + * Invoked as part of svm_vcpu_reset() processing of an init event. + */ +void sev_snp_init_protected_guest_state(struct kvm_vcpu *vcpu) +{ + struct vcpu_svm *svm = to_svm(vcpu); + int ret; + + if (!sev_snp_guest(vcpu->kvm)) + return; + + mutex_lock(&svm->sev_es.snp_vmsa_mutex); + + if (!svm->sev_es.snp_ap_create) + goto unlock; + + svm->sev_es.snp_ap_create = false; + + ret = __sev_snp_update_protected_guest_state(vcpu); + if (ret) + vcpu_unimpl(vcpu, "snp: AP state update on init failed\n"); + +unlock: + mutex_unlock(&svm->sev_es.snp_vmsa_mutex); +} + +static int sev_snp_ap_creation(struct vcpu_svm *svm) +{ + struct kvm_sev_info *sev = &to_kvm_svm(svm->vcpu.kvm)->sev_info; + struct kvm_vcpu *vcpu = &svm->vcpu; + struct kvm_vcpu *target_vcpu; + struct vcpu_svm *target_svm; + unsigned int request; + unsigned int apic_id; + bool kick; + int ret; + + request = lower_32_bits(svm->vmcb->control.exit_info_1); + apic_id = upper_32_bits(svm->vmcb->control.exit_info_1); + + /* Validate the APIC ID */ + target_vcpu = kvm_get_vcpu_by_id(vcpu->kvm, apic_id); + if (!target_vcpu) { + vcpu_unimpl(vcpu, "vmgexit: invalid AP APIC ID [%#x] from guest\n", + apic_id); + return -EINVAL; + } + + ret = 0; + + target_svm = to_svm(target_vcpu); + + /* + * The target vCPU is valid, so the vCPU will be kicked unless the + * request is for CREATE_ON_INIT. For any errors at this stage, the + * kick will place the vCPU in an non-runnable state. + */ + kick = true; + + mutex_lock(&target_svm->sev_es.snp_vmsa_mutex); + + target_svm->sev_es.snp_vmsa_gpa = INVALID_PAGE; + target_svm->sev_es.snp_ap_create = true; + + /* Interrupt injection mode shouldn't change for AP creation */ + if (request < SVM_VMGEXIT_AP_DESTROY) { + u64 sev_features; + + sev_features = vcpu->arch.regs[VCPU_REGS_RAX]; + sev_features ^= sev->sev_features; + if (sev_features & SVM_SEV_FEAT_INT_INJ_MODES) { + vcpu_unimpl(vcpu, "vmgexit: invalid AP injection mode [%#lx] from guest\n", + vcpu->arch.regs[VCPU_REGS_RAX]); + ret = -EINVAL; + goto out; + } + } + + switch (request) { + case SVM_VMGEXIT_AP_CREATE_ON_INIT: + kick = false; + fallthrough; + case SVM_VMGEXIT_AP_CREATE: + if (!page_address_valid(vcpu, svm->vmcb->control.exit_info_2)) { + vcpu_unimpl(vcpu, "vmgexit: invalid AP VMSA address [%#llx] from guest\n", + svm->vmcb->control.exit_info_2); + ret = -EINVAL; + goto out; + } + + /* + * Malicious guest can RMPADJUST a large page into VMSA which + * will hit the SNP erratum where the CPU will incorrectly signal + * an RMP violation #PF if a hugepage collides with the RMP entry + * of VMSA page, reject the AP CREATE request if VMSA address from + * guest is 2M aligned. + */ + if (IS_ALIGNED(svm->vmcb->control.exit_info_2, PMD_SIZE)) { + vcpu_unimpl(vcpu, + "vmgexit: AP VMSA address [%llx] from guest is unsafe as it is 2M aligned\n", + svm->vmcb->control.exit_info_2); + ret = -EINVAL; + goto out; + } + + target_svm->sev_es.snp_vmsa_gpa = svm->vmcb->control.exit_info_2; + break; + case SVM_VMGEXIT_AP_DESTROY: + break; + default: + vcpu_unimpl(vcpu, "vmgexit: invalid AP creation request [%#x] from guest\n", + request); + ret = -EINVAL; + break; + } + +out: + if (kick) { + if (target_vcpu->arch.mp_state == KVM_MP_STATE_UNINITIALIZED) + target_vcpu->arch.mp_state = KVM_MP_STATE_RUNNABLE; + + kvm_make_request(KVM_REQ_UPDATE_PROTECTED_GUEST_STATE, target_vcpu); + kvm_vcpu_kick(target_vcpu); + } + + mutex_unlock(&target_svm->sev_es.snp_vmsa_mutex); + + return ret; +} + static int sev_handle_vmgexit_msr_protocol(struct vcpu_svm *svm) { struct vmcb_control_area *control = &svm->vmcb->control; @@ -3545,6 +3753,15 @@ int sev_handle_vmgexit(struct kvm_vcpu *vcpu) vcpu->run->vmgexit.ghcb_msr = ghcb_gpa; vcpu->arch.complete_userspace_io = snp_complete_psc; break; + case SVM_VMGEXIT_AP_CREATION: + ret = sev_snp_ap_creation(svm); + if (ret) { + ghcb_set_sw_exit_info_1(svm->sev_es.ghcb, 2); + ghcb_set_sw_exit_info_2(svm->sev_es.ghcb, GHCB_ERR_INVALID_INPUT); + } + + ret = 1; + break; case SVM_VMGEXIT_UNSUPPORTED_EVENT: vcpu_unimpl(vcpu, "vmgexit: unsupported event - exit_info_1=%#llx, exit_info_2=%#llx\n", @@ -3711,6 +3928,8 @@ void sev_es_vcpu_reset(struct vcpu_svm *svm) set_ghcb_msr(svm, GHCB_MSR_SEV_INFO(GHCB_VERSION_MAX, GHCB_VERSION_MIN, sev_enc_bit)); + + mutex_init(&svm->sev_es.snp_vmsa_mutex); } void sev_es_prepare_switch_to_guest(struct sev_es_save_area *hostsa) diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c index c04c554e5675..f5cdcbd1ba67 100644 --- a/arch/x86/kvm/svm/svm.c +++ b/arch/x86/kvm/svm/svm.c @@ -1402,6 +1402,9 @@ static void svm_vcpu_reset(struct kvm_vcpu *vcpu, bool init_event) svm->spec_ctrl = 0; svm->virt_spec_ctrl = 0; + if (init_event) + sev_snp_init_protected_guest_state(vcpu); + init_vmcb(vcpu); if (!init_event) diff --git a/arch/x86/kvm/svm/svm.h b/arch/x86/kvm/svm/svm.h index 0ad76ed4d625..f81dfa1594f6 100644 --- a/arch/x86/kvm/svm/svm.h +++ b/arch/x86/kvm/svm/svm.h @@ -96,6 +96,7 @@ struct kvm_sev_info { atomic_t migration_in_progress; u64 snp_init_flags; void *snp_context; /* SNP guest context page */ + u64 sev_features; /* Features set at VMSA creation */ }; struct kvm_svm { @@ -212,6 +213,10 @@ struct vcpu_sev_es_state { bool ghcb_sa_free; u64 ghcb_registered_gpa; + + struct mutex snp_vmsa_mutex; /* Used to handle concurrent updates of VMSA. */ + gpa_t snp_vmsa_gpa; + bool snp_ap_create; }; struct vcpu_svm { @@ -687,7 +692,7 @@ void avic_refresh_virtual_apic_mode(struct kvm_vcpu *vcpu); #define GHCB_VERSION_MAX 2ULL #define GHCB_VERSION_MIN 1ULL -#define GHCB_HV_FT_SUPPORTED GHCB_HV_FT_SNP +#define GHCB_HV_FT_SUPPORTED (GHCB_HV_FT_SNP | GHCB_HV_FT_SNP_AP_CREATION) extern unsigned int max_sev_asid; @@ -717,6 +722,7 @@ void sev_es_prepare_switch_to_guest(struct sev_es_save_area *hostsa); void sev_es_unmap_ghcb(struct vcpu_svm *svm); struct page *snp_safe_alloc_page(struct kvm_vcpu *vcpu); void handle_rmp_page_fault(struct kvm_vcpu *vcpu, gpa_t gpa, u64 error_code); +void sev_snp_init_protected_guest_state(struct kvm_vcpu *vcpu); /* vmenter.S */ diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c index 12f9e99c7ad0..8977f7f12a4a 100644 --- a/arch/x86/kvm/x86.c +++ b/arch/x86/kvm/x86.c @@ -10660,6 +10660,14 @@ static int vcpu_enter_guest(struct kvm_vcpu *vcpu) if (kvm_check_request(KVM_REQ_UPDATE_CPU_DIRTY_LOGGING, vcpu)) static_call(kvm_x86_update_cpu_dirty_logging)(vcpu); + + if (kvm_check_request(KVM_REQ_UPDATE_PROTECTED_GUEST_STATE, vcpu)) { + kvm_vcpu_reset(vcpu, true); + if (vcpu->arch.mp_state != KVM_MP_STATE_RUNNABLE) { + r = 1; + goto out; + } + } } if (kvm_check_request(KVM_REQ_EVENT, vcpu) || req_int_win || @@ -12871,6 +12879,9 @@ static inline bool kvm_vcpu_has_events(struct kvm_vcpu *vcpu) return true; #endif + if (kvm_test_request(KVM_REQ_UPDATE_PROTECTED_GUEST_STATE, vcpu)) + return true; + if (kvm_arch_interrupt_allowed(vcpu) && (kvm_cpu_has_interrupt(vcpu) || kvm_guest_apic_has_interrupt(vcpu))) From patchwork Mon Oct 16 13:28:07 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Roth X-Patchwork-Id: 13423347 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id C2A1BCDB465 for ; Mon, 16 Oct 2023 13:42:39 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 652AE8D008F; Mon, 16 Oct 2023 09:42:39 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 603BE8D0001; Mon, 16 Oct 2023 09:42:39 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 4A4AF8D008F; Mon, 16 Oct 2023 09:42:39 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0012.hostedemail.com [216.40.44.12]) by kanga.kvack.org (Postfix) with ESMTP id 38CE58D0001 for ; Mon, 16 Oct 2023 09:42:39 -0400 (EDT) Received: from smtpin16.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay04.hostedemail.com (Postfix) with ESMTP id 09ED11A0935 for ; Mon, 16 Oct 2023 13:42:39 +0000 (UTC) X-FDA: 81351439638.16.B3BA1E4 Received: from NAM10-DM6-obe.outbound.protection.outlook.com (mail-dm6nam10on2080.outbound.protection.outlook.com [40.107.93.80]) by imf20.hostedemail.com (Postfix) with ESMTP id 13D041C000D for ; Mon, 16 Oct 2023 13:42:35 +0000 (UTC) Authentication-Results: imf20.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b=IE9R83fQ; spf=pass (imf20.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.93.80 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com; dmarc=pass (policy=quarantine) header.from=amd.com; arc=pass ("microsoft.com:s=arcselector9901:i=1") ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1697463756; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=taEAnXAx4AHIhFKtNmiIBrEk5Qj5RWdX2hupeZhmCl4=; b=CzJS6FJWBtBZEMRdaZMRnzcBhOm3j/bYd7Hta2Sjx2aie5mgJqthdRHOTU+h3dbz2s+DNc sm3F2FjjnJgLVpn7g/74mygwr087B+88iNp/E0G2F5jXzeo7Mq3ebZHVgjExvi5Wd8irqK MMgwhjfN4o0Q1J+Wa4K/3lRGvs3Rj2o= ARC-Seal: i=2; s=arc-20220608; d=hostedemail.com; t=1697463756; a=rsa-sha256; cv=pass; b=vvnldhGdEAqEJmsk4GMsMr3GtG4uEQgncOkfGBARMO/vvhKemM0oa5dIVS4j6weGUGdQ7+ 3v/wvD9l29sUHfxi3n2P/h8Z4D7hgE8ni3+gltTq35fnbSnQuLuXVssaT4puoXltyqSMWs /STBWUijfXsZh8yDYa0DQym/RauF7yg= ARC-Authentication-Results: i=2; imf20.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b=IE9R83fQ; spf=pass (imf20.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.93.80 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com; dmarc=pass (policy=quarantine) header.from=amd.com; arc=pass ("microsoft.com:s=arcselector9901:i=1") ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=FD08Z9Qhnwr7ob4n5Pk4O+vtyCtR3uzH2bRfVRinX06TarBsX+A89ifaSCnqE6S5chepdEu4lrbWBbLNWBvd6JMj2TbdX/VuzTNPl0lx1exlyBdDI57/tgvNo5zFirEZI9lar9CdDsJ/SowqadEXCo4hQKPAO5H9iGPpnf7lW2f5u71s9nMfYPzOQNLnBOozQ9vM9cYWi+Jx7mjP78KtBdUKCcgHCFgfMzAk7Ftdu00+SO7HL4Fh2mGoH7mHwWKHjg8QpzMNPoBf2xnZqMTMeNyelOTnzD79Qm3sTD76jV6/eHElx1j7Ss3AzZ2bJLMZHP7tuGYcK3rHjXSIhMAdXw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=taEAnXAx4AHIhFKtNmiIBrEk5Qj5RWdX2hupeZhmCl4=; b=dB+Kqbm2PjTh/gbwagKMmSUwl0JdPeW7RtRTyhuUQEWXLZyMIvpuL+ZRDhhaZFB9c5zJVGJ5+gHv7Q9bdbX49jlB5XEWqgk5CkB0aFarz+Z9W8dYu6ybWHkaQfsaaaagBYo5rQ8VZPcucnZP0TmzhnuQhdQZ4MJxxRL2LauAZXouBIaSksTFGjJEPEOruI7G5FDWnRTTANZcP53emQsAAI6AncmrOCCiUVgNs6CJz3kDuCE49eB1BWYCBu01HZB2qqTSYOO/3xhObu7qLoSDRgqvnhYQj1ErJpDgSiKcf3WPGzWoyCAaADx3K30vSqqLOU7Nh5lhcio7zn3+7Ypv8w== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=taEAnXAx4AHIhFKtNmiIBrEk5Qj5RWdX2hupeZhmCl4=; b=IE9R83fQKzE/o+7mWjqLdx5SoZKOk0l+g0ZRnbyVPu7TAfURe33uz8bckEVjkXb9FeV9ukzAe6TbTeL7O0w7bcn+f9ievDxMvYHslr2cXhg6ltqw6EboWoA3OuVkk58T8jSogmegmpi6IuyOmpjhQPOt/Gd7+8mDZe7yrRQIU8I= Received: from PH7PR17CA0066.namprd17.prod.outlook.com (2603:10b6:510:325::15) by SJ2PR12MB8111.namprd12.prod.outlook.com (2603:10b6:a03:4fe::17) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6886.36; Mon, 16 Oct 2023 13:42:33 +0000 Received: from SN1PEPF000252A1.namprd05.prod.outlook.com (2603:10b6:510:325:cafe::87) by PH7PR17CA0066.outlook.office365.com (2603:10b6:510:325::15) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6886.35 via Frontend Transport; Mon, 16 Oct 2023 13:42:33 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by SN1PEPF000252A1.mail.protection.outlook.com (10.167.242.8) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.6838.22 via Frontend Transport; Mon, 16 Oct 2023 13:42:33 +0000 Received: from localhost (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.27; Mon, 16 Oct 2023 08:42:32 -0500 From: Michael Roth To: CC: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , Subject: [PATCH v10 38/50] KVM: SEV: Add support for GHCB-based termination requests Date: Mon, 16 Oct 2023 08:28:07 -0500 Message-ID: <20231016132819.1002933-39-michael.roth@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20231016132819.1002933-1-michael.roth@amd.com> References: <20231016132819.1002933-1-michael.roth@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: SN1PEPF000252A1:EE_|SJ2PR12MB8111:EE_ X-MS-Office365-Filtering-Correlation-Id: b8f739cc-04f1-4473-7819-08dbce4dc00f X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: Cu3L7Sif8VPbMyA+ubp1eBadBHxnIsJXI1PmXa+d6RwjhsjkPA2lrugmGNGZ7lLwBnmRZDMaLEosHMqpwWlSPQ2e1C/PhlcQeNMAbN9dVKRL7TosdEkU6GT0Tm+SN5TKdzYrJSy2K/4dY/qs7XfQ+mVRtahbGQtLM3ojQ3W9X/jMxRY9xtGsv1AImNS/XOev7obx6g1llrJgwngOoMQDHYwSUP2e60x7r/yh29UYc354XJq0MjehM0kRCVFkriubp/rtbRupcb+fpbFQVbgaIvlkvCLvm+Ld7LHdvI65vJaCk2wOd7eoLX6fVTxW7zJj1qHNFPW/t3r92d2NigtLoYceW6NfVaZpJ9fYw1nUuyX+pq+zaIofycXDpRHIKch6UHFOEHugDMW22UZquyRGrzs6+kcQaWgGyxa5nB0tIWvnO66GRE/C1oBju9DNqIwtQNx4ueTw7Za+bL+Jp9KIRVTCAHnwdtG5uMxfso43o1poT/Nc/ZV5L37pAbecU6WTLCxEQ6InzB1lWo7sCiMW4yaTWypFHpM9pp+YNtoe2LY58A/rjj0+qGrFAM9rQbJEWa8haYTdGzLmdQzdilTwShyCUH844P4wDJsTPsyXS46nSHW7YrQlym6ToWysnB27atVUcUTK5EivaXE5vfqM0vjxA+NSxg/43iXf0ASBvXbbLJTYUcVaO9Irg9MvJQViAx+HEw1lmR1nChj12AMM+ZEe0TFprnaVe+nZEnxhDK7EXnunR3VPIZexeUDUMLk4/SviQKkQrNnp+5Zev/RTfA== X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230031)(4636009)(346002)(136003)(376002)(39860400002)(396003)(230922051799003)(451199024)(64100799003)(1800799009)(186009)(82310400011)(46966006)(36840700001)(40470700004)(40460700003)(40480700001)(36860700001)(82740400003)(356005)(47076005)(83380400001)(81166007)(6666004)(16526019)(26005)(36756003)(70586007)(70206006)(54906003)(316002)(6916009)(478600001)(1076003)(426003)(336012)(2616005)(41300700001)(44832011)(7416002)(7406005)(86362001)(2906002)(5660300002)(8936002)(8676002)(4326008)(36900700001);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 16 Oct 2023 13:42:33.2318 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: b8f739cc-04f1-4473-7819-08dbce4dc00f X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: SN1PEPF000252A1.namprd05.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: SJ2PR12MB8111 X-Rspamd-Queue-Id: 13D041C000D X-Rspam-User: X-Rspamd-Server: rspam11 X-Stat-Signature: 6kkmec8trsbq6ywq4potpynhf4fhw1wi X-HE-Tag: 1697463755-727049 X-HE-Meta: U2FsdGVkX19p0qRZdnwf/6Ww92FFMsWff4vxcnz8JkaAxGojCNESBCNkDfT1oczBcW0uAd3qMe1kpgIOyvICaQaYzmhMe/oypDIUVXLv39mjqiAe1hKpcdQ8LGqK+/ypKtRtKloOVJMoYtdI+1zyzu9ivsKByXmu4MtTZ+CIwbKmcAjzAbTZ3rRtqXpe69cl/Gtq7MQm5Qsse97cwdIztpsouK5ALATFeTtMGdB5SxsPC1bw5psaKRsc5Lmu5+fzgbjqfFm8Qx/a0vXw8OI0TKKz3nyBjYCLlXJosOhMBHm8ZdVFBzjHjTDCGjAN9UII3/nUkL042a94DckYt2jIRigI1qB0EsrOB37Pcbd4Nn5fI461fwi+R0b3icSUeo8nG5DJ0+w/spHuJbcpz/5lNA6DZXQy+36dUiHGOeP1aIwsbw0/DgwEC4sOzmzDg9rUHa3yCTJtOOMQziiKIbqrwMuZWEay8IJBtXjgOnaiqUECenVPPDOub4dCWHUE6v8+EmVC0ON/k22uJPhlvse6KdY2FVUnK9hLH7/0ZKK86avyTGUjV21yyeFVpwLHglLiy6C9OHxXsEdo1Ho5vJ1bx+ZqQ1TR7OyrJTFVUhEPqFrExMej+zfRx0wSsCOYrY+MgaYgEGi3HZpHt2i3bWRUXAgv5NZj7UAdjQYkNI7/dKRqrrk4WgwjATcwEqOR+8W1LzFaRP1N7NkPwTkkehvhAfSFLODwkFSIMQrvmXWTPXAdUPoENtJxSFehFucoljf9l8iJnGaPGMbuDo9dbsWFT7mb7tM2JoxlzLRk6dfcTp3I5nKCr8lXRQst3yJmtMVJO0HpKa7xuoa4ofmKrLNQRUzvPhoEHOliKhp0GCDoGBzxZcnTrFkvfXmE0s6HxHsDwUimoNtXYkRSvWBi91tbO/2ynt+c5mljjrTgGFVD1ePCdOvQBg69glHwwWlJR0FWxhzx8T5TP7Y4BPt7Am/ A6Xro0ja Re9qkBV0NpVzlOz1ChR+CexNtK80kOGjQGm50/PJz/FpJBewBVC2NoVoeGY//E4NKNWkY9yhULBwfx2JTGMM4yIBPanl8sSLLSfvPAR5FfKLFoFGnrs34uQJNFu58cTFlMBFOH7uq1cF9FvWmGCUVWDVDXKfApFGcx9UcCwDV74GZp31A6NRhuFgw0LkA4oEN8tM2L6DUx2b8NeD5U+CSs1ZafMwvNjr+aDFNig7WlgJC+ZnKzeStcS21cv6cE5wuW7qRvXzL1mK5/UudLUenIcYkusr7ZYBLnS2jvzPJchR3+dpw43Pp5kYEMecHdsPnhjg6fs3p07zp+30= X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: GHCB version 2 adds support for a GHCB-based termination request that a guest can issue when it reaches an error state and wishes to inform the hypervisor that it should be terminated. Implement support for that similarly to GHCB MSR-based termination requests that are already available to SEV-ES guests via earlier versions of the GHCB protocol. Signed-off-by: Michael Roth Reviewed-by: Liam Merwick --- arch/x86/kvm/svm/sev.c | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c index e547adddacfa..9c38fe796e00 100644 --- a/arch/x86/kvm/svm/sev.c +++ b/arch/x86/kvm/svm/sev.c @@ -3094,6 +3094,7 @@ static int sev_es_validate_vmgexit(struct vcpu_svm *svm) case SVM_VMGEXIT_UNSUPPORTED_EVENT: case SVM_VMGEXIT_HV_FEATURES: case SVM_VMGEXIT_PSC: + case SVM_VMGEXIT_TERM_REQUEST: break; default: reason = GHCB_ERR_INVALID_EVENT; @@ -3762,6 +3763,14 @@ int sev_handle_vmgexit(struct kvm_vcpu *vcpu) ret = 1; break; + case SVM_VMGEXIT_TERM_REQUEST: + pr_info("SEV-ES guess requested termination: reason %#llx info %#llx\n", + control->exit_info_1, control->exit_info_1); + vcpu->run->exit_reason = KVM_EXIT_SYSTEM_EVENT; + vcpu->run->system_event.type = KVM_SYSTEM_EVENT_SEV_TERM; + vcpu->run->system_event.ndata = 1; + vcpu->run->system_event.data[0] = control->ghcb_gpa; + break; case SVM_VMGEXIT_UNSUPPORTED_EVENT: vcpu_unimpl(vcpu, "vmgexit: unsupported event - exit_info_1=%#llx, exit_info_2=%#llx\n", From patchwork Mon Oct 16 13:28:08 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Roth X-Patchwork-Id: 13423348 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id F0091CDB465 for ; Mon, 16 Oct 2023 13:43:00 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 961908D0090; Mon, 16 Oct 2023 09:43:00 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 911598D0001; Mon, 16 Oct 2023 09:43:00 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 7D9AC8D0090; Mon, 16 Oct 2023 09:43:00 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0013.hostedemail.com [216.40.44.13]) by kanga.kvack.org (Postfix) with ESMTP id 6E9D38D0001 for ; Mon, 16 Oct 2023 09:43:00 -0400 (EDT) Received: from smtpin21.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay04.hostedemail.com (Postfix) with ESMTP id 429181A0935 for ; Mon, 16 Oct 2023 13:43:00 +0000 (UTC) X-FDA: 81351440520.21.00C2AF5 Received: from NAM12-BN8-obe.outbound.protection.outlook.com (mail-bn8nam12on2079.outbound.protection.outlook.com [40.107.237.79]) by imf20.hostedemail.com (Postfix) with ESMTP id 331391C002B for ; Mon, 16 Oct 2023 13:42:57 +0000 (UTC) Authentication-Results: imf20.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b=ZGY6BC6g; spf=pass (imf20.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.237.79 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com; dmarc=pass (policy=quarantine) header.from=amd.com; arc=pass ("microsoft.com:s=arcselector9901:i=1") ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1697463777; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=YWWSaTmDjMI9U0l/FGVVcrWjBRDXASnIBVF5pzyJsJU=; b=N8Djb77rSGGypX3/5pX3MYppUsD9V/YNmt4JPP1GsMBL76Mv0m01sj0kcr9EL3n5LTfD4/ eFFsk5+89nXA43kxwXJKjnZBBaNR4d9nUulufFeUC6RJAhA1pNb3zgmZLN5VCHTJzfPyiU FMtXDR+vZRsFtgIP3s7J9IooA25RdeA= ARC-Seal: i=2; s=arc-20220608; d=hostedemail.com; t=1697463777; a=rsa-sha256; cv=pass; b=20yCWq2P21tXUUpj1I0INQTh79KIarpyHrdXAhA6OA5DY2aa8UjkK7Zv8OLasXQvz8ogPr fqmVeylhjoAJdP1wbzGuljU/s5igDC3SAZtFz3AZz+Wli2kM/bnXNmrDCnFxt+yU/HzvNY UKxMCKdBXkmViIZubqp+LNnS8HcUXP8= ARC-Authentication-Results: i=2; imf20.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b=ZGY6BC6g; spf=pass (imf20.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.237.79 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com; dmarc=pass (policy=quarantine) header.from=amd.com; arc=pass ("microsoft.com:s=arcselector9901:i=1") ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=Spq8igZs7BzUnErvO7nf7PjxENe5cYDkE/ru8OcpzQWsS8AYExfXGmXHIqUj2Z5Q6O2OxcZMKQFXf3l3sqrf1pgGJnbYCztlPqVGX9SHVVXwQzpfnpCJ1rrxNxNPnDhfEFVG8kGFTLDn6oJUi3u6kaRJd6mwNbHZ9pDeDL2WCvf8rwju+9drKOPpQZzmeCOGPUNKnyXW4UGhan6reedu6O8vlLjEScz3VgetbT5hKkNkO3+7F5RfCHQB/iyJZhOUTDjdX1VQ5e24MocaDYEz72n9UR9gQlPb7RWhChLBfNkVjmmcczUVuQHCrPbBEjSlLvB4LEjU7B4yVUOy2G+xfQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=YWWSaTmDjMI9U0l/FGVVcrWjBRDXASnIBVF5pzyJsJU=; b=MA35UAigcHPOYnVv6k860C+JbvR6Qx7ge8x2a5oiqNEgZdl+CpcqF3l1/w1KvfvRcEFRtlgFqcgCGJpDg3SNekoDYGZeQV3Kzv97B2B+oEqQE8oeSPdHOieZgpTwERNFsqCCS9AnMK6RO4tliI5rEO+R9XEky1zhOcG+XAz7zfoMimF0UPt+hOnfGyvf4gCFTz69Jc/9odyS7PkNp0PD5BcC1/rPnY6piUTXpbfK031tw4LTTB81s7Uk8YUT+q6MOGe7jN+TiKgxE5/RfV8h4gCutMeXlsZUhVW3hp+6VRkjHcnKtd5TYwdq0WyuxvCbdshX6yMxMDuG3kYxw+kWJA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=YWWSaTmDjMI9U0l/FGVVcrWjBRDXASnIBVF5pzyJsJU=; b=ZGY6BC6gl/eSbwLcl2DNbMPG9qEmhPF7ZZTwfHTONCwCqWZX7b4KQUU5Syyn5liQ/caDj64iRv0+KtMkobnL/QZc/0xWDs0J/miBmxhTL5Q1AMnWxeBFmKFJi5/dA6cGrXGGCDZv8C3Bvef5EhXOEgnXdcnOJBUB5anzTNE/3d0= Received: from SJ0PR03CA0002.namprd03.prod.outlook.com (2603:10b6:a03:33a::7) by DS0PR12MB7996.namprd12.prod.outlook.com (2603:10b6:8:14f::13) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6863.47; Mon, 16 Oct 2023 13:42:54 +0000 Received: from SN1PEPF000252A0.namprd05.prod.outlook.com (2603:10b6:a03:33a:cafe::7b) by SJ0PR03CA0002.outlook.office365.com (2603:10b6:a03:33a::7) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6886.35 via Frontend Transport; Mon, 16 Oct 2023 13:42:54 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by SN1PEPF000252A0.mail.protection.outlook.com (10.167.242.7) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.6838.22 via Frontend Transport; Mon, 16 Oct 2023 13:42:54 +0000 Received: from localhost (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.27; Mon, 16 Oct 2023 08:42:53 -0500 From: Michael Roth To: CC: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , Subject: [PATCH v10 39/50] KVM: SEV: Implement gmem hook for initializing private pages Date: Mon, 16 Oct 2023 08:28:08 -0500 Message-ID: <20231016132819.1002933-40-michael.roth@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20231016132819.1002933-1-michael.roth@amd.com> References: <20231016132819.1002933-1-michael.roth@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: SN1PEPF000252A0:EE_|DS0PR12MB7996:EE_ X-MS-Office365-Filtering-Correlation-Id: 375ff03f-4abe-49b1-e727-08dbce4dcc87 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: 5GQz8LNG1/Ev9LDgD6TSZ3CJ+aab9O+6w5+vH8VzT8JGbyD8D4/m6KJqWl1jyRwfmQBrXalpgbUZftP0ZfO0Gu+mo3TaMjq5flc9r2EW8bjMmgeW3y4B1oW/QnAcbAXpuyvVbT1cQddCmDo9KzdVuACD2l3cSQqMO8olDJvDf7N3lFLxoKuA4r+/nWJtRAK3Gp8UXD2GheH/hbzT+O8IbXMLYv6cjuzTI0sG7iDxfD+nq238ZmRUQfBxr5hRtr0gkWCcCVdbfKXh871Semk7avzAdnPce2OKVzPoFq8FWrzq4s5UNQGoRcMcnuVf2/cwtVZ2OJi754KimVLcb43OP8TTz2XpKKeIl4slRepqKpBgblzUBmkGxq3P0gefXsSMXQB7ZOMcSDl8k13xb1o9J3pVBMnYeEc5arso0zjabdyg3uGNbtAGegUNKdZLzFzKCrMJ7XGJzn5lKp1J0DWxTVdNvAlsQAPaXoO141s3cRHJstN15QJyUdknyApR2gTfX+UEDeczG327CC5G0mGioaFcNiBqeHId46GJUF+bWFgP/m5YOmrAJeHDvc/c4c/C55e9DTSY+ZHWVAStY/ZZYyHuuA54O9av2Om8JnQH9eEbNDCi514eMRgNqL2WHVN6ZPHFJz8LPy5k11VY/mVzP8psbwUnZI3mQgZWW5k6iO02DyyRKzSSKOX8m0l8mh/9CN8LN5NYz5VmzlUBTORen7AeBo2KSafjdlm2lGSDRfFSQygBsUJEYj1EVYgDDVvXr2fVJ+CRGA0vDlnVzXEFaQ== X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230031)(4636009)(39860400002)(376002)(136003)(346002)(396003)(230922051799003)(64100799003)(451199024)(186009)(82310400011)(1800799009)(40470700004)(46966006)(36840700001)(40480700001)(40460700003)(6666004)(478600001)(336012)(47076005)(86362001)(36860700001)(81166007)(356005)(36756003)(82740400003)(7416002)(7406005)(2906002)(316002)(2616005)(83380400001)(16526019)(426003)(26005)(1076003)(5660300002)(44832011)(70206006)(4326008)(41300700001)(6916009)(54906003)(8676002)(8936002)(70586007)(36900700001);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 16 Oct 2023 13:42:54.1538 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 375ff03f-4abe-49b1-e727-08dbce4dcc87 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: SN1PEPF000252A0.namprd05.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: DS0PR12MB7996 X-Rspamd-Queue-Id: 331391C002B X-Rspam-User: X-Stat-Signature: x8ri9jp1sc1job4hm7jjpaasjdybkcyg X-Rspamd-Server: rspam03 X-HE-Tag: 1697463777-765691 X-HE-Meta: U2FsdGVkX1/dEuUHrmUIbCHqS26TBSyhFQMhTzYkiJ4w/EQ3HtxTNI1JLxKzA5qSaz4SXZBKv60mIsZFUAifOfQkHDCPQMabDGkUWng2hx3LsOifEazyjeTWE092EtX4w6zm4tXUdRbL9/8+EjDyOQNUjyZLhSjh7a+5qmF0F+twIrkqCu7eF7c+TMVvqWIZb2Rh310Vcp4YLa2C6dCYysI+VytE7lwqiGWSx8CnYU++cHd50LcnK/ESTaczuyaAgaBOH0ruNUXZXoow5fQ9AOyioG45UTGjlGETTyz1lVT/D8gmj1g9QQ5gHTRFV15aQk4KeycO0Pu6hF6V25WLMoXs+oh9pQuR5Qh3Qyv0KhsGWSwJqVRqg3nPIHtwZxwQ8nu0Upo7gSkWSLSrgEz997i5H18ui0bhr+sRwV2d4+RZ+/liKKpVOZBg8n+M/jljnNznzV4CKwdowNerI1I/+BY3JdD4W7zG43POXyStQm7Hg/Q3x4ZSuY+tU5QtgK/i7wB8Xa3gpzQ9QF59FfVDdiop+MZvQzIM/PNTqRomp/EhvqOoKm4F+jH1atgXSRE9luqW6w90XGGLiZAzTTVJGfcZQk+c3WuuZbDv4P83NNfQaWfMm5sr92os5aD5epwshRFZUV/uCahR9nbY23raa3OTsVG37vTRJoMe3ZDEfaLX5MExzjpwflujQRKaVw/j8AlBevJ2nFx1n40oInPSd/Dv/6DtIRF59VKsd7SxfXqrk9mWLirZM/EizxrpWDheRGCVXdTF5fAChaZYbQHle8bV2veVO5Xz9faxvqRHqsA7eRVVVskF2eeQ2wMt80eGSeO9luf2Q14tGLHq6nf3OdaoYqDe6uielf5tsRBvEWuPXq2Tm7YavVeYsddGgpNwQY8HGXfOh1d+vCXHTDz+lPbujEkwn71UXwaaB+wcNVCAWa+7+4/lKPDA4MmFxLtlhxyoU4gyn1lwBrj9VW+ kuLs/BBC rCK+24q1pgOxH9TS6DuDhcdGlV9sNlQoOXPeUaieo/woHa0jCOncahZu1FSOmHl5JSgIR78VCDJ0gZ9FhPr0UVlL6FP2th9LxHG2aPmfGNqVavI2hKbIy1OUhxbHgqjC+zUCkBfcLPoeOi/INild18J4v+g62QW1lyvHUPr9RG8XcE6/NLTNS8xqQyFl6j98FNB6wflGMmKPrcAdpD4py8a2C1dBJWjTWPrWGn/qDtVU6/CAa1Y6K47AINPF2ovOdc01XG582JoUgOaxD/Jul+Hdf5pUrlT6OucJ+4w9XCBSkqkrekd/GkMdtnnGrxV4H8xPjT/v64XxF2aw= X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: This will handle RMP table updates and direct map changes needed to put a page into a private state before mapping it into an SEV-SNP guest. Signed-off-by: Michael Roth --- arch/x86/kvm/Kconfig | 1 + arch/x86/kvm/svm/sev.c | 95 ++++++++++++++++++++++++++++++++++++++++++ arch/x86/kvm/svm/svm.c | 2 + arch/x86/kvm/svm/svm.h | 1 + 4 files changed, 99 insertions(+) diff --git a/arch/x86/kvm/Kconfig b/arch/x86/kvm/Kconfig index 71dc506aa3fb..8caf2eb6add8 100644 --- a/arch/x86/kvm/Kconfig +++ b/arch/x86/kvm/Kconfig @@ -127,6 +127,7 @@ config KVM_AMD_SEV depends on KVM_AMD && X86_64 depends on CRYPTO_DEV_SP_PSP && !(KVM_AMD=y && CRYPTO_DEV_CCP_DD=m) select KVM_SW_PROTECTED_VM + select HAVE_KVM_GMEM_PREPARE help Provides support for launching Encrypted VMs (SEV) and Encrypted VMs with Encrypted State (SEV-ES) on AMD processors. diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c index 9c38fe796e00..8cf2d19597b1 100644 --- a/arch/x86/kvm/svm/sev.c +++ b/arch/x86/kvm/svm/sev.c @@ -4135,3 +4135,98 @@ void handle_rmp_page_fault(struct kvm_vcpu *vcpu, gpa_t gpa, u64 error_code) out: put_page(pfn_to_page(pfn)); } + +static bool is_pfn_range_shared(kvm_pfn_t start, kvm_pfn_t end) +{ + kvm_pfn_t pfn = start; + + while (pfn < end) { + int ret, rmp_level; + bool assigned; + + ret = snp_lookup_rmpentry(pfn, &assigned, &rmp_level); + if (ret) { + pr_warn_ratelimited("SEV: Failed to retrieve RMP entry: PFN 0x%llx GFN start 0x%llx GFN end 0x%llx RMP level %d error %d\n", + pfn, start, end, rmp_level, ret); + return false; + } + + if (assigned) { + pr_debug("%s: overlap detected, PFN 0x%llx start 0x%llx end 0x%llx RMP level %d\n", + __func__, pfn, start, end, rmp_level); + return false; + } + + pfn++; + } + + return true; +} + +static u8 max_level_for_order(int order) +{ + if (order >= KVM_HPAGE_GFN_SHIFT(PG_LEVEL_2M)) + return PG_LEVEL_2M; + + return PG_LEVEL_4K; +} + +static bool is_large_rmp_possible(struct kvm *kvm, kvm_pfn_t pfn, int order) +{ + kvm_pfn_t pfn_aligned = ALIGN_DOWN(pfn, PTRS_PER_PMD); + + /* + * If this is a large folio, and the entire 2M range containing the + * PFN is currently shared, then the entire 2M-aligned range can be + * set to private via a single 2M RMP entry. + */ + if (max_level_for_order(order) > PG_LEVEL_4K && + is_pfn_range_shared(pfn_aligned, pfn_aligned + PTRS_PER_PMD)) + return true; + + return false; +} + +int sev_gmem_prepare(struct kvm *kvm, kvm_pfn_t pfn, gfn_t gfn, int max_order) +{ + struct kvm_sev_info *sev = &to_kvm_svm(kvm)->sev_info; + kvm_pfn_t pfn_aligned; + gfn_t gfn_aligned; + int level, rc; + bool assigned; + + if (!sev_snp_guest(kvm)) + return 0; + + rc = snp_lookup_rmpentry(pfn, &assigned, &level); + if (rc) + return rc; + + if (assigned) { + pr_debug("%s: already assigned: gfn %llx pfn %llx max_order %d level %d\n", + __func__, gfn, pfn, max_order, level); + return 0; + } + + if (is_large_rmp_possible(kvm, pfn, max_order)) { + level = PG_LEVEL_2M; + pfn_aligned = ALIGN_DOWN(pfn, PTRS_PER_PMD); + gfn_aligned = ALIGN_DOWN(gfn, PTRS_PER_PMD); + } else { + level = PG_LEVEL_4K; + pfn_aligned = pfn; + gfn_aligned = gfn; + } + + rc = rmp_make_private(pfn_aligned, gfn_to_gpa(gfn_aligned), level, sev->asid, false); + if (rc) { + pr_err_ratelimited("SEV: Failed to update RMP entry: GFN %llx PFN %llx level %d error %d\n", + gfn, pfn, level, rc); + return -EINVAL; + } + + pr_debug("%s: updated: gfn %llx pfn %llx pfn_aligned %llx max_order %d level %d\n", + __func__, gfn, pfn, pfn_aligned, max_order, level); + + return 0; +} diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c index f5cdcbd1ba67..b3ed424533b0 100644 --- a/arch/x86/kvm/svm/svm.c +++ b/arch/x86/kvm/svm/svm.c @@ -5041,6 +5041,8 @@ static struct kvm_x86_ops svm_x86_ops __initdata = { .vcpu_deliver_sipi_vector = svm_vcpu_deliver_sipi_vector, .vcpu_get_apicv_inhibit_reasons = avic_vcpu_get_apicv_inhibit_reasons, .alloc_apic_backing_page = svm_alloc_apic_backing_page, + + .gmem_prepare = sev_gmem_prepare, }; /* diff --git a/arch/x86/kvm/svm/svm.h b/arch/x86/kvm/svm/svm.h index f81dfa1594f6..c5cee554176e 100644 --- a/arch/x86/kvm/svm/svm.h +++ b/arch/x86/kvm/svm/svm.h @@ -723,6 +723,7 @@ void sev_es_unmap_ghcb(struct vcpu_svm *svm); struct page *snp_safe_alloc_page(struct kvm_vcpu *vcpu); void handle_rmp_page_fault(struct kvm_vcpu *vcpu, gpa_t gpa, u64 error_code); void sev_snp_init_protected_guest_state(struct kvm_vcpu *vcpu); +int sev_gmem_prepare(struct kvm *kvm, kvm_pfn_t pfn, gfn_t gfn, int max_order); /* vmenter.S */ From patchwork Mon Oct 16 13:28:09 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Roth X-Patchwork-Id: 13423349 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 23094CDB465 for ; Mon, 16 Oct 2023 13:43:22 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id B0E568D0091; Mon, 16 Oct 2023 09:43:21 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id ABE638D0001; Mon, 16 Oct 2023 09:43:21 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 939178D0091; Mon, 16 Oct 2023 09:43:21 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0013.hostedemail.com [216.40.44.13]) by kanga.kvack.org (Postfix) with ESMTP id 85E938D0001 for ; Mon, 16 Oct 2023 09:43:21 -0400 (EDT) Received: from smtpin02.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay07.hostedemail.com (Postfix) with ESMTP id 62F9B16092F for ; Mon, 16 Oct 2023 13:43:21 +0000 (UTC) X-FDA: 81351441402.02.69BD84C Received: from NAM11-CO1-obe.outbound.protection.outlook.com (mail-co1nam11on2066.outbound.protection.outlook.com [40.107.220.66]) by imf30.hostedemail.com (Postfix) with ESMTP id 731DD80006 for ; Mon, 16 Oct 2023 13:43:18 +0000 (UTC) Authentication-Results: imf30.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b=hc4CBoF5; spf=pass (imf30.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.220.66 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com; arc=pass ("microsoft.com:s=arcselector9901:i=1"); dmarc=pass (policy=quarantine) header.from=amd.com ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1697463798; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=A7Mbl041b1klKFpTG/hZsMgCD2LPQQlrF/scjxp8wOo=; b=8Pgzxsfqfg3eck1B1D9BpngVp+6AlCaljBDXW2dysrlJSTN2oeRm2oSEee0sVJhZMOj3Xj WywOL5Mz3xHesWvEWDzq6Kt/NG/uhw62JcH+gz2aw8HZ6uH/h4Vrz1qK4gj8JDmj6hKzeS Bgyo+13fT3A70BBYdJoWFo2ptUEUXGY= ARC-Authentication-Results: i=2; imf30.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b=hc4CBoF5; spf=pass (imf30.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.220.66 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com; arc=pass ("microsoft.com:s=arcselector9901:i=1"); dmarc=pass (policy=quarantine) header.from=amd.com ARC-Seal: i=2; s=arc-20220608; d=hostedemail.com; t=1697463798; a=rsa-sha256; cv=pass; b=UjQDa64H2EE/pcqM6dsOLzJBTRi/fmrJlnAu06bhrmmMd7zPjdHIADUwi2J6vIvliW71GB NPwPGWQpoxQr3EE9YH4g8peRJsO4Rm1yHNvRUvSoSpRI/oJBrs7b0ZVQNduxfa+f/kEaju geMn5R6cSHbtEsAKoh/1g0hFh7TICfU= ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=Knk/Y0NYJV69GWd8j4VrJR75/KbJQlxDLCJu07DtBGVgCGhpw/enZfOfdq07wvV7/RA+16LM4/MAHxyqVdtoQQZHpCrNAQVeZNu5voDgEujbU9nJytdly9+xuRKrLm5Nwvm4yyykM7OAuc4Irccux8f1TxyNtZWASHlbNcM2UPKA5jH08itEz7cJMXGaH7FTJSgddUp0FTa5JO22HthRI3xc+2T5yGLqXoi94jC1Ho2rV0GVKpv0QkQNsZ7saqaqtUy7WcEK5pw3euc7QzC9vNMudeWo+X3TeoiQBMvAg9jiImvFiAkT4rpyNBgaDIjMbtZ8LoU/k7+pwm9+rDbYGg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=A7Mbl041b1klKFpTG/hZsMgCD2LPQQlrF/scjxp8wOo=; b=aNCdtOncw4i668jAZOydDzdAJR+WPZrq1LWdGfNJL6LPQRye9CJnlBB6X3qJYxz4NAi5uzKxCN41Oq+K13Brhchpqi2y9koYjI49P/EUJRZD6BwGLc4GWFFNmMcOcY1Pol+d70hRQ9dOYEYVKBJsD1cafpjX1LKHyMhkv9uPT7zwrgTkIpatFHiyGvAo+wlOAqS092UGuOvJDrG/R5z/em/QZpB26KzamczGv/aof7TciVlIrZAoZCnMdmKqY5SeAFQtor+FLU8T5m4OuxnuNp9mHJQ7ROOytMOWB2PKGPcD8g26YP/v4M77Q7F7aLptFnuVolrMw3hRnxJJ4KnEEQ== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=A7Mbl041b1klKFpTG/hZsMgCD2LPQQlrF/scjxp8wOo=; b=hc4CBoF5lnrcCu131vgOvfwu8nK/bw4Th5ENmz7mVnYpL+QIqAS+ojm0p1hLFIv3XdhU35t/14YAnRXT9CSrwLLWXKbh1lNuLln2y4dwNaYyKcoAGGV72D+cbE08LlcpIj5jE2hM30uRlEvxYxjInWrtC+AAfc60PeN7/J/ZWFA= Received: from BY3PR03CA0005.namprd03.prod.outlook.com (2603:10b6:a03:39a::10) by SA1PR12MB7319.namprd12.prod.outlook.com (2603:10b6:806:2b5::19) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6886.35; Mon, 16 Oct 2023 13:43:15 +0000 Received: from SN1PEPF000252A2.namprd05.prod.outlook.com (2603:10b6:a03:39a:cafe::37) by BY3PR03CA0005.outlook.office365.com (2603:10b6:a03:39a::10) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6886.35 via Frontend Transport; Mon, 16 Oct 2023 13:43:15 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by SN1PEPF000252A2.mail.protection.outlook.com (10.167.242.9) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.6838.22 via Frontend Transport; Mon, 16 Oct 2023 13:43:14 +0000 Received: from localhost (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.27; Mon, 16 Oct 2023 08:43:14 -0500 From: Michael Roth To: CC: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , Subject: [PATCH v10 40/50] KVM: SEV: Implement gmem hook for invalidating private pages Date: Mon, 16 Oct 2023 08:28:09 -0500 Message-ID: <20231016132819.1002933-41-michael.roth@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20231016132819.1002933-1-michael.roth@amd.com> References: <20231016132819.1002933-1-michael.roth@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: SN1PEPF000252A2:EE_|SA1PR12MB7319:EE_ X-MS-Office365-Filtering-Correlation-Id: 631fcebe-1429-4e64-25a9-08dbce4dd8dd X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: wcOB04eQ9Uvj4v5EhIrKqV+v3GgaBVCXnYERiOHypXxL8Veb8wI+lo3+lZkIuQU+APf+hWRfaOK45zc8Idsz65uAiD/SIqMBh0ZljGxqe4cZ4OMzQWa6IrUvk2R/+GrMxXgSdVyYXLWw7kf5xhsemY5s1BqClx281BNWeg0EiDQD1VPsy4SSxeAtvB+bjZInNJTQxIef6jBwfj8JP+P6b9GRuMP2LOcru0FO/i0HqxBNKCO5NKZxnZzJbAv+F1eEoJuAcFx6RavDD0Cal8AUTaMn5zhCEEZWH19fljJT8Potr8siBbT0Q+jX29T+vePDSdtoZCtrasshlvVdjPDxjajSVs0zeXoUhZ+aSmcySwpf8shhC/z7SqfDBC51t1JUZRYnRX1X0b9NJTXJCzyDcRCddqS0hqdFlgI4V9xmXUJK3Of3V5IOXh2pz9xXaVX+p9D147ezIWLpAud+JoXRSNdMzU9ha9o2OK6b+k4FEgV//3QzukciGzWqQW8RhrM3diXQwD0Pa7S24J5ljBO8dO3BmrKTuiUdSDDYLT+NZsMU4X2CA9jBMkuJ7cRaZxDjxadoLbaStl66FRIss9tdxn36LsUKHu6FJw1+0XqiRP24OdoMRFm0G6jNBAd9yRKYrCleqXwDoop3er4KGaNkyP7TVn5zJwJZk5sd48AzgP8DkvARfs+lTybT7WFs/ydXnsvzXOYZKoJGQr5bxGUydl0w1AsIvUkn39hYOgLeervB65ie3S9G+wYOEy++vXN6ueKmP3WFm9PRNaqFGSuEUA== X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230031)(4636009)(39860400002)(346002)(396003)(136003)(376002)(230922051799003)(186009)(1800799009)(64100799003)(82310400011)(451199024)(36840700001)(46966006)(40470700004)(36860700001)(47076005)(40480700001)(356005)(81166007)(82740400003)(478600001)(2906002)(6666004)(7416002)(70586007)(316002)(54906003)(70206006)(6916009)(4326008)(41300700001)(5660300002)(44832011)(8936002)(8676002)(7406005)(83380400001)(336012)(426003)(1076003)(26005)(2616005)(16526019)(40460700003)(36756003)(86362001)(36900700001);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 16 Oct 2023 13:43:14.8451 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 631fcebe-1429-4e64-25a9-08dbce4dd8dd X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: SN1PEPF000252A2.namprd05.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: SA1PR12MB7319 X-Rspamd-Queue-Id: 731DD80006 X-Rspam-User: X-Stat-Signature: 4cbwni73rrs7js8exynk1gp1pjsy866a X-Rspamd-Server: rspam01 X-HE-Tag: 1697463798-843766 X-HE-Meta: U2FsdGVkX1+XjQRtJLD4Jt8iaRfrrD1cH54g20ShG6/9Smo5w2RzsPWPpV9ZRUALqS+T023fMNkE9OL/HZ0iGHqIdXCUk4M9VKiXIN/pvABpAgQ685lLLUplsC01pWbgPh4O/kTjBOu5+V+TEu2DDi76fZKpiCqBKRpIfusGRWQvfvbkQoSpTdNuq6iRDRrXMr18uqMBgyvR/RJXz+KuYRJk6aY43n/qluzwTp6BOtT5pVgxRzMnPYNmJ3RQmTRc6/8pxhzvwWly/GVgn+x8SHCURPvtYHZIjgDT/BqAv5eY/AtX67sHUnIqBHg0g3f5BVo7cSkqn3eT5j73KQITu+MsbG3CpbEQ1PWanbpc7Oe5Hn09p3UjP2Az25bCvk3iyBfMkS8OKkGolh5rs4DRSX5nmR0uvejEWFcIfwG3UBvnDrGXJrvFA4GLBUBbQw/tA7CeSpVJoCqHQWtPR740FKrzt00RkTVO3cAQweJCVnl4lXkOEmuKW8jNYazVKqv1q5tnUGV7LfH05kA5tpIzV+OTf4xoDRG5b9LqXcsGaqJjJVqbjiiGvOGAyG8HcnHCJ6E6I9dfjwxIlrxpriokwL96v932LfD9sVlcJplPY4WwNXabdNFYLm4rxKTtp20VatdPvbWfLEjt/hWtkPotJ01+aqhi5gDudozFGYkCBHzQdUzUa4aujayZE6+UP5oBbbSetnsoXddVzBPXshawbmmv+txLHLWxSatjQX+CgvxnUYfNx27Ib+vodmg88f/5EICjZcrygrjX1i5KJaAo240YY/lERHe/DfNF8L6+r8QkohxSe7c5C3FLbG7RV+8dOSCJvEYEHKBi+x/nLFaIImn1XYy6OyAZfJmX9IdbDXaBzKaILBviDogSvJj0AigwYR5OPgwqd/C0anO2+3ZDUZ0QnkuT7or1beVkbNfTh/fselbBjV3lfv5bsTh1cxcwtsnsk3EbotZk0lchDYh lmrydHLY OKyvdj1IpKkyQOzUfN1G3nQOYy+wBiSPzOuPt7IGtwnmvPsadWlgmqI38Pmg6Jc2ZBJB/ooQCrNfTvKY7pr5pvoKum7P8eeRriuQ2+nMHgOxCCjkz9RqVYG5tKrjnUOEN6JL/GTTTanVJmTZGY8/uj6NIp1X/wb0M+fkmhG+V+gkywcJDaUjh5H4ArGIleSDHzsz1YLNA7ANvxfu0OpQXSNYi4OGUApBBFzkohzGyvwbVe1CZz/7Cahlltqwj0XwSGMUil40JzDTl4R0ZkW97KbkLNKPdMQzHbFHyM0wNJCUwItTfuuVGkWeAIdVqW9eVoVrO4fr1G2/mOyk= X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: Implement a platform hook to do the work of restoring the direct map entries of gmem-managed pages and transitioning the corresponding RMP table entries back to the default shared/hypervisor-owned state. Signed-off-by: Michael Roth --- arch/x86/kvm/Kconfig | 1 + arch/x86/kvm/svm/sev.c | 63 ++++++++++++++++++++++++++++++++++++++++++ arch/x86/kvm/svm/svm.c | 1 + arch/x86/kvm/svm/svm.h | 2 ++ 4 files changed, 67 insertions(+) diff --git a/arch/x86/kvm/Kconfig b/arch/x86/kvm/Kconfig index 8caf2eb6add8..dfc857db389f 100644 --- a/arch/x86/kvm/Kconfig +++ b/arch/x86/kvm/Kconfig @@ -128,6 +128,7 @@ config KVM_AMD_SEV depends on CRYPTO_DEV_SP_PSP && !(KVM_AMD=y && CRYPTO_DEV_CCP_DD=m) select KVM_SW_PROTECTED_VM select HAVE_KVM_GMEM_PREPARE + select HAVE_KVM_GMEM_INVALIDATE help Provides support for launching Encrypted VMs (SEV) and Encrypted VMs with Encrypted State (SEV-ES) on AMD processors. diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c index 8cf2d19597b1..5b3a3bbfebee 100644 --- a/arch/x86/kvm/svm/sev.c +++ b/arch/x86/kvm/svm/sev.c @@ -4230,3 +4230,66 @@ int sev_gmem_prepare(struct kvm *kvm, kvm_pfn_t pfn, gfn_t gfn, int max_order) return 0; } + +void sev_gmem_invalidate(kvm_pfn_t start, kvm_pfn_t end) +{ + kvm_pfn_t pfn; + + pr_debug("%s: PFN start 0x%llx PFN end 0x%llx\n", __func__, start, end); + + for (pfn = start; pfn < end;) { + bool use_2m_update = false; + int rc, rmp_level; + bool assigned; + + rc = snp_lookup_rmpentry(pfn, &assigned, &rmp_level); + if (rc) { + pr_debug_ratelimited("SEV: Failed to retrieve RMP entry for PFN 0x%llx error %d\n", + pfn, rc); + goto next_pfn; + } + + if (!assigned) + goto next_pfn; + + use_2m_update = IS_ALIGNED(pfn, PTRS_PER_PMD) && + end >= (pfn + PTRS_PER_PMD) && + rmp_level > PG_LEVEL_4K; + + /* + * If an unaligned PFN corresponds to a 2M region assigned as a + * large page in he RMP table, PSMASH the region into individual + * 4K RMP entries before attempting to convert a 4K sub-page. + */ + if (!use_2m_update && rmp_level > PG_LEVEL_4K) { + rc = snp_rmptable_psmash(pfn); + if (rc) + pr_err_ratelimited("SEV: Failed to PSMASH RMP entry for PFN 0x%llx error %d\n", + pfn, rc); + } + + rc = rmp_make_shared(pfn, use_2m_update ? PG_LEVEL_2M : PG_LEVEL_4K); + if (WARN_ON_ONCE(rc)) { + pr_err_ratelimited("SEV: Failed to update RMP entry for PFN 0x%llx error %d\n", + pfn, rc); + goto next_pfn; + } + + /* + * SEV-ES avoids host/guest cache coherency issues through + * WBINVD hooks issued via MMU notifiers during run-time, and + * KVM's VM destroy path at shutdown. Those MMU notifier events + * don't cover gmem since there is no requirement to map pages + * to a HVA in order to use them for a running guest. While the + * shutdown path would still likely cover things for SNP guests, + * userspace may also free gmem pages during run-time via + * hole-punching operations on the guest_memfd, so flush the + * cache entries for these pages before free'ing them back to + * the host. + */ + clflush_cache_range(__va(pfn_to_hpa(pfn)), + use_2m_update ? PMD_SIZE : PAGE_SIZE); +next_pfn: + pfn += use_2m_update ? PTRS_PER_PMD : 1; + } +} diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c index b3ed424533b0..9cff302b4402 100644 --- a/arch/x86/kvm/svm/svm.c +++ b/arch/x86/kvm/svm/svm.c @@ -5043,6 +5043,7 @@ static struct kvm_x86_ops svm_x86_ops __initdata = { .alloc_apic_backing_page = svm_alloc_apic_backing_page, .gmem_prepare = sev_gmem_prepare, + .gmem_invalidate = sev_gmem_invalidate, }; /* diff --git a/arch/x86/kvm/svm/svm.h b/arch/x86/kvm/svm/svm.h index c5cee554176e..1fd90a88b0db 100644 --- a/arch/x86/kvm/svm/svm.h +++ b/arch/x86/kvm/svm/svm.h @@ -724,6 +724,8 @@ struct page *snp_safe_alloc_page(struct kvm_vcpu *vcpu); void handle_rmp_page_fault(struct kvm_vcpu *vcpu, gpa_t gpa, u64 error_code); void sev_snp_init_protected_guest_state(struct kvm_vcpu *vcpu); int sev_gmem_prepare(struct kvm *kvm, kvm_pfn_t pfn, gfn_t gfn, int max_order); +void sev_gmem_invalidate(kvm_pfn_t start, kvm_pfn_t end); +int sev_gmem_max_level(struct kvm *kvm, kvm_pfn_t pfn, gfn_t gfn, u8 *max_level); /* vmenter.S */ From patchwork Mon Oct 16 13:28:10 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Roth X-Patchwork-Id: 13423351 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 28A8CCDB465 for ; Mon, 16 Oct 2023 13:44:04 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id BAC6D8D0093; Mon, 16 Oct 2023 09:44:03 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id B5AD28D0001; Mon, 16 Oct 2023 09:44:03 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 9D5708D0093; Mon, 16 Oct 2023 09:44:03 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0016.hostedemail.com [216.40.44.16]) by kanga.kvack.org (Postfix) with ESMTP id 8F4FD8D0001 for ; Mon, 16 Oct 2023 09:44:03 -0400 (EDT) Received: from smtpin15.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay01.hostedemail.com (Postfix) with ESMTP id 458751CB279 for ; Mon, 16 Oct 2023 13:44:03 +0000 (UTC) X-FDA: 81351443166.15.33C7EED Received: from NAM10-DM6-obe.outbound.protection.outlook.com (mail-dm6nam10on2062.outbound.protection.outlook.com [40.107.93.62]) by imf20.hostedemail.com (Postfix) with ESMTP id 579091C0003 for ; Mon, 16 Oct 2023 13:44:00 +0000 (UTC) Authentication-Results: imf20.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b=4NVCJj6l; dmarc=pass (policy=quarantine) header.from=amd.com; arc=pass ("microsoft.com:s=arcselector9901:i=1"); spf=pass (imf20.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.93.62 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1697463840; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=R0BItP21TMokf/7PbhApPDE+AFmeFaseWrdieGwU510=; b=CQ/v70nS2hxKbfdAMu0al9WlHlduNuWK2/zRX1cEO+/FoR22tms8ENP5Id8UMp2wfLtBG6 nkYzPRYXAY80LOPCbrlhPUW0VaK70bU0Ap1WqOMV1tUE3SgpVcL9BT7c+PuqvYrXz30xBQ TrLXOTEOHcsovsFJs8CMmr9IFG0qccc= ARC-Authentication-Results: i=2; imf20.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b=4NVCJj6l; dmarc=pass (policy=quarantine) header.from=amd.com; arc=pass ("microsoft.com:s=arcselector9901:i=1"); spf=pass (imf20.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.93.62 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com ARC-Seal: i=2; s=arc-20220608; d=hostedemail.com; t=1697463840; a=rsa-sha256; cv=pass; b=RKDDCTlo51+8H7Vd0xBrSbmN4bkPHDQAYsX7rlxAxflz1WaBhWftyN6NKljd4g7kdjONhf k8TWX2zmEVYM5ih+1et+mVVS80EN7W7MC2JpDp3nlOYqgBp3/FfAzIbYZSqrhx9yVA7dv3 eOnvLva30LZ/cPlpFUkDTHW1br6CFlA= ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=axCt6HEyQTZokTWMMyVLy14NxpyS8C6qqjwgj0vzyB5r3jG5MSasCXWvHJognNPg2ZaaHBfMv9eqYlGLkZpP9avJ1NMWGjp2IXI3fQEzefF2AILbKqa6GoaEBK+Z5RmPj3MJn+7CBlsmGiXGOnrrA+QorPTJJiQhu41dFVDCdNdaFisqM6UX67Lb1Cc0eNvS8NYmJoxzmCdPbyjjNc7hO4YHLZmywe0DGGLLzUNmwqi/lkhMqOc8C9AB4qGvMhdRczQplwdY3HjSyiQD8We7qeBcfLLouUbj6+SjzpQekrtsQOTe5qdJkxgadHYsz+abOEV2wdZXIPPeagUTZ2M9iA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=R0BItP21TMokf/7PbhApPDE+AFmeFaseWrdieGwU510=; b=OTYMg4RRPpfvncVgtGjjnCVM9U3K6rVSEYOntp26iR1GUD8xK1c0BuvtcnDw5g8rIFVmhCOe6FO2Qj1iLZUHV+eh//jxGnAYEe3BlAd3Ox+/F/THo8df1JwhonDSCgThJWTcRgM9Jn7QauCd+NXY+D4TbcxtzeCCNLzgiULLCsYv4F70LHlWfRL1oV0H+t+DpzrL8vBH/7mfAAFx1oasnjz5pG0Rfi3M+Ra0cVE6TJevF+AxAufAcRLck7Sjd61YASz7C8uXQkJOqwF+aZyPbglHm8up1WYQfNt9mF/GvsVB5Z8EGK+WsMkPZ/vwHfbjVYvw0a34ntf+k1TRFLIFcw== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=R0BItP21TMokf/7PbhApPDE+AFmeFaseWrdieGwU510=; b=4NVCJj6lGmzx3ZPNw3q+MW/kfrMbbMCjt+lsNUpUHlo9yYhhJ6himVxdWxQWzfY0+vpNVVsa2ytAQvRifIRbjXGQytZ/a60Vhn8qK7gNpd8IKo7w3Apdv03efbiuoFYyDKJtaKA+lEjGVEEpoAjNrxP1ygc5dCBbF0O4xd1Cvj8= Received: from SA9PR13CA0149.namprd13.prod.outlook.com (2603:10b6:806:27::34) by CY8PR12MB8361.namprd12.prod.outlook.com (2603:10b6:930:7b::18) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6886.35; Mon, 16 Oct 2023 13:43:56 +0000 Received: from SN1PEPF0002529E.namprd05.prod.outlook.com (2603:10b6:806:27:cafe::13) by SA9PR13CA0149.outlook.office365.com (2603:10b6:806:27::34) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6907.17 via Frontend Transport; Mon, 16 Oct 2023 13:43:56 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by SN1PEPF0002529E.mail.protection.outlook.com (10.167.242.5) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.6838.22 via Frontend Transport; Mon, 16 Oct 2023 13:43:56 +0000 Received: from localhost (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.27; Mon, 16 Oct 2023 08:43:56 -0500 From: Michael Roth To: CC: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , Subject: [PATCH v10 41/50] KVM: x86: Add gmem hook for determining max NPT mapping level Date: Mon, 16 Oct 2023 08:28:10 -0500 Message-ID: <20231016132819.1002933-42-michael.roth@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20231016132819.1002933-1-michael.roth@amd.com> References: <20231016132819.1002933-1-michael.roth@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: SN1PEPF0002529E:EE_|CY8PR12MB8361:EE_ X-MS-Office365-Filtering-Correlation-Id: 9c548af0-be41-4070-6608-08dbce4df1bb X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: GwUcXb5XlMTTcvlrswstMDTo3m2QHW7cFiRMSBs7qyq1hm0piign5obsbWMUkrfYz2s64n6OCp6Gp0y7I6zsK5Te4QQhoITLYtwX30n+x/IuHnxY1QKiwVNJZM1/C/AOBQJK08zXmpNXnP3RRCDDGAQBnoT7SKFYhR6+pgQe1XyeTutZ04TMNx8WbUGOsYpEzz96gPgcGvRth9gkRdHHoy2U2BOJmJkdzlOdZ3U4YBoyh9Cx82mnjzbE5iKGGxlY0L8Q1StNdN82uOrVUVMTWYK09Rgtk411o872fTO7JxSSwfjGF9laoJ87oEg+daIhQBGHnRI3pGZBypPYPEMGPvuDmtbubMMEOPVlsivsma6VgUmU+uwBHT6yWM/OoBWKEbBwuY+9oGVuiA1vEcfxoYEtMtvV9i6GoA2j+fXZdxCLZQ/MujBa1OtKmJQsXPo9sddQk2ayHk3tnGgIUwYQNErPcF5tDmVWiDHwFVatYMlj/US0Enmx+1m7bYZspS79nu3L8xbTyLI7cwayJxrKrR8vvkKkVfzq/7Af9J3pslAzLoUpD8Dv0ksJ+m1s5ZR0PGxZyOvzLmqwmrIFA+mTjVNCYYQ5AIzk8HKnpqwE4Vi9BDQFtiOW2tc2cPDGqBIgQHkTDU1gnyUm2LZ5gLswSSg0UOzPTgMiSCuQeD+j9fBuO/OHOh83SjbcTexjAorV4DoDqZf9oLMImOy6cWEyHTi576Q+BrB+Ffz4IKhUiKnk+/uWD3xscM37G+05dqeaesN8b88wL6H5qhMV7gg63Q== X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230031)(4636009)(39860400002)(376002)(136003)(346002)(396003)(230922051799003)(82310400011)(1800799009)(186009)(64100799003)(451199024)(40470700004)(46966006)(36840700001)(70206006)(70586007)(2616005)(6916009)(54906003)(478600001)(316002)(7406005)(426003)(1076003)(336012)(26005)(16526019)(5660300002)(8676002)(8936002)(4326008)(44832011)(2906002)(7416002)(41300700001)(86362001)(6666004)(36756003)(82740400003)(356005)(47076005)(83380400001)(36860700001)(81166007)(40460700003)(40480700001)(36900700001);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 16 Oct 2023 13:43:56.5513 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 9c548af0-be41-4070-6608-08dbce4df1bb X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: SN1PEPF0002529E.namprd05.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: CY8PR12MB8361 X-Rspam-User: X-Stat-Signature: 468gkcqakfjc7dogxi1ezbw66pbpwfwq X-Rspamd-Server: rspam07 X-Rspamd-Queue-Id: 579091C0003 X-HE-Tag: 1697463840-341030 X-HE-Meta: U2FsdGVkX19/qm+4jefMa5S5Gu1Pqg44H5pWejtTxNwXuR8zBPOFmTdK+9hE2ZHOS1hcDtgZrzy67klsz5GLzm8CbTzaXgTa6QdfiDZgF7aGvxbn0Nivi9L54gBWi7fIVt246BupEdBzPoLogVcYdfTvFSnrlasRaIbbvWgKQyLMqf7Zhws4/XkGfhm8nZeE51AxNW8SS/JUKwrLV4zL92K3VGsixOEU5XRpb3MHJObb9RFjw9wu2nZZSj1/mTHcBLAIyu60xWgx74MWY1O4K5+zBihoAJROSILno+VMQzTkwGOyXqoCKN6bw9XegHu5PrrUSpiVn9JTtAAjkHG7pkPDrEHixa5qB+3MgLqlDV+QN51AZQcXsh3JKvGf10gfI7MCHQnoHHhYmjdWn6+lZNdNuNZlRw3T6zYJn9Xw1Ux6fC0dDVyYnfo2UxNloVVI05Yon/yVU3t4JQ65U2AuKJFvcFw3qnJeKFbJrZNtaoXq8niFT2tOZSrprh0a01EGKa4hgJg0rAm9bAhuRYkUOTPLVCD/WzmH8epq2PeNXE0BdDLiFBexv6XOLwjFWsomtjteh7Ln+OjcdS2XlAPse0Uwth3iO85Ds/iKFMA5QKA6OdWE5XYe/5CfUg1yvpaK+EsH2fJ06XrA7jJcaJKMscQnyUZ0LpvxGUpWhjSwlXni2P0HVoJYqVwITetUW3xFZmFhkquYcsRKrMTzYM0vmI0fylXBMz6WXl8RUBFZZMxZEDXdyxpsAcl2dkxyvDgAV11+AiUNzZAM4RZHXVwG+n6RX8q+TYXP/fFxV/RRtrHBWImE9NXRdlqWWSZ3wisEABfldHKSsNQL7huu7GtojPRwGU60brDTrfxmtDzg5Qzl17f+IuJZr6SGiAGJwHO9ZcX6WgxSz5qNzV96wm/OViA8r5o7+sFL9CvtsJ8MINYKQpevbxXIMykHoMbC2KiZm+oyxbiwSjiGODedT3M v4p8bDFs HocviWxeUwowz6I4GPjIL1m47ksXsEUJSS7qV9GgTkPWM5fukC4RKmMPqOaPZmijq4Gg/ahaGlHslOhZYqXQPFwn/MDCxAnh0wUSiXG/pi5CfXV7Ph63Pgp/zfX4C9AggUrm6gqLZuseAEkBaVBtiDc8vDdvXX844sIlXYI1mw+mUngMDjy4ZmWvDVP+x/sIY4eqpktPVzjI6C+Rxg6B4y3oziTNWIoE6Lgr/uaf7zzp/HfLKI0FwjP+5GmkGmFP4csT7CwdoWloxdQcg720e7V2Qt333SvenrYzCYmdgTypT892GQdlym5vGwVi8M8BYNAYCWJztRpUD1xQ= X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: In the case of SEV-SNP, whether or not a 2MB page can be mapped via a 2MB mapping in the guest's nested page table depends on whether or not any subpages within the range have already been initialized as private in the RMP table. The existing mixed-attribute tracking in KVM is insufficient here, for instance: - gmem allocates 2MB page - guest issues PVALIDATE on 2MB page - guest later converts a subpage to shared - SNP host code issues PSMASH to split 2MB RMP mapping to 4K - KVM MMU splits NPT mapping to 4K At this point there are no mixed attributes, and KVM would normally allow for 2MB NPT mappings again, but this is actually not allowed because the RMP table mappings are 4K and cannot be promoted on the hypervisor side, so the NPT mappings must still be limited to 4K to match this. Add a hook to determine the max NPT mapping size in situations like this. Signed-off-by: Michael Roth --- arch/x86/include/asm/kvm-x86-ops.h | 1 + arch/x86/include/asm/kvm_host.h | 1 + arch/x86/kvm/mmu/mmu.c | 12 ++++++++++-- arch/x86/kvm/svm/sev.c | 27 +++++++++++++++++++++++++++ arch/x86/kvm/svm/svm.c | 1 + 5 files changed, 40 insertions(+), 2 deletions(-) diff --git a/arch/x86/include/asm/kvm-x86-ops.h b/arch/x86/include/asm/kvm-x86-ops.h index 4ef2eca14287..7f2e00c48d3b 100644 --- a/arch/x86/include/asm/kvm-x86-ops.h +++ b/arch/x86/include/asm/kvm-x86-ops.h @@ -135,6 +135,7 @@ KVM_X86_OP(complete_emulated_msr) KVM_X86_OP(vcpu_deliver_sipi_vector) KVM_X86_OP_OPTIONAL_RET0(vcpu_get_apicv_inhibit_reasons); KVM_X86_OP_OPTIONAL_RET0(gmem_prepare) +KVM_X86_OP_OPTIONAL_RET0(gmem_max_level) KVM_X86_OP_OPTIONAL(gmem_invalidate) KVM_X86_OP_OPTIONAL(alloc_apic_backing_page) diff --git a/arch/x86/include/asm/kvm_host.h b/arch/x86/include/asm/kvm_host.h index cd4bfe0b7deb..6dda4d24dbef 100644 --- a/arch/x86/include/asm/kvm_host.h +++ b/arch/x86/include/asm/kvm_host.h @@ -1764,6 +1764,7 @@ struct kvm_x86_ops { int (*gmem_prepare)(struct kvm *kvm, kvm_pfn_t pfn, gfn_t gfn, int max_order); void (*gmem_invalidate)(kvm_pfn_t start, kvm_pfn_t end); + int (*gmem_max_level)(struct kvm *kvm, kvm_pfn_t pfn, gfn_t gfn, u8 *max_level); void *(*alloc_apic_backing_page)(struct kvm_vcpu *vcpu); }; diff --git a/arch/x86/kvm/mmu/mmu.c b/arch/x86/kvm/mmu/mmu.c index 8c78807e0f45..64f6cb428b32 100644 --- a/arch/x86/kvm/mmu/mmu.c +++ b/arch/x86/kvm/mmu/mmu.c @@ -4304,6 +4304,7 @@ static int kvm_faultin_pfn_private(struct kvm_vcpu *vcpu, struct kvm_page_fault *fault) { int max_order, r; + u8 max_level; if (!kvm_slot_can_be_private(fault->slot)) { kvm_mmu_prepare_memory_fault_exit(vcpu, fault); @@ -4317,8 +4318,15 @@ static int kvm_faultin_pfn_private(struct kvm_vcpu *vcpu, return r; } - fault->max_level = min(kvm_max_level_for_order(max_order), - fault->max_level); + max_level = kvm_max_level_for_order(max_order); + r = static_call(kvm_x86_gmem_max_level)(vcpu->kvm, fault->pfn, + fault->gfn, &max_level); + if (r) { + kvm_release_pfn_clean(fault->pfn); + return r; + } + + fault->max_level = min(max_level, fault->max_level); fault->map_writable = !(fault->slot->flags & KVM_MEM_READONLY); return RET_PF_CONTINUE; diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c index 5b3a3bbfebee..6c6d5a320d72 100644 --- a/arch/x86/kvm/svm/sev.c +++ b/arch/x86/kvm/svm/sev.c @@ -4293,3 +4293,30 @@ void sev_gmem_invalidate(kvm_pfn_t start, kvm_pfn_t end) pfn += use_2m_update ? PTRS_PER_PMD : 1; } } + +int sev_gmem_max_level(struct kvm *kvm, kvm_pfn_t pfn, gfn_t gfn, u8 *max_level) +{ + int level, rc; + bool assigned; + + if (!sev_snp_guest(kvm)) + return 0; + + rc = snp_lookup_rmpentry(pfn, &assigned, &level); + if (rc) { + pr_err_ratelimited("SEV: RMP entry not found: GFN %llx PFN %llx level %d error %d\n", + gfn, pfn, level, rc); + return -ENOENT; + } + + if (!assigned) { + pr_err_ratelimited("SEV: RMP entry is not assigned: GFN %llx PFN %llx level %d\n", + gfn, pfn, level); + return -EINVAL; + } + + if (level < *max_level) + *max_level = level; + + return 0; +} diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c index 9cff302b4402..d97ec673b63d 100644 --- a/arch/x86/kvm/svm/svm.c +++ b/arch/x86/kvm/svm/svm.c @@ -5043,6 +5043,7 @@ static struct kvm_x86_ops svm_x86_ops __initdata = { .alloc_apic_backing_page = svm_alloc_apic_backing_page, .gmem_prepare = sev_gmem_prepare, + .gmem_max_level = sev_gmem_max_level, .gmem_invalidate = sev_gmem_invalidate, }; From patchwork Mon Oct 16 13:28:11 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Roth X-Patchwork-Id: 13423352 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 23A1DCDB474 for ; Mon, 16 Oct 2023 13:44:42 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id BF9B98D0094; Mon, 16 Oct 2023 09:44:41 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id B82DA8D0001; Mon, 16 Oct 2023 09:44:41 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 9FD8B8D0094; Mon, 16 Oct 2023 09:44:41 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0012.hostedemail.com [216.40.44.12]) by kanga.kvack.org (Postfix) with ESMTP id 8F5248D0001 for ; Mon, 16 Oct 2023 09:44:41 -0400 (EDT) Received: from smtpin25.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay05.hostedemail.com (Postfix) with ESMTP id 69EAC4094D for ; Mon, 16 Oct 2023 13:44:41 +0000 (UTC) X-FDA: 81351444762.25.FE5A623 Received: from NAM04-BN8-obe.outbound.protection.outlook.com (mail-bn8nam04on2050.outbound.protection.outlook.com [40.107.100.50]) by imf24.hostedemail.com (Postfix) with ESMTP id 7A72118002C for ; Mon, 16 Oct 2023 13:44:38 +0000 (UTC) Authentication-Results: imf24.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b=kq7uP5Pg; spf=pass (imf24.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.100.50 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com; arc=pass ("microsoft.com:s=arcselector9901:i=1"); dmarc=pass (policy=quarantine) header.from=amd.com ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1697463878; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=l/XXYKvsa7V/ySbrTiRvd6QMpQ3il+5mLsa616zGqX8=; b=Tii4KiivuwS8CDzeSb715JwHAsEiVK6Opgc/RDmVBsnGAnd7WrJTEWqBpHLi/ikH481e0R OMWqibsus1GJpNrrrgwhnqTjltszv1rdDqhHMNwxfGWcuoOg1PtoEhKNw/Zcc9AusxFRMH bGNXmMOdRuINMagpyrP43Xz+rJtmeD8= ARC-Authentication-Results: i=2; imf24.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b=kq7uP5Pg; spf=pass (imf24.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.100.50 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com; arc=pass ("microsoft.com:s=arcselector9901:i=1"); dmarc=pass (policy=quarantine) header.from=amd.com ARC-Seal: i=2; s=arc-20220608; d=hostedemail.com; t=1697463878; a=rsa-sha256; cv=pass; b=IXPZ6/a/+FRaSbAPtZx6Jt7hz4kmAtaYq/eWbcsFcAI4SSNQDBXaAgHD/aL26UrNQkGrHG h8EBzl3dbboADE+hNrilpCWge6VWXxoxxbw6tFc9nDky1isPBD4riyHh5uisCHs3skhkCb 3mLIcTIPARrGHMDeTxM8aBc39TKw5Os= ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=B6i9oj1qw/BuLddivuz3FKVkSxluZFvWv6HsNeCGcji9JnRG8+BmyyDGjS2goDXpf8305Znp6Xx8NFr2HdjAQMyVXfBy6M7CyPeW5zt0nstbffmw0QHbajO/8CoafGzEDfZCq48mRHE65cyaoDDgtBU+YN1ivsALnHq1kFKOy38jJjGopa9uGtulNr9uuOY9DwwgQfcwliyKfPoK6P5uxCSKaXNHR98nI7K7Pphwru6GiAWDFSc8ZzQ1CXR97vTz53E96hQUwrGf9LEzy4gDytTJywsecHRgOGqs9Ou+oAZOxFm/nUmNAkYcwMo92E7a5oSrIXz3qaB3aFg8au7YSA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=l/XXYKvsa7V/ySbrTiRvd6QMpQ3il+5mLsa616zGqX8=; b=oEYCiTb/q+gJNTxQsiFeZtk9hNOGjNXhYLoH0zl9CPS2JTD9Rpv3XdQpGwsvs+GBVGdrI2Zxyk8jtp0F97HbVtx6Dz1VIsdA0Qq2MrjHQHU69hzsYuQ3GfaASar4WvZLhW0rV02ju8wcdH6lJHHcuHsIU6P0ToGj53nQ2OD2dxfupe5uQOeg/60vS7wMcr+zJr9Kl4nW3BpFTYG/D32D9xelbRlT0gApq2NMrJ1TEz32yRKBdA5AfdNeuiBl/27T3KG1oHLwczDtFmGHZV3FnV/OxSGAvN4T6cNdKh+rdOyTZB40PsUOLIc29gCedaJgV7HGGhEl9dmCwSHpNaRriQ== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=l/XXYKvsa7V/ySbrTiRvd6QMpQ3il+5mLsa616zGqX8=; b=kq7uP5PgyHCkiCsYh4bylR7x1ApL+q1X5zAoo5YjvAR/+wZzd9iXhxVqrA68ur8I63+u5busCqMlFOB1adT9k6pro4TNeZ1wRPa24Hnkc/wNkVM0TFyWbONWPc6oc+kKnPhdjR6/Sb3epPaNknX/E5M21tIpmQiPcA3E9S60o88= Received: from SN6PR05CA0007.namprd05.prod.outlook.com (2603:10b6:805:de::20) by DS0PR12MB8502.namprd12.prod.outlook.com (2603:10b6:8:15b::16) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6886.34; Mon, 16 Oct 2023 13:44:36 +0000 Received: from SN1PEPF000252A2.namprd05.prod.outlook.com (2603:10b6:805:de:cafe::a2) by SN6PR05CA0007.outlook.office365.com (2603:10b6:805:de::20) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6907.18 via Frontend Transport; Mon, 16 Oct 2023 13:44:36 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by SN1PEPF000252A2.mail.protection.outlook.com (10.167.242.9) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.6838.22 via Frontend Transport; Mon, 16 Oct 2023 13:44:35 +0000 Received: from localhost (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.27; Mon, 16 Oct 2023 08:44:33 -0500 From: Michael Roth To: CC: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , Subject: [PATCH v10 42/50] KVM: SEV: Avoid WBINVD for HVA-based MMU notifications for SNP Date: Mon, 16 Oct 2023 08:28:11 -0500 Message-ID: <20231016132819.1002933-43-michael.roth@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20231016132819.1002933-1-michael.roth@amd.com> References: <20231016132819.1002933-1-michael.roth@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: SN1PEPF000252A2:EE_|DS0PR12MB8502:EE_ X-MS-Office365-Filtering-Correlation-Id: b24c572f-aedb-4a22-1748-08dbce4e08f5 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: kQ0NY/9WTT71MmlBSjOZraYdQNW80eJHxejxVnqMtrxLROsVcFVZCbZibyPc88apBaMbnvIO8lyBcLs2F80GPlkSeq+88PXII+ukshErhy5dMNHzImiDsxiLvpSInDtZe1lEb1D7GGGhD6pn7OcyXr+ASVLL7O36FWrsclnmyHD10TUBc7Fw6ipFodkthUjEZd/pP+boeeN65cMpRM6/7ZEhxKZfHVhbbAuJx4H/PW5R246rd4N0VG0jxtXBHHcf5QLVP0n97Q+5IAQgcyrdzVXjppOU8zbp5lOw3lmp/+eRFcd1d249ksUFueH0QZmCdKvMgubeNQTDe225xSAHcv3y1pCnRB7f6bJW+0ZsSV7+Dfdqntwo2fD1OmkDP4AbebET1rMzsr+5mYLMvVwti0GtlToc7ixvrBjSA7M6YCb3Pm01XulsMSweJPeOQDCMFwhj2lLTk5uHEtFlNXJcdy+my6u4DkkYiLwbzOXBIZwhIsZ+vGBT/Tw2f66hLtBLRBdwfA381jPv8VGmk2BB8/Dw5Q2g2T5hWoHHJAjv+0G/Z3WZZTSzd0E2L/LkqLhgglm2Ohs5ii0LYqprZbksWQF6YsOd8/JASi7E5dAqJ5CMYJp3qeXcLyShkLcpza2t9kUKxFD03q+BITogJ0Qk3IqVokECQb/VTubIumv5chJdwlWan9BJ5+Y95Em212yHy4N35gJ9fODAv6bs8UtiLa1qxfLgf7nYuUk0d7T9R5qBzsUkOfjIg4IT1tbuoBrds3u0+Yn1qDhK9wjl54xmhQ== X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230031)(4636009)(39860400002)(396003)(346002)(376002)(136003)(230922051799003)(186009)(1800799009)(64100799003)(82310400011)(451199024)(46966006)(36840700001)(40470700004)(1076003)(81166007)(26005)(356005)(2616005)(82740400003)(16526019)(47076005)(316002)(70586007)(70206006)(54906003)(6916009)(478600001)(336012)(426003)(83380400001)(6666004)(36860700001)(8676002)(4326008)(8936002)(5660300002)(41300700001)(2906002)(7416002)(7406005)(40460700003)(44832011)(40480700001)(36756003)(86362001)(15650500001)(36900700001);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 16 Oct 2023 13:44:35.4545 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: b24c572f-aedb-4a22-1748-08dbce4e08f5 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: SN1PEPF000252A2.namprd05.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: DS0PR12MB8502 X-Rspamd-Queue-Id: 7A72118002C X-Rspam-User: X-Stat-Signature: 9x9bubiyw6si687x9eawfz8kabycazcf X-Rspamd-Server: rspam01 X-HE-Tag: 1697463878-505593 X-HE-Meta: U2FsdGVkX18EuQNbpk4BSWrHJIfQdSHZxnFXqqe2MuiKbKssy0+1Te01VGBJwzb/cw/RCQATDp/bIGWJbssh7diKzZUhEo+azfLqnAT/wWakWm+KzE+JODFnRWz2G1CpKN2xsq1FfkLUdo+i82iSqS5rivJtokQpT/dlWDRjE6XnIKJmpJc6wWK2LL5iJ6hvhjKGk3T2nP7yEvyII0zCMcYdUBsgaoz3pxp9RjzFrtcUnd/NOIsM67B0eQ3R1orwP0vwyQ6siGRF5ZgbMzGxu0bJRGeo2Wpc6aKlXxnhktXoj3SPCE8TriH0DgO5EEKFTemfNDU3yqoWJ6onZXHW378dPkotg8QynyDn/QvFaFrZWTDhmY9hkwSc5WGRBLMycr23IOjqccgYP+jXo1Fa6P1RdjgGMvhvkxtIrLz8a2X0BNASDQbtud5fOGSzvGZsxVCduyYovrs6nO3urb+LQ+EXyOgTI/nrDjhKXzaW49qLNmnKqSsvX0PLTIIMpSGBZF+EXpi69uL1Gg+CSEYiMvSHtVjKD538c1FiRa6SjPOKiXPYnBKmTkKMyJNfESmjRiyi17GQsaN2L+mopqSR29vNZGyxmbTnk2I2yxVWJVxdYP0tM25h+xMKzwRDcLFz3ths+KxO1phwx/wVBjZPM1AcHAfXmlSNi8CyF0AfbS6FGRDpqkl/TN5oWPf8d1XHm7VxkhL0nXcx786kxhRaaBFqLcyRbPgRxJ9hpsSqaopi54IC7rjkrx0dHShMoLg2on3FlL3mzOrHb9gMUQ1L4wvbJDFzD0ZQxvO0kllGf4W7at2+BwFjBFi/OxjeOPvNgTFt0I76t817qwiVFwtfhrWaovKpoIVBK9n/IVC+DlPqJx/PwyL5PKMtvk/iOAx5QheVC9YANj7AQ6bv/WniC9NuaR3CaMGyoV5MV6W2gB+Lx0oAjLBrXsT3H7Trhgs7MvSctK3rEuxiTmEgMoU 7rnHhmpz pJLqa8Je6X26xq3g5wWZaku7lfp5RhW8CgbEDvqjvkCiw1zPg6jpi7AGCwhnmS//ZluTuo5GLvPkJmridNiuz/ZvlqhO7GfyHbiC5nPVLQZ5GLjxFN8fc86cGPqHgAGzbSndNKLzn36M4BDUvZGdLzqBh54ToBAhGaTelZtpwImAVYj+1vm2wxoZoqvGSIuBFZcbHmoH67btsEB0P7lNmzH7Fd8ZiKPAwQIbLiHFxuFODpjVkB6HV2+zeol74e13ENJMXfLRLpsC9w8rbqMnziknQzKgXWO3TPInpSbWvBOYXp3AhZIiV3vR1otyOzqdZJA7IAwDGB4/PIGQ= X-Bogosity: Ham, tests=bogofilter, spamicity=0.000004, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: From: Ashish Kalra With SNP/guest_memfd, private/encrypted memory should not be mappable, and MMU notifications for HVA-mapped memory will only be relevant to unencrypted guest memory. Therefore, the rationale behind issuing a wbinvd_on_all_cpus() in sev_guest_memory_reclaimed() should not apply for SNP guests and can be ignored. Signed-off-by: Ashish Kalra [mdr: Add some clarifications in commit] Signed-off-by: Michael Roth --- arch/x86/kvm/svm/sev.c | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c index 6c6d5a320d72..f027def3a79e 100644 --- a/arch/x86/kvm/svm/sev.c +++ b/arch/x86/kvm/svm/sev.c @@ -2852,7 +2852,14 @@ static void sev_flush_encrypted_page(struct kvm_vcpu *vcpu, void *va) void sev_guest_memory_reclaimed(struct kvm *kvm) { - if (!sev_guest(kvm)) + /* + * With SNP+gmem, private/encrypted memory should be + * unreachable via the hva-based mmu notifiers. Additionally, + * for shared->private translations, H/W coherency will ensure + * first guest access to the page would clear out any existing + * dirty copies of that cacheline. + */ + if (!sev_guest(kvm) || sev_snp_guest(kvm)) return; wbinvd_on_all_cpus(); From patchwork Mon Oct 16 13:28:12 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Roth X-Patchwork-Id: 13423388 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id A1DB9C41513 for ; Mon, 16 Oct 2023 13:45:19 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 432A48D0095; Mon, 16 Oct 2023 09:45:19 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 3BB7C8D0001; Mon, 16 Oct 2023 09:45:19 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 20E378D0095; Mon, 16 Oct 2023 09:45:19 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0016.hostedemail.com [216.40.44.16]) by kanga.kvack.org (Postfix) with ESMTP id 0AEFA8D0001 for ; Mon, 16 Oct 2023 09:45:19 -0400 (EDT) Received: from smtpin23.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay05.hostedemail.com (Postfix) with ESMTP id D287540914 for ; Mon, 16 Oct 2023 13:45:18 +0000 (UTC) X-FDA: 81351446316.23.0F1DB94 Received: from NAM10-MW2-obe.outbound.protection.outlook.com (mail-mw2nam10on2067.outbound.protection.outlook.com [40.107.94.67]) by imf03.hostedemail.com (Postfix) with ESMTP id C97742001A for ; Mon, 16 Oct 2023 13:45:15 +0000 (UTC) Authentication-Results: imf03.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b=fVx0knoe; dmarc=pass (policy=quarantine) header.from=amd.com; spf=pass (imf03.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.94.67 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com; arc=pass ("microsoft.com:s=arcselector9901:i=1") ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1697463916; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=Wn6oZhIubfwD460mmy6EzHlgZAJwJei5Qlwu7zMEaUc=; b=BN1Y7veCy1FHZsmwEzKU4XRcF3XF58jzgfDVpZTq0wDDtdKnCKvfcMPjejW9mwjpBd+gKj ZcsLDI8gFFva4Bcs6VR6snD5YUTm98gUUA8FomrYj3WISSmYMyMzmMFNNafGGJ8d8N8B5q 8MuF4oKlJMiOk3BhCZIveR2okqt2bog= ARC-Authentication-Results: i=2; imf03.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b=fVx0knoe; dmarc=pass (policy=quarantine) header.from=amd.com; spf=pass (imf03.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.94.67 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com; arc=pass ("microsoft.com:s=arcselector9901:i=1") ARC-Seal: i=2; s=arc-20220608; d=hostedemail.com; t=1697463916; a=rsa-sha256; cv=pass; b=IT+2a7OHwtYf7z+aDfLN5ZdqJJ4lt7H/vBNUqOYbU/pW3qAYnst2/t5Xypnq3gZDdbDENd 5fopM4JFKuGspT9j3RLi8XFhjQ4mHYiU0MuTlbsECL6/pmYdYMFx0r2Zb6F9lY6a/2bhjL 0JpM5z1mG/w6zvwpaB0Xq1MSt+pgy0k= ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=NW7a/Rn0j5mtiZeNq7rfqLh+HOdFZpjz1soCAgSi3/2RstS60P0MmoI7hXtnxykT0jn6pq2JTGrMzWmiXXccMwtHNlsF6bVJZaJrPeq6acIr46+3ayBATvF/E7taluDrxGPhECInYZdT6PSKS1/U+rr8275h5+C4HF+0gvPmQAMj0FOGIWp3tUXS1rj/XOzFf6OnwnBDwfNqrdG83OX7r7i2g/vsSu+aZNyx/FaYmD+k6+UvXcq0SZQjgzGPD66mvn7zOZhj12RAeIwCDdn1b/u6vJopIDuXJ8VsBqNgowX4f8+4GNdjCarwRHEL4uruxBfBWFdXHiJxOUVJdFSGTQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=Wn6oZhIubfwD460mmy6EzHlgZAJwJei5Qlwu7zMEaUc=; b=EdHWATlDjPfwGIjf7ediyIn/C63QfWibF0Wo14DR3+vnUz44uxeOVGlFbQwxglUYpEZ5Rc8lbmHJoBYBhagmY3qUiLtvfCp/+2I9aRmCmsIVTT0eVF/2TKS/Yd1okkjdL4ln0CwRQ+z0V6XOo900r0foVjGwST2GXfVwaqLz3WMsXafMx3iLtBsJ0mNy6JtwjjjL99tD6daZb1EN1JBhJn4x9sBkP/Cx7972/ajJotnMKcoRJROTvndo1QhVHAAjzH5s8b2AOZBIIV6/zCss4pI1cgGRiU7fy2zAu4pp0luJYh4GwJBmGkf0fzO/VlAYtJP9vsbwh3R/DOqCCJf9aQ== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=Wn6oZhIubfwD460mmy6EzHlgZAJwJei5Qlwu7zMEaUc=; b=fVx0knoeiJA6wADXijerP92Iew9vjUVgKfB27qofb7288O9KvjyTaA6NXblPe2CCwzAqQd86gBatXaBQ4sfOAn2BeObNXjGwiscmKk/A3FrPGzgYWDdDVWHM1yMaOH6OANRGk/j3TuSKK3MDNgVunwzUrfmsiuQA/a4BYVhx0G0= Received: from PH8PR15CA0003.namprd15.prod.outlook.com (2603:10b6:510:2d2::25) by PH0PR12MB5632.namprd12.prod.outlook.com (2603:10b6:510:14c::17) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6886.35; Mon, 16 Oct 2023 13:45:13 +0000 Received: from SN1PEPF0002529F.namprd05.prod.outlook.com (2603:10b6:510:2d2:cafe::d1) by PH8PR15CA0003.outlook.office365.com (2603:10b6:510:2d2::25) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6886.36 via Frontend Transport; Mon, 16 Oct 2023 13:45:12 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by SN1PEPF0002529F.mail.protection.outlook.com (10.167.242.6) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.6838.22 via Frontend Transport; Mon, 16 Oct 2023 13:45:12 +0000 Received: from localhost (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.27; Mon, 16 Oct 2023 08:45:07 -0500 From: Michael Roth To: CC: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , Brijesh Singh Subject: [PATCH v10 43/50] KVM: SVM: Add module parameter to enable the SEV-SNP Date: Mon, 16 Oct 2023 08:28:12 -0500 Message-ID: <20231016132819.1002933-44-michael.roth@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20231016132819.1002933-1-michael.roth@amd.com> References: <20231016132819.1002933-1-michael.roth@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: SN1PEPF0002529F:EE_|PH0PR12MB5632:EE_ X-MS-Office365-Filtering-Correlation-Id: 00a42e22-6fd2-430c-3be3-08dbce4e1f34 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: taYt3IUZQZ2aT1MT6570IjErHCJno++QfAnwehwAl1TAFpqm81DrKix1oLcczhbinAZfDAK5Qm4rRt8+sgVKPv0HLE//3sl840crs5YJHKJdbCHRB6FBGWA8MZKbdFh7Y0G51p+uUoGBKqISbBLnT1JYMXYsB2g5A+Ps+32RgSOZZ3KetTV6yG9nUSFKc8EigdbXd2M0VRSCx/2Ssn87hK5ShDk6AAHza9PuyJe5lChQDw093OMUSGiUBeQrt4+zYFVASSWgxIn5EontMwn7MgThRjgMm3R0Gbqn0VisMsxiJf2Jn5D+T+3hG/Ukp0QnzOp7Tt3Z2F4vSkz5Qq3ayu7xNIw/t4erW0BEAeOvstt//Erk9+mrj6xbxv94yFjcNdW5sPlekIF6zCqkJqslVv+bUHCrcQeqjBcZN4Yyca7xcvSxIHJlAJTbWUv6I8eX5/dwwZXOz7SFpZXN5RG2RMbaqSJdLIkQ+cbav5Rx1DqLfaER6WV2T4UQBUHvPyBFSOt9nyc68ze+cfIIZDfEv7/7/zspeyxVyeDMIzuQQ4OwUJObOA8PuYAG9Al/qsw+yYVQcaw5RbuuoPKFxXuO49OUSMHPqr61FtxF2t0Wjn9+fz2aIlbS3zih1/SaDy1gObYLbZlaF+lk5f0lm+Q2vqxz1ceSuRGNAt075Db4pdszjsrj5ZhZoNkhIdErxQnsVhgfO5jN0GBWr14fEJxp6zj6XeYd2YYQVqID220k6Tj/+/UUDu/e1qPcLU3Cp1pn6XD/cjR6oP4PwP8LbmMQvw== X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230031)(4636009)(39860400002)(346002)(376002)(396003)(136003)(230922051799003)(186009)(82310400011)(1800799009)(451199024)(64100799003)(40470700004)(36840700001)(46966006)(41300700001)(70206006)(478600001)(70586007)(54906003)(6666004)(6916009)(1076003)(26005)(16526019)(336012)(426003)(316002)(2616005)(7406005)(8936002)(7416002)(4326008)(8676002)(4744005)(2906002)(5660300002)(36756003)(44832011)(81166007)(86362001)(47076005)(36860700001)(83380400001)(82740400003)(356005)(40460700003)(40480700001)(36900700001);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 16 Oct 2023 13:45:12.8563 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 00a42e22-6fd2-430c-3be3-08dbce4e1f34 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: SN1PEPF0002529F.namprd05.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: PH0PR12MB5632 X-Rspamd-Queue-Id: C97742001A X-Rspam-User: X-Rspamd-Server: rspam02 X-Stat-Signature: a75ffrbxghbftfbew3qyaw7fm54q5iyn X-HE-Tag: 1697463915-838827 X-HE-Meta: U2FsdGVkX1+4YDKOj2CYZKX12H6lIjYIGLaikMpS0Uv4cqHAJ1iw8ysnMU1vxOSSzBNHFcxCnbmzRujXEq+/7aW3/O8dyHjye2fcbNuSd/bBMgiCR4Dcx8SMpFJnkJhw0BSLSZUDAGdPoMUJZUn+2yEAthGiL4sY4o9HtMwPQSH9/f9Eoz/y9sfW4MGJLmDF9FxiyFOy1GAg6NC9RQWlOEgo81b9aOK7yvZpHJTkUoGNsuY7TqOGvh9EkEW46B1GsZd6f9SJerXb4rgLkVk6I8I1yfOuFj+5FH85RNX+3XTne4IktwFstIV0dNdC786Q0ZbtThKq8BrU6tKGcby4b5QiBC+zHd5nudxYqe/utD/vxa6XZzzSIFXnTvLBJ9+jFj7boWr63Fa/m7E9wRAfQXB+TZnJQriG2tXCmGBHN8Qh2vx5KlIqfL02x2+81ZBs3zljNuKU1YGORRMcMpZvU//Nme+qaObhwedUhRBREF5gQitDNtWTzcujqxNPa/WIUETSzvamGNwKztIS3h+QWXfGdNW6WuvdJw+ge7DyBb1fgkhs3VIdiUCVC1PLB14utgbcd5+M3qUsIqYE+06pmIB7A67nliqxbjpwtM4G2PZcSFYOtToVaDK8BJmcgfJh7PZqsiKZqnChyIKZfJ5eET7tudSCsDuS05274CKSKI55YqvqgCUoMMyJMSwIfC7MekF0nUjDqyOHrPUx7XUBGDmGcrXmb2amkquSyGcSqI+kxuBY1FLlrGJQ/JrcrddzYpJpKVWGDjBFUPhiQYgpG2R5e9V0f0X0Vo7tiGKYLHgJQ4sSsR3HaPeloB6u2yqk2Jfq6r6p3etCy0dIZDbhSaNs7sNwsC8BfaArG7vP7HIwWtr+3TePm8dwHqJYJJw6sSSZ+CYXl56ruXQPdQC5sRjlsjq5kYCtvr0S80Myy5uzIQZcmu5m777Tq61RT9CUl+MGS9OLLsAP47ddgP5 JgTLJx/c LSOy/NL1IEz1BYzmsJ0bJcVL45h+sBVZPxO2GYAozshOia/eL1FVNCgs4k8MyDPYECnLQpWyly7nF90MDRlknt5lSSWqVHlyhdxeyHKjSZwxLanKbrSMQcSBqe4z0ov3pkmJIho3L3EmXXLtEYXyuQSSFd/LKPLLnt5YhJa3kobUeZFblPzfpdjGBiwNo4NGNWi8/dAdscs/nytfDb6a2VSURHXKbPUKqScT2z1acyB92IJ8EE1oF2q4rgAMzsZCMoma2tXO/kYQ6l1tzVyUnMnbofat1kEaK1lhFJbjW8DeGYiIaLRvl+pJ4tTcmhkC/pBTxafbia5GUFrk= X-Bogosity: Ham, tests=bogofilter, spamicity=0.000001, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: From: Brijesh Singh Add a module parameter than can be used to enable or disable the SEV-SNP feature. Now that KVM contains the support for the SNP set the GHCB hypervisor feature flag to indicate that SNP is supported. Signed-off-by: Brijesh Singh Signed-off-by: Ashish Kalra --- arch/x86/kvm/svm/sev.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c index f027def3a79e..efe879524b6c 100644 --- a/arch/x86/kvm/svm/sev.c +++ b/arch/x86/kvm/svm/sev.c @@ -62,7 +62,8 @@ static bool sev_es_debug_swap_enabled = true; module_param_named(debug_swap, sev_es_debug_swap_enabled, bool, 0444); /* enable/disable SEV-SNP support */ -static bool sev_snp_enabled; +static bool sev_snp_enabled = true; +module_param_named(sev_snp, sev_snp_enabled, bool, 0444); #else #define sev_enabled false #define sev_es_enabled false From patchwork Mon Oct 16 13:28:13 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Roth X-Patchwork-Id: 13423389 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 3B0D8CDB474 for ; Mon, 16 Oct 2023 13:45:38 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id B85AC8D0096; Mon, 16 Oct 2023 09:45:37 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id B0F2A8D0001; Mon, 16 Oct 2023 09:45:37 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 988668D0096; Mon, 16 Oct 2023 09:45:37 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0010.hostedemail.com [216.40.44.10]) by kanga.kvack.org (Postfix) with ESMTP id 821608D0001 for ; Mon, 16 Oct 2023 09:45:37 -0400 (EDT) Received: from smtpin19.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay10.hostedemail.com (Postfix) with ESMTP id 4D3B6C0958 for ; Mon, 16 Oct 2023 13:45:37 +0000 (UTC) X-FDA: 81351447114.19.4DA91F2 Received: from NAM12-DM6-obe.outbound.protection.outlook.com (mail-dm6nam12on2078.outbound.protection.outlook.com [40.107.243.78]) by imf06.hostedemail.com (Postfix) with ESMTP id 5010B180017 for ; Mon, 16 Oct 2023 13:45:33 +0000 (UTC) Authentication-Results: imf06.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b=HK6U59+b; arc=pass ("microsoft.com:s=arcselector9901:i=1"); spf=pass (imf06.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.243.78 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com; dmarc=pass (policy=quarantine) header.from=amd.com ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1697463934; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=bhbXIE0ano0OyIuW3N/el7ObSSoUCNHdYim0IDKn0KU=; b=nK6rCzl5RdNQSUf7iEZmv3lQbV6T7qn6fLsih3BSfqQRQVaU2kn2b1CQqPcdrAXyC0dHk6 48bFurh1UgWuqGPkMyrYS/ofzlCcfquYzSxLd9+g2Xe+2XSFIE7Rc111JCMhtj/QEIolgP HZsz7pq5fFBelqUzXBMTnbtfvZFOWYk= ARC-Seal: i=2; s=arc-20220608; d=hostedemail.com; t=1697463934; a=rsa-sha256; cv=pass; b=31kLUrDiAqsH4LNSP1hueIjS+Vcs3RTVb0nrIsLEWCWWBoXeLT0KjMZoFdD+fQVXoU98hN ISlX9ONiu7U0iPQ26zKblpjCBD93ernrcsIa+lWRx+6GyA7mPC6I+auaRXcBBIvSgRWaNk wNoy+7ZKg1Eo9Hm0KQrtAN5GW+4kvvE= ARC-Authentication-Results: i=2; imf06.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b=HK6U59+b; arc=pass ("microsoft.com:s=arcselector9901:i=1"); spf=pass (imf06.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.243.78 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com; dmarc=pass (policy=quarantine) header.from=amd.com ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=VBL4QsRUpewUI8Ved8gkgHnR1mI29W66fGcdsoexzlt7akLlWWLilwmBYJ4KL26IyI4qvhkEsyxvdpO808Zbs+RZHBwJ94bhx6Ke2pgRc8vp5ezgI7owPcJRFZPenuQdlA/P0lpIzrXCPWQ8Lnk9uNaotLlKuSe8f8tLMUVO7gvEHwtTLEtCaR9WAI6xa+mvnfrAX3prOoNlBpgcY9PcVI1TCygEDeNOHXLU/UubVDvl/Kw7txm67pUIdqlnvCePooEtDyEnvbXAh4i7x3cWs4G8NvsLFghXc2vsbX3/pU7UuckYqtlrvWWZ/EwDKChothOeYZSnE78XempPrkjQ+A== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=bhbXIE0ano0OyIuW3N/el7ObSSoUCNHdYim0IDKn0KU=; b=nxaAyoOJXeqVLZIFK9NVPc6wtfcJvQ7O9S9TewewMdZhxxk3cgvG8zzfuc6osPNhvDbhSgvoUzl9IV2YFC8VEFfvzzBldkjlg/IrzLC3blsUkIi0q6um6v0pFIfgh/YOk7WUf0ujdIbJPVc793VtMGHC1lGRI8q60NNUM7/SXfxa8JMDFGO/4ioXvZTvkoVrvERpdztx8L/c9PGsBEP3RVW8CCc9gyG+0C1kaQnf5yH04u0gt15p8k0SrbiYE23JF8rOrFag/nZpkubJKw1LgZyQRMSeA8nXgKSVcEgi1MW3Xa0nai1Do6hDy8fW/kpabdkCkRhqR5ZRMeg4d/n84w== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=bhbXIE0ano0OyIuW3N/el7ObSSoUCNHdYim0IDKn0KU=; b=HK6U59+bpuNswD+hkEq2zMDxj5kCELel8KLLslnRqFSJUovTWJfVC/W943CTY0L2v3OVe+DovZgVS4k6I+0PYrHAn6K25GBD+DbUaNPzhuTN6DQgS2yWiZjKYl0oVPoL9r6OEeuIAqcg1/daVWvVgRJHwPnAAcwrUKpzpECQpVY= Received: from SA9PR13CA0152.namprd13.prod.outlook.com (2603:10b6:806:28::7) by LV8PR12MB9406.namprd12.prod.outlook.com (2603:10b6:408:20b::20) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6886.35; Mon, 16 Oct 2023 13:45:29 +0000 Received: from SN1PEPF000252A4.namprd05.prod.outlook.com (2603:10b6:806:28:cafe::e2) by SA9PR13CA0152.outlook.office365.com (2603:10b6:806:28::7) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6907.17 via Frontend Transport; Mon, 16 Oct 2023 13:45:29 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by SN1PEPF000252A4.mail.protection.outlook.com (10.167.242.11) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.6838.22 via Frontend Transport; Mon, 16 Oct 2023 13:45:29 +0000 Received: from localhost (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.27; Mon, 16 Oct 2023 08:45:28 -0500 From: Michael Roth To: CC: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , Subject: [PATCH v10 44/50] iommu/amd: Add IOMMU_SNP_SHUTDOWN support Date: Mon, 16 Oct 2023 08:28:13 -0500 Message-ID: <20231016132819.1002933-45-michael.roth@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20231016132819.1002933-1-michael.roth@amd.com> References: <20231016132819.1002933-1-michael.roth@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: SN1PEPF000252A4:EE_|LV8PR12MB9406:EE_ X-MS-Office365-Filtering-Correlation-Id: ac3b2969-72b5-431a-0dab-08dbce4e2904 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: 3pNmMIIast1rFX9qob05w5+eDRSvz84DtdPA/+i5sJOKVozzqU1LFeCGW9BsYK+09kDJSNx36fqeF6kAPkmQwmarAjerq2cV/Nh1sQg5mGWNtrIbvTZrKUlqvE2qzoPnn5UgaPYsDrGRDLCcGIzCH+/S63Kxf0SHRcVb9OSY7ke65P0O3iSbLyp5d5DGxm7fbc3UCQi2vQ/7VGN4rC+qaaO0qaYEQlyw//uR7WPG6AlE0v0Y5b88LwNxmIJiUvGXMLZRGSWufRfG80vQBJ7zQWnh5Tp4gXdoif0nysorJLzjYRkiwcNh56TZMexIKlZehtpaTYBV4lufzhlTT6RskJe+CxNaohjJUJhMuxii2M9OFsqjPWBK2tPfQsSqE4gU4ZYx2xdWVhWXc+SFsUxpVUqZAbKyB7xec/WD6X32dVsJQBlYz+ylxJ+O8e2TFYWJo9HwwjFTK5WXRIKAE//qkhy2PGBEHQgmELH/klVGKmIdvZjOh1zi0OKUPQE0/zG3IMQ9VBVr7sGiKi274yj/a+lc/MqV6HblxZpDyGxK2fhCcoVbgyC9er2k+peaKUJFx5J2L3LmM/l/QxCcwPG9GtkSVs2d6ULQd7+q9E+jxNUJ8hvfuRtNUbdYjUuGMPKGS0cn9gIH4b2/v6ar9rtglcoLNZiVJ/wgQbJxOkALWVrsumwJ0hN3AqNb7Qt+tojxnCKCumOmhUf9Lb7GIoEkWu80nXHq3on8tCOX7PmpGDZvl+/JDXIAOyr6uypauTkvHLScdInReWseErUYyCTH/w== X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230031)(4636009)(136003)(346002)(376002)(39860400002)(396003)(230922051799003)(82310400011)(1800799009)(186009)(64100799003)(451199024)(46966006)(36840700001)(40470700004)(40460700003)(6916009)(70586007)(316002)(70206006)(54906003)(16526019)(1076003)(26005)(336012)(36756003)(426003)(83380400001)(2616005)(356005)(81166007)(47076005)(82740400003)(86362001)(36860700001)(40480700001)(478600001)(6666004)(41300700001)(5660300002)(44832011)(7416002)(7406005)(2906002)(8676002)(4326008)(8936002)(36900700001);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 16 Oct 2023 13:45:29.3334 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: ac3b2969-72b5-431a-0dab-08dbce4e2904 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: SN1PEPF000252A4.namprd05.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: LV8PR12MB9406 X-Stat-Signature: y8o5wuym8epwy5p8zabs9pss7hd97gkj X-Rspamd-Server: rspam10 X-Rspamd-Queue-Id: 5010B180017 X-Rspam-User: X-HE-Tag: 1697463933-94899 X-HE-Meta: U2FsdGVkX19eLOnRebpPyvREqGJeLkmpTNus3zZrMjYop2MpRRQ92Jpgt+PfqUcwynjcYHoiXxPfzUMJhDEuuoKZlT3k5yltFXeaHXdzqvbi1G2MhsyB84NNYBA+XGeZbMCvLwuNwRCqKNOJbGX87esHfLqcIUH++hXomPrPtt48LR6Uw0Z/yi6whlj+qjIh3GEqkv8H2VAA8NlLci+QigzM89Vz8gXvDf6lLBdmX2Fl6g3+kINsVT8tljHL3EQwefo1GTLUImNCGwH5wMs/5NknxypEuJJGFlUKfAerJVJIBQR3/weGOTEaxBlFk5Ajcvax4hhMk5INyrARmLPu0KOV3PL7lIdFLxDQGqj7VX6Y9z09Vwr6ZTBHo7m/La0mdZ0R8igYWBr7aVaFKwa61tWCmZCrHisW+FyOxQxi0Fqurq4CA9IYb0Pi8/qDyfqft04IKGVodujZ6f6ld6FXr1OyFT/Hqdz73oaHRLvVsDKZwDXnBbpXNacH0RUQc8hES36ab5Wc+ZHgvkKY1m+DCNRY+KVFL/5fhQjk3EAKAr1r2dUMJmXFLIOgJtpXFAsOWnhsGg3aLGKUwKivpl9trvZ7PCTIN+ixBxVf51RirkPLCDuKfak2yKvSFfj+EjBeilmU8ZNYz93Jh3Xk/JpJxFQV52aeqavvdTPGXWx+7or8dCZPhVT4LGd+vWx2teoDFCpKhemB7hmJmnx34DlvTyvV058mZLHkSNFhlevrHXN7w9cx3OzE4EcftCdB4cRKVZcmzYxZQMtrDCxQht3dJUr62cCsvliGb8Iv2LQcplMZybDM9i48Stnz1V0PLs3sU3OLsfSbEr5TbOCUoG3gQw1oN3ZiQyXCK2YHJ5llHk3Zt42AnmXa05+ChdqFSCbMKg0sYTA5z6uWqdG9HzGa1L2hRgb5weDkf9+OGLY8vP55YY6jY3Gu/jSfuIm4kD32KxEG7eQgjFWFeg6In5O s8QwgLaO 6EIqXq4lSNTAkBBsXg+wqxcFN0km72XpdJcQTbxGEt+CseqO7uf/RJh3PZILHQyAforG0DWPjCqtsCABlJ7AGOOmamLHkMl8Cv+wVK0Z4d58Bhvf1/ZeN726kV4p7OyLBesMV6my4mBuRc2yFQKR1yJ8Gpt5i+lhucFdDO2Y5edpYiDqEVVi8hjWtoWxPi5lMt5YkVXnC/olcBja212L+n65zlWOB1gbYJiL79j7Fw0ZS61fe/qV90ePpMNg2f3HuyGZ+z8RPUvzqzOvMQyMwqrrkhpWbobADW/VPcYwr0TVICB9bfqH3oYT5mpyuc/D4GW7EoFlhnOKrJUjQyuFXy+7Uw62LO+J/Qf4p/HVh46j/vhcgzpvjkoj6NCy9DYKhsPXs X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: From: Ashish Kalra Add a new IOMMU API interface amd_iommu_snp_disable() to transition IOMMU pages to Hypervisor state from Reclaim state after SNP_SHUTDOWN_EX command. Invoke this API from the CCP driver after SNP_SHUTDOWN_EX command. Signed-off-by: Ashish Kalra Signed-off-by: Michael Roth --- drivers/crypto/ccp/sev-dev.c | 20 +++++++++++++ drivers/iommu/amd/init.c | 55 ++++++++++++++++++++++++++++++++++++ include/linux/amd-iommu.h | 3 ++ 3 files changed, 78 insertions(+) diff --git a/drivers/crypto/ccp/sev-dev.c b/drivers/crypto/ccp/sev-dev.c index 679b8d6fc09a..0626c0feff9b 100644 --- a/drivers/crypto/ccp/sev-dev.c +++ b/drivers/crypto/ccp/sev-dev.c @@ -26,6 +26,7 @@ #include #include #include +#include #include #include @@ -1513,6 +1514,25 @@ static int __sev_snp_shutdown_locked(int *error) return ret; } + /* + * SNP_SHUTDOWN_EX with IOMMU_SNP_SHUTDOWN set to 1 disables SNP + * enforcement by the IOMMU and also transitions all pages + * associated with the IOMMU to the Reclaim state. + * Firmware was transitioning the IOMMU pages to Hypervisor state + * before version 1.53. But, accounting for the number of assigned + * 4kB pages in a 2M page was done incorrectly by not transitioning + * to the Reclaim state. This resulted in RMP #PF when later accessing + * the 2M page containing those pages during kexec boot. Hence, the + * firmware now transitions these pages to Reclaim state and hypervisor + * needs to transition these pages to shared state. SNP Firmware + * version 1.53 and above are needed for kexec boot. + */ + ret = amd_iommu_snp_disable(); + if (ret) { + dev_err(sev->dev, "SNP IOMMU shutdown failed\n"); + return ret; + } + sev->snp_initialized = false; dev_dbg(sev->dev, "SEV-SNP firmware shutdown\n"); diff --git a/drivers/iommu/amd/init.c b/drivers/iommu/amd/init.c index 1c9924de607a..6af208a4f66b 100644 --- a/drivers/iommu/amd/init.c +++ b/drivers/iommu/amd/init.c @@ -30,6 +30,7 @@ #include #include #include +#include #include @@ -3838,4 +3839,58 @@ int amd_iommu_snp_enable(void) return 0; } + +static int iommu_page_make_shared(void *page) +{ + unsigned long paddr, pfn; + + paddr = iommu_virt_to_phys(page); + /* Cbit maybe set in the paddr */ + pfn = __sme_clr(paddr) >> PAGE_SHIFT; + return rmp_make_shared(pfn, PG_LEVEL_4K); +} + +static int iommu_make_shared(void *va, size_t size) +{ + void *page; + int ret; + + if (!va) + return 0; + + for (page = va; page < (va + size); page += PAGE_SIZE) { + ret = iommu_page_make_shared(page); + if (ret) + return ret; + } + + return 0; +} + +int amd_iommu_snp_disable(void) +{ + struct amd_iommu *iommu; + int ret; + + if (!amd_iommu_snp_en) + return 0; + + for_each_iommu(iommu) { + ret = iommu_make_shared(iommu->evt_buf, EVT_BUFFER_SIZE); + if (ret) + return ret; + + ret = iommu_make_shared(iommu->ppr_log, PPR_LOG_SIZE); + if (ret) + return ret; + + ret = iommu_make_shared((void *)iommu->cmd_sem, PAGE_SIZE); + if (ret) + return ret; + } + + amd_iommu_snp_en = false; + return 0; +} +EXPORT_SYMBOL_GPL(amd_iommu_snp_disable); #endif diff --git a/include/linux/amd-iommu.h b/include/linux/amd-iommu.h index 55fc03cb3968..b04f2d3201b1 100644 --- a/include/linux/amd-iommu.h +++ b/include/linux/amd-iommu.h @@ -207,6 +207,9 @@ struct amd_iommu *get_amd_iommu(unsigned int idx); #ifdef CONFIG_KVM_AMD_SEV int amd_iommu_snp_enable(void); +int amd_iommu_snp_disable(void); +#else +static inline int amd_iommu_snp_disable(void) { return 0; } #endif #endif /* _ASM_X86_AMD_IOMMU_H */ From patchwork Mon Oct 16 13:28:14 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Roth X-Patchwork-Id: 13423390 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 399D1CDB482 for ; Mon, 16 Oct 2023 13:46:03 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id D0C2D8D0097; Mon, 16 Oct 2023 09:46:02 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id C95C08D0001; Mon, 16 Oct 2023 09:46:02 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id B36388D0097; Mon, 16 Oct 2023 09:46:02 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0012.hostedemail.com [216.40.44.12]) by kanga.kvack.org (Postfix) with ESMTP id 9ED698D0001 for ; Mon, 16 Oct 2023 09:46:02 -0400 (EDT) Received: from smtpin10.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay04.hostedemail.com (Postfix) with ESMTP id 70B271A076D for ; Mon, 16 Oct 2023 13:46:02 +0000 (UTC) X-FDA: 81351448164.10.6061B06 Received: from NAM10-BN7-obe.outbound.protection.outlook.com (mail-bn7nam10on2058.outbound.protection.outlook.com [40.107.92.58]) by imf11.hostedemail.com (Postfix) with ESMTP id 7F8AF4001F for ; Mon, 16 Oct 2023 13:45:59 +0000 (UTC) Authentication-Results: imf11.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b=RXs5sY06; dmarc=pass (policy=quarantine) header.from=amd.com; arc=pass ("microsoft.com:s=arcselector9901:i=1"); spf=pass (imf11.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.92.58 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1697463959; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=retcVBgoec4s2lvshZW6r7nIrpxt4YSPaZoLpkyaMjA=; b=uOgycbojeKt04/xjoF2yR+2EEM5+KP/UiE8G/a4mxFzIpiV3670I/UqxDDLvz4Kl/ONzj0 MlKHoLZf7N6WUNGP7+hJDuMldWj71ap5tPe/QKvexBvP6pf+cJeO3I7oGnWp1MUFJ69Qdl KeMGmn55EAC1m1rHJpb7Lcs/BCaM0s0= ARC-Authentication-Results: i=2; imf11.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b=RXs5sY06; dmarc=pass (policy=quarantine) header.from=amd.com; arc=pass ("microsoft.com:s=arcselector9901:i=1"); spf=pass (imf11.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.92.58 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com ARC-Seal: i=2; s=arc-20220608; d=hostedemail.com; t=1697463959; a=rsa-sha256; cv=pass; b=momZpWnOgWaAH2wMjTov/iImRnsOP2gZVsx9hGS26O370IVLvX2/f+GjCKWe0utZUn+XYS 0v/jUb2dDIoITVqknVJKT+KrDEUrLYEZb5/qC4zx9+h1hRG4e0r7FUAhUAyQ25upzM+gyQ 0G74yyPpvCAPt3mRd9CT3qrY+mAR/Ns= ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=bb+mXakwkt3Vpfojnzc2AoW8ppWKxGA5I85WNtP2Vh95gbGYbx7570465CrF3M9Rt/buoBQd+S1EUbWKpmdDola2cibgzjeA5lMQGEJILxMfeeJ70DiMD67ci7AXm/m5B6HHkTheZ+gtJLVOpSTYoxnOXIjXtEolH4Kq5//8nLUGszTFx/52zl3t/Mb4gWo7WDgERyDT3NHaOL5WbLyAcIKhUIPHGNRT+kneDQh2qRDelD9m8SoDZoRcE9+OqnKsVXHaIKDe8GxBFaKTdecn3jYju/LSOlF4Xne05H3pyoO4UePwmAqMkGisnbuODX/EmKyMViLkSYZvebAi7Ona5g== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=retcVBgoec4s2lvshZW6r7nIrpxt4YSPaZoLpkyaMjA=; b=RktMGwfoT5H/Tcz4+tMTAd/BR9sKcBIHl0wFEjv6uZGDtbFs9ZWoSKUhbxLNcnXZDKIXMqgrSA7YGEHJGBA7kpMlfOiS4+hdWWNqMAfzTWFcD1Fx+1loe85wcgzKDPgmJn3A1Srop9FjeUf2JorK/mVOzXOTEzcpZ3UeARnFktmVyPjks2Btc6z6bxQdIzCoKVhB4tBxF7OcUGDiPUuJLP8uFSwKdgo+q3ESif0Z30OR6cywN+4zJ5fryEC+2Y+8rhBWGsgLcv6H0cBLMTDp6JuIsm8bOyw/9ssExz2sbKLY1wZLmUzTaTKY5igpB3FKYYRKF+H6mK+GQCeoYZGLzw== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=retcVBgoec4s2lvshZW6r7nIrpxt4YSPaZoLpkyaMjA=; b=RXs5sY063xNzWQc1OZKF5OLoELPuf305AlpdUYjqobfkicB44nCkAriuaZWCnFSy6IIOQ8L7oE3Peer/i69c9AfAVvMTUBhLzdY9jbyOIWIb60Zjon416m/RqSWGo71j0GADnqMVswA0cww03xdSxnTDa4J+HWmWTcRVkbdRTtk= Received: from SA9PR13CA0137.namprd13.prod.outlook.com (2603:10b6:806:27::22) by SJ0PR12MB5612.namprd12.prod.outlook.com (2603:10b6:a03:427::12) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6886.34; Mon, 16 Oct 2023 13:45:56 +0000 Received: from SN1PEPF0002529E.namprd05.prod.outlook.com (2603:10b6:806:27:cafe::fe) by SA9PR13CA0137.outlook.office365.com (2603:10b6:806:27::22) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6907.17 via Frontend Transport; Mon, 16 Oct 2023 13:45:56 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by SN1PEPF0002529E.mail.protection.outlook.com (10.167.242.5) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.6838.22 via Frontend Transport; Mon, 16 Oct 2023 13:45:56 +0000 Received: from localhost (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.27; Mon, 16 Oct 2023 08:45:54 -0500 From: Michael Roth To: CC: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , Subject: [PATCH v10 45/50] iommu/amd: Report all cases inhibiting SNP enablement Date: Mon, 16 Oct 2023 08:28:14 -0500 Message-ID: <20231016132819.1002933-46-michael.roth@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20231016132819.1002933-1-michael.roth@amd.com> References: <20231016132819.1002933-1-michael.roth@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: SN1PEPF0002529E:EE_|SJ0PR12MB5612:EE_ X-MS-Office365-Filtering-Correlation-Id: 227392e5-21e8-4ff1-6233-08dbce4e3944 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: n/DihYQHPNn+8j+xgwjOh2OvUidIBuPytkdZBX9jUoT3fZPvFe9KRU6Hyr2NYGtdqe/v+Zf/zU4OQTxZDRtcZJkL/4J7rU6FAzoPvL0ZfcErSEywRF+nzNo9vA1lb8jy2xNEm0AOO1fI4RadQ3pXlJu6VOKzOPuVaukYvgzkzVUu5B1ounIKBKuB6egNCuUGws9jH3QnCrzl3jGOK0jl8dOwkn/ffo1sZxHe1AZSSiIBj0xPVg0qLwVvlZsBtFmx9N5fA71/7Z0F6e7iubQRvVys5ihM3oGCj/8fD4Pz7l6EiW8VhFe+4VU16Kz9ZXcY1rK2r+FZqsp1W21pW6S7oaWUh5DGYbeYlZSUW70NtHCBeNb7otFsv9NdVNTYj0oTdqX3EHjLw6MM/b9ItY69B9wHj+jo6cqtWlT4+Z+v5/vhPkVa+pNlQyqUCKcS/eBNYDYiqlVYPoDNLZnUjo+HodjfFAvETAvfgMBA0HNwdJ5UuGPdaKtup3CQUmVYLQyaDecuxsLnjSoSqrgKgyAiyWth/3xa+JuISy9Z8HvtyIrYGwPZlutswQL/sg9uGl9ShHsntIT+++nf/78gUdcw5enRH6q/NX55Ae56Zqrp98nzGQClercdF/SfVU3uw/LKJbGWA+UkwbPMS6zd4LE/Uvp4Y3H6QhjEXx/eWkMN+ljP8sPnLjsIA85hyVCQfEAzyKc79TQz66Ce367Fz8f1DlkZ+gswt99IZRaZCovE4F0Fe1Fj8M26ygyVtS7WrcMY9JTAbm58IJFQWCf1cgXLiA== X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230031)(4636009)(136003)(376002)(346002)(396003)(39860400002)(230922051799003)(451199024)(64100799003)(1800799009)(186009)(82310400011)(40470700004)(36840700001)(46966006)(40460700003)(40480700001)(478600001)(6666004)(70586007)(70206006)(54906003)(6916009)(356005)(47076005)(83380400001)(36860700001)(86362001)(1076003)(82740400003)(336012)(316002)(426003)(16526019)(26005)(2616005)(36756003)(44832011)(41300700001)(81166007)(5660300002)(8936002)(8676002)(4326008)(7406005)(7416002)(2906002)(36900700001);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 16 Oct 2023 13:45:56.5829 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 227392e5-21e8-4ff1-6233-08dbce4e3944 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: SN1PEPF0002529E.namprd05.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: SJ0PR12MB5612 X-Rspamd-Queue-Id: 7F8AF4001F X-Rspam-User: X-Rspamd-Server: rspam05 X-Stat-Signature: qrjnee1owti1gcjasgd6ybzb7dn1hwdk X-HE-Tag: 1697463959-576869 X-HE-Meta: U2FsdGVkX18IgSTVZheNud+utX+6VmFF65XJ6CEFIDPSl+VaKDIwmi+canoZ68TNwJmc8NTGIDuU26SeqCKIDSK1nUYwxiNnFY2id6EvUrD5QcWJNv5UrGnspCfsw3IlezqAmlZEKBd12C3lBTilx53Y+9A9LHrSSPCWH/VR2jYavU++oGIidQ3m3kum17/9J5xXMLe6jk5u+KXnuxWmtzDrDtHD7w/tTWPvWvtIrYC8jvg1McM0qtTbUHAHxKck444TTqO0mvqQQYTggMR2uaG2wGwRgGP+vozF8BiATT2QT+5XQQZQegFv2paiXLnvbV9jEI98y/AMcd2kAVaT+7vQy6ncGwCyOJHZON1YMgcU90rI8mFySadJCWDcg7rmVIRGkNrEVW1Aftrl79R3NNpFJzVH8oOM0ghP8YfAaM0rKQ2NkA7uybsszL0sp4TcHFxoX/0ptTtbIgSSX7qWOQZF8DcCQpn5MhoH858GqO+KBLcq8itkdiq0pcAfZ5Xkzaa0l9OmxN0/FMqGlzgchDswo3hc0RCsf/TdFxd0DJHQPWdIaFNyGZR1qaiO5ti5lKFylRgofEaw00xyZcZLdB6WRqFMDjpbMMD9Tj4Hg905oQioLL6TMe0Z2lpxwiWyBFlMFa+HiQ1Q1PQLfvfrTT19S+SFtC2ju1AT1qA2vTK1Mv8zH1r8KJm0m1CTIDYyp/VqkoGAXipIB5/fQw+oSgNU3SZYdhaSNs4jEOVoZEhObRV651y7mRSxnKPeOzD43WHmSpRgk/Y6whpCCvEB+UzYCOyusb/gwz0bNsoEalOjbgf1+0AAi1EjxzOKX6q6MeKBEP6lNH4pAgZPTc/6wlW1WnTQ3b6VZ+wwJ8DGqgPgh2fmvLInAek17pq1Gk30IEL922qOcUyvug58x6z9Zw5K6El7u/VOMNpJS1fg9DdsuAv7E6og70hOcytjOQfPNWiy3spbYDJHYEUqvWG 06BEBNxJ 4TyIXapCkuw/9zpiAbbEcVf4qOtL1k7XZb/puRBb/99ZSvrNSeqFiy4B2jCM30Uq4TL4Gx7NDdwjIOs7SNYiVPg6WHTESI7Fxu1J9G1BTASfAR8a/rsd+7N6N0GavFj7ll6Y/YlxEIjXnVNZ4T3EcZvlSugwu941D2ieND5PIhzg+7/cKHknau7N8e4WO5KOWtl18LmajMRVIIoIEwBjVoUg1bvJQjioUpZnkeVFLQOFtF3uOBAMHVXisF1NAiB0CNiPQW0IB3U3w9h502aQG0yUHsMpjUDD5fIJu0jBbcX2T2oheZq2JOMniaHL4+3VNgv9My10SQSnx5kQ= X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: Enabling SNP relies on various IOMMU-related checks in amd_iommu_snp_enable(). In most cases, when the host supports SNP, any IOMMU-related details that prevent enabling SNP are reported. One case where it is not reported is when the IOMMU doesn't support the SNP feature. Often this is the result of the corresponding BIOS option not being enabled, so report that case along with the others. While here, fix up the reporting to be more consistent about using periods to end sentences, and always printing a newline afterward. Signed-off-by: Michael Roth --- drivers/iommu/amd/init.c | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/drivers/iommu/amd/init.c b/drivers/iommu/amd/init.c index 6af208a4f66b..121092f0a48a 100644 --- a/drivers/iommu/amd/init.c +++ b/drivers/iommu/amd/init.c @@ -3811,7 +3811,7 @@ int amd_iommu_snp_enable(void) * not configured in the passthrough mode. */ if (no_iommu || iommu_default_passthrough()) { - pr_err("SNP: IOMMU is disabled or configured in passthrough mode, SNP cannot be supported"); + pr_err("SNP: IOMMU is disabled or configured in passthrough mode, SNP cannot be supported.\n"); return -EINVAL; } @@ -3826,14 +3826,16 @@ int amd_iommu_snp_enable(void) } amd_iommu_snp_en = check_feature_on_all_iommus(FEATURE_SNP); - if (!amd_iommu_snp_en) + if (!amd_iommu_snp_en) { + pr_err("SNP: IOMMU SNP feature is not enabled, SNP cannot be supported.\n"); return -EINVAL; + } pr_info("SNP enabled\n"); /* Enforce IOMMU v1 pagetable when SNP is enabled. */ if (amd_iommu_pgtable != AMD_IOMMU_V1) { - pr_warn("Force to using AMD IOMMU v1 page table due to SNP\n"); + pr_warn("Force to using AMD IOMMU v1 page table due to SNP.\n"); amd_iommu_pgtable = AMD_IOMMU_V1; } From patchwork Mon Oct 16 13:28:15 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Roth X-Patchwork-Id: 13423391 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 8FCC8CDB482 for ; Mon, 16 Oct 2023 13:46:24 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 3483F8D0098; Mon, 16 Oct 2023 09:46:24 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 2D1618D0001; Mon, 16 Oct 2023 09:46:24 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 124808D0098; Mon, 16 Oct 2023 09:46:24 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0013.hostedemail.com [216.40.44.13]) by kanga.kvack.org (Postfix) with ESMTP id 003588D0001 for ; Mon, 16 Oct 2023 09:46:23 -0400 (EDT) Received: from smtpin13.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay08.hostedemail.com (Postfix) with ESMTP id CF52B140693 for ; Mon, 16 Oct 2023 13:46:23 +0000 (UTC) X-FDA: 81351449046.13.A31BA77 Received: from NAM04-MW2-obe.outbound.protection.outlook.com (mail-mw2nam04on2041.outbound.protection.outlook.com [40.107.101.41]) by imf04.hostedemail.com (Postfix) with ESMTP id AE6E940010 for ; Mon, 16 Oct 2023 13:46:20 +0000 (UTC) Authentication-Results: imf04.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b=0j3N74BU; spf=pass (imf04.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.101.41 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com; dmarc=pass (policy=quarantine) header.from=amd.com; arc=pass ("microsoft.com:s=arcselector9901:i=1") ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1697463981; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=0mwKOBMV2+HceIW5G1ZMmApNEa+sZfxzSj8CVZCmNOQ=; b=Bu4SBty7H60tlg7Mnp8oIJ+xPgNLGdo6uhRJgqPBrnxvUpDuKJTQYt0XgPUyJWd6vAgnEF +I6q9oenV/ySKlYkrx6107ogXLqSgRyr1QxqmPq4fvBOzQ9XMt7t7DrDWh6OEvjV+ZUo94 C2X5naLaIOg5VNliLFSREYk1af5gHVY= ARC-Seal: i=2; s=arc-20220608; d=hostedemail.com; t=1697463981; a=rsa-sha256; cv=pass; b=6LLflqIZ0vCMktjVjOB8NgsCb341ap+VQxs+6VK/uyJdHYXbwPkS6qCUl+NI2QA1F3DyFZ SHFUnnoZZj6BPYkTqGsvmbgD7/n0efA20D6l5jz+A0SmIV3gKvcC+Ul2mOa5pyjridCWHZ Imf9harbIuoT4cqpXVajduIsd4AbRwc= ARC-Authentication-Results: i=2; imf04.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b=0j3N74BU; spf=pass (imf04.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.101.41 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com; dmarc=pass (policy=quarantine) header.from=amd.com; arc=pass ("microsoft.com:s=arcselector9901:i=1") ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=MT6cCJHNOIqDZJLVWgmv87nTNr2m+SzluqVQUi/IMjataghc5OidFoRNWiVCrTmcfPL0eYJ/tbK2mTwl9c1EtuoYXPK536BkUHb8/WEq13ENm69e9VVWvy19MOb1p225PxyDAeCej3RnYiJD5hbzJod4aBq4Vshmb5zrZfE087aqW0bVhN3u9LyaliVmhuaAlnwRI7Zw9eclEQTsCLBKPiTGVEnOPB4saLpR/b5cB0Zg9DMLpylcOfQ5kFHAiXqrj6b6lSUofcKo+LisQ1bCd33bE3WYAdS4Otp408ylGvAZ+lFlUNh7ubcs0r2wLdapbBFB3DpfE3ku8OvSYKBfaQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=0mwKOBMV2+HceIW5G1ZMmApNEa+sZfxzSj8CVZCmNOQ=; b=WuNoURYFem2DFNLr1EltxSBzFaPmSki1+7ZwDwlnyk798pKxtlBJjEn+YwttdKmYRRFFsX6uVyfhy3BW7IE4feEj4HUZYdFlwGz5X8a8n3tA6bTbiXfymApWkgNefJmqSKn4cL2yH2EA5PbeymYGXWzrIAhKLMCoANo4PTJR3+a5QOt9lAmCp9tPafty3zfark/szY8NrNtj4jw3nMwk4/FR59fmiWiJ2UqCIRA8IAlSmKw904BSzT9Bc5sQL++oPmcBk9h1NJMCf7A9p9Ku90a0PT9peTVnc32hR3xF+jFwVuV+jazIOpPp1aglOFAFh7PFE1jDWNjtOl43zX37qA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=0mwKOBMV2+HceIW5G1ZMmApNEa+sZfxzSj8CVZCmNOQ=; b=0j3N74BUZZY+N3+1WwJgb1OAjMoa/9yXsUfdSz2m68ZlSfC/oshz3864O0VaHt2qvY7OZl2E+3ANTIU+rldXTJenz00NdW7u0Iw53Yxi9RsoQrPoaLaq5MdJN7pbCAcfxDeadmp4k3hwoBU0Rg6sS20SWlfqepK/REWsja95+gs= Received: from BLAPR03CA0155.namprd03.prod.outlook.com (2603:10b6:208:32f::13) by SA3PR12MB8809.namprd12.prod.outlook.com (2603:10b6:806:31f::20) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6886.36; Mon, 16 Oct 2023 13:46:16 +0000 Received: from MN1PEPF0000F0E2.namprd04.prod.outlook.com (2603:10b6:208:32f:cafe::11) by BLAPR03CA0155.outlook.office365.com (2603:10b6:208:32f::13) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6886.35 via Frontend Transport; Mon, 16 Oct 2023 13:46:15 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by MN1PEPF0000F0E2.mail.protection.outlook.com (10.167.242.40) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.6838.22 via Frontend Transport; Mon, 16 Oct 2023 13:46:15 +0000 Received: from localhost (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.27; Mon, 16 Oct 2023 08:46:15 -0500 From: Michael Roth To: CC: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , Brijesh Singh , Alexey Kardashevskiy , Dionna Glaze Subject: [PATCH v10 46/50] crypto: ccp: Add the SNP_{SET,GET}_EXT_CONFIG command Date: Mon, 16 Oct 2023 08:28:15 -0500 Message-ID: <20231016132819.1002933-47-michael.roth@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20231016132819.1002933-1-michael.roth@amd.com> References: <20231016132819.1002933-1-michael.roth@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: MN1PEPF0000F0E2:EE_|SA3PR12MB8809:EE_ X-MS-Office365-Filtering-Correlation-Id: f91b9876-9f71-4dda-76da-08dbce4e44a0 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: eVGagLXMwTX7N5TBG6KBfI7u3wiy5uow15ggFUgAQy4ZNVDomqoAETvbd8ZNErGIzFVZ0K1XXHlYM32laJ1j2dbiOUqaYLzYWqjm2kZj21PCn8h7DtZkBOtnNK7+VrykRTNmI6iqzs+0crSg4T+FAuKdAIGGAC1Giq0juZCtK34ocAvKC3mMcqDECnr/cq3hSTo30j52vzNuVjwophO3shA8/nwzEh4L4YL4v0m1uszdbCiZ+ownxgV4KivzJuCiV8+LGfsnipzlXkoKROViyWdjUovunKCyuYq5tGwPZ4t2oGSi8eCuyGuUcYpIBCztLt09Md57JAomioFEuYgy+rDnEWuEK6NOd6bDpYIc93PgnDNCp1i2ky4/fB9TUKPX+wH4Bx+TxaUHAwyYzUP6J7UqTGy9prgIwij+Z23DEVZ65N7paZ4DOTGhs4dlOUBzf5eWdV6bVKCoDXs17P7b29cr/P5/k60+pJ8r6FoVPis7uWilRa556dx+xeGhaQYTs6hDh7feNXHwoe9BiBDGlRyMvT8P3LIVsnF84tXcf4SHZ8Jjba2Zw56pGX/ifDl1NfBGNMgJJbua0FrUHoNKD0CiNPNu0o8LNh2oQNzVq+pwCouptmlo7+WO86y8wYqkSa37MJ0ePsGawTTpFrcFopKbnQGbWrTZvnuNaOVVYLe4bGfBp5yc2roZ1E3CRNHd5c4949pvP2D6bkScGFEbZtET3It8TlQIu+s0udnoTb6JYtbqaD19r8Fg2y14qkZ6vNWxxdnga2agOZhP8SqelQ== X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230031)(4636009)(376002)(346002)(39860400002)(396003)(136003)(230922051799003)(451199024)(1800799009)(82310400011)(64100799003)(186009)(36840700001)(46966006)(40470700004)(40480700001)(44832011)(41300700001)(7406005)(7416002)(4326008)(8936002)(8676002)(5660300002)(2906002)(40460700003)(30864003)(86362001)(36756003)(478600001)(356005)(1076003)(16526019)(82740400003)(26005)(2616005)(81166007)(83380400001)(426003)(336012)(6916009)(54906003)(70586007)(70206006)(316002)(36860700001)(47076005)(36900700001);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 16 Oct 2023 13:46:15.5944 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: f91b9876-9f71-4dda-76da-08dbce4e44a0 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: MN1PEPF0000F0E2.namprd04.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: SA3PR12MB8809 X-Rspamd-Queue-Id: AE6E940010 X-Rspam-User: X-Stat-Signature: ugspehrrs61f1rhbf79zs6h7j7a1nwn8 X-Rspamd-Server: rspam03 X-HE-Tag: 1697463980-430632 X-HE-Meta: U2FsdGVkX1+DJlU1GBqn73kJAIDdaSW+zpzXhNEpCQgmY5Q0J5FhnRLnuv8hxRrkHl8d8UIFLCuS0keEDZQ2aPe50xPpCF4KoY9v2bqOosA1b+2u7n+TdWxBhuFj7KX/rFv0FTSGE6nQsqbhqm6sxNBosNzf+nAV0YcPYD+vQuNVCZiK9/tH69BpE7xVv8Xi493xeVO20OzYb/ZQoNZTo/oXDNmaPKVb33rt2Jv+KTFywGO544vM5a32yImwDLytAKtQCZsxrtM3cSDCb8taFOHENQu1pF6kCEn7uoNRS3LQJyw9YFPwbQxJ/f4roAz/iMDVD7xgBbN02N8DexghJFbo1yB6vSTMVve5Kg3CIjpIMBej+vOTZzmQRJ/1ANXsk8pODFELns5u87I/37jDkqFJ2V8iCl/v8GEz3LwhxHNz6iRsuO78bxl2oKkGf5e7+0A+UdDSk6YVKTpQiR06FAn4qR41eL0xy8y1yllysnVkni/VyeEnlmqsfOIA3Gd8tk7cGv5YXduvtetXsQI8CNaJYEZlKHyB6PxLGZzna4M57usELsZyw2Q3wDMXZv/vPcYN/PhBmbk2rgdr8n0m9B+MaGhmE01hrwOyrEXMNFvYboNC6aYCWkGqoWcHOlaVJ3PUDZH4QTPzrlg4cUb1nDlTwnCyYiRgH9+2hVjDsTO0dPl4GRa2/HbPs3GJklkPS4V/Y97SIxk4FYOBZ5W1jGfhN3iYmncnlB0dHHcc4QwQXvjxMtzabfWwRQNWwcMakmQkENtUX9SwO3wrjKO9IjPeTPp9cCwrkCbrXtj/oF6jG4pHyz2+4NfhqNRUBxD/EXjf7kYjHjwBm9/MHSjaQm6litYaS7mSf/EljyNopuiVvvlyE9Dzm5W8dnMXqSIs9Zs2naCc+A2Zai+MKjzVQZh+bLnvztdOwVZn1hHkQWyJJTIDNsuxTBiZcgswOXFG8bij5cU9AIVbW7fi4uZ LeMc39Sb 5ILRWioRlbqIl7y+32gdK0Y4iZgbqEjY9lg10hcJUlUEOfOSIFjjDbBekpfzISfZsrN0SvzGUxKv+vfzLl/delDOqVKbwhFNWIoE0t1GAI0+gjTthSegtqcuk+jtxYpqRmZHrBS9tujiZMXpsy+EgFuUGeRs1CYfTxsRCKj9Z1LqOO4iXWynSdraVoGyn94PFR7KhDDxs6Mqu+fwDgr8Yobd063zpSN8l3XemASb6gKKdRXB7RgewSRWIj7WB5mC4Qg0P0DeSow43jHWi0+ciVQ1uWTfiTbuLKFCaf22kDL2inSbHzHlI9b9xT0M+DNCGR/ShFc9me+6+CwhSKz4xCL366aI6yDbuh8bQVzKlDaO//5wOTE8lYKEvVI01RbhcWguv X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: From: Brijesh Singh The SEV-SNP firmware provides the SNP_CONFIG command used to set the system-wide configuration value for SNP guests. The information includes the TCB version string to be reported in guest attestation reports. Version 2 of the GHCB specification adds an NAE (SNP extended guest request) that a guest can use to query the reports that include additional certificates. In both cases, userspace provided additional data is included in the attestation reports. The userspace will use the SNP_SET_EXT_CONFIG command to give the certificate blob and the reported TCB version string at once. Note that the specification defines certificate blob with a specific GUID format; the userspace is responsible for building the proper certificate blob. The ioctl treats it an opaque blob. While it is not defined in the spec, but let's add SNP_GET_EXT_CONFIG command that can be used to obtain the data programmed through the SNP_SET_EXT_CONFIG. Co-developed-by: Alexey Kardashevskiy Signed-off-by: Alexey Kardashevskiy Co-developed-by: Dionna Glaze Signed-off-by: Dionna Glaze Signed-off-by: Brijesh Singh Signed-off-by: Ashish Kalra [mdr: squash in doc patch from Dionna] Signed-off-by: Michael Roth --- Documentation/virt/coco/sev-guest.rst | 27 ++++ drivers/crypto/ccp/sev-dev.c | 173 ++++++++++++++++++++++++++ drivers/crypto/ccp/sev-dev.h | 2 + include/linux/psp-sev.h | 10 ++ include/uapi/linux/psp-sev.h | 17 +++ 5 files changed, 229 insertions(+) diff --git a/Documentation/virt/coco/sev-guest.rst b/Documentation/virt/coco/sev-guest.rst index e828c5326936..7cabf54395e5 100644 --- a/Documentation/virt/coco/sev-guest.rst +++ b/Documentation/virt/coco/sev-guest.rst @@ -151,6 +151,33 @@ The SNP_PLATFORM_STATUS command is used to query the SNP platform status. The status includes API major, minor version and more. See the SEV-SNP specification for further details. +2.5 SNP_SET_EXT_CONFIG +---------------------- +:Technology: sev-snp +:Type: hypervisor ioctl cmd +:Parameters (in): struct sev_data_snp_ext_config +:Returns (out): 0 on success, -negative on error + +The SNP_SET_EXT_CONFIG is used to set the system-wide configuration such as +reported TCB version in the attestation report. The command is similar to +SNP_CONFIG command defined in the SEV-SNP spec. The main difference is the +command also accepts an additional certificate blob defined in the GHCB +specification. + +If the certs_address is zero, then the previous certificate blob will deleted. +For more information on the certificate blob layout, see the GHCB spec +(extended guest request message). + +2.6 SNP_GET_EXT_CONFIG +---------------------- +:Technology: sev-snp +:Type: hypervisor ioctl cmd +:Parameters (in): struct sev_data_snp_ext_config +:Returns (out): 0 on success, -negative on error + +The SNP_GET_EXT_CONFIG is used to query the system-wide configuration set +through the SNP_SET_EXT_CONFIG. + 3. SEV-SNP CPUID Enforcement ============================ diff --git a/drivers/crypto/ccp/sev-dev.c b/drivers/crypto/ccp/sev-dev.c index 0626c0feff9b..4807ddd6ec52 100644 --- a/drivers/crypto/ccp/sev-dev.c +++ b/drivers/crypto/ccp/sev-dev.c @@ -1496,6 +1496,10 @@ static int __sev_snp_shutdown_locked(int *error) data.length = sizeof(data); data.iommu_snp_shutdown = 1; + /* Free the memory used for caching the certificate data */ + sev_snp_certs_put(sev->snp_certs); + sev->snp_certs = NULL; + wbinvd_on_all_cpus(); retry: @@ -1834,6 +1838,121 @@ static int sev_ioctl_snp_platform_status(struct sev_issue_cmd *argp) return ret; } +static int sev_ioctl_snp_get_config(struct sev_issue_cmd *argp) +{ + struct sev_device *sev = psp_master->sev_data; + struct sev_user_data_ext_snp_config input; + struct sev_snp_certs *snp_certs; + int ret; + + if (!sev->snp_initialized || !argp->data) + return -EINVAL; + + if (copy_from_user(&input, (void __user *)argp->data, sizeof(input))) + return -EFAULT; + + /* Copy the TCB version programmed through the SET_CONFIG to userspace */ + if (input.config_address) { + if (copy_to_user((void * __user)input.config_address, + &sev->snp_config, sizeof(struct sev_user_data_snp_config))) + return -EFAULT; + } + + snp_certs = sev_snp_certs_get(sev->snp_certs); + + /* Copy the extended certs programmed through the SNP_SET_CONFIG */ + if (input.certs_address && snp_certs) { + if (input.certs_len < snp_certs->len) { + /* Return the certs length to userspace */ + input.certs_len = snp_certs->len; + + ret = -EIO; + goto e_done; + } + + if (copy_to_user((void * __user)input.certs_address, + snp_certs->data, snp_certs->len)) { + ret = -EFAULT; + goto put_exit; + } + } + + ret = 0; + +e_done: + if (copy_to_user((void __user *)argp->data, &input, sizeof(input))) + ret = -EFAULT; + +put_exit: + sev_snp_certs_put(snp_certs); + + return ret; +} + +static int sev_ioctl_snp_set_config(struct sev_issue_cmd *argp, bool writable) +{ + struct sev_device *sev = psp_master->sev_data; + struct sev_user_data_ext_snp_config input; + struct sev_user_data_snp_config config; + struct sev_snp_certs *snp_certs = NULL; + void *certs = NULL; + int ret; + + if (!sev->snp_initialized || !argp->data) + return -EINVAL; + + if (!writable) + return -EPERM; + + if (copy_from_user(&input, (void __user *)argp->data, sizeof(input))) + return -EFAULT; + + /* Copy the certs from userspace */ + if (input.certs_address) { + if (!input.certs_len || !IS_ALIGNED(input.certs_len, PAGE_SIZE)) + return -EINVAL; + + certs = psp_copy_user_blob(input.certs_address, input.certs_len); + if (IS_ERR(certs)) + return PTR_ERR(certs); + } + + /* Issue the PSP command to update the TCB version using the SNP_CONFIG. */ + if (input.config_address) { + if (copy_from_user(&config, + (void __user *)input.config_address, sizeof(config))) { + ret = -EFAULT; + goto e_free; + } + + ret = __sev_do_cmd_locked(SEV_CMD_SNP_CONFIG, &config, &argp->error); + if (ret) + goto e_free; + + memcpy(&sev->snp_config, &config, sizeof(config)); + } + + /* + * If the new certs are passed then cache it else free the old certs. + */ + if (input.certs_len) { + snp_certs = sev_snp_certs_new(certs, input.certs_len); + if (!snp_certs) { + ret = -ENOMEM; + goto e_free; + } + } + + sev_snp_certs_put(sev->snp_certs); + sev->snp_certs = snp_certs; + + return 0; + +e_free: + kfree(certs); + return ret; +} + static long sev_ioctl(struct file *file, unsigned int ioctl, unsigned long arg) { void __user *argp = (void __user *)arg; @@ -1888,6 +2007,12 @@ static long sev_ioctl(struct file *file, unsigned int ioctl, unsigned long arg) case SNP_PLATFORM_STATUS: ret = sev_ioctl_snp_platform_status(&input); break; + case SNP_SET_EXT_CONFIG: + ret = sev_ioctl_snp_set_config(&input, writable); + break; + case SNP_GET_EXT_CONFIG: + ret = sev_ioctl_snp_get_config(&input); + break; default: ret = -EINVAL; goto out; @@ -1936,6 +2061,54 @@ int sev_guest_df_flush(int *error) } EXPORT_SYMBOL_GPL(sev_guest_df_flush); +static void sev_snp_certs_release(struct kref *kref) +{ + struct sev_snp_certs *certs = container_of(kref, struct sev_snp_certs, kref); + + kfree(certs->data); + kfree(certs); +} + +struct sev_snp_certs *sev_snp_certs_new(void *data, u32 len) +{ + struct sev_snp_certs *certs; + + if (!len || !data) + return NULL; + + certs = kzalloc(sizeof(*certs), GFP_KERNEL); + if (!certs) + return NULL; + + certs->data = data; + certs->len = len; + kref_init(&certs->kref); + + return certs; +} +EXPORT_SYMBOL_GPL(sev_snp_certs_new); + +struct sev_snp_certs *sev_snp_certs_get(struct sev_snp_certs *certs) +{ + if (!certs) + return NULL; + + if (!kref_get_unless_zero(&certs->kref)) + return NULL; + + return certs; +} +EXPORT_SYMBOL_GPL(sev_snp_certs_get); + +void sev_snp_certs_put(struct sev_snp_certs *certs) +{ + if (!certs) + return; + + kref_put(&certs->kref, sev_snp_certs_release); +} +EXPORT_SYMBOL_GPL(sev_snp_certs_put); + static void sev_exit(struct kref *ref) { misc_deregister(&misc_dev->misc); diff --git a/drivers/crypto/ccp/sev-dev.h b/drivers/crypto/ccp/sev-dev.h index 2c2fe42189a5..71eac493fd56 100644 --- a/drivers/crypto/ccp/sev-dev.h +++ b/drivers/crypto/ccp/sev-dev.h @@ -66,6 +66,8 @@ struct sev_device { bool snp_initialized; struct snp_host_map snp_host_map[MAX_SNP_HOST_MAP_BUFS]; + struct sev_snp_certs *snp_certs; + struct sev_user_data_snp_config snp_config; }; int sev_dev_init(struct psp_device *psp); diff --git a/include/linux/psp-sev.h b/include/linux/psp-sev.h index 9342cee1a1e6..3c605856ef4f 100644 --- a/include/linux/psp-sev.h +++ b/include/linux/psp-sev.h @@ -16,6 +16,16 @@ #define SEV_FW_BLOB_MAX_SIZE 0x4000 /* 16KB */ +struct sev_snp_certs { + void *data; + u32 len; + struct kref kref; +}; + +struct sev_snp_certs *sev_snp_certs_new(void *data, u32 len); +struct sev_snp_certs *sev_snp_certs_get(struct sev_snp_certs *certs); +void sev_snp_certs_put(struct sev_snp_certs *certs); + /** * SEV platform state */ diff --git a/include/uapi/linux/psp-sev.h b/include/uapi/linux/psp-sev.h index b94b3687edbb..b70db9ab7e44 100644 --- a/include/uapi/linux/psp-sev.h +++ b/include/uapi/linux/psp-sev.h @@ -29,6 +29,8 @@ enum { SEV_GET_ID, /* This command is deprecated, use SEV_GET_ID2 */ SEV_GET_ID2, SNP_PLATFORM_STATUS, + SNP_SET_EXT_CONFIG, + SNP_GET_EXT_CONFIG, SEV_MAX, }; @@ -208,6 +210,21 @@ struct sev_user_data_snp_config { __u8 rsvd1[52]; } __packed; +/** + * struct sev_data_snp_ext_config - system wide configuration value for SNP. + * + * @config_address: address of the struct sev_user_data_snp_config or 0 when + * reported_tcb does not need to be updated. + * @certs_address: address of extended guest request certificate chain or + * 0 when previous certificate should be removed on SNP_SET_EXT_CONFIG. + * @certs_len: length of the certs + */ +struct sev_user_data_ext_snp_config { + __u64 config_address; /* In */ + __u64 certs_address; /* In */ + __u32 certs_len; /* In */ +} __packed; + /** * struct sev_issue_cmd - SEV ioctl parameters * From patchwork Mon Oct 16 13:28:16 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Roth X-Patchwork-Id: 13423392 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 03DA4CDB465 for ; Mon, 16 Oct 2023 13:46:48 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 98A2D8D0099; Mon, 16 Oct 2023 09:46:48 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 9133C8D0001; Mon, 16 Oct 2023 09:46:48 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 766388D0099; Mon, 16 Oct 2023 09:46:48 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0016.hostedemail.com [216.40.44.16]) by kanga.kvack.org (Postfix) with ESMTP id 622B48D0001 for ; Mon, 16 Oct 2023 09:46:48 -0400 (EDT) Received: from smtpin03.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay09.hostedemail.com (Postfix) with ESMTP id 2F6218091A for ; Mon, 16 Oct 2023 13:46:48 +0000 (UTC) X-FDA: 81351450096.03.69E3515 Received: from NAM12-BN8-obe.outbound.protection.outlook.com (mail-bn8nam12on2053.outbound.protection.outlook.com [40.107.237.53]) by imf15.hostedemail.com (Postfix) with ESMTP id 25086A0025 for ; Mon, 16 Oct 2023 13:46:44 +0000 (UTC) Authentication-Results: imf15.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b=14GEXMts; spf=pass (imf15.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.237.53 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com; arc=pass ("microsoft.com:s=arcselector9901:i=1"); dmarc=pass (policy=quarantine) header.from=amd.com ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1697464005; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=gFsydmQ2ndIxaav3q1fno1Hd8BL8fOrNy6ngmAARfqs=; b=q04ompRYr7DsM+JYj2Jule/svIa5vik84grDtQXnO5mnb8PT2awb9U4FlgHnOJjILmggvP VFDa4sBfJmVoHT7mGNOn/126CN+jlI1q5tCw7tp3OJwR34P8XJT+k8jEupFD2OcLR/3dsB 0lEZcDbxgFZ6RToAdY55qbSFrL6mTRY= ARC-Authentication-Results: i=2; imf15.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b=14GEXMts; spf=pass (imf15.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.237.53 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com; arc=pass ("microsoft.com:s=arcselector9901:i=1"); dmarc=pass (policy=quarantine) header.from=amd.com ARC-Seal: i=2; s=arc-20220608; d=hostedemail.com; t=1697464005; a=rsa-sha256; cv=pass; b=cVH7yS3SgTZWI2FTjedhQj27n66DPnJ5gELGT4W8d5GLilWjCrkw+fqFphoOIRnJl3zVAd E1uvDDbYCOkK/M419Q5befcAEJTnW60XqWRALGlEryFrlvq2knuJPQ3FDJIr/U66cuhroQ m15gUr2KGnVCBv2w/ecca6bO9g2iFR4= ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=KOU3daugj8XRNXFPoBPtolhTof8P1FpFLXaOaIOlqkltQjGJtpeXH/y95/QmjHnVvKwwcMtdpQQ1DZMNYgrxIrhiU5pnqpNUOn+tjDNMddeAj1uq8eO2dvR6gDJlfGkRES7DD4nkuKaFLZtjza1wBVpACCqGuqDwt24PveZcBB8hJyAhlkhz5TebZxIt7t/MAkp+Cy6Uw3kD7ooCLqcdm5TF/22GwfYThPqqY+Edck1Sp3gl9KBRuifjVHm3xKk/mzWZo2DEKLX9fFQ54F/QG60FwYV5OPa44G/NJdR/ojgh/nL7G1jN024dultKoV1j+RPZcP/JsceS8pBMOJ11wA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=gFsydmQ2ndIxaav3q1fno1Hd8BL8fOrNy6ngmAARfqs=; b=h/G7zvK8Z/7zxHS8ViV9ee8D0w2zaPcQu2p7pYajBoH8XduG+l4uo+0NuYW0SoOTALjS7pQqX79KnMEDIY3PEZhb+0OWRR6bZt7G2TCrdYz3lnBxYNwFiPnBNXXMqlr+aA+IAm+K6oEgz0/Q2jGx31PLD0zQT8S0vkxpHjpLdfTddNfswHwm+2fREzGYmfUNppzfp3TThtusmDkIQ0BZHhYwRQmbyS+W56fufv1L2f3zIcOXn7lnRFcV298VGRrJ5x3XYLsJ1/DepmMcmJ47kiuu4OOAIa3JW+x4c6QUUHZcac8vp64GYYgMktDZoUfySh7MM1ECZF07hY8cTfo7Jw== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=gFsydmQ2ndIxaav3q1fno1Hd8BL8fOrNy6ngmAARfqs=; b=14GEXMtsH5QmXB2g0s7FuOMOmVfyUksRtmEVicYm4//oqH2HZa+bj73D93YnWHcuMFUh4kX8AtaNtGJ3BN5a5n+xxMCoBwrgFEpddirlpRDYF/IF4/WM0XAz+GWgjzHZNoIC7UUSZltqdIs0vgfE8k1J3DAWFPuANsU0cBdL8Zg= Received: from BL0PR0102CA0040.prod.exchangelabs.com (2603:10b6:208:25::17) by CH2PR12MB4277.namprd12.prod.outlook.com (2603:10b6:610:ae::23) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6863.38; Mon, 16 Oct 2023 13:46:42 +0000 Received: from MN1PEPF0000F0DE.namprd04.prod.outlook.com (2603:10b6:208:25:cafe::41) by BL0PR0102CA0040.outlook.office365.com (2603:10b6:208:25::17) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6886.35 via Frontend Transport; Mon, 16 Oct 2023 13:46:42 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by MN1PEPF0000F0DE.mail.protection.outlook.com (10.167.242.36) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.6838.22 via Frontend Transport; Mon, 16 Oct 2023 13:46:42 +0000 Received: from localhost (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.27; Mon, 16 Oct 2023 08:46:40 -0500 From: Michael Roth To: CC: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , Dionna Glaze , Tom Lendacky , Alexey Kardashevskiy Subject: [PATCH v10 47/50] x86/sev: Add KVM commands for per-instance certs Date: Mon, 16 Oct 2023 08:28:16 -0500 Message-ID: <20231016132819.1002933-48-michael.roth@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20231016132819.1002933-1-michael.roth@amd.com> References: <20231016132819.1002933-1-michael.roth@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: MN1PEPF0000F0DE:EE_|CH2PR12MB4277:EE_ X-MS-Office365-Filtering-Correlation-Id: 8af17115-3d52-4395-7621-08dbce4e545e X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: HjRabIGdfB09RwFhe3AypUM+MK4q+DULofbUxycVT463BRTUuY8DSrNE99rtkyWrB3XXdmGbeT4IbDVKUHzCAv/EFB/23eterJbUFRWeX63aQCHmMCz+WcYvX0YSsUnL0//cq2QzGMVKeAijRbWUXCWdYjYYvBXgQRYghx9+TXZWppgpEpDraAhAgrhg/zDX2iifSDTAfx9z0HkFawOLHZrqMy9O7dNc9rop+XZeoe91qSWdg95wFf68E9qY66CwTct4XmYe9fh/sU4m2UlFVUAs+1w23d4b3ah+1A8lKZLeyNGWMNFgwwJ8TqRQh4v584oc6ZDwRjTufVfXu63CVvQSmyhFW2CBAR9iYjekHhpCVwQFl7HIvUhLNNjLZ8ElyMhsPLwIPrUuxtLU4pdlCZZdhww3Z8n387Je2n5BVHALZipP2qkTf5ze9smEgaWFKCWa6g8SqiBd1iswSSSL/FNgyCvJqdabOh3OGTLAH/Moj1NuG0nHY0BX/ogDHT8WLu8GesM7LuWpPLbpZyYLW5hNW9t4REkvTUppZKCZqPStNWaTRDjsyhLXRSqbQ+TNe2Gvo0GgCsZyVPlOUP2xfP2+NVGSuSrv4n+MWqFoXL8kj8FaL/w1e4lAAinQnGNNxYcQtspkFF30OP4gO7OG8ZYRp++/jQmk6qh+bdCRHTnQKOifU3iD7rp+wUbiEA47JDgb3qHmaVjKoEi+YLHDtckGKYjvfOp30PiSUdcDy/LOKKt6b/vcsPzjV63gqPnTWbr0GgfcaekvYs8nqicxLg== X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230031)(4636009)(39860400002)(346002)(376002)(136003)(396003)(230922051799003)(451199024)(64100799003)(82310400011)(1800799009)(186009)(46966006)(40470700004)(36840700001)(478600001)(40480700001)(6916009)(47076005)(356005)(16526019)(26005)(82740400003)(81166007)(83380400001)(8936002)(336012)(8676002)(4326008)(36860700001)(40460700003)(70206006)(1076003)(2906002)(2616005)(7416002)(44832011)(54906003)(426003)(5660300002)(316002)(41300700001)(70586007)(6666004)(7406005)(36756003)(86362001)(36900700001);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 16 Oct 2023 13:46:42.0523 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 8af17115-3d52-4395-7621-08dbce4e545e X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: MN1PEPF0000F0DE.namprd04.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: CH2PR12MB4277 X-Rspamd-Queue-Id: 25086A0025 X-Rspam-User: X-Stat-Signature: 9f17qngzpq9oczdx8zf5d17kpk8tjhp4 X-Rspamd-Server: rspam01 X-HE-Tag: 1697464004-576124 X-HE-Meta: U2FsdGVkX1+OrG/mw1u+Ua/vqBIRpDfjogN1zG5D2yy5iJ4dzH2MvjFN8iQPTmgAwv1gPfcp1VmsFsZlHf5oWgFwbAgJIuZoZFeLjBfE45za2V6EOfFiHWUhU15SLOy83ixH1hbJVFnbwjiJ4y5R+fDETwn1U8XHrhEjcm73JBFADO011NIi3XVHyT6N7fjvPfHkP0aGBFZXVnRtiX0+m1oqru7uJoRhMqmEoh5PTvd3aJ9GlURP7UDzgLudBva8pmwvrjz54MbE49SUo37p9d3Xcupb61G3qzkG55bPF5EgyyrCBRX1PmcLdoPWTKcSo8I4bPCLpWQMYat1+38boXjFc4dWkx45n8+u+HU8u9VpLE6NJn3cmNQVnZVO6mi2Ow6cD4vuL6H59Fkb5niSWyNCbTM7ogP/Ld7/vT9O2vqy3fFKjT/enwXP6+iqUwjdWWasztqrXFBQ1biR23Mvuo9ZmUpV2OaAGC1rUv1d/DQhy5pM8FUd6zwH4utbiPBmrd16Nk7H+ra8b5v9HQEUQ9vXsjVsCm6omrzCP9rsjQ602Hpnk4xFDMS3NXPOvuvKjaTwXgsDJaIGFZK48K0eFPc0NSpMjyUBx6zsrOHA8jpzESIqOI7QQIwH8ttjBvm33dHLKyalt7M4eOa/LclER4Jy2EuwjTFSsjRWkBBLVEeUuNzlKLQ3Bl6w4xEia13jjIlGQuuOfpy5N6d1NGxBj7bVeYtcl8QIFKTmNNz73rT88Oy810CKWPsfd0ePVplFbo1Fc4g5wgJ3B03FAesewZsC+/Sj36PaQe0ny4iB8lX5YG0qPivGsq/kx7U3UQSZyt3tIjEA3ZsOHPfnqmDM11cO78MyJCnzH47MF9Rbp18QIZSgrErUAJkfyhNvfUNHKvg/xcxdinf9HZb0l2iTiEUrm1LbY5azfLVmjek+ladU4kIgJ5gvSqF17uGItOCvCu3VM2/KKtR06/pPcpR b/yZ7npW zgcKFLZPWUC9fQr8X5cyoNriQmYh0JwhCzoFc3ReZx8Fb4f62qKXRozzLVEvD9O9G7q/GeM0mvlpZ36bRtXwyBrmitgDMoMwqP1m8Y0HfW3PPqhfWlfiojG5+DkBH7imC1N4X9zrJtSlEAWy2RZb2iv+2XlBtKkCBG5gwLJU3Q0LH62pr0G3naQHVntaRPUeAlLn62Fv4fsDPAp/KMPKzTRDkYKsowoRloPDAtUfB6bMHXcCwWNdzQBGm1HyXAZ514GKl9VKUBfWrmZj10WnuSjydMTbvFvrImUjuU0xyBReT6G1JmjhDzTDs341eTCrpkzbosnSRZdOBOHeppqFO4Ef4C0QsTJHiVqaD X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: From: Dionna Glaze The /dev/sev device has the ability to store host-wide certificates for the key used by the AMD-SP for SEV-SNP attestation report signing, but for hosts that want to specify additional certificates that are specific to the image launched in a VM, a different way is needed to communicate those certificates. Add two new KVM ioctl to handle this: KVM_SEV_SNP_{GET,SET}_CERTS The certificates that are set with this command are expected to follow the same format as the host certificates, but that format is opaque to the kernel. The new behavior for custom certificates is that the extended guest request command will now return the overridden certificates if they were installed for the instance. The error condition for a too small data buffer is changed to return the overridden certificate data size if there is an overridden certificate set installed. Setting a 0 length certificate returns the system state to only return the host certificates on an extended guest request. Also increase the SEV_FW_BLOB_MAX_SIZE another 4K page to allow space for an extra certificate. Cc: Tom Lendacky Cc: Paolo Bonzini Signed-off-by: Dionna Glaze Signed-off-by: Ashish Kalra [mdr: remove used of "we" and "this patch" in commit log, squash in documentation patch] Signed-off-by: Michael Roth [aik: snp_handle_ext_guest_request() now uses the CCP's cert object without copying things over, only refcounting needed.] Signed-off-by: Alexey Kardashevskiy --- .../virt/kvm/x86/amd-memory-encryption.rst | 44 +++++++ arch/x86/kvm/svm/sev.c | 115 ++++++++++++++++++ arch/x86/kvm/svm/svm.h | 1 + include/linux/psp-sev.h | 2 +- include/uapi/linux/kvm.h | 12 ++ 5 files changed, 173 insertions(+), 1 deletion(-) diff --git a/Documentation/virt/kvm/x86/amd-memory-encryption.rst b/Documentation/virt/kvm/x86/amd-memory-encryption.rst index b89634cfcc06..2ce6c90f07d4 100644 --- a/Documentation/virt/kvm/x86/amd-memory-encryption.rst +++ b/Documentation/virt/kvm/x86/amd-memory-encryption.rst @@ -537,6 +537,50 @@ Returns: 0 on success, -negative on error See SEV-SNP specification for further details on launch finish input parameters. +22. KVM_SEV_SNP_GET_CERTS +------------------------- + +After the SNP guest launch flow has started, the KVM_SEV_SNP_GET_CERTS command +can be issued to request the data that has been installed with the +KVM_SEV_SNP_SET_CERTS command. + +Parameters (in/out): struct kvm_sev_snp_get_certs + +Returns: 0 on success, -negative on error + +:: + + struct kvm_sev_snp_get_certs { + __u64 certs_uaddr; + __u64 certs_len + }; + +If no certs have been installed, then the return value is -ENOENT. +If the buffer specified in the struct is too small, the certs_len field will be +overwritten with the required bytes to receive all the certificate bytes and the +return value will be -EINVAL. + +23. KVM_SEV_SNP_SET_CERTS +------------------------- + +After the SNP guest launch flow has started, the KVM_SEV_SNP_SET_CERTS command +can be issued to override the /dev/sev certs data that is returned when a +guest issues an extended guest request. This is useful for instance-specific +extensions to the host certificates. + +Parameters (in/out): struct kvm_sev_snp_set_certs + +Returns: 0 on success, -negative on error + +:: + + struct kvm_sev_snp_set_certs { + __u64 certs_uaddr; + __u64 certs_len + }; + +The certs_len field may not exceed SEV_FW_BLOB_MAX_SIZE. + References ========== diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c index efe879524b6c..602aaf82eef3 100644 --- a/arch/x86/kvm/svm/sev.c +++ b/arch/x86/kvm/svm/sev.c @@ -2301,6 +2301,113 @@ static int snp_launch_finish(struct kvm *kvm, struct kvm_sev_cmd *argp) return ret; } +static int snp_get_instance_certs(struct kvm *kvm, struct kvm_sev_cmd *argp) +{ + struct kvm_sev_info *sev = &to_kvm_svm(kvm)->sev_info; + struct kvm_sev_snp_get_certs params; + struct sev_snp_certs *snp_certs; + int rc = 0; + + if (!sev_snp_guest(kvm)) + return -ENOTTY; + + if (!sev->snp_context) + return -EINVAL; + + if (copy_from_user(¶ms, (void __user *)(uintptr_t)argp->data, + sizeof(params))) + return -EFAULT; + + snp_certs = sev_snp_certs_get(sev->snp_certs); + /* No instance certs set. */ + if (!snp_certs) + return -ENOENT; + + if (params.certs_len < sev->snp_certs->len) { + /* Output buffer too small. Return the required size. */ + params.certs_len = sev->snp_certs->len; + + if (copy_to_user((void __user *)(uintptr_t)argp->data, ¶ms, + sizeof(params))) + rc = -EFAULT; + else + rc = -EINVAL; /* May be ENOSPC? */ + } else { + if (copy_to_user((void __user *)(uintptr_t)params.certs_uaddr, + snp_certs->data, snp_certs->len)) + rc = -EFAULT; + } + + sev_snp_certs_put(snp_certs); + + return rc; +} + +static void snp_replace_certs(struct kvm_sev_info *sev, struct sev_snp_certs *snp_certs) +{ + sev_snp_certs_put(sev->snp_certs); + sev->snp_certs = snp_certs; +} + +static int snp_set_instance_certs(struct kvm *kvm, struct kvm_sev_cmd *argp) +{ + struct kvm_sev_info *sev = &to_kvm_svm(kvm)->sev_info; + unsigned long length = SEV_FW_BLOB_MAX_SIZE; + struct kvm_sev_snp_set_certs params; + struct sev_snp_certs *snp_certs; + void *to_certs; + int ret; + + if (!sev_snp_guest(kvm)) + return -ENOTTY; + + if (!sev->snp_context) + return -EINVAL; + + if (copy_from_user(¶ms, (void __user *)(uintptr_t)argp->data, + sizeof(params))) + return -EFAULT; + + if (params.certs_len > SEV_FW_BLOB_MAX_SIZE) + return -EINVAL; + + /* + * Setting a length of 0 is the same as "uninstalling" instance- + * specific certificates. + */ + if (params.certs_len == 0) { + snp_replace_certs(sev, NULL); + return 0; + } + + /* Page-align the length */ + length = ALIGN(params.certs_len, PAGE_SIZE); + + to_certs = kmalloc(length, GFP_KERNEL | __GFP_ZERO); + if (!to_certs) + return -ENOMEM; + + if (copy_from_user(to_certs, + (void __user *)(uintptr_t)params.certs_uaddr, + params.certs_len)) { + ret = -EFAULT; + goto error_exit; + } + + snp_certs = sev_snp_certs_new(to_certs, length); + if (!snp_certs) { + ret = -ENOMEM; + goto error_exit; + } + + snp_replace_certs(sev, snp_certs); + + return 0; +error_exit: + kfree(to_certs); + return ret; +} + int sev_mem_enc_ioctl(struct kvm *kvm, void __user *argp) { struct kvm_sev_cmd sev_cmd; @@ -2400,6 +2507,12 @@ int sev_mem_enc_ioctl(struct kvm *kvm, void __user *argp) case KVM_SEV_SNP_LAUNCH_FINISH: r = snp_launch_finish(kvm, &sev_cmd); break; + case KVM_SEV_SNP_GET_CERTS: + r = snp_get_instance_certs(kvm, &sev_cmd); + break; + case KVM_SEV_SNP_SET_CERTS: + r = snp_set_instance_certs(kvm, &sev_cmd); + break; default: r = -EINVAL; goto out; @@ -2616,6 +2729,8 @@ static int snp_decommission_context(struct kvm *kvm) snp_free_firmware_page(sev->snp_context); sev->snp_context = NULL; + sev_snp_certs_put(sev->snp_certs); + return 0; } diff --git a/arch/x86/kvm/svm/svm.h b/arch/x86/kvm/svm/svm.h index 1fd90a88b0db..bdf792ba06e1 100644 --- a/arch/x86/kvm/svm/svm.h +++ b/arch/x86/kvm/svm/svm.h @@ -97,6 +97,7 @@ struct kvm_sev_info { u64 snp_init_flags; void *snp_context; /* SNP guest context page */ u64 sev_features; /* Features set at VMSA creation */ + struct sev_snp_certs *snp_certs; }; struct kvm_svm { diff --git a/include/linux/psp-sev.h b/include/linux/psp-sev.h index 3c605856ef4f..722e26d28d2f 100644 --- a/include/linux/psp-sev.h +++ b/include/linux/psp-sev.h @@ -14,7 +14,7 @@ #include -#define SEV_FW_BLOB_MAX_SIZE 0x4000 /* 16KB */ +#define SEV_FW_BLOB_MAX_SIZE 0x5000 /* 20KB */ struct sev_snp_certs { void *data; diff --git a/include/uapi/linux/kvm.h b/include/uapi/linux/kvm.h index 3af546adb962..0444e122ac5e 100644 --- a/include/uapi/linux/kvm.h +++ b/include/uapi/linux/kvm.h @@ -1973,6 +1973,8 @@ enum sev_cmd_id { KVM_SEV_SNP_LAUNCH_START, KVM_SEV_SNP_LAUNCH_UPDATE, KVM_SEV_SNP_LAUNCH_FINISH, + KVM_SEV_SNP_GET_CERTS, + KVM_SEV_SNP_SET_CERTS, KVM_SEV_NR_MAX, }; @@ -2120,6 +2122,16 @@ struct kvm_sev_snp_launch_finish { __u8 pad[6]; }; +struct kvm_sev_snp_get_certs { + __u64 certs_uaddr; + __u64 certs_len; +}; + +struct kvm_sev_snp_set_certs { + __u64 certs_uaddr; + __u64 certs_len; +}; + #define KVM_DEV_ASSIGN_ENABLE_IOMMU (1 << 0) #define KVM_DEV_ASSIGN_PCI_2_3 (1 << 1) #define KVM_DEV_ASSIGN_MASK_INTX (1 << 2) From patchwork Mon Oct 16 13:28:17 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Roth X-Patchwork-Id: 13423393 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 78C3ACDB465 for ; Mon, 16 Oct 2023 13:47:11 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 2105A8D009A; Mon, 16 Oct 2023 09:47:11 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 1997D8D0001; Mon, 16 Oct 2023 09:47:11 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 03A958D009A; Mon, 16 Oct 2023 09:47:10 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0010.hostedemail.com [216.40.44.10]) by kanga.kvack.org (Postfix) with ESMTP id E26208D0001 for ; Mon, 16 Oct 2023 09:47:10 -0400 (EDT) Received: from smtpin03.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay06.hostedemail.com (Postfix) with ESMTP id 8BB86B5AF6 for ; Mon, 16 Oct 2023 13:47:10 +0000 (UTC) X-FDA: 81351451020.03.0EC4856 Received: from NAM11-BN8-obe.outbound.protection.outlook.com (mail-bn8nam11on2040.outbound.protection.outlook.com [40.107.236.40]) by imf16.hostedemail.com (Postfix) with ESMTP id 2EA17180021 for ; Mon, 16 Oct 2023 13:47:07 +0000 (UTC) Authentication-Results: imf16.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b="JP/yrh7V"; spf=pass (imf16.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.236.40 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com; arc=pass ("microsoft.com:s=arcselector9901:i=1"); dmarc=pass (policy=quarantine) header.from=amd.com ARC-Seal: i=2; s=arc-20220608; d=hostedemail.com; t=1697464027; a=rsa-sha256; cv=pass; b=zOGZDuQ1Yk/GMGpCLSyNFz2iTKNSDdOTAcLIhHju1kYltQWqD5Q9a2DfECsDHAY7dzCgFS C7j9ci0WJLqpp8QrtjYsAoUXZr3CdoM9w7e7yBZyeDfGtuDpE2mEcKzv4ujoMYOCNce0bK 41veTqEuFKSpv2mvsf1LGUR8rQu44SM= ARC-Authentication-Results: i=2; imf16.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b="JP/yrh7V"; spf=pass (imf16.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.236.40 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com; arc=pass ("microsoft.com:s=arcselector9901:i=1"); dmarc=pass (policy=quarantine) header.from=amd.com ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1697464027; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=O16UDz6bg6SnYcZCZVeleJclaR2rL+C/MJ+u7rMewKY=; b=51A/93L7mi/d62lR1MyU4MYO8Bstm4tMKplARyJOIqgUZsUatQdU6nAiiO0Cd0ES/wnE4I 2LCPWb6lS8H2cQU7zW2B7FKSdxZQECewhPrbngeNCa3HkcjzWHq2RQlch6x2HyZ7hxRPuM X7/P9HpD/D1hU23epBj6m1UtQ8cnViE= ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=RZtnVYIkRKpklQIhXmFzOKzhYGwnBGBX66T2PvTid/5q+mEzwHM/gi5WWDZF0R/E2lYX00VneqJQZyPFkYKecBiO3ES9nB+FwIQfyADs4KjGpL5Z4ipOod/L0QU+RlqR4sR2B98wRcYirVvXSPcTuS+aPxCHEwxrQe9GpQ3DoDGzKYed58zgo3Ht9HD6QgKw2+5Le/hpm5cxMRSG6F/SlNE/H2OjHy2GJkvPNPyzumoQpnZ+Je3VsFaD4Bz2ttH3fiz+AdagBYYNpqaBN5YEt/1jBUGhgs+9TT5D8e4pkFLhNc9stEe4CXDwfwHZ6sjxtyFsrwW0C86GIyhblfTmag== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=O16UDz6bg6SnYcZCZVeleJclaR2rL+C/MJ+u7rMewKY=; b=A/27t0eVBPWpkXJy1LCqENcpt/KHjsEs00fAeAJ5/Yevu0Qt8vRpcPv6ZLNIPyOmQXwEayON/qeyuPNKTNB5LgoTW/6PWmPsEo4lhWqLzaR7CCD7wJkkary2uDk0iuP9x4OHFnvOqq+klS1PomiBtj6fC+cxuHQ4QNI/f4UWvdoT/yi3A9txjx/tviZTMQdTXVtUi/TuAMeZR67vYpor3P0YoG2Wqyk8D04nVDx0q1Bq0wlggsJ/iWY3Ns+7OjfgrfRkAOEBqIoZ7kenh1IvpdRk7EikRHSyC/Vey8I7MKqQUvry5VgCOtMy4nTFri92/l9jLt2L1udapDxkIUEiYg== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=O16UDz6bg6SnYcZCZVeleJclaR2rL+C/MJ+u7rMewKY=; b=JP/yrh7VDpdzkVIFb4yRyvB5OFbElJatssH7QOQoUuT7ZfrCGEzV7jj5M/SV63zYfzi8ORJ5upgxAOGkdhI/lAlQUEnud7VHyw7Lym+IN8dQp+8C1v4NnBojAtgeerWKgC0C/QbQf+2f1HmMvGlrABQ2eSHwZOHI3ZeVZM7NCc8= Received: from BL0PR05CA0008.namprd05.prod.outlook.com (2603:10b6:208:91::18) by LV8PR12MB9407.namprd12.prod.outlook.com (2603:10b6:408:1f9::13) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6886.35; Mon, 16 Oct 2023 13:47:03 +0000 Received: from MN1PEPF0000F0DF.namprd04.prod.outlook.com (2603:10b6:208:91:cafe::d4) by BL0PR05CA0008.outlook.office365.com (2603:10b6:208:91::18) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6907.17 via Frontend Transport; Mon, 16 Oct 2023 13:47:03 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by MN1PEPF0000F0DF.mail.protection.outlook.com (10.167.242.37) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.6838.22 via Frontend Transport; Mon, 16 Oct 2023 13:47:03 +0000 Received: from localhost (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.27; Mon, 16 Oct 2023 08:47:01 -0500 From: Michael Roth To: CC: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , Brijesh Singh , Alexey Kardashevskiy Subject: [PATCH v10 48/50] KVM: SEV: Provide support for SNP_GUEST_REQUEST NAE event Date: Mon, 16 Oct 2023 08:28:17 -0500 Message-ID: <20231016132819.1002933-49-michael.roth@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20231016132819.1002933-1-michael.roth@amd.com> References: <20231016132819.1002933-1-michael.roth@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: MN1PEPF0000F0DF:EE_|LV8PR12MB9407:EE_ X-MS-Office365-Filtering-Correlation-Id: 607a1e43-8e69-4273-02ea-08dbce4e6141 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: U3Z/ElY34s2JHCJj1JhEWSsP+K/1GgJgFpqtlUvmELYzvXlYqnwZRu/oRObMD0UWwlQhqCpZD2JMq/3Zh6ivk9mEPTHzcPqp55jXmxJfLXI0xTueMWFhg4pD98sv+6NUSjXToAGNDX9IFESvvsSaGGvUzbGPEHguPz0tUiLiMsdZbEguNnOjFaVYDgaq7g/ID+AFozpLzGp1mTRSVBnFztJGUwoi3clvU1CIVAn8YP2R9RkHk2RrqLDvgK5zjSYH0cWPjyVS6od1YqnByx1ScgwpJ513u5B/p6j4Ft6DghVwqz8QZUJeSsdw0nSJ9CVTnJ+Z8qZw0myp275meXWNrTgNV8L9jrSF8Zy2I7e59nnxIZlRuPJx7mDqIO/TjktC5Nca8fOt1m35hXU1U5WRqC74YVU9s3PgBis2zeexrEHW0rx3CfXG/dzCcGAObK6WkAi743kvK2my0Feq8ySJcFBgb6pTUW9tPuyhhZFo7n66wizUSlEJpzDjsTgG2zxHY7XqXJaOfqZkWR0lzoUwlbNiM+HLKJ7fosnq3mQfGA86kuOgcmqW4eXB3RmFJVpKhmjPGhqbVtkwLg3+ifCMla0I/5AGsES750pavMflGOqpUDVsol4AzRocypKllyl3e1wEerguiSQm/vWBN4TfCKQK+79gN8FdxzqvjX/kJIEEqQSpTQObWcNsyfNBintmOZzcLUx+tFNNzxipteW0+L5IP+pBCOkaH79hvyumRW01wGEpuiu2vxspjq/y/GhvVqRLLsXoCfH3Dt0iPyRtCw== X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230031)(4636009)(39860400002)(346002)(376002)(396003)(136003)(230922051799003)(1800799009)(64100799003)(82310400011)(451199024)(186009)(36840700001)(46966006)(40470700004)(41300700001)(478600001)(54906003)(70206006)(70586007)(6666004)(6916009)(16526019)(26005)(1076003)(426003)(316002)(336012)(2616005)(7416002)(8936002)(7406005)(4326008)(8676002)(2906002)(5660300002)(36756003)(44832011)(81166007)(86362001)(356005)(47076005)(36860700001)(83380400001)(82740400003)(40460700003)(40480700001)(36900700001);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 16 Oct 2023 13:47:03.6697 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 607a1e43-8e69-4273-02ea-08dbce4e6141 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: MN1PEPF0000F0DF.namprd04.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: LV8PR12MB9407 X-Rspamd-Server: rspam08 X-Rspamd-Queue-Id: 2EA17180021 X-Stat-Signature: 31xffi1j5dg3kqoa8h3aijf6j4zp4fg7 X-Rspam-User: X-HE-Tag: 1697464027-843162 X-HE-Meta: U2FsdGVkX1+N4XzcA1DRFfDr7WiU2VsmLKhKhgZB/IalwcWcQD/wnh38ryXwbggRW34qfDZB4q5E96ajZJaH09CkrpRLCkBflnfUXf9SlYFUahAiKGegyyhHQqNNDqwNWFZlqiRi4NBDPo++MbtD++sO4t8s4oY8tsPZxL9piNw+Co0Q71U0C458jbqxVR7eDL688MFh2GSWzu2rYlaz4rtLgAWO/X2fjEcNsMVSP47467Mj1Mh66S/S4NAp+G1ZgYNOzi2MzIxq8/lk64hLd0/I+033FY/kCGi+7ISDDDMFL3CRAXcHtNs/8FjNfo0NkTzTzYacptF7zf8OniqwVULqm56X+cudhRYePPDSyY3OSbgt+zc/8uMLim++0jqJBX/nbcZVxwE5LdMpifQOuijDR3PZE27aEoT3MbcAhtGcJz2rwVPv1mIjQj0ZZs3Zza6bt5y5k41DurW8IP4n3Dvip+zas9PWcyoXqh/KvZoKmtW4Pb6cWuFfRzLQmSeyyo5te+ZkLtjcockUStxY3yCTtFsyjEDJl//RNikbyOyRdkdxHfZieqBFf7TiwkSN1+QGF95e9WjZ34DkYkdvxQKLPnEMpzZXQ+Cc/EXzrpM8q7EQcbulYKqHEom4/Q0j/uvApVo5+4jYly30PVrIhW/ZZhooK12MGTbIHhg2bJyH9RyGtfhMg2ShmZEyKuJgvbHAhDihnd0GzJgfE4tc/0JLS3EQEYhlqVmfJ4m1rj6zYnuz8FpPefbsokdctJ9LDsSjOOGRb6ZCvlbYx7Y8zTEkZyXDxqyNs2tkXdjsOhtRQohH0KUQv8VINvfbrBc2gO/XVpkIdgchCQnMgX9N2Zkej6woG6zwZX83Dgmb5QMefB2iVxVLOplZcAILsBLK9pGzsREvksgqoLx4C1z7nCdUNtwXA6mIGv8gm7qjzYerzZntIpaPxXq8Brz3y1l2D0aZrpbK/F91+ZhlxHg vTe+y9y7 x/Lb16yArXA5ke+N0lD4RGh+pB/4nITbKR49iWbAbv3efYSP0DVewNMvDENeKrGlSqfzqt4k1yG2yWeq9WJfq8Bgc497TxF9Th3I7o6sNNta0SAdfk3UyYOGnkBHrnokcniKlBCzvmVHq1w+wwQCwy4TXR7p9MCioZxGbtEBWvn0Vsek4ArxfBsryS8GaAYGGxFQ3+lmQemSXWHZRbp+YZHIONl64pbqj26amT5pyRgPpeuvC02olW/nipgL34k1iUi9drOgNK4P+bYTJpSlJcHjSnlxfsZpdBLb3mUY9L4HT5EXgOJSpM2e8lF937gT7nEqX1RK9HbNI5V6/3w7MpKmj6QuFvZ2Z4vgV6v1xMoOQ0mcKGLPcEGbCyHSz2fr5vlNR X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: From: Brijesh Singh Version 2 of GHCB specification added the support for two SNP Guest Request Message NAE events. The events allows for an SEV-SNP guest to make request to the SEV-SNP firmware through hypervisor using the SNP_GUEST_REQUEST API define in the SEV-SNP firmware specification. The SNP_EXT_GUEST_REQUEST is similar to SNP_GUEST_REQUEST with the difference of an additional certificate blob that can be passed through the SNP_SET_CONFIG ioctl defined in the CCP driver. The CCP driver provides snp_guest_ext_guest_request() that is used by the KVM to get both the report and certificate data at once. Co-developed-by: Alexey Kardashevskiy Signed-off-by: Alexey Kardashevskiy Signed-off-by: Brijesh Singh Signed-off-by: Ashish Kalra [mdr: ensure FW command failures are indicated to guest] Signed-off-by: Michael Roth --- arch/x86/kvm/svm/sev.c | 176 +++++++++++++++++++++++++++++++++++ arch/x86/kvm/svm/svm.h | 1 + drivers/crypto/ccp/sev-dev.c | 15 +++ include/linux/psp-sev.h | 1 + 4 files changed, 193 insertions(+) diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c index 602aaf82eef3..d71ec257debb 100644 --- a/arch/x86/kvm/svm/sev.c +++ b/arch/x86/kvm/svm/sev.c @@ -19,6 +19,7 @@ #include #include #include +#include #include #include @@ -339,6 +340,8 @@ static int sev_guest_init(struct kvm *kvm, struct kvm_sev_cmd *argp) ret = verify_snp_init_flags(kvm, argp); if (ret) goto e_free; + + mutex_init(&sev->guest_req_lock); } ret = sev_platform_init(&argp->error); @@ -2345,8 +2348,10 @@ static int snp_get_instance_certs(struct kvm *kvm, struct kvm_sev_cmd *argp) static void snp_replace_certs(struct kvm_sev_info *sev, struct sev_snp_certs *snp_certs) { + mutex_lock(&sev->guest_req_lock); sev_snp_certs_put(sev->snp_certs); sev->snp_certs = snp_certs; + mutex_unlock(&sev->guest_req_lock); } static int snp_set_instance_certs(struct kvm *kvm, struct kvm_sev_cmd *argp) @@ -3218,6 +3223,8 @@ static int sev_es_validate_vmgexit(struct vcpu_svm *svm) case SVM_VMGEXIT_HV_FEATURES: case SVM_VMGEXIT_PSC: case SVM_VMGEXIT_TERM_REQUEST: + case SVM_VMGEXIT_GUEST_REQUEST: + case SVM_VMGEXIT_EXT_GUEST_REQUEST: break; default: reason = GHCB_ERR_INVALID_EVENT; @@ -3627,6 +3634,163 @@ static int sev_snp_ap_creation(struct vcpu_svm *svm) return ret; } +static unsigned long snp_setup_guest_buf(struct vcpu_svm *svm, + struct sev_data_snp_guest_request *data, + gpa_t req_gpa, gpa_t resp_gpa) +{ + struct kvm_vcpu *vcpu = &svm->vcpu; + struct kvm *kvm = vcpu->kvm; + kvm_pfn_t req_pfn, resp_pfn; + struct kvm_sev_info *sev; + + sev = &to_kvm_svm(kvm)->sev_info; + + if (!IS_ALIGNED(req_gpa, PAGE_SIZE) || !IS_ALIGNED(resp_gpa, PAGE_SIZE)) + return SEV_RET_INVALID_PARAM; + + req_pfn = gfn_to_pfn(kvm, gpa_to_gfn(req_gpa)); + if (is_error_noslot_pfn(req_pfn)) + return SEV_RET_INVALID_ADDRESS; + + resp_pfn = gfn_to_pfn(kvm, gpa_to_gfn(resp_gpa)); + if (is_error_noslot_pfn(resp_pfn)) + return SEV_RET_INVALID_ADDRESS; + + if (rmp_make_private(resp_pfn, 0, PG_LEVEL_4K, 0, true)) + return SEV_RET_INVALID_ADDRESS; + + data->gctx_paddr = __psp_pa(sev->snp_context); + data->req_paddr = __sme_set(req_pfn << PAGE_SHIFT); + data->res_paddr = __sme_set(resp_pfn << PAGE_SHIFT); + + return 0; +} + +static void snp_cleanup_guest_buf(struct sev_data_snp_guest_request *data, unsigned long *rc) +{ + u64 pfn = __sme_clr(data->res_paddr) >> PAGE_SHIFT; + int ret; + + ret = snp_page_reclaim(pfn); + if (ret) + *rc = SEV_RET_INVALID_ADDRESS; + + ret = rmp_make_shared(pfn, PG_LEVEL_4K); + if (ret) + *rc = SEV_RET_INVALID_ADDRESS; +} + +static void snp_handle_guest_request(struct vcpu_svm *svm, gpa_t req_gpa, gpa_t resp_gpa) +{ + struct sev_data_snp_guest_request data = {0}; + struct kvm_vcpu *vcpu = &svm->vcpu; + struct kvm *kvm = vcpu->kvm; + struct kvm_sev_info *sev; + unsigned long rc; + int err; + + if (!sev_snp_guest(vcpu->kvm)) { + rc = SEV_RET_INVALID_GUEST; + goto e_fail; + } + + sev = &to_kvm_svm(kvm)->sev_info; + + mutex_lock(&sev->guest_req_lock); + + rc = snp_setup_guest_buf(svm, &data, req_gpa, resp_gpa); + if (rc) + goto unlock; + + rc = sev_issue_cmd(kvm, SEV_CMD_SNP_GUEST_REQUEST, &data, &err); + if (rc) + /* Ensure an error value is returned to guest. */ + rc = err ? err : SEV_RET_INVALID_ADDRESS; + + snp_cleanup_guest_buf(&data, &rc); + +unlock: + mutex_unlock(&sev->guest_req_lock); + +e_fail: + ghcb_set_sw_exit_info_2(svm->sev_es.ghcb, rc); +} + +static void snp_handle_ext_guest_request(struct vcpu_svm *svm, gpa_t req_gpa, gpa_t resp_gpa) +{ + struct sev_data_snp_guest_request req = {0}; + struct sev_snp_certs *snp_certs = NULL; + struct kvm_vcpu *vcpu = &svm->vcpu; + struct kvm *kvm = vcpu->kvm; + unsigned long data_npages; + struct kvm_sev_info *sev; + unsigned long exitcode = 0; + u64 data_gpa; + int err, rc; + + if (!sev_snp_guest(vcpu->kvm)) { + rc = SEV_RET_INVALID_GUEST; + goto e_fail; + } + + sev = &to_kvm_svm(kvm)->sev_info; + + data_gpa = vcpu->arch.regs[VCPU_REGS_RAX]; + data_npages = vcpu->arch.regs[VCPU_REGS_RBX]; + + if (!IS_ALIGNED(data_gpa, PAGE_SIZE)) { + exitcode = SEV_RET_INVALID_ADDRESS; + goto e_fail; + } + + mutex_lock(&sev->guest_req_lock); + + rc = snp_setup_guest_buf(svm, &req, req_gpa, resp_gpa); + if (rc) + goto unlock; + + /* + * If a VMM-specific certificate blob hasn't been provided, grab the + * host-wide one. + */ + snp_certs = sev_snp_certs_get(sev->snp_certs); + if (!snp_certs) + snp_certs = sev_snp_global_certs_get(); + + /* + * If there is a host-wide or VMM-specific certificate blob available, + * make sure the guest has allocated enough space to store it. + * Otherwise, inform the guest how much space is needed. + */ + if (snp_certs && (data_npages << PAGE_SHIFT) < snp_certs->len) { + vcpu->arch.regs[VCPU_REGS_RBX] = snp_certs->len >> PAGE_SHIFT; + exitcode = SNP_GUEST_VMM_ERR(SNP_GUEST_VMM_ERR_INVALID_LEN); + goto cleanup; + } + + rc = sev_issue_cmd(kvm, SEV_CMD_SNP_GUEST_REQUEST, &req, &err); + if (rc) { + /* pass the firmware error code */ + exitcode = err; + goto cleanup; + } + + /* Copy the certificate blob in the guest memory */ + if (snp_certs && + kvm_write_guest(kvm, data_gpa, snp_certs->data, snp_certs->len)) + exitcode = SEV_RET_INVALID_ADDRESS; + +cleanup: + sev_snp_certs_put(snp_certs); + snp_cleanup_guest_buf(&req, &exitcode); + +unlock: + mutex_unlock(&sev->guest_req_lock); + +e_fail: + ghcb_set_sw_exit_info_2(svm->sev_es.ghcb, exitcode); +} + static int sev_handle_vmgexit_msr_protocol(struct vcpu_svm *svm) { struct vmcb_control_area *control = &svm->vmcb->control; @@ -3894,6 +4058,18 @@ int sev_handle_vmgexit(struct kvm_vcpu *vcpu) vcpu->run->system_event.ndata = 1; vcpu->run->system_event.data[0] = control->ghcb_gpa; break; + case SVM_VMGEXIT_GUEST_REQUEST: + snp_handle_guest_request(svm, control->exit_info_1, control->exit_info_2); + + ret = 1; + break; + case SVM_VMGEXIT_EXT_GUEST_REQUEST: + snp_handle_ext_guest_request(svm, + control->exit_info_1, + control->exit_info_2); + + ret = 1; + break; case SVM_VMGEXIT_UNSUPPORTED_EVENT: vcpu_unimpl(vcpu, "vmgexit: unsupported event - exit_info_1=%#llx, exit_info_2=%#llx\n", diff --git a/arch/x86/kvm/svm/svm.h b/arch/x86/kvm/svm/svm.h index bdf792ba06e1..3673a6e4e22e 100644 --- a/arch/x86/kvm/svm/svm.h +++ b/arch/x86/kvm/svm/svm.h @@ -98,6 +98,7 @@ struct kvm_sev_info { void *snp_context; /* SNP guest context page */ u64 sev_features; /* Features set at VMSA creation */ struct sev_snp_certs *snp_certs; + struct mutex guest_req_lock; /* Lock for guest request handling */ }; struct kvm_svm { diff --git a/drivers/crypto/ccp/sev-dev.c b/drivers/crypto/ccp/sev-dev.c index 4807ddd6ec52..f9c75c561c4e 100644 --- a/drivers/crypto/ccp/sev-dev.c +++ b/drivers/crypto/ccp/sev-dev.c @@ -2109,6 +2109,21 @@ void sev_snp_certs_put(struct sev_snp_certs *certs) } EXPORT_SYMBOL_GPL(sev_snp_certs_put); +struct sev_snp_certs *sev_snp_global_certs_get(void) +{ + struct sev_device *sev; + + if (!psp_master || !psp_master->sev_data) + return NULL; + + sev = psp_master->sev_data; + if (!sev->snp_initialized) + return NULL; + + return sev_snp_certs_get(sev->snp_certs); +} +EXPORT_SYMBOL_GPL(sev_snp_global_certs_get); + static void sev_exit(struct kref *ref) { misc_deregister(&misc_dev->misc); diff --git a/include/linux/psp-sev.h b/include/linux/psp-sev.h index 722e26d28d2f..3b294ccbbec9 100644 --- a/include/linux/psp-sev.h +++ b/include/linux/psp-sev.h @@ -25,6 +25,7 @@ struct sev_snp_certs { struct sev_snp_certs *sev_snp_certs_new(void *data, u32 len); struct sev_snp_certs *sev_snp_certs_get(struct sev_snp_certs *certs); void sev_snp_certs_put(struct sev_snp_certs *certs); +struct sev_snp_certs *sev_snp_global_certs_get(void); /** * SEV platform state From patchwork Mon Oct 16 13:28:18 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Roth X-Patchwork-Id: 13423394 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id E5797CDB465 for ; Mon, 16 Oct 2023 13:47:29 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 8A0798D009B; Mon, 16 Oct 2023 09:47:29 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 829E38D0001; Mon, 16 Oct 2023 09:47:29 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 67C848D009B; Mon, 16 Oct 2023 09:47:29 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0010.hostedemail.com [216.40.44.10]) by kanga.kvack.org (Postfix) with ESMTP id 57A428D0001 for ; Mon, 16 Oct 2023 09:47:29 -0400 (EDT) Received: from smtpin24.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay03.hostedemail.com (Postfix) with ESMTP id 23ACAA095F for ; Mon, 16 Oct 2023 13:47:29 +0000 (UTC) X-FDA: 81351451818.24.BE0656B Received: from NAM04-BN8-obe.outbound.protection.outlook.com (mail-bn8nam04on2044.outbound.protection.outlook.com [40.107.100.44]) by imf27.hostedemail.com (Postfix) with ESMTP id D63CF4001D for ; Mon, 16 Oct 2023 13:47:25 +0000 (UTC) Authentication-Results: imf27.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b=UFSi49H5; dmarc=pass (policy=quarantine) header.from=amd.com; arc=pass ("microsoft.com:s=arcselector9901:i=1"); spf=pass (imf27.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.100.44 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1697464046; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=ygj93dfhFOyFNaHWPzClbQfSHLdYgUyNFdWHZCYMzkA=; b=HpuPZcZ/cRbBBvBYM+Ex07xjo5R8kRiPXZszfQ6HgdNc0j9mqYU7ZGsYQVyl1P85WRT95p fp4x8lOv1uKye/zUX/5ccdzJn7gwld/SxsOTOB/KXPYAikTmFEuDREqxvcehuV5i4bcdU2 reRxB3MPZ4Bgh3BH2kfRjMwHwY9TpkU= ARC-Authentication-Results: i=2; imf27.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b=UFSi49H5; dmarc=pass (policy=quarantine) header.from=amd.com; arc=pass ("microsoft.com:s=arcselector9901:i=1"); spf=pass (imf27.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.100.44 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com ARC-Seal: i=2; s=arc-20220608; d=hostedemail.com; t=1697464046; a=rsa-sha256; cv=pass; b=MY5drkghpHMQuvjXV1mWFpOd60muswbcuYqFVCChKAMCqKR+G59x/fQqE4q9ZPZmCJt+O4 JrUhNqQyOwBi0g1NRW6XohZvrzVUhgf1iwHimKb/iGRz8m0uFu++YRHCYB5IOqf/GZhHA9 hjaPI4zb2vrznj+y5imYEcK7PNFVOWY= ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=DMmE6fJo+XyCBIwNoEgUKldN9mn3AHanS0GyayBDI8n77wV9H3p/S4fgvdDO0OXE/etenGRA2sFCoYARCW3syC6jUmQem9X7qkeVTZhAirzueKMlWLDe/nsFl1bF6wr4x73ocbfJLxDKE2oLbooz06WIz24yIJq9jnvn6RtwCndTGKCcax9ijU1VCU6MGEU3ZiwcSbWLNXJyFsIblndAfEqW2RqwlWF6qr82S5qpR4OBdGKeBUzKM7NiEaZyokldiiTZjVeves5LNbMfvg/fMHVQpu1r95bnAxtKbSF5w7q8G2/G+96BTsfco7/GFAQHa4JUsWiEVUpjRI8AFi0Dwg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=ygj93dfhFOyFNaHWPzClbQfSHLdYgUyNFdWHZCYMzkA=; b=IbCGILc1+um5rZdtzDDUCv6JROtN6atGoCW5GszAAPzCRqr+Nf3I3oqBjtO45rHo8gMoSpSKHdAsDwyX85Hl4Vz/nJhXN+dfLSdwgVVniFwlC7Fm/15Nv6r7KnMnvJmD551z8BrJL2Pkuwg16wR10h/tBESHHZvBxh6t4l0vd+V4aXA1GaeFfa2N3Nvxzl9XkFO0M8u0b3dxzqvNg501/2HPxqQxNP6YPJ+T8F8TI7b7KnH3/Sv/g9Fk9oy0s/7kERg0F2P2pOnP/BECseExjFypEqw1wAgGltjnhdHVizq4jxJBKseoFObUbnjcyYC8mU8vRMujFYXaq4b3S+pNpA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=ygj93dfhFOyFNaHWPzClbQfSHLdYgUyNFdWHZCYMzkA=; b=UFSi49H5/GJ2nJigZEu/RDVlE3nFxcoLAs1smCpGaFOLtmgpWliQX5EPyydASA/F8I4gaxR3u6dgliiT+/pWwkg1FJY2VeNiiIUCtdlnTTdk0mWLRwRsXKuN2Xaed7PKborpKZB9czVGdl7rbmLMME3HCDJl3v9p/+nqxHB37rQ= Received: from MN2PR18CA0014.namprd18.prod.outlook.com (2603:10b6:208:23c::19) by SJ1PR12MB6340.namprd12.prod.outlook.com (2603:10b6:a03:453::17) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6886.35; Mon, 16 Oct 2023 13:47:23 +0000 Received: from MN1PEPF0000F0DF.namprd04.prod.outlook.com (2603:10b6:208:23c:cafe::2d) by MN2PR18CA0014.outlook.office365.com (2603:10b6:208:23c::19) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6886.35 via Frontend Transport; Mon, 16 Oct 2023 13:47:22 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by MN1PEPF0000F0DF.mail.protection.outlook.com (10.167.242.37) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.6838.22 via Frontend Transport; Mon, 16 Oct 2023 13:47:22 +0000 Received: from localhost (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.27; Mon, 16 Oct 2023 08:47:22 -0500 From: Michael Roth To: CC: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , Brijesh Singh Subject: [PATCH v10 49/50] crypto: ccp: Add debug support for decrypting pages Date: Mon, 16 Oct 2023 08:28:18 -0500 Message-ID: <20231016132819.1002933-50-michael.roth@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20231016132819.1002933-1-michael.roth@amd.com> References: <20231016132819.1002933-1-michael.roth@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: MN1PEPF0000F0DF:EE_|SJ1PR12MB6340:EE_ X-MS-Office365-Filtering-Correlation-Id: 3c591994-f8d9-4a08-919d-08dbce4e6cb5 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: Gy0Zf7Nyzv7Wpwux2eII6qv9419TY9G5geGSkT76n23ulXsIbvUy/zk9ZbZLnuoppPt+jhkERrTiGOJNUu05Dc2eeBe9YIleaKT7iJ3t7kaDP73IOEMcrhd8+3A7L1tdIO35S1afdEqRe+0gOdH9zvwhgLLfmsoOvhNqW6ItQI84nt67KPLLpTMtBOmPEDmcZvm/TISEEnGJjEiBgjWQd+1sckSiBBHTMo3VUWmSmSHghwiescu1bJEleOFs0JmmS3kH/leVRF1pYcynh3exA29QAY1TFAfzn92e7fM0uTfFDEJVbnLmf2On5cpMRiU7Igo6kQsCO8OdTmSD11aQ3KL6b8PS9I8U1HxNcEkumIeSvvonq70XDYL5jG7bDWRqxlqf7KwzvS8OUrHYybHek/hxDehgSQMMOW/NTq+ba9h0oLERs2WdRpjcwxU366kTnuBDWzOneevVuppkAgRlvKcAIn8VFxHlquwlRoZ7gVsh7Uq6wejHmzzGcUU7gRXmpExeG/UrImGIiUF/U1teyHdW0XO4k2UWLEJJAc8WJpiph9F5G1KaCHOeLWa4KS0ap/42gzAb8e8uK81G0NULJUFxqNtHy1wthpaFNJrx/oEORSUZ2BHSixuXLQk2nIPMfqRv2lT2Ejt1yK6cnNAQrazCNr9Ql07yxWnFYFVG/djIHNni0vNXWUK38zrAKQKzcx0KejxoGnxdEnsS1gOS7pJFh/JRYscg08b7izOM7uv5VZMdF6m0mjKrIAYVDITWXbZz0pe+rRunRi3JyJOY34bs7E/z1f8sJPth97oxWZI= X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230031)(4636009)(39860400002)(346002)(376002)(396003)(136003)(230922051799003)(1800799009)(64100799003)(82310400011)(451199024)(186009)(36840700001)(46966006)(40470700004)(41300700001)(478600001)(54906003)(70206006)(70586007)(6666004)(6916009)(16526019)(26005)(1076003)(426003)(316002)(336012)(2616005)(7416002)(8936002)(7406005)(4326008)(8676002)(2906002)(5660300002)(36756003)(44832011)(81166007)(86362001)(356005)(47076005)(36860700001)(83380400001)(82740400003)(40460700003)(40480700001)(36900700001)(134885004);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 16 Oct 2023 13:47:22.8885 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 3c591994-f8d9-4a08-919d-08dbce4e6cb5 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: MN1PEPF0000F0DF.namprd04.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: SJ1PR12MB6340 X-Rspamd-Queue-Id: D63CF4001D X-Rspam-User: X-Rspamd-Server: rspam05 X-Stat-Signature: uoj9zuqf3j7ytxbduog1y6c89m99yjkj X-HE-Tag: 1697464045-182137 X-HE-Meta: U2FsdGVkX1+Zc9ZS9SgiK3jn33ZyRv90+ont9Yd3eVj7B9/2BGcLZ2726lGsHrJSdulWweOTUM6k+JuapOX3X6qIXh+6VEaVqGI+80Rq68fmkwe1aTkFiBI5atEQ18lS4b9udSmNPi2R8Lz2BwGLgkVfGchWSLbs1/shyMRU+Nnfbkc6AIxul3PKD//42f3l/qwXvGNTxmInSJxEzBLBMJ1BoNQthHVPHAnliL1QoOHqkp4758jCFbaDgUl/AzC0Q7U7UJg0vOy/cAkLawZDY7zcnD2llvYnk1ap7q8D/RuPJMmV/HYskE/sbbYELc83yYLypXm5+P5pdbH+Ubb24F2US75NhhakGoP2tSspa5zhERGCcA1iRRewS6s0nQ0rSTgjuccyiW0cx2tECkXOLROZ/3txy8uApdIVMEWMgfShBr/qQJuYezpIsVTap15Oyah1RBbgffhoIzaL7NNVwRk1XidCRy3rb4XFiyYJKYGWJVGNpI7V4syxxKYBYnsSY5q+R4yHlFeyypYHoGSozdBLKSd19QSFPA64GAUNLCSSdwBYPZpEXU0WZXVoYva+BtJWh3p6DGvqC/PvLJ11psN7+O4FX3rkMNSuaqYP3EgqSonsd19WS7NP7jHesVVxl79he/WBht3dyO2V6ILJjdOIlmFTbUqTjxKxibl8/OBAjzkFC6JhU7242itDvy3A9Xgjfifct7v64xjQ+kBVjWNtW3KA4EwlZD0jpcyvPY+H4GGzQp0Dc1xyyUjD/k9/mWfjok0OMNwGRsSNrEsMwPMYn+JIAf6bYYebVBSHu8+3rCdHmX7FUnT1+XsHJkUEZ2PkL0EUITHRWA6i4Itpwu96AJ0kJO5St9MtFlcUz6SixwhOywRpwsBONV8/Afs/lMCmAllSwqHRYZHsuu/cx20fBW9WUj7SGpT9p/pPg8O32GLS9+Hz1m1K/kRo84jIQ/hh4idFgfmxpFTDisP DqCKYbKQ 3sVgg5gvCA1hhVn6NxFqEjkrHvDSlZry6vN+aTBLWchPkFVX0JMKit1KdZDH5pbpRFqCVEZCJoT/de9elJiBLxiZ5V6Cog8QzgEBryodeD7xspYEpsRVZGJBa3+1h47Ony4YSKYkoTVIcf+f4+1ol7fAUO7yt0nYIq/7Fp42vK0V99BSwVIHi6Y1HMHnl41MaQ7F/b1f6U0mx3Wcwk9hyu3tZow82WYmHF36llaMBcPRW/PcONGCAyjGbSRf2VLaDP6HVl6Z/iZjNofuc4sDV3niHrQQzNiSE7S5GYKWR39HqcHtiOInqUyjn/7vl+z1leHpXIHRcoM/YAMM= X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: From: Brijesh Singh Add support to decrypt guest encrypted memory. These API interfaces can be used for example to dump VMCBs on SNP guest exit. Signed-off-by: Brijesh Singh Signed-off-by: Ashish Kalra [mdr: minor commit fixups] Signed-off-by: Michael Roth --- drivers/crypto/ccp/sev-dev.c | 32 ++++++++++++++++++++++++++++++++ include/linux/psp-sev.h | 19 +++++++++++++++++++ 2 files changed, 51 insertions(+) diff --git a/drivers/crypto/ccp/sev-dev.c b/drivers/crypto/ccp/sev-dev.c index f9c75c561c4e..26218df1371e 100644 --- a/drivers/crypto/ccp/sev-dev.c +++ b/drivers/crypto/ccp/sev-dev.c @@ -2061,6 +2061,38 @@ int sev_guest_df_flush(int *error) } EXPORT_SYMBOL_GPL(sev_guest_df_flush); +int snp_guest_dbg_decrypt_page(u64 gctx_pfn, u64 src_pfn, u64 dst_pfn, int *error) +{ + struct sev_data_snp_dbg data = {0}; + struct sev_device *sev; + int ret; + + if (!psp_master || !psp_master->sev_data) + return -ENODEV; + + sev = psp_master->sev_data; + + if (!sev->snp_initialized) + return -EINVAL; + + data.gctx_paddr = sme_me_mask | (gctx_pfn << PAGE_SHIFT); + data.src_addr = sme_me_mask | (src_pfn << PAGE_SHIFT); + data.dst_addr = sme_me_mask | (dst_pfn << PAGE_SHIFT); + + /* The destination page must be in the firmware state. */ + if (rmp_mark_pages_firmware(data.dst_addr, 1, false)) + return -EIO; + + ret = sev_do_cmd(SEV_CMD_SNP_DBG_DECRYPT, &data, error); + + /* Restore the page state */ + if (snp_reclaim_pages(data.dst_addr, 1, false)) + ret = -EIO; + + return ret; +} +EXPORT_SYMBOL_GPL(snp_guest_dbg_decrypt_page); + static void sev_snp_certs_release(struct kref *kref) { struct sev_snp_certs *certs = container_of(kref, struct sev_snp_certs, kref); diff --git a/include/linux/psp-sev.h b/include/linux/psp-sev.h index 3b294ccbbec9..eb2c8a2b2a02 100644 --- a/include/linux/psp-sev.h +++ b/include/linux/psp-sev.h @@ -908,6 +908,20 @@ int sev_guest_decommission(struct sev_data_decommission *data, int *error); */ int sev_do_cmd(int cmd, void *data, int *psp_ret); +/** + * snp_guest_dbg_decrypt_page - perform SEV SNP_DBG_DECRYPT command + * + * @sev_ret: sev command return code + * + * Returns: + * 0 if the SEV successfully processed the command + * -%ENODEV if the SEV device is not available + * -%ENOTSUPP if the SEV does not support SEV + * -%ETIMEDOUT if the SEV command timed out + * -%EIO if the SEV returned a non-zero return code + */ +int snp_guest_dbg_decrypt_page(u64 gctx_pfn, u64 src_pfn, u64 dst_pfn, int *error); + void *psp_copy_user_blob(u64 uaddr, u32 len); void *snp_alloc_firmware_page(gfp_t mask); void snp_free_firmware_page(void *addr); @@ -938,6 +952,11 @@ sev_issue_cmd_external_user(struct file *filep, unsigned int id, void *data, int static inline void *psp_copy_user_blob(u64 __user uaddr, u32 len) { return ERR_PTR(-EINVAL); } +static inline int snp_guest_dbg_decrypt_page(u64 gctx_pfn, u64 src_pfn, u64 dst_pfn, int *error) +{ + return -ENODEV; +} + static inline void *snp_alloc_firmware_page(gfp_t mask) { return NULL; From patchwork Mon Oct 16 13:28:19 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Roth X-Patchwork-Id: 13423395 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 2013BCDB465 for ; Mon, 16 Oct 2023 13:47:51 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id AC3BD8D009C; Mon, 16 Oct 2023 09:47:50 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id A73A68D0001; Mon, 16 Oct 2023 09:47:50 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 8C6AD8D009C; Mon, 16 Oct 2023 09:47:50 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0016.hostedemail.com [216.40.44.16]) by kanga.kvack.org (Postfix) with ESMTP id 7CBD38D0001 for ; Mon, 16 Oct 2023 09:47:50 -0400 (EDT) Received: from smtpin05.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay03.hostedemail.com (Postfix) with ESMTP id 4D4C6A096B for ; Mon, 16 Oct 2023 13:47:50 +0000 (UTC) X-FDA: 81351452700.05.786596D Received: from NAM11-DM6-obe.outbound.protection.outlook.com (mail-dm6nam11on2055.outbound.protection.outlook.com [40.107.223.55]) by imf08.hostedemail.com (Postfix) with ESMTP id 42D05160027 for ; Mon, 16 Oct 2023 13:47:47 +0000 (UTC) Authentication-Results: imf08.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b=oNlV4MPS; dmarc=pass (policy=quarantine) header.from=amd.com; arc=pass ("microsoft.com:s=arcselector9901:i=1"); spf=pass (imf08.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.223.55 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1697464067; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=hMnIdpbbXAEMf8v7Yolso74R3jaU1XgNaVsBHhZ7nH0=; b=cGtL/jpt9x8gBj/mz5LvcESw0GtnSu9DhIGNrSWPlP2Xqd7m84+pK3LLPBjQ0Y/h6nW13k Rp8rfeDzpV1wBBGNZ5wD+fnM943XSlj89RALTaeBh59d1YO+Hp82qPML5nTfDcnEVhkopC IsQYoPqUJtm47Lus6/tcVF0XbxrB80Q= ARC-Authentication-Results: i=2; imf08.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b=oNlV4MPS; dmarc=pass (policy=quarantine) header.from=amd.com; arc=pass ("microsoft.com:s=arcselector9901:i=1"); spf=pass (imf08.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.223.55 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com ARC-Seal: i=2; s=arc-20220608; d=hostedemail.com; t=1697464067; a=rsa-sha256; cv=pass; b=HbDOX1PmZAFJsjbR4ZQtf3r/YPPOeJxqYAe/vZU4OJ2S6JNtlnHaX6MfGWwI9oAQaBQhGC wgm7gq2v8Hcleer5cbX9NYEMvGS6WnfifFUxZmAysQ0lvG6jm+YUJb9grew38GkIXW3olX AwDst0oBOJpKpgHBUJEjFh2k7YRMn0o= ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=O+MDk5kANRm5BcbrbzMMn/36Hu+UQkfmPfsFepObH6AQFj/HMYVyIkOrBOPisB/kIAQvgUNiyvtqo8+GEx0T6ZH0YuO9rM8aTMpKkHdv20rim0LeIMx6B7/DmaDAWZIqoegUlyzHwTIW3wbx0ksMrN1puEJI+teGajCkAiXXRVT3F+RWtFvTSRZqg3mZ78Utgsj7yK5QFo3eynk5uYtQ+82AwNZ7CKLwsu+OS6SbdtA+H1Bc9VEJioUG/4QzCNBsvXY2kLoVwyFNjo2if+J31YnHn3UVmUAzzWp7ywNYRnu/Oxy3BFvWvGmuB0P5OJDeCw0nzxU6IxQBvKZRIu9UCA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=hMnIdpbbXAEMf8v7Yolso74R3jaU1XgNaVsBHhZ7nH0=; b=GZhVmzEvStigfgFo0Xodhmn0G8Q5F1MUAtIeABYRjHvj56+F0EtMGCULtTLWNTF3YHLYAYNMxSJVEMXop0vpsuE6GYgKwLNyVPZzWwG+QHoB/LRCJD4HVbCDITDhdFg6Ie1JK7p4L+S5yM0lNu+iFZkWuwD7o/8cAWQ/yWQAIxV3jUi56qwlb71qTchnjRkX3c1F6ezAXjroyzdEu3StuaDYjHFkixCHP9m8cRHf0zIAQxYTYM27bHgSGGQlDndxMVMBCJrOzRpcGzQaUKEfSBQzgjWkikh/1Ak+AcQauGqRESoL44IfgocdIJIY0FITGRUPe5momS7Wh6LpKE89gw== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=hMnIdpbbXAEMf8v7Yolso74R3jaU1XgNaVsBHhZ7nH0=; b=oNlV4MPSIc2b2r3ySzijBfGuox9Lq+PAK/6ORzxyvlkrWTBe2kqAqgg0fLescXjay/LRpLsVKvzld+PMWhzAkhHgproxI4wPKdqkgLHfiB8u1RnmzWWoxyPj5qcdnqe5tWQZgGbZeZ/xZ9kexO2pqRNI4rxV9V3tVfvsROQ6e90= Received: from BLAPR03CA0165.namprd03.prod.outlook.com (2603:10b6:208:32f::9) by SN7PR12MB7203.namprd12.prod.outlook.com (2603:10b6:806:2aa::8) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6863.45; Mon, 16 Oct 2023 13:47:44 +0000 Received: from MN1PEPF0000F0E2.namprd04.prod.outlook.com (2603:10b6:208:32f:cafe::83) by BLAPR03CA0165.outlook.office365.com (2603:10b6:208:32f::9) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6886.36 via Frontend Transport; Mon, 16 Oct 2023 13:47:44 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by MN1PEPF0000F0E2.mail.protection.outlook.com (10.167.242.40) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.6838.22 via Frontend Transport; Mon, 16 Oct 2023 13:47:44 +0000 Received: from localhost (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.27; Mon, 16 Oct 2023 08:47:43 -0500 From: Michael Roth To: CC: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , Subject: [PATCH v10 50/50] crypto: ccp: Add panic notifier for SEV/SNP firmware shutdown on kdump Date: Mon, 16 Oct 2023 08:28:19 -0500 Message-ID: <20231016132819.1002933-51-michael.roth@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20231016132819.1002933-1-michael.roth@amd.com> References: <20231016132819.1002933-1-michael.roth@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: MN1PEPF0000F0E2:EE_|SN7PR12MB7203:EE_ X-MS-Office365-Filtering-Correlation-Id: b956ddde-c7b8-4f37-67e8-08dbce4e79a3 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: D+s0eWj7c5flkjjUS34wyurrQAGkgTQ8ThgMerXQeWUfN9CMgH8HcV1fSpGUKzi9Ro1Jy8L7OrpMUaPtCRQyEnLXYkQmex9O6+W+LeimOy6xnzEltIhc3Wpq0eUjZNJQhuTytqnvkU2FHa70355dcNFLWaNeBbSmV3Fzy7GLIjjrzZ6awDrb8DJ4ycmjyynC5quai44bSh6KrinH5C6hLLBHuaI+Ga41rR3xsI9gIfj3s1Fn9SvzAGN4Y8MJbjZ3BcQnl3H0jBLIRyFU/aJWF/i+zGTvEfifo0B0rgBda61xDkGmS5KbZT8NnU3YHHyqhoHLY0PPtnnwZlqP/k+KqLm4x2LuC8toQrb+Rke26RhquMgnIS+7NCKBaQ3iJYC3RHyow15v0t2og0jnT/E6WEPzm136rmJTfjU6VCow4jBMGAIi6wf6rxd7O8eFqOCmWGJfcjxN99VeXMWGM7jC1KLx5J9HvYHZns23vrBN0UGH+bMMuCi8xEark9hIQvw4VqgVgixzFQv7W6sgQVmfB+MXQLBXlGLxL+mKdtwj4/scyIr7MvmT56xdLocdAumCKX0FFhKlIUV3XA6Iy0VaPjzVi3Otb9VUjfiJs9qWaS1BWTYvdaBIuqmvvIWb2289d/esNhOgVrOqoGErBlLg3XccSPJ2Xs5laLyb42BhyNJEb9zNXbIpeLa32I5vjLETYpAc/KKnkvQrPQKvMBT1HQdCVGpnN6UhM1F97Thawybb/yIBsr2L591f5B/XU6YLtChugnVNHOZ7bAKZ3+oPeg== X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230031)(4636009)(376002)(396003)(346002)(136003)(39860400002)(230922051799003)(64100799003)(82310400011)(186009)(1800799009)(451199024)(36840700001)(40470700004)(46966006)(47076005)(82740400003)(16526019)(26005)(426003)(336012)(44832011)(36756003)(70586007)(40480700001)(70206006)(83380400001)(316002)(54906003)(6916009)(86362001)(81166007)(2616005)(1076003)(356005)(36860700001)(2906002)(40460700003)(478600001)(6666004)(7406005)(7416002)(8936002)(8676002)(5660300002)(4326008)(41300700001)(36900700001);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 16 Oct 2023 13:47:44.5798 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: b956ddde-c7b8-4f37-67e8-08dbce4e79a3 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: MN1PEPF0000F0E2.namprd04.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: SN7PR12MB7203 X-Rspam-User: X-Stat-Signature: mxxjnxkdz49o6x6m3p5adpoxhegibr6o X-Rspamd-Server: rspam07 X-Rspamd-Queue-Id: 42D05160027 X-HE-Tag: 1697464067-826790 X-HE-Meta: U2FsdGVkX194pDCShhAYqBRus6e//08gT45SVzDwIok/isVnkufLXMTiReiBvBP0YVbPvlvLwR6e373TPxVrNV4GQqEk31lawHDEBYzxq3qpzeme/yyTAEZftzQceKxpv6nUZT9/1qBDdl/QPlcfMXEa9Tu4q01nfXsjmvuNvy2eCX5ZQlt3WpVWyApkdwJGqQc2y61WAKED7fiYBVwqV1gcsSPmHSQrPlt75yKn8dpephtNeLGwOcT1kDyVvbAwzUVtm7zK+JuSXVyNO+DQfYCPFoXIeCzfKvOD8x3ymmbA19pFYEmglZffMqDATFiML1JxH63rYyGcJsmfWBIhuK278Q2092+H9e2lDOv1KV6GB6LYwY73h+eQn2w30KOmL4yXRSsUC2GuEya3KjOT4VY8FtGNpibK5rKA95wJlgWhLHXZDloUXfxIgrCmWTC52e7PxLRpxi4xZG1N/c0jxeOFsz/KflwDIgYYJBkYcyopXA8zygQIjH40Ai9Xj2fPwrJuXYMz4zisDcbefmcqpwZViaaYdRP6t4jRsk34hcUipGEcGI+s/+vTUKT6WSvEA3QBS881EIhKzD85A0aC7i3m475C1g2gPzCbMmRKbM5jngb0aMtrEhHke8i7xHqlaowXVHSHLogz5cLytfLkvkvffCcQzsEJKOQPj9Ah7P/5RIdbpSE4J3k9691ggGQAI45stCPk/5ujPTd5ROB8/TxaNoC4JqtcFslxU0we2MiQ7ElvV7r8E6oOIGtXmowZ9G63rFx6qHJuS2Ruh02zYyBpB8uyW7jOr44+H7eQZ++KtT9c71oTw5R7XtOnzahBDNqI6wfLJDX892GocbZhsAsVRD2BLM/WCqXHFVOmTToh6YiudDaJyQ5hbvbcJR5PIZwVEAlPO0QFFwCGTELUAYp1XTHFLYtZIC+CXQjGj/vFUwIwLBLms7Dj0awhp/jSOVAba+SxGhqy6tyY1Ui OH4n8VYf OSQmJ6DM889ts/Z8XZAyXiSLv55qzY5R5m6N+SnMQ83boOtVqqe8237DP47Eo3fT9GZv9mF3O6RuhwbiVQl+oSQyljMxxKgJBmLrgaJXpekUT31LlGpaEsFzCn9vI5Of57abQRXUW7Pva8OyfDwuzg3AWtCE6kj/8mSN6Dj/GieDWc2HGq8wOlkUvL9lItjm2ffrlVduQT4c4SMFC2vFc9eI7pks+QwvyCdXsYkjfZQLfdfauEYo5IH0VNndjJ+5qOrTP37G/Gm/3F8sEStX/c1sX7aTUtz1pXE4TzroP05G8AxOi5Kn3z7rTzAjt7aG15rT5XN9uoT9mbjo= X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: From: Ashish Kalra Add a kdump safe version of sev_firmware_shutdown() registered as a crash_kexec_post_notifier, which is invoked during panic/crash to do SEV/SNP shutdown. This is required for transitioning all IOMMU pages to reclaim/hypervisor state, otherwise re-init of IOMMU pages during crashdump kernel boot fails and panics the crashdump kernel. This panic notifier runs in atomic context, hence it ensures not to acquire any locks/mutexes and polls for PSP command completion instead of depending on PSP command completion interrupt. Signed-off-by: Ashish Kalra [mdr: remove use of "we" in comments] Signed-off-by: Michael Roth --- arch/x86/kernel/crash.c | 7 +++ drivers/crypto/ccp/sev-dev.c | 112 +++++++++++++++++++++++++---------- 2 files changed, 89 insertions(+), 30 deletions(-) diff --git a/arch/x86/kernel/crash.c b/arch/x86/kernel/crash.c index c92d88680dbf..23ede774d31b 100644 --- a/arch/x86/kernel/crash.c +++ b/arch/x86/kernel/crash.c @@ -59,6 +59,13 @@ static void kdump_nmi_callback(int cpu, struct pt_regs *regs) */ cpu_emergency_stop_pt(); + /* + * for SNP do wbinvd() on remote CPUs to + * safely do SNP_SHUTDOWN on the local CPU. + */ + if (cpu_feature_enabled(X86_FEATURE_SEV_SNP)) + wbinvd(); + disable_local_APIC(); } diff --git a/drivers/crypto/ccp/sev-dev.c b/drivers/crypto/ccp/sev-dev.c index 26218df1371e..21a3064f30c9 100644 --- a/drivers/crypto/ccp/sev-dev.c +++ b/drivers/crypto/ccp/sev-dev.c @@ -21,6 +21,7 @@ #include #include #include +#include #include #include #include @@ -137,6 +138,26 @@ static int sev_wait_cmd_ioc(struct sev_device *sev, { int ret; + /* + * If invoked during panic handling, local interrupts are disabled, + * so the PSP command completion interrupt can't be used. Poll for + * PSP command completion instead. + */ + if (irqs_disabled()) { + unsigned long timeout_usecs = (timeout * USEC_PER_SEC) / 10; + + /* Poll for SEV command completion: */ + while (timeout_usecs--) { + *reg = ioread32(sev->io_regs + sev->vdata->cmdresp_reg); + if (*reg & PSP_CMDRESP_RESP) + return 0; + + udelay(10); + } + + return -ETIMEDOUT; + } + ret = wait_event_timeout(sev->int_queue, sev->int_rcvd, timeout * HZ); if (!ret) @@ -1058,17 +1079,6 @@ static int __sev_platform_shutdown_locked(int *error) return ret; } -static int sev_platform_shutdown(int *error) -{ - int rc; - - mutex_lock(&sev_cmd_mutex); - rc = __sev_platform_shutdown_locked(NULL); - mutex_unlock(&sev_cmd_mutex); - - return rc; -} - static int sev_get_platform_state(int *state, int *error) { struct sev_user_data_status data; @@ -1483,7 +1493,7 @@ static int __sev_snp_init_locked(int *error) return rc; } -static int __sev_snp_shutdown_locked(int *error) +static int __sev_snp_shutdown_locked(int *error, bool in_panic) { struct sev_device *sev = psp_master->sev_data; struct sev_data_snp_shutdown_ex data; @@ -1500,7 +1510,16 @@ static int __sev_snp_shutdown_locked(int *error) sev_snp_certs_put(sev->snp_certs); sev->snp_certs = NULL; - wbinvd_on_all_cpus(); + /* + * If invoked during panic handling, local interrupts are disabled + * and all CPUs are stopped, so wbinvd_on_all_cpus() can't be called. + * In that case, a wbinvd() is done on remote CPUs via the NMI + * callback, so only a local wbinvd() is needed here. + */ + if (!in_panic) + wbinvd_on_all_cpus(); + else + wbinvd(); retry: ret = __sev_do_cmd_locked(SEV_CMD_SNP_SHUTDOWN_EX, &data, error); @@ -1543,17 +1562,6 @@ static int __sev_snp_shutdown_locked(int *error) return ret; } -static int sev_snp_shutdown(int *error) -{ - int rc; - - mutex_lock(&sev_cmd_mutex); - rc = __sev_snp_shutdown_locked(error); - mutex_unlock(&sev_cmd_mutex); - - return rc; -} - static int sev_ioctl_do_pek_import(struct sev_issue_cmd *argp, bool writable) { struct sev_device *sev = psp_master->sev_data; @@ -2262,19 +2270,29 @@ int sev_dev_init(struct psp_device *psp) return ret; } -static void sev_firmware_shutdown(struct sev_device *sev) +static void __sev_firmware_shutdown(struct sev_device *sev, bool in_panic) { int error; - sev_platform_shutdown(NULL); + __sev_platform_shutdown_locked(NULL); if (sev_es_tmr) { - /* The TMR area was encrypted, flush it from the cache */ - wbinvd_on_all_cpus(); + /* + * The TMR area was encrypted, flush it from the cache + * + * If invoked during panic handling, local interrupts are + * disabled and all CPUs are stopped, so wbinvd_on_all_cpus() + * can't be used. In that case, wbinvd() is done on remote CPUs + * via the NMI callback, so a local wbinvd() is sufficient here. + */ + if (!in_panic) + wbinvd_on_all_cpus(); + else + wbinvd(); __snp_free_firmware_pages(virt_to_page(sev_es_tmr), get_order(sev_es_tmr_size), - false); + true); sev_es_tmr = NULL; } @@ -2295,7 +2313,14 @@ static void sev_firmware_shutdown(struct sev_device *sev) */ free_snp_host_map(sev); - sev_snp_shutdown(&error); + __sev_snp_shutdown_locked(&error, in_panic); +} + +static void sev_firmware_shutdown(struct sev_device *sev) +{ + mutex_lock(&sev_cmd_mutex); + __sev_firmware_shutdown(sev, false); + mutex_unlock(&sev_cmd_mutex); } void sev_dev_destroy(struct psp_device *psp) @@ -2313,6 +2338,28 @@ void sev_dev_destroy(struct psp_device *psp) psp_clear_sev_irq_handler(psp); } +static int sev_snp_shutdown_on_panic(struct notifier_block *nb, + unsigned long reason, void *arg) +{ + struct sev_device *sev = psp_master->sev_data; + + /* + * Panic callbacks are executed with all other CPUs stopped, + * so don't wait for sev_cmd_mutex to be released since it + * would block here forever. + */ + if (mutex_is_locked(&sev_cmd_mutex)) + return NOTIFY_DONE; + + __sev_firmware_shutdown(sev, true); + + return NOTIFY_DONE; +} + +static struct notifier_block sev_snp_panic_notifier = { + .notifier_call = sev_snp_shutdown_on_panic, +}; + int sev_issue_cmd_external_user(struct file *filep, unsigned int cmd, void *data, int *error) { @@ -2360,6 +2407,8 @@ void sev_pci_init(void) dev_info(sev->dev, "SEV%s API:%d.%d build:%d\n", sev->snp_initialized ? "-SNP" : "", sev->api_major, sev->api_minor, sev->build); + atomic_notifier_chain_register(&panic_notifier_list, + &sev_snp_panic_notifier); return; err: @@ -2375,4 +2424,7 @@ void sev_pci_exit(void) return; sev_firmware_shutdown(sev); + + atomic_notifier_chain_unregister(&panic_notifier_list, + &sev_snp_panic_notifier); }