From patchwork Sat Dec 30 17:23:17 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Roth X-Patchwork-Id: 13506980 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 67B02C46CD2 for ; Sat, 30 Dec 2023 17:29:00 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id EE4286B0108; Sat, 30 Dec 2023 12:28:59 -0500 (EST) Received: by kanga.kvack.org (Postfix, from userid 40) id E924D6B0109; Sat, 30 Dec 2023 12:28:59 -0500 (EST) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id D0E386B010B; Sat, 30 Dec 2023 12:28:59 -0500 (EST) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0017.hostedemail.com [216.40.44.17]) by kanga.kvack.org (Postfix) with ESMTP id BE4886B0108 for ; Sat, 30 Dec 2023 12:28:59 -0500 (EST) Received: from smtpin16.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay02.hostedemail.com (Postfix) with ESMTP id A143D120471 for ; Sat, 30 Dec 2023 17:28:59 +0000 (UTC) X-FDA: 81624169998.16.C2F0061 Received: from NAM10-MW2-obe.outbound.protection.outlook.com (mail-mw2nam10on2077.outbound.protection.outlook.com [40.107.94.77]) by imf10.hostedemail.com (Postfix) with ESMTP id E0796C000E for ; Sat, 30 Dec 2023 17:28:56 +0000 (UTC) Authentication-Results: imf10.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b=eIl62lyX; dmarc=pass (policy=quarantine) header.from=amd.com; arc=pass ("microsoft.com:s=arcselector9901:i=1"); spf=pass (imf10.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.94.77 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1703957337; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=5XgjSbQPuViBerBi3ZrdvpWHtvAvXJLUzH5XOg81cmc=; b=4dcj8v4Rb6C2XzRMXipjhqufMxVQZ3LAmUSIPl2Mp3TojIkl+vZ+lOF2D7viN+756eVp2G SEpDZ0ud9MS7jp4ADqWAlVKEgnkfdPsqEo9zmIjxz9DTqV8fM2ZN+uKxYB76nv98Az9dif xN8thl8izcDhr+6+wmNPNrA7tjWnYRA= ARC-Authentication-Results: i=2; imf10.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b=eIl62lyX; dmarc=pass (policy=quarantine) header.from=amd.com; arc=pass ("microsoft.com:s=arcselector9901:i=1"); spf=pass (imf10.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.94.77 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com ARC-Seal: i=2; s=arc-20220608; d=hostedemail.com; t=1703957337; a=rsa-sha256; cv=pass; b=Ty0+m/v7QcGWp7NNRShQFIcL2JKv1wgs2QiJKyn0WFyELti3BQYgd9bTHdj0t5ivNvCjrg WJ5rky9phasmN42HLAaniK6wG1ohONLkF6sChh5inRyVoY+Bya/z0puG6xDtbSAE6KZDm/ HbcyagUZEThkTscrB4vq62mB+gA+5VY= ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=jKoupEFHw9HNk1ERxWOBZEEJd7JQZ6EP/1FiZBU8L1C9Tgz1Snj1dm+BvCmsu1gwG8y4SwCMRDOiA6XGljQocSFLSg2++c3fw2zjSUxidWAAkZ+ZxQQo8BtH194HwCiqsbjiaytaWS0UJAasmudSjpA51YJGMDQOGNDTBmbQehKVRV9lIUHABm2NPn6ln5L6fqUNTd4M3wLALlJB5hldct4smknSUate4tBe4Xe2vHX8D0KSMS5anCMuVWDBWluXlZkJn8PAG89Q4nuuzvKObxqPU8mp0F+LFY2xFTbEWD5aDDbSiumf1DQla9hNl+NvjcOj3pswsKSULuRl8p7zoA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=5XgjSbQPuViBerBi3ZrdvpWHtvAvXJLUzH5XOg81cmc=; b=iG712rzQSgtlB+zasjSI6q8s9q+6N+DQplaYH+RoJaCpEaJL+WwmTb6Qyv78ymsraZBQxA6SJjKM/Bltx+NfUyv0Wmj4oFZsPhgJV67mg1th+9pGgeSISiRz5BOTORT8+PqY1DBADBNBerqqXAYk93WDfPs+IRWEc5H5KhhK/9BrDpkpLHEFRWgGiQS0DkGi5jUFcgN8PXqpj0fBsE0+ZuUyA2Z9cq9jm2cfZC7TZijBn1oSo0xTW22/Zghr3fGyLr4UpeZZn4R6onZNRkyUnlmw3qCty86ZzXgTGf4CB/bMXuTiRgk8vUeSTlXl8bRtKiojUe5pV9NR2cIh8LIKRg== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none (0) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=5XgjSbQPuViBerBi3ZrdvpWHtvAvXJLUzH5XOg81cmc=; b=eIl62lyXzCjwX7bScdsr/3v0XdazjhGMg/MEwGAtc/SNEQqKnGE/qAvZ0mGCj0WXQG6L5RFsV18hrgesJvA1cHMyr0SRBXFZakuP85+bK0uj3LCibc50KLH7rBpk2CEZozKs9niWVaMeI3MfEaM4st184n8pmeOkr0w5CCUgbKM= Received: from BLAPR03CA0131.namprd03.prod.outlook.com (2603:10b6:208:32e::16) by MW4PR12MB6949.namprd12.prod.outlook.com (2603:10b6:303:208::19) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7135.23; Sat, 30 Dec 2023 17:28:52 +0000 Received: from MN1PEPF0000ECD9.namprd02.prod.outlook.com (2603:10b6:208:32e:cafe::cd) by BLAPR03CA0131.outlook.office365.com (2603:10b6:208:32e::16) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7135.20 via Frontend Transport; Sat, 30 Dec 2023 17:28:52 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by MN1PEPF0000ECD9.mail.protection.outlook.com (10.167.242.138) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.7159.9 via Frontend Transport; Sat, 30 Dec 2023 17:28:52 +0000 Received: from localhost (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.34; Sat, 30 Dec 2023 11:28:51 -0600 From: Michael Roth To: CC: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , Subject: [PATCH v11 01/35] KVM: Add hugepage support for dedicated guest memory Date: Sat, 30 Dec 2023 11:23:17 -0600 Message-ID: <20231230172351.574091-2-michael.roth@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20231230172351.574091-1-michael.roth@amd.com> References: <20231230172351.574091-1-michael.roth@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: MN1PEPF0000ECD9:EE_|MW4PR12MB6949:EE_ X-MS-Office365-Filtering-Correlation-Id: b446e043-183d-4b45-4fb2-08dc095ccab1 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: nsgunP4MyZ6L889M0EUKCh4TL/cvPT6Vnd1R2Bt9j0U2tNkuY/G8ouNam6BKCGXVS8LdW7VQvvJSGf1gcJrru72KTDOYtMmPv6x+2JZOmAyMe5dvNAgVxWUdLeZ+E4VHP4QvK3myjX7RK9yS9LOXTKDfD09cKU+cahR5F/igrI6tvIWqtAXnDKLS0WjOT0/eiXWuGuqRpNRNeqMpHvE+JWIAe+7Pngm6PX8U5zJjDS5j7R7xqehQ3AL80s7VMTmGFkdTuIUQBFCXq3pZY0a9CFAwOm98/mWZ/Ifq4PE7uo4j2AqkCRq494HYrc9ti+vJAh4uKqyQNMRsNPxlTJTzvCWp7hgLNqpbOuI7iA8H/NzxpzZlrp9MA4fFpt6axPCY3A1yRMP8EiarJcdHwLZaoE8Q7nu5tjQcE1gjJ3s3exgUst/YGBjKXm9iqnpnO58ddOs+KVl5wZZL7WN8yMyc1nKwvHM64yxnqU7U5iKOPbnEdyRl8E3Hkj8tiUwenReefjSpXWTSDVGrcyUJ6ys5/xB0MRsgtje52O/Lj4XG/bkxgYLVYWkofZItDw7mvd+ibFGAlI+sYaOvh6tuvgcusuXhiaodoAc8dVcXw2i9M/gaehZbD54y8EUiNSDsy+qf7ENKV3gWdkuVfTxR116cyNCN386z0WYJL3qtMIXCxOhqdYAnSloyE/cbtMFqqV9r1Qu15dxHgDO/KiMrktuHFKklzQkrCtuFT2GTCqmrgJqtkL7NuZcMH+L1xsBhAy84Na/hjGSPd/8LZ8ke+2jOfA== X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230031)(4636009)(396003)(376002)(346002)(136003)(39860400002)(230922051799003)(451199024)(1800799012)(82310400011)(186009)(64100799003)(36840700001)(46966006)(40470700004)(336012)(426003)(16526019)(26005)(1076003)(83380400001)(2616005)(6666004)(36860700001)(47076005)(7406005)(7416002)(5660300002)(4326008)(44832011)(41300700001)(2906002)(966005)(478600001)(316002)(8676002)(8936002)(54906003)(70586007)(70206006)(6916009)(86362001)(36756003)(81166007)(356005)(82740400003)(40480700001)(40460700003)(66899024)(36900700001);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 30 Dec 2023 17:28:52.1401 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: b446e043-183d-4b45-4fb2-08dc095ccab1 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: MN1PEPF0000ECD9.namprd02.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: MW4PR12MB6949 X-Rspam-User: X-Rspamd-Server: rspam12 X-Rspamd-Queue-Id: E0796C000E X-Stat-Signature: umubq6hykj6w3zt76x4d9gir83i71sdw X-HE-Tag: 1703957336-500923 X-HE-Meta: U2FsdGVkX1+MHHyT0AY8MhGv2fhuUihkylElE1lvOhqUNXQLOTFSLx3Ixg5EWcjt4k10esrgh/hkvn09RqTIfaR0EI/jISroPeAWOw/qa/r7lAUVz6qPDxcrxzMsMxeH7jB2iChbdZXMT67Du5lOsW8JbNoWxjh0W7UjqOqmouBS9ju7Mqi+HD/FH8diNqv4S8rk+/JKzKFTATLaPTNDksUK23isMVoSqYqp95h4BJ8VzOmre8AhiIVaggvk3+fBiqoj155dAKBoWggc1b8csyx98Oa/7s7riMlI6+HVI40nbxLZy4zB822k1+vZaQjOfrbIMpo1fLQT+ExNq5HpCC60bZJwIjTgzzP/vv4K/SGsDuk1L2xCopM5+wtm2CUG7CBLkdY55Qem+dpdu6zVm1Hj+hp9o+e6DzcgOuUNz05wlDTbnH7INaFBXHDJJwPlDCQgWz9V+73jD3+zF4PFMm6ZcxqwhX9zdOqwX/WtWd+Ec5WpvflcZ89rSl9IJzQwGuGG9WrGVxkLI7/oOewiMVCBPKF5Go5WHwxZyNoSY434tfo/KustrhPU8FPa9cqVlETV+QhY0b6dXeO16UeKLhWTggboA63zMZuDwu5SUuIase/FumbxIJyhtubDZaPAiK1Wdy9an5Ru3w875fiWSXouJUBIUJKBfHq3U4X6bY8HmHbqiBtnJMw2JqztDlZUTeSom53A+rGW0IQfoFQUbYQFJvueN9+1VX2hetbK8ftMWSflCxpN802h8qk/uaLyjDaYq9FJgMpkrbRUXfIP3/yBjtXZclULNymfNw7DYMy5b9tGJg3d+SBw1YIBZUn5onxHhlaYE560xNwR1vnXHrqgKitGdT8AOb9z0yhs5/RCLcszvbn13c+IfbcdlJzFT4v2M0btZwB745wtc1nVnudeHIl7gS8rmxVbikeWZmz3CJSM1effpdcSiPJvWzOpEGjIPOytKweTsbYAGox QyA== X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: From: Sean Christopherson Extended guest_memfd to allow backing guest memory with hugepages. This is done as a best-effort by default until a better-defined mechanism is put in place that can provide better control/assurances to userspace about hugepage allocations. When reporting the max order when KVM gets a pfn from guest_memfd, force order-0 pages if the hugepage is not fully contained by the memslot binding, e.g. if userspace requested hugepages but punches a hole in the memslot bindings in order to emulate x86's VGA hole. Link: https://lore.kernel.org/kvm/20231027182217.3615211-1-seanjc@google.com/T/#mccbd3e8bf9897f0ddbf864e6318d6f2f208b269c Signed-off-by: Sean Christopherson Message-Id: <20231027182217.3615211-18-seanjc@google.com> [Allow even with CONFIG_TRANSPARENT_HUGEPAGE; dropped momentarily due to uneasiness about the API. - Paolo] Signed-off-by: Paolo Bonzini [mdr: based on discussion in the Link regarding original patch, make the following set of changes: - For now, don't introduce an opt-in flag to enable hugepage support. By default, just make a best-effort for PMD_ORDER allocations so that there are no false assurances to userspace that they'll get hugepages. It's better at least than the current guarantee that they will get 4K pages every time. A more proper opt-in interface can then improve on things later. - Pass GFP_NOWARN to alloc_pages() so failures are not disruptive to normal operations - Drop size checks during creation time. Instead just avoid huge allocations if they extend beyond end of the memfd. - Drop hugepage-related unit tests since everything is now handled transparently to userspace anyway. - Update commit message accordingly.] Signed-off-by: Michael Roth Signed-off-by: Michael Roth --- virt/kvm/guest_memfd.c | 63 +++++++++++++++++++++++++++++++++++++----- 1 file changed, 56 insertions(+), 7 deletions(-) diff --git a/virt/kvm/guest_memfd.c b/virt/kvm/guest_memfd.c index 4aa23b01aa98..784690a664ac 100644 --- a/virt/kvm/guest_memfd.c +++ b/virt/kvm/guest_memfd.c @@ -13,14 +13,46 @@ struct kvm_gmem { struct list_head entry; }; -static struct folio *kvm_gmem_get_folio(struct inode *inode, pgoff_t index) +static struct folio *kvm_gmem_get_huge_folio(struct inode *inode, pgoff_t index, + unsigned int order) { + pgoff_t npages = 1UL << order; + pgoff_t huge_index = round_down(index, npages); + struct address_space *mapping = inode->i_mapping; + gfp_t gfp = mapping_gfp_mask(mapping) | __GFP_NOWARN; + loff_t size = i_size_read(inode); struct folio *folio; - /* TODO: Support huge pages. */ - folio = filemap_grab_folio(inode->i_mapping, index); - if (IS_ERR_OR_NULL(folio)) + /* Make sure hugepages would be fully-contained by inode */ + if ((huge_index + npages) * PAGE_SIZE > size) + return NULL; + + if (filemap_range_has_page(mapping, (loff_t)huge_index << PAGE_SHIFT, + (loff_t)(huge_index + npages - 1) << PAGE_SHIFT)) + return NULL; + + folio = filemap_alloc_folio(gfp, order); + if (!folio) + return NULL; + + if (filemap_add_folio(mapping, folio, huge_index, gfp)) { + folio_put(folio); return NULL; + } + + return folio; +} + +static struct folio *kvm_gmem_get_folio(struct inode *inode, pgoff_t index) +{ + struct folio *folio; + + folio = kvm_gmem_get_huge_folio(inode, index, PMD_ORDER); + if (!folio) { + folio = filemap_grab_folio(inode->i_mapping, index); + if (IS_ERR_OR_NULL(folio)) + return NULL; + } /* * Use the up-to-date flag to track whether or not the memory has been @@ -361,6 +393,7 @@ static int __kvm_gmem_create(struct kvm *kvm, loff_t size, u64 flags) inode->i_mode |= S_IFREG; inode->i_size = size; mapping_set_gfp_mask(inode->i_mapping, GFP_HIGHUSER); + mapping_set_large_folios(inode->i_mapping); mapping_set_unmovable(inode->i_mapping); /* Unmovable mappings are supposed to be marked unevictable as well. */ WARN_ON_ONCE(!mapping_unevictable(inode->i_mapping)); @@ -486,7 +519,7 @@ void kvm_gmem_unbind(struct kvm_memory_slot *slot) int kvm_gmem_get_pfn(struct kvm *kvm, struct kvm_memory_slot *slot, gfn_t gfn, kvm_pfn_t *pfn, int *max_order) { - pgoff_t index = gfn - slot->base_gfn + slot->gmem.pgoff; + pgoff_t index, huge_index; struct kvm_gmem *gmem; struct folio *folio; struct page *page; @@ -499,6 +532,7 @@ int kvm_gmem_get_pfn(struct kvm *kvm, struct kvm_memory_slot *slot, gmem = file->private_data; + index = gfn - slot->base_gfn + slot->gmem.pgoff; if (WARN_ON_ONCE(xa_load(&gmem->bindings, index) != slot)) { r = -EIO; goto out_fput; @@ -518,9 +552,24 @@ int kvm_gmem_get_pfn(struct kvm *kvm, struct kvm_memory_slot *slot, page = folio_file_page(folio, index); *pfn = page_to_pfn(page); - if (max_order) - *max_order = 0; + if (!max_order) + goto success; + + *max_order = compound_order(compound_head(page)); + if (!*max_order) + goto success; + /* + * The folio can be mapped with a hugepage if and only if the folio is + * fully contained by the range the memslot is bound to. Note, the + * caller is responsible for handling gfn alignment, this only deals + * with the file binding. + */ + huge_index = ALIGN(index, 1ull << *max_order); + if (huge_index < ALIGN(slot->gmem.pgoff, 1ull << *max_order) || + huge_index + (1ull << *max_order) > slot->gmem.pgoff + slot->npages) + *max_order = 0; +success: r = 0; out_unlock: From patchwork Sat Dec 30 17:23:18 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Roth X-Patchwork-Id: 13506991 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 89FAAC46CD2 for ; Sat, 30 Dec 2023 17:32:48 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 3007D6B013F; Sat, 30 Dec 2023 12:32:48 -0500 (EST) Received: by kanga.kvack.org (Postfix, from userid 40) id 2889A6B0141; Sat, 30 Dec 2023 12:32:48 -0500 (EST) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 101D76B014B; Sat, 30 Dec 2023 12:32:48 -0500 (EST) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0012.hostedemail.com [216.40.44.12]) by kanga.kvack.org (Postfix) with ESMTP id F09146B013F for ; Sat, 30 Dec 2023 12:32:47 -0500 (EST) Received: from smtpin10.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay10.hostedemail.com (Postfix) with ESMTP id C65D7C070E for ; Sat, 30 Dec 2023 17:32:47 +0000 (UTC) X-FDA: 81624179574.10.B6E5EF1 Received: from NAM04-BN8-obe.outbound.protection.outlook.com (mail-bn8nam04on2062.outbound.protection.outlook.com [40.107.100.62]) by imf04.hostedemail.com (Postfix) with ESMTP id C1FC940016 for ; Sat, 30 Dec 2023 17:32:44 +0000 (UTC) Authentication-Results: imf04.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b=DAsba546; spf=pass (imf04.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.100.62 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com; arc=pass ("microsoft.com:s=arcselector9901:i=1"); dmarc=pass (policy=quarantine) header.from=amd.com ARC-Seal: i=2; s=arc-20220608; d=hostedemail.com; t=1703957564; a=rsa-sha256; cv=pass; b=FQIJiVO/61VxFcFwKEG65sLcxQ9GxW86LOx38pNOM1fcfibXZaMhN9onzarHB5pDHF7RZQ 6MZotCUsCdEMBSXCO3WBqoH4d3hdyQwTNcXAEafNj/IwkyLzQ3kf6RIfhb+m1AXYYp2uTV 2DMt6vezTFYFz+oMYfS4WQoI2HY3zyg= ARC-Authentication-Results: i=2; imf04.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b=DAsba546; spf=pass (imf04.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.100.62 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com; arc=pass ("microsoft.com:s=arcselector9901:i=1"); dmarc=pass (policy=quarantine) header.from=amd.com ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1703957564; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=Xi6JDzTfmVUpA1y8LRyTqKgiLlYzZFnL6ITEUbCEECc=; b=5vLrPNcAPGlpJ7gP8bCI4Bqk8iFpL+dowef4drmIRBOtxxe6YlQO7CVOmw6jgbJeoLJps9 lKhxSPkclaI6thWHnFCbszSksK550a4Wts9uCwUVxOtO2CSis++6IV1wdhaZMcPfpH67P+ 5MndybMCw2SUCHOEd1UlVObd9QIp18E= ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=fDTcXQ+2O7QDBv1i77UUuEYEc66y7VvCYmZxqmWQjYnwqSbvMZptHp3o782A6Rr/fhhYc0c2VDc7MNbjJP2cKufsvotl1aotyAj3cxyZ7unwGcNVRDPnI6jo5oSv9hUXJL/IgHfDTrdp44WG4KJzvmlBrPzbFAq4Xk6ZV3OCYNKo+Eu+u0F5lAALjZc9TACw+zV63Z1y1OCpKmuUTZX1ZtpKMFDoUdCgtRzIi4QYVGwlby0kEHjsptTo3F/ai0omz0BG2SxMFvJUY6KYb3J9NhVe44AS5yDVJw9jdHgkJrT4tmwQNTPoXeRmndeOBOTUu3c4iAf0FKzakZNwF86O7Q== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=Xi6JDzTfmVUpA1y8LRyTqKgiLlYzZFnL6ITEUbCEECc=; b=KWLom0F4lpyWg21uHrmGLOjSz7lDDLJcYTRIPGO5Jkv5baFAldccFFiPw1yiHE9V5FbAzODkgySGgegR/eaT4VJg6B5pBPa4RwshKC6usEBji/1C+wR7fEmkwtAbrHvmeLkOo8SCEWFS7VTETc5PPq7tqCvk76QOm1z7SgFFaUS3zcH8mXASxEOXruDma5on72vwlwwu/vowJTZVIUyeiwbvuGh/niDEqdWBshr0wZrSGVXMRfRuEMwXvChiXmKNB0pNqoIHO27slc2e0Dp+/PVkyzphMwEePe29mJuF7EP+NC0aRQzNO/uC0H0debZeMshBSe0rrdQnveoIEhVrAg== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none (0) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=Xi6JDzTfmVUpA1y8LRyTqKgiLlYzZFnL6ITEUbCEECc=; b=DAsba546ZsEnzmb/WMYPU5PyGXwpzSytZwvD67to0RMdpuBr9R4yA+DgZBZLJDlQY9l7h0KePtthU2x5yiqSS+e2e5WF/ggSZO9orEjq848xKnpsHtF+twycGEzHFJkrS2ulBjEH4v1GZ85j355sNeAFlrhrYqiqvcrcSxwW4Fo= Received: from MW4PR04CA0068.namprd04.prod.outlook.com (2603:10b6:303:6b::13) by MN0PR12MB6223.namprd12.prod.outlook.com (2603:10b6:208:3c1::12) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7135.22; Sat, 30 Dec 2023 17:32:42 +0000 Received: from CO1PEPF000044F0.namprd05.prod.outlook.com (2603:10b6:303:6b:cafe::ea) by MW4PR04CA0068.outlook.office365.com (2603:10b6:303:6b::13) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7135.21 via Frontend Transport; Sat, 30 Dec 2023 17:32:41 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by CO1PEPF000044F0.mail.protection.outlook.com (10.167.241.70) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.7159.9 via Frontend Transport; Sat, 30 Dec 2023 17:32:41 +0000 Received: from localhost (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.34; Sat, 30 Dec 2023 11:32:40 -0600 From: Michael Roth To: CC: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , Matthew Wilcox Subject: [PATCH v11 02/35] mm: Introduce AS_INACCESSIBLE for encrypted/confidential memory Date: Sat, 30 Dec 2023 11:23:18 -0600 Message-ID: <20231230172351.574091-3-michael.roth@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20231230172351.574091-1-michael.roth@amd.com> References: <20231230172351.574091-1-michael.roth@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: CO1PEPF000044F0:EE_|MN0PR12MB6223:EE_ X-MS-Office365-Filtering-Correlation-Id: d07f1a2e-047c-45c8-2309-08dc095d5383 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: A6wr6M5+B73F4sbAdk5nB8wcN4EFYF6GThu8HAg9mqZKR1SbD16Ur+B5aJcMqXu/zPw8TgueSxb/elf5Nb57VuWvGMP+4rVWWC2j+id9TFxXo8xmn12lAlWL4bIZNnTJsxH/TmdVm0aJ4v9OTGulA6Yf4XR5VBgSweL4RLOtNC/9ZLojlIIdpd3kZK8DsFtiM/irZQE0gv9oagxO7GxvM6DHevWrjm1mZdLFYFepqPVt5BhR6dG9r1A1ulSsWiGZH7gfHFXaY6QI7pm0GgLwEgeu13dFzHIVudQhIck1HAp4mieQPHVjml9NhXXzpHoeXXuMLh6lxFCCUWSToSXio8Ks8ezkOsh5JJgsx+iF8dshI0cU1bWV1iPlGSHHe3LjcRY5/up7ah7hM/3syDN/akWEziBhR/pL4VXDAnWkPnXhHRshBKDFeD5l3W11BNea+qaMK/EaobB6T0vf+6mV7LtlvhT33MZm4qCxMCpWphSyXfHu3mhlbnAlc0K1zPVIA4rACZGVcnpy66YkE2dGaW7KAbkIt+fh3itmNdsrabdLxtZj5+gTRtXOgpa6EPwlDqQ2/X7od0xbchyWeBNHh0TkcEr7NOQNRtxVZAyJ7804gVoG2AS+jmKXV++8AN6Xf+NU+HFvC+wpCqUUvkdIdkp5PlKPK1ePPJofZ2yjjc/w4scGUHtikALYESk21tlzdW+nCw6cYd9fd2oxfd2G9or9p1tUmEd2I+p4iFxEM8XwuX9i3iemUnmLFfrGfSWWk0a1zlQT4iQBIfflqmxPfw== X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230031)(4636009)(136003)(346002)(396003)(39860400002)(376002)(230922051799003)(186009)(1800799012)(64100799003)(82310400011)(451199024)(40470700004)(46966006)(36840700001)(36860700001)(966005)(478600001)(40460700003)(41300700001)(82740400003)(44832011)(356005)(6916009)(36756003)(4326008)(86362001)(316002)(81166007)(54906003)(70206006)(70586007)(6666004)(47076005)(336012)(426003)(16526019)(26005)(1076003)(40480700001)(83380400001)(8936002)(8676002)(2616005)(2906002)(5660300002)(7416002)(7406005)(36900700001);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 30 Dec 2023 17:32:41.5760 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: d07f1a2e-047c-45c8-2309-08dc095d5383 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: CO1PEPF000044F0.namprd05.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: MN0PR12MB6223 X-Rspamd-Server: rspam08 X-Rspamd-Queue-Id: C1FC940016 X-Stat-Signature: gj99jhkw4k6euugu6htan7mtx7gesmjx X-Rspam-User: X-HE-Tag: 1703957564-148422 X-HE-Meta: U2FsdGVkX1+5Qb3foUVa5y9SosrTe5ZYLydBPI69khe9xghYOSuzduKCEVCh98dA5lYyKu2pvB2gv4fjD7flCLehLR/m50+rqVRoPIgNCyzhSHyKj5SNlidhUrbDcIRAZlLXLAHzoiFzZPqFezh73bY/DWg9vNXsDXLpFoIDsyYxaG+sdKjsrHPLxLKmfa9f7IJQk8b+ysBbVy6zB2RI1M3Z1OArRlGV3ZLxuXVZ5B5wCchNE6pylJvifHSsQwqEJhQbF1YlrqpPTmSAL/NT5SUx7rP1aVFc5t8lV6Os4L3Sh//KMfhP9fpGyG7ZbDrF5IspgfZZyo6i4LVCm5J9oncq+08Wp6Tpl2DHt4Ins1NB9zUrJ45L27mLg7RaCa6Qa4m3Fhobc+g+nPOHYuZ4Q2JvhIGI62gnHCyGu/Ln4QZXKubHgl7dycD8/W6lmiYvtUjHsL3T51NMrHcLU6ss2os4Rc8gYyMZoUP201zuTaq6PQCGSKO9GPhiGyAQcWq1X/Vdvpa2+3bBJ7lP/DzDUQHuPx+39EYNQynRa1YYlo+zY+4OKOSEMcETLvJMMuJjHeMVyfCgPTq1KWrgme6mwcBZ/E8Urw7noN4Y/xX1XFIvvPTvJ+W9yuUf5N5P315sLtHAm1tzf6b5k49XMFdohost9AEXQIXp+J9nXEPh7BpRYz8RRiia6SXFtDy6VqB71WDsWIYMtOwu0mwDwrnvscJ0YwVtLHq3oP6hIevz42g7JG+Gbp97imhUXrU/gvODrD9DC8fgoFyIeqv4uEbPY34fma4hT2sPY59X8sTTyYsM9vhGsyBAE5We8krN0N1UwicdJ8N1SFx6olO3ii1OuY6WZYvIgP9B4CnqBkWbDCmwO21MdqO0y/0yfTqAuqOgg5N2jdTS45uSk9sqNPGyTKydyMoqwr62HR7er4rjR3AsGE0K9hQhf8n8bJgYTAQ2KHTmwmprjVe7rzXKdPy aOljNzLg xIsesmSIR1aiyE222ff0M37wuRFvk8hKTeOiuuWQKz+Q1LP/BktYhxafbKe9/3vY39dkTqQXbJm8OwTHr8fTqs4nwNM4SmLh6BeVQ+pN2mBl+4+pVgDTZqL6TsL/+oLC2hCEMkBco6w+F4ZQoiLID6EEB3GwQGYDYZ40mfV80KAWggehbezrWhafHUMknDCLBwlzcxzRNd3N+a/PTVLbIyj7a2Ssob1Vjtq7O6uknv2AQLCm4frOdMcDVBX3O5a3GAz/NeUuqMgq7MJs8lFasioaaOkkXIsuC1vH3xryWOuxVWMl1P5q2D0KBjaW5MF4nGAm0CPPUt55XUzztSmRA8wxq0Q6feujP2hn0JIAPo+mmaOupdnE2ShAHHNDjzOkb9ILoRso3hVVly8pmkT3+5F/CmplwIJyi6k/PHpWO3n+dh/D6+8L8okody0/HkUvMiisQDXlTGB4h8vREPey55umMu1r+1ydQKlxoHQVjKsOS//VtoDGo7Qna6k64Dn/3g48vFUJvF4cKK/s= X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: filemap users like guest_memfd may use page cache pages to allocate/manage memory that is only intended to be accessed by guests via hardware protections like encryption. Writes to memory of this sort in common paths like truncation may cause unexpected behavior such writing garbage instead of zeros when attempting to zero pages, or worse, triggering hardware protections that are considered fatal as far as the kernel is concerned. Introduce a new address_space flag, AS_INACCESSIBLE, and use this initially to prevent zero'ing of pages during truncation, with the understanding that it is up to the owner of the mapping to handle this specially if needed. Link: https://lore.kernel.org/lkml/ZR9LYhpxTaTk6PJX@google.com/ Cc: Matthew Wilcox Suggested-by: Sean Christopherson Signed-off-by: Michael Roth --- include/linux/pagemap.h | 1 + mm/truncate.c | 3 ++- 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/include/linux/pagemap.h b/include/linux/pagemap.h index c2d90588c0bf..b56081a3512e 100644 --- a/include/linux/pagemap.h +++ b/include/linux/pagemap.h @@ -207,6 +207,7 @@ enum mapping_flags { AS_STABLE_WRITES, /* must wait for writeback before modifying folio contents */ AS_UNMOVABLE, /* The mapping cannot be moved, ever */ + AS_INACCESSIBLE, /* Do not attempt direct R/W access to the mapping */ }; /** diff --git a/mm/truncate.c b/mm/truncate.c index 725b150e47ac..c501338c7ebd 100644 --- a/mm/truncate.c +++ b/mm/truncate.c @@ -233,7 +233,8 @@ bool truncate_inode_partial_folio(struct folio *folio, loff_t start, loff_t end) * doing a complex calculation here, and then doing the zeroing * anyway if the page split fails. */ - folio_zero_range(folio, offset, length); + if (!(folio->mapping->flags & AS_INACCESSIBLE)) + folio_zero_range(folio, offset, length); if (folio_has_private(folio)) folio_invalidate(folio, offset, length); From patchwork Sat Dec 30 17:23:19 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Roth X-Patchwork-Id: 13507026 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 2CD75C46CD2 for ; Sat, 30 Dec 2023 17:34:54 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id C01866B00E5; Sat, 30 Dec 2023 12:34:53 -0500 (EST) Received: by kanga.kvack.org (Postfix, from userid 40) id B8A7B6B00E7; Sat, 30 Dec 2023 12:34:53 -0500 (EST) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id A06058D0012; Sat, 30 Dec 2023 12:34:53 -0500 (EST) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0011.hostedemail.com [216.40.44.11]) by kanga.kvack.org (Postfix) with ESMTP id 87B106B00E5 for ; Sat, 30 Dec 2023 12:34:53 -0500 (EST) Received: from smtpin30.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay09.hostedemail.com (Postfix) with ESMTP id 5EFF68021F for ; Sat, 30 Dec 2023 17:34:53 +0000 (UTC) X-FDA: 81624184866.30.E2F515D Received: from NAM12-MW2-obe.outbound.protection.outlook.com (mail-mw2nam12on2046.outbound.protection.outlook.com [40.107.244.46]) by imf17.hostedemail.com (Postfix) with ESMTP id 5EBF940003 for ; Sat, 30 Dec 2023 17:34:50 +0000 (UTC) Authentication-Results: imf17.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b=shQmBCCe; spf=pass (imf17.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.244.46 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com; arc=pass ("microsoft.com:s=arcselector9901:i=1"); dmarc=pass (policy=quarantine) header.from=amd.com ARC-Seal: i=2; s=arc-20220608; d=hostedemail.com; t=1703957690; a=rsa-sha256; cv=pass; b=wI0JaNT9hM81tyaxs7Km8Q00Pt1RmZAHFEvfmWtke3VU+BC/XSKEjqoWvNipmtyVKd5fkc ihym3tJkxhaNoso5W435YOZ/SYlIpxTMQX0FlteLNBMTZeCAoUBYRd3MDFxPkIoDEvoxMs i5Y4fvHtrs2J/PJ7U4T5Osc878mgB6g= ARC-Authentication-Results: i=2; imf17.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b=shQmBCCe; spf=pass (imf17.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.244.46 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com; arc=pass ("microsoft.com:s=arcselector9901:i=1"); dmarc=pass (policy=quarantine) header.from=amd.com ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1703957690; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=6G//Ysjjc0XVDXuudSAUkrpExZ17kMbMXQYYD05EbYo=; b=SFRtwnXF0wIgGprQTBEkRvvzcyi9Lb4yEMnYEl7mfR81fEpSd5clBjbK3R1+7ONrVBj/QW fJY3N5/WbkIVAo76jPhiyixsxFmrZzt7wn8Hox8Jn0Iflbzdyzf9V+4B7Zwh9do/TeZc1W PxmXtc2PiNWt8qefuVQdVauQwxROdmI= ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=YBFNe7T0xjHiRhOneVlvxIW6gBX9V+1xEZ/J1AA5XtEvphyQaq/b8ZMtTBGHfmh+UKKHALJSFW/0kl8wHDvuJM3Sp/d9bVqPM80NPfxtYaLpRK/KrxR9QZR82lAlkMjjzLPVxVQYMpiLRNQstc5jWVKnK/wZFpTVCnJ5EzjXf4nNPz+hPpZlvMgCrd+mVa3QHcjvlQLH9SA6p/moH1vS5Eh83zsey36ybhvryUp+pK0kr0CvC/sv6VpFEmzBzC5+5raoBsvBvfAbhPY1ods+IDAJfShDMSUToQrN6B5XEz0t6Bmwbt3xCdbmOG2WmtzW1jV8+2tFPTxOeQa+XMWgFg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=6G//Ysjjc0XVDXuudSAUkrpExZ17kMbMXQYYD05EbYo=; b=gWFFxqtgC4UWLehG2dBMD7mO4RgP9sf93u3aFJNz/g/c6zS1dBxdfgds4gRQaGpBtvbi890y0GOjvtteEGOvvpb5C9lO18yOEDhYrqX18SGc1qlb7Nwae9qE+F6WBUOBDGkKJxSw80HHBReHMfuOEkrR6sBwi+e3V+a2c9DACdfqWmMAgsfxqrE/OZTfQhoc/9fo7JPE1tZbqGCdrUVAk9aIKVWvJ27aR1Wvo6AiHR2ionz+zwUUUV/NohJcsZguG3rlguVwPmp7GXwJ95HoYf2i9mbBm0GAfkOl7IvorWk2a8CtD3VscB0c6QbwhyA3Vx4VQhBmDPApDtj9AmZGUw== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none (0) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=6G//Ysjjc0XVDXuudSAUkrpExZ17kMbMXQYYD05EbYo=; b=shQmBCCef1TiFrawKvFLEiYkmK2jKb5324/+TENkvMmfn1cqXH0DS6OcbZoWciE9qELiEZgGfWfiYb5BvBu2EaZTJCakSdP0uF+MFr9cSEuOEWosOSZw/Nhw/kkhgsAORFGxh7+Pf2AxWKlWmSqz99Bf+pwY33WN005NFPhMtnU= Received: from CY5PR13CA0078.namprd13.prod.outlook.com (2603:10b6:930:a::40) by DS0PR12MB9057.namprd12.prod.outlook.com (2603:10b6:8:c7::20) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7135.23; Sat, 30 Dec 2023 17:34:47 +0000 Received: from CY4PEPF0000FCBF.namprd03.prod.outlook.com (2603:10b6:930:a:cafe::2) by CY5PR13CA0078.outlook.office365.com (2603:10b6:930:a::40) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7159.8 via Frontend Transport; Sat, 30 Dec 2023 17:34:46 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by CY4PEPF0000FCBF.mail.protection.outlook.com (10.167.242.101) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.7159.9 via Frontend Transport; Sat, 30 Dec 2023 17:34:46 +0000 Received: from localhost (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.34; Sat, 30 Dec 2023 11:34:45 -0600 From: Michael Roth To: CC: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , Subject: [PATCH v11 03/35] KVM: Use AS_INACCESSIBLE when creating guest_memfd inode Date: Sat, 30 Dec 2023 11:23:19 -0600 Message-ID: <20231230172351.574091-4-michael.roth@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20231230172351.574091-1-michael.roth@amd.com> References: <20231230172351.574091-1-michael.roth@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: CY4PEPF0000FCBF:EE_|DS0PR12MB9057:EE_ X-MS-Office365-Filtering-Correlation-Id: 9ec4380e-2a68-4fae-2126-08dc095d9deb X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: jrEIvM6CWP+c4eLOi4q5MDeu5IIVftoeblGsQNw4FAALRiXDejt1RkPVfE7F378NkpEJRpCCZgEBFusuGpw6kn1rXYIIFE0FxstVROPuY6x9HVqUR5xkg19gRS+cQY6TJWVJxrRzEG9APGvymwcv5GgH7dqBsuSrsA9w2i5r2E+cTRVq5LcXsKNOIYGbf1/3PrdD/rGeM7yD/TiwnTKntu79dputM7j/cqW5iGcrLWvjz8kgvY4vmimiJLdF+JjYnlJy/BFMMbHEXWpQtIT1bf5V0NKg9gn3s38OaIr6y3Eh16mR7y4zXSClkv7YAgdWSQWQ/p3J/8ACZV+Y1ftjNt1v5QU8AZqgZDE/D3ijhy2hPhxndLvJEl+krM5V6ZBwbJoq1ALn6KxU0kPHKqLfg9BaThuXoEVp3Ucci+gPEguK5yyIkift16R9gBIjwTGYfJTotANHC/1l+UBjXWa0FM7qUSGsld9tTuu8tElQP9ES9QuIw7U58r9o8jjwRwuuO6kk32NX7SCSvJHy2q15+yLW00p7VC7cM5Yrid8HUTEYwzhnDSBJCaprZ8olkpa6kUSH2zQw5g5ehwWqi6YbXdEpxPMx07Nwv9uG88asRMev633YOZA/Ty7dS05gmPFw8SIXawHlthu38MEnldlcOCm/AuoKcgcEG1Z5M256mc9+GZGRYVqp5SYnQSb0SZvlGR8gCsjXrJFHJM+Cl7dJbOd0R3SIONNfUmn9uODtcLR+Ba/MfYFrCjc5xJdfh51iUm6WxDBkwyVkc8wEjeTvlg== X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230031)(4636009)(39860400002)(396003)(136003)(376002)(346002)(230922051799003)(186009)(82310400011)(64100799003)(451199024)(1800799012)(40470700004)(46966006)(36840700001)(40480700001)(40460700003)(41300700001)(2906002)(7406005)(7416002)(5660300002)(44832011)(8676002)(4326008)(316002)(54906003)(6916009)(70206006)(70586007)(8936002)(36756003)(86362001)(82740400003)(81166007)(356005)(966005)(478600001)(6666004)(47076005)(36860700001)(83380400001)(1076003)(26005)(16526019)(426003)(336012)(2616005)(36900700001);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 30 Dec 2023 17:34:46.4871 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 9ec4380e-2a68-4fae-2126-08dc095d9deb X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: CY4PEPF0000FCBF.namprd03.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: DS0PR12MB9057 X-Rspamd-Server: rspam08 X-Rspamd-Queue-Id: 5EBF940003 X-Stat-Signature: hr35fkh5e59jcmuje8gu7nm339oabfsh X-Rspam-User: X-HE-Tag: 1703957690-545095 X-HE-Meta: U2FsdGVkX186QYmFlUZeVze816DeqvTVL5hYrKwqrspmtCj9WGMVah+LiSiAOPk3o1S6iE3QM62wNzyX8lSmMfH4ZLG2v3hnj1Mwk3Ybma0hhxM0X/Lne6YW87lfmKj5m0OPXrbJ7GVlnFFZH4p4L+yiwj5UDP8BCRawg2JIQ9BWPXOmfL1s6dleBTMHL3aWD1weYf5k9rFhTBFWct7stxZKqAehEjaeCSsRwgINiWMCEiLSUxKobU2SOmNHD67hBiUi55jXn77uzCze6Gch+Knw8I4Q+VSGv+B/5oquLtdQDuV0BK1KYqs0LLdYiz9pvGPF1u7lr0xDRouNMmPQDPDrAPWOMpvzMba+l9/3lyverJpF2/qD5vDO9z3BCbd44nJatwZ+BSTHS8+Xp/HBq5ds8YzEu6xA7ir1+K+8ucwFmU/q0z1RqZhDcwe1KAPV1gOABNbGqWw21UIjqiHGI8TRI/lr1UM0tfXObsdPGyJpHtdFdYKkcMwSTylh7ndhi29ZehPWKqF5CBmafUOyQmomPiX9TlvT7cK+zh7YbXbSk7PnP73IsNrIUya9tA/Z9VksHDFC3vr/VZLeCfhJrJs19A+8emu5Bb0ehU3lnjGvF/iuDb3l5XT3wMKxV/grKgUZg3znWS4hnolCxvHCVOFHXd61XyxYfPGDzLC+CeC/tC+JHT5R5karGEgkgcpsV/6Na0W0ToNwoukL2uK70anWEURtrSsyMVMtNMu5hjU4vkc+ctPxBvjAmuWQIWiTW8ktaYcRM7HbTsOmgQgiBRNF/veoahEgC06Qy3P2OWNshFNXoqHctBz4bWAX95eeP8V7CdxUd3NbT3htOyBBM7tr0tOC3oBsX0cKAtSpsddk+O6SEfOvMdaKnQ801ib7XeYd3QruOWv8jSD9hvHN/NY5kFfQrUXL0ihHPPi4guXgbSICBvmUc/z5wXkVv7TiXR2GRYpm1DpZ4+rQrou nlK5HQ3b Fhc8tQ5t8qWhpZaDv4FZemr/a014yThAtoPPTlGPG5/KOvtjDMj/TSRG4tn4uHUjB4dfpILka0k2RglPDu+1MzXDVpEXTAY0IsO0SQdmGJUhF61jtb9c9pFZp3MuyY8VC9SJJebF5xanBBu8ji4Qtmgs3XnmbJkghcpEmNcLvQWJKYQF5OAGLIMrV4BjddYT0XpoGnb5Qfwo5Mnwqc06eCw6Zba3hayOwXmpw61foHRD0N5JpOAVmKyFdV0OZLOiqMcw4b4scbjq4XsCL0+pZ8DE1DMSPVNuy5ew13xwYJ0njQfpDQ+mfHYrU0lA1gVJEc1TpQTPRTuLo/5fnHX/HNmKfKLvTFHRuJR+NNA8wZxyNrIoPYfk/KSCHB086J4AxAqJL3t9y3z5w9UNoyIz1OiOijj56LWGdAnMQ3XIf4fIb7YF5ugp2w/B6ZoOz/P5S8Um6f23VLj7jz1X6wJNZOdNmdA== X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: truncate_inode_pages_range() may attempt to zero pages before truncating them, and this will occur before arch-specific invalidations can be triggered via .invalidate_folio/.free_folio hooks via kvm_gmem_aops. For AMD SEV-SNP this would result in an RMP #PF being generated by the hardware, which is currently treated as fatal (and even if specifically allowed for, would not result in anything other than garbage being written to guest pages due to encryption). On Intel TDX this would also result in undesirable behavior. Set the AS_INACCESSIBLE flag to prevent the MM from attempting unexpected accesses of this sort during operations like truncation. This may also in some cases yield a decent performance improvement for guest_memfd userspace implementations that hole-punch ranges immediately after private->shared conversions via KVM_SET_MEMORY_ATTRIBUTES, since the current implementation of truncate_inode_pages_range() always ends up zero'ing an entire 4K range if it is backing by a 2M folio. Link: https://lore.kernel.org/lkml/ZR9LYhpxTaTk6PJX@google.com/ Suggested-by: Sean Christopherson Signed-off-by: Michael Roth --- virt/kvm/guest_memfd.c | 1 + 1 file changed, 1 insertion(+) diff --git a/virt/kvm/guest_memfd.c b/virt/kvm/guest_memfd.c index 784690a664ac..4aaa82227978 100644 --- a/virt/kvm/guest_memfd.c +++ b/virt/kvm/guest_memfd.c @@ -390,6 +390,7 @@ static int __kvm_gmem_create(struct kvm *kvm, loff_t size, u64 flags) inode->i_private = (void *)(unsigned long)flags; inode->i_op = &kvm_gmem_iops; inode->i_mapping->a_ops = &kvm_gmem_aops; + inode->i_mapping->flags |= AS_INACCESSIBLE; inode->i_mode |= S_IFREG; inode->i_size = size; mapping_set_gfp_mask(inode->i_mapping, GFP_HIGHUSER); From patchwork Sat Dec 30 17:23:20 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Roth X-Patchwork-Id: 13507027 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 1EA48C46CD2 for ; Sat, 30 Dec 2023 17:35:16 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id B17366B00ED; Sat, 30 Dec 2023 12:35:15 -0500 (EST) Received: by kanga.kvack.org (Postfix, from userid 40) id AA1EA6B00F7; Sat, 30 Dec 2023 12:35:15 -0500 (EST) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 8CC4F8D0012; Sat, 30 Dec 2023 12:35:15 -0500 (EST) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0016.hostedemail.com [216.40.44.16]) by kanga.kvack.org (Postfix) with ESMTP id 76E806B00ED for ; Sat, 30 Dec 2023 12:35:15 -0500 (EST) Received: from smtpin10.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay09.hostedemail.com (Postfix) with ESMTP id 541B2809E4 for ; Sat, 30 Dec 2023 17:35:15 +0000 (UTC) X-FDA: 81624185790.10.85F14E6 Received: from NAM12-BN8-obe.outbound.protection.outlook.com (mail-bn8nam12on2051.outbound.protection.outlook.com [40.107.237.51]) by imf30.hostedemail.com (Postfix) with ESMTP id 7A09180009 for ; Sat, 30 Dec 2023 17:35:12 +0000 (UTC) Authentication-Results: imf30.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b=usQ8O1eG; arc=pass ("microsoft.com:s=arcselector9901:i=1"); dmarc=pass (policy=quarantine) header.from=amd.com; spf=pass (imf30.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.237.51 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com ARC-Seal: i=2; s=arc-20220608; d=hostedemail.com; t=1703957712; a=rsa-sha256; cv=pass; b=4JwR6QPI2Hc6PdP0QV7RchC5ZNlCh1ZnXMGAwqflQJgYmes88qa+NCn11CAeqQQh/jrDYr lLYElJGhw3BvAR2xm5POEPY7GptYaGbO2Gf4Si5Rz3bJXwJKnIrK7UMq8Swbivd3sdPzbF rZ45V3fXMZP350FlY6Z/3ilbth6P4cY= ARC-Authentication-Results: i=2; imf30.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b=usQ8O1eG; arc=pass ("microsoft.com:s=arcselector9901:i=1"); dmarc=pass (policy=quarantine) header.from=amd.com; spf=pass (imf30.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.237.51 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1703957712; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=R8lihcmQrM/UI73XzKuzn+TAXLqcU9fGptU1OVvSc+4=; b=4lZ5xWvCaMKNDsJnIgMiwX2U0qEpv8ZXil+b98SfnF17s1SOTkZoahCyoBkoXnkOpM0Q/V Y0D+5qO+B9yuU/M86M4WIGuP0aL0f8/rSGHFTVIDxelvnFiLiObvxkezKwt3t8AUurO7FR YKRb1uMwuZ+g/+X01UX2kRFyKPvAX18= ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=kkVuCws3+2iceE13LFy+O/DyByxZyK/QQIzzdZ235MGYlTzd24vq1bj31LxdAKsZgPlGdeoX+JR72gFEyIRxrNAke6gcKsqawcjWinxQjH1fuXSVi1iA6CoE1gjYfvyJc5s+9OWKnyDtLkp/bjv4SZOWStH3ll+MhdjPTLinIG7o+tWVGnspr1OUW2bVge5RfYmiZxwcM2oVhVpocsJgt5WupAcpUClUF4Yyi1/DZ62skNZr9jsePV/R31KFUW6NKBhqS2gPXi8Bms7jlGWUVKUqadNJFXoKRJhAoZUMDdeseyXx1Comv4wQOe7WMfiKcUWSgsxtD6lgeV+kxY+n/w== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=R8lihcmQrM/UI73XzKuzn+TAXLqcU9fGptU1OVvSc+4=; b=d67jVW2p+eoAxl9bsDs+hHncZQZV5lM7mGpqzS8+D31ee3mJOaF6mZk1MDEhHiGGfGUvj9j6hFs1FkN/ENnqNro/XCOuPChh9kE2soqhqle8NX7J5Mssd0Aj8m55IQGytkfoBc/TIiuuh5hN7L3sKOSbubYILyacBgYkYE3m4j/isT8rUjy17vgpzO+ATpXN7VwdY8wzXySqZBxM84sN3DMPw/3EoJ9v2HRm6RDwIiInB1KXKNgUeXnTb3yrZmctBGmaaln4fVnAYvKZs33BmcwnKdIIR3YzN6lS1Erivgvb4pmtwmkCf9I+PDH0hmokiBIf2lTOyeC+g4QlVZJsOQ== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none (0) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=R8lihcmQrM/UI73XzKuzn+TAXLqcU9fGptU1OVvSc+4=; b=usQ8O1eGw8jBXKyjB3I9ND5VTZKVJaOjbtslvm3Pj9tLibvz5Av5Rx0a8f+Xi1EibRg0IryymV5+p/AhPqwjQD2i/rNSiHo2sqoqG7ERFCB4cUHEesciEHqXGveXINQKx6V7ZB49oxwNAXBdD1JqFAGCBPcrYPPjbzTYs01xv1U= Received: from DS7PR05CA0059.namprd05.prod.outlook.com (2603:10b6:8:2f::32) by SA1PR12MB7344.namprd12.prod.outlook.com (2603:10b6:806:2b7::15) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7135.22; Sat, 30 Dec 2023 17:35:09 +0000 Received: from CY4PEPF0000FCC4.namprd03.prod.outlook.com (2603:10b6:8:2f:cafe::61) by DS7PR05CA0059.outlook.office365.com (2603:10b6:8:2f::32) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7159.9 via Frontend Transport; Sat, 30 Dec 2023 17:35:09 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by CY4PEPF0000FCC4.mail.protection.outlook.com (10.167.242.106) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.7159.9 via Frontend Transport; Sat, 30 Dec 2023 17:35:09 +0000 Received: from localhost (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.34; Sat, 30 Dec 2023 11:35:06 -0600 From: Michael Roth To: CC: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , Subject: [PATCH v11 04/35] KVM: x86: Add gmem hook for initializing memory Date: Sat, 30 Dec 2023 11:23:20 -0600 Message-ID: <20231230172351.574091-5-michael.roth@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20231230172351.574091-1-michael.roth@amd.com> References: <20231230172351.574091-1-michael.roth@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: CY4PEPF0000FCC4:EE_|SA1PR12MB7344:EE_ X-MS-Office365-Filtering-Correlation-Id: 6aba1332-afa5-4a50-82d7-08dc095dab7b X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: mdMONeaG0imaoRSPxtDXxo7NNfK5v6aBvti9W1dpCPSaR8hKqJmfu6qVE5ta/Lt3WpjHrBN+rNT6AAUl+KvOZIlfK5zUFb3p5u5LayhPYOxAFGuOuWSbVT4l9lJXthYDU504NUoEAuvgKI3WrFlEpsP/ghFHD25fUh/ZUw8AmvvE9EhfFtyJVHZ1QU8O1hjip2P+bpJx+hlB5oFW3ZD2HtRiVDpRkbd/8Mmi/cnBjL4yE/pnrn3VZIVosKpBZseoX3NA5CsLvzHF4V2E/1e0liMKuLcFom6yJxLEFRfyEsLOLkY0oEQot1+hMoEoftSiHv4R5ldkm5aDmwZib4U6FnIaA4FOhmI43oOhzrjXZfw8ldCQ3Ch9sw5rwz1161SDKsKxvTtbq6Y20ZOxSXVPfhgR81Ad7RDqGpm+9m9a42DPzDzCoT5zCEZFu+fwm5i0h18kPBB9MbH7kTlO5fSqvSdWlU3CXYMwzklDSFOaodTmfc/TRNK2F5Npl5TYGk4M+jqTFIj08rOoKxfJyitMupqcUEP9GbLOq54t7HlMqdobCgatCoPpnmAy/sjlhYN/KMkpupEPn07IyzwsDjuYZm4wFcVN21S4Kp27hVro8ttjpxpXym5iBgkTQg6od4QnRseKLXTtIG0K8cGLCtGW9Ekdbbi1Vx46BdEBLPjQmp5iF41O3LcMyq2bnZm8Ynn1MAPLvrqn1TtJ7O0Xs0ra4zpwNLVOCGNh/bypiDUmberOndj0vSGNAxPNhB7k8WBCXmoN4lD8knWgN8c9dVgP2A== X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230031)(4636009)(376002)(39860400002)(136003)(346002)(396003)(230922051799003)(186009)(82310400011)(451199024)(64100799003)(1800799012)(36840700001)(40470700004)(46966006)(2906002)(7406005)(7416002)(5660300002)(41300700001)(16526019)(40480700001)(83380400001)(426003)(40460700003)(2616005)(336012)(1076003)(26005)(966005)(478600001)(6666004)(47076005)(86362001)(81166007)(82740400003)(36860700001)(356005)(70586007)(70206006)(6916009)(54906003)(316002)(4326008)(44832011)(8936002)(8676002)(36756003)(36900700001);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 30 Dec 2023 17:35:09.2280 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 6aba1332-afa5-4a50-82d7-08dc095dab7b X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: CY4PEPF0000FCC4.namprd03.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: SA1PR12MB7344 X-Rspam-User: X-Rspamd-Server: rspam06 X-Rspamd-Queue-Id: 7A09180009 X-Stat-Signature: 9pn7wr8acbinyaxmgec1macq6zddjyxe X-HE-Tag: 1703957712-803852 X-HE-Meta: U2FsdGVkX18AcovuR0JC7vRbsDRC3rbca4wN5fNu2SBALk/JWn+Va1MLtGL7Jq8+1VuHNUdep9BM9YuAfKp+GK4osDxuohQB9d7GXar5ze1elLx07+cU14IrT69i+Iijk9JrsMunKM0JqpTBZR1SJt6qCW+eu0sgwpQnuatY21dtLKrd4fAALtS3HbT2KcsKR7UFOw9/pdSaT1Ss4CWFUNjQlp4W3edwcGq2mIWO4NcX1O6uCtegi5sXzTpQn1nCeOEvFqtOQZLzdeauZDZC0PbGYH04cCuGw1jfZRVGxv4wRlmS+LXG6tDVhDmkVg4aUMP5TbMsj4FHZHfHUbDsgz/JF/wegQVctv2hP5lUjwv3586kGjxAwDRqHfXeAUdh0ooZW3q5xbH6A8/rZrIqNF0z5BIt8yLJH7dlf479uUwPUuGECYlFwS8A9EyElkhlUCLZlN8yy7BjrlNUTlpPr9bSD8uLgFcmeCFC70AWW6rmniCKcfmPplKZ5kK2JhLv0WFYjcT4rr8MsR1VxArpjXI/sFgBsD+V3moAcOuyK3PVEEh8Pp4bXDgNvbiY/w/ofxsFSwqe0UxnSu4eUZGBbXqfUyhvp440FIqHv3SJCuLSVw/R2S+nP8egRL8c5Zf/+oi4mgSBmq8eojD0Djoutc59wrQG9oxvc0bkGoNQPF7pZIU4J0zgyT+4E3HXUlIGQ1B4dkSA2G4dF3Fwt30O9x6kMAmEASAL2y61UxNzV9OHXT9nSJIX8Nkb0t/xW0q1xyd0Pl+eZp4lMwZFXzbHNF0o70Z8sqejnTUh17uO1YoZk2E3PgxPB9Qk4ZkuATqGKlXPnV9tJmpx1It6cNTXhOZW82jM8lbaMy2c/vb3q29r1WI45VjwKCIT4XlR0cG/VGaioiXIbA3O9Bgm6FjTSCcK0RLxN84NJocRFBtxDNENKDupJ9JbvRl/LMGCia6U2ex57vRJYKh1ykkSu8F iIaLk/wp uKFPXV1KCsOWD3hBupmG+DPEgaR6TSn+wMfaCvpjbU8o4iiL6USBOmFs6uO/wBagQyCz66grxkaJgh8ZsoQ478gRQgZhoZ0X+/L17WVUzbFyWUzIKdmx/ChXJ5QQdNxhYA26DqoOrm9T5A74pcEnPs7bHhdnsbyWvH47QgnDOC1Bm7UkrxCWI/FsGqT4KUIxHLAL6e7rvCeNDStflnskQvG0vSAAV7cHsDvSDooUdaO2d7hwlDieMW3MEr204B2waqNla+YKrQAEKG/tA+ietQDtidLpB/bn7CCFDhTpq1tu8p+0qBWXlJ1YhrT5wbsHvf5mWOUOcm+PiKDg+4S/8xIvcLHdfiDMzBWiV35C+eC+PqCnrvJV61qAmYRLx9ZCnIMINTfDLrX3ObVYHJ2MVyqCETaSbEgWrj6qg X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: guest_memfd pages are generally expected to be in some arch-defined initial state prior to using them for guest memory. For SEV-SNP this initial state is 'private', or 'guest-owned', and requires additional operations to move these pages into a 'private' state by updating the corresponding entries the RMP table. Allow for an arch-defined hook to handle updates of this sort, and go ahead and implement one for x86 so KVM implementations like AMD SVM can register a kvm_x86_ops callback to handle these updates for SEV-SNP guests. The preparation callback is always called when allocating/grabbing folios via gmem, and it is up to the architecture to keep track of whether or not the pages are already in the expected state (e.g. the RMP table in the case of SEV-SNP). In some cases, it is necessary to defer the preparation of the pages to handle things like in-place encryption of initial guest memory payloads before marking these pages as 'private'/'guest-owned', so also add a helper that performs the same function as kvm_gmem_get_pfn(), but allows for the preparation callback to be bypassed to allow for pages to be accessed beforehand. Link: https://lore.kernel.org/lkml/ZLqVdvsF11Ddo7Dq@google.com/ Signed-off-by: Michael Roth --- arch/x86/include/asm/kvm-x86-ops.h | 1 + arch/x86/include/asm/kvm_host.h | 1 + arch/x86/kvm/x86.c | 6 ++++ include/linux/kvm_host.h | 14 ++++++++ virt/kvm/Kconfig | 4 +++ virt/kvm/guest_memfd.c | 56 +++++++++++++++++++++++++++--- 6 files changed, 77 insertions(+), 5 deletions(-) diff --git a/arch/x86/include/asm/kvm-x86-ops.h b/arch/x86/include/asm/kvm-x86-ops.h index ab24ce207988..5e6b58439100 100644 --- a/arch/x86/include/asm/kvm-x86-ops.h +++ b/arch/x86/include/asm/kvm-x86-ops.h @@ -139,6 +139,7 @@ KVM_X86_OP(vcpu_deliver_sipi_vector) KVM_X86_OP_OPTIONAL_RET0(vcpu_get_apicv_inhibit_reasons); KVM_X86_OP_OPTIONAL(get_untagged_addr) KVM_X86_OP_OPTIONAL(alloc_apic_backing_page) +KVM_X86_OP_OPTIONAL_RET0(gmem_prepare) #undef KVM_X86_OP #undef KVM_X86_OP_OPTIONAL diff --git a/arch/x86/include/asm/kvm_host.h b/arch/x86/include/asm/kvm_host.h index 9b0f18d096ed..1fc14aa58913 100644 --- a/arch/x86/include/asm/kvm_host.h +++ b/arch/x86/include/asm/kvm_host.h @@ -1795,6 +1795,7 @@ struct kvm_x86_ops { gva_t (*get_untagged_addr)(struct kvm_vcpu *vcpu, gva_t gva, unsigned int flags); void *(*alloc_apic_backing_page)(struct kvm_vcpu *vcpu); + int (*gmem_prepare)(struct kvm *kvm, kvm_pfn_t pfn, gfn_t gfn, int max_order); }; struct kvm_x86_nested_ops { diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c index 27e23714e960..67d7c9e1331c 100644 --- a/arch/x86/kvm/x86.c +++ b/arch/x86/kvm/x86.c @@ -13512,6 +13512,12 @@ bool kvm_arch_no_poll(struct kvm_vcpu *vcpu) } EXPORT_SYMBOL_GPL(kvm_arch_no_poll); +#ifdef CONFIG_HAVE_KVM_GMEM_PREPARE +int kvm_arch_gmem_prepare(struct kvm *kvm, gfn_t gfn, kvm_pfn_t pfn, int max_order) +{ + return static_call(kvm_x86_gmem_prepare)(kvm, pfn, gfn, max_order); +} +#endif int kvm_spec_ctrl_test_value(u64 value) { diff --git a/include/linux/kvm_host.h b/include/linux/kvm_host.h index 7e7fd25b09b3..22feb4910854 100644 --- a/include/linux/kvm_host.h +++ b/include/linux/kvm_host.h @@ -2375,9 +2375,19 @@ static inline bool kvm_mem_is_private(struct kvm *kvm, gfn_t gfn) #endif /* CONFIG_KVM_GENERIC_MEMORY_ATTRIBUTES */ #ifdef CONFIG_KVM_PRIVATE_MEM +int __kvm_gmem_get_pfn(struct kvm *kvm, struct kvm_memory_slot *slot, + gfn_t gfn, kvm_pfn_t *pfn, int *max_order, bool prep); int kvm_gmem_get_pfn(struct kvm *kvm, struct kvm_memory_slot *slot, gfn_t gfn, kvm_pfn_t *pfn, int *max_order); #else +static inline int __kvm_gmem_get_pfn(struct kvm *kvm, + struct kvm_memory_slot *slot, gfn_t gfn, + kvm_pfn_t *pfn, int *max_order, bool prep) +{ + KVM_BUG_ON(1, kvm); + return -EIO; +} + static inline int kvm_gmem_get_pfn(struct kvm *kvm, struct kvm_memory_slot *slot, gfn_t gfn, kvm_pfn_t *pfn, int *max_order) @@ -2387,4 +2397,8 @@ static inline int kvm_gmem_get_pfn(struct kvm *kvm, } #endif /* CONFIG_KVM_PRIVATE_MEM */ +#ifdef CONFIG_HAVE_KVM_GMEM_PREPARE +int kvm_arch_gmem_prepare(struct kvm *kvm, gfn_t gfn, kvm_pfn_t pfn, int max_order); +#endif + #endif diff --git a/virt/kvm/Kconfig b/virt/kvm/Kconfig index 6793211a0b64..f5d6256607d2 100644 --- a/virt/kvm/Kconfig +++ b/virt/kvm/Kconfig @@ -103,3 +103,7 @@ config KVM_GENERIC_PRIVATE_MEM select KVM_GENERIC_MEMORY_ATTRIBUTES select KVM_PRIVATE_MEM bool + +config HAVE_KVM_GMEM_PREPARE + bool + depends on KVM_PRIVATE_MEM diff --git a/virt/kvm/guest_memfd.c b/virt/kvm/guest_memfd.c index 4aaa82227978..5e88e525cf75 100644 --- a/virt/kvm/guest_memfd.c +++ b/virt/kvm/guest_memfd.c @@ -43,7 +43,40 @@ static struct folio *kvm_gmem_get_huge_folio(struct inode *inode, pgoff_t index, return folio; } -static struct folio *kvm_gmem_get_folio(struct inode *inode, pgoff_t index) +static int kvm_gmem_prepare_folio(struct inode *inode, pgoff_t index, struct folio *folio) +{ +#ifdef CONFIG_HAVE_KVM_GMEM_PREPARE + struct list_head *gmem_list = &inode->i_mapping->i_private_list; + struct kvm_gmem *gmem; + + list_for_each_entry(gmem, gmem_list, entry) { + struct kvm_memory_slot *slot; + struct kvm *kvm = gmem->kvm; + struct page *page; + kvm_pfn_t pfn; + gfn_t gfn; + int rc; + + slot = xa_load(&gmem->bindings, index); + if (!slot) + continue; + + page = folio_file_page(folio, index); + pfn = page_to_pfn(page); + gfn = slot->base_gfn + index - slot->gmem.pgoff; + rc = kvm_arch_gmem_prepare(kvm, gfn, pfn, compound_order(compound_head(page))); + if (rc) { + pr_warn_ratelimited("gmem: Failed to prepare folio for index %lx, error %d.\n", + index, rc); + return rc; + } + } + +#endif + return 0; +} + +static struct folio *kvm_gmem_get_folio(struct inode *inode, pgoff_t index, bool prep) { struct folio *folio; @@ -73,6 +106,12 @@ static struct folio *kvm_gmem_get_folio(struct inode *inode, pgoff_t index) folio_mark_uptodate(folio); } + if (prep && kvm_gmem_prepare_folio(inode, index, folio)) { + folio_unlock(folio); + folio_put(folio); + return NULL; + } + /* * Ignore accessed, referenced, and dirty flags. The memory is * unevictable and there is no storage to write back to. @@ -177,7 +216,7 @@ static long kvm_gmem_allocate(struct inode *inode, loff_t offset, loff_t len) break; } - folio = kvm_gmem_get_folio(inode, index); + folio = kvm_gmem_get_folio(inode, index, true); if (!folio) { r = -ENOMEM; break; @@ -517,8 +556,8 @@ void kvm_gmem_unbind(struct kvm_memory_slot *slot) fput(file); } -int kvm_gmem_get_pfn(struct kvm *kvm, struct kvm_memory_slot *slot, - gfn_t gfn, kvm_pfn_t *pfn, int *max_order) +int __kvm_gmem_get_pfn(struct kvm *kvm, struct kvm_memory_slot *slot, + gfn_t gfn, kvm_pfn_t *pfn, int *max_order, bool prep) { pgoff_t index, huge_index; struct kvm_gmem *gmem; @@ -539,7 +578,7 @@ int kvm_gmem_get_pfn(struct kvm *kvm, struct kvm_memory_slot *slot, goto out_fput; } - folio = kvm_gmem_get_folio(file_inode(file), index); + folio = kvm_gmem_get_folio(file_inode(file), index, prep); if (!folio) { r = -ENOMEM; goto out_fput; @@ -580,4 +619,11 @@ int kvm_gmem_get_pfn(struct kvm *kvm, struct kvm_memory_slot *slot, return r; } +EXPORT_SYMBOL_GPL(__kvm_gmem_get_pfn); + +int kvm_gmem_get_pfn(struct kvm *kvm, struct kvm_memory_slot *slot, + gfn_t gfn, kvm_pfn_t *pfn, int *max_order) +{ + return __kvm_gmem_get_pfn(kvm, slot, gfn, pfn, max_order, true); +} EXPORT_SYMBOL_GPL(kvm_gmem_get_pfn); From patchwork Sat Dec 30 17:23:21 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Roth X-Patchwork-Id: 13507028 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 0F603C46CD2 for ; Sat, 30 Dec 2023 17:35:37 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 994016B00FE; Sat, 30 Dec 2023 12:35:36 -0500 (EST) Received: by kanga.kvack.org (Postfix, from userid 40) id 91B126B0164; Sat, 30 Dec 2023 12:35:36 -0500 (EST) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 6F9596B0166; Sat, 30 Dec 2023 12:35:36 -0500 (EST) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0010.hostedemail.com [216.40.44.10]) by kanga.kvack.org (Postfix) with ESMTP id 54C246B00FE for ; Sat, 30 Dec 2023 12:35:36 -0500 (EST) Received: from smtpin26.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay02.hostedemail.com (Postfix) with ESMTP id 1AC4A120A10 for ; Sat, 30 Dec 2023 17:35:36 +0000 (UTC) X-FDA: 81624186672.26.7F3737E Received: from NAM12-MW2-obe.outbound.protection.outlook.com (mail-mw2nam12on2059.outbound.protection.outlook.com [40.107.244.59]) by imf11.hostedemail.com (Postfix) with ESMTP id 2CD2340014 for ; Sat, 30 Dec 2023 17:35:32 +0000 (UTC) Authentication-Results: imf11.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b=CtMlr6Wb; dmarc=pass (policy=quarantine) header.from=amd.com; arc=pass ("microsoft.com:s=arcselector9901:i=1"); spf=pass (imf11.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.244.59 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1703957733; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=nvE6vlHZU2iqAHpXOpQt2sXO9N2lNTkC26FEAwCIcKQ=; b=gMaJpdrymGAZUMO2orTP6NfXoeZqx3earaanHo8F4U0EMjdBnHygjUCrWN/X/ETkiRvoM1 buLg7+b8BSe7Ig+KisTc2Jt5wmaJYaNi+egN33kxeUOGRyP7Q9xuvSAknhXG38YgPu36JZ 3N4vTLBMhSCm+F4vL96hbip9TZUbgAI= ARC-Authentication-Results: i=2; imf11.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b=CtMlr6Wb; dmarc=pass (policy=quarantine) header.from=amd.com; arc=pass ("microsoft.com:s=arcselector9901:i=1"); spf=pass (imf11.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.244.59 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com ARC-Seal: i=2; s=arc-20220608; d=hostedemail.com; t=1703957733; a=rsa-sha256; cv=pass; b=mnVxxXV3cFLDNQsN4LXTzNocHk2l07W97NphXMttmhhENMFmAb504WF6UtHz5/IvnIugvH nx0aB+hBIy9g4bp+y9TRTtHYS8rUpvkjfXAHd/Ll8dqgGhWYk60yUQmCONtmyQW7e/aacx Ttq6yQBPbmHUbhVLymJegsj+5w9KLM4= ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=USabXbvSHRaGLoM7BQ0nzyaAJYGswb8nwrdv3Cnw1faxKTHB/iciVZ3M/gRYd8e3UvDC7NCwSfypgvi08Y9cQ97w3V4HjCXkuzzE02rn6oelJHfH5xdT9B930v3/mfnrA8ceb1zjq8YXqz0Khpes0jsAlYUJ9TSck6/uHQa9p7juAwggPccqx4vOgZKNoG3ASV559mDWeRJMDV/sEIfwz/nt6XEYCmx9RNG/klttXdYAwUk+28VjyJnrIUey03WeUBqyPn1pjFXtiuwGlugt3kvNENZjj1lQctr6QF6PNmcu2Acx39iBcsus8OgivNLO8rSZrRTWnxptq67RegUjHA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=nvE6vlHZU2iqAHpXOpQt2sXO9N2lNTkC26FEAwCIcKQ=; b=deVV9XPK+KKqNMQ22UHZoLm8byZGts2xIJEc59sca2Z4TO/Uu90T+BxYRjl6jvr1gpczMCVHvoysi6Ozzl14Cng7wixQ0zrxGrhtB402M4hC2OVp4w4HO8kQXbmkLkPkeZQKRn7Mu9Ww24k0MOlgDEuBUJO5EXjbyAN/IXbj4XJm5vT6NSlFQFEmwUyrl5eKfpt8KsTmBYuUidBnoN3Nd4gGGej38p6o4IeO6kFkG9rHKgrprwgVaRDl3vKhSK9wlNEQJ6qFM2YnFYk64GS+Xm/0puOqQulLo04PdV28vf6MqwwEhV3NLiVUiUnjUZWKEeU4eSPD+8wsL6cvTaxQuA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none (0) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=nvE6vlHZU2iqAHpXOpQt2sXO9N2lNTkC26FEAwCIcKQ=; b=CtMlr6Wbl7U6wZufHZXH2l6r3pXJl23eU9E7oGj1sCJIUeXwJ8wrPmUGCP+2YnJ3wtlZVRnwqmRJfFb1bohA5gcEBaoU2Woop4TR46sYjuL4Y8Vx30HhYgNJQGidfddRM3pcth2UMqF2XizMhiZwMuRnX8R/ewHmiht5MbSlXr0= Received: from CY5PR19CA0103.namprd19.prod.outlook.com (2603:10b6:930:83::17) by SA0PR12MB4558.namprd12.prod.outlook.com (2603:10b6:806:72::20) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7135.22; Sat, 30 Dec 2023 17:35:28 +0000 Received: from CY4PEPF0000FCBE.namprd03.prod.outlook.com (2603:10b6:930:83:cafe::e6) by CY5PR19CA0103.outlook.office365.com (2603:10b6:930:83::17) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7135.22 via Frontend Transport; Sat, 30 Dec 2023 17:35:28 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by CY4PEPF0000FCBE.mail.protection.outlook.com (10.167.242.100) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.7159.9 via Frontend Transport; Sat, 30 Dec 2023 17:35:28 +0000 Received: from localhost (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.34; Sat, 30 Dec 2023 11:35:27 -0600 From: Michael Roth To: CC: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , Subject: [PATCH v11 05/35] KVM: x86: Add gmem hook for invalidating memory Date: Sat, 30 Dec 2023 11:23:21 -0600 Message-ID: <20231230172351.574091-6-michael.roth@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20231230172351.574091-1-michael.roth@amd.com> References: <20231230172351.574091-1-michael.roth@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: CY4PEPF0000FCBE:EE_|SA0PR12MB4558:EE_ X-MS-Office365-Filtering-Correlation-Id: 79606b0e-ff3b-4646-4041-08dc095db6c1 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: iPBNL9XQLbWL5WlTz+AcUbM8w9LgD+TrePUnr6luMH06peeflQY2wLrvyUWTSUbLdweSKuM080gVOmDThVQ8UwTsuf9aI5sZjR1roMJJrFzByCcBZ344EHd2CIhPs+JttDoes0fqeCzAx6R8hKOrqa0zZuQpWb2Yqoa7zNcW76CBmM9Y8GSld5ZTu3kOhSF3iUY4tZOaZ5A35J4+feXjWQj2iwDFoDzltYS6/4OTWOd2fFJ9WZhbufXZT2oWMUA+ofDoG41FcJ8vHJRfhktVtTakZzmNWarHuyZjl2nd+pbyk+c0T8whBCBETxBk+WFwOhfhAi/HPf1Ecz7oDjK6vj45bd0Jv4+Z2/CifU2//+7RsMpb77lUib8706T9xzakx9zcNRTo65zGbb/d8Cbe9ZYtPFus8hb5iG9iFj/NoP4QpzVAxR9Mzh8hazWNsFfJ1ga2Bnim7tbOPkoqxPzU49EwXiuZ2un80lkHA2DC6oNLNWuhJpVO/JfT0i1dr+b1QDmko+e69BFwhdSEBvTOYMcnVuWMVES1oSNGOwpK27aeWPOU1OONs+GpIsFqMoCsTE+GAcUDI42yL5cgPRzNIqbb2dgLrGGhbWPp8FVwQJXo7foNMyoWlsffzaLIR4oQ7Uxr5hmCrP6mfRCYMR16wEKTs2ssFHGUn6o1VNTN6JLF3p8lWHwOhWFSbQ0APRD8AAJMsgrEGVFiHdWVt6kzT5vxvC9lq/xrF1apkihQ4QEo/R24+j956XijvnarbFthR7BoOE2/LVL8L8gpkKDM4w== X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230031)(4636009)(136003)(346002)(396003)(39860400002)(376002)(230922051799003)(186009)(82310400011)(1800799012)(451199024)(64100799003)(40470700004)(46966006)(36840700001)(2906002)(5660300002)(7406005)(7416002)(4326008)(8676002)(8936002)(44832011)(316002)(36756003)(54906003)(6916009)(86362001)(478600001)(40460700003)(40480700001)(6666004)(41300700001)(16526019)(1076003)(26005)(426003)(2616005)(336012)(356005)(83380400001)(81166007)(47076005)(70206006)(70586007)(82740400003)(36860700001)(36900700001);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 30 Dec 2023 17:35:28.1400 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 79606b0e-ff3b-4646-4041-08dc095db6c1 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: CY4PEPF0000FCBE.namprd03.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: SA0PR12MB4558 X-Rspamd-Server: rspam09 X-Rspamd-Queue-Id: 2CD2340014 X-Stat-Signature: pfn6oxpy81y8pbddopnfc8inodd4ynso X-Rspam-User: X-HE-Tag: 1703957732-394801 X-HE-Meta: U2FsdGVkX18+4S7NkdYoTNPCDY9pj6kck/scxebBIepxhjEO1OKhXsipbhqxhrsGRiZR1A6NiYh7jmTLFv+XGvT5zpgpZTtR3agqpooIl8VnhQCBXWAqvZlbS4w4v9sF9FaFhl/QMADyODgcTHtknyg5vyp3+Ko9yFFz3zBabii97l1gNfIhSU6jovL/g27gUuBt7qkqq9UMB5Tiszistm78IEMQ0Hh/1/asc7Mc2kP05z61SPs9IVPMFWoyxH0/ST1fe9MmJ/NYHW1TKQQ+AB5Itdbjo8+MqU5O65j97oXSIlZzd1OFwzePyrpM4nDvTpx4gyqJU5eR69z+Ee0plljF5d4hGfEDFlxc4P7nCQSjNRJDHO8Z0b6/BuuFb6h/9KV7nOVK8mDeta4Xsy6f6RAOEcVAzDrmP/Vvv3b31yxPZ2VguFUxMPtc8TbTwO8TZoGx80zmq/7b7ABEUiKUa9PhEkIjYCbZlTUb99+FW5KRGkO3UQw7HWOYBzgieAreSifjniT4HWYbjHTMLXUz70tiw/12E8ZDLSla6pepfj5MksBzXQEgqo1i2Qybq+vW/DkBhVYGwC6FJ6DpstQ1iasHQh5PKWb/CNEHulX5eUSCt2rf6jCJ7ouNweoRpCja7sO8tex11ijY+XAQoBZRDBRAPN40uDJBeTkk63mE9Xqb1zKipjR5YkIkJM63DY9jOHKLzvTH7xp+76nrGG/4Z9o3NoaYnwtlrFDchia+UYAVHObRR9VB4iNwec5ssgfAzOnAOPidyyOVecIkpE46hP8jvGPwhEeSp/meJ+GJ7E77O+iMzUTYMQ6cVhle0N1Hu10zuQuItQfhaQhq4WfEWiKLw/W6J9Tu59H3GWG+pmf+xetMGZ0CQD74Jay6IKoUdG9P6FaAXsLC9qvYoZulyU0Xyv7u7fUwDVi9a6bBFlawrJbIVbgwEVw4YG0sPLbuGgI4ozlJ/51Gm+cpaXU bQfWWY1y tr9VLxx3JIRV58NIPDujmx2Fk4jCflDa9/jqTooLL2bqKfvbS9kiudMpmX+9a4rVxunQ1Vc9QQMJK5/lqmpS7S2qtNSgZ2IpBQDVPxmmQauWWF/z/4l2wpv1j4boIg+CO1BzTG149CU3cwMBB3Dou/zEGdausIn6M5CEM+bvWS7dmvMrQuMhqQoHvNnUtmNRo5HnO882NgUt3XFTNtnN0qxQsZeHDUiUR5EkNFHlJQgLK7kP0zNmdCn2CNv6DZ0CBNCFPmslfv1yDE7KU4wHPwIt0CrBSK7pEVtZIGR7z1v++Y0OZhc/3dHr0pN89eoZpspOD+Fn2qgthPQw= X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: In some cases, like with SEV-SNP, guest memory needs to be updated in a platform-specific manner before it can be safely freed back to the host. Wire up arch-defined hooks to the .free_folio kvm_gmem_aops callback to allow for special handling of this sort when freeing memory in response to FALLOC_FL_PUNCH_HOLE operations and when releasing the inode, and go ahead and define an arch-specific hook for x86 since it will be needed for handling memory used for SEV-SNP guests. Signed-off-by: Michael Roth --- arch/x86/include/asm/kvm-x86-ops.h | 1 + arch/x86/include/asm/kvm_host.h | 1 + arch/x86/kvm/x86.c | 7 +++++++ include/linux/kvm_host.h | 4 ++++ virt/kvm/Kconfig | 4 ++++ virt/kvm/guest_memfd.c | 14 ++++++++++++++ 6 files changed, 31 insertions(+) diff --git a/arch/x86/include/asm/kvm-x86-ops.h b/arch/x86/include/asm/kvm-x86-ops.h index 5e6b58439100..c4b7b0db7be3 100644 --- a/arch/x86/include/asm/kvm-x86-ops.h +++ b/arch/x86/include/asm/kvm-x86-ops.h @@ -140,6 +140,7 @@ KVM_X86_OP_OPTIONAL_RET0(vcpu_get_apicv_inhibit_reasons); KVM_X86_OP_OPTIONAL(get_untagged_addr) KVM_X86_OP_OPTIONAL(alloc_apic_backing_page) KVM_X86_OP_OPTIONAL_RET0(gmem_prepare) +KVM_X86_OP_OPTIONAL(gmem_invalidate) #undef KVM_X86_OP #undef KVM_X86_OP_OPTIONAL diff --git a/arch/x86/include/asm/kvm_host.h b/arch/x86/include/asm/kvm_host.h index 1fc14aa58913..63596fe45013 100644 --- a/arch/x86/include/asm/kvm_host.h +++ b/arch/x86/include/asm/kvm_host.h @@ -1796,6 +1796,7 @@ struct kvm_x86_ops { gva_t (*get_untagged_addr)(struct kvm_vcpu *vcpu, gva_t gva, unsigned int flags); void *(*alloc_apic_backing_page)(struct kvm_vcpu *vcpu); int (*gmem_prepare)(struct kvm *kvm, kvm_pfn_t pfn, gfn_t gfn, int max_order); + void (*gmem_invalidate)(kvm_pfn_t start, kvm_pfn_t end); }; struct kvm_x86_nested_ops { diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c index 67d7c9e1331c..aaf71e5c1d18 100644 --- a/arch/x86/kvm/x86.c +++ b/arch/x86/kvm/x86.c @@ -13519,6 +13519,13 @@ int kvm_arch_gmem_prepare(struct kvm *kvm, gfn_t gfn, kvm_pfn_t pfn, int max_ord } #endif +#ifdef CONFIG_HAVE_KVM_GMEM_INVALIDATE +void kvm_arch_gmem_invalidate(kvm_pfn_t start, kvm_pfn_t end) +{ + static_call_cond(kvm_x86_gmem_invalidate)(start, end); +} +#endif + int kvm_spec_ctrl_test_value(u64 value) { /* diff --git a/include/linux/kvm_host.h b/include/linux/kvm_host.h index 22feb4910854..a2a8331fbb94 100644 --- a/include/linux/kvm_host.h +++ b/include/linux/kvm_host.h @@ -2401,4 +2401,8 @@ static inline int kvm_gmem_get_pfn(struct kvm *kvm, int kvm_arch_gmem_prepare(struct kvm *kvm, gfn_t gfn, kvm_pfn_t pfn, int max_order); #endif +#ifdef CONFIG_HAVE_KVM_GMEM_INVALIDATE +void kvm_arch_gmem_invalidate(kvm_pfn_t start, kvm_pfn_t end); +#endif + #endif diff --git a/virt/kvm/Kconfig b/virt/kvm/Kconfig index f5d6256607d2..734b7d467380 100644 --- a/virt/kvm/Kconfig +++ b/virt/kvm/Kconfig @@ -107,3 +107,7 @@ config KVM_GENERIC_PRIVATE_MEM config HAVE_KVM_GMEM_PREPARE bool depends on KVM_PRIVATE_MEM + +config HAVE_KVM_GMEM_INVALIDATE + bool + depends on KVM_PRIVATE_MEM diff --git a/virt/kvm/guest_memfd.c b/virt/kvm/guest_memfd.c index 5e88e525cf75..feec0da93d98 100644 --- a/virt/kvm/guest_memfd.c +++ b/virt/kvm/guest_memfd.c @@ -370,10 +370,24 @@ static int kvm_gmem_error_folio(struct address_space *mapping, return MF_DELAYED; } +#ifdef CONFIG_HAVE_KVM_GMEM_INVALIDATE +static void kvm_gmem_free_folio(struct folio *folio) +{ + struct page *page = folio_page(folio, 0); + kvm_pfn_t pfn = page_to_pfn(page); + int order = folio_order(folio); + + kvm_arch_gmem_invalidate(pfn, pfn + (1ul << order)); +} +#endif + static const struct address_space_operations kvm_gmem_aops = { .dirty_folio = noop_dirty_folio, .migrate_folio = kvm_gmem_migrate_folio, .error_remove_folio = kvm_gmem_error_folio, +#ifdef CONFIG_HAVE_KVM_GMEM_INVALIDATE + .free_folio = kvm_gmem_free_folio, +#endif }; static int kvm_gmem_getattr(struct mnt_idmap *idmap, const struct path *path, From patchwork Sat Dec 30 17:23:22 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Roth X-Patchwork-Id: 13507029 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 54EC1C46CD2 for ; Sat, 30 Dec 2023 17:35:56 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id D88A06B00D6; Sat, 30 Dec 2023 12:35:55 -0500 (EST) Received: by kanga.kvack.org (Postfix, from userid 40) id D12506B0109; Sat, 30 Dec 2023 12:35:55 -0500 (EST) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id B63A56B0113; Sat, 30 Dec 2023 12:35:55 -0500 (EST) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0010.hostedemail.com [216.40.44.10]) by kanga.kvack.org (Postfix) with ESMTP id 9EF9D6B00D6 for ; Sat, 30 Dec 2023 12:35:55 -0500 (EST) Received: from smtpin24.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay05.hostedemail.com (Postfix) with ESMTP id 7D44440249 for ; Sat, 30 Dec 2023 17:35:55 +0000 (UTC) X-FDA: 81624187470.24.26576DD Received: from NAM11-BN8-obe.outbound.protection.outlook.com (mail-bn8nam11on2040.outbound.protection.outlook.com [40.107.236.40]) by imf19.hostedemail.com (Postfix) with ESMTP id C232E1A0018 for ; Sat, 30 Dec 2023 17:35:52 +0000 (UTC) Authentication-Results: imf19.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b=rykVirUe; dmarc=pass (policy=quarantine) header.from=amd.com; spf=pass (imf19.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.236.40 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com; arc=pass ("microsoft.com:s=arcselector9901:i=1") ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1703957752; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=zJdffYq+pgkM0AT83BPuzz07jf/OvU1Z3DbZaRfVCxM=; b=Iz5OlP6pdvmsRfnt+gmz9CEMuK8yHvzP4S2iliJ+6ZW5j4m8110xRrMS7opn7SwkQwfJg+ /GCJbuFXGB6kipyToD2HxkXrKUzE4EwhOjdE0bkBWdrHa9GrLfFcWdT4ks27TCcSqVSicq Fgl3h7dtk7aWjoQnHyVjPDgCdC6VpRQ= ARC-Authentication-Results: i=2; imf19.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b=rykVirUe; dmarc=pass (policy=quarantine) header.from=amd.com; spf=pass (imf19.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.236.40 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com; arc=pass ("microsoft.com:s=arcselector9901:i=1") ARC-Seal: i=2; s=arc-20220608; d=hostedemail.com; t=1703957752; a=rsa-sha256; cv=pass; b=cIZ8ukCJP3bltZzKmBJi2dS0gQI4Z00IZ71b1AJwQibeLK7oj6w1tb7ed8JQWJKWDsbq1A H8+laRVEjo19OP17wZkhfyG1JphbrFTPUUYp5Z3LSyUfSVYw5+XLxtCWKAYcyA29+WnMzg 5vjiFKK+cakDGrJDnR2OJZfxqo1kwAw= ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=jzc17ZNF88cUQimcGJZou7TIMykZzvB5+Vr73sONw1bI40CsYDmwQUHgGA/I1CLYFdHM0LOmOzoVebgQ+vQt168OluvFfJTZxbxpdO/w0tFpJGnqzezD7eIl/EWDCrvEFnxoUh/leUOLWR6Pt2YGqJH6u66mHEG9H+NNLBGZ/dUwGPE7MhDtC6pp5SWgKe/jRTsrnkzfwAHUK3oSPZ0/AzjGOXQFMhGn1EzR4jXrdo/H9hHjntKXSeCOa7TRTYF6QUkZdyPw3IcvMwjmCvLcIEubVSvg8TmqovnnJRFf/a/4FvzTIUIGULakJDZK5c57nOD8l5f/9FmZZz1UknXe2g== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=zJdffYq+pgkM0AT83BPuzz07jf/OvU1Z3DbZaRfVCxM=; b=leYrJCh4K/J+z86v7poQOHeIDV5RNPONTIDJwSz0GoKgN1A3SMYOyot+wK6CfNt4FBgs/DJE7u+2VoxbJJgMy2F4Cz62dEC0EttskySQ1SZHSIlqo7ZCNGeA1/spDIaz8tARQjGBkqNk032Ap7gZQDcp1+mKJRB57Lcaeey/Ad1fAseO5sXoIewbt5WtMQCoS2dFG7SeZQ9awo89Wr3+hkSNB+s1MKKkNxQatTVKnictKtTwgacaVITjlJ6+H6nPKZ31iVzXCmrp+9VFBFlNsQaXRdpV85F0uHSdqrm3xkdTwP0qzvCevq0u3sxtMrjodEiPrDmzCvjirDSZfgBj+w== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none (0) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=zJdffYq+pgkM0AT83BPuzz07jf/OvU1Z3DbZaRfVCxM=; b=rykVirUe0XxwEK9DATUEe0PLyeJb0tnhmFYTa+uN5xvC2jV10YmQCkRLh9PWTnD1bHSDIUDXmtHJSyRwr7ZYhfbogtmGDfYRH1giGJCB11Ss8C7ZyTy6JVOr7LQEKE/aLnPbn/puFDnsOfv90Av5Q/K7YA62qN+rHQi1FrNy2nc= Received: from CY8PR12CA0067.namprd12.prod.outlook.com (2603:10b6:930:4c::7) by LV3PR12MB9215.namprd12.prod.outlook.com (2603:10b6:408:1a0::21) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7135.22; Sat, 30 Dec 2023 17:35:49 +0000 Received: from CY4PEPF0000FCC0.namprd03.prod.outlook.com (2603:10b6:930:4c:cafe::96) by CY8PR12CA0067.outlook.office365.com (2603:10b6:930:4c::7) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7135.22 via Frontend Transport; Sat, 30 Dec 2023 17:35:49 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by CY4PEPF0000FCC0.mail.protection.outlook.com (10.167.242.102) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.7159.9 via Frontend Transport; Sat, 30 Dec 2023 17:35:48 +0000 Received: from localhost (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.34; Sat, 30 Dec 2023 11:35:48 -0600 From: Michael Roth To: CC: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , Isaku Yamahata Subject: [PATCH v11 06/35] KVM: x86/mmu: Pass around full 64-bit error code for KVM page faults Date: Sat, 30 Dec 2023 11:23:22 -0600 Message-ID: <20231230172351.574091-7-michael.roth@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20231230172351.574091-1-michael.roth@amd.com> References: <20231230172351.574091-1-michael.roth@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: CY4PEPF0000FCC0:EE_|LV3PR12MB9215:EE_ X-MS-Office365-Filtering-Correlation-Id: 334e9a43-fa1b-4baa-4780-08dc095dc323 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: wxN6fm/apkWgzkNJEpjEh2wJCpelHsl54VwsPr37kt0nNVURu9wENsqfVSqiM3llhBKfkksRgGHxGdD4C7t4y8204meDswl6m8jiDqRMV/neU76kvtAfMhchWNu491as/aBHVxeZzwGMa7UL84NWZ0kON+NrGKytoGrz+WLwiDp0arPlgKUZ8FMipnNWNBQEYrGkWfU/KKthFASs+oq8tOPAKi6OcenX/tVYutTBBMp18BRrNRJk4+r5qwpH6C9jBlOckqroXsMi3234lMD3jZK25rdGh0bye0qjtl8QwbIQtxPa/kB1hNgPwbAZryDo6+GHrklIStdqCxIcii5elRjN5ajBOES5wx8CeL7jQ4G+axzZQTyUWloc/099BJmz7pJz5A6qzyCH5C+Sh27RfVjvJyvXOULd9BLAqS5lqSqDWmc82FbGOLsLYeom2K9RAx2HTaWHcIBPUTtVYr1DIwiO0ZVpsKLccn5teOH5AX9ZbfSiT4Bf92QqDlRPdRaszyQzhtzjjU0Hk3pYsqEvLQWNRNHeVxZzwx3q4abwN0CcgQMsASguo6dBVo/TLdnngZPX28o9hSjhsGGQcJNx6+NiTk+Gm7x3kWm5BRPR6ZKV1Q0E6AVGjoS24cm6/bOV7Bm2kL7f0dEdSFZttinZJi7GIEJeSA4wM7TjsC7okUmL9gp1K5v6SRijeIhIIXzZrykb75RZUNGy59Dqa1jpn99BB9LlgHFC3M2VTAcMaSNYqgLNiVu7t8BF0+pyhD1m X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230031)(4636009)(346002)(39860400002)(136003)(396003)(376002)(230922051799003)(1800799012)(186009)(82310400011)(64100799003)(451199024)(46966006)(36840700001)(40470700004)(81166007)(356005)(82740400003)(36756003)(40460700003)(40480700001)(86362001)(426003)(336012)(16526019)(26005)(2616005)(1076003)(6666004)(4326008)(316002)(54906003)(966005)(8936002)(8676002)(478600001)(83380400001)(36860700001)(70206006)(70586007)(6916009)(47076005)(41300700001)(5660300002)(7416002)(2906002)(44832011)(7406005)(36900700001);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 30 Dec 2023 17:35:48.9308 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 334e9a43-fa1b-4baa-4780-08dc095dc323 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: CY4PEPF0000FCC0.namprd03.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: LV3PR12MB9215 X-Rspamd-Queue-Id: C232E1A0018 X-Rspam-User: X-Rspamd-Server: rspam02 X-Stat-Signature: k3chdx5mt9947sez9z5y3ha35ayd5c6m X-HE-Tag: 1703957752-743152 X-HE-Meta: U2FsdGVkX1+0ogdmjY2kqG85fqGVLeMOk9kRnKi8kqQCixVFb9Ik6bKmSgW7eyGLp5HHOIr8Eb+KT/wTGn8x/z4JTMyj7jlayGo3JMo1/LHzKQwq6n6W6R7+LoXo55O8Ijf4OVN+PfF8G7rfXCNBAq7gEM10/Z5MoeX+DAR5BF23qY6JH8RtGf1KQHE8Gik2dCYG9ugF9XPZ3njJsY4sdEceEvgwJW/ofLtjakQ/ZrSTr/uXrzPdnt5JPVSddlfLyZFE95uRTVI1JJQHiZrPtEldovZ7o1YngvmkdmPKRwHpUYO0VX/GfUFryf9yO9Q510TROXVlI5/Yv6Z+Fd+184tcDCynWbaFEpdz98rCczTIkzeViZLq2Qw8h2AoZSmrq2bZD0yur5typD0+/Ur1jY9XtP+ONgeXePsjLysx32dqTlKx5tsEs0YJAdvz66Y+J7gQbiynPhc7blcywwximGQ3eW0gUvs7XrE9Gv1JF2wLb8lEcYc0jYoSICglBbWTNCsqlJEAR1uR05vj0840VeAV0U3uH8/dTXaRQjqkFu/TpexVPjeI/kI3k7aApCpLnwd1RkLL0o9rTCLZmhsTuxk1DXN8zWcn5OvldGDZH4J5K8rZD1/eGJ+xYLl5nCf+ILAXilQbaVRnsZtoOikIG1bRTcwVP5VdB6mITmad6CLc54ePfw/bCljl+hjkQNkcHyG3PzX8PK29eJK45sgB9a75aFimG+3CPhu+h6y0qfpmW6aZsmIjIOTeH1MLS18OAMBKAGyZhedDJ3KQ4Kxzeib4Zx63qAOilVzcG3tEW8r6L4x7nhcG399Nai6cuZh0TuV3Zj4F5pFAYcvIhlWzNV84Jdv2F6MY47AikGR6xPthqOU1lsx1u5huwUHNObiVd861LMcWV1FG41zVdoE8vxnHFQdGXWH6SVfl0PdsU+cTI5snnb8+E/+kXzgp0kJFED6jufqUwicyXYIMAaC Z6g== X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: In some cases the full 64-bit error code for the KVM page fault will be needed to determine things like whether or not a fault was for a private or shared guest page, so update related code to accept the full 64-bit value so it can be plumbed all the way through to where it is needed. The accessors of fault->error_code are changed as follows: - FNAME(page_fault): change to explicitly use lower_32_bits() since that is no longer done in kvm_mmu_page_fault() - kvm_mmu_page_fault(): explicit mask with PFERR_RSVD_MASK, PFERR_NESTED_GUEST_PAGE - mmutrace: changed u32 -> u64 Signed-off-by: Isaku Yamahata Link: https://lore.kernel.org/kvm/20230612042559.375660-1-michael.roth@amd.com/T/#mbd0b20c9a2cf50319d5d2a27b63f73c772112076 [mdr: drop references/changes to code not in current gmem tree, update commit message] Signed-off-by: Michael Roth --- arch/x86/kvm/mmu/mmu.c | 3 +-- arch/x86/kvm/mmu/mmu_internal.h | 4 ++-- arch/x86/kvm/mmu/mmutrace.h | 2 +- arch/x86/kvm/mmu/paging_tmpl.h | 2 +- 4 files changed, 5 insertions(+), 6 deletions(-) diff --git a/arch/x86/kvm/mmu/mmu.c b/arch/x86/kvm/mmu/mmu.c index 3c844e428684..d3fbfe0686a0 100644 --- a/arch/x86/kvm/mmu/mmu.c +++ b/arch/x86/kvm/mmu/mmu.c @@ -5813,8 +5813,7 @@ int noinline kvm_mmu_page_fault(struct kvm_vcpu *vcpu, gpa_t cr2_or_gpa, u64 err } if (r == RET_PF_INVALID) { - r = kvm_mmu_do_page_fault(vcpu, cr2_or_gpa, - lower_32_bits(error_code), false, + r = kvm_mmu_do_page_fault(vcpu, cr2_or_gpa, error_code, false, &emulation_type); if (KVM_BUG_ON(r == RET_PF_INVALID, vcpu->kvm)) return -EIO; diff --git a/arch/x86/kvm/mmu/mmu_internal.h b/arch/x86/kvm/mmu/mmu_internal.h index 0669a8a668ca..21f55e8b4dc6 100644 --- a/arch/x86/kvm/mmu/mmu_internal.h +++ b/arch/x86/kvm/mmu/mmu_internal.h @@ -190,7 +190,7 @@ static inline bool is_nx_huge_page_enabled(struct kvm *kvm) struct kvm_page_fault { /* arguments to kvm_mmu_do_page_fault. */ const gpa_t addr; - const u32 error_code; + const u64 error_code; const bool prefetch; /* Derived from error_code. */ @@ -280,7 +280,7 @@ enum { }; static inline int kvm_mmu_do_page_fault(struct kvm_vcpu *vcpu, gpa_t cr2_or_gpa, - u32 err, bool prefetch, int *emulation_type) + u64 err, bool prefetch, int *emulation_type) { struct kvm_page_fault fault = { .addr = cr2_or_gpa, diff --git a/arch/x86/kvm/mmu/mmutrace.h b/arch/x86/kvm/mmu/mmutrace.h index ae86820cef69..195d98bc8de8 100644 --- a/arch/x86/kvm/mmu/mmutrace.h +++ b/arch/x86/kvm/mmu/mmutrace.h @@ -260,7 +260,7 @@ TRACE_EVENT( TP_STRUCT__entry( __field(int, vcpu_id) __field(gpa_t, cr2_or_gpa) - __field(u32, error_code) + __field(u64, error_code) __field(u64 *, sptep) __field(u64, old_spte) __field(u64, new_spte) diff --git a/arch/x86/kvm/mmu/paging_tmpl.h b/arch/x86/kvm/mmu/paging_tmpl.h index 4d4e98fe4f35..c418f3b1cfca 100644 --- a/arch/x86/kvm/mmu/paging_tmpl.h +++ b/arch/x86/kvm/mmu/paging_tmpl.h @@ -787,7 +787,7 @@ static int FNAME(page_fault)(struct kvm_vcpu *vcpu, struct kvm_page_fault *fault * The bit needs to be cleared before walking guest page tables. */ r = FNAME(walk_addr)(&walker, vcpu, fault->addr, - fault->error_code & ~PFERR_RSVD_MASK); + lower_32_bits(fault->error_code) & ~PFERR_RSVD_MASK); /* * The page is not mapped by the guest. Let the guest handle it. From patchwork Sat Dec 30 17:23:23 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Roth X-Patchwork-Id: 13507030 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id D3459C46CD2 for ; Sat, 30 Dec 2023 17:36:20 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 721B76B0178; Sat, 30 Dec 2023 12:36:20 -0500 (EST) Received: by kanga.kvack.org (Postfix, from userid 40) id 6AAF56B0179; Sat, 30 Dec 2023 12:36:20 -0500 (EST) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 4AFE36B017A; Sat, 30 Dec 2023 12:36:20 -0500 (EST) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0011.hostedemail.com [216.40.44.11]) by kanga.kvack.org (Postfix) with ESMTP id 359956B0178 for ; Sat, 30 Dec 2023 12:36:20 -0500 (EST) Received: from smtpin19.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay05.hostedemail.com (Postfix) with ESMTP id 04DA840478 for ; Sat, 30 Dec 2023 17:36:20 +0000 (UTC) X-FDA: 81624188520.19.CD37244 Received: from NAM10-DM6-obe.outbound.protection.outlook.com (mail-dm6nam10on2047.outbound.protection.outlook.com [40.107.93.47]) by imf02.hostedemail.com (Postfix) with ESMTP id 2EECC8000B for ; Sat, 30 Dec 2023 17:36:16 +0000 (UTC) Authentication-Results: imf02.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b=ZelDUwPD; arc=pass ("microsoft.com:s=arcselector9901:i=1"); dmarc=pass (policy=quarantine) header.from=amd.com; spf=pass (imf02.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.93.47 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com ARC-Seal: i=2; s=arc-20220608; d=hostedemail.com; t=1703957777; a=rsa-sha256; cv=pass; b=ndfTduZsLZw+cUgB14lJWJRqlRiioPMhgCgTf3AwDI1+3VKJuj3m4qr1srTqVptFmeWKdM iUbgXsRRW3JP7JvGM7UVrmX/TUE6Ge/yczNPeG/LLQzRpawe4fiVvhY4saTAQhc6qgKCrm V8k9dIlRaoaLRJA7M+p6RAOrE+VTNfQ= ARC-Authentication-Results: i=2; imf02.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b=ZelDUwPD; arc=pass ("microsoft.com:s=arcselector9901:i=1"); dmarc=pass (policy=quarantine) header.from=amd.com; spf=pass (imf02.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.93.47 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1703957777; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=suPeQu3ZqbFX6Q/W+f2tBEOWSna7wKJedszjB7wQMIM=; b=j9YrtI9k6zwKGtExS5Xm3b3wRoxmfbs5qXYr2Wnr5NqO1oT5fDoBhEKGFA7WI6dUEjTE9B bWAqRcXHRq+u+3EyqKZaNH4A5FH+5tng590jINYqPxKh7z9KOUKcsi6Pt4svCH/P+kq+bB 6Ov05kfF+X0PdjMBJDY3onPzQEcF1/k= ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=VHsySAU6EZzKqL2WLihl9giGtBSmYVZ1xqKJ/COgBcZjRn3IEd78mLzk7K79HHvxVkls3TzlUXKBfacqXc9GzYmBO8jHXIZJFYOl1o4ymdswpI5QXEsyG7Ev9GpGY3AL+6RSOFfJhmFPB58PjoqIuYih/uXeaKheJa9l03URDwMJg+yvh9EU9w2CtFCuQ+FY01cKAbwt1I5YBe1gLgSheTjxqsRlo3ny/Kjx0bhyxTz6BCGe/BGiorrYX/l72MmZ5o/pOxSBmbPvdMR45tGxMfbjZg+oVsJ8mVrnkvsi73BfQrWa2wZiIuU3hFfZm//pBd7UoCBX6FXWHHSgN2+yyA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=suPeQu3ZqbFX6Q/W+f2tBEOWSna7wKJedszjB7wQMIM=; b=HwxhfFnJx3bDeGjhRRP8WKXb9AN9NHqp1dRa0K1g2QpeV1wg2D4PbjdpkrqsZw83zxanUYsq5hM1w1ltODsI6br06vGrAqvneigm2mbXRPqq7JYliU4lC5FWp6TMminr/kzZ1FTAi2MujPTQa2/oKcfhugBkEZ5OH8mqjGxXQesmZsN1NB4a3QyyuAcjeGsQ/j0rm4bT7tSsx6GH19aN9boFmZYvIDCtRqSkA/YcIqOlapx08yV6NtQlk2dswp/RzMr0IIzyzXzEwpQljxptyaB3mo8NBrvLuM/AE9nZsLvTPDB3hmeGOYBjxVr4uuETwOQpZ/2t6JE0Ey/magV+Kg== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none (0) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=suPeQu3ZqbFX6Q/W+f2tBEOWSna7wKJedszjB7wQMIM=; b=ZelDUwPDRL53ZCNroikc6fGfTpII6hXRvhSZ9wryiN69kQ7KYs/r4P8rfA3UiPm+Jsfsc1UCb0V3kM5GrHxnNemYIFtBP124ILS1du2HoIFlGzCky9dY0PAu+gwqsvWjkxCeHQvWM0xuAdrLU7Jx6iz1mm2yZ4VwwholEiA1fXg= Received: from CY8PR19CA0009.namprd19.prod.outlook.com (2603:10b6:930:44::14) by PH7PR12MB7114.namprd12.prod.outlook.com (2603:10b6:510:1ed::11) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7135.23; Sat, 30 Dec 2023 17:36:09 +0000 Received: from CY4PEPF0000FCC1.namprd03.prod.outlook.com (2603:10b6:930:44:cafe::14) by CY8PR19CA0009.outlook.office365.com (2603:10b6:930:44::14) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7135.23 via Frontend Transport; Sat, 30 Dec 2023 17:36:09 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by CY4PEPF0000FCC1.mail.protection.outlook.com (10.167.242.103) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.7159.9 via Frontend Transport; Sat, 30 Dec 2023 17:36:09 +0000 Received: from localhost (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.34; Sat, 30 Dec 2023 11:36:09 -0600 From: Michael Roth To: CC: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , Subject: [PATCH v11 07/35] KVM: x86: Add KVM_X86_SNP_VM vm_type Date: Sat, 30 Dec 2023 11:23:23 -0600 Message-ID: <20231230172351.574091-8-michael.roth@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20231230172351.574091-1-michael.roth@amd.com> References: <20231230172351.574091-1-michael.roth@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: CY4PEPF0000FCC1:EE_|PH7PR12MB7114:EE_ X-MS-Office365-Filtering-Correlation-Id: be5358a0-ffd0-4a2c-3c39-08dc095dcf5f X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: 5q2d07QMAIpNskcHBIB+N1EFO1/pfqjPgE5QxvMTYi9vkQb2GIvV+nL8gegomJLGkxkeJGCkZnwg8D7dBDmKb+gVtqlX6vhMJr3ctnXk8wMQ6g++NzkpPwd8rfriu8NIWmUfMiWWFCi0MUTCQd064TaHjBh3ToOObzskMSY9A8DzdaeM0tbW2EmO6lSgqxjBno1j3/ZR9eRRZyIdzpiWB2p3t8xGlftaPkM5gwBioja1a2bHfg2LvnWwUc9Y+4QjJgOiwfV6SF2MH4t4a19etTMXrIsLRfcj6/W5RjVUOxrc4Po6bWR4wlIgo4UeJb3m8PujgNwTaJGH5N7jKwf/TuRTgQFimohFxIKMfjSftb0EoK7YkUV7v9OnoAQS5axGoPC3jyoBPZWdcaN7ve/LGUxHcB46rGk8Y812s5bt00IvQQnKFpfzwVOWmb8tJdd00btgmtzv/xR+Ot5umo9uHht78tExPJOjoTLaigL9ozH0o3U8xGLG0m9fG86Al4iMNaGbtJlBySNvFQmY1PPokL/JubdZNK3+IUyTeYr/V2y3GL3Qgt+V3/+ppxxfHimKB4yAKCKGlz+Yo8yjx3LPowK2d5tlKH1qo9RfSjl2ucQdWnUYCLvjgNMlCLJdBIT16S4y+280VZfEnFnVSBsQrRy+ugcMo94PmmXDipcqY6BuyA0a9EFMfazhIhiq5ZHvZNms9W8RR/dgpWyioXl2IO2WHiQuWvK6TSvwfbXvC3SahxhkE/hLcnnPlLVEpqKv1/c02dEdrSj51l/Z+VO9ew== X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230031)(4636009)(136003)(346002)(376002)(39860400002)(396003)(230922051799003)(1800799012)(451199024)(64100799003)(82310400011)(186009)(40470700004)(36840700001)(46966006)(47076005)(83380400001)(2616005)(26005)(1076003)(336012)(426003)(16526019)(82740400003)(356005)(81166007)(36860700001)(41300700001)(8676002)(8936002)(316002)(54906003)(4326008)(7416002)(5660300002)(7406005)(2906002)(44832011)(6916009)(6666004)(478600001)(70206006)(70586007)(86362001)(36756003)(40480700001)(40460700003)(36900700001);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 30 Dec 2023 17:36:09.4407 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: be5358a0-ffd0-4a2c-3c39-08dc095dcf5f X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: CY4PEPF0000FCC1.namprd03.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: PH7PR12MB7114 X-Rspam-User: X-Rspamd-Server: rspam06 X-Rspamd-Queue-Id: 2EECC8000B X-Stat-Signature: gn66xeegg7ez777rmmh8hradjqs8soap X-HE-Tag: 1703957776-981117 X-HE-Meta: U2FsdGVkX1/RP0n4BxOxJwmjxc/Yf2W+PoW/WPPxE426MO1ZuG8N0LE2NFNINyHXevYQobKL8H0kLZiloOTgpcqJAoqI+Weqn1FzzNNd6YSHfWkTDGhgIwbcMLLUmbseYKFldUPXNdcR5dzHiN1laYANT1HcEMQOAj8bZq0wLaDOJUaXZ6jn5BwE0A0Wov3PVtJS8kjaRiiJMQ9yNjqrHzt7fuSwio1ZPhY5SNUG5J75pYpnkD3hc5BEHpEI+8q43jHUubpFmmsz0NPWshXOg9gT3Ux0DKIw9a4mUfJ4Yq41Xsf/ga863fxEAN9nGtT0MiaIi7MuQ7ie5u0HVlDoEWjVft62W1zwvAQfkEFF+1sdxbdpKgF429NiU9AwkzqxNhi3OHOFL2qXvDn5bK5QRqLORSkF4TgI3/zMpEkinsMXyuuw5WZlvMdmlW9iNq+XE2XV1UOjbzPA1ZcGRONsutWIs4mr9SRbxHKLnP2jKgQlXBzo7GGu97CqC9yxL0ZL1Jq9RXfpfEDQ3CEXKeVKdDEq8w6VXHSel+/3B66OLNLOzzslvOSAevuC/eV/yqtF7CS9tmLVxeIYFOQrcCeQpOJuX5UXc4h4x4wsfKj1gRiz2VCroD3MYmmzhndhyzhA1WQYfKvwtCeA8ot1lwm8woLUxO1LTB32zua76CwU5/03KF4aC/u9DAPFqfZON6SUWTpBbXa7+wmqGzEMtswqFVsSSSA8Tsb/hErCnNlDl6P2XQqdPPmNtaRpgPlAaB3SNdwB3ZCozAX93JU347NXBjeWWg2dEbekNSdyz35QCEPFA9DQwcgEvprhVZ121AzVsTbDST0I3HYyetBH2HVgabR12kfhNje10fyJrXuA2N+GkFmlm4+yktDw+/1+/I7dCouVLo2C3JXK3x2ZriVdJBQCQ8jdhXcZ5lq/0qc7wlpTK+zhJnueFtwNbxgv1Y+Y5Ke2GzxBxES6R/PLKYK oD2sbaJc wBFsNxtO5X4go/BEnJYkG9npZgTxFi0qgFJtH2UbSVVOqq7YA0ktgYakpKOGAoPwLMoI3YRdFhmsBMIZ6SXPXwvpYMilCimZCX3hkhHzlVxUd5TOo+QhtZJV/DdnBYRm5KfqlyOYQw7Lg80KlReEaXQCoZVi6WRDq8lFMu3ooZw3qR78tLI9LQjJDB7xTGbqgD/xfNrXSuID3BKDVAKWZETCRBZ9oG2b6ObyTya76QdHt94lzMow6J4y8LBF/Y4gLosmqTo2aJwxzyfxnS22lmfPtPt4XosPVneLHKe8tfuViwLFM7VWxYiz9FaAcgEY+ZW7WQdSDflhR7hhwGRGmsTIV8hu1J1FnNqr6kZzlCjjSBfWRspt5/WjJdUyYx5byusC5 X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: In some cases, such as detecting whether a page fault should be handled as a private fault or not, KVM will need to handle things differently versus the existing KVM_X86_PROTECTED_VM type. Add a new KVM_X86_SNP_VM to allow for this, along with a helper to query the vm_type. Signed-off-by: Michael Roth --- arch/x86/include/asm/kvm_host.h | 2 ++ arch/x86/include/uapi/asm/kvm.h | 1 + arch/x86/kvm/x86.c | 20 +++++++++++++++++--- 3 files changed, 20 insertions(+), 3 deletions(-) diff --git a/arch/x86/include/asm/kvm_host.h b/arch/x86/include/asm/kvm_host.h index 63596fe45013..e38cab5dccae 100644 --- a/arch/x86/include/asm/kvm_host.h +++ b/arch/x86/include/asm/kvm_host.h @@ -2141,6 +2141,8 @@ void kvm_configure_mmu(bool enable_tdp, int tdp_forced_root_level, #define kvm_arch_has_private_mem(kvm) false #endif +bool kvm_is_vm_type(struct kvm *kvm, unsigned long type); + static inline u16 kvm_read_ldt(void) { u16 ldt; diff --git a/arch/x86/include/uapi/asm/kvm.h b/arch/x86/include/uapi/asm/kvm.h index a448d0964fc0..57e4ba484aa2 100644 --- a/arch/x86/include/uapi/asm/kvm.h +++ b/arch/x86/include/uapi/asm/kvm.h @@ -564,5 +564,6 @@ struct kvm_pmu_event_filter { #define KVM_X86_DEFAULT_VM 0 #define KVM_X86_SW_PROTECTED_VM 1 +#define KVM_X86_SNP_VM 3 #endif /* _ASM_X86_KVM_H */ diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c index aaf71e5c1d18..87b78d63e81d 100644 --- a/arch/x86/kvm/x86.c +++ b/arch/x86/kvm/x86.c @@ -4579,9 +4579,21 @@ static int kvm_ioctl_get_supported_hv_cpuid(struct kvm_vcpu *vcpu, static bool kvm_is_vm_type_supported(unsigned long type) { - return type == KVM_X86_DEFAULT_VM || - (type == KVM_X86_SW_PROTECTED_VM && - IS_ENABLED(CONFIG_KVM_SW_PROTECTED_VM) && tdp_enabled); + if (type == KVM_X86_DEFAULT_VM) + return true; + else if (type == KVM_X86_SW_PROTECTED_VM && + IS_ENABLED(CONFIG_KVM_SW_PROTECTED_VM) && tdp_enabled) + return true; + else if (type == KVM_X86_SNP_VM && + IS_ENABLED(CONFIG_KVM_AMD_SEV) && tdp_enabled) + return true; + + return false; +} + +bool kvm_is_vm_type(struct kvm *kvm, unsigned long type) +{ + return kvm->arch.vm_type == type; } int kvm_vm_ioctl_check_extension(struct kvm *kvm, long ext) @@ -4784,6 +4796,8 @@ int kvm_vm_ioctl_check_extension(struct kvm *kvm, long ext) r = BIT(KVM_X86_DEFAULT_VM); if (kvm_is_vm_type_supported(KVM_X86_SW_PROTECTED_VM)) r |= BIT(KVM_X86_SW_PROTECTED_VM); + if (kvm_is_vm_type_supported(KVM_X86_SNP_VM)) + r |= BIT(KVM_X86_SNP_VM); break; default: break; From patchwork Sat Dec 30 17:23:24 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Roth X-Patchwork-Id: 13507031 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 3544FC46CD2 for ; Sat, 30 Dec 2023 17:36:40 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id ACB2F8D0024; Sat, 30 Dec 2023 12:36:39 -0500 (EST) Received: by kanga.kvack.org (Postfix, from userid 40) id A52748D0012; Sat, 30 Dec 2023 12:36:39 -0500 (EST) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 8A6D08D0024; Sat, 30 Dec 2023 12:36:39 -0500 (EST) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0012.hostedemail.com [216.40.44.12]) by kanga.kvack.org (Postfix) with ESMTP id 75BE98D0012 for ; Sat, 30 Dec 2023 12:36:39 -0500 (EST) Received: from smtpin06.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay02.hostedemail.com (Postfix) with ESMTP id 4EC41120412 for ; Sat, 30 Dec 2023 17:36:39 +0000 (UTC) X-FDA: 81624189318.06.CE715B7 Received: from NAM10-MW2-obe.outbound.protection.outlook.com (mail-mw2nam10on2057.outbound.protection.outlook.com [40.107.94.57]) by imf20.hostedemail.com (Postfix) with ESMTP id 3BE481C0003 for ; Sat, 30 Dec 2023 17:36:35 +0000 (UTC) Authentication-Results: imf20.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b=XLDAyPLO; arc=pass ("microsoft.com:s=arcselector9901:i=1"); dmarc=pass (policy=quarantine) header.from=amd.com; spf=pass (imf20.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.94.57 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com ARC-Seal: i=2; s=arc-20220608; d=hostedemail.com; t=1703957796; a=rsa-sha256; cv=pass; b=FPugFxD3NE9G4eVCUHo4xYOf9HmuuA96nVcPbYkF31EP4dolJXHydiCR53qgga7av48xW0 rJtdEg29oHzVm985Yv8PJmd7IkiNM6dP3FYFSKDFe+jBFc1MPuSekccI0xt4G4grfw+2aj RPwm2KI3pQcHWpFGW0ecVeYD6wscDVA= ARC-Authentication-Results: i=2; imf20.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b=XLDAyPLO; arc=pass ("microsoft.com:s=arcselector9901:i=1"); dmarc=pass (policy=quarantine) header.from=amd.com; spf=pass (imf20.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.94.57 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1703957796; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=BDCPJTqCpUJhpZ4QlcL8nQ30xiHgJU5MrcKeNbER+A8=; b=HmnPRVVkT4SfZgfFsCZtxe3s+dIEtECheBOOfz4Z4boHN8LNiYjgaXbRalPmK4n8a5D49S VSOOydYV2YOC+ewbUGyL9Qf56OSf4zOaVUqVw4hPWeuWPegWLcJCa0MUASDz+EwaqMZxC/ cB+DdsPBFO4ZEmCAXbPfauBFsrnwjh0= ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=noxf8xEUz1X/mfbfLT3AknjoscWo5K/gAzS40VrPii2AbziRvmytBS1nf6/a7qNdZqR8yqa0j2OVUX441evNdS2tltUR81kZP02l8m1u107kN9zj8AOwiLB5Tmx+OE8S3wNE5M7XlG1NzR5yyvwnW8Ay/UHo0hdHFyYo07NKzLUKXcnAskuPOTt7wva/eL+SWiW9neDtJpv3kamtTFAKV3H651A4yVc73coEM2lP4k6vzU+SN7byl4dswBOcXPksuC5YLkzZr4tnv2t8E/ETgLsYNBPqYxGfIMy433SvZqyMNZendlCc4ub4vQv9HZyVy+2nkuBzXXC7ta6YmT4lpQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=BDCPJTqCpUJhpZ4QlcL8nQ30xiHgJU5MrcKeNbER+A8=; b=TpGIkONhD1puUv9eMT2z4JGtu1gYDIlyjAVBvod5/MYs6pGnFHWzBY/v92WkCE+OtXj5iaW4OyJI/Nloj2z38uSzKuFRPkOyHIvuagCQWvV9VQgJtRvHLCqMSZtI5N7CCyIm0FsjRyZQMR8zBCw7MMHgaXFegw1bIx7W3rk4Mmhu98eo8S8SWV5lGP9Z+HIq9wvp9rmzl85BYVYnWv+3zEi2sf0DdqqhF+dNWd2/jzD62BZgXLITIXPHP8dBvBIhCvaqJEA4EJprIRr9zWsFZT4A54L14O81Uu/eU7sARxZhDJ4a2X9EDPhaudjPne52Xf8lSVmHX50i+6VbhckwaA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none (0) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=BDCPJTqCpUJhpZ4QlcL8nQ30xiHgJU5MrcKeNbER+A8=; b=XLDAyPLO8zWt9/g/JWkce5n1TUxrEe0uGBHrTSWD22E2ITGcOggk0sZG4ePsd7fSKa/LvHr+CF1Nmz3H6EcqWI2J1s1FhuRGtQcX1Mh66Pci38clW1ACBFK8SuVAExLPnuOJ9ZTGfxTZCqDw1g/kppyRFHvkY+eKZgK1owPWkBk= Received: from DS7PR03CA0112.namprd03.prod.outlook.com (2603:10b6:5:3b7::27) by LV3PR12MB9412.namprd12.prod.outlook.com (2603:10b6:408:211::18) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7135.22; Sat, 30 Dec 2023 17:36:31 +0000 Received: from CY4PEPF0000FCC2.namprd03.prod.outlook.com (2603:10b6:5:3b7:cafe::48) by DS7PR03CA0112.outlook.office365.com (2603:10b6:5:3b7::27) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7135.20 via Frontend Transport; Sat, 30 Dec 2023 17:36:30 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by CY4PEPF0000FCC2.mail.protection.outlook.com (10.167.242.104) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.7159.9 via Frontend Transport; Sat, 30 Dec 2023 17:36:30 +0000 Received: from localhost (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.34; Sat, 30 Dec 2023 11:36:29 -0600 From: Michael Roth To: CC: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , Brijesh Singh Subject: [PATCH v11 08/35] KVM: x86: Define RMP page fault error bits for #NPF Date: Sat, 30 Dec 2023 11:23:24 -0600 Message-ID: <20231230172351.574091-9-michael.roth@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20231230172351.574091-1-michael.roth@amd.com> References: <20231230172351.574091-1-michael.roth@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: CY4PEPF0000FCC2:EE_|LV3PR12MB9412:EE_ X-MS-Office365-Filtering-Correlation-Id: fc980c27-6a4d-4243-8ec3-08dc095ddc08 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: GdRg8ruTviy0V6Pzi1T+MG3pXD1VG678iTBd/fg3j4UnasdFznF7sZIhhyH1qp91Xoj3Tif0gw+Sir81uW6eb9IItx7FcpzIoGlrL2z7xKA5rbj1GXJEEUrIOW+924ypNmbghAbOLiwk4if5vbjlwH549fOdtRMXwNbQVUQFBRO2D7CntxnTQEbFvd7NsMlDZBNoQCRe8I+unulKsqg3+EMfoTvOJBrUF0KDQCOSYd3Ag7C8nXM8ChPcy3DaL0qrbYTtxBav1VmhdAFc3gYt+o618E5+SSJAjt8UBdgY0URslCVnA0Z3o4CL0TxEqySO42mpY1DNYaNzPSIMPUZwfk+QYyuXL6WAddLHCZZI1Gul9n1GYLjqSDg3V4UFZ7hWAUqNQIxiRWNgcO3tI5pPGygveUUEupgFhbsuXHc2QIPanZ8XlPYce71bKamYSZlDk2jmi+DaZKdZb4w1tp3yqe0lyQqZRHrO9WU9DzGHBSTyyTloBYGbd7x1UZ+6IPHQ9uoY91BT8ONaGXgEHKqvnuWhEEJSfgMmdNnZrHjQQxetcwsdum4zpTXmcCf2cZLBoSOcGSBUqTTXYZDqFz1H3YznfZERw14Kw9Vudk8evdYBhUlCdMMU9jlcsByTRyzJVud0SwIAjTXavYVApU6AuBEWRCKIJD+d5WL6Ff5y+zOCd/NttFHlZMqJeUeMI9oHcWcPWsVG0tzCryQA1O5Q/rrGN6+wzFWShkEAhLpNY+ySu5CY/gwA+B1T8c8xIZwBGSgaDNfrH8OEAF/DGirOmQ== X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230031)(4636009)(396003)(346002)(136003)(39860400002)(376002)(230922051799003)(451199024)(1800799012)(64100799003)(82310400011)(186009)(40470700004)(46966006)(36840700001)(40480700001)(426003)(83380400001)(16526019)(1076003)(26005)(2616005)(40460700003)(336012)(478600001)(6666004)(47076005)(41300700001)(316002)(54906003)(70206006)(70586007)(6916009)(36756003)(44832011)(4326008)(8936002)(8676002)(36860700001)(356005)(81166007)(86362001)(82740400003)(2906002)(5660300002)(7416002)(7406005)(36900700001);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 30 Dec 2023 17:36:30.6830 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: fc980c27-6a4d-4243-8ec3-08dc095ddc08 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: CY4PEPF0000FCC2.namprd03.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: LV3PR12MB9412 X-Rspam-User: X-Rspamd-Server: rspam06 X-Rspamd-Queue-Id: 3BE481C0003 X-Stat-Signature: cjyo7u5pgisyo3o5z1ggsorahtnnitfp X-HE-Tag: 1703957795-996018 X-HE-Meta: U2FsdGVkX1/ymUnqnVwxVMQNQ4te4mtyOvidJx7AHCJpJlgjWPB1VbISa7fXoW6d08omI5v54zLRsat+4e4CpJw4luZVMLfN5RmOta25qMWUT8pVQM6bnZJ3qD+4zOt5XhudweChv8dh7+4GOTVPBkBXllf6KPeT+ClCTYNDjfp7QT4rm2TqsznJJgI8mwMzDie0sM+IH6hPYigo+XhgAeO6pndhkVlV+scJDIrqHCzvlcg4Y+1SxntKAj95zeCFKtJlQX57KNJ+ZFOiTAUsBGsG0Ai8bSYd5Ns9pvjwkbLPekL9OVC77PnlHtkeLiCbAjafLJF6j8yjC/LhoZMZ6S4G9Mrx7hebRktSD864pbDwRoYwplkkaIGKsxxdhk1s8Ftk7gK48LFkRlLqP7F6eF8P0sCtOIqsdhO8q0fCWE+UtdaUCbDZ9yUlAIi6pAm7tPm3cZ8cviucriwZXlHiED6lfkzVnYMHxZoL6jbkfBgh1S3SRXOmzhlZA541+QO+/5Eix5qDgsFUNNPDV1eXfCQ2mzGXejf+UPZmu2vXRLtuUBc36qL8Hp8nAvHYkPnWbdrubtram4ulzDcI9H2lJgGpFpxyRxaRpLFWAqLypXDZhP9cQI6Y1gCdwJrIdhcl2OG43IuAJDALDNrY8BFROLXorsXdlvyHu9xvMikL1DEOS2biEWMphWU/onxFs7sr50ZHVSpDeZRx6WOxEBuTVMaEE+MgJVzoIbTSHoErVPPqlPaBVeSexklH9yw6q5rVy92VRnHiR2qdaBFvmVddoDvp+dC/hzGAAvuoe+i9vTiHszx42VT6fJQkRbQbl/7x/Bkk9wMQ0TQI77AU4kgRYssirryUyPuex/GChUgO6k9wtu3WKShHPoNt1axbHGKdWedec65vMum4iFpA8x37EanUCV22qGkSGM7kNepLrjctN5P2zO0OsgfBasYAuvOdT2xyh7VOuY1bG5Mh18/ ucMi1OOw OlxFWui6Fom6BNoEAos4ZHyRgKzoN270dvO8tMRSdQbMT9hAumwoJEkHL/AynBEQ4fbYf7CoJgmsSxHLy+FTQWy4EuXlVCY/qlmHL5QPMKR9Dm9FaHfmJLbTe7UjauPP77+aWxbbc2R2l359yCDfQmsHwIJV4ayH2q+apeffrisob+V5zi2729B9FrT4YCqheFMvZp/FC6gI5+ynHe9GEnW4ZvBK8DiXTxuKDjvzkMXjOIyeofF1VGgbwEO2yG8F3B8F5CV02JgBSrqQ7tdSMXy50jpbfzF9EDQtiBM7hRAxF55C9shI7AFTMZmUKfIQJHNogxJFAnWwMyVhsRYjXxb0Mzqgg19vNvddB+R1EhUCWNpV1Bd7V0Xy6Vw== X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: From: Brijesh Singh When SEV-SNP is enabled globally, the hardware places restrictions on all memory accesses based on the RMP entry, whether the hypervisor or a VM, performs the accesses. When hardware encounters an RMP access violation during a guest access, it will cause a #VMEXIT(NPF) with a number of additional bits set to indicate the reasons for the #NPF. Define those here. See APM2 section 16.36.10 for more details. Signed-off-by: Brijesh Singh Signed-off-by: Ashish Kalra [mdr: add some additional details to commit message] Signed-off-by: Michael Roth --- arch/x86/include/asm/kvm_host.h | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/arch/x86/include/asm/kvm_host.h b/arch/x86/include/asm/kvm_host.h index e38cab5dccae..843695217b4b 100644 --- a/arch/x86/include/asm/kvm_host.h +++ b/arch/x86/include/asm/kvm_host.h @@ -262,9 +262,13 @@ enum x86_intercept_stage; #define PFERR_FETCH_BIT 4 #define PFERR_PK_BIT 5 #define PFERR_SGX_BIT 15 +#define PFERR_GUEST_RMP_BIT 31 #define PFERR_GUEST_FINAL_BIT 32 #define PFERR_GUEST_PAGE_BIT 33 #define PFERR_IMPLICIT_ACCESS_BIT 48 +#define PFERR_GUEST_ENC_BIT 34 +#define PFERR_GUEST_SIZEM_BIT 35 +#define PFERR_GUEST_VMPL_BIT 36 #define PFERR_PRESENT_MASK BIT(PFERR_PRESENT_BIT) #define PFERR_WRITE_MASK BIT(PFERR_WRITE_BIT) @@ -276,6 +280,10 @@ enum x86_intercept_stage; #define PFERR_GUEST_FINAL_MASK BIT_ULL(PFERR_GUEST_FINAL_BIT) #define PFERR_GUEST_PAGE_MASK BIT_ULL(PFERR_GUEST_PAGE_BIT) #define PFERR_IMPLICIT_ACCESS BIT_ULL(PFERR_IMPLICIT_ACCESS_BIT) +#define PFERR_GUEST_RMP_MASK BIT_ULL(PFERR_GUEST_RMP_BIT) +#define PFERR_GUEST_ENC_MASK BIT_ULL(PFERR_GUEST_ENC_BIT) +#define PFERR_GUEST_SIZEM_MASK BIT_ULL(PFERR_GUEST_SIZEM_BIT) +#define PFERR_GUEST_VMPL_MASK BIT_ULL(PFERR_GUEST_VMPL_BIT) #define PFERR_NESTED_GUEST_PAGE (PFERR_GUEST_PAGE_MASK | \ PFERR_WRITE_MASK | \ From patchwork Sat Dec 30 17:23:25 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Roth X-Patchwork-Id: 13506943 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 49E06C46CD2 for ; Sat, 30 Dec 2023 17:24:32 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 914E08D001E; Sat, 30 Dec 2023 12:24:31 -0500 (EST) Received: by kanga.kvack.org (Postfix, from userid 40) id 89BDF8D0012; Sat, 30 Dec 2023 12:24:31 -0500 (EST) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 716958D001E; Sat, 30 Dec 2023 12:24:31 -0500 (EST) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0016.hostedemail.com [216.40.44.16]) by kanga.kvack.org (Postfix) with ESMTP id 5AB0F8D0012 for ; Sat, 30 Dec 2023 12:24:31 -0500 (EST) Received: from smtpin21.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay08.hostedemail.com (Postfix) with ESMTP id 230551409D7 for ; Sat, 30 Dec 2023 17:24:31 +0000 (UTC) X-FDA: 81624158742.21.3B3868B Received: from NAM02-SN1-obe.outbound.protection.outlook.com (mail-sn1nam02on2089.outbound.protection.outlook.com [40.107.96.89]) by imf16.hostedemail.com (Postfix) with ESMTP id 1584518001D for ; Sat, 30 Dec 2023 17:24:26 +0000 (UTC) Authentication-Results: imf16.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b=pzyvgROu; dmarc=pass (policy=quarantine) header.from=amd.com; arc=pass ("microsoft.com:s=arcselector9901:i=1"); spf=pass (imf16.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.96.89 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1703957067; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=dOrL2GCdiqsjOSgYqzvzawEoVVUjVLYplsdIT5bGT64=; b=zIiQvfSFE+gG0vHQ0tOIb/jju1qKm1PEckbsVz2EWTrgICszAPAlFImfITeKEnh1owEwyl tDYmUx2lIHIOPzrMTG1EMjjLWD7lAC8GQGbz5ryXZoZM6pyyNFDUmpFzx3fX39mpHxs6BT QbfHAJ2hMkdBZdxZhDvFR6iaVzAMiXI= ARC-Authentication-Results: i=2; imf16.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b=pzyvgROu; dmarc=pass (policy=quarantine) header.from=amd.com; arc=pass ("microsoft.com:s=arcselector9901:i=1"); spf=pass (imf16.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.96.89 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com ARC-Seal: i=2; s=arc-20220608; d=hostedemail.com; t=1703957067; a=rsa-sha256; cv=pass; b=7/nvzUo5zWpeU9IArYp1AzDc3iHtGpxsZRgP3CIk2xpE/WioYhsBhyHebGpr2Mf2qZ8ghU bhTP4Kcgepabh1VwaHwvqUDfYi3PnQSgGZcUwx7Tg5GQHaJqkHOdHojSYHQcmwaO9EHCnP KIWwbLvGD2PKJLO2oCQ6rLsMyVpFLZ4= ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=mCyBccf7yA/Tn0knRAIYoj9mXr1vnGmqI6bJw4I3wXw1lISNpxMU3yQ0a6t/ikSlgUS39t7CkPcoxX/1I0zkVCcGT4jbFgAcleHk8BTd17AO7SJxf5XPHzIyPSxzyVhtsjn4gk971l5/3I23130a99PlNoYUSRTK/9m1lIsMj1qbenao2VlX7Mqg5+4nEiLhcACh0FdDX7rJ66NYIqTMq4hPhe2cpnPXnMICVa9kKcALVYoWv3dFtGKsbpUePXSEUsRFew2v/upEcpAvX4oDkTcHu0mFO169wZE1xnk49kJTAnZwFfnLIuj2ypzcr0tMxXO65jZnMGIxTH9GoMAf0g== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=dOrL2GCdiqsjOSgYqzvzawEoVVUjVLYplsdIT5bGT64=; b=O9wqcqf28HpYRekh5gctYD0ScWnlxawpQi3Y8rF2eyitQo64D37BG9TuBDpVxAHwozSD8eXYSB9+jo3KuMsZSmzH4qE74YDhkTWJVWneOVp4B+m3pjN6AkWfh5FheLPGSQjyhjNZuexfUKo3hD1/6HfKLO9Czd0yc1JZuFxQzPHNOvPdBklAJ1DMCvzQqbIvHv85SV1WSJjikU3cXr2EFtQ8B3db6dqNWP1pTtU5QiC7x7cUi6+8LaUx0g2QyJEz3QcA/VWSzkGf5Y/Oz+srjkBZFH87fPfiPqvDQ++Sw8tBlnL9xOgrQ0QNhWpodcyjZoJirv3bO2TUpRkGKQsncg== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none (0) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=dOrL2GCdiqsjOSgYqzvzawEoVVUjVLYplsdIT5bGT64=; b=pzyvgROu0+0vgEo8MiBZBSB1sPiKoBRLC51fX7zvFNaFtWO7cZ43mfKrUTRP4vUf/guQoTTLMOuOXDnCndOuqelsZX3XhtaOdtiY7mrW+8jok3nOtKLI3I+zdmE3coXmD9d2dv6hCjgGVMcFIrDgjk7rlQDrNVQ79Pg/2tkqurw= Received: from CYXPR03CA0022.namprd03.prod.outlook.com (2603:10b6:930:d0::20) by DS0PR12MB8574.namprd12.prod.outlook.com (2603:10b6:8:166::7) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7135.22; Sat, 30 Dec 2023 17:24:22 +0000 Received: from CY4PEPF0000E9D5.namprd05.prod.outlook.com (2603:10b6:930:d0:cafe::5a) by CYXPR03CA0022.outlook.office365.com (2603:10b6:930:d0::20) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7135.22 via Frontend Transport; Sat, 30 Dec 2023 17:24:21 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by CY4PEPF0000E9D5.mail.protection.outlook.com (10.167.241.76) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.7159.9 via Frontend Transport; Sat, 30 Dec 2023 17:24:21 +0000 Received: from localhost (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.34; Sat, 30 Dec 2023 11:24:21 -0600 From: Michael Roth To: CC: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , Subject: [PATCH v11 09/35] KVM: x86: Determine shared/private faults based on vm_type Date: Sat, 30 Dec 2023 11:23:25 -0600 Message-ID: <20231230172351.574091-10-michael.roth@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20231230172351.574091-1-michael.roth@amd.com> References: <20231230172351.574091-1-michael.roth@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: CY4PEPF0000E9D5:EE_|DS0PR12MB8574:EE_ X-MS-Office365-Filtering-Correlation-Id: 069531c0-836f-4876-78b4-08dc095c2991 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: HHZkHJtWy9eftiChidWJoCGbpFV31Q0tDY/Wq93XA32+E451z/HHgCB596/Q0B3qllGjqkc+4n+PLYgFAphGEDXN4gGrtR32bJlubQ9QjZa2MT7sEePdXHXGQLgkSYpDI58jBkwrI/QMjOEP/tRFygSXC4vzbrtm9jB3OhfvHHR+04lQqSZ6b6vc/tlLNIsZif9x+7PR4qhxx4qEyOlRVkeKxUpCAdH9a8JSonWpZsOOchfTyrDzjPIE1VCzMkEWycBNLOGm19bpXAtDaNT86WWSMLjMtZfH3dF+MfqdKHgMJpICIaDZwpAEv79sCzTV2gaERL9zW8bGIdQFNW2//TBwJomogiG6ULzDHzlLqDqvUurHXXA3SP1pQzbS/gb9pkLFgErn8/dtQEnGu+z/yL/P24lNBKme/mn1xLjbNuw/e4m/Lqfc+xB0Xgvj5LVqarkPeLXlJGvo0t2glRrr6XSDxw5q8DbplH/Z4utOHjl64ziF2E2yNMdy9yB6pe+ldA7DwAVx6Mp1H+PFp57/PORml/o7/iw5aR8MnApY1i/bnz1RyR08y463mfZ4C2FieblaNVtsydOXmL5gEpWZ4Pl3BvSW8G0DjDiCY/jv6Zoy4TGCZVD+AaEphe6X4ml2OrtF4CTg2GM2yvNEPizCnmxRsJFbiAHniMHyfeZ4HdSQuR7mf3rpaCdifFXJxxkGIOSObx642pLwn4jEm/PtGK3Z82LL7A9KBg4MDok/PleASJeiKhwSc2PvPQxRMemjnXv05WOuNE9a8JAnvMoL0A== X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230031)(4636009)(39860400002)(136003)(346002)(376002)(396003)(230922051799003)(64100799003)(82310400011)(186009)(1800799012)(451199024)(40470700004)(46966006)(36840700001)(40460700003)(40480700001)(66899024)(16526019)(426003)(336012)(26005)(83380400001)(1076003)(86362001)(81166007)(36756003)(356005)(82740400003)(47076005)(4326008)(7406005)(44832011)(7416002)(5660300002)(2616005)(36860700001)(54906003)(70206006)(70586007)(8936002)(8676002)(316002)(6916009)(2906002)(41300700001)(478600001)(36900700001);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 30 Dec 2023 17:24:21.7714 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 069531c0-836f-4876-78b4-08dc095c2991 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: CY4PEPF0000E9D5.namprd05.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: DS0PR12MB8574 X-Rspam-User: X-Stat-Signature: wu9qtiqehggxgq7g4sdjtyfzmk16pji9 X-Rspamd-Server: rspam07 X-Rspamd-Queue-Id: 1584518001D X-HE-Tag: 1703957066-561007 X-HE-Meta: U2FsdGVkX1+Dbs2L6i9xBnrmLE2d09fwGEzecYMUwat2f02Oy6bzfSaBzrA03r+/qdSTl9UcTRgUPUaz/0PqWwx4f2+D1JX5GROi4GeYCRhOZ7lD87snnO7qIBdFHBVNBS3tNTRHJsM623JKgokZIRGLRHYRFHTWwPsm6/b6EX3Sx+CUxd/Iz2ChiLWNDEtd7wm6zkUOXJB2dXiYdPLauUrWOI/QjYNyoivMSm8agdAUCEqIZ5acgciYQeJQuTitT3vYnreKsQsey8uXpVz1XHx3sVknDqskL18QyeycjUDQRrgJsENkgMRiW98tWgxWkurbSFhfpxWf+ts5iCMahrnUk2AgXeAP0XFcYnLREjCsjdqn60brF4K9TpO1kzHy3h4uV/wUIZbLDU6AmLaCK1CNAurCieJIZBhKDO6nKQUJ7qIe12upULyxTOIjHp0Fqssixk/cx6tw13vcYCkQZfohO+iBwoF9yqNDrrS//+37sX/UTYDitw1JfXkm4lnnuDOqKQ7Qvc8QGjYILdaptoUQp8I/Sl4ntx8B7L9Bs6MrGGSFT6IzHpdY5EBj4E4tjw55ezW9kguw7R2evmTvkTyYx+THdG7nGAW3nm7Nl1OWtVEDkh22BQQfu5UnjDwTjt0yOZsL+J+GzLfzmhgBxKRtZx7XnEe+NhPjlEwbE8R55w1IswWVQkpI1tjvxo2YzGmlzArDstMlP2Kuxyx73hYYHBJ8mG4U3PXADXb5Cx+hvwLtinqTlx6rhGH4DAJZHYYQt3H6kFnTrHk3ylhH0jL5vnn1Cv066Nj2IVgw9zTvySufxjvzOSrnTWMVSg+Q+cxD7RrYnJ1pPTCD/QaPYYobKaVkLz8j8uMuADT/3bAf6emRgenM34da25KbibQExL7HpWF6rMytJaSn64HIOpo1dBqDMcYv5jPSXMxD7O8lJfjuzXeTJLn54IAzkDdZN5qNleAluyx22hQyJP6 fEG19CtK Ih0dEq/odW9c9D1EDV7GtT59hC0wb1XOpyuToHNiylo9cqKxCrd3FmkoUU4jxK+7NaduXAGikcEASh7UexJOQIGhuIG1G8Ea4vPwLK2xvu1PxjYgazqQUPpD7RGNznkMVE5NoAlZxwcUu9Npmi8hAJCw/mBVYj4U51JPHyfoLvGIFuYUsgZrJExCubx7wHI+ZgyDIHO5bYcwlW1EVMO2btJ5XW+1Cvmn9mCUkJsh6HK5Ps6Sveb9lYA2AMa8IHl6bGWh9Osk7aJASfgC80L64HuhXYUqelQY3CeQLxPJmXeIhjI2ZEeLlVtlvc84e9yfnC4dEIDkG5jYaPzj6jcoYerWoOPB5RdElH5KQrKaDNWesihtmZMVxhPt6t67vfdV9jG5U X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: For KVM_X86_SNP_VM, only the PFERR_GUEST_ENC_MASK flag is needed to determine with an #NPF is due to a private/shared access by the guest. Implement that handling here. Also add handling needed to deal with SNP guests which in some cases will make MMIO accesses with the encryption bit. Signed-off-by: Michael Roth --- arch/x86/kvm/mmu/mmu.c | 12 ++++++++++-- arch/x86/kvm/mmu/mmu_internal.h | 20 +++++++++++++++++++- 2 files changed, 29 insertions(+), 3 deletions(-) diff --git a/arch/x86/kvm/mmu/mmu.c b/arch/x86/kvm/mmu/mmu.c index d3fbfe0686a0..61213f6648a1 100644 --- a/arch/x86/kvm/mmu/mmu.c +++ b/arch/x86/kvm/mmu/mmu.c @@ -4331,6 +4331,7 @@ static int kvm_faultin_pfn_private(struct kvm_vcpu *vcpu, static int __kvm_faultin_pfn(struct kvm_vcpu *vcpu, struct kvm_page_fault *fault) { struct kvm_memory_slot *slot = fault->slot; + bool private_fault = fault->is_private; bool async; /* @@ -4360,12 +4361,19 @@ static int __kvm_faultin_pfn(struct kvm_vcpu *vcpu, struct kvm_page_fault *fault return RET_PF_EMULATE; } - if (fault->is_private != kvm_mem_is_private(vcpu->kvm, fault->gfn)) { + /* + * In some cases SNP guests will make MMIO accesses with the encryption + * bit set. Handle these via the normal MMIO fault path. + */ + if (!slot && private_fault && kvm_is_vm_type(vcpu->kvm, KVM_X86_SNP_VM)) + private_fault = false; + + if (private_fault != kvm_mem_is_private(vcpu->kvm, fault->gfn)) { kvm_mmu_prepare_memory_fault_exit(vcpu, fault); return -EFAULT; } - if (fault->is_private) + if (private_fault) return kvm_faultin_pfn_private(vcpu, fault); async = false; diff --git a/arch/x86/kvm/mmu/mmu_internal.h b/arch/x86/kvm/mmu/mmu_internal.h index 21f55e8b4dc6..e519dd363c28 100644 --- a/arch/x86/kvm/mmu/mmu_internal.h +++ b/arch/x86/kvm/mmu/mmu_internal.h @@ -251,6 +251,24 @@ struct kvm_page_fault { int kvm_tdp_page_fault(struct kvm_vcpu *vcpu, struct kvm_page_fault *fault); +static bool kvm_mmu_fault_is_private(struct kvm *kvm, gpa_t gpa, u64 err) +{ + bool private_fault = false; + + if (kvm_is_vm_type(kvm, KVM_X86_SNP_VM)) { + private_fault = !!(err & PFERR_GUEST_ENC_MASK); + } else if (kvm_is_vm_type(kvm, KVM_X86_SW_PROTECTED_VM)) { + /* + * This handling is for gmem self-tests and guests that treat + * userspace as the authority on whether a fault should be + * private or not. + */ + private_fault = kvm_mem_is_private(kvm, gpa >> PAGE_SHIFT); + } + + return private_fault; +} + /* * Return values of handle_mmio_page_fault(), mmu.page_fault(), fast_page_fault(), * and of course kvm_mmu_do_page_fault(). @@ -298,7 +316,7 @@ static inline int kvm_mmu_do_page_fault(struct kvm_vcpu *vcpu, gpa_t cr2_or_gpa, .max_level = KVM_MAX_HUGEPAGE_LEVEL, .req_level = PG_LEVEL_4K, .goal_level = PG_LEVEL_4K, - .is_private = kvm_mem_is_private(vcpu->kvm, cr2_or_gpa >> PAGE_SHIFT), + .is_private = kvm_mmu_fault_is_private(vcpu->kvm, cr2_or_gpa, err), }; int r; From patchwork Sat Dec 30 17:23:26 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Roth X-Patchwork-Id: 13506944 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 61C59C46CD2 for ; Sat, 30 Dec 2023 17:24:55 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id C21E16B0159; Sat, 30 Dec 2023 12:24:54 -0500 (EST) Received: by kanga.kvack.org (Postfix, from userid 40) id BA9526B015B; Sat, 30 Dec 2023 12:24:54 -0500 (EST) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 9D5666B015D; Sat, 30 Dec 2023 12:24:54 -0500 (EST) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0012.hostedemail.com [216.40.44.12]) by kanga.kvack.org (Postfix) with ESMTP id 8B0D56B0159 for ; Sat, 30 Dec 2023 12:24:54 -0500 (EST) Received: from smtpin19.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay06.hostedemail.com (Postfix) with ESMTP id CA3DFA11E1 for ; Sat, 30 Dec 2023 17:24:53 +0000 (UTC) X-FDA: 81624159666.19.6594C20 Received: from NAM12-BN8-obe.outbound.protection.outlook.com (mail-bn8nam12on2041.outbound.protection.outlook.com [40.107.237.41]) by imf09.hostedemail.com (Postfix) with ESMTP id 15D9A140017 for ; Sat, 30 Dec 2023 17:24:50 +0000 (UTC) Authentication-Results: imf09.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b=f3qFmrx5; spf=pass (imf09.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.237.41 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com; arc=pass ("microsoft.com:s=arcselector9901:i=1"); dmarc=pass (policy=quarantine) header.from=amd.com ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1703957091; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=Ha70LUUwBF2GKOLwk2IDsBKjAfjqiTrz3NfZpC2t4HA=; b=0JaxHnlo1ItyG03IiCtv+5hIqvQD7a7omCsttFnCiDbh168quxww6+Me83chK7ODbyojM7 BYkBEVpuI5rWRmX9ZQ3WPze6DrCqcnfH/K/WfIYYmMMK5Lwu/zQ0nBmXod2CBwmwyxwIwy sgbYiB6ZPOOJnWuod8xuC48YmQZTAC8= ARC-Authentication-Results: i=2; imf09.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b=f3qFmrx5; spf=pass (imf09.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.237.41 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com; arc=pass ("microsoft.com:s=arcselector9901:i=1"); dmarc=pass (policy=quarantine) header.from=amd.com ARC-Seal: i=2; s=arc-20220608; d=hostedemail.com; t=1703957091; a=rsa-sha256; cv=pass; b=czSnfH1H3fRUc6ZtVcJTducVtAEmdqraAxzYGJrJWpC7GHPXniA2YC4guZhjLiKxv1CfmI UZUib+yyOvm3yECo428RT2r3wyiiycqzWoy5AVg3tQxMIU743oSn/GyZ9NFq+BJAlkMEmg D4FOpw49jzAtYffqPxUmj6cTOpQlhBM= ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=lhQ9Z214uC+757akySjjl4qwK0kDPwRbjytpQlgEkYMGPh8docme+RZSWo5wN14kqmEL1tElRviu0W8Hv680GBRhg9Xl5A6MFCOiad3gl8NKgUAMBbmjWFXeXIMieIjd4iUb2X1ShH3gt+vXf9kho4MpP8xgSWxoJb1CqcHn81BYPbY6RTN+hnsSVpW+Rq9etxpuXo4v0VBY3GEdHUh46n8KSkFyRgEfq2rqWpK6vlbwO4p2lEuv4LPPQYpXDWm/6+tX/RILWFOhp0rFM45O9Mo3BSMZPjD3GSBQMspUz6d4EsuGN6CFKOBhsfZT4vFKFPUe/qX4MX1tDt+v8mS6SQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=Ha70LUUwBF2GKOLwk2IDsBKjAfjqiTrz3NfZpC2t4HA=; b=fiDHKoCH7St0tJq0uh1Kz5Lpkvf2a3M96fKcbLvYFgMe6qRm1I4SGO2ieUoPfPh7jdwArNNcTE2gi8iISxrdYeRhI/+TT8jHHnMnTUNJPiJ0JZXiqBRubdt1RsjBiqigyahkRgtdKhqm76XPNCa03zAixI2KrVs5+vrhU19g6d3AO7Nnza3MMZfaHc9FRrEnpR40SpULQ+N5SZmVOAEeY5c6Fi/VDdl+ses1a3MRgZhhg/psLRUEj243SSZLPnAsjYMAlsKZWSKejhXMT2Ays6LC77bzTymO5NJctrWteygqrbjWqGMa74zDv3sYolsEI102h7bIjVz90SmCBKnlNQ== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none (0) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=Ha70LUUwBF2GKOLwk2IDsBKjAfjqiTrz3NfZpC2t4HA=; b=f3qFmrx55ItdoNrG0bSu71sWsBYqnPLnCtXBwUhavmBTOMXG0aHVU8ZkMaEB1edOEwlPRZbHKqP5IqAmFiDzmkoW2PV0B2ERu7jZLgINjcOXM75tYhwiKbQKQr7ooChdNrXh3xpLCM2+O+j/93zJW84tQ8cQEtuwUK5ls2sLFlo= Received: from BL1PR13CA0096.namprd13.prod.outlook.com (2603:10b6:208:2b9::11) by IA0PR12MB7531.namprd12.prod.outlook.com (2603:10b6:208:43f::12) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7135.22; Sat, 30 Dec 2023 17:24:46 +0000 Received: from MN1PEPF0000ECD4.namprd02.prod.outlook.com (2603:10b6:208:2b9:cafe::8) by BL1PR13CA0096.outlook.office365.com (2603:10b6:208:2b9::11) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7159.7 via Frontend Transport; Sat, 30 Dec 2023 17:24:46 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by MN1PEPF0000ECD4.mail.protection.outlook.com (10.167.242.132) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.7159.9 via Frontend Transport; Sat, 30 Dec 2023 17:24:46 +0000 Received: from localhost (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.34; Sat, 30 Dec 2023 11:24:41 -0600 From: Michael Roth To: CC: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , Alexey Kardashevskiy Subject: [PATCH v11 10/35] KVM: SEV: Do not intercept accesses to MSR_IA32_XSS for SEV-ES guests Date: Sat, 30 Dec 2023 11:23:26 -0600 Message-ID: <20231230172351.574091-11-michael.roth@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20231230172351.574091-1-michael.roth@amd.com> References: <20231230172351.574091-1-michael.roth@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: MN1PEPF0000ECD4:EE_|IA0PR12MB7531:EE_ X-MS-Office365-Filtering-Correlation-Id: 4a11e442-b6d0-4604-85f0-08dc095c3818 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: WUXxigJ5jBElF/DMeYYtioPmeGAqvw5qbvg9YnhOGpzqPE2iWvHoqrpK4I0+AVtbjEaM0r0WrMxF3Rtbt/pZ6SYOW2vSjswHlUBKB/eHFi+kB6Ohhh5Wzo7Rsvfvk77MqQzIYP8dO6nf4yShpJM0ZOxkq8RL0yQzmKPTOQ12aXnczgRWtQKI3mzvdvsI/RP7HhImUxiZ8hgc7MsmPefuCPoWExyl8AS2OF7VvAEBOPZI2KtfmTsOweKXD9y8rkxqx0BQBGu7UHb/v7Gce7jkfmww4nTThhSjtgRczC+PsuYtEF9NbBru3Sf6tyCtnLkAHjD/sNUhsFKB5RmIxtJ2uMlanaJ1WzhTCLFzFMs4Sy16Dfpw5paxEURnXLNIGbIS1nw5dpjeDElYKAloj1bEmHeXiZoTB0zTaWw3sJhqFiW2xqYYTLMB/SqXbx4KIF1dGP20/YkHBRC7avYRJ5nnlKNcIUBSVw8xa/GoLfCeXpgRfrNvyUZcjN3H7nDtBMjoHH9lRjWGsenVGHNSV6osyn0hbjwJkOoK7zsC2jjfqNWtsGeKUUlzX4rsgDDb9BbBdGaiVmy6MyaxfBVO7Fsbjb69W7VcM7MXUKeSB0MEQJvCoQmNuWa+rok/j73dHVHGiJiTqEcQiNkBNRPYO3MzuZ9WR2dLF934XuMk5bigXAVWH5OvK1Bk16c/oLsbUdLhKeHXgp3W1ifUBhh7YPtyLmrwEM+u/utnTazyMP/NMX7OKf367UbMsrMHTb6WdMti5ar8hJU4Db6LtsIqsJGjkQ== X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230031)(4636009)(136003)(376002)(346002)(39860400002)(396003)(230922051799003)(1800799012)(64100799003)(451199024)(82310400011)(186009)(36840700001)(40470700004)(46966006)(44832011)(5660300002)(356005)(81166007)(2906002)(40480700001)(40460700003)(82740400003)(86362001)(4326008)(8676002)(7406005)(7416002)(36860700001)(8936002)(47076005)(316002)(6916009)(70586007)(70206006)(41300700001)(336012)(478600001)(426003)(16526019)(54906003)(6666004)(26005)(83380400001)(1076003)(36756003)(2616005)(36900700001);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 30 Dec 2023 17:24:46.1915 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 4a11e442-b6d0-4604-85f0-08dc095c3818 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: MN1PEPF0000ECD4.namprd02.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: IA0PR12MB7531 X-Rspamd-Queue-Id: 15D9A140017 X-Rspam-User: X-Stat-Signature: ro9amojzr319kfsi5sxijapedhwn7ch4 X-Rspamd-Server: rspam01 X-HE-Tag: 1703957090-818973 X-HE-Meta: U2FsdGVkX1/IUretNLOYYVMkFVHWVDnfthZkNi0xp3AlKNtwvA5yN7YWY8qJRcTN/JmO6/BZOToAiwaHl43wrUs76MteD1ZpsjRh+gFAVGR4rv7274Tvjp4PEJmTMpj1tnNbcIb7gW2rny5ExUzEHJNnsihdReB5CuZep1+x2MJxv56iB+pKF4CbTmgNhQresUpeu/rtnaUDqRnJwUe/LOAjZceivsHEpMeHMg3KFo2cfYu3S2NpInBLebdfHEKxQGW7CpMAy3ybjXcdgNiYVOT0BywNpkBjHQ2l8yyWZoLDT6GqxlzE8SVRPq4JrFGwX2FYtw6/DzJPuFprVyyP7uzjNOSK2Dt/n99dFyuq4dfEjUehmJQV3xGakbNean1IJQ8kDQtIooQL6Iyb2n377oWeFVQJR+0jSz2zeb0Hq6cySOlea9ECDeTQoR6pAvGbX6UYqY54ppHO5xRTyGBk79qkAbouUvkJ7c/48elM2FCD7b5PRM+Ww052r+kmUC91Y0qJUPRXZeytU3t2cbihEtcLBHANUdxWXtPqO2fTmLg+MXxfG6KbVjcJOSjwjoVVRmZpk/NvlbyqWjHGYba4kkQJgrdxZs9VOOvbikZvry3ag5/YCJWZb16PjxtQvETQa8+6jQTTHPeU4n7SR3/Jlu68wF9n8R6i7SY4Rsu3o3O/Dpa1LuKSI5kdr/JYqpK04+0ADIlzx9k3JcyIHNYQ0IOqyG+ukj2hiSy0BVaAZYC1LwClxxtjZwzadI6xkLNQWvyIYwM1DQvNVUds5LeFgfbaNe6mmtW2q5V8L1P9oOfyM7jdsQMT9sAABs4M9t3BYLjUwO9IKVKHBe70SalhSafMcgTs37gJAARfyUb35H4j2rQtkFGyRGChdW3F4sm5h3MzkOoWJW5O1qLmLmoDBThe1sqvqCp9bzVhHOxBVIEpY4Jymde/eINPB+MESvDX6Ui8A4I/DR2xHerZJHV idI4YO3G 02zTbeyJsljc672EqO+UDaCKSCFYkGBOc+6WB X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: When intercepts are enabled for MSR_IA32_XSS, the host will swap in/out the guest-defined values while context-switching to/from guest mode. However, in the case of SEV-ES, vcpu->arch.guest_state_protected is set, so the guest-defined value is effectively ignored when switching to guest mode with the understanding that the VMSA will handle swapping in/out this register state. However, SVM is still configured to intercept these accesses for SEV-ES guests, so the values in the initial MSR_IA32_XSS are effectively read-only, and a guest will experience undefined behavior if it actually tries to write to this MSR. Fortunately, only CET/shadowstack makes use of this register on SEV-ES-capable systems currently, which isn't yet widely used, but this may become more of an issue in the future. Additionally, enabling intercepts of MSR_IA32_XSS results in #VC exceptions in the guest in certain paths that can lead to unexpected #VC nesting levels. One example is SEV-SNP guests when handling #VC exceptions for CPUID instructions involving leaf 0xD, subleaf 0x1, since they will access MSR_IA32_XSS as part of servicing the CPUID #VC, then generate another #VC when accessing MSR_IA32_XSS, which can lead to guest crashes if an NMI occurs at that point in time. Running perf on a guest while it is issuing such a sequence is one example where these can be problematic. Address this by disabling intercepts of MSR_IA32_XSS for SEV-ES guests if the host/guest configuration allows it. If the host/guest configuration doesn't allow for MSR_IA32_XSS, leave it intercepted so that it can be caught by the existing checks in kvm_{set,get}_msr_common() if the guest still attempts to access it. Fixes: 376c6d285017 ("KVM: SVM: Provide support for SEV-ES vCPU creation/loading") Cc: Alexey Kardashevskiy Suggested-by: Tom Lendacky Signed-off-by: Michael Roth --- arch/x86/kvm/svm/sev.c | 19 +++++++++++++++++++ arch/x86/kvm/svm/svm.c | 1 + arch/x86/kvm/svm/svm.h | 2 +- 3 files changed, 21 insertions(+), 1 deletion(-) diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c index 2efe3ed89808..f99435b6648f 100644 --- a/arch/x86/kvm/svm/sev.c +++ b/arch/x86/kvm/svm/sev.c @@ -2978,6 +2978,25 @@ static void sev_es_vcpu_after_set_cpuid(struct vcpu_svm *svm) set_msr_interception(vcpu, svm->msrpm, MSR_TSC_AUX, v_tsc_aux, v_tsc_aux); } + + /* + * For SEV-ES, accesses to MSR_IA32_XSS should not be intercepted if + * the host/guest supports its use. + * + * guest_can_use() checks a number of requirements on the host/guest to + * ensure that MSR_IA32_XSS is available, but it might report true even + * if X86_FEATURE_XSAVES isn't configured in the guest to ensure host + * MSR_IA32_XSS is always properly restored. For SEV-ES, it is better + * to further check that the guest CPUID actually supports + * X86_FEATURE_XSAVES so that accesses to MSR_IA32_XSS by misbehaved + * guests will still get intercepted and caught in the normal + * kvm_emulate_rdmsr()/kvm_emulated_wrmsr() paths. + */ + if (guest_can_use(vcpu, X86_FEATURE_XSAVES) && + guest_cpuid_has(vcpu, X86_FEATURE_XSAVES)) + set_msr_interception(vcpu, svm->msrpm, MSR_IA32_XSS, 1, 1); + else + set_msr_interception(vcpu, svm->msrpm, MSR_IA32_XSS, 0, 0); } void sev_vcpu_after_set_cpuid(struct vcpu_svm *svm) diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c index b6179696861a..18d55df7fa5f 100644 --- a/arch/x86/kvm/svm/svm.c +++ b/arch/x86/kvm/svm/svm.c @@ -103,6 +103,7 @@ static const struct svm_direct_access_msrs { { .index = MSR_IA32_LASTBRANCHTOIP, .always = false }, { .index = MSR_IA32_LASTINTFROMIP, .always = false }, { .index = MSR_IA32_LASTINTTOIP, .always = false }, + { .index = MSR_IA32_XSS, .always = false }, { .index = MSR_EFER, .always = false }, { .index = MSR_IA32_CR_PAT, .always = false }, { .index = MSR_AMD64_SEV_ES_GHCB, .always = true }, diff --git a/arch/x86/kvm/svm/svm.h b/arch/x86/kvm/svm/svm.h index 9ed9d72546b3..7f1fbd874c45 100644 --- a/arch/x86/kvm/svm/svm.h +++ b/arch/x86/kvm/svm/svm.h @@ -30,7 +30,7 @@ #define IOPM_SIZE PAGE_SIZE * 3 #define MSRPM_SIZE PAGE_SIZE * 2 -#define MAX_DIRECT_ACCESS_MSRS 46 +#define MAX_DIRECT_ACCESS_MSRS 47 #define MSRPM_OFFSETS 32 extern u32 msrpm_offsets[MSRPM_OFFSETS] __read_mostly; extern bool npt_enabled; From patchwork Sat Dec 30 17:23:27 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Roth X-Patchwork-Id: 13506946 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id D7846C4706F for ; Sat, 30 Dec 2023 17:25:34 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 6FB796B0170; Sat, 30 Dec 2023 12:25:34 -0500 (EST) Received: by kanga.kvack.org (Postfix, from userid 40) id 67AF96B0171; Sat, 30 Dec 2023 12:25:34 -0500 (EST) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 4F3646B0172; Sat, 30 Dec 2023 12:25:34 -0500 (EST) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0014.hostedemail.com [216.40.44.14]) by kanga.kvack.org (Postfix) with ESMTP id 36CB76B0170 for ; Sat, 30 Dec 2023 12:25:34 -0500 (EST) Received: from smtpin23.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay04.hostedemail.com (Postfix) with ESMTP id 11A3D1A041C for ; Sat, 30 Dec 2023 17:25:34 +0000 (UTC) X-FDA: 81624161388.23.60ED574 Received: from NAM10-BN7-obe.outbound.protection.outlook.com (mail-bn7nam10on2059.outbound.protection.outlook.com [40.107.92.59]) by imf27.hostedemail.com (Postfix) with ESMTP id 253DE40006 for ; Sat, 30 Dec 2023 17:25:30 +0000 (UTC) Authentication-Results: imf27.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b=5mn+LMo0; spf=pass (imf27.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.92.59 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com; arc=pass ("microsoft.com:s=arcselector9901:i=1"); dmarc=pass (policy=quarantine) header.from=amd.com ARC-Seal: i=2; s=arc-20220608; d=hostedemail.com; t=1703957131; a=rsa-sha256; cv=pass; b=6W3uRUtLQptwP4Z/3pLj/HOsrW0VjcXZRXra+Iz/Hgl/QMBuZHLAxcBbmXW4TXY+dWqQG/ f6eB7AVaHvfE9ml3VmySdEZ9X/FGzKHaSGGRZ7EnUticsyTK8J2gpoOeT7TD/pGwWB7yac 2zwtdK3sF8/D3qtAOVnQc+zzadexORc= ARC-Authentication-Results: i=2; imf27.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b=5mn+LMo0; spf=pass (imf27.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.92.59 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com; arc=pass ("microsoft.com:s=arcselector9901:i=1"); dmarc=pass (policy=quarantine) header.from=amd.com ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1703957131; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=XW04+E2Df2todv0ZCxN+pX2ofEBBzIcQaDGHiC98WyA=; b=ih1qpy3jt0KhWoa7UBQNmsZ+blnXBvkkwQdLNntOziyjjmr/LK2R2CRGu/wODatNHtodIt ORBcNfGhEUKPTHsaHZiU/3U+4hbzkpb160Q008lYdJNuueyp3En4NJ6KBi4aTarv5kWhVY Nuq/p8qa1UZ9amS/0mqFh+pa76hadF0= ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=NxnGdIPIErkme2Rfy4L5c1B8VakEQskps8WCA4dckysbXj9LijVRkKVjpIrApDJgnBk2iDK2rjrf3sjV/9KkQFSWfB19SilhrG3OyorvBMrqpnoAJTbrqE95/YjEpR4UwROV54meSkfcGA0xyCBVgStPYPt8s+f2ON8hSIycEejdgX6bTq+uO1IBTI0lfyrikQNUz31f12k76ow9DCfyNCbopecQMoQ4dHv6fJI450bEFdWlzolt8P0iVp3r3i8gJlqw6oHB1ZiPuYvVGTrM6PGPko5U0kjaaq0NXMu1Ie4Ca2GJt/eH+BoGZq8wpVI3eBhue0rfECC5PC0kF1yXfQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=XW04+E2Df2todv0ZCxN+pX2ofEBBzIcQaDGHiC98WyA=; b=ZScfZoV7R5VuhMxxW2hX3ht0UwN60/P61H8dqh1tNvH0Zx501jTEzP/2AtrX9YfUsIvY5sQfHP6AiKyQv1bz9NEcTSuyUEeek/OS4nl4i89VHAQBcaUluWo2sF7B0pVm9/YzXnYx+N7bZGq6NoXkOJiQV5Uw6mtOFEHnB+t4nqfMSHl9bVe7wOQJzS4d6NldnT4XrdZIQmtBDn34cxwRzLo9+1Thdm8ZWulPEutOB7at3d3B4E7WegC+6HSfho1rIbfvwooBV4rkjok+2F8lm4uH0A2Pf71UIOaKzEo2pBPNadvIogUN4dCE67RQcf4ndI+NngYVAPuIwJkuyNxC4w== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none (0) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=XW04+E2Df2todv0ZCxN+pX2ofEBBzIcQaDGHiC98WyA=; b=5mn+LMo0Egw+O2EM48keqkqpmTkGXauj7fKGPvzBHH1TLth5NAOcXQWhcXmN1wXV4JnjzOeccF89tLc20H+7Dws/KGoANHA9tYSai3q61l3EyelgwMiBTIX3tbzLEnkG7MNjOYgvSi5xgGmezQVhieX2s3B6rQBSLQIzdj9lXPA= Received: from MN2PR03CA0006.namprd03.prod.outlook.com (2603:10b6:208:23a::11) by SJ2PR12MB8159.namprd12.prod.outlook.com (2603:10b6:a03:4f9::15) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7135.23; Sat, 30 Dec 2023 17:25:24 +0000 Received: from MN1PEPF0000ECD8.namprd02.prod.outlook.com (2603:10b6:208:23a:cafe::9b) by MN2PR03CA0006.outlook.office365.com (2603:10b6:208:23a::11) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7135.22 via Frontend Transport; Sat, 30 Dec 2023 17:25:24 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by MN1PEPF0000ECD8.mail.protection.outlook.com (10.167.242.137) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.7159.9 via Frontend Transport; Sat, 30 Dec 2023 17:25:23 +0000 Received: from localhost (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.34; Sat, 30 Dec 2023 11:25:23 -0600 From: Michael Roth To: CC: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , Subject: [PATCH v11 11/35] KVM: SEV: Select KVM_GENERIC_PRIVATE_MEM when CONFIG_KVM_AMD_SEV=y Date: Sat, 30 Dec 2023 11:23:27 -0600 Message-ID: <20231230172351.574091-12-michael.roth@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20231230172351.574091-1-michael.roth@amd.com> References: <20231230172351.574091-1-michael.roth@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: MN1PEPF0000ECD8:EE_|SJ2PR12MB8159:EE_ X-MS-Office365-Filtering-Correlation-Id: 56ad104d-342d-4d10-6f00-08dc095c4e98 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: Qr+tQ5vtaZiWJawwOsIkeh8lMtzk6kIKV1xQmvkCrHhATUoyHOcg6Zy7U91A2c1p2Hjos3k+Lh5N1XE46BYPJF/kNGiYZro5ls8uRxnImJCMYpLf0Mb0HVikpNCnZu8oEx9VH1pU8G6K6qYrQKoX+8czbvF1qV1tw1MICDf1Tw8NbGJnIHxQdC5VpvVJohyr9xFqlQs85Fv68uL7rHHJQloJJNZUoOwByFdn5Z3R7dBrwL5Fs+LUMZBVqQP8oByQplYFZnyg0RYMMHp7+fiP5KCXPKCEvZm01HpFTf/sHE2xEl9w/SkKbESyRHtZ2Bo/rr4gCiwYqSGH3lmxzXOYcr65bZLdMMplopElGXezmmAsVS58NybQr0NeMcNKAP9qU97sJ140uqlVNn9IqgIKALSnnd/xTfpCHtGWTc376S8dbpPGoSTcDouOA41xArdeh4zEwnuys3dvIagg+Xuc8ttFb9p8htJwwuEBLYQ9wrjGBXXl/gbichWFjIUzSRz9zBMECCxewEIfBHrNCR/PTs2fbA6a7s10zxed2DR9aTuovmdB56aXMnrBKUbxSnFpcY2AFMlbNMoXQ8ApJbES3tcHKBrOjbKC/WfGaAKrP+E+Of2N4QUbnhc/v/TpfTkk7FebmYdbtb8qxbixnuyvSgytzx9LpK/bnpPT/OxuBZm63n7ddol3g0S0UI697CEqHOqeFsgfj9Q8Lq7Ce/s/ujyR4Yc1NIDPodu6CYlndNINT1W/ebYTx+vlIVANZYciSqd3H7fV2iwF3X5BA/FqYK02ub6LqyiDuAzyhBTHubw= X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230031)(4636009)(396003)(346002)(39860400002)(376002)(136003)(230922051799003)(451199024)(1800799012)(186009)(82310400011)(64100799003)(36840700001)(40470700004)(46966006)(2906002)(4744005)(7406005)(7416002)(5660300002)(41300700001)(82740400003)(478600001)(36860700001)(2616005)(40460700003)(16526019)(426003)(336012)(40480700001)(26005)(1076003)(47076005)(8936002)(8676002)(36756003)(4326008)(44832011)(6916009)(356005)(70586007)(70206006)(81166007)(316002)(86362001)(54906003)(41533002)(36900700001);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 30 Dec 2023 17:25:23.9552 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 56ad104d-342d-4d10-6f00-08dc095c4e98 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: MN1PEPF0000ECD8.namprd02.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: SJ2PR12MB8159 X-Rspamd-Server: rspam08 X-Rspamd-Queue-Id: 253DE40006 X-Stat-Signature: 148k6z6fhrgyasbar8i7hjutotj96bz7 X-Rspam-User: X-HE-Tag: 1703957130-911618 X-HE-Meta: U2FsdGVkX1+5C9P2pLjs07V4WjRxm2u1BLTZmPbxJ+y6En7wOwdo9mXanZbLzcN3dV0/7z+ZG7JHsLbPVT350c5ECnxNXHdat1wxLuwnHE2O2m6ONKEc/EAoqyaeZaT92JvdPis9AbKHhOnbDUpjsPZUMSc7+tIxNMKMvRvh+dhgtRS4HzgFOLDN+T3/y886Oc+QkUsRPmaRXgPsROjK3+jXTi3mdh4W9nVw9jiUh7ydz47fMN3KF3+txrxyZV7srO2XhgTBW6FVdJSvzk0V3lpUnV01Hpzmh+7yGUa1xbPYU86uUMBDXpZ/ho75vxDM7UNu3E9/S/DfH/3BwpsQT0dPVxeqI0Es1TiEZ8c9DGY4ERebSyhMe01bTdGCHKAEBwaRPLSGIPsmtkqBnkWO/JauVzn0ypCNMQIx+elCWROAzXpxYpDkYsb8S1mJGyz5jJnkkBSjbE8GXm7hbUBAVoMKZbRXqCaYE5hNP/xfGZ40vxElY8OBXsO5qT2iIhbcKxf/A1AOiU0vo758Og3BveDaXyvL7sN1mw7PuwYAFyzZ7/O7KZC1ZQF5iP1FQk0XF0Ih7N6L/S8Bepuxe1edVneL8BT7qF0hZflot+coK0GbRog0h7w4L2Jt3Y4qBd3TNcq1u99Ec15GaKPNMnXI/Z2cXSlVhIv8l7bF9m4UQf3bueGLOILPRcEmiMr9ueg+wmpreRC/Y+ocx+jkIMGCltw/CsLlQSfbk0GV2bfe+K2mc6O0TG3fmQTUHShK8pDU0wd/3nCcKaQOSRbn09Z7GPKCNFOUnWI0n5KNL4rg+o4xeJq4KkreYH07FUoBt1+dooGNyUeitW9jC0/8aL23SUN4Os3EY0dT3kurHnH4RNCSZKHtnLgl6AA7t23dey5gqo1w1MIiHZG7nYmwrq9JE/QWsRwIpvm1KEHNI2tYQYUIjtt0KL6rsneiRfdD0a2gb+G2uyHUH2LPT9a5Pow s3hhgX3H Vst4BqfcE8H+bWnJH+3t6Oq4sWHT4iAPq7YCDWQCDb8cgRqb035CNU5gLxEfwp2pjLs7Fy/H3Iarghu0D/wB3xg1UIVm56F1Z7no5aQN7pg2aWFbjzD0ggeH5aFpMrvp5TD/GKarXaaI2T8/+iNK4uWlXOIXfPh5Z5butWJKDZ4CuCMPw3rvppm68wZJGi8/f40YA7jBnm65S7R+QXQ5ibM/cWyq6RFJ0hT1XjG2qxCBRGdqs9gjzVmaQg0G7DTzEN0bUSdIji2F3WbMdvoGqhUaBMVqCr1My2iHrmcN2HHNy9bud20kVKUevVTN1GiEsaCerDHCHNNsmGB1ibNyNMhHDQXdxcz/j/C2lF6/cJIxgvHY7FbIq9/C1dijA8cKK5SpG1HNNV3Tihfoh7pOEJ85M6A== X-Bogosity: Ham, tests=bogofilter, spamicity=0.000045, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: SEV-SNP relies on restricted/protected memory support to run guests, so make sure to enable that support via the CONFIG_KVM_GENERIC_PRIVATE_MEM config option. Signed-off-by: Michael Roth --- arch/x86/kvm/Kconfig | 1 + 1 file changed, 1 insertion(+) diff --git a/arch/x86/kvm/Kconfig b/arch/x86/kvm/Kconfig index e807eb56dc08..4ec53d6d5773 100644 --- a/arch/x86/kvm/Kconfig +++ b/arch/x86/kvm/Kconfig @@ -124,6 +124,7 @@ config KVM_AMD_SEV bool "AMD Secure Encrypted Virtualization (SEV) support" depends on KVM_AMD && X86_64 depends on CRYPTO_DEV_SP_PSP && !(KVM_AMD=y && CRYPTO_DEV_CCP_DD=m) + select KVM_GENERIC_PRIVATE_MEM help Provides support for launching Encrypted VMs (SEV) and Encrypted VMs with Encrypted State (SEV-ES) on AMD processors. From patchwork Sat Dec 30 17:23:28 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Roth X-Patchwork-Id: 13506947 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 6A001C46CD2 for ; Sat, 30 Dec 2023 17:25:55 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id F33106B0173; Sat, 30 Dec 2023 12:25:54 -0500 (EST) Received: by kanga.kvack.org (Postfix, from userid 40) id EB83A6B0174; Sat, 30 Dec 2023 12:25:54 -0500 (EST) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id CE5046B0175; Sat, 30 Dec 2023 12:25:54 -0500 (EST) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0011.hostedemail.com [216.40.44.11]) by kanga.kvack.org (Postfix) with ESMTP id B99386B0173 for ; Sat, 30 Dec 2023 12:25:54 -0500 (EST) Received: from smtpin01.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay04.hostedemail.com (Postfix) with ESMTP id 9594A1A03DD for ; Sat, 30 Dec 2023 17:25:54 +0000 (UTC) X-FDA: 81624162228.01.EFFCDF0 Received: from NAM11-DM6-obe.outbound.protection.outlook.com (mail-dm6nam11on2080.outbound.protection.outlook.com [40.107.223.80]) by imf24.hostedemail.com (Postfix) with ESMTP id A1394180006 for ; Sat, 30 Dec 2023 17:25:51 +0000 (UTC) Authentication-Results: imf24.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b=Y+A66LGR; arc=pass ("microsoft.com:s=arcselector9901:i=1"); spf=pass (imf24.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.223.80 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com; dmarc=pass (policy=quarantine) header.from=amd.com ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1703957151; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=pjftE3G+Vnx3yYCoMrg5oU0p0NL5OyiaOcqj5Sradbc=; b=E4ddlu6ZF+H4rclzVgrqdD4CbmuUeTyCgTZuCIsV9IqjtiMParCiQN8BaYf/DnPHuFOpQ0 JpGrrDkauZ5Wgqu++3Y9fcF/ueAdbeNobNmwtlcYJ5ThZfvaeapqhEa2fjP/kQXEFZwje+ 8irRX0EWmQ2WQMKz+qLYOwU04qMQlls= ARC-Seal: i=2; s=arc-20220608; d=hostedemail.com; t=1703957151; a=rsa-sha256; cv=pass; b=PeQA0MB0wWbWZq1tmiu6PXvD3kkm2UAmjnQ9EWSL5X6e+pbvyN3p4R7r1aH5tK7DjPZ+0F GCuvmAECkagHf0SsuYs0HBuvhEng8QuEAxGCvucuFZaLR6HKrPm5tqEM1hS0QJKNaqWj+1 6QsvFJzcCkMRDta1MMjviehaV0uV30g= ARC-Authentication-Results: i=2; imf24.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b=Y+A66LGR; arc=pass ("microsoft.com:s=arcselector9901:i=1"); spf=pass (imf24.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.223.80 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com; dmarc=pass (policy=quarantine) header.from=amd.com ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=Qt91w/BA9yViApy350m6eX3npf9FOzlLCuFS0R7sHe3wY9JXOOYTwimP4J6/dH2pewwmzZeGmwIgBhsDHrOFkyRl35nt0r07DxQ10BuMsxGGNbdyAX/Fr5cedJF4SOUP/HxZ78Yn+M/c8wwrynma6AlE2u91tl/BMhB/u9aRNkTR0zL1rO0nkKBhAELvvesghNspO3itIM7kl/VJHY6SmeunICCTPcS1UPQDxGm1gLVesBxJvr0XmrpRfk44j2oq61OkxeKZroTyZOFE/Fb8YTh8jHjCR067P6+GGHAlfFFzQSCqmdutsVuNnvvFO/27RAdZSsY69ru5gU9Jjrn0iw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=pjftE3G+Vnx3yYCoMrg5oU0p0NL5OyiaOcqj5Sradbc=; b=ng7VksSXuVqAxoYLYvIPLZUzEEErCsIgvy8r7gZGqRfbU1hExou/6MHG0miGvAhjj+6jAYepQPpmY4rFTeGKDuwpfz0RNm/2R4RobePeaz/jyblncSPtP5anREqwa2vnNWJz6DOw7sPz/oTteEwUASvVW7QwZHdege4AiowQt1cMlbh3hPOnCKggbtkefs2AtkoUepJw77OwvVCMxDlaefkXsjZWzOFHB7nMqMK+YNaeFVwphGXdV9XZJT59lsKlZPLlQ850ZNhxrarXUT2u0ieePnsXrbyW9cMkOGD1x6WcyAU/4AtrXUL/mznoZWcoFybzP6H+Q8gviQddm3e22Q== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none (0) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=pjftE3G+Vnx3yYCoMrg5oU0p0NL5OyiaOcqj5Sradbc=; b=Y+A66LGRZjBclsjPaOs3XKzjRwHIGoUuSBVHza6/CFImkglmch2Bz49FBdhxjsn3zDuJtxAkbnDFxcCU/pbIW1Nf4tIpyEP2fc7FRaez2oPP6BFRlGHWzCKixZMLb3Cn7vnzATRIBg/eOjt/7zVuSfXYICvIiSVfJ6Wm1qVw5/Y= Received: from BLAPR03CA0175.namprd03.prod.outlook.com (2603:10b6:208:32f::14) by CYYPR12MB8654.namprd12.prod.outlook.com (2603:10b6:930:c9::16) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7135.23; Sat, 30 Dec 2023 17:25:45 +0000 Received: from MN1PEPF0000ECD6.namprd02.prod.outlook.com (2603:10b6:208:32f:cafe::24) by BLAPR03CA0175.outlook.office365.com (2603:10b6:208:32f::14) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7135.20 via Frontend Transport; Sat, 30 Dec 2023 17:25:44 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by MN1PEPF0000ECD6.mail.protection.outlook.com (10.167.242.135) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.7159.9 via Frontend Transport; Sat, 30 Dec 2023 17:25:44 +0000 Received: from localhost (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.34; Sat, 30 Dec 2023 11:25:44 -0600 From: Michael Roth To: CC: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , Brijesh Singh Subject: [PATCH v11 12/35] KVM: SEV: Add support to handle AP reset MSR protocol Date: Sat, 30 Dec 2023 11:23:28 -0600 Message-ID: <20231230172351.574091-13-michael.roth@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20231230172351.574091-1-michael.roth@amd.com> References: <20231230172351.574091-1-michael.roth@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: MN1PEPF0000ECD6:EE_|CYYPR12MB8654:EE_ X-MS-Office365-Filtering-Correlation-Id: 8df7c58e-8f6f-42f0-2910-08dc095c5aff X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: dxfXqD9i6n6dHjhoA2UmajZI+1z9xqhcm0eqGWDWjsT+2fRZnqxg4laMxPD1DUB5VKkFSonDlXLVnGGFPIwzKts6CuzGk6f8xWpmuFQR+SikB3lOt1nMJfooaZ4KsYfrV8e2I3RcucVp6ATOx6AmCduLFXnWlL4TaBcOOCgQInNk9ftsRalShu2cM0sa8LRPqOvx0rPz1jXodokBnGF5L3gxqaS+zgpYO//eplWa+ojV5geSn+BqYSy5XrQ8k6MTcFoCzlrE6/8bYZuyh7DCC/QnOJZ6iKGp5SNPVX28l6EniDol6pu34Sag02lEOiyTCbUM2bWFkV88J1Yd+LDBvMB/g1XZU9sIRkhSqjK9Pn7n2HSANbtiYBc0fs+aSWSAMO7aW7cpIdNjQX740Zqx03k3QNUVw8XxY4n3NuY7crlalV1SPCOs0+IAG4l0drOFmyNvILpI+TewmcIG8kkbKWYwJjRz8Ozm95jFUIaAfKiM9Uo1scFWEzUDeAArqgeLiBA2cFijxIYFzBrnKBT0t49YWMBlts0dOtFdnXW1kyAepCz+cVn2YQ732gCpQVr0zVY2MKahTtgzRB/GFLt+0Dlld/kxN98ywS9D49Ikc7hExdBkEinBMF8+3Ow103Fo1yz67UR+D1ZEuoxVdcrRQL1y/UGwhQLlFmd0x9TfQKfynEoIhy1dFMVd5u6wwQZ7rVbWDmmUX7TKB1kDiS+FVy63EyS1Jj6BNYAmOOUmsuORkOiSLSPq3wC4V0PEn+qZyZz+mc4zsTx+nfUnigb6Ig== X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230031)(4636009)(396003)(39860400002)(136003)(346002)(376002)(230922051799003)(451199024)(64100799003)(186009)(82310400011)(1800799012)(36840700001)(46966006)(40470700004)(426003)(336012)(16526019)(26005)(1076003)(83380400001)(2616005)(6666004)(36860700001)(47076005)(7406005)(7416002)(5660300002)(4326008)(44832011)(41300700001)(2906002)(478600001)(316002)(8676002)(8936002)(54906003)(70586007)(70206006)(6916009)(86362001)(36756003)(81166007)(82740400003)(356005)(40480700001)(40460700003)(36900700001);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 30 Dec 2023 17:25:44.7611 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 8df7c58e-8f6f-42f0-2910-08dc095c5aff X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: MN1PEPF0000ECD6.namprd02.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: CYYPR12MB8654 X-Stat-Signature: 83i98oz9bn3cow3j9nfzmmnsqsfpxnac X-Rspamd-Server: rspam10 X-Rspamd-Queue-Id: A1394180006 X-Rspam-User: X-HE-Tag: 1703957151-699913 X-HE-Meta: U2FsdGVkX1+CVoR7EQPzCiNZnHd7F2z9/bplFwNAZR4UMxFRP79flEtgrFBoPIIJWhQtYR68E+7RkMkhT37a4rWLliU04Qa/1zhZTczEdeXqa+H2ki9zZg2KDH6kgcRGtXBirzfvuurZ9vlNBXNmMmfpH1LwGLqG3a6GmR7mnCibqLSFzNAhpNWEi4oj3plxacJD337lnig7TMVfzczlgcpBnODzI6Wd55uItrvmJvAVGLamVZFDgRwhfg0Bv5fEh+xlAl7JV2JnXXUrLXfbEq8qQyv4fkh5GBU+JDijAmSdKO3QnpzMVrafPJGrsNu1/ItOQz2F+Vb+jChMETdL6iTtNGScNQBvVoGVfpw8noKUJS/OCaVsKqzqVMcqE1CB9a9Fh+s6zm0b2PCTaW5zpPTOSeErTB1ZI7olkGMtXWMg/QVAYqDlZQmahmS94CclUpHvjrFS5w50t7unNqbMWkLeL8cFDFZTYBYDEYhNDGqZUJVQboH5OUVUZ7EHDwm/X9TV5E3OLjAXbRoDD9JW5IMFQluXLJBaYRQK4IuEpOmhNk1ZyNevFMNjzJeaeNP/igC3BQmt7JX2ZrYHK65EGgoF4opjvnI/Td8Wuqsxjr/TBh/JdESLMB2SPyhTwwch6/6mbH22MWMN/TpYvNUfxIV077YY/0uB0Q0dQhDkQkLxiP+juH/+lFwdp6pbQbcqW1E9ko7iJFwoKzP42qO4uMSJKCQ5gpV/WunCc6O7zfD0CmQC24yEp8cw8LGXPUT/b/svmFARH47Xfi9emkqdTt0rkIDynqkFu7/WpwFjP9QghZOyz8U+jtb61h78KbTZChZtbctMIaLptAczFVijOadfnW83pQDMlByx+P+GjhjisPEn5UC2Ol537C4DpCXNlig3wqzTlOHx81mF8nKORY2KfohG/jGTWmPV+hg2xOPgJts7h1VPosCvzXcnmume41VtyjKJCVKP143j1sE EDNj08wM WMqFao318LPDj4ubRABhCNr69rp5jp3bI2m5EI0EuGgym3hclfd1KHe7bdiP1VAt2pG8E5FGRaMWMcHy9M1jJIRI1r7nK4UeXA9K4mhpXi9FpZHzBWo1MIaSyAs8+WVH47xDIR9M6PEW/Dzp1EeHvD5Xkxqhp9XbhkgoHKWuIptWVtRZCyH5HfMQRIgxOTH75Q8h63DEosn8ojtIB8cYxZmTucOyLleCmo39qrcPS2Q1ryVtxxFHruWfRaBavgP7eHW+BIRDmk3PwBAKDICmQsB+c4vlO3gw3IGzDJjErYbu0ew7xXSb+I9m2ZEpgXsa8+qcBymzc4+ytXIg= X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: From: Tom Lendacky Add support for AP Reset Hold being invoked using the GHCB MSR protocol, available in version 2 of the GHCB specification. Signed-off-by: Tom Lendacky Signed-off-by: Brijesh Singh Signed-off-by: Ashish Kalra Signed-off-by: Michael Roth --- arch/x86/include/asm/sev-common.h | 6 ++-- arch/x86/kvm/svm/sev.c | 56 ++++++++++++++++++++++++++----- arch/x86/kvm/svm/svm.h | 1 + 3 files changed, 53 insertions(+), 10 deletions(-) diff --git a/arch/x86/include/asm/sev-common.h b/arch/x86/include/asm/sev-common.h index b463fcbd4b90..01261f7054ad 100644 --- a/arch/x86/include/asm/sev-common.h +++ b/arch/x86/include/asm/sev-common.h @@ -54,8 +54,10 @@ (((unsigned long)fn) << 32)) /* AP Reset Hold */ -#define GHCB_MSR_AP_RESET_HOLD_REQ 0x006 -#define GHCB_MSR_AP_RESET_HOLD_RESP 0x007 +#define GHCB_MSR_AP_RESET_HOLD_REQ 0x006 +#define GHCB_MSR_AP_RESET_HOLD_RESP 0x007 +#define GHCB_MSR_AP_RESET_HOLD_RESULT_POS 12 +#define GHCB_MSR_AP_RESET_HOLD_RESULT_MASK GENMASK_ULL(51, 0) /* GHCB GPA Register */ #define GHCB_MSR_REG_GPA_REQ 0x012 diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c index f99435b6648f..b09bdaed586e 100644 --- a/arch/x86/kvm/svm/sev.c +++ b/arch/x86/kvm/svm/sev.c @@ -65,6 +65,10 @@ module_param_named(debug_swap, sev_es_debug_swap_enabled, bool, 0444); #define sev_es_debug_swap_enabled false #endif /* CONFIG_KVM_AMD_SEV */ +#define AP_RESET_HOLD_NONE 0 +#define AP_RESET_HOLD_NAE_EVENT 1 +#define AP_RESET_HOLD_MSR_PROTO 2 + static u8 sev_enc_bit; static DECLARE_RWSEM(sev_deactivate_lock); static DEFINE_MUTEX(sev_bitmap_lock); @@ -2600,6 +2604,9 @@ static int sev_es_validate_vmgexit(struct vcpu_svm *svm) void sev_es_unmap_ghcb(struct vcpu_svm *svm) { + /* Clear any indication that the vCPU is in a type of AP Reset Hold */ + svm->sev_es.ap_reset_hold_type = AP_RESET_HOLD_NONE; + if (!svm->sev_es.ghcb) return; @@ -2811,6 +2818,22 @@ static int sev_handle_vmgexit_msr_protocol(struct vcpu_svm *svm) GHCB_MSR_INFO_POS); break; } + case GHCB_MSR_AP_RESET_HOLD_REQ: + svm->sev_es.ap_reset_hold_type = AP_RESET_HOLD_MSR_PROTO; + ret = kvm_emulate_ap_reset_hold(&svm->vcpu); + + /* + * Preset the result to a non-SIPI return and then only set + * the result to non-zero when delivering a SIPI. + */ + set_ghcb_msr_bits(svm, 0, + GHCB_MSR_AP_RESET_HOLD_RESULT_MASK, + GHCB_MSR_AP_RESET_HOLD_RESULT_POS); + + set_ghcb_msr_bits(svm, GHCB_MSR_AP_RESET_HOLD_RESP, + GHCB_MSR_INFO_MASK, + GHCB_MSR_INFO_POS); + break; case GHCB_MSR_TERM_REQ: { u64 reason_set, reason_code; @@ -2910,6 +2933,7 @@ int sev_handle_vmgexit(struct kvm_vcpu *vcpu) ret = 1; break; case SVM_VMGEXIT_AP_HLT_LOOP: + svm->sev_es.ap_reset_hold_type = AP_RESET_HOLD_NAE_EVENT; ret = kvm_emulate_ap_reset_hold(vcpu); break; case SVM_VMGEXIT_AP_JUMP_TABLE: { @@ -3153,15 +3177,31 @@ void sev_vcpu_deliver_sipi_vector(struct kvm_vcpu *vcpu, u8 vector) return; } - /* - * Subsequent SIPI: Return from an AP Reset Hold VMGEXIT, where - * the guest will set the CS and RIP. Set SW_EXIT_INFO_2 to a - * non-zero value. - */ - if (!svm->sev_es.ghcb) - return; + /* Subsequent SIPI */ + switch (svm->sev_es.ap_reset_hold_type) { + case AP_RESET_HOLD_NAE_EVENT: + /* + * Return from an AP Reset Hold VMGEXIT, where the guest will + * set the CS and RIP. Set SW_EXIT_INFO_2 to a non-zero value. + */ + ghcb_set_sw_exit_info_2(svm->sev_es.ghcb, 1); + break; + case AP_RESET_HOLD_MSR_PROTO: + /* + * Return from an AP Reset Hold VMGEXIT, where the guest will + * set the CS and RIP. Set GHCB data field to a non-zero value. + */ + set_ghcb_msr_bits(svm, 1, + GHCB_MSR_AP_RESET_HOLD_RESULT_MASK, + GHCB_MSR_AP_RESET_HOLD_RESULT_POS); - ghcb_set_sw_exit_info_2(svm->sev_es.ghcb, 1); + set_ghcb_msr_bits(svm, GHCB_MSR_AP_RESET_HOLD_RESP, + GHCB_MSR_INFO_MASK, + GHCB_MSR_INFO_POS); + break; + default: + break; + } } struct page *snp_safe_alloc_page(struct kvm_vcpu *vcpu) diff --git a/arch/x86/kvm/svm/svm.h b/arch/x86/kvm/svm/svm.h index 7f1fbd874c45..eecb2b744d79 100644 --- a/arch/x86/kvm/svm/svm.h +++ b/arch/x86/kvm/svm/svm.h @@ -197,6 +197,7 @@ struct vcpu_sev_es_state { u8 valid_bitmap[16]; struct kvm_host_map ghcb_map; bool received_first_sipi; + unsigned int ap_reset_hold_type; /* SEV-ES scratch area support */ u64 sw_scratch; From patchwork Sat Dec 30 17:23:29 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Roth X-Patchwork-Id: 13506948 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id C6AEAC47073 for ; Sat, 30 Dec 2023 17:26:14 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 5E2916B0127; Sat, 30 Dec 2023 12:26:14 -0500 (EST) Received: by kanga.kvack.org (Postfix, from userid 40) id 591C46B012C; Sat, 30 Dec 2023 12:26:14 -0500 (EST) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 40ACC6B012F; Sat, 30 Dec 2023 12:26:14 -0500 (EST) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0017.hostedemail.com [216.40.44.17]) by kanga.kvack.org (Postfix) with ESMTP id 2E2ED6B0127 for ; Sat, 30 Dec 2023 12:26:14 -0500 (EST) Received: from smtpin29.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay10.hostedemail.com (Postfix) with ESMTP id EF729C0A00 for ; Sat, 30 Dec 2023 17:26:13 +0000 (UTC) X-FDA: 81624163026.29.DA450D6 Received: from NAM12-MW2-obe.outbound.protection.outlook.com (mail-mw2nam12on2065.outbound.protection.outlook.com [40.107.244.65]) by imf21.hostedemail.com (Postfix) with ESMTP id 037E21C0021 for ; Sat, 30 Dec 2023 17:26:10 +0000 (UTC) Authentication-Results: imf21.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b=NBQZU7Vc; arc=pass ("microsoft.com:s=arcselector9901:i=1"); dmarc=pass (policy=quarantine) header.from=amd.com; spf=pass (imf21.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.244.65 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com ARC-Seal: i=2; s=arc-20220608; d=hostedemail.com; t=1703957171; a=rsa-sha256; cv=pass; b=Af/tSgYBjmpuBUXDUub1kF/yorg6sFsEWtctQo+ifPqkcE7Pz5s4bZPqv6pxontlUBQblE y3VHqsg3sN3w53C7iFHF3lrTFXGsxaNQ2PjlHc1MDyGgD/iOZRNt0PClV4PRiMyoRgimIC YlgDim6laFk0li2TSmj6oMteB2zsgZ0= ARC-Authentication-Results: i=2; imf21.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b=NBQZU7Vc; arc=pass ("microsoft.com:s=arcselector9901:i=1"); dmarc=pass (policy=quarantine) header.from=amd.com; spf=pass (imf21.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.244.65 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1703957171; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=2RVrwGGLj4xe2sLdaXtOuRwJrX3AUVc/sPFfImKyRLo=; b=r4p68Vrl/+KgevxXpSUH3hYRthHjP9h8mmjz5c50jx7nQWsYnKZvzXPvBXlzrBEimcTq8g 05XDY8/ZLeKrh/1Ska9HiZb3m/G2W4FOuOsIhJ/oYQCiIhxyWde6kjun96tJ11W1RQW5Rn OTlzi12p2WBe8qlSY03wBUWIey1hCeM= ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=F8vhlaJePMPsr5E9I8HPkyl+tZuBw0TEmS5WA+6LUOmxJna5BbxvtTDC8cwuxDMjh6TnUA+iNOCoOCQnUXPX3ykdZ+hqe9a9ot4sJsDG9BmF90foARyG/QDZNBjaDbSPJIq+vDTpFN9ECbnD3e8i/dgUs+gYxV+Rm7t2cuELt4fht8PQMU4NU3zmmPCZb9JDOiGdXWNdDBsshkKRIda3bhtYEIYjcPzWM/Y/j3IuLzO6l01YOKO1S1T+zcXs4MNB/qPFMKjL/N576X0BUWkQiOXJWFoRXyAi5yfWupub7sx9kKT5mUcbU/QS14e6EMZIdEpv7tcVWCBC7nTSJHFRQA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=2RVrwGGLj4xe2sLdaXtOuRwJrX3AUVc/sPFfImKyRLo=; b=U6PBiPTYBl7uEH6538mWZOLg008zUlUy0nfm+C94DaqJX3DC2UdyFrbLKYwdj9piFODgicmCq0tUyy7xZM+NyLbbUrq2dbkjKHOor486SvMqHDZFZscdzQ5OjWGrW2ZeVg0cy5yv+R9s1ZqvV0+ZlnGJCSYbTAjSYe0tCafYjogIQKeWOj13KkJkw505IhzJ2okBYyw6i4SWmIAZpdHPs0bmZdKU0bmFXCoTKV9uARkDbaTxdJafTdQCingrsKNT60Frsrt18xsKo3cyCdbPXuZHMtzab9Y2pi0O+6WzZ/5QjhkXnXJCy5vy8o38lo6QnQ2+LGDBY7VL5iPBt4pwIA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none (0) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=2RVrwGGLj4xe2sLdaXtOuRwJrX3AUVc/sPFfImKyRLo=; b=NBQZU7VcmN0jOnE1+VpmQL0NG9K3UorJ975ltT1uUy9emYeLXAwLNwevdkKtmobLtu2HXtS1/0QMKlWj6bpxGt4blMxeNBBcR51o39mTS0GXJvdE7E0XpjKkmW0PdBu30OMQ6JPqqVQ4whfKOiUmJhR9fk0q7HXf5zPWRY5szEM= Received: from MN2PR15CA0018.namprd15.prod.outlook.com (2603:10b6:208:1b4::31) by DM4PR12MB5343.namprd12.prod.outlook.com (2603:10b6:5:389::17) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7135.22; Sat, 30 Dec 2023 17:26:05 +0000 Received: from MN1PEPF0000ECDA.namprd02.prod.outlook.com (2603:10b6:208:1b4:cafe::7a) by MN2PR15CA0018.outlook.office365.com (2603:10b6:208:1b4::31) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7113.27 via Frontend Transport; Sat, 30 Dec 2023 17:26:05 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by MN1PEPF0000ECDA.mail.protection.outlook.com (10.167.242.134) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.7159.9 via Frontend Transport; Sat, 30 Dec 2023 17:26:05 +0000 Received: from localhost (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.34; Sat, 30 Dec 2023 11:26:05 -0600 From: Michael Roth To: CC: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , Brijesh Singh Subject: [PATCH v11 13/35] KVM: SEV: Add GHCB handling for Hypervisor Feature Support requests Date: Sat, 30 Dec 2023 11:23:29 -0600 Message-ID: <20231230172351.574091-14-michael.roth@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20231230172351.574091-1-michael.roth@amd.com> References: <20231230172351.574091-1-michael.roth@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: MN1PEPF0000ECDA:EE_|DM4PR12MB5343:EE_ X-MS-Office365-Filtering-Correlation-Id: 9caab47c-5e8b-4698-b86f-08dc095c676b X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: xgDdBeLqhaDTBjrZShZVY6RgaPNpFjQLJxcJ7CDVaREERQ3OI5/AHP601bnNhFBjJ3owssLAcqA2gjTKlzTxhnnKoy3qnh3Vpo8IuXiMaIjmlenumXEn8ymTytsuoQDN7JZQx4ISxTl/SFGPPME38KTkoIRhTXNBXHGaOQBjnbSPvhIW+Xqyi3Fjcpja9HpUMrMGN+RIQltXiBDPhcGpBh/FExXuhjNrI2gL23cUtmFvj7vv/7Qzkl10UI0pENPabnQsFmLXiW57u5likMC18ncKBthWp6TJxFLnkVmx9alED6m8BMMPOlr9okKNWmy8O9GJ1IyGeHceoMAJwG6m9nHH4uU0Ak/H4fXp0ptRH3vRdDEn+HdYx0xwxixZTRc97aDpQJcWFnGln9o8L8n7HoPvBoNm8Yg3hSIGH4F36J5wJqb0X0CGVd3hh8LfmHzDqmczmvxyYZ+rZEEFcrDQAISp/MGQtS4I+PxO4rcD8XFeXxy6Wo/haOzEil/o40LN3Px5qZbE9lxlyo2I6HajI82hWCpNNNoy5KPmEt/ImuH7ebYeM41PwSCq2DfGPq+v+JewiXzb0fgj2zg2GuVeGqf2L127xVn2H5Hq/vmSfY6d777cVE86wpzqyNZN7o4/+Gz2tuIfrhqGoRkeV5CCzhH7biwF63IT7CYegmTIsThnfz63nNO6pFYVHlb3qGVQITw3JRpGbBZeuzfS23q2a71kbPoYnhKV8jXwBxEm2xCyyAzvGBrQzOvVmpYJPPzLztr2QH4z+QbSVwduQL0bGA== X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230031)(4636009)(396003)(39860400002)(136003)(376002)(346002)(230922051799003)(186009)(451199024)(1800799012)(64100799003)(82310400011)(36840700001)(40470700004)(46966006)(36860700001)(82740400003)(81166007)(356005)(41300700001)(36756003)(54906003)(44832011)(40480700001)(1076003)(70206006)(86362001)(336012)(8676002)(6916009)(83380400001)(8936002)(2616005)(16526019)(26005)(4326008)(426003)(70586007)(316002)(2906002)(47076005)(6666004)(5660300002)(478600001)(7416002)(7406005)(40460700003)(36900700001);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 30 Dec 2023 17:26:05.6053 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 9caab47c-5e8b-4698-b86f-08dc095c676b X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: MN1PEPF0000ECDA.namprd02.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM4PR12MB5343 X-Rspam-User: X-Rspamd-Server: rspam06 X-Rspamd-Queue-Id: 037E21C0021 X-Stat-Signature: k8tzqjsqyj1t1qpzezxtxpe8hnmpkc75 X-HE-Tag: 1703957170-336260 X-HE-Meta: U2FsdGVkX1+1DtHDBs7KkpFP0SIt4M2c+TJxQTgDKVmhfv5jPHXke5T9gseNOpfzeoq+RBGim3xyaQjoLVGr5TaAjW1SuXDKJf6CExbuZcH5SkTqie4FduUooP4aOJ64yq3Z3jayjWKn10PlVEccmou6EFx8wxUHE87dEjU84wyh/RUwtTzLbTU/vn4ADLwzw7+tdPQ7Hdw55HcolTzZVOMWQOMo2vx/NZxmpr5I68gdFDzZOYyjqHKAsWivA2lsE9sJuh9t7iQcQLsiRabDSC2fxPavmBORKR9c7wX3VVi7YORXStchdcfT0miBLURsIGrLzf6dc+fgz3LMCEMAAvv0MuF2p6Aj3TY4eeP3LpZxqjOB+1nA/P70x8k6gXTDBOR7ySsmk8ZPkCJmwZLMriAvh5ZoaaMlP4softzv4MZKjQORH50EDKlLWJ8B6nC5/yPDhGjaKkCUJWl2VRGpkbUkVxsP6T+2NnDr3R4ctZg4TxvYjPVHsgOc9Sbw8h0mrqIrQ+WlgQU6T0Zh5PZBzxlrgUhAS37JPaQ2rj+r9MfhAlzyqNlafRQoquLhlSqduPQwXHeLAz7KxV+fHI5i6RwdwH1skMvevOTZCUP+MbdlNnhUXngSnY6cTl2v7FXFBPEdsL+E87kXwyPocpL708BOEOsfLygrcy7WUkT5yid6OF8CPCu2yXDrv8dJ9W0pz9MY18ii9QT/AH86EQDgmF0op05mr+w/mPzxdtK2H1u95Lj3i5x86Vi6a6wvjhe4Fh8ShlxHvAZJ6Ovnm5xzHyQpDABLu5yPaawg1nYCMZlaHBi+TiEuz8AanPpTV6ehrhTDGjQlETL73429YwpCEKLTolNZAAqLsU/I5K4Uehtln8WhXjNGCnZejkNgtvL+QlT0sGkHQr3f3ypKufRPQqihjH2TNWEdSvVBlIKXntnK+28tjwIoa05wgEtXYHrBmVpYJpCd5TneD09HEFh RGQKblMg v7gMPbXDTzoin5vFmNqXr7g9UwS6Nt/OAy+b79zv74pyo3aKNM0vd6KSgAZ6g9TEwN6tAJH7EYlEmkdp4vXmkWVUwRZ9iwqdWIjBIhmaY3CA9ri4vdQSM3n7gKPHGyr6KHP7R7LDv7wBa6E5lA0PR9py4d//yUGNix1HVLjTC2zawr874+ivOkkoVAwIl+3pr4Xs9WnDfN7EUem5naWbnLKmEDu1iOG3GWy+gpYY9NP6PteqZeCMGZ2kE9OT0ajjuWNZy/4aCajwKgMiB6PAM3OgKf8ZYry8aq7tv6vEWscSSitv6RvZvTqGzCjLI9Fx94mrGL688v74d/VZXZ0zWNU1IVXa1Kir2YvIKWOEoXvPmrjmpDjHOnYQ2+A== X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: From: Brijesh Singh Version 2 of the GHCB specification introduced advertisement of features that are supported by the Hypervisor. Now that KVM supports version 2 of the GHCB specification, bump the maximum supported protocol version. Signed-off-by: Brijesh Singh Signed-off-by: Ashish Kalra Signed-off-by: Michael Roth --- arch/x86/include/asm/sev-common.h | 2 ++ arch/x86/kvm/svm/sev.c | 12 ++++++++++++ arch/x86/kvm/svm/svm.h | 3 ++- 3 files changed, 16 insertions(+), 1 deletion(-) diff --git a/arch/x86/include/asm/sev-common.h b/arch/x86/include/asm/sev-common.h index 01261f7054ad..5a8246dd532f 100644 --- a/arch/x86/include/asm/sev-common.h +++ b/arch/x86/include/asm/sev-common.h @@ -101,6 +101,8 @@ enum psc_op { /* GHCB Hypervisor Feature Request/Response */ #define GHCB_MSR_HV_FT_REQ 0x080 #define GHCB_MSR_HV_FT_RESP 0x081 +#define GHCB_MSR_HV_FT_POS 12 +#define GHCB_MSR_HV_FT_MASK GENMASK_ULL(51, 0) #define GHCB_MSR_HV_FT_RESP_VAL(v) \ /* GHCBData[63:12] */ \ (((u64)(v) & GENMASK_ULL(63, 12)) >> 12) diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c index b09bdaed586e..d6e206d21750 100644 --- a/arch/x86/kvm/svm/sev.c +++ b/arch/x86/kvm/svm/sev.c @@ -2574,6 +2574,7 @@ static int sev_es_validate_vmgexit(struct vcpu_svm *svm) case SVM_VMGEXIT_AP_HLT_LOOP: case SVM_VMGEXIT_AP_JUMP_TABLE: case SVM_VMGEXIT_UNSUPPORTED_EVENT: + case SVM_VMGEXIT_HV_FEATURES: break; default: reason = GHCB_ERR_INVALID_EVENT; @@ -2834,6 +2835,12 @@ static int sev_handle_vmgexit_msr_protocol(struct vcpu_svm *svm) GHCB_MSR_INFO_MASK, GHCB_MSR_INFO_POS); break; + case GHCB_MSR_HV_FT_REQ: + set_ghcb_msr_bits(svm, GHCB_HV_FT_SUPPORTED, + GHCB_MSR_HV_FT_MASK, GHCB_MSR_HV_FT_POS); + set_ghcb_msr_bits(svm, GHCB_MSR_HV_FT_RESP, + GHCB_MSR_INFO_MASK, GHCB_MSR_INFO_POS); + break; case GHCB_MSR_TERM_REQ: { u64 reason_set, reason_code; @@ -2958,6 +2965,11 @@ int sev_handle_vmgexit(struct kvm_vcpu *vcpu) ret = 1; break; } + case SVM_VMGEXIT_HV_FEATURES: + ghcb_set_sw_exit_info_2(svm->sev_es.ghcb, GHCB_HV_FT_SUPPORTED); + + ret = 1; + break; case SVM_VMGEXIT_UNSUPPORTED_EVENT: vcpu_unimpl(vcpu, "vmgexit: unsupported event - exit_info_1=%#llx, exit_info_2=%#llx\n", diff --git a/arch/x86/kvm/svm/svm.h b/arch/x86/kvm/svm/svm.h index eecb2b744d79..d0f8167ada7c 100644 --- a/arch/x86/kvm/svm/svm.h +++ b/arch/x86/kvm/svm/svm.h @@ -665,9 +665,10 @@ void avic_refresh_virtual_apic_mode(struct kvm_vcpu *vcpu); /* sev.c */ -#define GHCB_VERSION_MAX 1ULL +#define GHCB_VERSION_MAX 2ULL #define GHCB_VERSION_MIN 1ULL +#define GHCB_HV_FT_SUPPORTED GHCB_HV_FT_SNP extern unsigned int max_sev_asid; From patchwork Sat Dec 30 17:23:30 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Roth X-Patchwork-Id: 13506949 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 12A47C46CD2 for ; Sat, 30 Dec 2023 17:26:35 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 9B28B6B017E; Sat, 30 Dec 2023 12:26:34 -0500 (EST) Received: by kanga.kvack.org (Postfix, from userid 40) id 93AD86B017F; Sat, 30 Dec 2023 12:26:34 -0500 (EST) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 7B3FE6B0180; Sat, 30 Dec 2023 12:26:34 -0500 (EST) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0015.hostedemail.com [216.40.44.15]) by kanga.kvack.org (Postfix) with ESMTP id 68E336B017E for ; Sat, 30 Dec 2023 12:26:34 -0500 (EST) Received: from smtpin13.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay08.hostedemail.com (Postfix) with ESMTP id 3C2C01409C2 for ; Sat, 30 Dec 2023 17:26:34 +0000 (UTC) X-FDA: 81624163908.13.02BCBDD Received: from NAM04-MW2-obe.outbound.protection.outlook.com (mail-mw2nam04on2078.outbound.protection.outlook.com [40.107.101.78]) by imf20.hostedemail.com (Postfix) with ESMTP id 439391C000C for ; Sat, 30 Dec 2023 17:26:31 +0000 (UTC) Authentication-Results: imf20.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b=ZxZCdnGa; dmarc=pass (policy=quarantine) header.from=amd.com; arc=pass ("microsoft.com:s=arcselector9901:i=1"); spf=pass (imf20.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.101.78 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1703957191; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=cV0nolCtMFnjjNeXYaYl/BW5dCPmq0Y3knu7gIz0vWQ=; b=W+SFDmTC6e++VM0L/klTro+E42GZTOAEjHqfeL3gvB1PhL7C2o8zosnD6FSxgCbDM6yYlY YKesXs0ql6uP0MX118oG/hI0NPEtJLrB/i777Cy8gY3mHHcaoSFNFIIlQgdY4fCgseBXRK gsWBw4HwzamOKG0EIJbuEC1RUOmonH0= ARC-Authentication-Results: i=2; imf20.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b=ZxZCdnGa; dmarc=pass (policy=quarantine) header.from=amd.com; arc=pass ("microsoft.com:s=arcselector9901:i=1"); spf=pass (imf20.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.101.78 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com ARC-Seal: i=2; s=arc-20220608; d=hostedemail.com; t=1703957191; a=rsa-sha256; cv=pass; b=V2HxyEa9/Lo/ATI7+B1tEO6nwaP+xf80FyaWUbxE7ItVsz5uHwK3YxWaUAAeTeCLrqkn5l OFsVr7RiMHTH8l6PhELuKOGPrPExf5NkHy82tg2qlQTXR7oFICPMf0KkOg7uoSX4iLQZX5 +PT8RVtbiCSoWuMD6T3BtYpSGTyHN14= ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=XV0HuVHsBcxaHTzLmc0vQmdDu39G07TX/K3rXm1yIjRcZzMKMvcbCAsS7O5nuZbySAMABtsIrpO/h3cGpQkH5Gy65D5eBNmxEb1gbKoe9wU0x86xzUHTlkIE/b51DunKgMGyJ2Kmkh5SBJLvsuABGzEG9Qbq02mTWmgg9blzIBpCuw/Jy8Dz2yPdan2PckZyKSj+LuibSTrXFSEFIih/QjuqLyC5woPBLf8aqhe3V2gzANSoosT87seT/nnB7aQ4Bar2HpVUqP/ySF0R71WlqloqdKR5pV5K8KhhUJXIyi1l4IzcTM37G+lZ2or4r/M05f9Ovu+iuRUr8/WMV5cUDg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=cV0nolCtMFnjjNeXYaYl/BW5dCPmq0Y3knu7gIz0vWQ=; b=RSQGk4cM2l9/pq053im07F877vJs2raW41Fq4rhPLqsOKPFOgdlzbEMuf3kExmXiJHTF8hZdbvE3XQq6G39LcmVc9k7irkvxn8h/fp45V0uICpbdzH9gCVrvYijzjgYeeXu+zTPqGxu7/lhZgQ7kbsU5gAJ0nc9HXT7lbHBnVlAKnX3BLEa+4PQir0cuklnj2QzPnADUJlyVdEV4srtTkxvi4y+qHQ4ivj76yhzklkaW4oYbgBKYh0Uh4bPjh2qkXwXoyTLff4Sb1ZBHHauHMi3hfwiiPttDTs0huV2IiSIwBvYnZPwfPbaCb5HFzYOMiB2kLamSSc1N3vKExa7CEQ== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none (0) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=cV0nolCtMFnjjNeXYaYl/BW5dCPmq0Y3knu7gIz0vWQ=; b=ZxZCdnGaG2XB/SFEBBWK/4xVostqgm/aLBHWiTEKkZQJtt3xxy7bm6Uqfw1ZE9ZMZl22+oNiszd+KmoGsYId9n4pqfADbUka0S1U0fAz+h7kwetVPS4qUMwj4tg2irYzl+qDYSMzt4ItJJ1digbwbv0zMJ2L+4uIwolxO5IYaBg= Received: from MN2PR11CA0030.namprd11.prod.outlook.com (2603:10b6:208:23b::35) by MN2PR12MB4287.namprd12.prod.outlook.com (2603:10b6:208:1dd::11) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7113.28; Sat, 30 Dec 2023 17:26:26 +0000 Received: from MN1PEPF0000ECDB.namprd02.prod.outlook.com (2603:10b6:208:23b:cafe::d8) by MN2PR11CA0030.outlook.office365.com (2603:10b6:208:23b::35) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7135.20 via Frontend Transport; Sat, 30 Dec 2023 17:26:26 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by MN1PEPF0000ECDB.mail.protection.outlook.com (10.167.242.139) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.7159.9 via Frontend Transport; Sat, 30 Dec 2023 17:26:26 +0000 Received: from localhost (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.34; Sat, 30 Dec 2023 11:26:25 -0600 From: Michael Roth To: CC: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , Brijesh Singh Subject: [PATCH v11 14/35] KVM: SEV: Add initial SEV-SNP support Date: Sat, 30 Dec 2023 11:23:30 -0600 Message-ID: <20231230172351.574091-15-michael.roth@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20231230172351.574091-1-michael.roth@amd.com> References: <20231230172351.574091-1-michael.roth@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: MN1PEPF0000ECDB:EE_|MN2PR12MB4287:EE_ X-MS-Office365-Filtering-Correlation-Id: e497ca4e-70ac-4851-296a-08dc095c73cb X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: 4ZL8RVOM1q/JgccwwXeRna0n1zH+Q+cexopfT28R2J2+iedZGqI6Uc8ufZaAoZPdBc2EXqden56beDAAlhvwwVGyS3cWw8+HB+IAzXRRKsyqQZKXBpVKo/3kCDxBdwXXPEpca0MHKO3LjKgHylcqNoUD08lekBI5XIaI7PUDpA1Q1Tb34GdzFONrKpVYibohvV24apiDHv9RyavEchnx+GZ7WM7hNkcNoktIIvN4AlRR+h3Mi7LatBUeJorvGAcRL2sFeYvQkcrxZFgcqwLA3pj/kV4u6bDP/Bbm3UGmB63UwROtqfF7XTi8QK475/fh2CSodVP16uZSGvNMQnZCX7G3GjXuBi3McQrWCwcNlzapEmfA6Dj3b9Tnk43//BIHfhkY5iKy/2Wv6WH2cAEbiE5g22qRpDgxcVGwAVj18bUMUyNYw1uDEbD6u3+RWPwF2Gsc0iOQOt5QWXTyt6Pp7rzrmp0iGFLTCCmEF16KeAe0WLVOiDNE+FhAb6I3BDa5WYykJ4/1VQY/B28mVNGeGqUo/4YrjjpGq/MoSO5sQ/Gd+JyKAxPxkE0cNV4F2119sqHsOFGQlSERS7nAgiISpsnuxpGxQRkDwgq5l3xKspTXa2nI+HzKp8BEI7bcLXtB7gWx6s+8+n1pJcUgeRgEGM+TXpjWyWBPG1umGNPz5nJbO0GbQ1rOcIwSOixh/pBiiCPEnJTEC4yMY24jezxcctSPSwypA+TxFBFcdPfSre2lcwc2VYFbF8S5D1nHIqK2na1zqbDqFFdzrUf4cV6GRA== X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230031)(4636009)(376002)(396003)(136003)(39860400002)(346002)(230922051799003)(451199024)(186009)(1800799012)(64100799003)(82310400011)(46966006)(40470700004)(36840700001)(2906002)(4326008)(8936002)(8676002)(83380400001)(1076003)(7416002)(16526019)(26005)(5660300002)(7406005)(336012)(426003)(44832011)(356005)(81166007)(2616005)(36860700001)(40460700003)(6666004)(478600001)(40480700001)(47076005)(36756003)(86362001)(82740400003)(316002)(54906003)(70586007)(41300700001)(6916009)(70206006)(36900700001);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 30 Dec 2023 17:26:26.3478 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: e497ca4e-70ac-4851-296a-08dc095c73cb X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: MN1PEPF0000ECDB.namprd02.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: MN2PR12MB4287 X-Rspamd-Server: rspam09 X-Rspamd-Queue-Id: 439391C000C X-Stat-Signature: 97b13jszhreh48eko18d45wccraumptx X-Rspam-User: X-HE-Tag: 1703957191-768319 X-HE-Meta: U2FsdGVkX1+9LVGkKB+K5FOkXfyFJfko0CSw4/D3lcDM9913l575CRfT04sE4P0eTvcVC70rVOnfPr9+0ATIBAFl5QVjB6azZfHIK4GMrD0mJTa7kvSlfSSZB/k6BEidahAu7lkFO5ZqgRY97Xtl/Km582DCZ2f+JKJ3kDcw1ijp0Uuq8CeJhWFB8Be2cbhgj/gk0q7RBRpKpi/RXHCSE2BgHvldIVrWiCR5Z6mY84ePgxbvuEU14L+NCOFtnxH4Jv0uCTSrQc/JFhAg72txXQ20D5I5fu1a4CcUePoI6MXvwK33+blAKkouhYrsHW4rjjRT4rOQKhc8XFQNzgNJE9DIT/ZxY5JNeUKNSs+4H9CUdYEzljBv5THBrNoSDFsu7iFqFPdgkLaonm6Xr/mS01k1ZkT0LHJr7dNKyhdvdbUpwuIsRhm07u33v2X4IuE9ToIeI9zyWbXpzb871zhxDAvvF3hnRwyJVQYBLSL6EVbk9Bfpef1VxFaLIlJ5wstxLQ3jxtwMGeTrm11jxhLV2QhGVBKjm2i2iqGD7UAdDxUGEMGBL7iHa2PPLPHOs42Uq3E+CCCtpg/rTsN9TDA07XPODrk3UHwU3iyg4+7uu8lCpeAKM4LVGxPrtHr+7izeSZ9QFbliHtydROrp3qJ4Q0GLXqVzkjPCzyseLEtFaLpoBz/ApatNYD+0kddWCgvTMcV33/DE0MhuBK4cKHJOGbGIADyBZse6LPglKr/shBHrf6YPvJFLQG1+lcuhuvBM0UU+mkCSkI5OYJY7j/8iVSm5iAtRpx7ESTsBoCjBanQrGr/YHlo+EWihz1A9wiMVmTFoxaKKMVveBGPlccmoFOoCYVLVsjjq7cF6FT5/ebtffxFKDaBxMWd8aw2MC2hq/nOc3IJjXZN8FZDSYL3nW/U67buv+UyL6v31uucgNrhEYri+TBMly3o6POUJ2Df7VCCqjFi+f/144s9fZ6c qIyeE1ub 0iTTvapv+JOhFCCiz/9LzyDlAO6yIz9JoAgC5U83weDd8tCx+vAyLd/PcSqCYl0JQw0i/xHsmTQBDBE7Rc+E60/Evdg1+368cmtzR4WLl8Hz69pQaEm8FR3EM3xxh7+8SYnfvb6Eujvof6HxeaTwSs3V4c2iauPqVzQFa6X9BhXs4LDkPmps8STNizyFkUTG1OmbWDLV8eRdwj63vBZwyBj86Fv/fgU39xdeCbmbL6FXv2LNpfFRZqRoQa6I95Sl/zwFEMGc0DTTVdZtqxujcShqyKtHg69ZQOUDbrtgxMovDS+eB+8CIFlhegaDM0371zcnpKF3eNkwRSFdqt2dBwg0u3HnL6gBCIf0co75SO8OQE2CU7vWp2aXeSg== X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: From: Brijesh Singh The next generation of SEV is called SEV-SNP (Secure Nested Paging). SEV-SNP builds upon existing SEV and SEV-ES functionality while adding new hardware-based security protection. SEV-SNP adds strong memory encryption and integrity protection to help prevent malicious hypervisor-based attacks such as data replay, memory re-mapping, and more, to create an isolated execution environment. Implement some initial infrastructure in KVM to check/report when SNP is enabled on the system. Signed-off-by: Brijesh Singh Signed-off-by: Ashish Kalra [mdr: commit fixups, use similar ASID reporting as with SEV/SEV-ES] Signed-off-by: Michael Roth --- arch/x86/kvm/svm/sev.c | 10 ++++++++++ arch/x86/kvm/svm/svm.h | 8 ++++++++ 2 files changed, 18 insertions(+) diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c index d6e206d21750..18c09863377b 100644 --- a/arch/x86/kvm/svm/sev.c +++ b/arch/x86/kvm/svm/sev.c @@ -59,10 +59,13 @@ module_param_named(sev_es, sev_es_enabled, bool, 0444); /* enable/disable SEV-ES DebugSwap support */ static bool sev_es_debug_swap_enabled = true; module_param_named(debug_swap, sev_es_debug_swap_enabled, bool, 0444); + +static bool sev_snp_enabled; #else #define sev_enabled false #define sev_es_enabled false #define sev_es_debug_swap_enabled false +#define sev_snp_enabled false #endif /* CONFIG_KVM_AMD_SEV */ #define AP_RESET_HOLD_NONE 0 @@ -2189,6 +2192,7 @@ void __init sev_hardware_setup(void) { #ifdef CONFIG_KVM_AMD_SEV unsigned int eax, ebx, ecx, edx, sev_asid_count, sev_es_asid_count; + bool sev_snp_supported = false; bool sev_es_supported = false; bool sev_supported = false; @@ -2267,6 +2271,7 @@ void __init sev_hardware_setup(void) sev_es_asid_count = min_sev_asid - 1; WARN_ON_ONCE(misc_cg_set_capacity(MISC_CG_RES_SEV_ES, sev_es_asid_count)); sev_es_supported = true; + sev_snp_supported = sev_snp_enabled && cpu_feature_enabled(X86_FEATURE_SEV_SNP); out: if (boot_cpu_has(X86_FEATURE_SEV)) @@ -2277,12 +2282,17 @@ void __init sev_hardware_setup(void) pr_info("SEV-ES %s (ASIDs %u - %u)\n", sev_es_supported ? "enabled" : "disabled", min_sev_asid > 1 ? 1 : 0, min_sev_asid - 1); + if (boot_cpu_has(X86_FEATURE_SEV_SNP)) + pr_info("SEV-SNP %s (ASIDs %u - %u)\n", + sev_snp_supported ? "enabled" : "disabled", + min_sev_asid > 1 ? 1 : 0, min_sev_asid - 1); sev_enabled = sev_supported; sev_es_enabled = sev_es_supported; if (!sev_es_enabled || !cpu_feature_enabled(X86_FEATURE_DEBUG_SWAP) || !cpu_feature_enabled(X86_FEATURE_NO_NESTED_DATA_BP)) sev_es_debug_swap_enabled = false; + sev_snp_enabled = sev_snp_supported; #endif } diff --git a/arch/x86/kvm/svm/svm.h b/arch/x86/kvm/svm/svm.h index d0f8167ada7c..a3e27c82866b 100644 --- a/arch/x86/kvm/svm/svm.h +++ b/arch/x86/kvm/svm/svm.h @@ -79,6 +79,7 @@ enum { struct kvm_sev_info { bool active; /* SEV enabled guest */ bool es_active; /* SEV-ES enabled guest */ + bool snp_active; /* SEV-SNP enabled guest */ unsigned int asid; /* ASID used for this guest */ unsigned int handle; /* SEV firmware handle */ int fd; /* SEV device fd */ @@ -341,6 +342,13 @@ static __always_inline bool sev_es_guest(struct kvm *kvm) #endif } +static __always_inline bool sev_snp_guest(struct kvm *kvm) +{ + struct kvm_sev_info *sev = &to_kvm_svm(kvm)->sev_info; + + return sev_es_guest(kvm) && sev->snp_active; +} + static inline void vmcb_mark_all_dirty(struct vmcb *vmcb) { vmcb->control.clean = 0; From patchwork Sat Dec 30 17:23:31 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Roth X-Patchwork-Id: 13506950 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 9F51BC46CD2 for ; Sat, 30 Dec 2023 17:26:55 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 2FC7D6B0148; Sat, 30 Dec 2023 12:26:55 -0500 (EST) Received: by kanga.kvack.org (Postfix, from userid 40) id 283556B014A; Sat, 30 Dec 2023 12:26:55 -0500 (EST) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 0AEC46B0149; Sat, 30 Dec 2023 12:26:55 -0500 (EST) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0012.hostedemail.com [216.40.44.12]) by kanga.kvack.org (Postfix) with ESMTP id EA1056B0135 for ; Sat, 30 Dec 2023 12:26:54 -0500 (EST) Received: from smtpin30.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay10.hostedemail.com (Postfix) with ESMTP id ADC4DC0A0F for ; Sat, 30 Dec 2023 17:26:54 +0000 (UTC) X-FDA: 81624164748.30.28DB4FD Received: from NAM10-BN7-obe.outbound.protection.outlook.com (mail-bn7nam10on2053.outbound.protection.outlook.com [40.107.92.53]) by imf09.hostedemail.com (Postfix) with ESMTP id C08EC140011 for ; Sat, 30 Dec 2023 17:26:50 +0000 (UTC) Authentication-Results: imf09.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b="ghD/ytMb"; dmarc=pass (policy=quarantine) header.from=amd.com; arc=pass ("microsoft.com:s=arcselector9901:i=1"); spf=pass (imf09.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.92.53 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1703957210; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=NvaO1Gf3fjP+sj6QpMn7AJa5hldQPwteKxYTA1dD8gs=; b=fL20TqSFSG/2W8OMcOMZTU77e43nj12NWiWyymmsfsKjUJuNGbq6Y4uvK5lyfBBJA5YG7i fONLooyG9+Znjl6sVefrYODecclSr9YcbqJjPH95Q7IcuybFmuZ80GJ/eoqKYvomo0vZMS 5ScKx4WzulMPMm87Xp0h907odAtksZI= ARC-Authentication-Results: i=2; imf09.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b="ghD/ytMb"; dmarc=pass (policy=quarantine) header.from=amd.com; arc=pass ("microsoft.com:s=arcselector9901:i=1"); spf=pass (imf09.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.92.53 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com ARC-Seal: i=2; s=arc-20220608; d=hostedemail.com; t=1703957210; a=rsa-sha256; cv=pass; b=hxllEa+fyysBs13tHKvdkFepKTI+6M7nk97tz7D2vCdFHZ38EoDrv/OwKm6xtZgOGGUKU+ gqYYNIsaszn2F/8KhoZumk+dR1hiyjJCib8SBORW0Am76WHUcy9Wtsgc4oZy+q3eIL4gjw n5X8BH0MfCECffsLlKlRsiWCPgQaSiA= ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=XOOQBoSDaS2i9M/e0MmJJc6geprrKt0CAXVE9m/csAxYyvfSk6a5qLmUTGcplCgvV3q8aAsxyKif7Rg/Ijxj9hdx975SNkvCDjn4WSgDwdVkljyKWekYF6J1iZp5UUPv2jD5kjhDFf3MjDK/13K2AbVIwzY35btjWNZfkEu5DNyEyvuo2IWkHzUabjjobO76J+b9AY9xdD9Xu+PpfBvO0w5DYSjIYn8KRaH69m0K14B8a8yl+RZ1UM9PmOWLxpFLijS88g+9Osgb59OYOhbPNVXcJ7tPw6xR/YX9K4yh9cGDWJ9Tbc9PQ8ONIdwM1pLbucknJ/mpIzr/sKn2fVcHdQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=NvaO1Gf3fjP+sj6QpMn7AJa5hldQPwteKxYTA1dD8gs=; b=KJ0zxmVdSyr0Sol5TIBBJKc3P8mYnvVcZJnBVTN3JPlsSZYq+FAZ3aPDbelBX+XLhmb8k4OkvDbghMCvDOwqtwhA4R8y+VreHhgT6UeUYCOWbOQtDzBDdLX7p5q2kQEM8GLfs93dXmNB3QfIpTuiHJ/+8KMaxwqRC8qM9a+kzrFXZgdaGmSIWrNWnrcXPP8Cr7bOQgbcz9/hkOWWePGCXoyZ149LlrBwIRwT9pa1lYc39dMZE3jol1SqHhdcmJAoqLNuxYuonOLUnuz/Cs3EucIQ2Z4OhLLSkqIEC7CWwK7NwTvpDJDPUj9kadeIcyuHLnU4F1mj8edOUmg9B9dAVw== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none (0) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=NvaO1Gf3fjP+sj6QpMn7AJa5hldQPwteKxYTA1dD8gs=; b=ghD/ytMbYDgNGvtX4Gxh8gkkG5cfIwF9qz91+yQFg+YivayYftCiJ9c+B0ODV7iT+iujzOrDkqfUDKWiMLfn4L21eBgdniU/rJ2eZvi+1DcNuHeWZD39jzA1cNmNeev21g9ujtkQ/C+HoiLnxxYUmyiIX8zDWt3kPtN+pUqR3rc= Received: from BLAPR03CA0178.namprd03.prod.outlook.com (2603:10b6:208:32f::32) by LV8PR12MB9333.namprd12.prod.outlook.com (2603:10b6:408:1fa::21) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7135.22; Sat, 30 Dec 2023 17:26:47 +0000 Received: from MN1PEPF0000ECD6.namprd02.prod.outlook.com (2603:10b6:208:32f:cafe::24) by BLAPR03CA0178.outlook.office365.com (2603:10b6:208:32f::32) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7135.20 via Frontend Transport; Sat, 30 Dec 2023 17:26:47 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by MN1PEPF0000ECD6.mail.protection.outlook.com (10.167.242.135) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.7159.9 via Frontend Transport; Sat, 30 Dec 2023 17:26:47 +0000 Received: from localhost (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.34; Sat, 30 Dec 2023 11:26:46 -0600 From: Michael Roth To: CC: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , Brijesh Singh , Pavan Kumar Paluri Subject: [PATCH v11 15/35] KVM: SEV: Add KVM_SNP_INIT command Date: Sat, 30 Dec 2023 11:23:31 -0600 Message-ID: <20231230172351.574091-16-michael.roth@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20231230172351.574091-1-michael.roth@amd.com> References: <20231230172351.574091-1-michael.roth@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: MN1PEPF0000ECD6:EE_|LV8PR12MB9333:EE_ X-MS-Office365-Filtering-Correlation-Id: 87b25a2e-5618-45eb-651e-08dc095c8036 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: CSkg04oOoKxMzMw+bohGzZ6b2sG8YMXN2ClWKGht6gTc6Q77ID0JfYU6LAcuKpBcdYvySOeXZc5nyK5ctFWH/EZj8t3n6H1t2wFYrtZ/svhg+OW3vuNUl37+iD6s8riRz8p6TS1FuJrLVzqYEO5J9ga/GY1uwnahmaJQMkhDGfg19YvFObDlc+DGOY0krFNaz+pzAKqie3d9TPv7x2BVMquzvRQtQhPjmBuy0tjASS5w+lMltACghoKFY6hieYHFBjVhxWPti7sgRVi7Ftcu2rIfxU1WWmbvcU+U4Tqpyz//6jRvX3EdJ3T/HHn0w+bPYn3LkGWNLq0iFvlXaOv5FI3KY//LwPx/4NRixp/WlLMSf+bYbAXe0GqwD25eLn1rIaFshi6d1Za36si7+mBMmIXclAwDdfmsUVqOH5RAQ4vS3i135nMwImjktlFcmpff56BKlSOojCNFmBd0K7pQKQwC45IVFZ5zrkZSYZUv6Np2DQHJ9QRKbBqvD0okgUAL35/Xzh8PSXQBqFdWLWtcCIoYIN2KDS4cvMG2bLZMomytJlvEOKFC43Gsc4lscT8rkwVEDwsYNtuHsWnj96EJpjov7KwLbGUQMtlfViAmgJMBw6V+cVHX6b1M3THrp/5ajEDte1mEX8z/DMgM3UBvBqR+dt0OWfMUCAtdQwCHdQ8R3SBAFEauW8iDYeY2Twf2IIqBE7rf1ZtTKsh3IzFxV2oVg2/yT0utcfDEFkGDzT0GLkrDKyjpKEKz5o++SXOp65C/vRHgYO424NH4JuMCiw== X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230031)(4636009)(346002)(136003)(39860400002)(396003)(376002)(230922051799003)(1800799012)(451199024)(64100799003)(82310400011)(186009)(40470700004)(36840700001)(46966006)(40480700001)(40460700003)(336012)(426003)(16526019)(2616005)(26005)(83380400001)(1076003)(86362001)(81166007)(36756003)(82740400003)(356005)(47076005)(4326008)(44832011)(5660300002)(7416002)(7406005)(6666004)(36860700001)(54906003)(8936002)(8676002)(70586007)(70206006)(316002)(6916009)(2906002)(41300700001)(478600001)(36900700001);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 30 Dec 2023 17:26:47.1988 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 87b25a2e-5618-45eb-651e-08dc095c8036 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: MN1PEPF0000ECD6.namprd02.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: LV8PR12MB9333 X-Rspamd-Server: rspam09 X-Rspamd-Queue-Id: C08EC140011 X-Stat-Signature: awjgembobegucad8jd4j9ho54kw3a7zg X-Rspam-User: X-HE-Tag: 1703957210-744031 X-HE-Meta: U2FsdGVkX18SC2ZEL6rkqhAsskOvPyoT76rtoXzruT7IDrC5Ypxl76j9sCGQu/qKFUsY0ybHGg0iDXlNJqLOHaDLpqZbf53rpiWoY5uhsSV8JVz/v6GP8hFj6Dq9ZTEUdwtBdWBNNJOPUeyTB0UlHOWAdJi8ffoPVuePOs6ZSBKCjTfZGyiN3JUTeh2zH11eZ6I533AwdpyvnRqDzNUuvkblZ2+Z7o2+X5/DPyBA+MI7GPw5qxV/WIHeOhGnPhoi435p6+G0r/OB0HN4HWd7Ien1RWGFOFh2zZ/SIUfaXLbdMe6q8mh516tSS6N4f5wk/qjpo1tRTpr13E1nXI1ha8SsCTNaWOFb9Ecig7KMNkN2J7sdBMoTg6KgL2EDkzRSX4pGKk5tkV29Ila5ZFqccO8H6XUQzQzdHK1dNSKjHIj3QaSOavbcruH93M6c00iOcwWJjErVtUSJm0280LjG96l2589BCC7jlI71xYk8NuY3XRkPJ+IOfhPx4yjvRB1HzZMOjWcf86idvJcRTMKvjdMDeV7U/pdNCDXQasSg+CRHAjuwP07cggwRQYaEUVp040imvKm5oZ52vlGA+p22OubVjEguo6htiYsLu2qVCBMhDJXL8blTXTyvQcZI8y1MIsbf0jPdwlG3qxWSZbkrOvr90gtQYXRGhB6l5VgdEXV6NnvvvWhgyzA6ZJ56zxJzlzDkxKk1MruKY3CBgy8yMzLnaTpj9OJfIzTsRh643CWpeka/yrNsixBXXCh4Nm/3ZQ3dwd48ZdqYC5DayMt2lRApl0YWxPK1WpTt+hibbdzuMKTF+VnxLi2Wz0vr7L+aJkACD9olNURYyBeA84ihzKYkuqssTK4WgewRNnpje4f8OT0Cpk8+yMJIK9qaGLSO1eDDDO36/6kNydwnCgx4p3TAw++KjuErOzAQomFpLMbi2WK376mxqpS8y1z2hASPLB2a+o81gGJhoA6rZCw 6z6RB4h0 LMr7tcSh+0U3/OVaX2xhHJ0rSN6m2dfXLBmGiMLcYX431S7Z9a5LXjOBr4a3GsjVoZoShvyLbNBzS9E8iSCBa2A0n0MyI19IhX2USsp7uMOst3KdEAgd4Q5KGysVZ1iVivXYRmTt04Bbq14LFmUxKDVhmEtFAtEoQSvLWctfdXwZ5Ywd3moeJSoZVwXmVWjCb2jrmvIlIiyMC+CadaNGtmnoYnsrEQ0bHlS1AC56m3aOyMPvQlR6vf9s4j7HNI/+mbmV8eeuZwJz0FfjbfTLQnFVqLQMK/Z3OwLgKfRve0tSbPfzmu3yPmp2km8w8s5GAbOXbJn9IoH37yssmbQl1TwhwTc2tlRLkEr2jjtWbq1vHXqW5kfXVG38ctBkEYMVuZ2WS X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: From: Brijesh Singh The KVM_SNP_INIT command is used by the hypervisor to initialize the SEV-SNP platform context. In a typical workflow, this command should be the first command issued. When creating SEV-SNP guest, the VMM must use this command instead of the KVM_SEV_INIT or KVM_SEV_ES_INIT. The flags value must be zero, it will be extended in future SNP support to communicate the optional features (such as restricted INT injection etc). Co-developed-by: Pavan Kumar Paluri Signed-off-by: Pavan Kumar Paluri Signed-off-by: Brijesh Singh Signed-off-by: Ashish Kalra Signed-off-by: Michael Roth --- .../virt/kvm/x86/amd-memory-encryption.rst | 27 +++++++++++++ arch/x86/include/asm/svm.h | 1 + arch/x86/kvm/svm/sev.c | 39 ++++++++++++++++++- arch/x86/kvm/svm/svm.h | 4 ++ include/uapi/linux/kvm.h | 13 +++++++ 5 files changed, 83 insertions(+), 1 deletion(-) diff --git a/Documentation/virt/kvm/x86/amd-memory-encryption.rst b/Documentation/virt/kvm/x86/amd-memory-encryption.rst index 995780088eb2..b1a19c9a577a 100644 --- a/Documentation/virt/kvm/x86/amd-memory-encryption.rst +++ b/Documentation/virt/kvm/x86/amd-memory-encryption.rst @@ -434,6 +434,33 @@ issued by the hypervisor to make the guest ready for execution. Returns: 0 on success, -negative on error +18. KVM_SNP_INIT +---------------- + +The KVM_SNP_INIT command can be used by the hypervisor to initialize SEV-SNP +context. In a typical workflow, this command should be the first command issued. + +Parameters (in/out): struct kvm_snp_init + +Returns: 0 on success, -negative on error + +:: + + struct kvm_snp_init { + __u64 flags; + }; + +The flags bitmap is defined as:: + + /* enable the restricted injection */ + #define KVM_SEV_SNP_RESTRICTED_INJET (1<<0) + + /* enable the restricted injection timer */ + #define KVM_SEV_SNP_RESTRICTED_TIMER_INJET (1<<1) + +If the specified flags is not supported then return -EOPNOTSUPP, and the supported +flags are returned. + References ========== diff --git a/arch/x86/include/asm/svm.h b/arch/x86/include/asm/svm.h index 87a7b917d30e..ba8ce15b27d7 100644 --- a/arch/x86/include/asm/svm.h +++ b/arch/x86/include/asm/svm.h @@ -286,6 +286,7 @@ static_assert((X2AVIC_MAX_PHYSICAL_ID & AVIC_PHYSICAL_MAX_INDEX_MASK) == X2AVIC_ #define AVIC_HPA_MASK ~((0xFFFULL << 52) | 0xFFF) #define SVM_SEV_FEAT_DEBUG_SWAP BIT(5) +#define SVM_SEV_FEAT_SNP_ACTIVE BIT(0) struct vmcb_seg { u16 selector; diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c index 18c09863377b..43b8ae7b74f8 100644 --- a/arch/x86/kvm/svm/sev.c +++ b/arch/x86/kvm/svm/sev.c @@ -250,6 +250,25 @@ static void sev_unbind_asid(struct kvm *kvm, unsigned int handle) sev_decommission(handle); } +static int verify_snp_init_flags(struct kvm *kvm, struct kvm_sev_cmd *argp) +{ + struct kvm_snp_init params; + int ret = 0; + + if (copy_from_user(¶ms, (void __user *)(uintptr_t)argp->data, sizeof(params))) + return -EFAULT; + + if (params.flags & ~SEV_SNP_SUPPORTED_FLAGS) + ret = -EOPNOTSUPP; + + params.flags = SEV_SNP_SUPPORTED_FLAGS; + + if (copy_to_user((void __user *)(uintptr_t)argp->data, ¶ms, sizeof(params))) + ret = -EFAULT; + + return ret; +} + static int sev_guest_init(struct kvm *kvm, struct kvm_sev_cmd *argp) { struct kvm_sev_info *sev = &to_kvm_svm(kvm)->sev_info; @@ -264,12 +283,19 @@ static int sev_guest_init(struct kvm *kvm, struct kvm_sev_cmd *argp) return ret; sev->active = true; - sev->es_active = argp->id == KVM_SEV_ES_INIT; + sev->es_active = (argp->id == KVM_SEV_ES_INIT || argp->id == KVM_SEV_SNP_INIT); + sev->snp_active = argp->id == KVM_SEV_SNP_INIT; asid = sev_asid_new(sev); if (asid < 0) goto e_no_asid; sev->asid = asid; + if (sev->snp_active) { + ret = verify_snp_init_flags(kvm, argp); + if (ret) + goto e_free; + } + init_args.probe = false; ret = sev_platform_init(&init_args); if (ret) @@ -287,6 +313,7 @@ static int sev_guest_init(struct kvm *kvm, struct kvm_sev_cmd *argp) sev_asid_free(sev); sev->asid = 0; e_no_asid: + sev->snp_active = false; sev->es_active = false; sev->active = false; return ret; @@ -625,6 +652,10 @@ static int sev_es_sync_vmsa(struct vcpu_svm *svm) if (sev_es_debug_swap_enabled) save->sev_features |= SVM_SEV_FEAT_DEBUG_SWAP; + /* Enable the SEV-SNP feature */ + if (sev_snp_guest(svm->vcpu.kvm)) + save->sev_features |= SVM_SEV_FEAT_SNP_ACTIVE; + pr_debug("Virtual Machine Save Area (VMSA):\n"); print_hex_dump_debug("", DUMP_PREFIX_NONE, 16, 1, save, sizeof(*save), false); @@ -1883,6 +1914,12 @@ int sev_mem_enc_ioctl(struct kvm *kvm, void __user *argp) } switch (sev_cmd.id) { + case KVM_SEV_SNP_INIT: + if (!sev_snp_enabled) { + r = -ENOTTY; + goto out; + } + fallthrough; case KVM_SEV_ES_INIT: if (!sev_es_enabled) { r = -ENOTTY; diff --git a/arch/x86/kvm/svm/svm.h b/arch/x86/kvm/svm/svm.h index a3e27c82866b..07a9eb5b6ce5 100644 --- a/arch/x86/kvm/svm/svm.h +++ b/arch/x86/kvm/svm/svm.h @@ -76,6 +76,9 @@ enum { /* TPR and CR2 are always written before VMRUN */ #define VMCB_ALWAYS_DIRTY_MASK ((1U << VMCB_INTR) | (1U << VMCB_CR2)) +/* Supported init feature flags */ +#define SEV_SNP_SUPPORTED_FLAGS 0x0 + struct kvm_sev_info { bool active; /* SEV enabled guest */ bool es_active; /* SEV-ES enabled guest */ @@ -91,6 +94,7 @@ struct kvm_sev_info { struct list_head mirror_entry; /* Use as a list entry of mirrors */ struct misc_cg *misc_cg; /* For misc cgroup accounting */ atomic_t migration_in_progress; + u64 snp_init_flags; }; struct kvm_svm { diff --git a/include/uapi/linux/kvm.h b/include/uapi/linux/kvm.h index c3308536482b..73702e9b9d76 100644 --- a/include/uapi/linux/kvm.h +++ b/include/uapi/linux/kvm.h @@ -1869,6 +1869,9 @@ enum sev_cmd_id { /* Guest Migration Extension */ KVM_SEV_SEND_CANCEL, + /* SNP specific commands */ + KVM_SEV_SNP_INIT, + KVM_SEV_NR_MAX, }; @@ -1965,6 +1968,16 @@ struct kvm_sev_receive_update_data { __u32 trans_len; }; +/* enable the restricted injection */ +#define KVM_SEV_SNP_RESTRICTED_INJET (1 << 0) + +/* enable the restricted injection timer */ +#define KVM_SEV_SNP_RESTRICTED_TIMER_INJET (1 << 1) + +struct kvm_snp_init { + __u64 flags; +}; + #define KVM_DEV_ASSIGN_ENABLE_IOMMU (1 << 0) #define KVM_DEV_ASSIGN_PCI_2_3 (1 << 1) #define KVM_DEV_ASSIGN_MASK_INTX (1 << 2) From patchwork Sat Dec 30 17:23:32 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Roth X-Patchwork-Id: 13506951 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 16CD3C46CD2 for ; Sat, 30 Dec 2023 17:27:16 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id A4EEC6B009B; Sat, 30 Dec 2023 12:27:15 -0500 (EST) Received: by kanga.kvack.org (Postfix, from userid 40) id 9D7A28D0012; Sat, 30 Dec 2023 12:27:15 -0500 (EST) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 802C56B0155; Sat, 30 Dec 2023 12:27:15 -0500 (EST) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0014.hostedemail.com [216.40.44.14]) by kanga.kvack.org (Postfix) with ESMTP id 6B03D6B009B for ; Sat, 30 Dec 2023 12:27:15 -0500 (EST) Received: from smtpin22.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay10.hostedemail.com (Postfix) with ESMTP id 48259C0A00 for ; Sat, 30 Dec 2023 17:27:15 +0000 (UTC) X-FDA: 81624165630.22.95A63DA Received: from NAM12-BN8-obe.outbound.protection.outlook.com (mail-bn8nam12on2052.outbound.protection.outlook.com [40.107.237.52]) by imf28.hostedemail.com (Postfix) with ESMTP id 578DEC000C for ; Sat, 30 Dec 2023 17:27:12 +0000 (UTC) Authentication-Results: imf28.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b=zuFgFYuW; arc=pass ("microsoft.com:s=arcselector9901:i=1"); spf=pass (imf28.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.237.52 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com; dmarc=pass (policy=quarantine) header.from=amd.com ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1703957232; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=Pyu8fO4k0BOEcL5uXpnWa1mRrzPUlI9UWRs0ChSKuv4=; b=ypAqNqLUzNh5DspM7+TIKKuGru0IDHMnd+q5VqmhzV1NLneFVK3pQtGBtTSWLQoC8j1nSU c1C/8Z833H16qEiYr0ujJaoFjKT4uEcG3CxoCpcshrpZuWlra87AQr4P1/onh1XR1+htvm H4q8OOjWBsENJHj9dimKc0cG0Ee7HVA= ARC-Seal: i=2; s=arc-20220608; d=hostedemail.com; t=1703957232; a=rsa-sha256; cv=pass; b=ESQZ7h+ufnVXRM1BvMVhI2BJhB97JAh0jDyIBaqTPZ1kIcC29LQzBSVO+c+v0ozoaCr3Sz 7vbFdzMtnrCiJukL1uyKg3sAfUtmsTq8TEqaC4Md9ovvRrcTnq7n/xzOEUqW57pd5ibT1S FDadRKxQ+Tz2YnqCIwUkbPH0kiH6Zaw= ARC-Authentication-Results: i=2; imf28.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b=zuFgFYuW; arc=pass ("microsoft.com:s=arcselector9901:i=1"); spf=pass (imf28.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.237.52 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com; dmarc=pass (policy=quarantine) header.from=amd.com ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=M6UPdXvRZ47LlQGqDquNZkh+lJlC9cAuzZC8AaiBy1pSPAZHM3QGoYceyBpKdIgHhPXKrcw8Pw0v730Bn70fGWX5iM+ohzNYxLmqTJFGMiRYIxSR24GXHEG2hsmTlr5EnLjrazjA9Cej/rgxVCTej/DqV9lK6Qjui5GIon6oUO/1vSq3LFuHMMiXMbaUceqv2Q9iGi+PRsFbQGqXhGK4inpKZpKZd2Y9hdEIHd2+a0WBA40lnnlTb+HusdAsrfnjAfIQEGZZu+WwZw+hq1I9/nrp8AZ1QIQGutmfimp646gDSrSX6YrjEvGv8WuVhZeESyhmC5uYpH9b9fYqGW7aMg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=Pyu8fO4k0BOEcL5uXpnWa1mRrzPUlI9UWRs0ChSKuv4=; b=QZxyupZH3UwKfI1tzXwmubZro49AbQu19LR7Qf3VQwOEsBRv+22749JonQLJB5ZxRv1LEBA7gVtSsSjTwm93883aUsXYn70B9hzG7lxR2w4SFh5cw6KZpuYtYZfKmM+ACZHcf7SrZ81RIj9TXysRQ64jSlo1UloQz7O2yT3nEEelpzS6uzcuoZTe8LlMLwr5Ok86rkVBOCLdqRJGiKYso92XjuzH2xdIqTzBhl0uZlIJcgLR0nbanIppKJdyuNZF1sPStjkGsHDSVXypAnPDPrhx29eJyvwYYhvHx7D6SXV9U++dbdn+mA7mVzzmvKC+nHTwTHo53DCQzbsJbQWTVQ== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none (0) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=Pyu8fO4k0BOEcL5uXpnWa1mRrzPUlI9UWRs0ChSKuv4=; b=zuFgFYuWnZxr9DTQZBT/fH+gBDvBZjRnxfiNw++zoNQ4X2s4/aaTMsUVH11Ji+Csl4uADAcqZ+Gk5hgEThYbVe3aAc9lrdEINlfrHy9J0YrGcyvU4kOKvWD5IylOx7ksUXua5joCHEL6BuQp9YKzXiGVNYscjTYIiEWyPzj9MsE= Received: from MN2PR03CA0025.namprd03.prod.outlook.com (2603:10b6:208:23a::30) by CY5PR12MB6323.namprd12.prod.outlook.com (2603:10b6:930:20::11) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7135.22; Sat, 30 Dec 2023 17:27:08 +0000 Received: from MN1PEPF0000ECD8.namprd02.prod.outlook.com (2603:10b6:208:23a:cafe::fe) by MN2PR03CA0025.outlook.office365.com (2603:10b6:208:23a::30) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7135.21 via Frontend Transport; Sat, 30 Dec 2023 17:27:08 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by MN1PEPF0000ECD8.mail.protection.outlook.com (10.167.242.137) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.7159.9 via Frontend Transport; Sat, 30 Dec 2023 17:27:08 +0000 Received: from localhost (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.34; Sat, 30 Dec 2023 11:27:07 -0600 From: Michael Roth To: CC: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , Brijesh Singh Subject: [PATCH v11 16/35] KVM: SEV: Add KVM_SEV_SNP_LAUNCH_START command Date: Sat, 30 Dec 2023 11:23:32 -0600 Message-ID: <20231230172351.574091-17-michael.roth@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20231230172351.574091-1-michael.roth@amd.com> References: <20231230172351.574091-1-michael.roth@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: MN1PEPF0000ECD8:EE_|CY5PR12MB6323:EE_ X-MS-Office365-Filtering-Correlation-Id: 801c448b-78e5-4f71-75e3-08dc095c8cad X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: /R2hduKVmK53PnKeSaGG2pdPzIVrkkvwPRnL8ggPilrUlrYn5rZ+uqfNGfl+dzkwXJ5+FTBW26nYE4kTeTquMhhSU4Sw3jYXsR5YmTpblkYGgWiJSjZtFipxtXQVYXcRFLCjbRQi5lgj8A9qSu4uP2wucv2f/ybTp5buiIu777y0eS49WYV+bBG90caFEL6KCar1UPy+nUyccP1y/uQt6sKkgPE4XpAF8DyN4he+HmYG7kjb7KquzAHJMcLcCC9zHUvSTcTxf/aoLbm7PcM95g5aB1PCF90PaDj7AdF2TJxSqG6KV69nGVHJKGCvQAOlg943OjFaTz09/s8DrHZZAME9WlZXJ/50fArYjr30UUUwLYnqYcb1h9b/XsRYUUDNUQKUrx762yRuYjCl/SIZSRhYuGVWId14JBKReD07U5hMkyFv9fTeYaw7fg38N53XiFiPsf0G+3lXeOd2AxU0B7TuURMVMnGavk0arBRKL0DBtu6VOIqbjHABJErkc06f2Okt+nrKvTwbjVaHIn76IjEN1h2zCmzxS+H75cn9hn/qV3Vv1Sn3uhvcFMFRu9OkQCQEBzF/KQcnXc3zdrXpLxl2POGcRo9odxi8QHSjGsWbJY4/GCiYXYecQFiKZUvRsBuoBD/wWCH2DUl9DigIGa2z1m+wAXI6L6sCSiZSIsek+EJgfj2DjGUK5NeEzM9ccG0mFVxTFY6JYCnFqXZAwrby1wNn9rqUgCahRlec+jYy86PkKjTFUD/2uPQ8oZ0ypt7gM/oPYgy5QGGSkOX3mA== X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230031)(4636009)(396003)(39860400002)(376002)(136003)(346002)(230922051799003)(186009)(64100799003)(451199024)(1800799012)(82310400011)(46966006)(40470700004)(36840700001)(40480700001)(40460700003)(426003)(336012)(2616005)(26005)(1076003)(83380400001)(16526019)(86362001)(81166007)(36756003)(356005)(82740400003)(47076005)(4326008)(44832011)(5660300002)(7416002)(7406005)(6666004)(36860700001)(54906003)(8936002)(8676002)(70206006)(70586007)(316002)(6916009)(2906002)(41300700001)(478600001)(36900700001);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 30 Dec 2023 17:27:08.0962 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 801c448b-78e5-4f71-75e3-08dc095c8cad X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: MN1PEPF0000ECD8.namprd02.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: CY5PR12MB6323 X-Stat-Signature: epfnkf37qzmtxa541xqt17ehsjec4835 X-Rspamd-Server: rspam10 X-Rspamd-Queue-Id: 578DEC000C X-Rspam-User: X-HE-Tag: 1703957232-880718 X-HE-Meta: U2FsdGVkX1/cTwLDN9Xgh8WMdW2LpI1l9W7jqAt22gm9tdtQVyMm0Ou1BU3YGZgvYIq2IaoZC98tEMkqOTFLbdznnUoPNSJB3gBkjC4ea7ueWq1qxtU9LDaWTgE85JOCklTjCbLZC7LTOApist4YRVJ0u3pVuzrsO94lZr+ox8CEB8aOHxtlBvR/S4W5qCKjo62tla9mlK9WxtA6l1TLQPSvCBzkH4ZTlSheqlsyQSDcx0Xo43lGkVCOT2FzXt9gStKlqKLaaJ1EOioiwlGdDpFSVH1Y09aWFI2Bb0YQ/bh8jtNVyisFSr/R6vpY86GRGL8aPfvdayowQ5Fqco1gsrK6EjGm5vHzuTVdEPBTkbk8eWyWcvH8tjEq1qyFG7Kh+ajQ6MKFDH4Xh9VeRMnxdt0dDHYQidLIdUSs1ToOX17wvvNLIvMgppd2lNvIasBcefWxFiKcNbC0r4yghwmOb3VzBCVtp+IAbBMwi/sin+qj79XbGgM+Oc1f+VJQKy+SvV5h6MMyVrJS3Btz3ySMeQKTcoV1nJItNZTgrg/7ZuydAodiJxJcW6LGi3THKOTFKEEq4ciXS4Y3nHvTungScOXhN9q/0wuEUbW+vZEv+GSbcZ4K+qBBckCGdRxL89dDYmLAI4VNwv08B1dYg4jLDbgkRjFUmAyqjzS/zFaFRVCgyq+1gzpm3/44H9cJDI9UZvl6iHEKiU+/YJBXiSwoqMyXXZNsgNCUqtyVS53gc+XtV8LsS1OxfzYSkLnSnEH/AJfrkIrbJ7tRZF5i1EzDs0D+DhvMtmYpBcyOmNCdeBjz0VojoLcRtVjRKoKX7hCC26baGiaA+rwLJeH1DwVfYz2ixo14P6r/dXx6sUJYXS8/yQbH/gG2HSAzsf6Kp2e7iNNOTiHrKGAE8sRSHncJUgmYlm1MWLSFLm6YRDet3kUauHRN6W0PhPyirLKyrkc1nZuV4sTvjnXzoHYL0IF SLSE4vRn tGqEKAvzugnaXinsF45HXjWxpTtr51c8IhxSi X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: From: Brijesh Singh KVM_SEV_SNP_LAUNCH_START begins the launch process for an SEV-SNP guest. The command initializes a cryptographic digest context used to construct the measurement of the guest. If the guest is expected to be migrated, the command also binds a migration agent (MA) to the guest. For more information see the SEV-SNP specification. Signed-off-by: Brijesh Singh Signed-off-by: Ashish Kalra [mdr: hold sev_deactivate_lock when calling SEV_CMD_SNP_DECOMMISSION] Signed-off-by: Michael Roth --- .../virt/kvm/x86/amd-memory-encryption.rst | 24 +++ arch/x86/kvm/svm/sev.c | 144 +++++++++++++++++- arch/x86/kvm/svm/svm.h | 1 + include/uapi/linux/kvm.h | 10 ++ 4 files changed, 176 insertions(+), 3 deletions(-) diff --git a/Documentation/virt/kvm/x86/amd-memory-encryption.rst b/Documentation/virt/kvm/x86/amd-memory-encryption.rst index b1a19c9a577a..b1beb2fe8766 100644 --- a/Documentation/virt/kvm/x86/amd-memory-encryption.rst +++ b/Documentation/virt/kvm/x86/amd-memory-encryption.rst @@ -461,6 +461,30 @@ The flags bitmap is defined as:: If the specified flags is not supported then return -EOPNOTSUPP, and the supported flags are returned. +19. KVM_SNP_LAUNCH_START +------------------------ + +The KVM_SNP_LAUNCH_START command is used for creating the memory encryption +context for the SEV-SNP guest. To create the encryption context, user must +provide a guest policy, migration agent (if any) and guest OS visible +workarounds value as defined SEV-SNP specification. + +Parameters (in): struct kvm_snp_launch_start + +Returns: 0 on success, -negative on error + +:: + + struct kvm_sev_snp_launch_start { + __u64 policy; /* Guest policy to use. */ + __u64 ma_uaddr; /* userspace address of migration agent */ + __u8 ma_en; /* 1 if the migration agent is enabled */ + __u8 imi_en; /* set IMI to 1. */ + __u8 gosvw[16]; /* guest OS visible workarounds */ + }; + +See the SEV-SNP specification for further detail on the launch input. + References ========== diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c index 43b8ae7b74f8..e2f4d4bc125c 100644 --- a/arch/x86/kvm/svm/sev.c +++ b/arch/x86/kvm/svm/sev.c @@ -24,6 +24,7 @@ #include #include #include +#include #include "mmu.h" #include "x86.h" @@ -72,6 +73,10 @@ static bool sev_snp_enabled; #define AP_RESET_HOLD_NAE_EVENT 1 #define AP_RESET_HOLD_MSR_PROTO 2 +/* As defined by SEV-SNP Firmware ABI, under "Guest Policy". */ +#define SNP_POLICY_MASK_SMT BIT_ULL(16) +#define SNP_POLICY_MASK_SINGLE_SOCKET BIT_ULL(20) + static u8 sev_enc_bit; static DECLARE_RWSEM(sev_deactivate_lock); static DEFINE_MUTEX(sev_bitmap_lock); @@ -82,6 +87,8 @@ static unsigned int nr_asids; static unsigned long *sev_asid_bitmap; static unsigned long *sev_reclaim_asid_bitmap; +static int snp_decommission_context(struct kvm *kvm); + struct enc_region { struct list_head list; unsigned long npages; @@ -107,12 +114,17 @@ static int sev_flush_asids(int min_asid, int max_asid) down_write(&sev_deactivate_lock); wbinvd_on_all_cpus(); - ret = sev_guest_df_flush(&error); + + if (sev_snp_enabled) + ret = sev_do_cmd(SEV_CMD_SNP_DF_FLUSH, NULL, &error); + else + ret = sev_guest_df_flush(&error); up_write(&sev_deactivate_lock); if (ret) - pr_err("SEV: DF_FLUSH failed, ret=%d, error=%#x\n", ret, error); + pr_err("SEV%s: DF_FLUSH failed, ret=%d, error=%#x\n", + sev_snp_enabled ? "-SNP" : "", ret, error); return ret; } @@ -1890,6 +1902,94 @@ int sev_vm_move_enc_context_from(struct kvm *kvm, unsigned int source_fd) return ret; } +/* + * The guest context contains all the information, keys and metadata + * associated with the guest that the firmware tracks to implement SEV + * and SNP features. The firmware stores the guest context in hypervisor + * provide page via the SNP_GCTX_CREATE command. + */ +static void *snp_context_create(struct kvm *kvm, struct kvm_sev_cmd *argp) +{ + struct sev_data_snp_addr data = {}; + void *context; + int rc; + + /* Allocate memory for context page */ + context = snp_alloc_firmware_page(GFP_KERNEL_ACCOUNT); + if (!context) + return NULL; + + data.gctx_paddr = __psp_pa(context); + rc = __sev_issue_cmd(argp->sev_fd, SEV_CMD_SNP_GCTX_CREATE, &data, &argp->error); + if (rc) { + snp_free_firmware_page(context); + return NULL; + } + + return context; +} + +static int snp_bind_asid(struct kvm *kvm, int *error) +{ + struct kvm_sev_info *sev = &to_kvm_svm(kvm)->sev_info; + struct sev_data_snp_activate data = {0}; + + data.gctx_paddr = __psp_pa(sev->snp_context); + data.asid = sev_get_asid(kvm); + return sev_issue_cmd(kvm, SEV_CMD_SNP_ACTIVATE, &data, error); +} + +static int snp_launch_start(struct kvm *kvm, struct kvm_sev_cmd *argp) +{ + struct kvm_sev_info *sev = &to_kvm_svm(kvm)->sev_info; + struct sev_data_snp_launch_start start = {0}; + struct kvm_sev_snp_launch_start params; + int rc; + + if (!sev_snp_guest(kvm)) + return -ENOTTY; + + if (copy_from_user(¶ms, (void __user *)(uintptr_t)argp->data, sizeof(params))) + return -EFAULT; + + /* Don't allow userspace to allocate memory for more than 1 SNP context. */ + if (sev->snp_context) + return -EINVAL; + + sev->snp_context = snp_context_create(kvm, argp); + if (!sev->snp_context) + return -ENOTTY; + + if (params.policy & SNP_POLICY_MASK_SINGLE_SOCKET) { + pr_warn("SEV-SNP hypervisor does not support limiting guests to a single socket."); + return -EINVAL; + } + + if (!(params.policy & SNP_POLICY_MASK_SMT)) { + pr_warn("SEV-SNP hypervisor does not support limiting guests to a single SMT thread."); + return -EINVAL; + } + + start.gctx_paddr = __psp_pa(sev->snp_context); + start.policy = params.policy; + memcpy(start.gosvw, params.gosvw, sizeof(params.gosvw)); + rc = __sev_issue_cmd(argp->sev_fd, SEV_CMD_SNP_LAUNCH_START, &start, &argp->error); + if (rc) + goto e_free_context; + + sev->fd = argp->sev_fd; + rc = snp_bind_asid(kvm, &argp->error); + if (rc) + goto e_free_context; + + return 0; + +e_free_context: + snp_decommission_context(kvm); + + return rc; +} + int sev_mem_enc_ioctl(struct kvm *kvm, void __user *argp) { struct kvm_sev_cmd sev_cmd; @@ -1980,6 +2080,9 @@ int sev_mem_enc_ioctl(struct kvm *kvm, void __user *argp) case KVM_SEV_RECEIVE_FINISH: r = sev_receive_finish(kvm, &sev_cmd); break; + case KVM_SEV_SNP_LAUNCH_START: + r = snp_launch_start(kvm, &sev_cmd); + break; default: r = -EINVAL; goto out; @@ -2172,6 +2275,33 @@ int sev_vm_copy_enc_context_from(struct kvm *kvm, unsigned int source_fd) return ret; } +static int snp_decommission_context(struct kvm *kvm) +{ + struct kvm_sev_info *sev = &to_kvm_svm(kvm)->sev_info; + struct sev_data_snp_addr data = {}; + int ret; + + /* If context is not created then do nothing */ + if (!sev->snp_context) + return 0; + + data.gctx_paddr = __sme_pa(sev->snp_context); + down_write(&sev_deactivate_lock); + ret = sev_do_cmd(SEV_CMD_SNP_DECOMMISSION, &data, NULL); + if (WARN_ONCE(ret, "failed to release guest context")) { + up_write(&sev_deactivate_lock); + return ret; + } + + up_write(&sev_deactivate_lock); + + /* free the context page now */ + snp_free_firmware_page(sev->snp_context); + sev->snp_context = NULL; + + return 0; +} + void sev_vm_destroy(struct kvm *kvm) { struct kvm_sev_info *sev = &to_kvm_svm(kvm)->sev_info; @@ -2213,7 +2343,15 @@ void sev_vm_destroy(struct kvm *kvm) } } - sev_unbind_asid(kvm, sev->handle); + if (sev_snp_guest(kvm)) { + if (snp_decommission_context(kvm)) { + WARN_ONCE(1, "Failed to free SNP guest context, leaking asid!\n"); + return; + } + } else { + sev_unbind_asid(kvm, sev->handle); + } + sev_asid_free(sev); } diff --git a/arch/x86/kvm/svm/svm.h b/arch/x86/kvm/svm/svm.h index 07a9eb5b6ce5..9c633173b779 100644 --- a/arch/x86/kvm/svm/svm.h +++ b/arch/x86/kvm/svm/svm.h @@ -95,6 +95,7 @@ struct kvm_sev_info { struct misc_cg *misc_cg; /* For misc cgroup accounting */ atomic_t migration_in_progress; u64 snp_init_flags; + void *snp_context; /* SNP guest context page */ }; struct kvm_svm { diff --git a/include/uapi/linux/kvm.h b/include/uapi/linux/kvm.h index 73702e9b9d76..9fe36408d55b 100644 --- a/include/uapi/linux/kvm.h +++ b/include/uapi/linux/kvm.h @@ -1871,6 +1871,7 @@ enum sev_cmd_id { /* SNP specific commands */ KVM_SEV_SNP_INIT, + KVM_SEV_SNP_LAUNCH_START, KVM_SEV_NR_MAX, }; @@ -1978,6 +1979,15 @@ struct kvm_snp_init { __u64 flags; }; +struct kvm_sev_snp_launch_start { + __u64 policy; + __u64 ma_uaddr; + __u8 ma_en; + __u8 imi_en; + __u8 gosvw[16]; + __u8 pad[6]; +}; + #define KVM_DEV_ASSIGN_ENABLE_IOMMU (1 << 0) #define KVM_DEV_ASSIGN_PCI_2_3 (1 << 1) #define KVM_DEV_ASSIGN_MASK_INTX (1 << 2) From patchwork Sat Dec 30 17:23:33 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Roth X-Patchwork-Id: 13506952 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 15F1BC46CD2 for ; Sat, 30 Dec 2023 17:27:39 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 9D8A06B0167; Sat, 30 Dec 2023 12:27:38 -0500 (EST) Received: by kanga.kvack.org (Postfix, from userid 40) id 988D16B0168; Sat, 30 Dec 2023 12:27:38 -0500 (EST) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 767186B016A; Sat, 30 Dec 2023 12:27:38 -0500 (EST) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0015.hostedemail.com [216.40.44.15]) by kanga.kvack.org (Postfix) with ESMTP id 62B6D6B0167 for ; Sat, 30 Dec 2023 12:27:38 -0500 (EST) Received: from smtpin26.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay10.hostedemail.com (Postfix) with ESMTP id 47B03C01B3 for ; Sat, 30 Dec 2023 17:27:38 +0000 (UTC) X-FDA: 81624166596.26.516EB64 Received: from NAM12-MW2-obe.outbound.protection.outlook.com (mail-mw2nam12on2050.outbound.protection.outlook.com [40.107.244.50]) by imf30.hostedemail.com (Postfix) with ESMTP id 563C080009 for ; Sat, 30 Dec 2023 17:27:35 +0000 (UTC) Authentication-Results: imf30.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b="qu4wu6/h"; spf=pass (imf30.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.244.50 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com; arc=pass ("microsoft.com:s=arcselector9901:i=1"); dmarc=pass (policy=quarantine) header.from=amd.com ARC-Seal: i=2; s=arc-20220608; d=hostedemail.com; t=1703957255; a=rsa-sha256; cv=pass; b=ERBQj/NnBd6KAREsyCUG4kELLu7hRUIsteHG9Tat7wJWRq1Mj35Gt+FVdfMEa2cRaJdhK3 jJFHRNxA+cpuOFBBREtdUdsxt0Mt8fxtl5MWk5Su8g6y0h0QjgMZ3u/PcoAkFGeCPMxPdV cSFOPfSrOkurML8vDWT8DDdcNHZItuQ= ARC-Authentication-Results: i=2; imf30.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b="qu4wu6/h"; spf=pass (imf30.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.244.50 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com; arc=pass ("microsoft.com:s=arcselector9901:i=1"); dmarc=pass (policy=quarantine) header.from=amd.com ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1703957255; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=9z8vHHZKEWNfdYLlNVTWn/ZpwAECgJWqPcY/Sqgd8hQ=; b=WxyIkFPiULc028cdvAVj5GhEDxRcJSVmvDPregW4FACX3iaQl6e3CqE23qiKQPnWZbfS04 VxbGgXjiS5kUWP8eids+ErxYryhYRNUu1ZI94mZpmMruIO4X+8kWSH3KhVBO1aUq6dBlkK si6yVG/vy3AMGyLF6XqCJQuKOeh0pMs= ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=QHsB2kVokE22gXLa6/8Op4TJth3o8lXXY61hkyQpcShmEoL4ZwsTBG1AfpyW9QOpN64s5OZDK3gGPJB7S74OUpIodehFBHBXdTHgvJeTjpQOgBzeD5Sa/PiXJRQyQNVWqpvIrdgQFfdExE0T43RpNhjbEFStAT760kaFxkkw0I/h8Tbj09wBmklKGQ7ltzztRUFYm9ariGAReIB9kUvgxJ19V4t0CnIJ+ZKuIACcUvupkmgNZmJpV0l8HVWEL2363gA1UyBFoQcPBD8bpv4VLed522zdBYgs+zMC3qQqnEc1Q2fjCKdBm+6caSdqTmdOV9gXECjlQzVebXRRlMgQWg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=9z8vHHZKEWNfdYLlNVTWn/ZpwAECgJWqPcY/Sqgd8hQ=; b=XA1B5HYacBd+jb/KrQ+hCHX2tFZndDWrvnJtW2rvPqFhPSFHduk+ZU9Qn2s45Tx69TnWNt/KKOE+5e0KmS9qAQviOdwU9y1kGHXdwHilIXhXOac/JdwhBjXwLeg/qsaxPU95RylcicoA5nXAFgbOoDQGav5AEmYVJLhDOCfJMwZfDtuM3LFqkiPCkgiCAanrVM1qJ6EziKOveLSo4ZVXaS5uQ96uaDSqoYpZ+NvlLKL63Din1+W6pMcPqE+EVjpK9d6v+QjCdH9oDwg+kro53UaU4o2H/j5uWfBKU7Jo4WGQXwGFrD1GlokPX5l3eUhgOIkib63oDJRYvXwut10oNQ== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none (0) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=9z8vHHZKEWNfdYLlNVTWn/ZpwAECgJWqPcY/Sqgd8hQ=; b=qu4wu6/hiQ+GgxNEsN6P3xInF9XMpt2FyRffJZxK9wLfeqwulYBa0al/J6uM8PJArwKrt8ZD2k1tKI+9f4Pf3AGIMSuDVCQPZL6/FP4eYYyOtaZRBot78k5g0jBFXE45AdA4GUQJIBp1IXRuqYfAOus11UvUAMoMsYiw2y4HsLI= Received: from BL1PR13CA0004.namprd13.prod.outlook.com (2603:10b6:208:256::9) by CH3PR12MB9344.namprd12.prod.outlook.com (2603:10b6:610:1c8::7) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7135.22; Sat, 30 Dec 2023 17:27:29 +0000 Received: from MN1PEPF0000ECD5.namprd02.prod.outlook.com (2603:10b6:208:256:cafe::67) by BL1PR13CA0004.outlook.office365.com (2603:10b6:208:256::9) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7159.7 via Frontend Transport; Sat, 30 Dec 2023 17:27:28 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by MN1PEPF0000ECD5.mail.protection.outlook.com (10.167.242.133) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.7159.9 via Frontend Transport; Sat, 30 Dec 2023 17:27:28 +0000 Received: from localhost (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.34; Sat, 30 Dec 2023 11:27:28 -0600 From: Michael Roth To: CC: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , Vishal Annapurve Subject: [PATCH v11 17/35] KVM: Add HVA range operator Date: Sat, 30 Dec 2023 11:23:33 -0600 Message-ID: <20231230172351.574091-18-michael.roth@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20231230172351.574091-1-michael.roth@amd.com> References: <20231230172351.574091-1-michael.roth@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: MN1PEPF0000ECD5:EE_|CH3PR12MB9344:EE_ X-MS-Office365-Filtering-Correlation-Id: 4f667561-f9e0-407e-84c9-08dc095c98fe X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: Il1fX66Igd7UQV2zi0OBctrTz3fi2IzeaROdZc+E83pnZGzR/PGg+KGK9iNNuxYNSRFph5Kq9u07WLT2izCHSpbV9ImoTHH2Grb3Y9flxZf/xUGJnf95Bb+alJHnpCI/SIeWI8nTHNQZiZWPO4DpBpmV+lTJakWEVYlS/hj9GT1C5zjlgZ/2YN4Kw+ap1DdzUplQCAVP801Dp1M0cmmRbBiech0sGEg9kQD1Kfxt8XU1OjjmCfcMcxMnGji0PifIg3bIAoSv4B3JKy1xg0Pbwb8k695JCuSC7IAb5hQEggvkG4DQcY7a9Y0qNDOS/DBmEonVZvQP1Sxmj8UpYfX4PC0bKFonuQuCOhrP+fBrc4K/9dEy2w4Bg+vJl+R49/o15xBeidPfsk++kDR4VQyniOTxrGygVozKcGX24Ph8kKiN1Na0BXn4m//pprh0Tbz5oGvvF5abfLn6VGO0b4gpxFc2MSNYNYkZmNucEd+gaVDTctqPE2q5opMal6FnS+S4gd7UhBDBjsob/8ClR9EcpdUMkaQNmn1fX+OOIkbCZ6s5Lqc6QxIOCW5zFxLvtRdbPZ6Kko9md9mJdIPr7KQ5W+8jZ+IGT73bCQw9vx1bjYikPuDE0zFGQqMTWRe69s0SfhOXqRcRh5Zztbq2KylwIn/tGUwYDOIk5zDMKZ4m42RAjF9p0DPrDxYHRoGOg8eKGEiKfmPXFLlBt9wS1WwEc1Lpz03Jok5GqfhgQ9RMLWyPTYwQw/iwi5jFs/5Ku0vWOWq/P3YnD74FZ+BW9Cex0g== X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230031)(4636009)(39860400002)(376002)(136003)(396003)(346002)(230922051799003)(82310400011)(451199024)(186009)(1800799012)(64100799003)(46966006)(36840700001)(40470700004)(336012)(426003)(83380400001)(26005)(16526019)(1076003)(2616005)(47076005)(36860700001)(5660300002)(44832011)(8676002)(4326008)(41300700001)(8936002)(7406005)(7416002)(2906002)(478600001)(6666004)(316002)(6916009)(54906003)(70206006)(70586007)(36756003)(82740400003)(81166007)(86362001)(356005)(40480700001)(40460700003)(36900700001);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 30 Dec 2023 17:27:28.7757 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 4f667561-f9e0-407e-84c9-08dc095c98fe X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: MN1PEPF0000ECD5.namprd02.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: CH3PR12MB9344 X-Rspamd-Server: rspam08 X-Rspamd-Queue-Id: 563C080009 X-Stat-Signature: 61i5xzo5u364epf86ifucnob7mmz6fkh X-Rspam-User: X-HE-Tag: 1703957255-300639 X-HE-Meta: U2FsdGVkX1/xmbZkdlVKqV2wksC50PiADhdWVaucNTlpLdfPgERma9QLzEG0dD59O4YFmhWeuL6C5kZjJBn/y6V+XBzJVxmemOwRhXsRM2KaRpWkTtIRiUsS8pHZfc7IQAqMY0kLvzWEFTz/uPdNs3pQlLzS3vMCttBcHMBGr172lbyNa14YQhQLW2Npcpzw1yEmG0Vzr9FR8XOBUJ7N6KpSSq50FVPMkd3H2+b32FrSjp6XEo7FxMBV/pSK65eLyhwGrraSDSxqCha8hBLPCyYA4UwC1OEfd2lUEpt42r0o7hxmswbGgpGLG6gDnMC6PyOCsFOCZbTpPnmn2AiIn8y2+jPJQOKsRBrO7dflE4Nv8Bt3qMgRVuh+U3N458Gti33QzPlTdvMP5TvUpcbI1DLYFpDvg0o7NjIz3YvOMr4L3GO5210L9+we7IkLNoehAXV5T4+KcQ+UpZ9kUxEW6L8ldFuBcWXamIZIGrJQL35nb17r8q2vLaJJcSwUxGTK2NNoiUxudL8kKMdvKgFvNt6R16RHUj5keJt82UAUOvTteyDN/kZTrNBeSpQKJr/tCw+emY5SppvO3WuYpZFuFdv3hoh04TM4P8zpZ2lKdTYmNvo4tW3BX+s44Mlfck3e0BbCddw+ofYmSLyQPnBZzRF5pqzZJU96WFg6qSoueTJZHAgudOhKsYnFhy6/tcyMIPc+VCSfpbNfkuLvpK+N0vcXYe5K4ELLUIWnseU6YlMk/mXZ9lsn1mkanVi8WVaUH8HP5OXusdI9CPNxaRBLlv5fwZC9nPVq+eFHQX1NFEEuBtzoZSwh9rghW2D5CJGq1z2HhOUjqsu3eMg0TlKHA5o6i1zvt6zi0rcFICcZnBUf/bR2F2WjxDgzemN7w8aWpeWz9R2RUjFnWCd0hgqbdu3Wt/1eR7Sff3fxfLD409zJCGY8NInneVSfKCYXDWVeruqV96tiiHgkJS1sel8 6L0JWlJO IuqMTNK/6AozpxrTfH6ykJ92m8X+6bygv/p+h4wuygh4nrrw2Rp82MrNM9fVq/sD3Y7f28FrGxP7w/YM31yX1w7lUBgtQQmBLxY+1LXrG3ai50Yl57ARZ9Q4rVpzWj+u8lf5YYYbAgiHFN4Vt4IJaVB3JAUDkJ/SP/FyiZ1/fYCI4lVUP6n9sv8SKrJliZxNr7rI/lKUxE5ERXv8ZzJz7cxpn8tjXvc7xAZ818arXKvlkc3cd0YS/6Sd8hR/dooxPCi7GexmNbOZjkerRVQN5qCwICc8VR4hjGfyOzyWIYbX0kWgH5nFYTrZcu5rhFVn4gxL6rtN7hub3I5kSoNs1hxPUfvKHZYNUqU0ALmgjRnfEuHo= X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: From: Vishal Annapurve Introduce HVA range operator so that other KVM subsystems can operate on HVA ranges. Signed-off-by: Vishal Annapurve [mdr: minor checkpatch alignment fixups] Signed-off-by: Michael Roth --- include/linux/kvm_host.h | 6 +++++ virt/kvm/kvm_main.c | 49 ++++++++++++++++++++++++++++++++++++++++ 2 files changed, 55 insertions(+) diff --git a/include/linux/kvm_host.h b/include/linux/kvm_host.h index a2a8331fbb94..bc3a468e97e3 100644 --- a/include/linux/kvm_host.h +++ b/include/linux/kvm_host.h @@ -1429,6 +1429,12 @@ void kvm_mmu_invalidate_range_add(struct kvm *kvm, gfn_t start, gfn_t end); void kvm_mmu_invalidate_end(struct kvm *kvm); bool kvm_mmu_unmap_gfn_range(struct kvm *kvm, struct kvm_gfn_range *range); +typedef int (*kvm_hva_range_op_t)(struct kvm *kvm, + struct kvm_gfn_range *range, void *data); + +int kvm_vm_do_hva_range_op(struct kvm *kvm, unsigned long hva_start, + unsigned long hva_end, kvm_hva_range_op_t handler, void *data); + long kvm_arch_dev_ioctl(struct file *filp, unsigned int ioctl, unsigned long arg); long kvm_arch_vcpu_ioctl(struct file *filp, diff --git a/virt/kvm/kvm_main.c b/virt/kvm/kvm_main.c index 4fd0fb0044f5..03243a7ece08 100644 --- a/virt/kvm/kvm_main.c +++ b/virt/kvm/kvm_main.c @@ -667,6 +667,55 @@ static __always_inline kvm_mn_ret_t __kvm_handle_hva_range(struct kvm *kvm, return r; } +int kvm_vm_do_hva_range_op(struct kvm *kvm, unsigned long hva_start, + unsigned long hva_end, kvm_hva_range_op_t handler, void *data) +{ + int ret = 0; + struct kvm_gfn_range gfn_range; + struct kvm_memory_slot *slot; + struct kvm_memslots *slots; + int i, idx; + + if (WARN_ON_ONCE(hva_end <= hva_start)) + return -EINVAL; + + idx = srcu_read_lock(&kvm->srcu); + + for (i = 0; i < kvm_arch_nr_memslot_as_ids(kvm); i++) { + struct interval_tree_node *node; + + slots = __kvm_memslots(kvm, i); + kvm_for_each_memslot_in_hva_range(node, slots, + hva_start, hva_end - 1) { + unsigned long start, end; + + slot = container_of(node, struct kvm_memory_slot, + hva_node[slots->node_idx]); + start = max(hva_start, slot->userspace_addr); + end = min(hva_end, slot->userspace_addr + + (slot->npages << PAGE_SHIFT)); + + /* + * {gfn(page) | page intersects with [hva_start, hva_end)} = + * {gfn_start, gfn_start+1, ..., gfn_end-1}. + */ + gfn_range.start = hva_to_gfn_memslot(start, slot); + gfn_range.end = hva_to_gfn_memslot(end + PAGE_SIZE - 1, slot); + gfn_range.slot = slot; + + ret = handler(kvm, &gfn_range, data); + if (ret) + goto e_ret; + } + } + +e_ret: + srcu_read_unlock(&kvm->srcu, idx); + + return ret; +} +EXPORT_SYMBOL_GPL(kvm_vm_do_hva_range_op); + static __always_inline int kvm_handle_hva_range(struct mmu_notifier *mn, unsigned long start, unsigned long end, From patchwork Sat Dec 30 17:23:34 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Roth X-Patchwork-Id: 13506953 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id C16A4C46CD2 for ; Sat, 30 Dec 2023 17:27:59 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 56CDE6B00E3; Sat, 30 Dec 2023 12:27:59 -0500 (EST) Received: by kanga.kvack.org (Postfix, from userid 40) id 51D746B012F; Sat, 30 Dec 2023 12:27:59 -0500 (EST) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 36ECD6B016E; Sat, 30 Dec 2023 12:27:59 -0500 (EST) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0014.hostedemail.com [216.40.44.14]) by kanga.kvack.org (Postfix) with ESMTP id 20DCF6B00E3 for ; Sat, 30 Dec 2023 12:27:59 -0500 (EST) Received: from smtpin26.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay10.hostedemail.com (Postfix) with ESMTP id EE033C0A00 for ; Sat, 30 Dec 2023 17:27:58 +0000 (UTC) X-FDA: 81624167436.26.3F19627 Received: from NAM10-BN7-obe.outbound.protection.outlook.com (mail-bn7nam10on2041.outbound.protection.outlook.com [40.107.92.41]) by imf17.hostedemail.com (Postfix) with ESMTP id 23C6340003 for ; Sat, 30 Dec 2023 17:27:55 +0000 (UTC) Authentication-Results: imf17.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b=lAbCw9Nv; spf=pass (imf17.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.92.41 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com; arc=pass ("microsoft.com:s=arcselector9901:i=1"); dmarc=pass (policy=quarantine) header.from=amd.com ARC-Seal: i=2; s=arc-20220608; d=hostedemail.com; t=1703957276; a=rsa-sha256; cv=pass; b=MxEwlN9U3zfjOFQcIrRQaE63QKaqjfMryK3aglr6g8oBaNQ3gPq0+rivTl5MkZMhTZ8/XF M0Maroj7hr9owIwN5TQGeUyVuPfEO335ioaNSVBUX8oNtJQFCMDE3T97/yIv0BoEmPjxYt LKc1Hpytdv1mBsyjc7PbF2++qRvTpvo= ARC-Authentication-Results: i=2; imf17.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b=lAbCw9Nv; spf=pass (imf17.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.92.41 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com; arc=pass ("microsoft.com:s=arcselector9901:i=1"); dmarc=pass (policy=quarantine) header.from=amd.com ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1703957276; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=va8/MfX/3OwDhg853qTItMcGTCYBTDQLJr28X5oLMqs=; b=HJuVSz3Q9LX067Ctp8vXKvVHCRcqpQ6UM2xTF7PbbwiS+EXY0jp6rKmwUWELacput75hHR B0oNA+GkHnAtxeMoO8nXc0DxHHeGgteWtGD9TMiz/84j5fCnsZEQnV44uUCruUDga6NO41 DOi76UGeHDMvLb+qcURlJxzsx3l2W9M= ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=XhewxPBEQVK415DbccB4A5Or8enbqrzf1i1z8uHgPsOe/ohA/MaokJOO1A+QVAso1xWrvz2uWA8OD/1Cs+T34asIoARmXsqrQbS+681+b0lIkn4LGmnMZKzo71uDHHBWv5K62UUZtkpGuGh5YD4cl316j7isPzYYa2sGYke1XUt8PjgBgOGsHbJ9FXxRnBp+3h1ukmK+EQMDEaqOmJZEztaeVFroALzoNuSpFE1dF0O3HKjpnAY37DpZoCUg/w1TOVxd8Zc3fWNA/mMwt08TL6xKb0Nb5luNijPCoDm4qDto1pZUChr475LaX4p4fgWBjpzTt+z+krFQKJsZ0u7M3A== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=va8/MfX/3OwDhg853qTItMcGTCYBTDQLJr28X5oLMqs=; b=AxuHqt7dTwMWm8eNhuZJFwMsB2lmneuzDZdvv1cqU+4MaoZuoVZz6gf5CIDplIZbXe50f3Pja8f6k/CwyVBMKolHpPnQHzX0USYLoZrzH8wPCql8Kihtc3Ew35vrUQS/iDZg7MUyaHNVPpKlJCcjldcDfUnW6Scpl4SdmG38dn4WHSX5ehQxBn2uF2NguZBC29YaiantQRTpdzaUnwewPAfesEOqZZxAH5GfcISwdsNELDE0evLlg+Xp04v1PFhBihzUd02A+P9umxzsDxEd8qcTR9qGxf1B0NMcUo2VxVg7u7fnKIeLOU2yphbiTG5TIpKC2uawty3rHVSbuXkyvQ== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none (0) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=va8/MfX/3OwDhg853qTItMcGTCYBTDQLJr28X5oLMqs=; b=lAbCw9Nviz0qoVu8fFn4v4QoywFDxWKcoDPGUJ2RErsHQRyg+SBLy814qzP8xxfc86e1f+St3hzEICcAI7pNztQ807ZUbBDXZDW0+6/PNt0jqbMhxfeqtxx5ezPq8wg7VmMV+lG7Gy1Ez4mHYt28in56wVOta+378CmWJKxk+AM= Received: from BLAPR03CA0172.namprd03.prod.outlook.com (2603:10b6:208:32f::12) by SA3PR12MB7976.namprd12.prod.outlook.com (2603:10b6:806:312::20) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7135.21; Sat, 30 Dec 2023 17:27:50 +0000 Received: from MN1PEPF0000ECD6.namprd02.prod.outlook.com (2603:10b6:208:32f:cafe::1c) by BLAPR03CA0172.outlook.office365.com (2603:10b6:208:32f::12) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7135.21 via Frontend Transport; Sat, 30 Dec 2023 17:27:49 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by MN1PEPF0000ECD6.mail.protection.outlook.com (10.167.242.135) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.7159.9 via Frontend Transport; Sat, 30 Dec 2023 17:27:49 +0000 Received: from localhost (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.34; Sat, 30 Dec 2023 11:27:49 -0600 From: Michael Roth To: CC: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , Brijesh Singh Subject: [PATCH v11 18/35] KVM: SEV: Add KVM_SEV_SNP_LAUNCH_UPDATE command Date: Sat, 30 Dec 2023 11:23:34 -0600 Message-ID: <20231230172351.574091-19-michael.roth@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20231230172351.574091-1-michael.roth@amd.com> References: <20231230172351.574091-1-michael.roth@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: MN1PEPF0000ECD6:EE_|SA3PR12MB7976:EE_ X-MS-Office365-Filtering-Correlation-Id: 556dffed-7cc7-4a34-8e12-08dc095ca572 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: NDhigO3+dXYUVY5k+yXweDDw7cKVJkgSiuEpsxn5Opaa402Yu9eDggh+LWiLhv1NFZrebTDQqXXRm8u7UteqwiHslhGY99kVo+PkK+9ABmqkxbwW4goDTKOh8a04HpUmaZrp8Cvbx9ryMMKBYa+kjhz8hF8eS691AVb6z11KvjHOiA/nUXm3ldKArDSgO2KWJ5LVYL9G1ZihBcBMQzRE/u3ohzmLCNFp2Avn0RIpmCzr/vgyLSnhA+cRC3PTIwfAuoTwi3qRFl7sHgYOuTzB4xTbqoVw9BvUrOjFymiwR8TTNEsz0pTYVAJjrTtlhJDF4CC1vaWEmgIg192rS/vYUaiTE9zkiDgkVvQsB3WTw7B8C3POSa/AE2F2bFfuwSRq+JYqBO9YgyFv8HlTTCYwuMQSFNUkhfMKjlRvwZVdOZBXBjiChqsI4hA+NqKOiJEN7REXm4Gwaqrd6Rqu22+ogUSWEXjMpEU2/ipBcY2SlDrLEawbJwkJpwuDCQeLUlOWZkzCATtsPwX7pdErcJeO2a4I4tr8B3nfXEQb7wIDTJ+pyjRdlha8zYmuSV8H0zv2d1AFMWyEnLBXvKHXpd5XxrL+ZkF+NNgvnmdcHU3QSMchSimdP04WXMVUdr2zbPn4P4JdggHilhSMHrKWE/eycRvDuK6ub7P1sBF69tGy0eRq5GT4kTDkWyzpxwiHd5r2ouxR/myqS/ia5rTAQOoW0wWz+o24t4TzQ3wxuSVWQ9VVnL9C+dC+AfZP4xCtxmdy9vryS/V6KFS6L06jGvVRVg== X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230031)(4636009)(39860400002)(396003)(136003)(376002)(346002)(230922051799003)(64100799003)(186009)(1800799012)(82310400011)(451199024)(40470700004)(46966006)(36840700001)(8936002)(70586007)(478600001)(82740400003)(81166007)(6666004)(356005)(36756003)(86362001)(54906003)(7416002)(41300700001)(316002)(70206006)(16526019)(7406005)(5660300002)(6916009)(83380400001)(426003)(4326008)(336012)(2616005)(26005)(44832011)(47076005)(8676002)(36860700001)(1076003)(2906002)(40480700001)(40460700003)(36900700001);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 30 Dec 2023 17:27:49.6688 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 556dffed-7cc7-4a34-8e12-08dc095ca572 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: MN1PEPF0000ECD6.namprd02.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: SA3PR12MB7976 X-Rspamd-Server: rspam08 X-Rspamd-Queue-Id: 23C6340003 X-Stat-Signature: 17cjeroanb3mtd1ozxtxtob3hxg71bic X-Rspam-User: X-HE-Tag: 1703957275-792934 X-HE-Meta: U2FsdGVkX1+dEEFybZJ7X9ZA5PkBj1xTbK9r+pmAebh846ruPb9SYA0qJfp2tVJQrgNyCPL45QJn8i51qCtduxMyJ6Y9MzImfYo/KYBDQjxB6CluV4grii3Ptl/O260VsxkRlklMTAX/zcuykKshJ0PoL9+F/XuS7kczqFJdG6LYCx2gYsBnD4vMN2tjG/0z34MqmE+NysenfeIwC8ZagMwpin9jFJ5PiU61ngI7ii0/NUw9sEmj0eqUuyhJsi+1KuDhiKUEpJ68fWppYTvHPb7T4Ky0Gurocbh5eeeftJ7aomAH5m1j/BkjvMWYdKGgT8K8WJnyVDT8CHIs0rk1DbSgeCuG9eYtgSGTEL/tfSd/CJZasCAwXhnn27JfdXZat7Nh+j5ikDo/eHTCiHP7+JWV4iLF+tLVW82FUlzc3SEuS5Kj6lapdn8ZQQ9cR1CqRO1kKgyj6sG9PI3SwG2INmMeszA5WIv1Dn4BzNFToM+zVG0vHavc0vcZBjX0jJ4uASAdhFB0bMSBYzwYPVFyRksqL6m1ygyLugoj6BrbtLuRtiwhJre3XDlWnsjOF2ia9Sqh3NvHNbZ1sQU5+atmIZxrseeMAXjq1UakRsUHfxSh10xna2Xs72/nb4IFT7u2Oon2TvtJebQ1jWJesfZ3qOIXLF6XI6vc3foOwgbShJs2HT2Vyd9eUOinboq7CjJBESa8Wl1AmXTBnP+Yaz9GJoc8hV2+hu8tBcCIoBngvw6N30WqHXbFpNIXpdEzbfR7Kbc+p5xaQyEkj3wkfFBy5Lbu2W97eFlV4bR8T4KWTBsjOeqIp3LI8iGkFhpzlbxc8CTF4Iy+1xAV9jX/2drdJsd51HgBTbwtF2XfLx4qqZsdPeZVtsPTzKSoUpj574g20wlojztatCYipCADJk9XvYLGWBWY3tOs4XsC1BJ+qWSIv+T3E107FooOzjy0nA2m5cI2P/8l9C0+9kos84z i7ykZFh5 MTpd/d0im0wZjQYw6C8oPD+y4Wa7L8VgX6lh/ X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: From: Brijesh Singh The KVM_SEV_SNP_LAUNCH_UPDATE command can be used to insert data into the guest's memory. The data is encrypted with the cryptographic context created with the KVM_SEV_SNP_LAUNCH_START. In addition to the inserting data, it can insert a two special pages into the guests memory: the secrets page and the CPUID page. While terminating the guest, reclaim the guest pages added in the RMP table. If the reclaim fails, then the page is no longer safe to be released back to the system and leak them. For more information see the SEV-SNP specification. Co-developed-by: Michael Roth Signed-off-by: Michael Roth Signed-off-by: Brijesh Singh Signed-off-by: Ashish Kalra --- .../virt/kvm/x86/amd-memory-encryption.rst | 28 +++ arch/x86/kvm/svm/sev.c | 181 ++++++++++++++++++ include/uapi/linux/kvm.h | 19 ++ 3 files changed, 228 insertions(+) diff --git a/Documentation/virt/kvm/x86/amd-memory-encryption.rst b/Documentation/virt/kvm/x86/amd-memory-encryption.rst index b1beb2fe8766..d4325b26724c 100644 --- a/Documentation/virt/kvm/x86/amd-memory-encryption.rst +++ b/Documentation/virt/kvm/x86/amd-memory-encryption.rst @@ -485,6 +485,34 @@ Returns: 0 on success, -negative on error See the SEV-SNP specification for further detail on the launch input. +20. KVM_SNP_LAUNCH_UPDATE +------------------------- + +The KVM_SNP_LAUNCH_UPDATE is used for encrypting a memory region. It also +calculates a measurement of the memory contents. The measurement is a signature +of the memory contents that can be sent to the guest owner as an attestation +that the memory was encrypted correctly by the firmware. + +Parameters (in): struct kvm_snp_launch_update + +Returns: 0 on success, -negative on error + +:: + + struct kvm_sev_snp_launch_update { + __u64 start_gfn; /* Guest page number to start from. */ + __u64 uaddr; /* userspace address need to be encrypted */ + __u32 len; /* length of memory region */ + __u8 imi_page; /* 1 if memory is part of the IMI */ + __u8 page_type; /* page type */ + __u8 vmpl3_perms; /* VMPL3 permission mask */ + __u8 vmpl2_perms; /* VMPL2 permission mask */ + __u8 vmpl1_perms; /* VMPL1 permission mask */ + }; + +See the SEV-SNP spec for further details on how to build the VMPL permission +mask and page type. + References ========== diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c index e2f4d4bc125c..d60209e6e68b 100644 --- a/arch/x86/kvm/svm/sev.c +++ b/arch/x86/kvm/svm/sev.c @@ -245,6 +245,36 @@ static void sev_decommission(unsigned int handle) sev_guest_decommission(&decommission, NULL); } +static int snp_page_reclaim(u64 pfn) +{ + struct sev_data_snp_page_reclaim data = {0}; + int err, rc; + + data.paddr = __sme_set(pfn << PAGE_SHIFT); + rc = sev_do_cmd(SEV_CMD_SNP_PAGE_RECLAIM, &data, &err); + if (rc) { + /* + * If the reclaim failed, then page is no longer safe + * to use. + */ + snp_leak_pages(pfn, 1); + } + + return rc; +} + +static int host_rmp_make_shared(u64 pfn, enum pg_level level, bool leak) +{ + int rc; + + rc = rmp_make_shared(pfn, level); + if (rc && leak) + snp_leak_pages(pfn, + page_level_size(level) >> PAGE_SHIFT); + + return rc; +} + static void sev_unbind_asid(struct kvm *kvm, unsigned int handle) { struct sev_data_deactivate deactivate; @@ -1990,6 +2020,154 @@ static int snp_launch_start(struct kvm *kvm, struct kvm_sev_cmd *argp) return rc; } +static int snp_launch_update_gfn_handler(struct kvm *kvm, + struct kvm_gfn_range *range, + void *opaque) +{ + struct kvm_sev_info *sev = &to_kvm_svm(kvm)->sev_info; + struct kvm_memory_slot *memslot = range->slot; + struct sev_data_snp_launch_update data = {0}; + struct kvm_sev_snp_launch_update params; + struct kvm_sev_cmd *argp = opaque; + int *error = &argp->error; + int i, n = 0, ret = 0; + unsigned long npages; + kvm_pfn_t *pfns; + gfn_t gfn; + + if (!kvm_slot_can_be_private(memslot)) { + pr_err("SEV-SNP requires private memory support via guest_memfd.\n"); + return -EINVAL; + } + + if (copy_from_user(¶ms, (void __user *)(uintptr_t)argp->data, sizeof(params))) { + pr_err("Failed to copy user parameters for SEV-SNP launch.\n"); + return -EFAULT; + } + + data.gctx_paddr = __psp_pa(sev->snp_context); + + npages = range->end - range->start; + pfns = kvmalloc_array(npages, sizeof(*pfns), GFP_KERNEL_ACCOUNT); + if (!pfns) + return -ENOMEM; + + pr_debug("%s: GFN range 0x%llx-0x%llx, type %d\n", __func__, + range->start, range->end, params.page_type); + + for (gfn = range->start, i = 0; gfn < range->end; gfn++, i++) { + int order, level; + bool assigned; + void *kvaddr; + + ret = __kvm_gmem_get_pfn(kvm, memslot, gfn, &pfns[i], &order, false); + if (ret) + goto e_release; + + n++; + ret = snp_lookup_rmpentry((u64)pfns[i], &assigned, &level); + if (ret || assigned) { + pr_err("Failed to ensure GFN 0x%llx is in initial shared state, ret: %d, assigned: %d\n", + gfn, ret, assigned); + return -EFAULT; + } + + kvaddr = pfn_to_kaddr(pfns[i]); + if (!virt_addr_valid(kvaddr)) { + pr_err("Invalid HVA 0x%llx for GFN 0x%llx\n", (uint64_t)kvaddr, gfn); + ret = -EINVAL; + goto e_release; + } + + ret = kvm_read_guest_page(kvm, gfn, kvaddr, 0, PAGE_SIZE); + if (ret) { + pr_err("Guest read failed, ret: 0x%x\n", ret); + goto e_release; + } + + ret = rmp_make_private(pfns[i], gfn << PAGE_SHIFT, PG_LEVEL_4K, + sev_get_asid(kvm), true); + if (ret) { + ret = -EFAULT; + goto e_release; + } + + data.address = __sme_set(pfns[i] << PAGE_SHIFT); + data.page_size = PG_LEVEL_TO_RMP(PG_LEVEL_4K); + data.page_type = params.page_type; + data.vmpl3_perms = params.vmpl3_perms; + data.vmpl2_perms = params.vmpl2_perms; + data.vmpl1_perms = params.vmpl1_perms; + ret = __sev_issue_cmd(argp->sev_fd, SEV_CMD_SNP_LAUNCH_UPDATE, + &data, error); + if (ret) { + pr_err("SEV-SNP launch update failed, ret: 0x%x, fw_error: 0x%x\n", + ret, *error); + snp_page_reclaim(pfns[i]); + + /* + * When invalid CPUID function entries are detected, the firmware + * corrects these entries for debugging purpose and leaves the + * page unencrypted so it can be provided users for debugging + * and error-reporting. + * + * Copy the corrected CPUID page back to shared memory so + * userpsace can retrieve this information. + */ + if (params.page_type == SNP_PAGE_TYPE_CPUID && + *error == SEV_RET_INVALID_PARAM) { + int ret; + + host_rmp_make_shared(pfns[i], PG_LEVEL_4K, true); + + ret = kvm_write_guest_page(kvm, gfn, kvaddr, 0, PAGE_SIZE); + if (ret) + pr_err("Failed to write CPUID page back to userspace, ret: 0x%x\n", + ret); + } + + goto e_release; + } + } + +e_release: + /* Content of memory is updated, mark pages dirty */ + for (i = 0; i < n; i++) { + set_page_dirty(pfn_to_page(pfns[i])); + mark_page_accessed(pfn_to_page(pfns[i])); + + /* + * If its an error, then update RMP entry to change page ownership + * to the hypervisor. + */ + if (ret) + host_rmp_make_shared(pfns[i], PG_LEVEL_4K, true); + + put_page(pfn_to_page(pfns[i])); + } + + kvfree(pfns); + return ret; +} + +static int snp_launch_update(struct kvm *kvm, struct kvm_sev_cmd *argp) +{ + struct kvm_sev_info *sev = &to_kvm_svm(kvm)->sev_info; + struct kvm_sev_snp_launch_update params; + + if (!sev_snp_guest(kvm)) + return -ENOTTY; + + if (!sev->snp_context) + return -EINVAL; + + if (copy_from_user(¶ms, (void __user *)(uintptr_t)argp->data, sizeof(params))) + return -EFAULT; + + return kvm_vm_do_hva_range_op(kvm, params.uaddr, params.uaddr + params.len, + snp_launch_update_gfn_handler, argp); +} + int sev_mem_enc_ioctl(struct kvm *kvm, void __user *argp) { struct kvm_sev_cmd sev_cmd; @@ -2083,6 +2261,9 @@ int sev_mem_enc_ioctl(struct kvm *kvm, void __user *argp) case KVM_SEV_SNP_LAUNCH_START: r = snp_launch_start(kvm, &sev_cmd); break; + case KVM_SEV_SNP_LAUNCH_UPDATE: + r = snp_launch_update(kvm, &sev_cmd); + break; default: r = -EINVAL; goto out; diff --git a/include/uapi/linux/kvm.h b/include/uapi/linux/kvm.h index 9fe36408d55b..6e6e3a478022 100644 --- a/include/uapi/linux/kvm.h +++ b/include/uapi/linux/kvm.h @@ -1872,6 +1872,7 @@ enum sev_cmd_id { /* SNP specific commands */ KVM_SEV_SNP_INIT, KVM_SEV_SNP_LAUNCH_START, + KVM_SEV_SNP_LAUNCH_UPDATE, KVM_SEV_NR_MAX, }; @@ -1988,6 +1989,24 @@ struct kvm_sev_snp_launch_start { __u8 pad[6]; }; +#define KVM_SEV_SNP_PAGE_TYPE_NORMAL 0x1 +#define KVM_SEV_SNP_PAGE_TYPE_VMSA 0x2 +#define KVM_SEV_SNP_PAGE_TYPE_ZERO 0x3 +#define KVM_SEV_SNP_PAGE_TYPE_UNMEASURED 0x4 +#define KVM_SEV_SNP_PAGE_TYPE_SECRETS 0x5 +#define KVM_SEV_SNP_PAGE_TYPE_CPUID 0x6 + +struct kvm_sev_snp_launch_update { + __u64 start_gfn; + __u64 uaddr; + __u32 len; + __u8 imi_page; + __u8 page_type; + __u8 vmpl3_perms; + __u8 vmpl2_perms; + __u8 vmpl1_perms; +}; + #define KVM_DEV_ASSIGN_ENABLE_IOMMU (1 << 0) #define KVM_DEV_ASSIGN_PCI_2_3 (1 << 1) #define KVM_DEV_ASSIGN_MASK_INTX (1 << 2) From patchwork Sat Dec 30 17:23:35 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Roth X-Patchwork-Id: 13506978 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 9947BC46CD2 for ; Sat, 30 Dec 2023 17:28:20 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 3BF958D001F; Sat, 30 Dec 2023 12:28:20 -0500 (EST) Received: by kanga.kvack.org (Postfix, from userid 40) id 36F4F8D0012; Sat, 30 Dec 2023 12:28:20 -0500 (EST) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 19B2A8D001F; Sat, 30 Dec 2023 12:28:20 -0500 (EST) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0015.hostedemail.com [216.40.44.15]) by kanga.kvack.org (Postfix) with ESMTP id 02A9F8D0012 for ; Sat, 30 Dec 2023 12:28:20 -0500 (EST) Received: from smtpin26.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay04.hostedemail.com (Postfix) with ESMTP id D6CE51A0A35 for ; Sat, 30 Dec 2023 17:28:19 +0000 (UTC) X-FDA: 81624168318.26.DEDB875 Received: from NAM04-DM6-obe.outbound.protection.outlook.com (mail-dm6nam04on2055.outbound.protection.outlook.com [40.107.102.55]) by imf25.hostedemail.com (Postfix) with ESMTP id 09949A0011 for ; Sat, 30 Dec 2023 17:28:16 +0000 (UTC) Authentication-Results: imf25.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b=c7z5DKbU; arc=pass ("microsoft.com:s=arcselector9901:i=1"); spf=pass (imf25.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.102.55 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com; dmarc=pass (policy=quarantine) header.from=amd.com ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1703957297; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=SzR7GW7ckpOWv9GGj1LrteQHUqD4jqbPWFD/LBADNGA=; b=bfB/AtS4oQv3T3Kd2YYDnWY9jMVz619DdNVF+ux/bQkSqdUq9wWIGJzXI/0kcQM0W8mH4q FmFqDpg773wkWwOkCunPR1i7+gAlVxenLJi9W58koSVdB8YkLjL6/kNwSimDicVJd1nEe5 R9sOQuX8VjVQoezNW9zqI8rNyw5pCHM= ARC-Seal: i=2; s=arc-20220608; d=hostedemail.com; t=1703957297; a=rsa-sha256; cv=pass; b=1zlMRA16oRQf9uN4qq9g+ZgkiW28t4re5gfIRt7Atn4gOrzW/YPxA0EgJgy79NYGG06rtM jHqchcDv7ZAH3DjA9dSauy1cKikjy+3Aa7BCAaW4v/UkQ5M70J9d0fDutj0gH+m7dFNLGV xGJs3qPCUs00islPLdyYl1rt/w/ZUyY= ARC-Authentication-Results: i=2; imf25.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b=c7z5DKbU; arc=pass ("microsoft.com:s=arcselector9901:i=1"); spf=pass (imf25.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.102.55 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com; dmarc=pass (policy=quarantine) header.from=amd.com ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=RxYiSYxezJqAkd/xVuGnx/mRv5TXTQxt02bsUdC63Jmy9zYofaGKDJzKGowpT8+nbKET1NvIurqFi1U44pc1If6CriUlen62wlApehREDAt8PEQVHHz6rscu2t2C+jjmZQVBOl0cm/Q4GAc64cxJ1lf9TuJPLHT++7tjt0W4DfNvoHEtncYBD/T2z+ZexVupBcSaN9Z1gAy+/ofi2LJD0vov9tVO0MyECvB428UwRc8uN22uunytFvlAujDVp/QHe86ycjKF0pXyHyA0zfOceI8Q+loMiBDsqmI2QQ1b83+PwKzLMIwY+MiLxb6T5G9zIP/MpoV1xOiyNbfuda1mgw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=SzR7GW7ckpOWv9GGj1LrteQHUqD4jqbPWFD/LBADNGA=; b=YrnxIxCm9vyiJ7jv2v0P2f6lscN3M8Ttz20izUZA5ovQYgs91gJ0gfnschHCfHBvP0gnz9M2aoR9R4Yl1CSkRh3zfZVEsctKLNW1g681AF/2V7hUTb/dgBcdLrztdFHk1JwQl5Tq49iKIMONvOEpBWVrQaOTWGiioAq6tCYGzmoj5XkNELV255YPgR+Mpl/oPuJ+8ArynQuMMzFIawr7TYWCRSLAVPwzZAbgJQAirPhFIzeRyY2GqoTweurahXzfjvAuajU4KQgOVFS1rKK9Po0stKCKJ82Ozi7O0vd22FYqd/4nK+/sUZTFRq1IyjMPkKPG2eHUT5rsfxQ01PdXEg== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none (0) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=SzR7GW7ckpOWv9GGj1LrteQHUqD4jqbPWFD/LBADNGA=; b=c7z5DKbUSfh+o/9nyDNUh46JFvktXBaozT91lnt6QQKhs70gynnat9cQjv7AiFsi+jZh/0txBWdQwvgPfTHKdK0KxETUkNTgqb3rzm6z0xHu4nZQxLTWyZNH5x/NfRhwsOcJgHTbGweDRlIJBctYng+QXAHe766myg/nrG0WWZk= Received: from BLAPR03CA0168.namprd03.prod.outlook.com (2603:10b6:208:32f::6) by CY8PR12MB7708.namprd12.prod.outlook.com (2603:10b6:930:87::19) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7135.22; Sat, 30 Dec 2023 17:28:11 +0000 Received: from MN1PEPF0000ECD6.namprd02.prod.outlook.com (2603:10b6:208:32f:cafe::e2) by BLAPR03CA0168.outlook.office365.com (2603:10b6:208:32f::6) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7135.20 via Frontend Transport; Sat, 30 Dec 2023 17:28:10 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by MN1PEPF0000ECD6.mail.protection.outlook.com (10.167.242.135) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.7159.9 via Frontend Transport; Sat, 30 Dec 2023 17:28:10 +0000 Received: from localhost (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.34; Sat, 30 Dec 2023 11:28:09 -0600 From: Michael Roth To: CC: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , Brijesh Singh , Harald Hoyer Subject: [PATCH v11 19/35] KVM: SEV: Add KVM_SEV_SNP_LAUNCH_FINISH command Date: Sat, 30 Dec 2023 11:23:35 -0600 Message-ID: <20231230172351.574091-20-michael.roth@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20231230172351.574091-1-michael.roth@amd.com> References: <20231230172351.574091-1-michael.roth@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: MN1PEPF0000ECD6:EE_|CY8PR12MB7708:EE_ X-MS-Office365-Filtering-Correlation-Id: 4e74950c-dd17-4e45-1154-08dc095cb1df X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: 2wG8pe444SDKC9msaCHjUFjD44wOxgXa7t+EBKn6YwsbJCd7e4kOHoIlJ9ofvMuxAmYtKDPxiGLszT4RPLyTudMGDsoGsjIImmbmHyiamhFDI+p/N6V8xmaGbATSOGeCo72iYJjhdMi9HaUQDaDgPrYg7CvWjSXfR/YtxhXJ2o4jBRJ62iCwm9ZkEZbCAXjDAzVL80/4sO5Q3cEtx0PAsiMYf1Q/M9+Qm/Yj/2udxazoSzqWLCWKD+co2T2uJ/gJKnx2znWnLEmBWkj57r9hTYjPSYHxtm1uzL+xYjDmIeB6tHaH4t0ACNw5pX2l6bGtttpEZiMQNeXDoeEVh1DGaH6gKsIahGaRh2oN7YeN44sdEIPetkYiEXQ8rUsfead0jgerFq+D90G2850QA8WWQP7nX8Lpp5rd5UjQI0pqKszDcCfM3l7oDgx+yKEtbEeR6nvrbhThICiG2WdGLED+mVA1qrCWda8Ih3C1HsxDPJVORBvCPHHAZY1DfljARtwuAV0MqJ6YzNUllz9rv/w8bw38HpoZ/1oVhoRmHt4TBSS9+mlawLj0DpYp40IL9f0QeFGDbfWLzD3YQO0wE68Ey1jr8rC/uNRjRUwNeqs7EygfvVcjtGCZEbUy5HA66dSAM9DN/5C/MC+VHVHCwe8fBgmE0MggcLr1U7DxUmkIUrYnkbwEG7HcyQxYrBl5tY6ghaPKckN636+RIkjGLANIZSlgajaLS7ffj8cvEmbckK/7kuQka5R5TZ5njc4BPDWcon3ej6Xdr8Y1Q3qbUbtLkw== X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230031)(4636009)(39860400002)(136003)(346002)(376002)(396003)(230922051799003)(186009)(64100799003)(451199024)(1800799012)(82310400011)(40470700004)(36840700001)(46966006)(40480700001)(40460700003)(426003)(336012)(2616005)(1076003)(16526019)(83380400001)(26005)(86362001)(81166007)(36756003)(356005)(82740400003)(47076005)(4326008)(44832011)(7406005)(5660300002)(7416002)(36860700001)(6666004)(54906003)(8936002)(70586007)(70206006)(8676002)(316002)(6916009)(2906002)(41300700001)(478600001)(36900700001);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 30 Dec 2023 17:28:10.4657 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 4e74950c-dd17-4e45-1154-08dc095cb1df X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: MN1PEPF0000ECD6.namprd02.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: CY8PR12MB7708 X-Stat-Signature: ncp7pey5ewfca57xhfrbc4gfksegu64z X-Rspamd-Server: rspam10 X-Rspamd-Queue-Id: 09949A0011 X-Rspam-User: X-HE-Tag: 1703957296-241011 X-HE-Meta: U2FsdGVkX1+yLCy3sF2lW5hvzEWz1IapHJSC+syBKTCrxW4BlOBo0Fae9sum+Qr3TRKgrVriPntsUaPH3/JQMH+MFDEwnvr8kLuDfHcyfn8NIxTzO3HSVIPcU0YhS7NjrzUmx8XnVENl4OmvY61aXuBSvD4ruRnDG/C0Ul6m9tc+ORf8ULEuP91427Ba3uNLnJJ4zCYmL+ctlCNl3QQZSBpImtDtc2D7YlC9Pxy9x7ztQEVnyeui/1TcrxcQGy9rDdJoTtU993x1HIiGNSiukQA/iIzJyCrQEWUDClbA+ZXySG+HeT6B1AsL9Qg+6xXRhcFXoncCH4DKYrh7ozX6GMyyjl5uXt6/2LW94EMG+urcxGl8eB474zeKjQ0qf05sbTqLNwTXllXk0Y4jXAwPHgzEsYxjbaKxWJQrHltYLnjrKeXMk1niORUIMcnUttmQ2WrwK0aqk09ccE4yo0AqNbPznJzLCEgBhGwvRsbsrjdbVMzQDy7Lm6FX8im5qw9cdUV6UGXhl3fV8nwVwb6CuB/AbY3RyPDGa9xNiSqwhTx1FlhkWK9gyj1UNxPynZJiplwxSDRfXa48AZUbAJHMA2o/s1edTU0PPymvNiKW+ERZCNkuPd6BLAjaLPF1f7i4IHtjAvpxweRd4dTsJYcSCicsdLGSlIuaZAgXewGdSabx/8DzOdQVc9jkH00P3U1/A0nFYon1yKipJVUVhE6Bt7dI/0gMgXMyx0ArEuPvIiU9DFsNPIPRPNOsdJQHcqGTYaA1g7mZ5P4vGf2xmm/q+HyIH+UePIwrAhAm6bBC82ZoflQMu+yH9a2tRc1pFeBWKB96pLRYLBjrKZE0KcHzND0zgKXOhDIvmLu+iUT3Ho+E6ERTglQOlPPRMVPLZHbMuSbSZXBUFcKMVbrzZyEoDZDFTbaivsDDmNf9TnI/NBAfDwL5avCWNwAxM3zFqrYM7Sk9bxZFs2tNB5oPYxi SGgEVsTN Yz3p9zRvMkbF5v5CUKEFSDk2hU8zSnHQe9oaz X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: From: Brijesh Singh The KVM_SEV_SNP_LAUNCH_FINISH finalize the cryptographic digest and stores it as the measurement of the guest at launch. While finalizing the launch flow, it also issues the LAUNCH_UPDATE command to encrypt the VMSA pages. If its an SNP guest, then VMSA was added in the RMP entry as a guest owned page and also removed from the kernel direct map so flush it later after it is transitioned back to hypervisor state and restored in the direct map. Signed-off-by: Brijesh Singh Signed-off-by: Harald Hoyer Signed-off-by: Ashish Kalra [mdr: always measure BSP first to get consistent launch measurements] Signed-off-by: Michael Roth --- .../virt/kvm/x86/amd-memory-encryption.rst | 24 +++ arch/x86/kvm/svm/sev.c | 146 ++++++++++++++++++ include/uapi/linux/kvm.h | 14 ++ 3 files changed, 184 insertions(+) diff --git a/Documentation/virt/kvm/x86/amd-memory-encryption.rst b/Documentation/virt/kvm/x86/amd-memory-encryption.rst index d4325b26724c..b89634cfcc06 100644 --- a/Documentation/virt/kvm/x86/amd-memory-encryption.rst +++ b/Documentation/virt/kvm/x86/amd-memory-encryption.rst @@ -513,6 +513,30 @@ Returns: 0 on success, -negative on error See the SEV-SNP spec for further details on how to build the VMPL permission mask and page type. +21. KVM_SNP_LAUNCH_FINISH +------------------------- + +After completion of the SNP guest launch flow, the KVM_SNP_LAUNCH_FINISH command can be +issued to make the guest ready for the execution. + +Parameters (in): struct kvm_sev_snp_launch_finish + +Returns: 0 on success, -negative on error + +:: + + struct kvm_sev_snp_launch_finish { + __u64 id_block_uaddr; + __u64 id_auth_uaddr; + __u8 id_block_en; + __u8 auth_key_en; + __u8 host_data[32]; + __u8 pad[6]; + }; + + +See SEV-SNP specification for further details on launch finish input parameters. + References ========== diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c index d60209e6e68b..ada40a79b2f7 100644 --- a/arch/x86/kvm/svm/sev.c +++ b/arch/x86/kvm/svm/sev.c @@ -77,6 +77,8 @@ static bool sev_snp_enabled; #define SNP_POLICY_MASK_SMT BIT_ULL(16) #define SNP_POLICY_MASK_SINGLE_SOCKET BIT_ULL(20) +#define INITIAL_VMSA_GPA 0xFFFFFFFFF000 + static u8 sev_enc_bit; static DECLARE_RWSEM(sev_deactivate_lock); static DEFINE_MUTEX(sev_bitmap_lock); @@ -749,7 +751,29 @@ static int sev_launch_update_vmsa(struct kvm *kvm, struct kvm_sev_cmd *argp) if (!sev_es_guest(kvm)) return -ENOTTY; + /* Handle boot vCPU first to ensure consistent measurement of initial state. */ + kvm_for_each_vcpu(i, vcpu, kvm) { + if (vcpu->vcpu_id != 0) + continue; + + ret = mutex_lock_killable(&vcpu->mutex); + if (ret) + return ret; + + ret = __sev_launch_update_vmsa(kvm, vcpu, &argp->error); + + mutex_unlock(&vcpu->mutex); + if (ret) + return ret; + + break; + } + + /* Handle remaining vCPUs. */ kvm_for_each_vcpu(i, vcpu, kvm) { + if (vcpu->vcpu_id == 0) + continue; + ret = mutex_lock_killable(&vcpu->mutex); if (ret) return ret; @@ -2168,6 +2192,109 @@ static int snp_launch_update(struct kvm *kvm, struct kvm_sev_cmd *argp) snp_launch_update_gfn_handler, argp); } +static int snp_launch_update_vmsa(struct kvm *kvm, struct kvm_sev_cmd *argp) +{ + struct kvm_sev_info *sev = &to_kvm_svm(kvm)->sev_info; + struct sev_data_snp_launch_update data = {}; + struct kvm_vcpu *vcpu; + unsigned long i; + int ret; + + data.gctx_paddr = __psp_pa(sev->snp_context); + data.page_type = SNP_PAGE_TYPE_VMSA; + + kvm_for_each_vcpu(i, vcpu, kvm) { + struct vcpu_svm *svm = to_svm(vcpu); + u64 pfn = __pa(svm->sev_es.vmsa) >> PAGE_SHIFT; + + /* Perform some pre-encryption checks against the VMSA */ + ret = sev_es_sync_vmsa(svm); + if (ret) + return ret; + + /* Transition the VMSA page to a firmware state. */ + ret = rmp_make_private(pfn, INITIAL_VMSA_GPA, PG_LEVEL_4K, sev->asid, true); + if (ret) + return ret; + + /* Issue the SNP command to encrypt the VMSA */ + data.address = __sme_pa(svm->sev_es.vmsa); + ret = __sev_issue_cmd(argp->sev_fd, SEV_CMD_SNP_LAUNCH_UPDATE, + &data, &argp->error); + if (ret) { + snp_page_reclaim(pfn); + return ret; + } + + svm->vcpu.arch.guest_state_protected = true; + } + + return 0; +} + +static int snp_launch_finish(struct kvm *kvm, struct kvm_sev_cmd *argp) +{ + struct kvm_sev_info *sev = &to_kvm_svm(kvm)->sev_info; + struct kvm_sev_snp_launch_finish params; + struct sev_data_snp_launch_finish *data; + void *id_block = NULL, *id_auth = NULL; + int ret; + + if (!sev_snp_guest(kvm)) + return -ENOTTY; + + if (!sev->snp_context) + return -EINVAL; + + if (copy_from_user(¶ms, (void __user *)(uintptr_t)argp->data, sizeof(params))) + return -EFAULT; + + /* Measure all vCPUs using LAUNCH_UPDATE before finalizing the launch flow. */ + ret = snp_launch_update_vmsa(kvm, argp); + if (ret) + return ret; + + data = kzalloc(sizeof(*data), GFP_KERNEL_ACCOUNT); + if (!data) + return -ENOMEM; + + if (params.id_block_en) { + id_block = psp_copy_user_blob(params.id_block_uaddr, KVM_SEV_SNP_ID_BLOCK_SIZE); + if (IS_ERR(id_block)) { + ret = PTR_ERR(id_block); + goto e_free; + } + + data->id_block_en = 1; + data->id_block_paddr = __sme_pa(id_block); + + id_auth = psp_copy_user_blob(params.id_auth_uaddr, KVM_SEV_SNP_ID_AUTH_SIZE); + if (IS_ERR(id_auth)) { + ret = PTR_ERR(id_auth); + goto e_free_id_block; + } + + data->id_auth_paddr = __sme_pa(id_auth); + + if (params.auth_key_en) + data->auth_key_en = 1; + } + + memcpy(data->host_data, params.host_data, KVM_SEV_SNP_FINISH_DATA_SIZE); + data->gctx_paddr = __psp_pa(sev->snp_context); + ret = sev_issue_cmd(kvm, SEV_CMD_SNP_LAUNCH_FINISH, data, &argp->error); + + kfree(id_auth); + +e_free_id_block: + kfree(id_block); + +e_free: + kfree(data); + + return ret; +} + int sev_mem_enc_ioctl(struct kvm *kvm, void __user *argp) { struct kvm_sev_cmd sev_cmd; @@ -2264,6 +2391,9 @@ int sev_mem_enc_ioctl(struct kvm *kvm, void __user *argp) case KVM_SEV_SNP_LAUNCH_UPDATE: r = snp_launch_update(kvm, &sev_cmd); break; + case KVM_SEV_SNP_LAUNCH_FINISH: + r = snp_launch_finish(kvm, &sev_cmd); + break; default: r = -EINVAL; goto out; @@ -2736,11 +2866,27 @@ void sev_free_vcpu(struct kvm_vcpu *vcpu) svm = to_svm(vcpu); + /* + * If its an SNP guest, then VMSA was added in the RMP entry as + * a guest owned page. Transition the page to hypervisor state + * before releasing it back to the system. + * Also the page is removed from the kernel direct map, so flush it + * later after it is transitioned back to hypervisor state and + * restored in the direct map. + */ + if (sev_snp_guest(vcpu->kvm)) { + u64 pfn = __pa(svm->sev_es.vmsa) >> PAGE_SHIFT; + + if (host_rmp_make_shared(pfn, PG_LEVEL_4K, true)) + goto skip_vmsa_free; + } + if (vcpu->arch.guest_state_protected) sev_flush_encrypted_page(vcpu, svm->sev_es.vmsa); __free_page(virt_to_page(svm->sev_es.vmsa)); +skip_vmsa_free: if (svm->sev_es.ghcb_sa_free) kvfree(svm->sev_es.ghcb_sa); } diff --git a/include/uapi/linux/kvm.h b/include/uapi/linux/kvm.h index 6e6e3a478022..5218075fe1f4 100644 --- a/include/uapi/linux/kvm.h +++ b/include/uapi/linux/kvm.h @@ -1873,6 +1873,7 @@ enum sev_cmd_id { KVM_SEV_SNP_INIT, KVM_SEV_SNP_LAUNCH_START, KVM_SEV_SNP_LAUNCH_UPDATE, + KVM_SEV_SNP_LAUNCH_FINISH, KVM_SEV_NR_MAX, }; @@ -2007,6 +2008,19 @@ struct kvm_sev_snp_launch_update { __u8 vmpl1_perms; }; +#define KVM_SEV_SNP_ID_BLOCK_SIZE 96 +#define KVM_SEV_SNP_ID_AUTH_SIZE 4096 +#define KVM_SEV_SNP_FINISH_DATA_SIZE 32 + +struct kvm_sev_snp_launch_finish { + __u64 id_block_uaddr; + __u64 id_auth_uaddr; + __u8 id_block_en; + __u8 auth_key_en; + __u8 host_data[KVM_SEV_SNP_FINISH_DATA_SIZE]; + __u8 pad[6]; +}; + #define KVM_DEV_ASSIGN_ENABLE_IOMMU (1 << 0) #define KVM_DEV_ASSIGN_PCI_2_3 (1 << 1) #define KVM_DEV_ASSIGN_MASK_INTX (1 << 2) From patchwork Sat Dec 30 17:23:36 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Roth X-Patchwork-Id: 13506979 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 3A473C46CD2 for ; Sat, 30 Dec 2023 17:28:40 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id CE6E96B00FD; Sat, 30 Dec 2023 12:28:39 -0500 (EST) Received: by kanga.kvack.org (Postfix, from userid 40) id C966E6B00FB; Sat, 30 Dec 2023 12:28:39 -0500 (EST) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id B13776B00FD; Sat, 30 Dec 2023 12:28:39 -0500 (EST) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0017.hostedemail.com [216.40.44.17]) by kanga.kvack.org (Postfix) with ESMTP id 9BD4B6B00C9 for ; Sat, 30 Dec 2023 12:28:39 -0500 (EST) Received: from smtpin21.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay10.hostedemail.com (Postfix) with ESMTP id 7A445C0542 for ; Sat, 30 Dec 2023 17:28:39 +0000 (UTC) X-FDA: 81624169158.21.E1048D9 Received: from NAM12-BN8-obe.outbound.protection.outlook.com (mail-bn8nam12on2080.outbound.protection.outlook.com [40.107.237.80]) by imf26.hostedemail.com (Postfix) with ESMTP id A0C2614000C for ; Sat, 30 Dec 2023 17:28:36 +0000 (UTC) Authentication-Results: imf26.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b=KlHN4gmt; dmarc=pass (policy=quarantine) header.from=amd.com; arc=pass ("microsoft.com:s=arcselector9901:i=1"); spf=pass (imf26.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.237.80 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1703957316; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=miccLJVGBi3hbb9h/1elk9nM/dQlCyC1MwhXZ8fGuyU=; b=EjST3PJPcLXBvw87hHrd/KhXrQlLjpooi/F9xSh6dAbAKZFrYHH53j4uIikfO5YbZ5ira6 xfGtEDdkY3q4I5C96NaZ/WA7Enu8/n/lM2EQF8a2FV6X5LrO/tRfZ8CwiHtxhU4Xm6dQXJ Y76lk/WwetmbVIQBT4MKZ8QUQIKdwGE= ARC-Authentication-Results: i=2; imf26.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b=KlHN4gmt; dmarc=pass (policy=quarantine) header.from=amd.com; arc=pass ("microsoft.com:s=arcselector9901:i=1"); spf=pass (imf26.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.237.80 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com ARC-Seal: i=2; s=arc-20220608; d=hostedemail.com; t=1703957316; a=rsa-sha256; cv=pass; b=M7YQv9oFKmHWt/fPHazJY1rL8zmsiFiHNG4PXN83dylpej2/m9iYb0zJya1XtJ8HNro7zA gDwij8v6JZynybHiAK1sDet8w2LVpoRNVBHXK5lrUolngoGmX4cTuIsa8yDhHYaT8/E6S2 6Di/O+cqqdGDkevhXzX3/TiqwZblhcU= ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=Hxm+8tTzPLuQePT/FGpLqF+Cf8KBajqOC9jRRYm8g1uB3XT9RpASGpnw1UcIoZoa7q+vSDay1d03mk1gucQzPHtM72CHT5D1iavSby0kDfB1aiyB7FQ1rXmakDAigmdbaKgsGg+QTnQHlVjOKJPvP6sRrBjfJgAlmFq7oRHlWSwU5D3WIj7DhlVB+N1ezCobwzEtQDmuCpt5lpDZD01s/fFPTbRNiVTD2B20TlunR2+kVRyFLZYldXb3NwPpJhZMWU4cePZEA49aS1L+esSSiNEx1p7+CXJ2WwMfrWxUmL67pfP3ByT7dTZTLo3GhYas+OMIDbkdl14CTScuvbMeWw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=miccLJVGBi3hbb9h/1elk9nM/dQlCyC1MwhXZ8fGuyU=; b=AoXMc2OmbekzYGxROIaISkN+xIpzIR1JDsI2Hbvc4HrtYr7oMaqot/3dklOXlCuQ6+HeanilPn9WSi0GvBI2J8Gq0NVskpBK1Rup4H0d1Hp7/THvC1r0UrXpH8dbj25iNd5X/wGGmVhOhO04Bs6hHpiCB9m1R8Z+O9bZEEZvdQ15fEF7lpl63ET7CQddIwxrRMdLW9buPsRXSbVAJMIJ9zSt7kU4R/JxN38oNKWcpR0u33ymwvyOtbfWcib1Z5czpdYRbmMS3Piv+/+uhrf7R8wpFFaZMauSIda6WIHHz5A/Twvvat745+S5pIU7OGlgIf3Bi4FAV0p/LGqKZGnCqg== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none (0) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=miccLJVGBi3hbb9h/1elk9nM/dQlCyC1MwhXZ8fGuyU=; b=KlHN4gmtrr2xm6qstH9x9SxoI7YittIPIf/04xJIY3Knx0VSKKyfkZJdkgLVExVYlpqW08Ik0erby7dbMpb9QUV3RY8WegE9sQfY+fgxP6iUQ4Y9BnCGj9BJXkgJmYGj9AJiuqmUwWsAP0ZJ1qbBzx7Y3iXcsXPYs2uxMthYHOw= Received: from BL0PR02CA0009.namprd02.prod.outlook.com (2603:10b6:207:3c::22) by CY8PR12MB8339.namprd12.prod.outlook.com (2603:10b6:930:7e::17) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7135.22; Sat, 30 Dec 2023 17:28:31 +0000 Received: from MN1PEPF0000ECD4.namprd02.prod.outlook.com (2603:10b6:207:3c:cafe::4a) by BL0PR02CA0009.outlook.office365.com (2603:10b6:207:3c::22) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7135.20 via Frontend Transport; Sat, 30 Dec 2023 17:28:31 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by MN1PEPF0000ECD4.mail.protection.outlook.com (10.167.242.132) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.7159.9 via Frontend Transport; Sat, 30 Dec 2023 17:28:31 +0000 Received: from localhost (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.34; Sat, 30 Dec 2023 11:28:30 -0600 From: Michael Roth To: CC: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , Brijesh Singh Subject: [PATCH v11 20/35] KVM: SEV: Add support to handle GHCB GPA register VMGEXIT Date: Sat, 30 Dec 2023 11:23:36 -0600 Message-ID: <20231230172351.574091-21-michael.roth@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20231230172351.574091-1-michael.roth@amd.com> References: <20231230172351.574091-1-michael.roth@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: MN1PEPF0000ECD4:EE_|CY8PR12MB8339:EE_ X-MS-Office365-Filtering-Correlation-Id: 5aaa916a-244c-4652-7fcb-08dc095cbe58 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: 6mfs5Bd1KVGTrsjXDCCqfw6IP7FU36s80CzQcCiwLD+WfzFbAtwYB+osCrUufjm3CKvUKjdHWs3yIWJntNb+0lEU55+wz3shLcp9UQDqyNzftj9BFuaAYTqO8ydtmYq53lnIP72WIyJh8MEQI2L3uEDEdZ7+0Pj1LnIVJIfH6h8cChGqhM6rwC2djTBlzNg3QgDnWAxCfw4XspjMWWA55Zj13ZC4QhdYhhegRc4lEfJZpBlWA2mpfDR2ea6Af3KzLR35UzEd7MZyxL6sp7UfhDanrkMs9yPadYweAhFmqgKY/5Q6ZyTxzNIHBx5ZsCcwhRmYemhhTGTVEGTr9S0NYrZE0C4jCqnlgZmHHBmzkmNUFvp3rdJ4U83G7wDBVkL8LWnbwFCn5r7VmjI3E8bvDQL0oHzNKbu9LsDUjRT6f+5/rduHWTRy9/aV6bJnKCFKOr3M+BnzGeqzkOeD3P92Y3FP7KC5rQAd5VP5+sPPpUYOVrQl8H5ubebdrnsbjKhlCAwrx6maD5asq3xEtmiY9k/SQk5rzC7a1PRmh3/lHBGtRkZjY2kLxZkxfT51pIeRNPMQ0H1D/ih+cETggAbdSPV+uMYYSD5ehh61WUSqI+TyiRMBVjEXVLuzlx3ECgSPqqpic0QfgFzrIo+G3FaF7DMg9bEoQKdt6NdbciN6DRCdzFsTmYl2LOtZIUat+DpPztGsaEB29tdocr0W0CadRFSO2B5h4tmGZ8Qn5nmWRhhVCjl6jU4w79Vov8YIWV0jDC+4Y7njqHeK1HlRlof/0w== X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230031)(4636009)(39860400002)(396003)(346002)(376002)(136003)(230922051799003)(451199024)(186009)(82310400011)(1800799012)(64100799003)(36840700001)(40470700004)(46966006)(2616005)(36756003)(2906002)(86362001)(70586007)(40480700001)(478600001)(6916009)(70206006)(5660300002)(7416002)(7406005)(83380400001)(426003)(336012)(16526019)(26005)(1076003)(54906003)(8936002)(8676002)(316002)(40460700003)(4326008)(44832011)(47076005)(36860700001)(41300700001)(356005)(82740400003)(81166007)(36900700001);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 30 Dec 2023 17:28:31.4254 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 5aaa916a-244c-4652-7fcb-08dc095cbe58 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: MN1PEPF0000ECD4.namprd02.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: CY8PR12MB8339 X-Rspam-User: X-Stat-Signature: tgdqs49yctxqhm9dkxd1ee4nj14hncsh X-Rspamd-Server: rspam07 X-Rspamd-Queue-Id: A0C2614000C X-HE-Tag: 1703957316-810912 X-HE-Meta: U2FsdGVkX1/wCTw7V5qQMiBHFlpvNOThK4JI5aqd1mE/OO3Q4xVB0ndrZ0rU7S1d3iDVhXvgTYAGCIL2sSKWFEwNlNqu2/f+QoIT6YX+ior4vnwve5gSFLYZYsTTNfq731uzhUa5yT/72KGh0Fx6TLKZh8UGRKfhv+uzzYOQqSmtzna/bixKFsi/RIX0hytqkWpSmOHixxL9Tcs7YhxUWgIvcCk6TMvE04udokWt2kL3M+Zi5DCBgbKsGMHFVOVqIiDY8TGY9lH0EtZkL1URHgoUt7a/nxR0SZOw8sHAL8XYdefZ9V8/be8uE1Gt3t5+5CTdiI3z981KoQ73yfyqdGOQaPCPm8UFctPrGdOeU6/WHy+cpEVWpmPpNbsur7GZZiqUmYV4LShtSpusJrBcGh9HQcWR1n2oXKLL3n0T5b6Hpvoe6QaqxCPlR99su54lJbKo2tSy1fhgdjH/c5achEyb1R2nHGAhVtcNzKmZFMU+xZHZQ5ZLtGwtEo+o3IjwvPhN4x3zIJIz0CJXS4OI/oVdwL5vdGwTmXY9kus8NH5Mcu9gaG2/2VWwsSBa1Q5KMj/yvyGoeVEMCC3w0H9FvmXk0DITxRkFgYL35NOT3kzYS28tSUgEraagntzWxuWkhxyIRtfuKxMetfPVVLZuuhMsgYgHXgX69pOSMNbReblqLm2a+ZaTUa8ruqZLIvuSxauio1facc0zcDAOUyxC/jNgxOcSLSwgeit3rnXEW80ZVloDlPWnbKRxFwXUm8Uu5VOKzdFsicqgowG0uspoz0dy7Pb74gdMFWtycrB0pypJdv4Gw2wMPchW/5wYrrmf1MrKgcdaZQgOqVyVZVrKsBZPbtg3ZB6QFv19PsGbjQlwYxI9EzqyFL5lIym7nI/B/oUwtlnpComwsZV1cywQQOYztckq47BgtpZVj6DNcRe6k9fYPr9dDyTzMs7cboxs0+6UyJ95zBT+sOeYHbO 2a5zVUdd u3XXr0nxsYd91GfVT04dsz4q89UkduP+JVZx1swkbq3yFuW7rS3L48TB/AMr94va1b7Lfnaa3f/tJ32V0pn2OQwtuSDpE7JdPXt6cRwwQojHWmmBs+G/rKwDSHc8rHBq8NvetFfjaeK48dfgZWufzBffvXPBbhswgYGAS8Hg6ORR6o4mfJOVdwVSDRBcGxMcoWrGw7idNaLskt1qEDv7al80TGwSioPc0Zev/xNAnOGDNSyq/+Ir8IAsyRCPlwqwPvY6i5apCdKgzbG6J5FgptR3JRPt2RQuxQ3OH93D2ySld6/JT611cEX6GeMsXk/6camKdMPAXYG2bjzY= X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: From: Brijesh Singh SEV-SNP guests are required to perform a GHCB GPA registration. Before using a GHCB GPA for a vCPU the first time, a guest must register the vCPU GHCB GPA. If hypervisor can work with the guest requested GPA then it must respond back with the same GPA otherwise return -1. On VMEXIT, verify that the GHCB GPA matches with the registered value. If a mismatch is detected, then abort the guest. Signed-off-by: Brijesh Singh Signed-off-by: Ashish Kalra Signed-off-by: Michael Roth --- arch/x86/include/asm/sev-common.h | 8 ++++++++ arch/x86/kvm/svm/sev.c | 27 +++++++++++++++++++++++++++ arch/x86/kvm/svm/svm.h | 7 +++++++ 3 files changed, 42 insertions(+) diff --git a/arch/x86/include/asm/sev-common.h b/arch/x86/include/asm/sev-common.h index 5a8246dd532f..1006bfffe07a 100644 --- a/arch/x86/include/asm/sev-common.h +++ b/arch/x86/include/asm/sev-common.h @@ -59,6 +59,14 @@ #define GHCB_MSR_AP_RESET_HOLD_RESULT_POS 12 #define GHCB_MSR_AP_RESET_HOLD_RESULT_MASK GENMASK_ULL(51, 0) +/* Preferred GHCB GPA Request */ +#define GHCB_MSR_PREF_GPA_REQ 0x010 +#define GHCB_MSR_GPA_VALUE_POS 12 +#define GHCB_MSR_GPA_VALUE_MASK GENMASK_ULL(51, 0) + +#define GHCB_MSR_PREF_GPA_RESP 0x011 +#define GHCB_MSR_PREF_GPA_NONE 0xfffffffffffff + /* GHCB GPA Register */ #define GHCB_MSR_REG_GPA_REQ 0x012 #define GHCB_MSR_REG_GPA_REQ_VAL(v) \ diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c index ada40a79b2f7..0b8837e21705 100644 --- a/arch/x86/kvm/svm/sev.c +++ b/arch/x86/kvm/svm/sev.c @@ -3353,6 +3353,26 @@ static int sev_handle_vmgexit_msr_protocol(struct vcpu_svm *svm) set_ghcb_msr_bits(svm, GHCB_MSR_HV_FT_RESP, GHCB_MSR_INFO_MASK, GHCB_MSR_INFO_POS); break; + case GHCB_MSR_PREF_GPA_REQ: + set_ghcb_msr_bits(svm, GHCB_MSR_PREF_GPA_NONE, GHCB_MSR_GPA_VALUE_MASK, + GHCB_MSR_GPA_VALUE_POS); + set_ghcb_msr_bits(svm, GHCB_MSR_PREF_GPA_RESP, GHCB_MSR_INFO_MASK, + GHCB_MSR_INFO_POS); + break; + case GHCB_MSR_REG_GPA_REQ: { + u64 gfn; + + gfn = get_ghcb_msr_bits(svm, GHCB_MSR_GPA_VALUE_MASK, + GHCB_MSR_GPA_VALUE_POS); + + svm->sev_es.ghcb_registered_gpa = gfn_to_gpa(gfn); + + set_ghcb_msr_bits(svm, gfn, GHCB_MSR_GPA_VALUE_MASK, + GHCB_MSR_GPA_VALUE_POS); + set_ghcb_msr_bits(svm, GHCB_MSR_REG_GPA_RESP, GHCB_MSR_INFO_MASK, + GHCB_MSR_INFO_POS); + break; + } case GHCB_MSR_TERM_REQ: { u64 reason_set, reason_code; @@ -3416,6 +3436,13 @@ int sev_handle_vmgexit(struct kvm_vcpu *vcpu) trace_kvm_vmgexit_enter(vcpu->vcpu_id, svm->sev_es.ghcb); sev_es_sync_from_ghcb(svm); + + /* SEV-SNP guest requires that the GHCB GPA must be registered */ + if (sev_snp_guest(svm->vcpu.kvm) && !ghcb_gpa_is_registered(svm, ghcb_gpa)) { + vcpu_unimpl(&svm->vcpu, "vmgexit: GHCB GPA [%#llx] is not registered.\n", ghcb_gpa); + return -EINVAL; + } + ret = sev_es_validate_vmgexit(svm); if (ret) return ret; diff --git a/arch/x86/kvm/svm/svm.h b/arch/x86/kvm/svm/svm.h index 9c633173b779..2bee24017bae 100644 --- a/arch/x86/kvm/svm/svm.h +++ b/arch/x86/kvm/svm/svm.h @@ -211,6 +211,8 @@ struct vcpu_sev_es_state { u32 ghcb_sa_len; bool ghcb_sa_sync; bool ghcb_sa_free; + + u64 ghcb_registered_gpa; }; struct vcpu_svm { @@ -354,6 +356,11 @@ static __always_inline bool sev_snp_guest(struct kvm *kvm) return sev_es_guest(kvm) && sev->snp_active; } +static inline bool ghcb_gpa_is_registered(struct vcpu_svm *svm, u64 val) +{ + return svm->sev_es.ghcb_registered_gpa == val; +} + static inline void vmcb_mark_all_dirty(struct vmcb *vmcb) { vmcb->control.clean = 0; From patchwork Sat Dec 30 17:23:37 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Roth X-Patchwork-Id: 13506981 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id C9F88C46CD2 for ; Sat, 30 Dec 2023 17:29:20 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 67F806B0137; Sat, 30 Dec 2023 12:29:20 -0500 (EST) Received: by kanga.kvack.org (Postfix, from userid 40) id 62E1F6B0139; Sat, 30 Dec 2023 12:29:20 -0500 (EST) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 480956B013C; Sat, 30 Dec 2023 12:29:20 -0500 (EST) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0012.hostedemail.com [216.40.44.12]) by kanga.kvack.org (Postfix) with ESMTP id 327AD6B0137 for ; Sat, 30 Dec 2023 12:29:20 -0500 (EST) Received: from smtpin14.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay04.hostedemail.com (Postfix) with ESMTP id 0E8351A0420 for ; Sat, 30 Dec 2023 17:29:20 +0000 (UTC) X-FDA: 81624170880.14.B0CB5EC Received: from NAM10-DM6-obe.outbound.protection.outlook.com (mail-dm6nam10on2086.outbound.protection.outlook.com [40.107.93.86]) by imf21.hostedemail.com (Postfix) with ESMTP id 269E31C000A for ; Sat, 30 Dec 2023 17:29:16 +0000 (UTC) Authentication-Results: imf21.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b=4Cz867nR; spf=pass (imf21.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.93.86 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com; dmarc=pass (policy=quarantine) header.from=amd.com; arc=pass ("microsoft.com:s=arcselector9901:i=1") ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1703957357; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=1E6m6r2qCIjTuRhxUoXmpVTjHurvP0i/fRDMy6wjg1c=; b=0vHv+WmWcY/59PrWAzidd/M1j8ZPGMY2fL4VTupXyx2QffxCl6gVtCMhoNmYmMs09obvYx hN5NuL6aSooBk0uB0/zQpYC6ON5zqUibmpCL2RqS91X1jet5gReejBjXbEKDQ+bJyE+MMW /xlBU/MiR8VoYrOJllcxY7/z1r5fH+0= ARC-Seal: i=2; s=arc-20220608; d=hostedemail.com; t=1703957357; a=rsa-sha256; cv=pass; b=I389yy9V5OrITNuNUBNpiq09NQdKngxLNL6ceVLVQdXTkoA27LXs9lg52ELOJXC0jy5FXs KioDRy66aOOQTuHFKsp2PigKpm3XRl0Ueavbc9NQQVN9mmUkgJFQWhMxFxtuSbe2JpKdAu QQkytC2PUNoIZET/xpmB+SsaLDXGwoU= ARC-Authentication-Results: i=2; imf21.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b=4Cz867nR; spf=pass (imf21.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.93.86 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com; dmarc=pass (policy=quarantine) header.from=amd.com; arc=pass ("microsoft.com:s=arcselector9901:i=1") ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=ijmVIxxAaaxZw/Rl/3nTxwUpV4AsQxIOh8fmn2vuojJO9J9wbrEj4TKLuFqZjFy8QjISu8/OWhQUOjrcs1VUuJM2lfh0dN2L7vbBOZ9n3QQAGGTGQe2xpeTj4zWVx6QbQEZXsw/weyt7KL7F2epLyv1T/jXatgf/VfcThNdtirzgb/s/4Sec4fra1GKtmgUmUbpPrkCFOVmZHhfKnM9dRoYnhuOABVaVEDsFPxWElDutzTmU11nJJY35oz967gK110Ij4+5KMp5MvL5uv/EdMTn3Loc+/7ljhYvWa7a+aHva29NpSY2pJIzu0k1LpJXWPPxhSqmh42LjN6dthJaNBg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=1E6m6r2qCIjTuRhxUoXmpVTjHurvP0i/fRDMy6wjg1c=; b=D0N/ruIyYQamMRp6RL78d1catN9xsKv5vY1lUSpJ0zS9RKBiH6yRScXoH9QNKUkT5SbpMjswePsHfJ0OzenYXpYO2snMebwa2w2/TY7C10akJaRLt821dvw/fqcueG6+B7Mb+cMLTTttzR2VeFYP2l38fNqW/CtLHEr9X8QhP2sxOE0hu5tt3vCgW8hTWCVUw+S7wmT6f7TL/FyUUZyiplQ38DJpiLYqo1SX9Ug5al3DOW08Zmp0NoxJ6cEwvLEsN8vpjcAFUUitKmKbdv7MtOyrhmWPSSD5u0i5eC0aNvuu7wPVdpULiH6rIhsGqzu4v9I929c5fdPN+nNUC8hswg== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none (0) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=1E6m6r2qCIjTuRhxUoXmpVTjHurvP0i/fRDMy6wjg1c=; b=4Cz867nRhZPJieIJwDNMbfSmbfe/rQKXI10KVaUI/nbKazviUsFBDUr/mDqwsdTsHkK63PfMUwph6Xa2OVPluLk6Bf5IOEsMkjXOhyzov35NrjGmU8aIPkwbfHfFpR/WqJltAsVQ4roCnS9MmZGqnWLwpWnpZz35TkltOvwK6lI= Received: from BL0PR02CA0034.namprd02.prod.outlook.com (2603:10b6:207:3c::47) by CY8PR12MB7585.namprd12.prod.outlook.com (2603:10b6:930:98::7) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7135.23; Sat, 30 Dec 2023 17:29:13 +0000 Received: from MN1PEPF0000ECD4.namprd02.prod.outlook.com (2603:10b6:207:3c:cafe::dd) by BL0PR02CA0034.outlook.office365.com (2603:10b6:207:3c::47) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7135.18 via Frontend Transport; Sat, 30 Dec 2023 17:29:13 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by MN1PEPF0000ECD4.mail.protection.outlook.com (10.167.242.132) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.7159.9 via Frontend Transport; Sat, 30 Dec 2023 17:29:13 +0000 Received: from localhost (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.34; Sat, 30 Dec 2023 11:29:12 -0600 From: Michael Roth To: CC: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , Brijesh Singh Subject: [PATCH v11 21/35] KVM: SEV: Add support to handle MSR based Page State Change VMGEXIT Date: Sat, 30 Dec 2023 11:23:37 -0600 Message-ID: <20231230172351.574091-22-michael.roth@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20231230172351.574091-1-michael.roth@amd.com> References: <20231230172351.574091-1-michael.roth@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: MN1PEPF0000ECD4:EE_|CY8PR12MB7585:EE_ X-MS-Office365-Filtering-Correlation-Id: 761419dc-8abc-4a1f-ef02-08dc095cd727 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: hFiSWSoZqH3eyjNHSg/FZ+PZ4A11RPwgTr3kks44gDpSRMiQS6eh5MaeNTYDizLW8z0vUXxeAvFgJaYRVdZ2gJs3bamo/GD6u8II32zzyYT+xZSKPH4keJi4/V84IPuI4RUdfbNMdsZlB4dJJB6ZcrswGc/1YWbEHf7ASM7y223J4CDCmekg2PIk9dgIp9VWYeTMXbyc66+JAvadfqYIDuegpZliHT0UrQpxEbicQtGyvcKEnO2PwWK6jyJwbNLwfQrvTL9AU6EVvVeIGqjOL8L8JyVvbowfc9QZvSaXdIMlFFTxyk1zPUSXTBieDDsuXKLzMOER/ikyLJWlZWNCRb6iA7XP8kXuCylY07KkvKy4KKAJ9zZhtnLqy/AAR+jMR5BbRuhYanh2XHV1Kr0FZ4Rum1XEx7ug+EymMzie+9+lXfI346bhvzyAAQ4Fmh3nW9WAlAfxbRXeanrD/3fNoTR92EUULjESmnKnGYG8wK1JgxCoxWBNScvpDf035kv8a7DO0lBK5cDXw3o9aQSQDfTIem8Z1zxg6hmkEt7zQQ86MdZBwzgLqxrUYIdmbDN0NL23Qs2kN745TS/OBYX2GQbieL9lSeoWL3LwW9zbHq4nzX/2IqT8PYdlPdzt3vo2SUeNdhP+enXWs6TkOGjNIRW2X02oGg4iKA1+fH7tKS8sVszzdsW1ZGGbx1wtFq16J7F7VFAMtgsUtkwwSqn713+H3bgiZuD5aiyZKzdulbB8BD0WTiPwSeshIYUGyz8dSB2XEtDoeViH+iLWV1+x0A== X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230031)(4636009)(39860400002)(376002)(346002)(136003)(396003)(230922051799003)(82310400011)(451199024)(186009)(1800799012)(64100799003)(40470700004)(36840700001)(46966006)(336012)(426003)(83380400001)(26005)(16526019)(1076003)(2616005)(47076005)(36860700001)(5660300002)(44832011)(8936002)(8676002)(4326008)(41300700001)(7406005)(7416002)(2906002)(478600001)(6666004)(316002)(6916009)(54906003)(70206006)(70586007)(36756003)(82740400003)(356005)(81166007)(86362001)(40480700001)(40460700003)(36900700001);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 30 Dec 2023 17:29:13.0658 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 761419dc-8abc-4a1f-ef02-08dc095cd727 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: MN1PEPF0000ECD4.namprd02.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: CY8PR12MB7585 X-Rspamd-Queue-Id: 269E31C000A X-Rspam-User: X-Stat-Signature: qteiuhhb6raa3ixzna7ictkxgqe6mu89 X-Rspamd-Server: rspam03 X-HE-Tag: 1703957356-883827 X-HE-Meta: U2FsdGVkX1+aKeRQtAWVscGjNYyhcAHAi7WdJmKteKB5P/A9+/6HAPKE90DukZIQOcxmk6HdyUsMBI/ZDJLIG5Agm/RVgmZgMSPFrwoe9wg8R4OJiIFgtLgG4/bC5Q6avtK2FmyHywqeYFekqRVAPb1Qg5Z5RnUzKNv/bkW9aIu37uNWuLkq6hggz9AmsiHbQrMGM9+zx9jCLCMAJDpG9oBtP8RWftz1MMIpN8k0sDuCOjkcBSmrxzS3eH4ryOm1O1IcHZ8n2dXsRjWZS+DmYtHRlzvfZQwuD5kDxUD8WClo6gjURW9yjTkhZo3w0XzYAnJd5XhbtticIWwVZnlHkNyGn3S8vMfNXHylYcjTCJh0QTI1neTauFqGpkxbkeyqX3l6qKv/OjpmgTD10CBpfzxszXk9Ui0lJufoaTOBNTS9Gr+mzoMWFG78o/DKnDoo3+qHPt2dgwMNorjsAsa9LTBEl+pcmmbCVSkfS+VjxmVyFSDb/8iPyBGYPDA65ouWCe/9knvUVuMHZMLJYXmdhMN+zY59Cl0a+sTK0csIDA8TK9LTSebXBFuXgKVR1D/VuQbwIpOmjuqBQeq9y3Y7DVthn5Q4M7AMfrU1odHGVmbcyFGUdcpEaOFdKkwnn6ZSzV7spj1+1/H7Vb18tNLMs04+MjW9JbZjyjMWwUx9c0tBjoCKcJO8wxFdfIzaXHalHRwtmhTWthbRriVFYk5N2ONsOlIC04csXwwEK9xcc61ymAtCddS1oXspH7QibiA1hbl1ZZKJjYpPLE/ItGNaWdfxWDNTDkCTz7dNyB3ZAbsHfWfyeP+yg+gm7QkW5CrNQWe+PeImoV07+caRBdvQ3NfPLWWr9KJVH0Nq0ovqeEnogZRzSR8tJBWMrBwFGGBTzXSbinyv4UDP3vk4qgvL0N1KtKlyCXucoP2lxONqNm0XKsJ5404pgRAdTM2wLlrxJ55Y3PU6mkcFwmMi3GX PotZMDqV dFtTyVdx+2B8HpdQQKkESKdjfSyBxW66y3LTctFoCsODYxiKSdsO1aHXWjjdOY2Dt/0ngRjKJlnhoJpSG5hFNsyR2eFJ+NHvglDkhW0CUPyGfbn9EwHrJQNg43Diwi369gVZlwp2ARGDzlglJ4D88UbyavHDVZ2TQ8RRkZAWhbsGeCyLpVXJVbvCFa1dhiJPVr568zT1HI4Aw2CN/T5W/yVXZBu+9JN7M9n7qDNyCdIyt/gx+NazxqTpsFGHnEhtFGO5geXZ9tds0vNHZOtCuWvYEJVhFZwH2b4iCm2qHrQviVr2eueIrQ99b5VRloyndLvXOZTKsK3t7+o0= X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: From: Brijesh Singh SEV-SNP VMs can ask the hypervisor to change the page state in the RMP table to be private or shared using the Page State Change MSR protocol as defined in the GHCB specification. When using gmem, private/shared memory is allocated through separate pools, and KVM relies on userspace issuing a KVM_SET_MEMORY_ATTRIBUTES KVM ioctl to tell the KVM MMU whether or not a particular GFN should be backed by private memory or not. Forward these page state change requests to userspace so that it can issue the expected KVM ioctls. The KVM MMU will handle updating the RMP entries when it is ready to map a private page into a guest. Define a new KVM_EXIT_VMGEXIT for exits of this type, and structure it so that it can be extended for other cases where VMGEXITs need some level of handling in userspace. Co-developed-by: Michael Roth Signed-off-by: Michael Roth Signed-off-by: Brijesh Singh Signed-off-by: Ashish Kalra --- Documentation/virt/kvm/api.rst | 33 +++++++++++++++++++++++++++++++ arch/x86/include/asm/sev-common.h | 6 ++++++ arch/x86/kvm/svm/sev.c | 33 +++++++++++++++++++++++++++++++ include/uapi/linux/kvm.h | 17 ++++++++++++++++ 4 files changed, 89 insertions(+) diff --git a/Documentation/virt/kvm/api.rst b/Documentation/virt/kvm/api.rst index 3ec0b7a455a0..682490230feb 100644 --- a/Documentation/virt/kvm/api.rst +++ b/Documentation/virt/kvm/api.rst @@ -7031,6 +7031,39 @@ Please note that the kernel is allowed to use the kvm_run structure as the primary storage for certain register types. Therefore, the kernel may use the values in kvm_run even if the corresponding bit in kvm_dirty_regs is not set. +:: + + /* KVM_EXIT_VMGEXIT */ + struct kvm_user_vmgexit { + #define KVM_USER_VMGEXIT_PSC_MSR 1 + __u32 type; /* KVM_USER_VMGEXIT_* type */ + union { + struct { + __u64 gpa; + #define KVM_USER_VMGEXIT_PSC_MSR_OP_PRIVATE 1 + #define KVM_USER_VMGEXIT_PSC_MSR_OP_SHARED 2 + __u8 op; + __u32 ret; + } psc_msr; + }; + }; + +If exit reason is KVM_EXIT_VMGEXIT then it indicates that an SEV-SNP guest +has issued a VMGEXIT instruction (as documented by the AMD Architecture +Programmer's Manual (APM)) to the hypervisor that needs to be serviced by +userspace. These are generally handled by the host kernel, but in some +cases some aspects handling a VMGEXIT are handled by userspace. + +A kvm_user_vmgexit structure is defined to encapsulate the data to be +sent to or returned by userspace. The type field defines the specific type +of exit that needs to be serviced, and that type is used as a discriminator +to determine which union type should be used for input/output. + +For the KVM_USER_VMGEXIT_PSC_MSR type, the psc_msr union type is used. The +kernel will supply the 'gpa' and 'op' fields, and userspace is expected to +update the private/shared state of the GPA using the corresponding +KVM_SET_MEMORY_ATTRIBUTES ioctl. The 'ret' field is to be set to 0 by +userpace on success, or some non-zero value on failure. 6. Capabilities that can be enabled on vCPUs ============================================ diff --git a/arch/x86/include/asm/sev-common.h b/arch/x86/include/asm/sev-common.h index 1006bfffe07a..6d68db812de1 100644 --- a/arch/x86/include/asm/sev-common.h +++ b/arch/x86/include/asm/sev-common.h @@ -101,11 +101,17 @@ enum psc_op { /* GHCBData[11:0] */ \ GHCB_MSR_PSC_REQ) +#define GHCB_MSR_PSC_REQ_TO_GFN(msr) (((msr) & GENMASK_ULL(51, 12)) >> 12) +#define GHCB_MSR_PSC_REQ_TO_OP(msr) (((msr) & GENMASK_ULL(55, 52)) >> 52) + #define GHCB_MSR_PSC_RESP 0x015 #define GHCB_MSR_PSC_RESP_VAL(val) \ /* GHCBData[63:32] */ \ (((u64)(val) & GENMASK_ULL(63, 32)) >> 32) +/* Set highest bit as a generic error response */ +#define GHCB_MSR_PSC_RESP_ERROR (BIT_ULL(63) | GHCB_MSR_PSC_RESP) + /* GHCB Hypervisor Feature Request/Response */ #define GHCB_MSR_HV_FT_REQ 0x080 #define GHCB_MSR_HV_FT_RESP 0x081 diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c index 0b8837e21705..37e65d5700b8 100644 --- a/arch/x86/kvm/svm/sev.c +++ b/arch/x86/kvm/svm/sev.c @@ -3275,6 +3275,36 @@ static void set_ghcb_msr(struct vcpu_svm *svm, u64 value) svm->vmcb->control.ghcb_gpa = value; } +static int snp_complete_psc_msr(struct kvm_vcpu *vcpu) +{ + struct vcpu_svm *svm = to_svm(vcpu); + u64 vmm_ret = vcpu->run->vmgexit.psc_msr.ret; + + set_ghcb_msr(svm, (vmm_ret << 32) | GHCB_MSR_PSC_RESP); + + return 1; /* resume guest */ +} + +static int snp_begin_psc_msr(struct kvm_vcpu *vcpu, u64 ghcb_msr) +{ + u64 gpa = gfn_to_gpa(GHCB_MSR_PSC_REQ_TO_GFN(ghcb_msr)); + u8 op = GHCB_MSR_PSC_REQ_TO_OP(ghcb_msr); + struct vcpu_svm *svm = to_svm(vcpu); + + if (op != SNP_PAGE_STATE_PRIVATE && op != SNP_PAGE_STATE_SHARED) { + set_ghcb_msr(svm, GHCB_MSR_PSC_RESP_ERROR); + return 1; /* resume guest */ + } + + vcpu->run->exit_reason = KVM_EXIT_VMGEXIT; + vcpu->run->vmgexit.type = KVM_USER_VMGEXIT_PSC_MSR; + vcpu->run->vmgexit.psc_msr.gpa = gpa; + vcpu->run->vmgexit.psc_msr.op = op; + vcpu->arch.complete_userspace_io = snp_complete_psc_msr; + + return 0; /* forward request to userspace */ +} + static int sev_handle_vmgexit_msr_protocol(struct vcpu_svm *svm) { struct vmcb_control_area *control = &svm->vmcb->control; @@ -3373,6 +3403,9 @@ static int sev_handle_vmgexit_msr_protocol(struct vcpu_svm *svm) GHCB_MSR_INFO_POS); break; } + case GHCB_MSR_PSC_REQ: + ret = snp_begin_psc_msr(vcpu, control->ghcb_gpa); + break; case GHCB_MSR_TERM_REQ: { u64 reason_set, reason_code; diff --git a/include/uapi/linux/kvm.h b/include/uapi/linux/kvm.h index 5218075fe1f4..62093ddf7ec3 100644 --- a/include/uapi/linux/kvm.h +++ b/include/uapi/linux/kvm.h @@ -167,6 +167,20 @@ struct kvm_xen_exit { } u; }; +struct kvm_user_vmgexit { +#define KVM_USER_VMGEXIT_PSC_MSR 1 + __u32 type; /* KVM_USER_VMGEXIT_* type */ + union { + struct { + __u64 gpa; +#define KVM_USER_VMGEXIT_PSC_MSR_OP_PRIVATE 1 +#define KVM_USER_VMGEXIT_PSC_MSR_OP_SHARED 2 + __u8 op; + __u32 ret; + } psc_msr; + }; +}; + #define KVM_S390_GET_SKEYS_NONE 1 #define KVM_S390_SKEYS_MAX 1048576 @@ -210,6 +224,7 @@ struct kvm_xen_exit { #define KVM_EXIT_NOTIFY 37 #define KVM_EXIT_LOONGARCH_IOCSR 38 #define KVM_EXIT_MEMORY_FAULT 39 +#define KVM_EXIT_VMGEXIT 40 /* For KVM_EXIT_INTERNAL_ERROR */ /* Emulate instruction failed. */ @@ -470,6 +485,8 @@ struct kvm_run { __u64 gpa; __u64 size; } memory_fault; + /* KVM_EXIT_VMGEXIT */ + struct kvm_user_vmgexit vmgexit; /* Fix the size of the union. */ char padding[256]; }; From patchwork Sat Dec 30 17:23:38 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Roth X-Patchwork-Id: 13506982 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 775F5C46CD2 for ; Sat, 30 Dec 2023 17:29:42 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 0A28B6B00AA; Sat, 30 Dec 2023 12:29:42 -0500 (EST) Received: by kanga.kvack.org (Postfix, from userid 40) id 03C0F6B0153; Sat, 30 Dec 2023 12:29:41 -0500 (EST) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id E1D916B0155; Sat, 30 Dec 2023 12:29:41 -0500 (EST) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0015.hostedemail.com [216.40.44.15]) by kanga.kvack.org (Postfix) with ESMTP id CD6166B0152 for ; Sat, 30 Dec 2023 12:29:41 -0500 (EST) Received: from smtpin05.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay08.hostedemail.com (Postfix) with ESMTP id A2147140304 for ; Sat, 30 Dec 2023 17:29:41 +0000 (UTC) X-FDA: 81624171762.05.5AFF438 Received: from NAM12-MW2-obe.outbound.protection.outlook.com (mail-mw2nam12on2085.outbound.protection.outlook.com [40.107.244.85]) by imf19.hostedemail.com (Postfix) with ESMTP id 9EF311A0018 for ; Sat, 30 Dec 2023 17:29:38 +0000 (UTC) Authentication-Results: imf19.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b=gqn3Yr46; dmarc=pass (policy=quarantine) header.from=amd.com; arc=pass ("microsoft.com:s=arcselector9901:i=1"); spf=pass (imf19.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.244.85 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1703957378; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=moebtuYTyEc0/LE1dW8F46TzLn10L89AmkiC0kglrVY=; b=NyCJKxCBiXx7SOmoy80N1IlwV3gK0Yi+J9AywrUL77L+rQseG2HvldtCHIYU1N/Nv0rxnq FmrX+IiXJ19l83VWhQhy1z0WK77BcZLUIwnQxQPLgH/c9AkDFOSNM/m0Oozisu0xq1M2hj mJ96FtE2Xkf/r/IqqNP6U9RUiWaEcjI= ARC-Authentication-Results: i=2; imf19.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b=gqn3Yr46; dmarc=pass (policy=quarantine) header.from=amd.com; arc=pass ("microsoft.com:s=arcselector9901:i=1"); spf=pass (imf19.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.244.85 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com ARC-Seal: i=2; s=arc-20220608; d=hostedemail.com; t=1703957378; a=rsa-sha256; cv=pass; b=0MCBYCDVrz36jYx90CjRfgvqJRP9S3wkgX3o7/5qcV9q9q/zE++1adGrZ+71rhZ6QG73Om 0VdpPhkY+zXeCoDeasl7BLwSnwJ6jX2Uec2RduDZ+2rp45W+ASE0uXFt6jEf6NvyN58GQD 6Ks5UVuOqV9dfvHfJjbmERmjNJUTwGU= ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=Wz+XZ/DLYXvdl+aku87UeCyPz9OPwVAG3xhDqJPdC4Or9YhyrJiBoEKcAsACbg6+20QfGCHxnxlmbvYpcXHNmZhkM8lrxxVINZKB8RiaYXNaOoTVeqw/3K1RXQVFYMehJFoHcy3A7AtnHMKsbcVPEF5SxAu7HN8nLI2OUstOMxUnGICDdv4Nd2jD2Kw8Ao+C1Ws0P1NbADQgFz3Ge82qh83iVtKouYc+Pyao1xg8Ru7Sf72mq+EOLcU2JAs3Y2PniV6CATDF8xHylMTOm36fNE4IrKbdhJ54WvjfWDvYhi02MioMNjcv03h094Mq8Wya7C9gfkfa2NDwns1gN5dz/g== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=moebtuYTyEc0/LE1dW8F46TzLn10L89AmkiC0kglrVY=; b=n5jU9SjT3iGNSzpWLmvQuyTJU6Lo8rrKTmvR5+GL4VXpbN6+6XRqB2c8fn9RB9EVReTmUKQHUXNeTwZXiGqxa48oV88jabmTSd4DktTSJq4OvF9vKLQhUQeY1wlNvaOL63S/sV7FddUISEXqgUIXZwiRUlAUvlFYSVXsrCxFZDotuknkbVvnwipYtzncV4Enh3HM+x/+Q3Hqz/FgzAx1NhjOHWCW2szs229N60d/a25BPXzIhIWk/Vky4hrco5evjg3Jxq0jElxIZ/GPjnBEXE/jpww8MPySCeGeVgSuj/EJdSIcn/rjmBRxLhM27dwzH6NBzrQiggi3sPcsQ4twog== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none (0) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=moebtuYTyEc0/LE1dW8F46TzLn10L89AmkiC0kglrVY=; b=gqn3Yr46x7DkRsras/Y5Q+APwc9arQpNXZBl/3ogk68Fkwrwf6TAI1WsJCQDi1sAka3M+jUPERI0T+TpYbD7vkpgQjLEDCbqf3DK+1hhFXGlFxlCPZ+HYsSWzbK0sYUunG6JPWYpbFNXoMPh3YjNVhGiwAGMJMqVa9n2P3HIPs0= Received: from MN2PR04CA0016.namprd04.prod.outlook.com (2603:10b6:208:d4::29) by DM6PR12MB4401.namprd12.prod.outlook.com (2603:10b6:5:2a9::15) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7135.23; Sat, 30 Dec 2023 17:29:33 +0000 Received: from MN1PEPF0000ECDB.namprd02.prod.outlook.com (2603:10b6:208:d4:cafe::25) by MN2PR04CA0016.outlook.office365.com (2603:10b6:208:d4::29) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7113.27 via Frontend Transport; Sat, 30 Dec 2023 17:29:33 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by MN1PEPF0000ECDB.mail.protection.outlook.com (10.167.242.139) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.7159.9 via Frontend Transport; Sat, 30 Dec 2023 17:29:33 +0000 Received: from localhost (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.34; Sat, 30 Dec 2023 11:29:33 -0600 From: Michael Roth To: CC: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , Brijesh Singh Subject: [PATCH v11 22/35] KVM: SEV: Add support to handle Page State Change VMGEXIT Date: Sat, 30 Dec 2023 11:23:38 -0600 Message-ID: <20231230172351.574091-23-michael.roth@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20231230172351.574091-1-michael.roth@amd.com> References: <20231230172351.574091-1-michael.roth@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: MN1PEPF0000ECDB:EE_|DM6PR12MB4401:EE_ X-MS-Office365-Filtering-Correlation-Id: ef2210a5-70ca-4218-2653-08dc095ce38d X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: TIzICcJpbjg4dg273j2AGiXggZ3E/t6A8mga/ux+2XDcreqdQVt5cmehu3V4i6Z1EQ+9homr9CqDWtdC//nQRB+/+GJ2MA68vM3SDjxwt22darq80OVHwvzqp/S4ea2jJAlsuhHZcuhUmYGi7C5AirDJxKPfl+Tzih7YXYXnh+0cCwb9KJNemXcPSl0j379wo4AY4EvODIQYKaoZHO5/xk6/Nak9i4buK5UEAjeoBrjkbgXGPzul+urq6ba3SNggoaQYv6ygX4VCPxw2Wc6+CNxl2YYw3zvVZB1fIeULAtOfo7dkw3v+phbc9QJt0Em/qW2IXkmyU46HRMFvo6/9HlVNBS1j8nTMpb1v/UhOOFLloeCWfrDAi5LEPvN9OZE7JLlotAOmVoqHcyMHmwNWUUro6TI526baEJzWaTcQTDgrKtcB2aGOgl3yEWTSMPh+eyQJ+JGfwSBMctw4hL4Uj5FjXy/3Pmq/e7rPsdVClKP/rg0AScalIfIlO4FcmU0g+qK+rniV9NVZFgrYmM4lT8JEFst/+8sTikngJTHhFNEhtV7AbjwI7KtY22isjXJ36zUJk5pGbRgbUYTp5nx/BF0+hgeARZ+HcdD96esEbWuUPTGGtYog0BGOU9SyM6gH3OUEZG7bGz+Ae+itC+GrlQdwEvkb5YAv6IXKnuVymZ2N1uDswkzzYwhxC/oQoyBIA9h4I1FZzVT21bJS+AarP7cr7xAJtciNWyJw+I5dnrrSirsGGw5xvF8t+g0RyZyUFUJV4ukH8rEXrzJxla9EdQ== X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230031)(4636009)(136003)(346002)(396003)(39860400002)(376002)(230922051799003)(186009)(1800799012)(64100799003)(82310400011)(451199024)(40470700004)(46966006)(36840700001)(36860700001)(478600001)(40460700003)(41300700001)(82740400003)(44832011)(356005)(6916009)(36756003)(4326008)(86362001)(316002)(81166007)(54906003)(70206006)(70586007)(47076005)(336012)(426003)(16526019)(26005)(1076003)(40480700001)(83380400001)(8936002)(8676002)(2616005)(2906002)(5660300002)(7416002)(7406005)(36900700001);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 30 Dec 2023 17:29:33.8462 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: ef2210a5-70ca-4218-2653-08dc095ce38d X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: MN1PEPF0000ECDB.namprd02.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM6PR12MB4401 X-Rspamd-Queue-Id: 9EF311A0018 X-Rspam-User: X-Rspamd-Server: rspam05 X-Stat-Signature: ok1s9od5knbc6munht51gqmp946omjs8 X-HE-Tag: 1703957378-604195 X-HE-Meta: U2FsdGVkX1/lbyvOQCyhjzfG0B5Ycc2WaKKzaz/HmwlCX51wW33V6nBmXYXhH4z0DO8pVti71QxK7z6Gej+Zh8X6inDw0pTtMr3x0OCVVRtxOCkV3/wygtqeVOgHZUczYOucR5HNf+qlPidup5eA+F7I/LaeoAlQ63lVzCVXWg9h6ZK4m2bL1a3YhwX8Z2Zz1DUsNLsNL5dAeW47+DD+FCYH8wwc9E2nFxhaCtrmNxtBn2g5bEETY+Bx9FmeBq4UhEjsXGp2lt0sHjhdQ1qEQ764A6hVde2JMJJnEqgbTeS+oqr/6uGjTLnfyZQpcrh5VhHBPogS07daRD2v8cWTzVq6gXKssewqZo/CxeKDNvNnc4FOd7sfSIs0T8ZHmnOlR58QjVQezgm3xbiQ3UyUNfXZPnYc2M11oKX4Cqc4ahG8t/jsXfO/7x3Ri/H71m1Th7QpwK3ovIdnlouD0i/7udIIGTJ+rkaoLBlUNGCPUtJrr9YYvRtMrq3Cg52P7yZPTKJYvUn3ARcRK17Z7bORoCqw8quH3mpIfUCKqIT1LU2sEl800XCTSv5epb4zGJLcNcJTp2yfd4PDkoioPx/Xpze20w+WETgaDi6fkgvhBQ2uLWW2wfMTTHSU8sJ46CjsXbf9g5CmrsxslzwKDslad+JNSap0kdxtSZaxfGFPUQ0tnQSItr1rypITbw6x/A5iW3ei6QdYA1xqwwveXsaDC9PLsPHMBiY5i3DNW/rzYzWdeRcgU03YzebKU4s2g7dvDyyJq2tfkkTx9Yxb6YBqMA917Aa3fAg1LgWbjYQ6AIrq+zUPu6UNtR/J7xfxoahpDViQ5BtcmHxA9Tfch0jwC9ymLQGMrwGYFCWi8KHn08vW3QOtVdmhGEJIhLV4I9dWS7puHEDKwzfmYDIq2COPTX1kbtmigUlDcLJXBeICbO1FB+B64QT3hQD/qqlAqDUqMWuZ0xyWIeGnvHwutk7 lvE41rxZ aeqjXKmTZDInEyr4OXjNVChr3BXnsDrsBOwYOqY74YcaePOsvKZmhBEcyHBQISau7xfKvDN8NCRsp8GMNMdXV8jJhtjQeHqBteNsqvHWKs5/yA0mlBeAxwP3KyIRPiytGsNYor6WG76RDnii6RjWc6t4glvJt8dL+6yo4acB7tTVTnlThlu86rMVs49NT1NRqWL3R5WQxEfGYtzXwsrvbA4yjnewhzsoRQ2iH6Px7STuuDlUiZ5zBhHdLBKZijEDVagL9j5YvejDEIkU2TTxW2SmPBaRfIbFpz8MykaM7/NHiM3Wzf3D4hLZkRpxYNRNB4Bj1DbPdX94T97U= X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: From: Brijesh Singh SEV-SNP VMs can ask the hypervisor to change the page state in the RMP table to be private or shared using the Page State Change NAE event as defined in the GHCB specification version 2. Forward these requests to userspace as KVM_EXIT_VMGEXITs, similar to how it is done for requests that don't use a GHCB page. Co-developed-by: Michael Roth Signed-off-by: Michael Roth Signed-off-by: Brijesh Singh Signed-off-by: Ashish Kalra --- Documentation/virt/kvm/api.rst | 14 ++++++++++++++ arch/x86/kvm/svm/sev.c | 16 ++++++++++++++++ include/uapi/linux/kvm.h | 5 +++++ 3 files changed, 35 insertions(+) diff --git a/Documentation/virt/kvm/api.rst b/Documentation/virt/kvm/api.rst index 682490230feb..2a526b4f8e06 100644 --- a/Documentation/virt/kvm/api.rst +++ b/Documentation/virt/kvm/api.rst @@ -7036,6 +7036,7 @@ values in kvm_run even if the corresponding bit in kvm_dirty_regs is not set. /* KVM_EXIT_VMGEXIT */ struct kvm_user_vmgexit { #define KVM_USER_VMGEXIT_PSC_MSR 1 + #define KVM_USER_VMGEXIT_PSC 2 __u32 type; /* KVM_USER_VMGEXIT_* type */ union { struct { @@ -7045,9 +7046,14 @@ values in kvm_run even if the corresponding bit in kvm_dirty_regs is not set. __u8 op; __u32 ret; } psc_msr; + struct { + __u64 shared_gpa; + __u64 ret; + } psc; }; }; + If exit reason is KVM_EXIT_VMGEXIT then it indicates that an SEV-SNP guest has issued a VMGEXIT instruction (as documented by the AMD Architecture Programmer's Manual (APM)) to the hypervisor that needs to be serviced by @@ -7065,6 +7071,14 @@ update the private/shared state of the GPA using the corresponding KVM_SET_MEMORY_ATTRIBUTES ioctl. The 'ret' field is to be set to 0 by userpace on success, or some non-zero value on failure. +For the KVM_USER_VMGEXIT_PSC type, the psc union type is used. The kernel +will supply the GPA of the Page State Structure defined in the GHCB spec. +Userspace will process this structure as defined by the GHCB, and issue +KVM_SET_MEMORY_ATTRIBUTES ioctls to set the GPAs therein to the expected +private/shared state. Userspace will return a value in 'ret' that is in +agreement with the GHCB-defined return values that the guest will expect +in the SW_EXITINFO2 field of the GHCB in response to these requests. + 6. Capabilities that can be enabled on vCPUs ============================================ diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c index 37e65d5700b8..8b6143110411 100644 --- a/arch/x86/kvm/svm/sev.c +++ b/arch/x86/kvm/svm/sev.c @@ -3087,6 +3087,7 @@ static int sev_es_validate_vmgexit(struct vcpu_svm *svm) case SVM_VMGEXIT_AP_JUMP_TABLE: case SVM_VMGEXIT_UNSUPPORTED_EVENT: case SVM_VMGEXIT_HV_FEATURES: + case SVM_VMGEXIT_PSC: break; default: reason = GHCB_ERR_INVALID_EVENT; @@ -3305,6 +3306,15 @@ static int snp_begin_psc_msr(struct kvm_vcpu *vcpu, u64 ghcb_msr) return 0; /* forward request to userspace */ } +static int snp_complete_psc(struct kvm_vcpu *vcpu) +{ + struct vcpu_svm *svm = to_svm(vcpu); + + ghcb_set_sw_exit_info_2(svm->sev_es.ghcb, vcpu->run->vmgexit.psc.ret); + + return 1; /* resume guest */ +} + static int sev_handle_vmgexit_msr_protocol(struct vcpu_svm *svm) { struct vmcb_control_area *control = &svm->vmcb->control; @@ -3542,6 +3552,12 @@ int sev_handle_vmgexit(struct kvm_vcpu *vcpu) ret = 1; break; + case SVM_VMGEXIT_PSC: + vcpu->run->exit_reason = KVM_EXIT_VMGEXIT; + vcpu->run->vmgexit.type = KVM_USER_VMGEXIT_PSC; + vcpu->run->vmgexit.psc.shared_gpa = svm->sev_es.sw_scratch; + vcpu->arch.complete_userspace_io = snp_complete_psc; + break; case SVM_VMGEXIT_UNSUPPORTED_EVENT: vcpu_unimpl(vcpu, "vmgexit: unsupported event - exit_info_1=%#llx, exit_info_2=%#llx\n", diff --git a/include/uapi/linux/kvm.h b/include/uapi/linux/kvm.h index 62093ddf7ec3..e0599144387b 100644 --- a/include/uapi/linux/kvm.h +++ b/include/uapi/linux/kvm.h @@ -169,6 +169,7 @@ struct kvm_xen_exit { struct kvm_user_vmgexit { #define KVM_USER_VMGEXIT_PSC_MSR 1 +#define KVM_USER_VMGEXIT_PSC 2 __u32 type; /* KVM_USER_VMGEXIT_* type */ union { struct { @@ -178,6 +179,10 @@ struct kvm_user_vmgexit { __u8 op; __u32 ret; } psc_msr; + struct { + __u64 shared_gpa; + __u64 ret; + } psc; }; }; From patchwork Sat Dec 30 17:23:39 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Roth X-Patchwork-Id: 13506983 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 1965EC46CD2 for ; Sat, 30 Dec 2023 17:30:08 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id A77416B0165; Sat, 30 Dec 2023 12:30:07 -0500 (EST) Received: by kanga.kvack.org (Postfix, from userid 40) id A26156B0166; Sat, 30 Dec 2023 12:30:07 -0500 (EST) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 8A94A6B0168; Sat, 30 Dec 2023 12:30:07 -0500 (EST) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0013.hostedemail.com [216.40.44.13]) by kanga.kvack.org (Postfix) with ESMTP id 7958F6B0165 for ; Sat, 30 Dec 2023 12:30:07 -0500 (EST) Received: from smtpin02.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay04.hostedemail.com (Postfix) with ESMTP id 54A3A1A0438 for ; Sat, 30 Dec 2023 17:30:07 +0000 (UTC) X-FDA: 81624172854.02.C9776DD Received: from NAM02-SN1-obe.outbound.protection.outlook.com (mail-sn1nam02on2076.outbound.protection.outlook.com [40.107.96.76]) by imf16.hostedemail.com (Postfix) with ESMTP id 5027618001A for ; Sat, 30 Dec 2023 17:30:04 +0000 (UTC) Authentication-Results: imf16.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b=BeB4lGRK; dmarc=pass (policy=quarantine) header.from=amd.com; arc=pass ("microsoft.com:s=arcselector9901:i=1"); spf=pass (imf16.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.96.76 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1703957404; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=wTyI3sNoMDHNrgGrZG7JKocHTvFM31hLve+xo3xbn24=; b=Y0bGn4XdZuqOG9FWlJAQX6HMJ25zW977wxMtEQJEG1K9tWSNoANm2g2ZZxKGhFC1kbxvqX SQZbLxgVTksbzLLyHrDITimq7Um/0eLKb57mLNg5P4ynB0G3jyq5Ts96EWoRZKPPE3UNRO yhC+NZsR+3bu1J2CH9xjNoO+h+A1Osw= ARC-Authentication-Results: i=2; imf16.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b=BeB4lGRK; dmarc=pass (policy=quarantine) header.from=amd.com; arc=pass ("microsoft.com:s=arcselector9901:i=1"); spf=pass (imf16.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.96.76 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com ARC-Seal: i=2; s=arc-20220608; d=hostedemail.com; t=1703957404; a=rsa-sha256; cv=pass; b=2S4EGv8JLBvrMRqSDNUXGhHA6xE7iKlhOt/pj2XStWliGv24acN9xHiEHfSJWtcxsSFxAb /hI4uYVYc1NYTsMTTEk97v9SiiYsMoZ0zBtU1VzbHKHYFIvfcQPZB7ittO/dUFd3O6XJ6r Tbkd4w7WmYA2q4g/ueIm1DCrUTIQzE4= ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=TebiAlwJsVDdqbKTktBOCYYfWFL5uo/W3TjUVbi1IH/FekrTupKkhInBcYLbAcG2JVRrRxekOflFlLNKmJxygAbzWPTS+CPqTTGs2hqUdjNrCGGPwU58ukBB44da8V98B1UqYXByszBxELMa9H0CHfWs4Iq77m8jkjM7ugNMpG7TBDdFrDrmlwJo9oN5NHVHyuZWX4QuoruZHpUG8BhqwpOKj1u0/qPw225XGK5HX+KgaFfPG2uKneB9deHf+x7AmwIsdPBJmwA2NE1rVp6IB5tyFc6Zm3zpoHFW8DX7pvBU0hZnEI5SLZ//B16jJr8wMWm9qh2DRxRnpl/HqQrVVA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=wTyI3sNoMDHNrgGrZG7JKocHTvFM31hLve+xo3xbn24=; b=HL0vt2SWayR8n1hppMXWWnXCljnx5ognMJhRPbSqW6/4cPMF9oPDOtnXYrSVUixOkwi0vygXPNkF00lJt/K0PT1GWlRlGFfgWAlGeFF6MT69vaRQYhwsbeCyDLfTo3lP5iIDqYXd/9CQzItYzw3W1PpcZGcg1eEZrteLK9oSmUlXT6/RIroraqrl23xdME0tY90G285GKhuwdnqbktBxN0iXZ8d65lpIRYMMXFwVflhvEGk3KrqRmf3rAMv2gIUG+oIfaScR4DsaGdietEf2MKevP8XwsP6d/K5ZdOUyMfJe1+KdN82uooAUprEY3Ca2zsAcDKORZsF+uzeJoI70xA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=temperror (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=temperror action=none header.from=amd.com; dkim=none (message not signed); arc=none (0) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=wTyI3sNoMDHNrgGrZG7JKocHTvFM31hLve+xo3xbn24=; b=BeB4lGRKEY4q6gCrDLk7pHGXLKkR57cRhjfBfe3Y2OJej8b4cU6kw10W4lc5+cE5lxgu+y3MKHdftk0dkl4Z7am4V0Dmo3DM6pfzx8h1IPWhiDyujT9pMzydhgu8Tya/iGYLMPa8uStDo7pP/wGAkcuU5j5GPxSkUUMmQ+26780= Received: from SJ0PR13CA0129.namprd13.prod.outlook.com (2603:10b6:a03:2c6::14) by PH7PR12MB7185.namprd12.prod.outlook.com (2603:10b6:510:201::14) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7135.22; Sat, 30 Dec 2023 17:29:57 +0000 Received: from CO1PEPF000044F2.namprd05.prod.outlook.com (2603:10b6:a03:2c6:cafe::9e) by SJ0PR13CA0129.outlook.office365.com (2603:10b6:a03:2c6::14) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7159.7 via Frontend Transport; Sat, 30 Dec 2023 17:29:56 +0000 X-MS-Exchange-Authentication-Results: spf=temperror (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=temperror action=none header.from=amd.com; Received-SPF: TempError (protection.outlook.com: error in processing during lookup of amd.com: DNS Timeout) Received: from SATLEXMB04.amd.com (165.204.84.17) by CO1PEPF000044F2.mail.protection.outlook.com (10.167.241.72) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.7159.9 via Frontend Transport; Sat, 30 Dec 2023 17:29:55 +0000 Received: from localhost (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.34; Sat, 30 Dec 2023 11:29:54 -0600 From: Michael Roth To: CC: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , Brijesh Singh Subject: [PATCH v11 23/35] KVM: x86: Export the kvm_zap_gfn_range() for the SNP use Date: Sat, 30 Dec 2023 11:23:39 -0600 Message-ID: <20231230172351.574091-24-michael.roth@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20231230172351.574091-1-michael.roth@amd.com> References: <20231230172351.574091-1-michael.roth@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: CO1PEPF000044F2:EE_|PH7PR12MB7185:EE_ X-MS-Office365-Filtering-Correlation-Id: e1897acd-5567-4597-7990-08dc095cf064 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: n/J6/O3prvEtA8BdqoU7sruh3+mKNS32jNtrIMxxmDrBmi6iPm3mHoKvFO1PaJTF+lRLcWnuKDCw3IaQ0a4SyPXr456R36SqbUYyRxWfpo3Xs8N39gTeF0TCubLZ0GVwUMIpOiNX7/4WKL07w+PKCuiXUk1pxCsaO70K5JfkzMakdrafii9E47aeW0y5kAMK5Y4IiPl5FT3i8OzG3qg4rNDFA5YEQxCpSctVVlQiQLnwEAb7cgN0gpdF3STXd7nJv1hkgaXXXBlWlUpwMxYAaXPCiUMPp2Ax/50S7mw/GLPTEXcc3Mf2crSCdahCJKTgDsrBv19mlLD1nTUx3peu/O5rQ+/CqarllVaHJ5ySMcRG9ae5MSwaP5uXOnWOwP57rwpHIXfz6BZNZa4/59s4b+a8l2LQnIDYQgoL++W600S8YWlox6opUxkHQPzp9Q7cGU10rmSS3etbSdfwD8JcMio6XdXerMsN8aiH4A4U10VmNPuecb1GOcnc8bgLyTmJv6TS9O3ixUTh3j+mKuFI/yb0VCT5i1oFyYoT+rKddLjmulL9nknu8gRbNFSo9jR+DXjqiXRo+rfF4KOeFGT/bFT+WBFU85EY3h+H0NU0NHAX0sgXoaltU8p1uE8LrAU4SBasp6K0xMqGQjP8div2XDsfALRYT/JyKPHNgntiZtaQ3t7x40z2psgcRFhdkLi5C/ig9M0CXQ8xg5IaYa/O0c5JSLTRqzgsjLtHKUjp4oYNEm7xp0mtPrYYfNU3+scNuQhJzljDCxnP0UKpdxJH3w== X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230031)(4636009)(136003)(346002)(396003)(39860400002)(376002)(230922051799003)(64100799003)(186009)(82310400011)(451199024)(1800799012)(40470700004)(46966006)(36840700001)(40480700001)(40460700003)(336012)(63370400001)(2616005)(63350400001)(16526019)(83380400001)(1076003)(26005)(426003)(86362001)(81166007)(36756003)(82740400003)(356005)(47076005)(4326008)(44832011)(7406005)(5660300002)(7416002)(6666004)(36860700001)(54906003)(8936002)(8676002)(70206006)(70586007)(316002)(6916009)(2906002)(41300700001)(478600001)(36900700001);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 30 Dec 2023 17:29:55.3119 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: e1897acd-5567-4597-7990-08dc095cf064 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: CO1PEPF000044F2.namprd05.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: PH7PR12MB7185 X-Rspamd-Server: rspam09 X-Rspamd-Queue-Id: 5027618001A X-Stat-Signature: 6kxjzzghxoxgz3iyhrk6chowp45jc63f X-Rspam-User: X-HE-Tag: 1703957404-684256 X-HE-Meta: U2FsdGVkX19kuHXqtPPA1p6UVauxEZMkX3GbbQeQb5E/MvvbFjbh7OXZMX1/mCWCDeisMt0l+lijnheDgtI1Rolwz6ZIOf6gzkMcCxvhxoVOKG2+kppfmTEIB+5nmOTXD55EtkLrwFHyUXeWYDQLPQrnU41kdQd+cIWCYQ7WHRQXQd+ELEVBOPqxEZAQsRuo5eJcHqSMUvGEWEJ6Ev35ISC+PrLfLLsOZ8Hys0lfFbw1xoT27Tu5GEE1PfcsIdOSfFCBaLVlfpx4t4LwLQFwp5xtGoN+XQ9BErOT+7m4hv/YESlEKQ7oQAbUaQW2LgzinVMqzPj1hYdb4pR7KgpmHH0MNF2Mz2VHPosy/zONOH65HDBRLH1Xvxr1GVMkNCJeJIXbHS06K57BmuOMSQN6iR+pd1v6FMALcQmBzXIXVYCwB7+louf/YZpCb/aGBqBGj4ZHtT0EjNzFihJEzxdpwCGoClR2FeGwj2BbbtM9et855mTwzx9FG5SGIf0d8V7LGDmLVe81l8fTQDa3NZGT7IGu+Cm9yOu7fTo3cDzBHzO07xJFmsCdvoEQrB0B6+l4yATjoXsCj1ierV5rW+YWyqLrA9871b2wtTnHUvy5tQDFaKbVAtgECWDHNu5VUHwUP4LmHxnbwkc9JiuiQcHHUgT/4xYZbJJz71Cx9dxpVnMcTabq5DQD/Bv/CRkVal2989L8tWmn4t69JegMBZUfR9T99PZm0/vW6+iiCoRHfuYNfDpAOSM4soKUVHEm+DGnPmuE010iuJNxc7jo4dL4zJEfPEoSzuZKcymPbSoiw6uLMLnxHd+jb5NhDSwiBWTYH3OiiQfWp3A8tXRhjjDvJ9nyUr4248mg98umaYvB3Rfz3nxNO4Bnbk2eRqy1WSkg10N8xWm/gonH5FaivWWnmhu+SMeeY+TDuIGkmqcQHOo8Kt0lGFbhIhxxJqdyd3xTkiOcE1sC/PH39NxDQfH WGYlP8th W+9LsOdQYCAvfNjdtuGtLNbWDqRqcLM/j5z0Nrvmygo7WsMtfFGOZrDE5a9/8U5/a9sUgnVPFZBwl96xM1lBpSmR9wyCzAub+TURjQCnU6+ia7TnFwmJyzU0LbEevkFuFDn9vIzaONQ8MIY0Ed3GbmrRdG/MFkrhBtUxlhRgomrxUFRtI067ULWEGIWzX2cALM8lCHQVs1YOgcu1QCONGv+sfGrWgmePP2eyxIWM3ePiqE7c1OakoQwbAfhxFF5ANoxGlPIpoh8Hga364AhXy7L5XGVK0pV+1wy8Mme36IrG+VJPBvkLdPm+zSlvqGHJc42+cXnj5Vgzd8JRHsb39ZHQUbuemZxcABNuFWFxYncqvtv++zM4bXemtomVF9pZL14oiatTYfz+qrGpIA3wla/P/oWvJA2RDdwm0br/A1E3VVb4= X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: From: Brijesh Singh While resolving the RMP page fault, there may be cases where the page level between the RMP entry and TDP does not match and the 2M RMP entry must be split into 4K RMP entries. Or a 2M TDP page need to be broken into multiple of 4K pages. To keep the RMP and TDP page level in sync, zap the gfn range after splitting the pages in the RMP entry. The zap should force the TDP to gets rebuilt with the new page level. Signed-off-by: Brijesh Singh Signed-off-by: Ashish Kalra Signed-off-by: Michael Roth --- arch/x86/include/asm/kvm_host.h | 1 + arch/x86/kvm/mmu.h | 2 -- arch/x86/kvm/mmu/mmu.c | 1 + 3 files changed, 2 insertions(+), 2 deletions(-) diff --git a/arch/x86/include/asm/kvm_host.h b/arch/x86/include/asm/kvm_host.h index 843695217b4b..3fdcbb1da856 100644 --- a/arch/x86/include/asm/kvm_host.h +++ b/arch/x86/include/asm/kvm_host.h @@ -1923,6 +1923,7 @@ void kvm_mmu_slot_leaf_clear_dirty(struct kvm *kvm, const struct kvm_memory_slot *memslot); void kvm_mmu_invalidate_mmio_sptes(struct kvm *kvm, u64 gen); void kvm_mmu_change_mmu_pages(struct kvm *kvm, unsigned long kvm_nr_mmu_pages); +void kvm_zap_gfn_range(struct kvm *kvm, gfn_t gfn_start, gfn_t gfn_end); int load_pdptrs(struct kvm_vcpu *vcpu, unsigned long cr3); diff --git a/arch/x86/kvm/mmu.h b/arch/x86/kvm/mmu.h index 60f21bb4c27b..df4d2c137a67 100644 --- a/arch/x86/kvm/mmu.h +++ b/arch/x86/kvm/mmu.h @@ -252,8 +252,6 @@ static inline bool kvm_mmu_honors_guest_mtrrs(struct kvm *kvm) return __kvm_mmu_honors_guest_mtrrs(kvm_arch_has_noncoherent_dma(kvm)); } -void kvm_zap_gfn_range(struct kvm *kvm, gfn_t gfn_start, gfn_t gfn_end); - int kvm_arch_write_log_dirty(struct kvm_vcpu *vcpu); int kvm_mmu_post_init_vm(struct kvm *kvm); diff --git a/arch/x86/kvm/mmu/mmu.c b/arch/x86/kvm/mmu/mmu.c index 61213f6648a1..1882096fba3e 100644 --- a/arch/x86/kvm/mmu/mmu.c +++ b/arch/x86/kvm/mmu/mmu.c @@ -6702,6 +6702,7 @@ static bool kvm_mmu_zap_collapsible_spte(struct kvm *kvm, return need_tlb_flush; } +EXPORT_SYMBOL_GPL(kvm_zap_gfn_range); static void kvm_rmap_zap_collapsible_sptes(struct kvm *kvm, const struct kvm_memory_slot *slot) From patchwork Sat Dec 30 17:23:40 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Roth X-Patchwork-Id: 13506984 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 587BDC46CD2 for ; Sat, 30 Dec 2023 17:30:29 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id E477E6B0161; Sat, 30 Dec 2023 12:30:28 -0500 (EST) Received: by kanga.kvack.org (Postfix, from userid 40) id DF72C6B016B; Sat, 30 Dec 2023 12:30:28 -0500 (EST) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id C49F66B016C; Sat, 30 Dec 2023 12:30:28 -0500 (EST) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0017.hostedemail.com [216.40.44.17]) by kanga.kvack.org (Postfix) with ESMTP id B285F6B0161 for ; Sat, 30 Dec 2023 12:30:28 -0500 (EST) Received: from smtpin09.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay06.hostedemail.com (Postfix) with ESMTP id 9752AA17E6 for ; Sat, 30 Dec 2023 17:30:28 +0000 (UTC) X-FDA: 81624173736.09.11E1688 Received: from NAM12-MW2-obe.outbound.protection.outlook.com (mail-mw2nam12on2058.outbound.protection.outlook.com [40.107.244.58]) by imf24.hostedemail.com (Postfix) with ESMTP id 8D6D5180029 for ; Sat, 30 Dec 2023 17:30:25 +0000 (UTC) Authentication-Results: imf24.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b="iqsQuC3/"; spf=pass (imf24.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.244.58 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com; dmarc=pass (policy=quarantine) header.from=amd.com; arc=pass ("microsoft.com:s=arcselector9901:i=1") ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1703957425; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=KEvKLYGqaOkTf4/xmcGIj8QjD0aDrDfVjx+hNzCqkU8=; b=ByD40xxvrygiWspbOs6rMlcL9STRjsor6PZ5QZpoFLtF9aizcAazMs4umqL9IeYVcQWHy0 Ss3ewQRJGIruSorS0EItqbW6oQdiGTEEguj9bNBV8jbq56qUQUwtyyj5zRn2NLhyPuI9cn MV+1YT+yol1w/2n203vPASw2mxuMJ7I= ARC-Seal: i=2; s=arc-20220608; d=hostedemail.com; t=1703957425; a=rsa-sha256; cv=pass; b=qXFEg5V32T1NrBRdAtbDjHtbOaok4KBc8E9QX+N2OAqooVYExELidDYW1t+c4fmFqb0wym 2qtLntPOF9KAoO3dlfItPrMYH8bkmj4euG7t3mCv7cMY6b4pxGnQutSzSp/fwnaDOWYnCn /JryU78HPpzYzevonoSkzHdgkcne0jU= ARC-Authentication-Results: i=2; imf24.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b="iqsQuC3/"; spf=pass (imf24.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.244.58 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com; dmarc=pass (policy=quarantine) header.from=amd.com; arc=pass ("microsoft.com:s=arcselector9901:i=1") ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=QdnmZp+rjVX79uTvC59GZwL2rC74qEC5mdwh47Erh0+Vfmag7o32pXTEtfVfRJnG+PA1U0DvFBvhzkvkkONPiewA+p1nPzWl3xSLph9TMHubZ5tbw6s3MyhYa7E2s9gAAp9HF5vvFkPRzMtQT5kfYflRzIeXJ7czVz2ubYP7ONcpNcc7ukmjFmspjbwexyOYD0clhrpMVI1IHlyCvJW+wRy04MbY2Hix6Xun+Nu8uOcowsUziOfNhBEkYy+ZUOwjaA4z6De85F1syUVr2thqBRBrrGtTmNylO4fDWHKvfQabCcbE0FjvYxONUpYJkr2ImmPDbjatBT++D4djAW4IGw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=KEvKLYGqaOkTf4/xmcGIj8QjD0aDrDfVjx+hNzCqkU8=; b=i1O99t4oIW1m3becIysqRY2f2hIeDaDhjKt7+W1XW4sq/w3TrfJTVR55RTXDENRv6El8TRxBwsnTzOOfpWxGomErm24+1xHtf+nAVs+FOFJAirNbDizXJS2KnBejLLBmvfCthDFOd8VozN2Jz8hwNU0HIhA/SYwNvFggU+buIfw3G1tKeTIIW5LgTaDyfSV7b0u1NToE61bSmtBxJQpi+bypKUAkrJbLxmF5EUSw6Za7z8+YV88T4QiZMAGLRs2gOtWN5kGpVtX4P91qDTGyk8FMRGjzjqQI11OmyWF24t5OvDs5nSP8kQwYO/VqFl9gXCPwFDx/m82BEU/aSVnR+g== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=temperror (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=temperror action=none header.from=amd.com; dkim=none (message not signed); arc=none (0) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=KEvKLYGqaOkTf4/xmcGIj8QjD0aDrDfVjx+hNzCqkU8=; b=iqsQuC3/fr4vLJ6Ji8h9oVP11USGXwqsE6JxW/dk9lhKrQMJ3DrrFCZYaersEu2bMyFYfQT18pNQaQs0o1xrv/D7u2OAoDYUXSX1fzZ4b964Jjd8X26z22QoRy/trczoBHPIWyqThA3BvKtnDY1+PrIByu87U8gyWQLXlrUurm8= Received: from MW2PR2101CA0005.namprd21.prod.outlook.com (2603:10b6:302:1::18) by IA0PR12MB8373.namprd12.prod.outlook.com (2603:10b6:208:40d::11) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7135.22; Sat, 30 Dec 2023 17:30:19 +0000 Received: from CO1PEPF000044F4.namprd05.prod.outlook.com (2603:10b6:302:1:cafe::7e) by MW2PR2101CA0005.outlook.office365.com (2603:10b6:302:1::18) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7159.7 via Frontend Transport; Sat, 30 Dec 2023 17:30:19 +0000 X-MS-Exchange-Authentication-Results: spf=temperror (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=temperror action=none header.from=amd.com; Received-SPF: TempError (protection.outlook.com: error in processing during lookup of amd.com: DNS Timeout) Received: from SATLEXMB04.amd.com (165.204.84.17) by CO1PEPF000044F4.mail.protection.outlook.com (10.167.241.74) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.7159.9 via Frontend Transport; Sat, 30 Dec 2023 17:30:17 +0000 Received: from localhost (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.34; Sat, 30 Dec 2023 11:30:15 -0600 From: Michael Roth To: CC: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , Brijesh Singh Subject: [PATCH v11 24/35] KVM: SEV: Add support to handle RMP nested page faults Date: Sat, 30 Dec 2023 11:23:40 -0600 Message-ID: <20231230172351.574091-25-michael.roth@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20231230172351.574091-1-michael.roth@amd.com> References: <20231230172351.574091-1-michael.roth@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: CO1PEPF000044F4:EE_|IA0PR12MB8373:EE_ X-MS-Office365-Filtering-Correlation-Id: 285ee3f8-fadb-4691-6d4c-08dc095cfd91 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: EaCjLEJeWTYavLlAVxsu+75/Z7WqTOheXiULOlWroaohQ9Ks7eV2RuD+6hFVzyJ/gdqWFzQTWFVTcEm2Tc83KcBj3kUtzAMX947ZrMnh/SRb9xPVIjGxOfP43sLKY7KzLb8k5bZz6IkVYTTkaz9/igQr+BLP1hjut6fhnujdNwdv0M/uxj3l98uuapqTrTXQnOMEEfSM63ZgTXJEM8MZHBqMrlPHcoLquxFez5VI2IG/qEmr5o2VZ91xPt7N6yeX8g+SdFCLnfYAWOmkb84Adf8zmtVWhkrxNr8UIsZ7BTNff5wR1UEhhsZXS+A1Tzc5B9KZ/rK4vQboIe4o9wStXoc/OuYyglAa77lMmh5XhFwq5L13MGXSQF+L/FWVuQt5RjRus+kgE+DuD012bmzOQIGCjHBrz6sV99CqWzVWXx/GfsOSplT/7aKXd96johvx9C1LcIaQ85P8hz8ss9JFSjkV5/+g4wqlAz/viuySST6PrHsOao6xhUJ0kCT+qB1aVlNkx/FrnJcKcD5/IMbBwhNBwmGuWcCKFhEGZCnf4+qL6EitWxw6LKeG8bHh5bYqGzL1Md8B5cx4fjvfObiOL/5NzXdAUPisyvs+IBDDB8QFD6YMgKDEyEowf+EbwsmDP8tuxzgpmEiSRrl9EuAprYZia3bKcuQiUUG2D7IwS7XGbkuUTIbtl21FqpUuM/UX48q/OdhBtKHyRHoWlZmT2dDhBnVrD/CCd7f2PsgpQbgVLmSZ9Xx/7plc5/hi/3eUoDOslc/VHYCR9ZszZi68eA== X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230031)(4636009)(396003)(39860400002)(136003)(376002)(346002)(230922051799003)(186009)(451199024)(1800799012)(64100799003)(82310400011)(36840700001)(40470700004)(46966006)(36860700001)(82740400003)(81166007)(356005)(41300700001)(36756003)(54906003)(63350400001)(44832011)(40480700001)(63370400001)(1076003)(70206006)(86362001)(336012)(8676002)(6916009)(83380400001)(8936002)(2616005)(16526019)(26005)(4326008)(426003)(70586007)(316002)(2906002)(47076005)(6666004)(5660300002)(478600001)(7416002)(7406005)(40460700003)(36900700001);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 30 Dec 2023 17:30:17.4012 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 285ee3f8-fadb-4691-6d4c-08dc095cfd91 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: CO1PEPF000044F4.namprd05.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: IA0PR12MB8373 X-Rspamd-Queue-Id: 8D6D5180029 X-Rspam-User: X-Rspamd-Server: rspam11 X-Stat-Signature: it8noiacncw3n1cmz8xkxspdujdeexeh X-HE-Tag: 1703957425-551474 X-HE-Meta: U2FsdGVkX18XtK65YtyfDJ+KbQuxWzpgbig19rtBfet9iGN+NqWZYVcX9TTo00ssPi1JCiqSah6OEDnKjOCJNKwBhWhpoTBrNTp9cDCg1IHxB87osQg7hdXWWglX6CjNAy9JRxuwGIt129zU0TD5WaSW4R1XmeIGzb9XadNWX1SvpfUd06WfZUEPcvDS9UH3daNwfwmlrUK1BmffSewYiaO0srGlEXSKatwEtcp9gbCYQQ3B3OGPcF5NqxOqs5zN9tRgoI3Ach8znmn+GvCxMsGYlcjwguRwmTjCcFON3UQ9s0jCKHQ+DWpS6kCBkW1lo5GJgC0LQokSRT11yJTm7YcHrBBI13pKbY/Jcd+XL6JeAw6NBu1ctgU+5Q1AtZiAcv4LzlSZI6ExXrR5iu9chra6StLmNUbCkJRoZVh6kpONhCKIRAbcpu7DJCqu5ahzTRM0a7CqPQx6MCeNncClBfg8zhkoDLiwgz7ntcaS+8BQD3vR6phJ39W98reVhwYau0jKywrSdcWJXkIteHzn3TeoZqoPCG1pRSJrdm0ryxC04TZUuV1iUbjKM9V2TPEffIEv9XcjeFfYkxplIqxBq4eq30F13/FD8mv5OyRpMuF12hQTbWT2qqZabMzJgV1bsoYj26DOxtrWjKyPxkHwpDrIn/K5Vb+rfPtv4544H1M7DtOKZ/honxPB8rCWIVwK/IDgT5hKIj2dYz1inUH26s4eo4sU8fdHem+sxqTpMXstLEcjC5/xzcSS1EaKZNM/1+WiLHYOo6v5Tk1gEIDux3rLVxL7bcp8CTedbMVSBfyVTRApKh3IdlC3hQzPHnv3K5X4c20r2bXp4r2fEb8ymRBzbstqhNgghOO82KflbmR56qjmyZAXFt/nb7nfYIk85C7Etg0O26e33jXiEcVyM94O2WtXM6Cb3j6dvNDqPpxPWHeyI8u8diuRT0U/s4bk9NoU1lioeEAZXJY8GRt eG4tu0dI mK9anPpJSDOgGqThRWcwuBiXYbJlT7UrMaLMXNvBl77yVufx7h7/MFSeoStIeiRvJ3w9B+SOOJDC1LTOTdaVGbG/RKF6Mieo9nH/uxySRAiB4C6qKkz/JYr9TtzWvTrVyG29uHv1tU+c6HtLMo1BsyRhhWWoIo66OBN5J4El5XvYf3XbxeQlCJpu5ZOKqZHQhb28hN8q5BGMzd8B+d8RFg3e2Jxnmdue1uwmX1g+YciuI8aB2P+EvAPAbVDt6j/aKUr24ZZo1LItSTC/UI5BLAxnHF3mmiUnJejXGQzgRCfJm/AhWtoMdzSJ+Z42UD+aue36Qttx7oA7Xgy8= X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: From: Brijesh Singh When SEV-SNP is enabled in the guest, the hardware places restrictions on all memory accesses based on the contents of the RMP table. When hardware encounters RMP check failure caused by the guest memory access it raises the #NPF. The error code contains additional information on the access type. See the APM volume 2 for additional information. When using gmem, RMP faults resulting from mismatches between the state in the RMP table vs. what the guest expects via its page table result in KVM_EXIT_MEMORY_FAULTs being forwarded to userspace to handle. This means the only expected case that needs to be handled in the kernel is when the page size of the entry in the RMP table is larger than the mapping in the nested page table, in which case a PSMASH instruction needs to be issued to split the large RMP entry into individual 4K entries so that subsequent accesses can succeed. Signed-off-by: Brijesh Singh Co-developed-by: Michael Roth Signed-off-by: Michael Roth Signed-off-by: Ashish Kalra --- arch/x86/include/asm/sev.h | 3 ++ arch/x86/kvm/svm/sev.c | 92 ++++++++++++++++++++++++++++++++++++++ arch/x86/kvm/svm/svm.c | 21 +++++++-- arch/x86/kvm/svm/svm.h | 1 + 4 files changed, 113 insertions(+), 4 deletions(-) diff --git a/arch/x86/include/asm/sev.h b/arch/x86/include/asm/sev.h index 435ba9bc4510..e84dd1d2d8ab 100644 --- a/arch/x86/include/asm/sev.h +++ b/arch/x86/include/asm/sev.h @@ -90,6 +90,9 @@ extern bool handle_vc_boot_ghcb(struct pt_regs *regs); /* RMUPDATE detected 4K page and 2MB page overlap. */ #define RMPUPDATE_FAIL_OVERLAP 4 +/* PSMASH failed due to concurrent access by another CPU */ +#define PSMASH_FAIL_INUSE 3 + /* RMP page size */ #define RMP_PG_SIZE_4K 0 #define RMP_PG_SIZE_2M 1 diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c index 8b6143110411..ad1aea7f6266 100644 --- a/arch/x86/kvm/svm/sev.c +++ b/arch/x86/kvm/svm/sev.c @@ -3276,6 +3276,13 @@ static void set_ghcb_msr(struct vcpu_svm *svm, u64 value) svm->vmcb->control.ghcb_gpa = value; } +static int snp_rmptable_psmash(kvm_pfn_t pfn) +{ + pfn = pfn & ~(KVM_PAGES_PER_HPAGE(PG_LEVEL_2M) - 1); + + return psmash(pfn); +} + static int snp_complete_psc_msr(struct kvm_vcpu *vcpu) { struct vcpu_svm *svm = to_svm(vcpu); @@ -3835,3 +3842,88 @@ struct page *snp_safe_alloc_page(struct kvm_vcpu *vcpu) return p; } + +void handle_rmp_page_fault(struct kvm_vcpu *vcpu, gpa_t gpa, u64 error_code) +{ + struct kvm_memory_slot *slot; + struct kvm *kvm = vcpu->kvm; + int order, rmp_level, ret; + bool assigned; + kvm_pfn_t pfn; + gfn_t gfn; + + gfn = gpa >> PAGE_SHIFT; + + /* + * The only time RMP faults occur for shared pages is when the guest is + * triggering an RMP fault for an implicit page-state change from + * shared->private. Implicit page-state changes are forwarded to + * userspace via KVM_EXIT_MEMORY_FAULT events, however, so RMP faults + * for shared pages should not end up here. + */ + if (!kvm_mem_is_private(kvm, gfn)) { + pr_warn_ratelimited("SEV: Unexpected RMP fault, size-mismatch for non-private GPA 0x%llx\n", + gpa); + return; + } + + slot = gfn_to_memslot(kvm, gfn); + if (!kvm_slot_can_be_private(slot)) { + pr_warn_ratelimited("SEV: Unexpected RMP fault, non-private slot for GPA 0x%llx\n", + gpa); + return; + } + + ret = kvm_gmem_get_pfn(kvm, slot, gfn, &pfn, &order); + if (ret) { + pr_warn_ratelimited("SEV: Unexpected RMP fault, no private backing page for GPA 0x%llx\n", + gpa); + return; + } + + ret = snp_lookup_rmpentry(pfn, &assigned, &rmp_level); + if (ret || !assigned) { + pr_warn_ratelimited("SEV: Unexpected RMP fault, no assigned RMP entry found for GPA 0x%llx PFN 0x%llx error %d\n", + gpa, pfn, ret); + goto out; + } + + /* + * There are 2 cases where a PSMASH may be needed to resolve an #NPF + * with PFERR_GUEST_RMP_BIT set: + * + * 1) RMPADJUST/PVALIDATE can trigger an #NPF with PFERR_GUEST_SIZEM + * bit set if the guest issues them with a smaller granularity than + * what is indicated by the page-size bit in the 2MB-aligned RMP + * entry for the PFN that backs the GPA. + * + * 2) Guest access via NPT can trigger an #NPF if the NPT mapping is + * smaller than what is indicated by the 2MB-aligned RMP entry for + * the PFN that backs the GPA. + * + * In both these cases, the corresponding 2M RMP entry needs to + * be PSMASH'd to 512 4K RMP entries. If the RMP entry is already + * split into 4K RMP entries, then this is likely a spurious case which + * can occur when there are concurrent accesses by the guest to a 2MB + * GPA range that is backed by a 2MB-aligned PFN who's RMP entry is in + * the process of being PMASH'd into 4K entries. These cases should + * resolve automatically on subsequent accesses, so just ignore them + * here. + */ + if (rmp_level == PG_LEVEL_4K) { + pr_debug_ratelimited("%s: Spurious RMP fault for GPA 0x%llx, error_code 0x%llx", + __func__, gpa, error_code); + goto out; + } + + pr_debug_ratelimited("%s: Splitting 2M RMP entry for GPA 0x%llx, error_code 0x%llx", + __func__, gpa, error_code); + ret = snp_rmptable_psmash(pfn); + if (ret && ret != PSMASH_FAIL_INUSE) + pr_err_ratelimited("SEV: Unable to split RMP entry for GPA 0x%llx PFN 0x%llx ret %d\n", + gpa, pfn, ret); + + kvm_zap_gfn_range(kvm, gfn, gfn + PTRS_PER_PMD); +out: + put_page(pfn_to_page(pfn)); +} diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c index 18d55df7fa5f..4367da074612 100644 --- a/arch/x86/kvm/svm/svm.c +++ b/arch/x86/kvm/svm/svm.c @@ -2051,15 +2051,28 @@ static int pf_interception(struct kvm_vcpu *vcpu) static int npf_interception(struct kvm_vcpu *vcpu) { struct vcpu_svm *svm = to_svm(vcpu); + int rc; u64 fault_address = svm->vmcb->control.exit_info_2; u64 error_code = svm->vmcb->control.exit_info_1; trace_kvm_page_fault(vcpu, fault_address, error_code); - return kvm_mmu_page_fault(vcpu, fault_address, error_code, - static_cpu_has(X86_FEATURE_DECODEASSISTS) ? - svm->vmcb->control.insn_bytes : NULL, - svm->vmcb->control.insn_len); + rc = kvm_mmu_page_fault(vcpu, fault_address, error_code, + static_cpu_has(X86_FEATURE_DECODEASSISTS) ? + svm->vmcb->control.insn_bytes : NULL, + svm->vmcb->control.insn_len); + + /* + * rc == 0 indicates a userspace exit is needed to handle page + * transitions, so do that first before updating the RMP table. + */ + if (error_code & PFERR_GUEST_RMP_MASK) { + if (rc == 0) + return rc; + handle_rmp_page_fault(vcpu, fault_address, error_code); + } + + return rc; } static int db_interception(struct kvm_vcpu *vcpu) diff --git a/arch/x86/kvm/svm/svm.h b/arch/x86/kvm/svm/svm.h index 2bee24017bae..fb98d88d8124 100644 --- a/arch/x86/kvm/svm/svm.h +++ b/arch/x86/kvm/svm/svm.h @@ -717,6 +717,7 @@ void sev_vcpu_deliver_sipi_vector(struct kvm_vcpu *vcpu, u8 vector); void sev_es_prepare_switch_to_guest(struct sev_es_save_area *hostsa); void sev_es_unmap_ghcb(struct vcpu_svm *svm); struct page *snp_safe_alloc_page(struct kvm_vcpu *vcpu); +void handle_rmp_page_fault(struct kvm_vcpu *vcpu, gpa_t gpa, u64 error_code); /* vmenter.S */ From patchwork Sat Dec 30 17:23:41 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Roth X-Patchwork-Id: 13506985 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 3728AC46CD2 for ; Sat, 30 Dec 2023 17:30:44 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id BFEE56B0177; Sat, 30 Dec 2023 12:30:43 -0500 (EST) Received: by kanga.kvack.org (Postfix, from userid 40) id BADFF6B0178; Sat, 30 Dec 2023 12:30:43 -0500 (EST) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id A4E696B0179; Sat, 30 Dec 2023 12:30:43 -0500 (EST) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0015.hostedemail.com [216.40.44.15]) by kanga.kvack.org (Postfix) with ESMTP id 93AA06B0177 for ; Sat, 30 Dec 2023 12:30:43 -0500 (EST) Received: from smtpin06.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay07.hostedemail.com (Postfix) with ESMTP id 68DA016045D for ; Sat, 30 Dec 2023 17:30:43 +0000 (UTC) X-FDA: 81624174366.06.B0F90E7 Received: from NAM12-MW2-obe.outbound.protection.outlook.com (mail-mw2nam12on2058.outbound.protection.outlook.com [40.107.244.58]) by imf13.hostedemail.com (Postfix) with ESMTP id 69C4620020 for ; Sat, 30 Dec 2023 17:30:40 +0000 (UTC) Authentication-Results: imf13.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b="yP9U/8Eb"; dmarc=pass (policy=quarantine) header.from=amd.com; arc=pass ("microsoft.com:s=arcselector9901:i=1"); spf=pass (imf13.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.244.58 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1703957440; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=hZLQXigzIBK5AyX+86qeDrc/89Jk6ptkw/5jLdrqHdI=; b=53G9eGI3zAEdalQD5NfX7pVdP803vYJgK81JqvYzA+mZe02D5VLCZTfRe+OKqntdkb8Uxb +SGv4auxEoEr84+NNI9J1T312TBHcRRamL8gR4AnBpmn5vwlqgfTUNa93RulZZbv9Z9bab /+DzauS/syUzuLPcJXAatkDUahVJkfY= ARC-Authentication-Results: i=2; imf13.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b="yP9U/8Eb"; dmarc=pass (policy=quarantine) header.from=amd.com; arc=pass ("microsoft.com:s=arcselector9901:i=1"); spf=pass (imf13.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.244.58 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com ARC-Seal: i=2; s=arc-20220608; d=hostedemail.com; t=1703957440; a=rsa-sha256; cv=pass; b=8Qq7RuDWJGeGjrT/hIOfY0pJBzkwzjEclhirunwniogG6PMQ5xTap1L7GDQwK5EBYAts2E 8KTDUuYL/QFKWAB07rqZaFRWmh+7rcliwWX9AclEnWX7d7INyWG+TeW9uOLTzwB4ZF+Kfq EEy4vcewUTpd2R2dZQicNG2xUYpbKw4= ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=AUS/qVOuvtWZ2R5lSELKx4ZnSuHVf4wSTsqyE66a90YThJx8FAipg9aZ0abcDpxNTrr6uwPZe6E9Rw4Z+rmWo4f7rKQtvqI1oH4Ykjy7muio+ggekX1hlBOvrgq0K9r24qUGzszlsnzE8Vag0kwTNGrntDi5aFj1cxLQ5gNqX2hLCckoqA0lwBjzHDUuusTofpbQrmKJOMzL9hS2ZO1tCS9wqqFv3wfn4y3LsyZRkQQjjymwotVS3TZyqXFoq4FH18yZ0dsUz9D1a6tmssRz2ZAW7mcwgnVXJnKL7tHzz3on6qTixEcvQXWW+hxxMgKf3jrPolEdiKqq9VBGE0lwbg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=hZLQXigzIBK5AyX+86qeDrc/89Jk6ptkw/5jLdrqHdI=; b=SWUZnJP02O5jHhPYfX6Ruebx0XJ7BsWzj3ngutUWceBPzcFdB/6pIVcrB2lKipMw59zhTO78PPAma3018AlwbXOikqDkrjkR5RM/QCpxpJVdj+3+Xf0YoIf1o7vIV7ppWxPUU4vTx/EIvYFSfJBNRiYgvpJTFmypi9bm6VhCUOgLaznuIYK0IOsPZlob6TzUFhZReIzOdyxGSnPbaI051XuES/OjmE7vZIa0fhsBf5XxqcS28EIGAx2hSgo4bKgXN3f3ONb5nVT7cCkbIzddtrZVxizNf+oKHOzasQNfXeibdr5I/2sgHu0c0O4Z1QumZj526VgeNgiHFcwhaP0C+w== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none (0) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=hZLQXigzIBK5AyX+86qeDrc/89Jk6ptkw/5jLdrqHdI=; b=yP9U/8Eb9OsiTE95DwpiRMfj/AeA2XB6goVs7iWO51G7NW384KgXlyu6mAWoi2Cfv8+EHsDmu7aJegTPSSnjBsn3rfh6GSe/wM46KvgjFkOQyzzONOR8eK708yjPWyz6WpoKwlEr6UVuYzF+rv84cVSVJaOF1GnLo3o4gM+9Rag= Received: from MW4PR03CA0267.namprd03.prod.outlook.com (2603:10b6:303:b4::32) by DM4PR12MB5231.namprd12.prod.outlook.com (2603:10b6:5:39b::19) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7135.22; Sat, 30 Dec 2023 17:30:36 +0000 Received: from CO1PEPF000044EF.namprd05.prod.outlook.com (2603:10b6:303:b4:cafe::ab) by MW4PR03CA0267.outlook.office365.com (2603:10b6:303:b4::32) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7135.20 via Frontend Transport; Sat, 30 Dec 2023 17:30:36 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by CO1PEPF000044EF.mail.protection.outlook.com (10.167.241.69) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.7159.9 via Frontend Transport; Sat, 30 Dec 2023 17:30:36 +0000 Received: from localhost (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.34; Sat, 30 Dec 2023 11:30:35 -0600 From: Michael Roth To: CC: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , Subject: [PATCH v11 25/35] KVM: SEV: Use a VMSA physical address variable for populating VMCB Date: Sat, 30 Dec 2023 11:23:41 -0600 Message-ID: <20231230172351.574091-26-michael.roth@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20231230172351.574091-1-michael.roth@amd.com> References: <20231230172351.574091-1-michael.roth@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: CO1PEPF000044EF:EE_|DM4PR12MB5231:EE_ X-MS-Office365-Filtering-Correlation-Id: 5ff53c6a-0823-45d5-cd2b-08dc095d0903 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: pOMFAFa3q9xDAeE4FPEgGPjsHwnUCEAh3oRgMAPQiS7EyD7XKE/dFQ6GscwRKLgNxGi7BEwECkfK+iZ63P2uKXQJNOf2mJaCjivLJTRAJREhDu7avYQIy7C1BzT7hWG1wKmXRf0+/kcPunStAoMetwW3m5WBXToR5SsZhw2WsMKhwh/b1ya0Nia+YB4S86CBOdz5FOk6ltgJInE6aBCSlGgc8mUeISaNtGR7n29N+GYC1Y4QThweWjbi/D3WQII4WrD4lAHuwnw9jI4m7Db+LXwFIsZhDmFG5wnRQKhtbBO73DzwVQUnxuys8L4WNNP+dj1GE9X/PLDfoZMMDbJRsJDbYtmjiCn3CaBjaUtpmeH1hMh1ReFqQEbGo7xzlR/jIpAzvmBSbQ+y9DYtToFn1qFjOPsChe2jEW5E4prde7PWBom9rGYancFSnHFVlvpI9c/n0N6THLFnRgU4bkqigGGrRi80ja/WWUpHESamZXQKJkfMogxuNeG8/68EbiTgiydeOKh7FmKmZvQUK0PZwc6sUtZ+T4r6Gnc43gNFno92qCPVc0QVoNmUC9Rhhe7h+uYyhrneHJYC1scCw/P5bfknL3UvriT1g/yFlH73dXwfW1DS7Enz1bmYkWLYdMMJzr1i1bQBj5/tadoVhyd/8olU5R6rM443ChYh9+LU7ydukDtNFM3M8cgZfg9SJNqBPaCvT1R7VhmeQcxcSsB3dWaS4tpHd4xDUYO9I+0Om4mHZ90n6K7XSihAgeXzKK7hxhtslt4/ubD4SNYgyqOssw== X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230031)(4636009)(136003)(396003)(39860400002)(376002)(346002)(230922051799003)(186009)(1800799012)(64100799003)(82310400011)(451199024)(40470700004)(46966006)(36840700001)(36860700001)(478600001)(40460700003)(41300700001)(82740400003)(44832011)(356005)(6916009)(36756003)(4326008)(86362001)(316002)(54906003)(81166007)(70206006)(70586007)(6666004)(47076005)(336012)(426003)(16526019)(26005)(1076003)(40480700001)(83380400001)(8676002)(8936002)(2616005)(2906002)(5660300002)(7416002)(7406005)(36900700001);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 30 Dec 2023 17:30:36.6057 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 5ff53c6a-0823-45d5-cd2b-08dc095d0903 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: CO1PEPF000044EF.namprd05.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM4PR12MB5231 X-Rspamd-Server: rspam09 X-Rspamd-Queue-Id: 69C4620020 X-Stat-Signature: tn1rw1sbbekyim93gd4cftsmfqc65u7q X-Rspam-User: X-HE-Tag: 1703957440-695599 X-HE-Meta: U2FsdGVkX1+DjbW7pgsEsDorwukjq5D0YgdX1c8uwHui3O15Q4/ABXFgc37kMk32tK+S4GOHEaTCP751VeYcmoibgXOxskiyOTMfoCZTEhHy5hRjQHv31wu6qN1SxF1Cu74sWaqx/+WXc+s4mxcjtDlPl91inkPD6LgmktlVIcc0ywxDCWV2ojwWBJafsPBh9nRmWmtHW5T0bqm67vOVQi8UwlRUiVMKjs0444PYqCLCjxSYVkr2paKfe+XnVbNBWsktdqDodP99CJfiu0pqR9K4aMBn8whfMhB9WAtBbIk1GoJcJpgwm1TlBM6xwrTO/t8B7wygDS9UduY2c12tQ5uHVrT592qKQuITehcogCk6IFyg4iTu+XvZZ7f3oCjuO3ENbdk2VmHVfgNesK03AfzSOcH79YseoYXzVvHYXO7rsSv0WHp4rpYZsTu6UlkZc2pth9S7Ym+ZRsyLVMwzDiD5CCBuPfWsZVC+MZNXUQmQ8An3sUTTydQUTQDaverf/vSQ/sOcJdjen5FiSg1XLCiuN5IBbpddK/0+TRDGRTti3KPUhTq8RFz4gy76XbBfw4N05gw8sPZeyoXNXEBUA5PKm622Imb280gTeHFOBuo2JG30+f0QoyKwlU2G1BolpHGahuar34lPd8zAViRcylpbEnyGlfmmqSPDcdRyObnUIvq2ECuJe/9oQtxeEnnzURfAZ7HODwsrkPB3KYxFwOLa9GouXuX7bXmngHfgD3sYyn5Hg7lDN0gFS+ggKJla9BtBmpe0shI3aV5HCmn/16SHT5G2ilgwvIHGmESglJ0vjCgeDudb0A6Y8kj/c8h9BXGlI1iqvWFK2Y08cm2FS4r1eh3SP9ncPrxmmQnePaPn4YUNbTschFZhHL9zXeY8sp2Zz3H+pPGiNAIQSNFGOkVLVwhSArnauwpVMCycMi5vLKJc+/vXCke7rhAj+6KgwRwlVDB/e8/HJhwtihk XMqE9NZP V1ewuG6FXZ4aONQf5J7ZLWhS6msWU9E0jpMEQ0/anqr31soXcPXe6GD0Bz0NATPg0FCBndak1todgIpsFapKJv/Jx62hZkfoeUFntg8Qj/+GJbo1kCbHHxCX3tRFnAYCTXCuihmVIv4aZyTEtr7xFAQ6jx+586yVT3vXyTGJKnul9penvffDiFLbuk8edAd9za8HupDPPGOV3i6E7jIfgh4/IBvA4iLI6zxD8dPJq6gWloTQ6LBxCWs7VTha7NvXUADykTg91V3Sp1/5LM6uX9+G1QpadUzuDzyPoyzcQ81Bup7fIcjdZvci5DgCCTu2scR9nGwobDGDSlvI= X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: From: Tom Lendacky In preparation to support SEV-SNP AP Creation, use a variable that holds the VMSA physical address rather than converting the virtual address. This will allow SEV-SNP AP Creation to set the new physical address that will be used should the vCPU reset path be taken. Signed-off-by: Tom Lendacky Signed-off-by: Ashish Kalra Signed-off-by: Michael Roth --- arch/x86/kvm/svm/sev.c | 3 +-- arch/x86/kvm/svm/svm.c | 9 ++++++++- arch/x86/kvm/svm/svm.h | 1 + 3 files changed, 10 insertions(+), 3 deletions(-) diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c index ad1aea7f6266..996b5a668938 100644 --- a/arch/x86/kvm/svm/sev.c +++ b/arch/x86/kvm/svm/sev.c @@ -3659,8 +3659,7 @@ static void sev_es_init_vmcb(struct vcpu_svm *svm) * the VMSA will be NULL if this vCPU is the destination for intrahost * migration, and will be copied later. */ - if (svm->sev_es.vmsa) - svm->vmcb->control.vmsa_pa = __pa(svm->sev_es.vmsa); + svm->vmcb->control.vmsa_pa = svm->sev_es.vmsa_pa; /* Can't intercept CR register access, HV can't modify CR registers */ svm_clr_intercept(svm, INTERCEPT_CR0_READ); diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c index 4367da074612..da49e4981d75 100644 --- a/arch/x86/kvm/svm/svm.c +++ b/arch/x86/kvm/svm/svm.c @@ -1459,9 +1459,16 @@ static int svm_vcpu_create(struct kvm_vcpu *vcpu) svm->vmcb01.pa = __sme_set(page_to_pfn(vmcb01_page) << PAGE_SHIFT); svm_switch_vmcb(svm, &svm->vmcb01); - if (vmsa_page) + if (vmsa_page) { svm->sev_es.vmsa = page_address(vmsa_page); + /* + * Do not include the encryption mask on the VMSA physical + * address since hardware will access it using the guest key. + */ + svm->sev_es.vmsa_pa = __pa(svm->sev_es.vmsa); + } + svm->guest_state_loaded = false; return 0; diff --git a/arch/x86/kvm/svm/svm.h b/arch/x86/kvm/svm/svm.h index fb98d88d8124..4ef41f4d4ee6 100644 --- a/arch/x86/kvm/svm/svm.h +++ b/arch/x86/kvm/svm/svm.h @@ -202,6 +202,7 @@ struct vcpu_sev_es_state { struct ghcb *ghcb; u8 valid_bitmap[16]; struct kvm_host_map ghcb_map; + hpa_t vmsa_pa; bool received_first_sipi; unsigned int ap_reset_hold_type; From patchwork Sat Dec 30 17:23:42 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Roth X-Patchwork-Id: 13506986 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id A02E1C46CD2 for ; Sat, 30 Dec 2023 17:31:07 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 3C1006B00FF; Sat, 30 Dec 2023 12:31:07 -0500 (EST) Received: by kanga.kvack.org (Postfix, from userid 40) id 3700F6B0102; Sat, 30 Dec 2023 12:31:07 -0500 (EST) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 19DDF6B0190; Sat, 30 Dec 2023 12:31:07 -0500 (EST) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0010.hostedemail.com [216.40.44.10]) by kanga.kvack.org (Postfix) with ESMTP id 051986B00FF for ; Sat, 30 Dec 2023 12:31:07 -0500 (EST) Received: from smtpin24.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay01.hostedemail.com (Postfix) with ESMTP id C7DA11C0D60 for ; Sat, 30 Dec 2023 17:31:06 +0000 (UTC) X-FDA: 81624175332.24.CD7B229 Received: from NAM02-DM3-obe.outbound.protection.outlook.com (mail-dm3nam02on2075.outbound.protection.outlook.com [40.107.95.75]) by imf21.hostedemail.com (Postfix) with ESMTP id C8E261C0016 for ; Sat, 30 Dec 2023 17:31:03 +0000 (UTC) Authentication-Results: imf21.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b="oYN/Erdr"; arc=pass ("microsoft.com:s=arcselector9901:i=1"); spf=pass (imf21.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.95.75 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com; dmarc=pass (policy=quarantine) header.from=amd.com ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1703957463; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=O2rgwLGjtm/rJhv7gmhGxH7KP+NcfEDSfd1q16/QMO8=; b=S9Fo2VN3AQSmLc4q1jkbE5i4EB2b5+Bg/jNqUjrcNydyducDMd6/nd+HUKi9s1zlPBEDhQ MI5ICfHeoZFhy/ynZGjWgh/Z2VOuk8+L1OD7D+CbzSviVb+3xTjX8G3v/LKsvIY7As+F6s 4/UsBPpgRDuIPQPMGxaFx972T/Ryqv4= ARC-Seal: i=2; s=arc-20220608; d=hostedemail.com; t=1703957463; a=rsa-sha256; cv=pass; b=emkwr5Kq6IBAIHph7yD6J7/545f6OmfZo/YAf+PkU+YhluinLDqPks7uUwJv1Idq/PNKVy 5w/e3J4GfrpydbEspXQliKH2uBPKs33t4ZndSeQ7LFiZ3MmuwN2bPNG8WPJu3m4W75T52S swtRnmckVdT73mQd+Vuo85/0XJcOGz0= ARC-Authentication-Results: i=2; imf21.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b="oYN/Erdr"; arc=pass ("microsoft.com:s=arcselector9901:i=1"); spf=pass (imf21.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.95.75 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com; dmarc=pass (policy=quarantine) header.from=amd.com ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=LB/sG4/DuoyxUFCVoTNrTCniLPMuUp6TAuq2qKPwd05+xajr8Fo56AeSTfCAEdjWsVbLN9voNOeV/Dc2RM+jbgVz1/k9KqBnlLHOfY5yUV3JZYoR9aoHYqcXA6USN5kK+mZPyeKixPB7Jz/NrWckooDhydevXwVf3969KFw3Gpvs2lDArpLCxCNkbl575gfvpRe5s05RgyrpLAm8FPitklOrPAdMlcy3XlrSI3Q1rd+0bpf1cBdWjtQKiHU7VICpwexKSnVwIT4Gv58VmQsCEHIjrWZa02w7ubtrQQqNtSEUcV68Lq6A5iFKdY2eab6q/2R6SfBlFMvnpKrPt+Ikdg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=O2rgwLGjtm/rJhv7gmhGxH7KP+NcfEDSfd1q16/QMO8=; b=hbXm6yULA21WqmmCYRGJsI8DpdW6HdRgs8GCZVkajfSHKGZfhV00/xHgarGWi+x/1c7vs2VW4Af+U8eOX9ZystkY5W53w3uTLm+bf7D+Qn9v93jgg4YkRu7/cvUv0lA2y9R0y/bpK1vn5FJA9CNyONaHAXGmwkdX3+FWsd4n1XBaRIrOZckeXhXNAC7T+M/Pt2hwlaaoovwXE/OYhMZfxvEQBWx1/Rq2hSmeuRIRtLU/lAut1RqyXdBCU297oYWSPMb5L9wkGIdwjfCNKOevtw+llAt/MJwK3Q2RDKZ6dG7rnRXR00rkkd42OGuqk/IaEMOm2X6alB7IFbWNmkM4QQ== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=temperror (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=temperror action=none header.from=amd.com; dkim=none (message not signed); arc=none (0) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=O2rgwLGjtm/rJhv7gmhGxH7KP+NcfEDSfd1q16/QMO8=; b=oYN/ErdrqH4LB6mLhBbEWYq7cDx5tzfWZLqh6gVl2jCvvWH3n/fixCGRMH/LO07g9qiaAry93a6A8HUbQBGZk91pMCjU0RBr9AtUpuNLxqriddMOo8zGu/3WURRSX/WW6zZI9MUMqvZ3Edu18h5QFWeShiQZPUpsCCkQs0o9sb0= Received: from MW4PR04CA0088.namprd04.prod.outlook.com (2603:10b6:303:6b::33) by PH8PR12MB6723.namprd12.prod.outlook.com (2603:10b6:510:1ce::12) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7135.22; Sat, 30 Dec 2023 17:30:59 +0000 Received: from CO1PEPF000044F0.namprd05.prod.outlook.com (2603:10b6:303:6b:cafe::82) by MW4PR04CA0088.outlook.office365.com (2603:10b6:303:6b::33) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7135.20 via Frontend Transport; Sat, 30 Dec 2023 17:30:59 +0000 X-MS-Exchange-Authentication-Results: spf=temperror (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=temperror action=none header.from=amd.com; Received-SPF: TempError (protection.outlook.com: error in processing during lookup of amd.com: DNS Timeout) Received: from SATLEXMB04.amd.com (165.204.84.17) by CO1PEPF000044F0.mail.protection.outlook.com (10.167.241.70) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.7159.9 via Frontend Transport; Sat, 30 Dec 2023 17:30:57 +0000 Received: from localhost (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.34; Sat, 30 Dec 2023 11:30:56 -0600 From: Michael Roth To: CC: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , Brijesh Singh Subject: [PATCH v11 26/35] KVM: SEV: Support SEV-SNP AP Creation NAE event Date: Sat, 30 Dec 2023 11:23:42 -0600 Message-ID: <20231230172351.574091-27-michael.roth@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20231230172351.574091-1-michael.roth@amd.com> References: <20231230172351.574091-1-michael.roth@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: CO1PEPF000044F0:EE_|PH8PR12MB6723:EE_ X-MS-Office365-Filtering-Correlation-Id: 9004954c-8f89-4ce6-794a-08dc095d15ba X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: SkRWdqo4VGkdrIGD+cAFF9Uca0Y6MD6ylqmfTJaF1ngwaKrFqvponB69cADrZrvSizMQkZ2gy2k5LDaTH75VM5T8QohyT1MDes8FA8s27ZZOgJKzlmLhL83nTlaTHGVfPsQYVXkdQWrAPIPvwaQ+q/xFzfZYYboWfTtRUYlHg+ZtrQ8uIYwCmxfrCOQlrN07vpodY2Nn1dFbOrayJ2uHWSs45w9/C/cU9H12fuYVqPK/KBN/zyzdLHFTPBdFHXbKPZ4Bqq7o5tAAOP4udNdwDbvXhkiC+yTNVt831XycuBSRrL0EvAP0KDTrmg2tlXIQJ8Y8GHU4J4SH0Fnxa9BWq8Atr1WZfb3FtJLhQ1wiaUrw2MRMLLPKHof9h5taWAbVf3+eEbkxEgIk9Fpq+SZpxK2EJgKApbMhGOLrbgoRmE9kft/q2B22A5NwfE3J1jxuFJjCviWUV02TXCetl7SZ0GeX1OtGVWxFUuG89QVUBHdp7YYMqTaRScxgOn3CxmLglGorz/TyNjXfeFKEYZm8SfT283JVlSbzl2iIogIp79Rg2SkJptO/Bp2R1VCsxlCFVsDMdjgVhPrQ0uQqKu+1voSvOsfqWtItB3d+n6EMndIcqnMxach+/Q9eYPS8x+o0zfn7AgONmKfmI5pdyCgAr+RHEudmDIQkU4SW9r7Rm+0cFVX4kDVK9b8FPGnGjXKHVpqEzI03ZVnQTW8e1WplAmgreUvHT25GylqqRUEVDfcXgeKjB43mH/u4YFp3cZuAgs6Wjko3Fkw+5/4Dof8XrA== X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230031)(4636009)(396003)(136003)(346002)(376002)(39860400002)(230922051799003)(64100799003)(451199024)(82310400011)(1800799012)(186009)(36840700001)(46966006)(40470700004)(40480700001)(40460700003)(70586007)(70206006)(81166007)(86362001)(82740400003)(356005)(36756003)(47076005)(63350400001)(63370400001)(83380400001)(336012)(426003)(16526019)(26005)(2616005)(1076003)(478600001)(7416002)(7406005)(2906002)(30864003)(54906003)(6916009)(316002)(6666004)(5660300002)(44832011)(36860700001)(41300700001)(8676002)(8936002)(4326008)(36900700001);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 30 Dec 2023 17:30:57.9199 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 9004954c-8f89-4ce6-794a-08dc095d15ba X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: CO1PEPF000044F0.namprd05.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: PH8PR12MB6723 X-Stat-Signature: 3zu8stq3r5n7yar4htf9yht4mm8a8iej X-Rspamd-Server: rspam10 X-Rspamd-Queue-Id: C8E261C0016 X-Rspam-User: X-HE-Tag: 1703957463-773456 X-HE-Meta: U2FsdGVkX1+wWc75Wl7gcpboEh5TCPub31mnARhq3tScMwiUIgtevTIfWFz0GBw5BnRokLOATOYcD4yyubefHK3xEIKQKnL0iUkIPpzh4MuUHUxIgxkcnZayrTGdzL8MenmATM5dEwaCpNJjm5Oc1n2z0+mi88GZGzaNMaliKPya8hm+JB5yfGp5dtwbVlL8334dGjebMH52xGmeCEx7ZjAyArBrOwdlpuc53iRrPB6Vjy6jlj9l59qJP3oEaKgnNCf7xxN8LX9TfhA/RL90wxagRrKj6fDDlvppAhjlfAwhs+N8nHd/8U7qsX+0zSkuJQGxB0G7dVxPiu0Qom8b6fM9knYw+yIIIQUzXkF3QnTpeQnqHSOaN2uPnxnq0WN0Vq5DCZ4j2/Ig7TmDdOVkLXXKF4DpCrKhVHUZZ3xnbgfH6H2OL7sc8EZtQ5FN5oQav9P/pOGZwPjikTi5ZXSeTsSqRfpSdzdkh6YsB1k68HQO7JeGKRhjjS+j3xczW0TuiMtGxFa7OZ+OWIZqd71owP+4HU1W9kRlSiOyb3kWgeiMYOtY9QMBeU+pEk4BPJbRdtk5Wc4+aKDE2U2u9HgzLU6k+hM8mabO5ttoEQrVSiV/eVp1HQALEbN67v2WdeDeXUGRboJ+Gxir3ij9DL2Z7wYnEQlPgvK3u4MrAyLU9YtWx0khUT7ghNrYJCAj5RcmqJ5WgpqH48NPZElm4IZ+4g1F+LAynOeRB7pEX0a7JAaEkeXE2lNrjFGbo1n1XpcdZfUF4hZZU0ukbey+xWqbC1lE4KjUKXv3ImJ+Zli1RGFjDWsmBQBhE0QIseyjjhuexBs88+DExWZ5hs9jmZQJ5EozKe9dOHzdlu9mCof/bnpbYSn/aqlxdiB2b4iihoYwcDaOxWUxANuvUjy16EaYM/zFBM/mQks2iJbAWVT9RsdgGg80C/n+e6Swx96JGvLUjoeMjVjShtmT2jgwrgS b9s52Rkm 5x4WbBpm1sYYPZdRgbvOkO0z99vL+Lfr5B9pGuM55JxQWVpH8uED8h/4a+lsz5KNsS/tnaNpMY06fsvIGJFvhGWtpBV5AhF689Uj51ujsUg1XaUyK0EUo9NXM3PlT/B88ifp3+oQWpFkVMeeChBoZW5geBoAgRZ9JPNBzeAHLmibDv7AEAG6PcAEexVygIx8ckD6cV9MOuHRebskVy8XsXXGfd5ok5R+tXKT20woOoY/UNT/S+lgnjnPi9eLUCwx+MRWQIg976IjNhEavYP+JUUqOZHuCCT/NRwIfAD3LYNLabyYoDRXYgiHPgSrzBBNx09uHTr02wpZJ2sI= X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: From: Tom Lendacky Add support for the SEV-SNP AP Creation NAE event. This allows SEV-SNP guests to alter the register state of the APs on their own. This allows the guest a way of simulating INIT-SIPI. A new event, KVM_REQ_UPDATE_PROTECTED_GUEST_STATE, is created and used so as to avoid updating the VMSA pointer while the vCPU is running. For CREATE The guest supplies the GPA of the VMSA to be used for the vCPU with the specified APIC ID. The GPA is saved in the svm struct of the target vCPU, the KVM_REQ_UPDATE_PROTECTED_GUEST_STATE event is added to the vCPU and then the vCPU is kicked. For CREATE_ON_INIT: The guest supplies the GPA of the VMSA to be used for the vCPU with the specified APIC ID the next time an INIT is performed. The GPA is saved in the svm struct of the target vCPU. For DESTROY: The guest indicates it wishes to stop the vCPU. The GPA is cleared from the svm struct, the KVM_REQ_UPDATE_PROTECTED_GUEST_STATE event is added to vCPU and then the vCPU is kicked. The KVM_REQ_UPDATE_PROTECTED_GUEST_STATE event handler will be invoked as a result of the event or as a result of an INIT. The handler sets the vCPU to the KVM_MP_STATE_UNINITIALIZED state, so that any errors will leave the vCPU as not runnable. Any previous VMSA pages that were installed as part of an SEV-SNP AP Creation NAE event are un-pinned. If a new VMSA is to be installed, the VMSA guest page is pinned and set as the VMSA in the vCPU VMCB and the vCPU state is set to KVM_MP_STATE_RUNNABLE. If a new VMSA is not to be installed, the VMSA is cleared in the vCPU VMCB and the vCPU state is left as KVM_MP_STATE_UNINITIALIZED to prevent it from being run. Signed-off-by: Tom Lendacky Signed-off-by: Brijesh Singh Signed-off-by: Ashish Kalra [mdr: add handling for gmem] Signed-off-by: Michael Roth --- arch/x86/include/asm/kvm_host.h | 1 + arch/x86/include/asm/svm.h | 5 + arch/x86/kvm/svm/sev.c | 219 ++++++++++++++++++++++++++++++++ arch/x86/kvm/svm/svm.c | 3 + arch/x86/kvm/svm/svm.h | 8 +- arch/x86/kvm/x86.c | 11 ++ 6 files changed, 246 insertions(+), 1 deletion(-) diff --git a/arch/x86/include/asm/kvm_host.h b/arch/x86/include/asm/kvm_host.h index 3fdcbb1da856..9e45402e51bc 100644 --- a/arch/x86/include/asm/kvm_host.h +++ b/arch/x86/include/asm/kvm_host.h @@ -121,6 +121,7 @@ KVM_ARCH_REQ_FLAGS(31, KVM_REQUEST_WAIT | KVM_REQUEST_NO_WAKEUP) #define KVM_REQ_HV_TLB_FLUSH \ KVM_ARCH_REQ_FLAGS(32, KVM_REQUEST_WAIT | KVM_REQUEST_NO_WAKEUP) +#define KVM_REQ_UPDATE_PROTECTED_GUEST_STATE KVM_ARCH_REQ(34) #define CR0_RESERVED_BITS \ (~(unsigned long)(X86_CR0_PE | X86_CR0_MP | X86_CR0_EM | X86_CR0_TS \ diff --git a/arch/x86/include/asm/svm.h b/arch/x86/include/asm/svm.h index ba8ce15b27d7..4b73cf5e9de0 100644 --- a/arch/x86/include/asm/svm.h +++ b/arch/x86/include/asm/svm.h @@ -287,6 +287,11 @@ static_assert((X2AVIC_MAX_PHYSICAL_ID & AVIC_PHYSICAL_MAX_INDEX_MASK) == X2AVIC_ #define SVM_SEV_FEAT_DEBUG_SWAP BIT(5) #define SVM_SEV_FEAT_SNP_ACTIVE BIT(0) +#define SVM_SEV_FEAT_RESTRICTED_INJECTION BIT(3) +#define SVM_SEV_FEAT_ALTERNATE_INJECTION BIT(4) +#define SVM_SEV_FEAT_INT_INJ_MODES \ + (SVM_SEV_FEAT_RESTRICTED_INJECTION | \ + SVM_SEV_FEAT_ALTERNATE_INJECTION) struct vmcb_seg { u16 selector; diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c index 996b5a668938..3bb89c4df5d6 100644 --- a/arch/x86/kvm/svm/sev.c +++ b/arch/x86/kvm/svm/sev.c @@ -652,6 +652,7 @@ static int sev_launch_update_data(struct kvm *kvm, struct kvm_sev_cmd *argp) static int sev_es_sync_vmsa(struct vcpu_svm *svm) { + struct kvm_sev_info *sev = &to_kvm_svm(svm->vcpu.kvm)->sev_info; struct sev_es_save_area *save = svm->sev_es.vmsa; /* Check some debug related fields before encrypting the VMSA */ @@ -700,6 +701,12 @@ static int sev_es_sync_vmsa(struct vcpu_svm *svm) if (sev_snp_guest(svm->vcpu.kvm)) save->sev_features |= SVM_SEV_FEAT_SNP_ACTIVE; + /* + * Save the VMSA synced SEV features. For now, they are the same for + * all vCPUs, so just save each time. + */ + sev->sev_features = save->sev_features; + pr_debug("Virtual Machine Save Area (VMSA):\n"); print_hex_dump_debug("", DUMP_PREFIX_NONE, 16, 1, save, sizeof(*save), false); @@ -3082,6 +3089,11 @@ static int sev_es_validate_vmgexit(struct vcpu_svm *svm) if (!kvm_ghcb_sw_scratch_is_valid(svm)) goto vmgexit_err; break; + case SVM_VMGEXIT_AP_CREATION: + if (lower_32_bits(control->exit_info_1) != SVM_VMGEXIT_AP_DESTROY) + if (!kvm_ghcb_rax_is_valid(svm)) + goto vmgexit_err; + break; case SVM_VMGEXIT_NMI_COMPLETE: case SVM_VMGEXIT_AP_HLT_LOOP: case SVM_VMGEXIT_AP_JUMP_TABLE: @@ -3322,6 +3334,202 @@ static int snp_complete_psc(struct kvm_vcpu *vcpu) return 1; /* resume guest */ } +static int __sev_snp_update_protected_guest_state(struct kvm_vcpu *vcpu) +{ + struct vcpu_svm *svm = to_svm(vcpu); + hpa_t cur_pa; + + WARN_ON(!mutex_is_locked(&svm->sev_es.snp_vmsa_mutex)); + + /* Save off the current VMSA PA for later checks */ + cur_pa = svm->sev_es.vmsa_pa; + + /* Mark the vCPU as offline and not runnable */ + vcpu->arch.pv.pv_unhalted = false; + vcpu->arch.mp_state = KVM_MP_STATE_HALTED; + + /* Clear use of the VMSA */ + svm->sev_es.vmsa_pa = INVALID_PAGE; + svm->vmcb->control.vmsa_pa = INVALID_PAGE; + + /* + * sev->sev_es.vmsa holds the virtual address of the VMSA initially + * allocated by the host. If the guest specified a new a VMSA via + * AP_CREATION, it will have been pinned to avoid future issues + * with things like page migration support. Make sure to un-pin it + * before switching to a newer guest-specified VMSA. + */ + if (cur_pa != __pa(svm->sev_es.vmsa) && VALID_PAGE(cur_pa)) + kvm_release_pfn_dirty(__phys_to_pfn(cur_pa)); + + if (VALID_PAGE(svm->sev_es.snp_vmsa_gpa)) { + gfn_t gfn = gpa_to_gfn(svm->sev_es.snp_vmsa_gpa); + struct kvm_memory_slot *slot; + kvm_pfn_t pfn; + + slot = gfn_to_memslot(vcpu->kvm, gfn); + if (!slot) + return -EINVAL; + + /* + * The new VMSA will be private memory guest memory, so + * retrieve the PFN from the gmem backend, and leave the ref + * count of the associated folio elevated to ensure it won't + * ever be migrated. + */ + if (kvm_gmem_get_pfn(vcpu->kvm, slot, gfn, &pfn, NULL)) + return -EINVAL; + + /* Use the new VMSA */ + svm->sev_es.vmsa_pa = pfn_to_hpa(pfn); + svm->vmcb->control.vmsa_pa = svm->sev_es.vmsa_pa; + + /* Mark the vCPU as runnable */ + vcpu->arch.pv.pv_unhalted = false; + vcpu->arch.mp_state = KVM_MP_STATE_RUNNABLE; + + svm->sev_es.snp_vmsa_gpa = INVALID_PAGE; + } + + /* + * When replacing the VMSA during SEV-SNP AP creation, + * mark the VMCB dirty so that full state is always reloaded. + */ + vmcb_mark_all_dirty(svm->vmcb); + + return 0; +} + +/* + * Invoked as part of svm_vcpu_reset() processing of an init event. + */ +void sev_snp_init_protected_guest_state(struct kvm_vcpu *vcpu) +{ + struct vcpu_svm *svm = to_svm(vcpu); + int ret; + + if (!sev_snp_guest(vcpu->kvm)) + return; + + mutex_lock(&svm->sev_es.snp_vmsa_mutex); + + if (!svm->sev_es.snp_ap_create) + goto unlock; + + svm->sev_es.snp_ap_create = false; + + ret = __sev_snp_update_protected_guest_state(vcpu); + if (ret) + vcpu_unimpl(vcpu, "snp: AP state update on init failed\n"); + +unlock: + mutex_unlock(&svm->sev_es.snp_vmsa_mutex); +} + +static int sev_snp_ap_creation(struct vcpu_svm *svm) +{ + struct kvm_sev_info *sev = &to_kvm_svm(svm->vcpu.kvm)->sev_info; + struct kvm_vcpu *vcpu = &svm->vcpu; + struct kvm_vcpu *target_vcpu; + struct vcpu_svm *target_svm; + unsigned int request; + unsigned int apic_id; + bool kick; + int ret; + + request = lower_32_bits(svm->vmcb->control.exit_info_1); + apic_id = upper_32_bits(svm->vmcb->control.exit_info_1); + + /* Validate the APIC ID */ + target_vcpu = kvm_get_vcpu_by_id(vcpu->kvm, apic_id); + if (!target_vcpu) { + vcpu_unimpl(vcpu, "vmgexit: invalid AP APIC ID [%#x] from guest\n", + apic_id); + return -EINVAL; + } + + ret = 0; + + target_svm = to_svm(target_vcpu); + + /* + * The target vCPU is valid, so the vCPU will be kicked unless the + * request is for CREATE_ON_INIT. For any errors at this stage, the + * kick will place the vCPU in an non-runnable state. + */ + kick = true; + + mutex_lock(&target_svm->sev_es.snp_vmsa_mutex); + + target_svm->sev_es.snp_vmsa_gpa = INVALID_PAGE; + target_svm->sev_es.snp_ap_create = true; + + /* Interrupt injection mode shouldn't change for AP creation */ + if (request < SVM_VMGEXIT_AP_DESTROY) { + u64 sev_features; + + sev_features = vcpu->arch.regs[VCPU_REGS_RAX]; + sev_features ^= sev->sev_features; + if (sev_features & SVM_SEV_FEAT_INT_INJ_MODES) { + vcpu_unimpl(vcpu, "vmgexit: invalid AP injection mode [%#lx] from guest\n", + vcpu->arch.regs[VCPU_REGS_RAX]); + ret = -EINVAL; + goto out; + } + } + + switch (request) { + case SVM_VMGEXIT_AP_CREATE_ON_INIT: + kick = false; + fallthrough; + case SVM_VMGEXIT_AP_CREATE: + if (!page_address_valid(vcpu, svm->vmcb->control.exit_info_2)) { + vcpu_unimpl(vcpu, "vmgexit: invalid AP VMSA address [%#llx] from guest\n", + svm->vmcb->control.exit_info_2); + ret = -EINVAL; + goto out; + } + + /* + * Malicious guest can RMPADJUST a large page into VMSA which + * will hit the SNP erratum where the CPU will incorrectly signal + * an RMP violation #PF if a hugepage collides with the RMP entry + * of VMSA page, reject the AP CREATE request if VMSA address from + * guest is 2M aligned. + */ + if (IS_ALIGNED(svm->vmcb->control.exit_info_2, PMD_SIZE)) { + vcpu_unimpl(vcpu, + "vmgexit: AP VMSA address [%llx] from guest is unsafe as it is 2M aligned\n", + svm->vmcb->control.exit_info_2); + ret = -EINVAL; + goto out; + } + + target_svm->sev_es.snp_vmsa_gpa = svm->vmcb->control.exit_info_2; + break; + case SVM_VMGEXIT_AP_DESTROY: + break; + default: + vcpu_unimpl(vcpu, "vmgexit: invalid AP creation request [%#x] from guest\n", + request); + ret = -EINVAL; + break; + } + +out: + if (kick) { + if (target_vcpu->arch.mp_state == KVM_MP_STATE_UNINITIALIZED) + target_vcpu->arch.mp_state = KVM_MP_STATE_RUNNABLE; + + kvm_make_request(KVM_REQ_UPDATE_PROTECTED_GUEST_STATE, target_vcpu); + kvm_vcpu_kick(target_vcpu); + } + + mutex_unlock(&target_svm->sev_es.snp_vmsa_mutex); + + return ret; +} + static int sev_handle_vmgexit_msr_protocol(struct vcpu_svm *svm) { struct vmcb_control_area *control = &svm->vmcb->control; @@ -3565,6 +3773,15 @@ int sev_handle_vmgexit(struct kvm_vcpu *vcpu) vcpu->run->vmgexit.psc.shared_gpa = svm->sev_es.sw_scratch; vcpu->arch.complete_userspace_io = snp_complete_psc; break; + case SVM_VMGEXIT_AP_CREATION: + ret = sev_snp_ap_creation(svm); + if (ret) { + ghcb_set_sw_exit_info_1(svm->sev_es.ghcb, 2); + ghcb_set_sw_exit_info_2(svm->sev_es.ghcb, GHCB_ERR_INVALID_INPUT); + } + + ret = 1; + break; case SVM_VMGEXIT_UNSUPPORTED_EVENT: vcpu_unimpl(vcpu, "vmgexit: unsupported event - exit_info_1=%#llx, exit_info_2=%#llx\n", @@ -3731,6 +3948,8 @@ void sev_es_vcpu_reset(struct vcpu_svm *svm) set_ghcb_msr(svm, GHCB_MSR_SEV_INFO(GHCB_VERSION_MAX, GHCB_VERSION_MIN, sev_enc_bit)); + + mutex_init(&svm->sev_es.snp_vmsa_mutex); } void sev_es_prepare_switch_to_guest(struct sev_es_save_area *hostsa) diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c index da49e4981d75..240518f8d6c7 100644 --- a/arch/x86/kvm/svm/svm.c +++ b/arch/x86/kvm/svm/svm.c @@ -1398,6 +1398,9 @@ static void svm_vcpu_reset(struct kvm_vcpu *vcpu, bool init_event) svm->spec_ctrl = 0; svm->virt_spec_ctrl = 0; + if (init_event) + sev_snp_init_protected_guest_state(vcpu); + init_vmcb(vcpu); if (!init_event) diff --git a/arch/x86/kvm/svm/svm.h b/arch/x86/kvm/svm/svm.h index 4ef41f4d4ee6..d953ae41c619 100644 --- a/arch/x86/kvm/svm/svm.h +++ b/arch/x86/kvm/svm/svm.h @@ -96,6 +96,7 @@ struct kvm_sev_info { atomic_t migration_in_progress; u64 snp_init_flags; void *snp_context; /* SNP guest context page */ + u64 sev_features; /* Features set at VMSA creation */ }; struct kvm_svm { @@ -214,6 +215,10 @@ struct vcpu_sev_es_state { bool ghcb_sa_free; u64 ghcb_registered_gpa; + + struct mutex snp_vmsa_mutex; /* Used to handle concurrent updates of VMSA. */ + gpa_t snp_vmsa_gpa; + bool snp_ap_create; }; struct vcpu_svm { @@ -689,7 +694,7 @@ void avic_refresh_virtual_apic_mode(struct kvm_vcpu *vcpu); #define GHCB_VERSION_MAX 2ULL #define GHCB_VERSION_MIN 1ULL -#define GHCB_HV_FT_SUPPORTED GHCB_HV_FT_SNP +#define GHCB_HV_FT_SUPPORTED (GHCB_HV_FT_SNP | GHCB_HV_FT_SNP_AP_CREATION) extern unsigned int max_sev_asid; @@ -719,6 +724,7 @@ void sev_es_prepare_switch_to_guest(struct sev_es_save_area *hostsa); void sev_es_unmap_ghcb(struct vcpu_svm *svm); struct page *snp_safe_alloc_page(struct kvm_vcpu *vcpu); void handle_rmp_page_fault(struct kvm_vcpu *vcpu, gpa_t gpa, u64 error_code); +void sev_snp_init_protected_guest_state(struct kvm_vcpu *vcpu); /* vmenter.S */ diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c index 87b78d63e81d..df9ec357d538 100644 --- a/arch/x86/kvm/x86.c +++ b/arch/x86/kvm/x86.c @@ -10858,6 +10858,14 @@ static int vcpu_enter_guest(struct kvm_vcpu *vcpu) if (kvm_check_request(KVM_REQ_UPDATE_CPU_DIRTY_LOGGING, vcpu)) static_call(kvm_x86_update_cpu_dirty_logging)(vcpu); + + if (kvm_check_request(KVM_REQ_UPDATE_PROTECTED_GUEST_STATE, vcpu)) { + kvm_vcpu_reset(vcpu, true); + if (vcpu->arch.mp_state != KVM_MP_STATE_RUNNABLE) { + r = 1; + goto out; + } + } } if (kvm_check_request(KVM_REQ_EVENT, vcpu) || req_int_win || @@ -13072,6 +13080,9 @@ static inline bool kvm_vcpu_has_events(struct kvm_vcpu *vcpu) if (kvm_test_request(KVM_REQ_PMI, vcpu)) return true; + if (kvm_test_request(KVM_REQ_UPDATE_PROTECTED_GUEST_STATE, vcpu)) + return true; + if (kvm_arch_interrupt_allowed(vcpu) && (kvm_cpu_has_interrupt(vcpu) || kvm_guest_apic_has_interrupt(vcpu))) From patchwork Sat Dec 30 17:23:43 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Roth X-Patchwork-Id: 13506987 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 34125C46CD2 for ; Sat, 30 Dec 2023 17:31:29 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id B8A016B011F; Sat, 30 Dec 2023 12:31:28 -0500 (EST) Received: by kanga.kvack.org (Postfix, from userid 40) id B13746B0121; Sat, 30 Dec 2023 12:31:28 -0500 (EST) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 98B756B0123; Sat, 30 Dec 2023 12:31:28 -0500 (EST) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0015.hostedemail.com [216.40.44.15]) by kanga.kvack.org (Postfix) with ESMTP id 857F16B011F for ; Sat, 30 Dec 2023 12:31:28 -0500 (EST) Received: from smtpin07.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay09.hostedemail.com (Postfix) with ESMTP id 58C168043F for ; Sat, 30 Dec 2023 17:31:28 +0000 (UTC) X-FDA: 81624176256.07.1192A00 Received: from NAM11-CO1-obe.outbound.protection.outlook.com (mail-co1nam11on2067.outbound.protection.outlook.com [40.107.220.67]) by imf06.hostedemail.com (Postfix) with ESMTP id 4483F180019 for ; Sat, 30 Dec 2023 17:31:25 +0000 (UTC) Authentication-Results: imf06.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b="xbrP/btl"; spf=pass (imf06.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.220.67 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com; arc=pass ("microsoft.com:s=arcselector9901:i=1"); dmarc=pass (policy=quarantine) header.from=amd.com ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1703957485; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=WjyvJ1UWir8S4mCHuVRPOJI4IZRnaj30FvX/iFHnDoQ=; b=XHM5jly0KoeABMxeGldSf0Drp5XiUD1M/CRdCC8VbAfyYHlYW6hEo8qbOL8KH193SrvPtu jeIKKVUJLn8YpyJF9oJa6nEnfTVayvpX8BmgDJn+AiMF8zKtqcERplmppcaGiQ0jH3ZBrI oEQrePJuslZ/kfTz3+GYMEAuk0VvnHo= ARC-Authentication-Results: i=2; imf06.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b="xbrP/btl"; spf=pass (imf06.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.220.67 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com; arc=pass ("microsoft.com:s=arcselector9901:i=1"); dmarc=pass (policy=quarantine) header.from=amd.com ARC-Seal: i=2; s=arc-20220608; d=hostedemail.com; t=1703957485; a=rsa-sha256; cv=pass; b=E2p7kclwkhjp9PqAHb5C5aYAoz+aZPXaMLmDbfOdAmKKU8T16wjobWEe5FM9rUy6TOnC5h sTOfbrNjCkx6UA4MznpsD0HgnuJ+Ci1RxApGImrK12nOIYwRQYU6TskrcKeuxrhHiCGKZi MTKqP831Xt2y6ckCj6q2rxzoE1hcpDA= ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=VpVCekYQPk1jFUis9E//RUOiQwOzSLpb4UyZ2FBbwipxCanp061gO/xBoCxibCRUhNlw9nhQQOwGtZp9hPMU3amnqanFEFz+fjUw2OQ5hZ+OZgKmDO2ve8FjT9jrWfpZy/l4AUSRg6eUMQj/vbAjZp2v74rSmLbR0767bPmPi/o2gm0jtNj3+Up7w5ffMxh+90G6ljbuOxxgUXcnuj4TBdr8RTmoqsA7Y/HCYDPtlEHG+XJohyXWwm6X51C2IhxIUw9M0YWBcGSStx3yOb+xOfSuPjmQcc5KAhTIIGGOfC1TBMN7ym+iit4Ykv+DzuLp+ElJmywg0hH1i/jIiv325w== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=WjyvJ1UWir8S4mCHuVRPOJI4IZRnaj30FvX/iFHnDoQ=; b=RCGk/6/fMuCZXNPuT78N/kbeVArJyjPO8PO6uPwtbds7G1IQmmbEdoa9SFLLRzL0uiGGn7olgJHyIwCbAa/VKuBkwrK5A1fL79U6VuTJhZ8Zlk74C+nUPntEW4axrv7KsDFuybGQMLBtH0dZOjqatb+guPDT9TY5nDzTAfssepYzK2loHEmpqMYuCbfpJKF4AseWOTNRRiPU23ORM23iymtFMge3uZac7E9oW9bVfO/jXoDzqdg2OYRSECeTMHTSHfgQZF/ZpRC0bwKiCTAPIcrNr/0w1gmhF7ghqe/RJrduMSMBP1XM+d4nAkF65U8u/nEvQb+gSupbwfPxBgjkRQ== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none (0) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=WjyvJ1UWir8S4mCHuVRPOJI4IZRnaj30FvX/iFHnDoQ=; b=xbrP/btlNPr3AHek+Exqi3M0kYEXfQJ1iuYLRqg+LdtMPvIY/uAktWuOdV8e22hDF5yDaP51SFSFRH3EUkmtpAicQDqoVFwmPamprgXWfO9vmItgU30HjK2av1e3+9UOaR1dwxm+zKbXXTSZFLNp5jRb08SCeC+CwPOMBU3AfC4= Received: from MW4PR04CA0081.namprd04.prod.outlook.com (2603:10b6:303:6b::26) by BY5PR12MB4324.namprd12.prod.outlook.com (2603:10b6:a03:209::10) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7135.23; Sat, 30 Dec 2023 17:31:18 +0000 Received: from CO1PEPF000044F0.namprd05.prod.outlook.com (2603:10b6:303:6b:cafe::26) by MW4PR04CA0081.outlook.office365.com (2603:10b6:303:6b::26) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7135.22 via Frontend Transport; Sat, 30 Dec 2023 17:31:18 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by CO1PEPF000044F0.mail.protection.outlook.com (10.167.241.70) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.7159.9 via Frontend Transport; Sat, 30 Dec 2023 17:31:18 +0000 Received: from localhost (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.34; Sat, 30 Dec 2023 11:31:17 -0600 From: Michael Roth To: CC: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , Subject: [PATCH v11 27/35] KVM: SEV: Add support for GHCB-based termination requests Date: Sat, 30 Dec 2023 11:23:43 -0600 Message-ID: <20231230172351.574091-28-michael.roth@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20231230172351.574091-1-michael.roth@amd.com> References: <20231230172351.574091-1-michael.roth@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: CO1PEPF000044F0:EE_|BY5PR12MB4324:EE_ X-MS-Office365-Filtering-Correlation-Id: 2404eea3-8317-4777-adc8-08dc095d21da X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: AQCc5JFhKN9TsISAlRGjfI25oNbpX0Tu7QJyT25F/opuZasH7KN1xmDKAQkfJEvK4igle4cqLyXYCn2WpqTZ60/X/ljoq7nSWJqr6CmYDYhTwGrhnstZ4tVt0fwaJfF1jgqggfmPghId8M3J93Spxhe0Ur9r08HDJa+e9uBJ1bR0kO/9o1Pz/zJuE2jA7izcWSVDNN0wegQdLtUzfwbNpjixvInfidPhvnzsY0YhxLLOV0mR3PFZ0VkBpMS9MY+zKcLRf/ZsJlga5JqMCLtbC4g5BfrdTl6152KOy8MWJMCwTyZ5oq/Hxu5rmXl8MhQya0u3Jx3aoDDrjfVxgUqtVDP9BBgX8mk071yns1oiRlbm59999YulV1FmaTl4EEMpRMxl7fDiNTI7PFCSul42v5kX9olOnTt+JTUr2qZ1tvHO604UnL70MzwV9nXAUKHfxXQyAPxg3KTMo747wun2gR4CjS9fFnrsDlFWst/TrseXW+QKY+1tS3GSE1H1lqCwRn363mAlYE7AmsUBvy0HFlUB1qgXEN2m4ek/Kjs/xntg3T/Of0B3WJ0ezKyxheI7ZM8LwGK9vYTP3VH8k6m96kzTA7uBG+9Z6hvF6VzQdds53i7MQiKnqJNxBSgk7DtoMCKLKAxbHU0q5NpUDcnpkdj6+5tzr6JMk8jwXK7IBF+oBWhGZlkesz53hrHS4ZFC7FBC4NYTEGpaoFByIp74vUDyRAcBFk52xpwtQ/rCaCecnCOidkBXU5JEFDFttwOgLbrixvybPOuBBK3t+TE1Jw== X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230031)(4636009)(376002)(346002)(39850400004)(136003)(396003)(230922051799003)(1800799012)(451199024)(64100799003)(82310400011)(186009)(40470700004)(36840700001)(46966006)(40480700001)(40460700003)(336012)(426003)(2616005)(16526019)(83380400001)(1076003)(26005)(86362001)(36756003)(81166007)(356005)(82740400003)(4326008)(44832011)(5660300002)(47076005)(7416002)(7406005)(6666004)(36860700001)(8936002)(8676002)(54906003)(70206006)(70586007)(316002)(6916009)(2906002)(41300700001)(478600001)(36900700001);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 30 Dec 2023 17:31:18.2949 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 2404eea3-8317-4777-adc8-08dc095d21da X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: CO1PEPF000044F0.namprd05.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: BY5PR12MB4324 X-Rspamd-Queue-Id: 4483F180019 X-Rspam-User: X-Stat-Signature: o4npdq5zkyc6die5j1kj35wehfrs19o3 X-Rspamd-Server: rspam01 X-HE-Tag: 1703957485-181573 X-HE-Meta: U2FsdGVkX19kMXhLfuPd6WD2m5ORbxy44qIGfUvLKA16RuR/EcL4aBDr8NaSVrQpuTMXnDp3JAABcQ6oQRjj9ZDO6Ky0sfyKoruyDV+ymvZpHhcbjyN+7aGjKu1AlBdhc/3hz2JH6VVfL6Wasl5PDX68/0ivKeduCH7WOIbLljn/XU8Sal++rixhICNheheCH+JcbdhP+JeIUPg7L43CkE+yy21exT8AfJJV3f3gGAeKXTsoZykxnucXTq/Aht70iQbayVeqTnpwuHpT+vcaisX8JCnD14vVMnSFMkyzDXiIO6RUgYp3JrWzQa+e8wO/AoyVy/7Aryn2qZLX9SGhxJwrW4TvUsLyQEqQMYcbjv03S7e2gTgjs+4jF441jrd+zbyb9OH8j2gufnDF/PA1FG3Angqmx5fUObCK4pDxNBSEWWPdVftTfEMAMTAnNQPyE4kB4GVNyFWA1NaAmvP7OZ4F31L30DKg6WxyS2p5Stx0jeoplcW+audJS58JP5uurKUB0CaAUPEjhovnb7qr6mcio5uRS7uJqX/Jxt6cuZTKxi3VXsaayJQWLXEmObBcjAfIev8qWzK/8OJNM9cCeJgRC3JOQNfQSh+9RGMlrz1YEbsxme5fz7M2oc/nYsnLe2QUk5iQTQtr2qrS8DZfWvQ9GONNBTIHV1I5DvWFXLJsN2U9JB4wcSTAh3XxfM2itVNXfMa2KNe81z9MiXkql8edWsZLKyWJx2L9t+GdHdR9QKVyYwoPXCvKMNw/737Bqgbetr/qnNWZ/GeugeEw/BiSOfs5dagW3Ap3ux4jlj2g8vBBbww1Gy9v6FBv94AuHqVLHGFwsvEv5d4cJC06tHecGHQ3d3Xignyia69nMnNjAT29+00/iUO0x1E4xQHWe/seUL20fmqGdlMvT6u02ZVyvC2HYAqg+7NvlbOEEehEOOBf+NUt/joimvfGmWYOLeTx1RC89QsPk28svrE x7MJ0Gea Lbn/eWlyWOfyrvfthzcNWep5Ptyj1zssGBzuUnYL/MEhRxRzh6OBFw6MrtGeNOk4Ya9oi/SwR69L+cXTFh8FMcx5IjmoVsBu5GxfU4W0G3Ht5VKQLyNMFd4ZNhjiea2dfeJXxeh8pgLVzCMBpLwKD6EdyTPHc37ZuWrtL//t6EdZX8iGnhjHcpfRc5ylNa8g4DV/yzL9FHxjQL/4q12azqTObOYp6RAaMlddsytVqrOxhNaGd2RBw6pmsVDTqomUisM6H9SESnzGtWhIwB9KnuiGIE2IqRV7Lwd7JATypE1wV4A/BkmXQiawJ4TNMIimrn5UHbxzKxllMi2E= X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: GHCB version 2 adds support for a GHCB-based termination request that a guest can issue when it reaches an error state and wishes to inform the hypervisor that it should be terminated. Implement support for that similarly to GHCB MSR-based termination requests that are already available to SEV-ES guests via earlier versions of the GHCB protocol. See 'Termination Request' in the 'Invoking VMGEXIT' section of the GHCB specification for more details. Signed-off-by: Michael Roth --- arch/x86/kvm/svm/sev.c | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c index 3bb89c4df5d6..b2ac696c436a 100644 --- a/arch/x86/kvm/svm/sev.c +++ b/arch/x86/kvm/svm/sev.c @@ -3100,6 +3100,7 @@ static int sev_es_validate_vmgexit(struct vcpu_svm *svm) case SVM_VMGEXIT_UNSUPPORTED_EVENT: case SVM_VMGEXIT_HV_FEATURES: case SVM_VMGEXIT_PSC: + case SVM_VMGEXIT_TERM_REQUEST: break; default: reason = GHCB_ERR_INVALID_EVENT; @@ -3782,6 +3783,14 @@ int sev_handle_vmgexit(struct kvm_vcpu *vcpu) ret = 1; break; + case SVM_VMGEXIT_TERM_REQUEST: + pr_info("SEV-ES guest requested termination: reason %#llx info %#llx\n", + control->exit_info_1, control->exit_info_2); + vcpu->run->exit_reason = KVM_EXIT_SYSTEM_EVENT; + vcpu->run->system_event.type = KVM_SYSTEM_EVENT_SEV_TERM; + vcpu->run->system_event.ndata = 1; + vcpu->run->system_event.data[0] = control->ghcb_gpa; + break; case SVM_VMGEXIT_UNSUPPORTED_EVENT: vcpu_unimpl(vcpu, "vmgexit: unsupported event - exit_info_1=%#llx, exit_info_2=%#llx\n", From patchwork Sat Dec 30 17:23:44 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Roth X-Patchwork-Id: 13506988 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id D0460C46CD2 for ; Sat, 30 Dec 2023 17:31:51 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 6F8A78D0020; Sat, 30 Dec 2023 12:31:51 -0500 (EST) Received: by kanga.kvack.org (Postfix, from userid 40) id 6A7E18D0012; Sat, 30 Dec 2023 12:31:51 -0500 (EST) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 5462D8D0020; Sat, 30 Dec 2023 12:31:51 -0500 (EST) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0014.hostedemail.com [216.40.44.14]) by kanga.kvack.org (Postfix) with ESMTP id 3DC9E8D0012 for ; Sat, 30 Dec 2023 12:31:51 -0500 (EST) Received: from smtpin11.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay07.hostedemail.com (Postfix) with ESMTP id 17F891609E9 for ; Sat, 30 Dec 2023 17:31:51 +0000 (UTC) X-FDA: 81624177222.11.70AEF96 Received: from NAM12-MW2-obe.outbound.protection.outlook.com (mail-mw2nam12on2060.outbound.protection.outlook.com [40.107.244.60]) by imf03.hostedemail.com (Postfix) with ESMTP id 176A320011 for ; Sat, 30 Dec 2023 17:31:47 +0000 (UTC) Authentication-Results: imf03.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b=VUYVhN4I; dmarc=pass (policy=quarantine) header.from=amd.com; spf=pass (imf03.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.244.60 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com; arc=pass ("microsoft.com:s=arcselector9901:i=1") ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1703957508; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=g1q/IDF0qYXkJ286SdCGuzAGffimqSfzL+i/Gnvr/GE=; b=QBMb7lSMdgGiTlhLVUI0v1+rQqtic5/2PUWf9z8AJih6hdkuZ7+fNBbihAFKa1KWyZsmph JfoMqWLllDOHD+cefUJrh6ySDRQErhyxru6TGM9QaoC03MS9qTLBwg9XjdKw7rbmk6FbP4 ts+AR0B7K9vAhuoQ3MxKaVC0MUG29b8= ARC-Authentication-Results: i=2; imf03.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b=VUYVhN4I; dmarc=pass (policy=quarantine) header.from=amd.com; spf=pass (imf03.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.244.60 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com; arc=pass ("microsoft.com:s=arcselector9901:i=1") ARC-Seal: i=2; s=arc-20220608; d=hostedemail.com; t=1703957508; a=rsa-sha256; cv=pass; b=uXPQThAAYD/kg8OEQP8eDQs1BHwiHhmudAnn2Jq+7/ifA2Nr3cI70qehU6339AkiClL7od Kdq+G7qZxQJyrPzVAtZWNSXHKjixyO9ekpy7qeG5LsklhYJguzT13jN0Fh/sQ1vex45tdp fjyr4B9yHENlxrpG+2mWUEXDQ7wP9Ww= ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=Zg8NmP2Zlp8Ao6bHGMApLSQ22CUAbDWVaT074O3qR2tRl+V5OfwJBda0wVLTSgwSbN4oXMrJiaEsr5nB5f/GbUxV0t5xGSDtdsd3YC8QTNfRMibQ5+NHVyyitzUyelin35gh+5TCOgF9UOeoW2qsEt+YHqtFJpzVCXaBF3cTTVqgwC0JhjAKedouOBMbL4kU2UWxP2sia3vNjv6iXotEjb89Wkp/jgZdemyL68DIKsy/Z1dbqbb0aW/V6hVidU+3PRK999lPdb83M3deGTanoKn4VBrYIonQ+a8qNOS7Zp31LoPVba2kkMh6/bHqlqBFSn7BLWoM0XTntN51KDfYOQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=g1q/IDF0qYXkJ286SdCGuzAGffimqSfzL+i/Gnvr/GE=; b=H1knlMFy3HGHVNHg7wzYaPWL76Ucsnr4nOdV61orurK8bPRbJlFFb76DrBO/NW+JL5EuxTi286aCUhP5+2XyYWLbmTUQZr9qh9i8RBoJdzm69+XVth74k3YFcM8V7aBTiBCUGWCALOKwGArTPHwdk7+mB1OmgFHsPwRYQeE+8VK8xZnlzhFLBN0D3iVEcWzEpPw6s42f83qaSd4SBrwD4wSSNqT88h6M7EBREG59i3xkrh9HBuSKleIcexpoS3xcP8i5N9MZjn+Dl1B4hxBFUe2hwnCfcJieJBjxrI6iIuEDRwaXP3p8QFvkLrtAfsfTxpHFU/HHoH/704Y1pfLDdg== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none (0) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=g1q/IDF0qYXkJ286SdCGuzAGffimqSfzL+i/Gnvr/GE=; b=VUYVhN4IWVOC73YCYiJCsqooGSqlhUkASWX/PD+CgZsrb15d7vfFKasYsUd0EG2QP6DUdjfGcL7i4vdwVfZSQrPUx7SVFtuP946FndeQMbUvOEH7ck7NxYlEMuMiAb/mlUIbOYVmd26JkV2Z4JUEGC3dR83MthoJHOKpoihiitk= Received: from SJ0PR05CA0196.namprd05.prod.outlook.com (2603:10b6:a03:330::21) by SJ1PR12MB6121.namprd12.prod.outlook.com (2603:10b6:a03:45c::6) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7135.22; Sat, 30 Dec 2023 17:31:40 +0000 Received: from CO1PEPF000044F1.namprd05.prod.outlook.com (2603:10b6:a03:330:cafe::cf) by SJ0PR05CA0196.outlook.office365.com (2603:10b6:a03:330::21) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7159.8 via Frontend Transport; Sat, 30 Dec 2023 17:31:40 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by CO1PEPF000044F1.mail.protection.outlook.com (10.167.241.71) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.7159.9 via Frontend Transport; Sat, 30 Dec 2023 17:31:39 +0000 Received: from localhost (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.34; Sat, 30 Dec 2023 11:31:38 -0600 From: Michael Roth To: CC: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , Subject: [PATCH v11 28/35] KVM: SEV: Implement gmem hook for initializing private pages Date: Sat, 30 Dec 2023 11:23:44 -0600 Message-ID: <20231230172351.574091-29-michael.roth@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20231230172351.574091-1-michael.roth@amd.com> References: <20231230172351.574091-1-michael.roth@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: CO1PEPF000044F1:EE_|SJ1PR12MB6121:EE_ X-MS-Office365-Filtering-Correlation-Id: 87b6613d-9e15-4c77-bf06-08dc095d2ec5 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: xd0vzeKXW6RfAphrsqWrRZctvoPd6zoOA+EfHPMKxWJbEUJ3pqAYCiWiXvH0GsA66rhxkG9M5uG11gDy2pv/8mce1NbOmOQxuB7850smLNz1pxd32CgEcfzM8H9uhazdy+VYJ8Y7KFGAWha6fYn9NCRD4M5CXdyy7Hj7KKqkfbvsrzWsSpBn2+HcZ2YddMbEjjNdXflzqjUVcwf7rdPmtsR0XOs6QbvXNMRcAofFervfNBybumyb6pRNAJRpGF0/FLIpvdHfe3ZwCh72ij8+UYBl7N/vHwfh7+qWvK2j9vc2Pj91skEMdNNQBIAuSOoPMHjalJP6VWykqp65Q7HyP51Xtwmg+ABZBQwRKNk2KQW3KFUtLeHDj6qp4NlcXDX761mK4c0HRJ41slv6jMM/lwfE5xQuUtRuovDztNwK/TWb0/gLFTKVDPYL+WQITsYOt4v16kXZiMtwMOuHF5i6Wv+CDj9RnYIRn5yBuSUW5L/BFU1QdkRjIxTGA0URWqjzXdEt0Ywp6lOzI2kcbUCKdehyd8h72EZVPwzOR3sJttJScL2FP2eGL28BB5a33zOu4NSqmUNsS7kCThTq2o8ezXOFTZKp+g8LotZLzveQBtxj70JUJuANw2VeOJIlnTCQYuVSbPO0c1C4vA4cQviYarye9PbNsH+dUPY7/ZZZERMShr2bMnmNC9ZJPizCwEAekDQJtfcNEbPJpqC3Z/gqJOT+2jBEEP0QE1HFsUsUuQK1WmfuALhRvpHhoaGhVqU2AhmH74foySSQY+qNem9WJQ== X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230031)(4636009)(376002)(346002)(136003)(396003)(39860400002)(230922051799003)(1800799012)(451199024)(64100799003)(82310400011)(186009)(40470700004)(46966006)(36840700001)(40480700001)(40460700003)(336012)(426003)(2616005)(16526019)(83380400001)(1076003)(26005)(86362001)(81166007)(36756003)(356005)(82740400003)(4326008)(44832011)(5660300002)(47076005)(7406005)(7416002)(6666004)(36860700001)(54906003)(8936002)(8676002)(70206006)(70586007)(316002)(6916009)(2906002)(41300700001)(478600001)(36900700001);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 30 Dec 2023 17:31:39.9368 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 87b6613d-9e15-4c77-bf06-08dc095d2ec5 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: CO1PEPF000044F1.namprd05.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: SJ1PR12MB6121 X-Rspamd-Queue-Id: 176A320011 X-Rspam-User: X-Rspamd-Server: rspam02 X-Stat-Signature: 9bccwkntwicsp74iiwio1hiaop16epsh X-HE-Tag: 1703957507-97426 X-HE-Meta: U2FsdGVkX18Hw0jyhtgfLZDFhsLR5gXKxsc6KKcypufiPhjsTkacQCK3sEi10yCEMWgXkl74Zy9GdvuuShN+ie016Gl8K6u78GoLJLfdRcF7lm7WAneYEWAH0qybgDnsSYbddpEHDhsdClwq4fpR64dqZtktkboGGQ3ykDRI+7Z4biUfFZkh2XzKRTzz3+qZ+L21vMpaG+YhLhEgQIHlnkUmUPyYYmd7hkpo3aD9cUVpfhPYm7X1kt1n4RMt3Pb1dtTuRPAYD3v82TWguNsKDbvq/zlVY+/mn5CrKcJQN6ke8X4QHpH4rwpF28SQP8RjsYcM/90NBF/YPsK1+DrF52GHPLDixG7Q4QqAl8Y1lRX+4bMi/pIL6tqA1swb53DcnWa6gJgNjDTXUXQ85rLit/TcR880fsPh2++VP9zopusDXjFi2FlzfKfhRlITb69hvgxGw/eVYsp24Uj7ckkns69r4W3UmTer4WbkmnBviY/qQgklbvwROW8dSgvPqwaN7DcG9u7RmpVFHmRh5UjpsYR5NT+UHYFBeNiVpjmkozscCBnZPd6v0J/uWXG4L549kGWwZanmL6fAC8N8iC7tZ4sl096rzAFmDgUur5LCCQ9MZwqRkqfY07Wr0ANwxW3V9I0afo/pxdp3eoAxGUVPMOYiiUQsKxGIIb52WOA75mx/oJevyK3o3JbGqBvans28Olj66ecDllPeQ0zotO25KoQari+EiKv18PsGKB+1q1sYsUBSEGWhoeX1uCEbBvwQg0kMnNCa24Lsp7UsfbgNaqLEbCXJMaK8+K031F12pQRdGlXOWs8utjEw82avIroq6WOn8P5U/Q5h2NqiaPAuwdNAINHbvdc4G7yevUHpoTQHrRPlnbrAXttu+b0KpKar2Qy1qT3EdVvR5PTDsEFHvb6rWCtTqHoF+7ICK2IRiZ04E5inuEZgeCTHQTL4v/EyBNdBpQ927aVxw253cML 4yDrXqq8 wqEqVeIkRPwlksEfYTK5NbgGexV+eOTAcIiLL2rPnKNQ7PrS1+tFR2euoQKayVC8LrqQXTP94QqkbtJ37O0gpmCeSXTVkbWu8I5BV/lHls9haLNzsACZY8CfX3c6sBEmzFmVRGPTP8Lgxn3lpe6HSInpAUuyIf85antGhqrHCoUAKPc6JAHaZ/NgMN5P4HGM7MqBVwbuzjTSe0Pf0iH9ZQbnfN9VPHgICAJkvDH+x4SjqZPAQqOpeJIFBY3GQLLdjCP3QT3yZrvHqgBTsswKxx7l0yBPEqTTkxxyEiWDzkFZbsBi70r2Xdh7y11dlPwIkK8iHeaTswX4mZlM= X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: This will handle RMP table updates and direct map changes needed to put a page into a private state before mapping it into an SEV-SNP guest. Signed-off-by: Michael Roth --- arch/x86/kvm/Kconfig | 1 + arch/x86/kvm/svm/sev.c | 98 ++++++++++++++++++++++++++++++++++++++++++ arch/x86/kvm/svm/svm.c | 2 + arch/x86/kvm/svm/svm.h | 1 + virt/kvm/guest_memfd.c | 4 +- 5 files changed, 104 insertions(+), 2 deletions(-) diff --git a/arch/x86/kvm/Kconfig b/arch/x86/kvm/Kconfig index 4ec53d6d5773..79c002e1bb5c 100644 --- a/arch/x86/kvm/Kconfig +++ b/arch/x86/kvm/Kconfig @@ -125,6 +125,7 @@ config KVM_AMD_SEV depends on KVM_AMD && X86_64 depends on CRYPTO_DEV_SP_PSP && !(KVM_AMD=y && CRYPTO_DEV_CCP_DD=m) select KVM_GENERIC_PRIVATE_MEM + select HAVE_KVM_GMEM_PREPARE help Provides support for launching Encrypted VMs (SEV) and Encrypted VMs with Encrypted State (SEV-ES) on AMD processors. diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c index b2ac696c436a..91f53f4a6059 100644 --- a/arch/x86/kvm/svm/sev.c +++ b/arch/x86/kvm/svm/sev.c @@ -4154,3 +4154,101 @@ void handle_rmp_page_fault(struct kvm_vcpu *vcpu, gpa_t gpa, u64 error_code) out: put_page(pfn_to_page(pfn)); } + +static bool is_pfn_range_shared(kvm_pfn_t start, kvm_pfn_t end) +{ + kvm_pfn_t pfn = start; + + while (pfn < end) { + int ret, rmp_level; + bool assigned; + + ret = snp_lookup_rmpentry(pfn, &assigned, &rmp_level); + if (ret) { + pr_warn_ratelimited("SEV: Failed to retrieve RMP entry: PFN 0x%llx GFN start 0x%llx GFN end 0x%llx RMP level %d error %d\n", + pfn, start, end, rmp_level, ret); + return false; + } + + if (assigned) { + pr_debug("%s: overlap detected, PFN 0x%llx start 0x%llx end 0x%llx RMP level %d\n", + __func__, pfn, start, end, rmp_level); + return false; + } + + pfn++; + } + + return true; +} + +static u8 max_level_for_order(int order) +{ + if (order >= KVM_HPAGE_GFN_SHIFT(PG_LEVEL_2M)) + return PG_LEVEL_2M; + + return PG_LEVEL_4K; +} + +static bool is_large_rmp_possible(struct kvm *kvm, kvm_pfn_t pfn, int order) +{ + kvm_pfn_t pfn_aligned = ALIGN_DOWN(pfn, PTRS_PER_PMD); + + /* + * If this is a large folio, and the entire 2M range containing the + * PFN is currently shared, then the entire 2M-aligned range can be + * set to private via a single 2M RMP entry. + */ + if (max_level_for_order(order) > PG_LEVEL_4K && + is_pfn_range_shared(pfn_aligned, pfn_aligned + PTRS_PER_PMD)) + return true; + + return false; +} + +int sev_gmem_prepare(struct kvm *kvm, kvm_pfn_t pfn, gfn_t gfn, int max_order) +{ + struct kvm_sev_info *sev = &to_kvm_svm(kvm)->sev_info; + kvm_pfn_t pfn_aligned; + gfn_t gfn_aligned; + int level, rc; + bool assigned; + + if (!sev_snp_guest(kvm)) + return 0; + + rc = snp_lookup_rmpentry(pfn, &assigned, &level); + if (rc) { + pr_err_ratelimited("SEV: Failed to look up RMP entry: GFN %llx PFN %llx error %d\n", + gfn, pfn, rc); + return -ENOENT; + } + + if (assigned) { + pr_debug("%s: already assigned: gfn %llx pfn %llx max_order %d level %d\n", + __func__, gfn, pfn, max_order, level); + return 0; + } + + if (is_large_rmp_possible(kvm, pfn, max_order)) { + level = PG_LEVEL_2M; + pfn_aligned = ALIGN_DOWN(pfn, PTRS_PER_PMD); + gfn_aligned = ALIGN_DOWN(gfn, PTRS_PER_PMD); + } else { + level = PG_LEVEL_4K; + pfn_aligned = pfn; + gfn_aligned = gfn; + } + + rc = rmp_make_private(pfn_aligned, gfn_to_gpa(gfn_aligned), level, sev->asid, false); + if (rc) { + pr_err_ratelimited("SEV: Failed to update RMP entry: GFN %llx PFN %llx level %d error %d\n", + gfn, pfn, level, rc); + return -EINVAL; + } + + pr_debug("%s: updated: gfn %llx pfn %llx pfn_aligned %llx max_order %d level %d\n", + __func__, gfn, pfn, pfn_aligned, max_order, level); + + return 0; +} diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c index 240518f8d6c7..32cef8626b57 100644 --- a/arch/x86/kvm/svm/svm.c +++ b/arch/x86/kvm/svm/svm.c @@ -5065,6 +5065,8 @@ static struct kvm_x86_ops svm_x86_ops __initdata = { .vcpu_deliver_sipi_vector = svm_vcpu_deliver_sipi_vector, .vcpu_get_apicv_inhibit_reasons = avic_vcpu_get_apicv_inhibit_reasons, .alloc_apic_backing_page = svm_alloc_apic_backing_page, + + .gmem_prepare = sev_gmem_prepare, }; /* diff --git a/arch/x86/kvm/svm/svm.h b/arch/x86/kvm/svm/svm.h index d953ae41c619..9ece9612dbb9 100644 --- a/arch/x86/kvm/svm/svm.h +++ b/arch/x86/kvm/svm/svm.h @@ -725,6 +725,7 @@ void sev_es_unmap_ghcb(struct vcpu_svm *svm); struct page *snp_safe_alloc_page(struct kvm_vcpu *vcpu); void handle_rmp_page_fault(struct kvm_vcpu *vcpu, gpa_t gpa, u64 error_code); void sev_snp_init_protected_guest_state(struct kvm_vcpu *vcpu); +int sev_gmem_prepare(struct kvm *kvm, kvm_pfn_t pfn, gfn_t gfn, int max_order); /* vmenter.S */ diff --git a/virt/kvm/guest_memfd.c b/virt/kvm/guest_memfd.c index feec0da93d98..ddea45279fef 100644 --- a/virt/kvm/guest_memfd.c +++ b/virt/kvm/guest_memfd.c @@ -66,8 +66,8 @@ static int kvm_gmem_prepare_folio(struct inode *inode, pgoff_t index, struct fol gfn = slot->base_gfn + index - slot->gmem.pgoff; rc = kvm_arch_gmem_prepare(kvm, gfn, pfn, compound_order(compound_head(page))); if (rc) { - pr_warn_ratelimited("gmem: Failed to prepare folio for index %lx, error %d.\n", - index, rc); + pr_warn_ratelimited("gmem: Failed to prepare folio for index %lx GFN %llx PFN %llx error %d.\n", + index, gfn, pfn, rc); return rc; } } From patchwork Sat Dec 30 17:23:45 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Roth X-Patchwork-Id: 13506989 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 44DE8C46CD2 for ; Sat, 30 Dec 2023 17:32:11 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id D38978D0021; Sat, 30 Dec 2023 12:32:10 -0500 (EST) Received: by kanga.kvack.org (Postfix, from userid 40) id CE6FF8D0012; Sat, 30 Dec 2023 12:32:10 -0500 (EST) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id B13CB8D0021; Sat, 30 Dec 2023 12:32:10 -0500 (EST) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0013.hostedemail.com [216.40.44.13]) by kanga.kvack.org (Postfix) with ESMTP id 9EA7B8D0012 for ; Sat, 30 Dec 2023 12:32:10 -0500 (EST) Received: from smtpin20.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay08.hostedemail.com (Postfix) with ESMTP id 7474C140449 for ; Sat, 30 Dec 2023 17:32:10 +0000 (UTC) X-FDA: 81624178020.20.CE9E0DB Received: from NAM02-SN1-obe.outbound.protection.outlook.com (mail-sn1nam02on2068.outbound.protection.outlook.com [40.107.96.68]) by imf15.hostedemail.com (Postfix) with ESMTP id 71D4BA0023 for ; Sat, 30 Dec 2023 17:32:07 +0000 (UTC) Authentication-Results: imf15.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b=3ipk5zOG; dmarc=pass (policy=quarantine) header.from=amd.com; spf=pass (imf15.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.96.68 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com; arc=pass ("microsoft.com:s=arcselector9901:i=1") ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1703957527; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=nruYejf6eK+AMzOkZTTv7WWVazHpogjU2bxi0QOJrAo=; b=oO7c+CVH3fwatRzl+wE6VPCkTtdKRItO709BQ1fsgxOUM0/QrQwSwMUmoi1J+cq7orpdPs 5mO3g3RVEStVxqqsf9V3qt6SIcBvoDkvP3T7FHBR6iq+IdOzPtH15cSgqLLJOKBOGZlh6H xYPfoW4qBVd9QjXYT3GIqafoOgSOQZI= ARC-Authentication-Results: i=2; imf15.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b=3ipk5zOG; dmarc=pass (policy=quarantine) header.from=amd.com; spf=pass (imf15.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.96.68 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com; arc=pass ("microsoft.com:s=arcselector9901:i=1") ARC-Seal: i=2; s=arc-20220608; d=hostedemail.com; t=1703957527; a=rsa-sha256; cv=pass; b=x6SSCZOMJDn0+enfbwwiukR6iWqi7eGRacuvWHUIZVmWS3PEX7dyjOyscd/i5I6Cgt6m9g YLpMHn3EApwJD3EVPGFo5qr/C/E9Ao87KZKEdRmtCHovX47ALokNhfBWo9EWS1uJ/OjYX8 Iuj8SEzxmiOYi5FGvNJEMd9USCrbO/U= ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=mOYOAdkSVu1CvcZHmp5SPQAfdjQm3AD0AvM8a63Mrcn7ooYRa5nfuf//TGjAUg7a8JcoKaHb/wbX8QiT6n2IEvaWlrEbPB8KC2OSk5YSse7Z9tWFRbXyZme/EwucY+MuzaZ0BI1sv6zV/6klL0oMz/i3iVbx9YIzvf4DlZlJb1nUYNGCiZu7MJ6LqocB8hshP/joOk2rrzqNLQDP03tjh0lsuDhmWSU0H72WDwZcI60fpjTRzY1OpK34okoLu6JOr+b3t6gR5vwLQtPXmAcRDQYmfGyS+2UbHU2OzX9QWW5RR0EkaRIirtpsgExOztGOlRr08WQiQQQYQkm0DylH5g== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=nruYejf6eK+AMzOkZTTv7WWVazHpogjU2bxi0QOJrAo=; b=icWwPk8KYgEFpQI6D4qiydR9MTFBmcY8lkIp3DCBKorBuB3MOcr4GUUrn8y/Gl/U4DU0DLlE5lU375o9zsO1D3kHhP5OH8sIC940E3OhBSon/i2iqxkzrME4jCgmy1Rcp5CHMs1TYRq5bbs6zBNNphVxE6HTBmzZHcglZRII+FlTJPEaZGBAOzm+oUt7b5f8UY1JzeMLFEaiZPk7tl/4NTnp2oUTaP1Vfcd1pZQxHSHoKaIYcVXwZJN/ZDi+igjzJf2Riqgc7Ooqoiw/rOmOlWuR4Ywsxp1QcDKY9OhCqIt13oo+wnjqNBIkNEO2KDd7zyXGSfU32SL37UQXzwO2MQ== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none (0) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=nruYejf6eK+AMzOkZTTv7WWVazHpogjU2bxi0QOJrAo=; b=3ipk5zOG3IP1XGhlJksNBzAK7srxitsGEi1yaiuwneKWTC1dR5v5Ratz4R34u+ajZG/Q8mtkbdzUSk1buMxV1JgeayAV3IYpn3XQhglwRLq5jvfBWO/BFvz31sqngoV406Wj1mTc9MZfIV1rLe9Du745jozJ6wL832V1vaa6Se0= Received: from BY3PR04CA0009.namprd04.prod.outlook.com (2603:10b6:a03:217::14) by CH3PR12MB8211.namprd12.prod.outlook.com (2603:10b6:610:125::11) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7135.22; Sat, 30 Dec 2023 17:32:02 +0000 Received: from CO1PEPF000044EE.namprd05.prod.outlook.com (2603:10b6:a03:217:cafe::68) by BY3PR04CA0009.outlook.office365.com (2603:10b6:a03:217::14) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7113.26 via Frontend Transport; Sat, 30 Dec 2023 17:32:02 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by CO1PEPF000044EE.mail.protection.outlook.com (10.167.241.68) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.7159.9 via Frontend Transport; Sat, 30 Dec 2023 17:32:00 +0000 Received: from localhost (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.34; Sat, 30 Dec 2023 11:31:59 -0600 From: Michael Roth To: CC: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , Subject: [PATCH v11 29/35] KVM: SEV: Implement gmem hook for invalidating private pages Date: Sat, 30 Dec 2023 11:23:45 -0600 Message-ID: <20231230172351.574091-30-michael.roth@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20231230172351.574091-1-michael.roth@amd.com> References: <20231230172351.574091-1-michael.roth@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: CO1PEPF000044EE:EE_|CH3PR12MB8211:EE_ X-MS-Office365-Filtering-Correlation-Id: ce84035b-f920-46d0-7512-08dc095d3abc X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: lKdgeJtGGNDjP1E2BuzzGV9PcCcCMwt7Cv67LjQkdzKU0qAhBxHcMV1JjwWc8aBKOQ6wIjuGCnAHZxgL/4R4FoKF+FCmlKes88ien6qH37zKokBQtRjxeyxpPYtB3Y6cSCJ1d9bjG2lLiTs1CoBrkMmHPyplJSXtOlusQJUNlulcL7wrSODuqts71o0j3HzsXB2SkvACHWYT28yDJElEiJ94JcK8lPCHK59wT8Zhniwrr0Ys1nY7WG4DAnSO14i+UCXNwMIWfj7oaKbn+ajB+yqfWVoqTsg2+gKHzhaqT9LPOTH2y3yzYGTgWdp6FiVfHvAktDykGL3FA91FZHl3CBJMl3wQjqwLWzE9hUUMx6NHHrk+xDxMgax8UnhXrRGPyZj7NaK90dKsO6K+f9XpAN3Xv7xx4CltmNE4w4UZPUGCEhV9kFgLlrqg73nt+4ZG40Zr4wmNB4yX4jERTkarTUrW4w+gcOMaWt2UZGVhfDPg5ArFlfJOtZXxdkMDnE3Y7/W5ZYuMccd3XVy1oz+JaksR8docPl24RPZPhiITetwZT4mYGM6etXjy124rGejATVHmwpWrzuZvv3znIM0wJ9mg3BzBG0u4KuBUGpUvk6If/pazgpi2JVI2NDXOh182aqjKihj4NDx9lANVe/29pQB+SMzJnSO2HGSGPVjVdoktxTiBcHnSFFzLdYNzZycVyZN8e0qXlNNttF05VipR2M6qUrpSQisk7QAUTyVAtE0G0jJfzSvneZAvavgMqXgEB/R8afbaWv3iNJie4RT3/w== X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230031)(4636009)(136003)(39860400002)(396003)(376002)(346002)(230922051799003)(82310400011)(1800799012)(186009)(451199024)(64100799003)(46966006)(36840700001)(40470700004)(26005)(1076003)(54906003)(70586007)(70206006)(40460700003)(6916009)(40480700001)(2616005)(6666004)(83380400001)(4326008)(8676002)(8936002)(36756003)(316002)(336012)(426003)(478600001)(16526019)(44832011)(7416002)(7406005)(5660300002)(47076005)(86362001)(356005)(2906002)(81166007)(36860700001)(82740400003)(41300700001)(36900700001);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 30 Dec 2023 17:32:00.0086 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: ce84035b-f920-46d0-7512-08dc095d3abc X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: CO1PEPF000044EE.namprd05.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: CH3PR12MB8211 X-Rspamd-Queue-Id: 71D4BA0023 X-Rspam-User: X-Rspamd-Server: rspam04 X-Stat-Signature: nycqmxnhe9y9qujt1upg7r3fftcxu5yk X-HE-Tag: 1703957527-870009 X-HE-Meta: U2FsdGVkX1836KN+AeTG0mdfb9aVHIV1VI432E5ytaK0xQUHTkKLzAgE4Y93LtBVBoYdW/pWyY1F1WrfRX1b29pRPqFXUPcYekOncqMFxLB4zSOjvLbBCO3QD1bryEtL4o15lM1GKsbUgSdjtuBhiI4vzNPuaqzwZpnElXu7DlMeIPCgjPwEZy1TcttD3KHMs+qWgI5zIm2wSVW8HAVGCOG2IWk6LFeHrXelcqu8M4yAdYS4DJtBEU80BIFlqnSvwc3AMpjdMg02K4lt1+SzrX+9lQMQZHgqaxIr+iuEhkr2zLo9EaU/QWRCwFiQlK6VzPLpeA5K7opUusGAp+ldemX8VXgthIUZNrddCcqEplbLoPBE9C86sMAOBJpmV2UyzFXgyc0GPnaqslTm7n2FVqceVu/p6fimJZvm4Lzs6PNksOsm8cFT+nEOpqxjNu3a5I278BN60FKdNThDvhgyjhpNgFIvbW3iFQVHlizV8q0pXtFz3+pL6tQYkyn/qZclc16GgA1+QcX4/zvAAvUQuHaslKCuQ+vEzYLg6YoTfVLtiuH3tGRyqGMg5Ddv0Au+H1TDKr5dKu7ynImom74gVN42wiXDJUkddRkYWXkznbkimCD9OU74V47jPTLKekY5p7rGTC3tVu49Nh1krnjSpW+1ihg2Y+5UmLhGr0etxBVaEYEBWd16CKeO+c06VlCl7VmKkaW+Dh74JQzxJIl2GsGNrCt+k5JNNsK78Q2cZgCWSkiOHwo6IBchWFV4h+EfkVNaAxbWuUU+HW4bkLlbCHbSNoQtvj6+0esB+gfWPQfMoqvFWT16cqOS0Hdbsy6HTbyiuRrPFqvOE+ku9PKbLGmLfCYDV1Yh2Q1pCN22ajQiKv69bgpYcwXJvO0Tig5kuOiHFRSQPtotznImRwSpWF+Or4ExMeVtoNS96lfCI3rZ+2tZBGcYbFFftCgMS97Gl7nMwr1QqojdpSbvzCQ 4nM3+Lo2 YdhSwqItWABb2Ym5SygUKOtsdTM4j43ni4r8D5zIQCoHr4/QTMrKIYsizYhajSPkmlTwUqY2Wp7pFqLJ0frO2Xd3eEJQClWgvOp+5hfygcTyKghMbi3wxywX2YAEIDtWawW33PsuXWsn/o8R0KmZgdZ2sH9xW24rsIIQ5iUFujR1OwJCOqjAjtayCfEzTXjmsD3ZzjRjGcFltDu7KGGvvVWD9oFdDOIqJB9xzDjhfjdGgse32F6y2tdYaKSyelVISkGAk+PDqpHCrfBtWHcwv1nB535eOs1aK/QBL3BZZ69XNbFEDKMZxHiFYDT1Rig61Aro+OLOOa9Zp6dI= X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: Implement a platform hook to do the work of restoring the direct map entries of gmem-managed pages and transitioning the corresponding RMP table entries back to the default shared/hypervisor-owned state. Signed-off-by: Michael Roth --- arch/x86/kvm/Kconfig | 1 + arch/x86/kvm/svm/sev.c | 63 ++++++++++++++++++++++++++++++++++++++++++ arch/x86/kvm/svm/svm.c | 1 + arch/x86/kvm/svm/svm.h | 2 ++ 4 files changed, 67 insertions(+) diff --git a/arch/x86/kvm/Kconfig b/arch/x86/kvm/Kconfig index 79c002e1bb5c..eb8a09f9341a 100644 --- a/arch/x86/kvm/Kconfig +++ b/arch/x86/kvm/Kconfig @@ -126,6 +126,7 @@ config KVM_AMD_SEV depends on CRYPTO_DEV_SP_PSP && !(KVM_AMD=y && CRYPTO_DEV_CCP_DD=m) select KVM_GENERIC_PRIVATE_MEM select HAVE_KVM_GMEM_PREPARE + select HAVE_KVM_GMEM_INVALIDATE help Provides support for launching Encrypted VMs (SEV) and Encrypted VMs with Encrypted State (SEV-ES) on AMD processors. diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c index 91f53f4a6059..85f63b6842b6 100644 --- a/arch/x86/kvm/svm/sev.c +++ b/arch/x86/kvm/svm/sev.c @@ -4252,3 +4252,66 @@ int sev_gmem_prepare(struct kvm *kvm, kvm_pfn_t pfn, gfn_t gfn, int max_order) return 0; } + +void sev_gmem_invalidate(kvm_pfn_t start, kvm_pfn_t end) +{ + kvm_pfn_t pfn; + + pr_debug("%s: PFN start 0x%llx PFN end 0x%llx\n", __func__, start, end); + + for (pfn = start; pfn < end;) { + bool use_2m_update = false; + int rc, rmp_level; + bool assigned; + + rc = snp_lookup_rmpentry(pfn, &assigned, &rmp_level); + if (rc) { + pr_debug_ratelimited("SEV: Failed to retrieve RMP entry for PFN 0x%llx error %d\n", + pfn, rc); + goto next_pfn; + } + + if (!assigned) + goto next_pfn; + + use_2m_update = IS_ALIGNED(pfn, PTRS_PER_PMD) && + end >= (pfn + PTRS_PER_PMD) && + rmp_level > PG_LEVEL_4K; + + /* + * If an unaligned PFN corresponds to a 2M region assigned as a + * large page in he RMP table, PSMASH the region into individual + * 4K RMP entries before attempting to convert a 4K sub-page. + */ + if (!use_2m_update && rmp_level > PG_LEVEL_4K) { + rc = snp_rmptable_psmash(pfn); + if (rc) + pr_err_ratelimited("SEV: Failed to PSMASH RMP entry for PFN 0x%llx error %d\n", + pfn, rc); + } + + rc = rmp_make_shared(pfn, use_2m_update ? PG_LEVEL_2M : PG_LEVEL_4K); + if (WARN_ON_ONCE(rc)) { + pr_err_ratelimited("SEV: Failed to update RMP entry for PFN 0x%llx error %d\n", + pfn, rc); + goto next_pfn; + } + + /* + * SEV-ES avoids host/guest cache coherency issues through + * WBINVD hooks issued via MMU notifiers during run-time, and + * KVM's VM destroy path at shutdown. Those MMU notifier events + * don't cover gmem since there is no requirement to map pages + * to a HVA in order to use them for a running guest. While the + * shutdown path would still likely cover things for SNP guests, + * userspace may also free gmem pages during run-time via + * hole-punching operations on the guest_memfd, so flush the + * cache entries for these pages before free'ing them back to + * the host. + */ + clflush_cache_range(__va(pfn_to_hpa(pfn)), + use_2m_update ? PMD_SIZE : PAGE_SIZE); +next_pfn: + pfn += use_2m_update ? PTRS_PER_PMD : 1; + } +} diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c index 32cef8626b57..f26b8c2a8be4 100644 --- a/arch/x86/kvm/svm/svm.c +++ b/arch/x86/kvm/svm/svm.c @@ -5067,6 +5067,7 @@ static struct kvm_x86_ops svm_x86_ops __initdata = { .alloc_apic_backing_page = svm_alloc_apic_backing_page, .gmem_prepare = sev_gmem_prepare, + .gmem_invalidate = sev_gmem_invalidate, }; /* diff --git a/arch/x86/kvm/svm/svm.h b/arch/x86/kvm/svm/svm.h index 9ece9612dbb9..a56109e100ac 100644 --- a/arch/x86/kvm/svm/svm.h +++ b/arch/x86/kvm/svm/svm.h @@ -726,6 +726,8 @@ struct page *snp_safe_alloc_page(struct kvm_vcpu *vcpu); void handle_rmp_page_fault(struct kvm_vcpu *vcpu, gpa_t gpa, u64 error_code); void sev_snp_init_protected_guest_state(struct kvm_vcpu *vcpu); int sev_gmem_prepare(struct kvm *kvm, kvm_pfn_t pfn, gfn_t gfn, int max_order); +void sev_gmem_invalidate(kvm_pfn_t start, kvm_pfn_t end); +int sev_gmem_max_level(struct kvm *kvm, kvm_pfn_t pfn, gfn_t gfn, u8 *max_level); /* vmenter.S */ From patchwork Sat Dec 30 17:23:46 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Roth X-Patchwork-Id: 13506990 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 91899C46CD2 for ; Sat, 30 Dec 2023 17:32:28 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 2FFE76B0101; Sat, 30 Dec 2023 12:32:28 -0500 (EST) Received: by kanga.kvack.org (Postfix, from userid 40) id 2AE466B0131; Sat, 30 Dec 2023 12:32:28 -0500 (EST) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 101908D0012; Sat, 30 Dec 2023 12:32:28 -0500 (EST) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0013.hostedemail.com [216.40.44.13]) by kanga.kvack.org (Postfix) with ESMTP id F0ABC6B0101 for ; Sat, 30 Dec 2023 12:32:27 -0500 (EST) Received: from smtpin04.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay08.hostedemail.com (Postfix) with ESMTP id C99081409CD for ; Sat, 30 Dec 2023 17:32:27 +0000 (UTC) X-FDA: 81624178734.04.54A5777 Received: from NAM12-DM6-obe.outbound.protection.outlook.com (mail-dm6nam12on2072.outbound.protection.outlook.com [40.107.243.72]) by imf04.hostedemail.com (Postfix) with ESMTP id D257A40018 for ; Sat, 30 Dec 2023 17:32:24 +0000 (UTC) Authentication-Results: imf04.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b=GkPKsY3f; spf=pass (imf04.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.243.72 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com; dmarc=pass (policy=quarantine) header.from=amd.com; arc=pass ("microsoft.com:s=arcselector9901:i=1") ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1703957544; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=5JsQBSzcT7e4MZ/uvITG5UcHhkGq444WmXADqD/SnnE=; b=up2HSnoVYgcDvLv0NENpIqH93HJf50e0kFw8TAMDYVOH4A6Oygl2NkBnv4e30XUWsT7ts6 SFqA7S5rxtP1pOgWd3Y03924nDuQfHFScn/cG8gD2sswZ28ccDs2vvZQ0DKMLQX4b/TjbJ nxupMZNNvqs0HLHudd4PPou9fZW1i2Y= ARC-Seal: i=2; s=arc-20220608; d=hostedemail.com; t=1703957544; a=rsa-sha256; cv=pass; b=wMuP2ZHcZ57r3sHsQhMD7cw4v4qxWFDiUVqk82BL/L+7GBPP6a4vumBnqk1nvMBVzKWkdS 9gVT5l2E2U61uYyvVingO7RbnfIXMnFL+wNfrd8VpaHgE1SNrpn0fUJsx6QXQavhq2uWwv MMrAHtx9HIeXPXWOI4XOe6xwrLiw6O0= ARC-Authentication-Results: i=2; imf04.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b=GkPKsY3f; spf=pass (imf04.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.243.72 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com; dmarc=pass (policy=quarantine) header.from=amd.com; arc=pass ("microsoft.com:s=arcselector9901:i=1") ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=UecjD9/bjLhxqM7AWFRVvoPuS4hoxjaHWUxldgkJqYtmEu4OIgXFkAOqqMEuSgkD2otUgz2Gt298VIxwcaNyd5VhNJDRykFLd1a1q2iUDxo2F1pVA30/IKsCG64WXYO//69K3PO6hEq/LrrT865S/f7Yqc2hnMzn+RVa5JFYFaV3OKyb/23CKDN1yYtWxS6QY/T3UnHN+RpPjohfH2wt+QPBunOJ3uksK27bXwo+RXZcOFhjYBONmFi0Fo/oS55V3WDtgsc7OijMNkMx7+Dgnp8ttdgG5xeLi8OfSVJCSS7Nx92QBRP0z15yuVSloWDggZFX7Yk2uoMbKy/3GwQj5A== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=5JsQBSzcT7e4MZ/uvITG5UcHhkGq444WmXADqD/SnnE=; b=mGOwaWoT09sTIX39bJfHjPzKACu/LyVhK9kX31vj7N38Tgm3CoEHTLicP/H8d8PbAIjo2QbpV20l4GJuMZ89sQV2sow2NKlRemrPmnsB/mWwIAWyvOK0A/TGPqEkqnn3egMQztanJ02bAvbw3cmh9Af+zBxGcHi39BZjRvi9XE1OTwMuMX/MIgLhy4DiiMteww158M3CnmHeY3BkEmGH8cweFli5bETAbLkUePWQkYz6OJc3GTXS5cKSQCX9oK1yrC65LUBQryyaNvD9INQ4+8ELMM6/pF0o1nJDrTL6k/qBAvAC03nqzIyGx5OOxisHS3fT7dvu9pQx7PkBPOJ1yA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none (0) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=5JsQBSzcT7e4MZ/uvITG5UcHhkGq444WmXADqD/SnnE=; b=GkPKsY3fxS9C0iIUoiisAbfjT+RcqFeTTFd4PcuiQrpvcuWgtdNZLncAU62Gj8zgClKEDkzcbl2pJKHl1/gqy1wOEQ63HaWNIg8tECtzKIxIZgfCeLeeJfj7lRq3upfYwshbnpEaam/wK6dso2pSULSNRpSfi57VCnO0i9jhqTw= Received: from MW4PR03CA0261.namprd03.prod.outlook.com (2603:10b6:303:b4::26) by PH8PR12MB7184.namprd12.prod.outlook.com (2603:10b6:510:227::14) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7135.22; Sat, 30 Dec 2023 17:32:20 +0000 Received: from CO1PEPF000044EF.namprd05.prod.outlook.com (2603:10b6:303:b4:cafe::59) by MW4PR03CA0261.outlook.office365.com (2603:10b6:303:b4::26) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7135.20 via Frontend Transport; Sat, 30 Dec 2023 17:32:20 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by CO1PEPF000044EF.mail.protection.outlook.com (10.167.241.69) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.7159.9 via Frontend Transport; Sat, 30 Dec 2023 17:32:20 +0000 Received: from localhost (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.34; Sat, 30 Dec 2023 11:32:19 -0600 From: Michael Roth To: CC: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , Subject: [PATCH v11 30/35] KVM: x86: Add gmem hook for determining max NPT mapping level Date: Sat, 30 Dec 2023 11:23:46 -0600 Message-ID: <20231230172351.574091-31-michael.roth@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20231230172351.574091-1-michael.roth@amd.com> References: <20231230172351.574091-1-michael.roth@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: CO1PEPF000044EF:EE_|PH8PR12MB7184:EE_ X-MS-Office365-Filtering-Correlation-Id: 2e803a5d-74a1-4cd4-bd93-08dc095d4705 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: 8GPdSa5oTBIKOHJzBzYatoAeugAZcxVEESHEgQje4Gw3XHCvqO1wsonpxJC/di3qn97i6RsHhhtp6aAbCczRO43SSl3KKUtNfCyOM0N8BTn7p9Lxd0gw/zM57TuIrSBXEUCq6O2RaKXO1m/1VK1g0n9d/2dofFBEspYRT/8Ets7uWY/DoWgAB+KRxGVQX6BdNwuOGVipG+zyKboKzLss/g9PEbG2oEuiXb+jVCvr/SxUo6L72ro404qSBkp8vaOVTdVjQVrGnCi2QIG2yTuTRnCW5Wa2OtUNhFkfvTAa3EZLhccJ880pwLC30h/oELZNPHonPndAIb52C9Ar+VzmPpUwjINZIXYt3c/GPZPBKnVlkv0gaF5SfHNtrEeDxjYV6UEPl2WY3O0rYnGTb3wXojMsyT+99kHMTmg3B3hGKfaR4nDKlZ88EeD4trPLp3Snvz/24Mi6zS1K3bbBjimlalxe0082hTs+kHpWdeWLNGL0yPBidTD0B20X1UTEpSAPEfhdqS00FvRLNHDIgkIpYFL7NgGbp7lIHAgwBKQj5pE0mKYh2Bda0GXk21F6yOQ/iRkWuxTkuby5bkmOywOtT6/ww9g8c4KMcjeapojED1Rc+CbAL6buZzMggzUbP7/5uj4AEpxWg0drdJGICHgtIwEiwKqjUJW/HwiEuFOEc17Ef9Q9OT5iKlEwXo6nXrjGLv6fDnYevnxV8//MsCH+ObuShI64OpFWvjpRoX/QwexGOYOJ5txGMqmNrydLeFSrq22Sun1K26y4OfuTjf9fWg== X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230031)(4636009)(136003)(39860400002)(396003)(376002)(346002)(230922051799003)(82310400011)(1800799012)(186009)(451199024)(64100799003)(46966006)(36840700001)(40470700004)(26005)(1076003)(54906003)(70586007)(70206006)(40460700003)(6916009)(40480700001)(2616005)(6666004)(83380400001)(4326008)(8676002)(8936002)(36756003)(316002)(336012)(426003)(478600001)(16526019)(44832011)(7416002)(7406005)(5660300002)(47076005)(86362001)(356005)(2906002)(81166007)(36860700001)(82740400003)(41300700001)(36900700001);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 30 Dec 2023 17:32:20.6373 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 2e803a5d-74a1-4cd4-bd93-08dc095d4705 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: CO1PEPF000044EF.namprd05.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: PH8PR12MB7184 X-Rspamd-Queue-Id: D257A40018 X-Rspam-User: X-Stat-Signature: auefgnj5bfosq456nmh4r4b9kb3qqjbp X-Rspamd-Server: rspam03 X-HE-Tag: 1703957544-642655 X-HE-Meta: U2FsdGVkX1+O/YHwz6K+JF1huVW1+HptxabSj8yeRo85ThyGTlLkQk+5TgtSDG+ejY9VoBjgW5wPmu4j3G/YgS/76J9Vau9suedASuoAXCfD6vQRYdyBBdDHkVURK9AY0U5qPTPaGra0gOcYVk1QbOdYrA7KTUK4y1UJh8NVEv7l1pqh2ASq+1bpZsrN8eUwW680tyhbYgNBJEmJZDDLi2UsL0eTfkUohJ60SWFjPANiorMJdbHjSIn0me98RfnvN2omjN6POmghlHJNwYVrgNLB1TTcN+Y7gMxNC0NhtinnusEc4R3gOIzyhJKZb/yLV2XnOf6uZWc+Y5bf0VytYAEJw52Qp46IllfMvslCEbz6+aYjDZJ2EC1Rx8hnxAr1qy0Sf4E4CKG/QuoZJqXOCO6y8jvItRWWVLQENrubPiQHCvkWMpWtBHK6Dc/0TRcWVPuNHIfV0wyp32uIYjpi6NrhdUIbcBCdSo6WKy12b7aoAU6Coh2Am0ZPUf5V8R4QhmXAx7GSk6PQJEtL10V5lq6xElR3KrfMK7YdY7+R1H9cYjmBg3wXfXkQXA0GAA7O2eveKhDDEvCrk4R95+TH8/J/yd7PIXDjN7Mpqkl9jH6Q2Mk02TwOQaTWXOuiOjNVYVF/+MjfhiO78+BAjty7ZJBKJ6cc+4VooadRfgMK3XYPViCXT/o/KVd+rrQ/CM09ibDJrnTVXRq4+SRa8Ovgi3z7dL8yNKyfM178sXUAfcSjuj3q04cP5nIjI20oRtzhfqh6njAafiZXfSOVYsZMqpzCnInJbmAklMDSOzLgyik91EqmqGr2sVMVg8yWdJiwUQ94u7ihfUB0QEMDSmMUhKJPdVYEa2UHiMcnC+9KPjccJsyQd2TC8HolMtl+LMfPfswuiAJRB2h23VcI03gWFpD16PeE6GatHFnTOGT+FgNBCZio365AZKCu3fgyNqUeiHereZr7v0zxRtFBZeG h+uJ7r7Q ANBMWtZZEvB63pKRukdbuibQF3uNu7HjaVZvKsQTKzP5Kt0weLGGaSM66BQKxMuUFM1TVe/8TNJHO7FUn3VSoLMUs8VIHwl4xwJ2Vq6fPWH8396hhL+l1RbXr3Xu3JKjhOY/WQPMnY179kyzNZAq6yc95CPDkWIRRPFh9Wl5d1HLaeXyBtiyTSWpjb/t1v6yyMIS/eoQQ/33ODC2WlYpAynTuCI9cNIW/wY7jlWkgxyCQ/uDXmu3vSKWOknZvi/TUMzLVYvtbomPD1QuUAn5kHBQgtg6WkjomoR5H4M6alQnGFxEkKIbXnfdn4w/UFlJHGk+2FtVyjGoyu00= X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: In the case of SEV-SNP, whether or not a 2MB page can be mapped via a 2MB mapping in the guest's nested page table depends on whether or not any subpages within the range have already been initialized as private in the RMP table. The existing mixed-attribute tracking in KVM is insufficient here, for instance: - gmem allocates 2MB page - guest issues PVALIDATE on 2MB page - guest later converts a subpage to shared - SNP host code issues PSMASH to split 2MB RMP mapping to 4K - KVM MMU splits NPT mapping to 4K At this point there are no mixed attributes, and KVM would normally allow for 2MB NPT mappings again, but this is actually not allowed because the RMP table mappings are 4K and cannot be promoted on the hypervisor side, so the NPT mappings must still be limited to 4K to match this. Add a hook to determine the max NPT mapping size in situations like this. Signed-off-by: Michael Roth --- arch/x86/include/asm/kvm-x86-ops.h | 1 + arch/x86/include/asm/kvm_host.h | 1 + arch/x86/kvm/mmu/mmu.c | 12 ++++++++++-- arch/x86/kvm/svm/sev.c | 27 +++++++++++++++++++++++++++ arch/x86/kvm/svm/svm.c | 1 + 5 files changed, 40 insertions(+), 2 deletions(-) diff --git a/arch/x86/include/asm/kvm-x86-ops.h b/arch/x86/include/asm/kvm-x86-ops.h index c4b7b0db7be3..b0a174213dad 100644 --- a/arch/x86/include/asm/kvm-x86-ops.h +++ b/arch/x86/include/asm/kvm-x86-ops.h @@ -140,6 +140,7 @@ KVM_X86_OP_OPTIONAL_RET0(vcpu_get_apicv_inhibit_reasons); KVM_X86_OP_OPTIONAL(get_untagged_addr) KVM_X86_OP_OPTIONAL(alloc_apic_backing_page) KVM_X86_OP_OPTIONAL_RET0(gmem_prepare) +KVM_X86_OP_OPTIONAL_RET0(gmem_max_level) KVM_X86_OP_OPTIONAL(gmem_invalidate) #undef KVM_X86_OP diff --git a/arch/x86/include/asm/kvm_host.h b/arch/x86/include/asm/kvm_host.h index 9e45402e51bc..ee1e81608e07 100644 --- a/arch/x86/include/asm/kvm_host.h +++ b/arch/x86/include/asm/kvm_host.h @@ -1806,6 +1806,7 @@ struct kvm_x86_ops { void *(*alloc_apic_backing_page)(struct kvm_vcpu *vcpu); int (*gmem_prepare)(struct kvm *kvm, kvm_pfn_t pfn, gfn_t gfn, int max_order); void (*gmem_invalidate)(kvm_pfn_t start, kvm_pfn_t end); + int (*gmem_max_level)(struct kvm *kvm, kvm_pfn_t pfn, gfn_t gfn, u8 *max_level); }; struct kvm_x86_nested_ops { diff --git a/arch/x86/kvm/mmu/mmu.c b/arch/x86/kvm/mmu/mmu.c index 1882096fba3e..21f44ec37b29 100644 --- a/arch/x86/kvm/mmu/mmu.c +++ b/arch/x86/kvm/mmu/mmu.c @@ -4308,6 +4308,7 @@ static int kvm_faultin_pfn_private(struct kvm_vcpu *vcpu, struct kvm_page_fault *fault) { int max_order, r; + u8 max_level; if (!kvm_slot_can_be_private(fault->slot)) { kvm_mmu_prepare_memory_fault_exit(vcpu, fault); @@ -4321,8 +4322,15 @@ static int kvm_faultin_pfn_private(struct kvm_vcpu *vcpu, return r; } - fault->max_level = min(kvm_max_level_for_order(max_order), - fault->max_level); + max_level = kvm_max_level_for_order(max_order); + r = static_call(kvm_x86_gmem_max_level)(vcpu->kvm, fault->pfn, + fault->gfn, &max_level); + if (r) { + kvm_release_pfn_clean(fault->pfn); + return r; + } + + fault->max_level = min(max_level, fault->max_level); fault->map_writable = !(fault->slot->flags & KVM_MEM_READONLY); return RET_PF_CONTINUE; diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c index 85f63b6842b6..5eb836b73131 100644 --- a/arch/x86/kvm/svm/sev.c +++ b/arch/x86/kvm/svm/sev.c @@ -4315,3 +4315,30 @@ void sev_gmem_invalidate(kvm_pfn_t start, kvm_pfn_t end) pfn += use_2m_update ? PTRS_PER_PMD : 1; } } + +int sev_gmem_max_level(struct kvm *kvm, kvm_pfn_t pfn, gfn_t gfn, u8 *max_level) +{ + int level, rc; + bool assigned; + + if (!sev_snp_guest(kvm)) + return 0; + + rc = snp_lookup_rmpentry(pfn, &assigned, &level); + if (rc) { + pr_err_ratelimited("SEV: RMP entry not found: GFN %llx PFN %llx level %d error %d\n", + gfn, pfn, level, rc); + return -ENOENT; + } + + if (!assigned) { + pr_err_ratelimited("SEV: RMP entry is not assigned: GFN %llx PFN %llx level %d\n", + gfn, pfn, level); + return -EINVAL; + } + + if (level < *max_level) + *max_level = level; + + return 0; +} diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c index f26b8c2a8be4..f745022f7454 100644 --- a/arch/x86/kvm/svm/svm.c +++ b/arch/x86/kvm/svm/svm.c @@ -5067,6 +5067,7 @@ static struct kvm_x86_ops svm_x86_ops __initdata = { .alloc_apic_backing_page = svm_alloc_apic_backing_page, .gmem_prepare = sev_gmem_prepare, + .gmem_max_level = sev_gmem_max_level, .gmem_invalidate = sev_gmem_invalidate, }; From patchwork Sat Dec 30 17:23:47 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Roth X-Patchwork-Id: 13506992 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 25740C46CD2 for ; Sat, 30 Dec 2023 17:33:10 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id B8A548D0022; Sat, 30 Dec 2023 12:33:09 -0500 (EST) Received: by kanga.kvack.org (Postfix, from userid 40) id B134E8D0012; Sat, 30 Dec 2023 12:33:09 -0500 (EST) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 98D698D0022; Sat, 30 Dec 2023 12:33:09 -0500 (EST) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0016.hostedemail.com [216.40.44.16]) by kanga.kvack.org (Postfix) with ESMTP id 859EA8D0012 for ; Sat, 30 Dec 2023 12:33:09 -0500 (EST) Received: from smtpin03.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay05.hostedemail.com (Postfix) with ESMTP id 59ADD4076E for ; Sat, 30 Dec 2023 17:33:09 +0000 (UTC) X-FDA: 81624180498.03.83FABD1 Received: from NAM10-BN7-obe.outbound.protection.outlook.com (mail-bn7nam10on2074.outbound.protection.outlook.com [40.107.92.74]) by imf29.hostedemail.com (Postfix) with ESMTP id 5D9F112000E for ; Sat, 30 Dec 2023 17:33:06 +0000 (UTC) Authentication-Results: imf29.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b=Vfs8TFwA; dmarc=pass (policy=quarantine) header.from=amd.com; spf=pass (imf29.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.92.74 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com; arc=pass ("microsoft.com:s=arcselector9901:i=1") ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1703957586; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=HMquHRfJhztWwAGw0aEjpzQfmonSkbdg6a9RKxKNMiY=; b=fDaz59KoK0QABL1+G5m6WlAfSZ7b8iary7brzzPJDOOXgdkJnD3WSQo3PX84V54hiKvXFP 1TCy3mKHnRyA7psIQFFCsVeq+B1ryVF/myl1oYBiF/i7tZ5ZvrlXouQDyHiPrjeczCEXZs oJHfHElol0qS7fh4P7FTzr3PtpxWM5A= ARC-Authentication-Results: i=2; imf29.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b=Vfs8TFwA; dmarc=pass (policy=quarantine) header.from=amd.com; spf=pass (imf29.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.92.74 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com; arc=pass ("microsoft.com:s=arcselector9901:i=1") ARC-Seal: i=2; s=arc-20220608; d=hostedemail.com; t=1703957586; a=rsa-sha256; cv=pass; b=c/+5OU7SQM5mKxYQX2EFolpCTeoW+3iRDttxnnrO3JK3oHdwkL+/ImOdvfd2d6oIiwTkeC nf0etFdrDDAlNy2XFQ2J1msI/T0ln7YInG2WaWdKkG9CDT/Zbvi0qRvpN5LeR3iKjjU9wI b6Sjm4LA3LnsqWUASzYc8UJ8HVGeNp4= ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=hmR7SNIieKu6JBk8zJ9kADYGl0G7f0fSYuCVBNGMeIWB4iS1EkaL1nY+rGhOT8wxsVUtIJ2HyxUbQtVFgTrQeBt2MZV8/DRKFqVl2quiKD9pIGgFm+Pop59F3pZIuQVNZNl51fPaHjah+wIJBXr7duxMHfz6Th3XzqURzlW8Y/Ly0f6sodH9KH3SMe03ip0LnQbIuh183d9CkxSFg3PSCxOm2rA9V0UrD0QM+hWximE5xkFBOAzO+hfkEDgaVnaAlg9hM1rcYzXgXTgOqZvpF2GP2SijBSM8haJxcQ5kGZbgk+1qVVxCHux7r1E5FW2cXtN11AVOrZe4ba7XYMndpg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=HMquHRfJhztWwAGw0aEjpzQfmonSkbdg6a9RKxKNMiY=; b=dbVeOajYY++Pzfc9g6eOg8zVkR6bs5vlbwb55Qy1zZzs45Mp7OVEXPPt3k8hPfu321a1ddt+zjWZ/bo1sXPImfmzeXJDD8m4VDZ1X9TvV33HRXOoYcicoMyuludLpxbrKPXejANgEOanA3ObWvoIXdWi4jNAeqXQJOxue4sSIYiKYcYxSfQcA2SH0Hi6rpSHvc77bRBB2MqbY8avJtPuuYs8vbqqzjoM81TcZMp13YWtx3Yb9FyLjfyU8UWpVzflRxpSIUUdOpKMjENtzi3a18xHnOGQIq3Z4Lrq1nf+WPpGfOD/rUePe32rM0HziVn/slyGB7m9aJ1C2yalz0G5AA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=temperror (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=temperror action=none header.from=amd.com; dkim=none (message not signed); arc=none (0) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=HMquHRfJhztWwAGw0aEjpzQfmonSkbdg6a9RKxKNMiY=; b=Vfs8TFwArqDodrhXSrJKPAEymSSPDwm2oaWkmestuJLWA7pP8rcOu8LJoEcMcfW9bJjegzi13Fj3IzLnVYSBEzb0P4X/1bK0g2HEV2HgtyRv6YBIrDuXDGemO8TexXFKbPXEebDEiLBlihjV25bLxZSuQuwE32CfxXuZT1PD/Ac= Received: from SJ0PR13CA0147.namprd13.prod.outlook.com (2603:10b6:a03:2c6::32) by SN7PR12MB7023.namprd12.prod.outlook.com (2603:10b6:806:260::16) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7135.22; Sat, 30 Dec 2023 17:33:03 +0000 Received: from CO1PEPF000044F2.namprd05.prod.outlook.com (2603:10b6:a03:2c6:cafe::e3) by SJ0PR13CA0147.outlook.office365.com (2603:10b6:a03:2c6::32) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7159.7 via Frontend Transport; Sat, 30 Dec 2023 17:33:03 +0000 X-MS-Exchange-Authentication-Results: spf=temperror (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=temperror action=none header.from=amd.com; Received-SPF: TempError (protection.outlook.com: error in processing during lookup of amd.com: DNS Timeout) Received: from SATLEXMB04.amd.com (165.204.84.17) by CO1PEPF000044F2.mail.protection.outlook.com (10.167.241.72) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.7159.9 via Frontend Transport; Sat, 30 Dec 2023 17:33:02 +0000 Received: from localhost (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.34; Sat, 30 Dec 2023 11:33:01 -0600 From: Michael Roth To: CC: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , Subject: [PATCH v11 31/35] KVM: SEV: Avoid WBINVD for HVA-based MMU notifications for SNP Date: Sat, 30 Dec 2023 11:23:47 -0600 Message-ID: <20231230172351.574091-32-michael.roth@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20231230172351.574091-1-michael.roth@amd.com> References: <20231230172351.574091-1-michael.roth@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: CO1PEPF000044F2:EE_|SN7PR12MB7023:EE_ X-MS-Office365-Filtering-Correlation-Id: 0b946496-a297-4964-53b6-08dc095d5fdd X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: uEUopIA+zJbIY2GCNfUFFoFgv805NV4/uVaDPWHvbUIqmjDmNrCzVxy5We4nxV5616O0BQT6GZn1j3o64VVbFDe6HsUiOqhv/egyRbQhJ+MgMI0W0xUPhZe0f2W7tPbmX8TdjAZ3jZkObO+EUbLmhE36FBqvPH3ljbUyMoQLZrVfw+lWWZGGtQaHn+Y+54tw+iliOKeqULiiHCh38Rgx1AexEeoX/17y7EACmgMFcchPcrlFuNBbA7yFUquHx+7ulvMKiAXADSTX1gbJPaqgEjWp4oSJjakc5qa+zEcoTqSydYUZo5nBeQ6VEn0bK2Vcw/wiQZb09xlwRWbZiBfUfvxU6TrjsH1lL/3RcGml0lQKjzNHqrY45sDpAGV7oQeYWxRLsVTsrNx18HykhQMuoWBlHlCU3xD/o1dl6SsW+MWY+3GF0IJPQbPSb3uGx80X4jwGTHNIchS/gwKAC46vm2Xv/N/EeBwNYR5fTS+jMRMNf+J5MEr9o24SCqk9G++e34PouTRBYXgvJCsVSu9Ex4pSXrnfyJqVR7+VgnRQJSgbT6h5Iu7Ms6Ps4RXywDb4Tc86Dr4s26vRmPMSGCsfqWNBn3B06o9spSzgNeIaLQrD3wQ5QnJWFdotLmdNndM3Z/jdgQYy7kSVwuk2m3wDSzFKHZh3TBhBDOAj1zugf7zxEkWmjqSVVpB4HI+dS/Zn/zjZHN2CfnzcnglwCsU85I/woBrTkVTRM4vYBjpLQZat+BnOTklkiE+YwExyOTG6VNB7yXnwWvKxTJaVZLg9CQ== X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230031)(4636009)(136003)(39860400002)(396003)(376002)(346002)(230922051799003)(82310400011)(1800799012)(186009)(451199024)(64100799003)(46966006)(36840700001)(40470700004)(26005)(1076003)(54906003)(70586007)(70206006)(40460700003)(6916009)(40480700001)(2616005)(6666004)(83380400001)(63350400001)(63370400001)(4326008)(8676002)(8936002)(36756003)(316002)(336012)(426003)(478600001)(16526019)(44832011)(7416002)(7406005)(5660300002)(47076005)(86362001)(356005)(2906002)(81166007)(36860700001)(82740400003)(15650500001)(41300700001)(36900700001);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 30 Dec 2023 17:33:02.3154 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 0b946496-a297-4964-53b6-08dc095d5fdd X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: CO1PEPF000044F2.namprd05.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: SN7PR12MB7023 X-Rspamd-Queue-Id: 5D9F112000E X-Rspam-User: X-Rspamd-Server: rspam02 X-Stat-Signature: txr79m9i14dji5zffiicwjyzwgmam6ym X-HE-Tag: 1703957586-317891 X-HE-Meta: U2FsdGVkX19CaDfcrE4gdFxBKvI5jUep3ogtG10RmRHbF24/i6dndUo8AmD7a/y17vC5lTh4R8ptH4lNF/vzejqMA4cAq46wBqEim1jbfHPcEhFxgqAKAJ1hOEQwDJmrhCbNLjOaay9WppNBD5vL5G5cxx88KWTBYEYz3FHo53+WhAd4oWULPkGIj3TY/nxryforRwRKLMaAAzf/fOJoY43GuU5Ae6vfBfHMCQNtzO7U/3MQ1lgNNcxToO7lUFs++oyh71E4CaM1dI/bDUqXvD6l6wLBy9thDz/KxVgsRZe5I3AXfXkkb2PWtLlCKXjNBk0TBE8r7SvzsdB5e9C1Tzr2w1th8ofvm1SjWXY4dwjs630nXfK/zzOYqqaOwClP58uVkxwC43gR6wAIgfgIewz1i9ap+wMxfwjYmqRjCKdHee+2UuRt/9zLGCk2dhDYanxCpfLW6FeSkD6AmEdwY6EckNd8hFcP0ooguWvfaMDDgUZUsG3bhxGlgXgDdsx+Fra48Y+mbus5siiQizuZTDI+YqUgW8Hd+N8HNlfCMc4z54GRsNYZApDr7vaDadr3tizPywsvKsWT4weqdeK7NdQCVJlBGzw2ld6uhdJpklcXsX8OrLGoVWjfBHanaG9wi8A/zHqZDZYMrqdUwanJKljtGDGZ80olGBsrsaIP4JtCjUQLfojDjO57gBtNdYZyPaB+T5yVnvhas4pbIFq39S8OXnyUaCmAxGYtpdYmMeJL6UCAb9yVWi2NXCYHqFpxggFdoYkTh6j+utZrEFfXs0+8WEkc0yC1eM55YfqKHtalYfmxMqWKqhcuYc6M0oVM33y7kuhZLZAO8JOUeuotaQ67Ur9z/zTz3hlJ75ZHTG21or49hWkjpyTUChbMNMkSj+MdnhljRnbIjVOiw4CWgRgiUKKRWx5O8HrXac4bPAMDEFiv5uokd1t/ZVKMZKyFPP17KlK1xNUTi2BNlCB sDMUo6h0 u6FkCCJJ+ouAnm2sa+//bpqfVrww16h5Ny7bsVldE9cBtJcyRhxaFBsIB3gJx7Uwr7BesHOlUaiWUWmWI4O/xLnmixg7FWV0rTMysr+n71UfYGMd4ZGU7gjfUTjkzmEsSHKvCPsro4KVWLY8geJ1gykBROpaDXe5V88BcDLL47fQw7qQyAqdTUBffDzL9L6nFTcRhR2qUbmFC1m8aqF7wBumMqdIbk87xrcGiVx3kvLsEQzAGvQnAqX0GHFz5llPF+kpNq2g8eKhNWt9sP0K4opro0Xjeuck/wGTNz4ywIEWzhp12MWfYC3T8yaC8n+Ru9IxR1xzDXHQM61M= X-Bogosity: Ham, tests=bogofilter, spamicity=0.000048, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: From: Ashish Kalra With SNP/guest_memfd, private/encrypted memory should not be mappable, and MMU notifications for HVA-mapped memory will only be relevant to unencrypted guest memory. Therefore, the rationale behind issuing a wbinvd_on_all_cpus() in sev_guest_memory_reclaimed() should not apply for SNP guests and can be ignored. Signed-off-by: Ashish Kalra [mdr: Add some clarifications in commit] Signed-off-by: Michael Roth --- arch/x86/kvm/svm/sev.c | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c index 5eb836b73131..2cc909cc18c1 100644 --- a/arch/x86/kvm/svm/sev.c +++ b/arch/x86/kvm/svm/sev.c @@ -2858,7 +2858,14 @@ static void sev_flush_encrypted_page(struct kvm_vcpu *vcpu, void *va) void sev_guest_memory_reclaimed(struct kvm *kvm) { - if (!sev_guest(kvm)) + /* + * With SNP+gmem, private/encrypted memory should be + * unreachable via the hva-based mmu notifiers. Additionally, + * for shared->private translations, H/W coherency will ensure + * first guest access to the page would clear out any existing + * dirty copies of that cacheline. + */ + if (!sev_guest(kvm) || sev_snp_guest(kvm)) return; wbinvd_on_all_cpus(); From patchwork Sat Dec 30 17:23:48 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Roth X-Patchwork-Id: 13507022 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 7A4A8C46CD2 for ; Sat, 30 Dec 2023 17:33:31 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 1A1336B016E; Sat, 30 Dec 2023 12:33:31 -0500 (EST) Received: by kanga.kvack.org (Postfix, from userid 40) id 150BF6B016F; Sat, 30 Dec 2023 12:33:31 -0500 (EST) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id F0B876B0171; Sat, 30 Dec 2023 12:33:30 -0500 (EST) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0015.hostedemail.com [216.40.44.15]) by kanga.kvack.org (Postfix) with ESMTP id DD4F16B016E for ; Sat, 30 Dec 2023 12:33:30 -0500 (EST) Received: from smtpin19.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay08.hostedemail.com (Postfix) with ESMTP id BDAA21409CD for ; Sat, 30 Dec 2023 17:33:30 +0000 (UTC) X-FDA: 81624181380.19.6300AC2 Received: from NAM10-BN7-obe.outbound.protection.outlook.com (mail-bn7nam10on2072.outbound.protection.outlook.com [40.107.92.72]) by imf09.hostedemail.com (Postfix) with ESMTP id BA1AD140017 for ; Sat, 30 Dec 2023 17:33:27 +0000 (UTC) Authentication-Results: imf09.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b=XsMawTG0; spf=pass (imf09.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.92.72 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com; dmarc=pass (policy=quarantine) header.from=amd.com; arc=pass ("microsoft.com:s=arcselector9901:i=1") ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1703957607; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=TIwk6SdQbKgnArTaU2+dt5LmQsuI63XFRKexbmVvLvg=; b=uILrPghATL6QBmCKiCDSg2wsf7lk+mYTm2d+GQgkln/mREiXMqln22ZYOTkhnEjzYpw3H5 3D1ruH4LGh5Kl6uZSF4V+Li1PRDvDkND730ibNtQW4+yWCPnR+At5hHUHOcUvQQIJ/swBc D/cYSs0cGDdrKpByMw0mwqXlJSY/1zY= ARC-Seal: i=2; s=arc-20220608; d=hostedemail.com; t=1703957607; a=rsa-sha256; cv=pass; b=bNXs3LELTTMWQDHpcouHe9LomnWNfWP72s2hHD31W1J5pkZd53nalvB8JECW2vPKPWA0Hj q/Ud26/X/152tOs7x1WSRQX3+T+R4dYZS6qX3IGmYYeAeg64atYnRQPAt0h66Ldj6wXq87 rPtEXpFtD28ms8XsdE34WWgYhQ1bytI= ARC-Authentication-Results: i=2; imf09.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b=XsMawTG0; spf=pass (imf09.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.92.72 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com; dmarc=pass (policy=quarantine) header.from=amd.com; arc=pass ("microsoft.com:s=arcselector9901:i=1") ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=RgilluhkTl+SNUjd2PdZGmqWIv5YMuTzpyB+ElKPiXtPITYMFTQEm2zzBDbCQhBVHDEEmf+E9NPnHflLKkQJ7+wXWJMv0oyfOnSNAPIomNeq/loyZFOt8mssuGNLaBuGC5lSrXYTehYGi1/2Lgq0T8MqRvQSFEmcVqXorAdJoAiduNlhQCKH+t12m5FOD0bxHaZbnlxYXPuez1vXo38k81XJKHPH6YizVzuWNW2YaILVVsPq5lCb7ViyKaRORHsZVgBjgC/K7pwirKWrIwfMjsasnzS0q7KyVmdeZnnips20UXM0FNjoSFuqh2E+izoSLlWnu4HRZqkigXmOFEIn3w== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=TIwk6SdQbKgnArTaU2+dt5LmQsuI63XFRKexbmVvLvg=; b=cw6/MTaolaHUR5LJ8gLiB269bW9Y+/hXwph1bBeSr01mAoowbQaEOeCyf4AIE5rSDB36d6+4Vl6ZR6YgWY0YdKDLGs8fKf50jm2AH4+5gjvLesDzz3/aLGsC0P5qQhxWZM6uZH1+zL9q9Jsh5968TpZbIf79GFxrGAZAkKTe2XWq/gL23zqEO2+yA4z9RXo8heq5pZhCtZgqdZi6c3fNOgDoxxQWas01LJbkgVMzn3pYsdQ0CQUsvggLgTFD+kYycRD0YSvmgELwCVC2iZGkkPyWv5g+M2UqOT0EbN9cFJOyc0dOkCCEqsPhLcNmg+cGCGaOtlky+6jScr15K8ZY/g== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none (0) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=TIwk6SdQbKgnArTaU2+dt5LmQsuI63XFRKexbmVvLvg=; b=XsMawTG0zOSqaYG+2PbG7pJwiTNuyRRCkLUbCm0iD3QThDBMwyqO0mdnzI25yQclNHtoFeB4jEOj27Y7BfD+edvTan8Oj5hqX9e5Ik+b6PYot2P7tgq1Te+R0c9zI0ACGYwfMEb+jhuOqXULzK5o2TRTPp9JgPGZnSDXTVURii0= Received: from MW4PR04CA0082.namprd04.prod.outlook.com (2603:10b6:303:6b::27) by BY5PR12MB4115.namprd12.prod.outlook.com (2603:10b6:a03:20f::20) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7135.22; Sat, 30 Dec 2023 17:33:23 +0000 Received: from CO1PEPF000044F0.namprd05.prod.outlook.com (2603:10b6:303:6b:cafe::6d) by MW4PR04CA0082.outlook.office365.com (2603:10b6:303:6b::27) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7135.20 via Frontend Transport; Sat, 30 Dec 2023 17:33:23 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by CO1PEPF000044F0.mail.protection.outlook.com (10.167.241.70) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.7159.9 via Frontend Transport; Sat, 30 Dec 2023 17:33:23 +0000 Received: from localhost (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.34; Sat, 30 Dec 2023 11:33:22 -0600 From: Michael Roth To: CC: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , Brijesh Singh Subject: [PATCH v11 32/35] KVM: SVM: Add module parameter to enable the SEV-SNP Date: Sat, 30 Dec 2023 11:23:48 -0600 Message-ID: <20231230172351.574091-33-michael.roth@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20231230172351.574091-1-michael.roth@amd.com> References: <20231230172351.574091-1-michael.roth@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: CO1PEPF000044F0:EE_|BY5PR12MB4115:EE_ X-MS-Office365-Filtering-Correlation-Id: 9bad581c-e564-4175-fb96-08dc095d6c54 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: KIeBUdZ0KOvrak0cKD9a4XtMhj+BtADQ1IwcUqSHVnomKptonprDZzut+aox9kbNgAoe+pAq/BqGvakCynD6xTFyPAVY3wBGGdJgYEWXcZOiCFGB1Unk3ZZNiWkGVoRom4ikazUem8lg3nbaRXJRfT8HBvD93hg7+7BYkcNb8kcik3ZXFXyy1ryDp7xDND+QOJn7OfUOOw0/ld8NlPXGQSED83Sqdu3OhwqutNp7ZX31j+ri0mPI1Vl/tnt0FXl/8X5UiNP+UUd2IIPHxr6d/ugLHMc8nmdUo150sfJbXequ8RTIUMRbcdoB4YJF8PSOrHwdj9/LUdhHyUVns7/1FufivA89H7sQAoYi4LmE1XFBDbqjECBSXJ4qL3hN7NGKMPDcibunI0cIuKVgyhHfMXkE8lEQ1X624uqaF0fDRE65jltcn0v5gS7C4XdffVYnoBjnAlVdaJrlxCUBaBJ3RMGfwhA/juYjGS4dCxysprOG2O/BgU5+YdC0JygSS+T5iqNWgPnKScaorEa3pZxaPfNIU8tKXHmO51HjKQ9FWoZ+qiqKt8nLQZWJmHgG0eVs3h4/lzKc86nDlg/s3rgq3dLl8oU0ON9pMkRU2p9cabse37YBLp+HhNtUWKwIaG/X1UNZlzEuAT+AF7dwBDH0f+cO93yjAXqfbF/HOlhAkFWD4OyNAoHsZSnnxUd7VoQcNfPblCaYiOhCvPA4TXk5yTFPJisP/wQdK04fgsqH1zqtpX6r+oEsVgSZyo5iqidosWkmU2rh+3h5FH9qlEkWew== X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230031)(4636009)(396003)(346002)(136003)(376002)(39850400004)(230922051799003)(451199024)(1800799012)(64100799003)(82310400011)(186009)(40470700004)(46966006)(36840700001)(40480700001)(426003)(83380400001)(16526019)(1076003)(26005)(2616005)(40460700003)(336012)(478600001)(6666004)(47076005)(41300700001)(316002)(54906003)(70206006)(70586007)(6916009)(36756003)(44832011)(4326008)(8936002)(8676002)(36860700001)(356005)(81166007)(86362001)(82740400003)(2906002)(5660300002)(7416002)(7406005)(36900700001);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 30 Dec 2023 17:33:23.2166 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 9bad581c-e564-4175-fb96-08dc095d6c54 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: CO1PEPF000044F0.namprd05.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: BY5PR12MB4115 X-Rspamd-Queue-Id: BA1AD140017 X-Rspam-User: X-Rspamd-Server: rspam11 X-Stat-Signature: ifu1az4bp1ixyi49krqyk7b9b8in6f1e X-HE-Tag: 1703957607-73333 X-HE-Meta: U2FsdGVkX1/Y2UdVq+jCtz3fhRinbj0yhCChEOJ4Odbp5kW9wOTzjrd4SF+nEVp/m5Td1qDnMJhUHMkbCPnpsa4+0XUOWkgxga9I6RWFCObQeaXUJY/xN8sEvIYb8Tp0wJjPTaTjj4rkF4tvGcb/grIOBsBs1/Wx1g32jfMX0nHcY8dAJWO5ZNrj4S+K+VAfJyrDnl+FgdRN7oHzrVCTdxTOTJhUPVkvAxcacWRLtcOQmyJkwl5mK+1mLTvnYDZuhsSTulVQh8RH5uKC4Q+mQDFCcpRSpVNu8TSM2e9zduHo6AitVlAYwiKpcjlz2t4UEQuOgi5Ficjuq+LKBxuX4w7NiV2HFjbN1XBexuCOpoo6ZbKSBJ9ukxrwyjbfITa4YFFfoOQBhTl6LzkGVfE7Ykp0sBq+buEet8R7lcP6BHBEktGtwdO1a/TAc/Ht84UphGiAuijZwB5KdleJGeHMugc7d/X+WEJhqG5Z9Lgb+W8stWh3cKDcNZgzOGlOCZHxFAq5UIte7tY5n39kRHtWtEguLAbcgOoaV4ScJfS3tu5nZZiNl5B/qojfkzFQa8awX62j7RcPvTt4Gf/dn8fr91IRu+i7h/ayVVYVDEpF0PAOHIvKZ7t9HeWkGIe/vgdmEgXzm7oRVQibM58utvgC6s8hAgIRj2RZpyl9TyPSmiFtdUAmKg5HQfTL60ZiMoUNVfk/8bLtmeb99Zz0BuOx0w/ANFTEUFDleEqRsTV6IONot1DgoXl/RHXKgTEyctFvEIUtZuHUB3KPrv3ej10pWY4HQ5wqnLrOhs0y7WRC6DzN8D3zgzrpHpcFLLoLIE7St7j23Wnmiagcg0DmfeBMGY1cKU7H8zf7az8ev2bN31QlpC3oHYo3kxlHJY0+hoGCJ+XThAfVR37pY952eooa8Rm3kUb5WUcc+0Dwl8gRJRefI6kpNUJN4iUxlW0co5c3aC/NIivzP8iJ7e0/S0m GTv4PT4x 779kik2ut3t3Vu0/SeY6PTAwgtjSdO/z+Fd0GzZ5svaogdTpP0vRshdjjEz3euHiRTOhhriHh8nTa/kxJE6D7hnScoy5KqW9f3zEnQhJ5s4L7XdKKtA98g1ZSc6BlxM8iHfTAXEqS5P4nA06xdI51e+uv+G/atZRjpqJ+2bxz9GbNtPofw1qUrej0Q7WGZfQ2rzxSvcizsJWI6x6x5eo6kpKH87m4+FGYLVNqM00jBaHM99BN2G13nsFQRqRdc9oA17Aqc5bokZ5dcolLT/N9fesrdHk+0/5W/QncUpAQ64PYyEUXq4Nl7pd0pXU7U7dGbHq+mNiw9LPouXb4g0ZkT80OaKnPoda/+tq8aSOsKQ/jjaj8lY0QV5gRjQ== X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: From: Brijesh Singh Add a module parameter than can be used to enable or disable the SEV-SNP feature. Now that KVM contains the support for the SNP set the GHCB hypervisor feature flag to indicate that SNP is supported. Signed-off-by: Brijesh Singh Signed-off-by: Ashish Kalra Signed-off-by: Michael Roth --- arch/x86/kvm/svm/sev.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c index 2cc909cc18c1..30a2e75fd94f 100644 --- a/arch/x86/kvm/svm/sev.c +++ b/arch/x86/kvm/svm/sev.c @@ -61,7 +61,8 @@ module_param_named(sev_es, sev_es_enabled, bool, 0444); static bool sev_es_debug_swap_enabled = true; module_param_named(debug_swap, sev_es_debug_swap_enabled, bool, 0444); -static bool sev_snp_enabled; +static bool sev_snp_enabled = true; +module_param_named(sev_snp, sev_snp_enabled, bool, 0444); #else #define sev_enabled false #define sev_es_enabled false From patchwork Sat Dec 30 17:23:49 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Roth X-Patchwork-Id: 13507023 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 59AC2C46CD2 for ; Sat, 30 Dec 2023 17:33:53 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id E4CB86B0175; Sat, 30 Dec 2023 12:33:52 -0500 (EST) Received: by kanga.kvack.org (Postfix, from userid 40) id DFE246B0176; Sat, 30 Dec 2023 12:33:52 -0500 (EST) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id C25D06B0178; Sat, 30 Dec 2023 12:33:52 -0500 (EST) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0016.hostedemail.com [216.40.44.16]) by kanga.kvack.org (Postfix) with ESMTP id AEACD6B0175 for ; Sat, 30 Dec 2023 12:33:52 -0500 (EST) Received: from smtpin10.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay08.hostedemail.com (Postfix) with ESMTP id 89A71140304 for ; Sat, 30 Dec 2023 17:33:52 +0000 (UTC) X-FDA: 81624182304.10.BAD7101 Received: from NAM02-SN1-obe.outbound.protection.outlook.com (mail-sn1nam02on2065.outbound.protection.outlook.com [40.107.96.65]) by imf08.hostedemail.com (Postfix) with ESMTP id 92E2C160004 for ; Sat, 30 Dec 2023 17:33:49 +0000 (UTC) Authentication-Results: imf08.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b=eJowD5NC; dmarc=pass (policy=quarantine) header.from=amd.com; arc=pass ("microsoft.com:s=arcselector9901:i=1"); spf=pass (imf08.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.96.65 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1703957629; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=c83HM5braGtmsmOQhGi/rs5ShU/4UgIj0xjH/xtMows=; b=TiLgR3ulSURz9WWoyLa03ynDSd2P5YNoRbjbFsJ9Y52PM7fR3Pxum3k+tMjI+GZKHfTmVp q/owaWI9diMSM+8exeDCwwle2Dn/5hmJ5zt8cOinZ8AK9367FtDkshJcOuG5gCCoLXPdqL 05iw2GW0jXpk+TNmfJTM6cD3binTH60= ARC-Authentication-Results: i=2; imf08.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b=eJowD5NC; dmarc=pass (policy=quarantine) header.from=amd.com; arc=pass ("microsoft.com:s=arcselector9901:i=1"); spf=pass (imf08.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.96.65 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com ARC-Seal: i=2; s=arc-20220608; d=hostedemail.com; t=1703957629; a=rsa-sha256; cv=pass; b=ndDWKfmrS9cIIYuCFUDwJJ4/l1aLuO6c0NTKLP9Uq2CVydsl5Exc3f4ie3sTSTBLSiOLB8 Xp62juB0eP+MQPXohfmBOjz2gk5dMN43H0UPQ/EOyWWEToAXVryedsdFLebj9y9ny6kD0d oDcJBGJ4q5OTxTCYZxFe6oRVcz5x1QA= ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=R8M9fvP9oCeT3ICPPsb2b1o3/5Nb7QfuIzjFP+qiO09d7zDl2sMBIdFtA6zr5tALFOOgv/s7cQCLenGWqn7mKxZlzJIZAQ0idTAWP6C8AnFmHss1MNaWJVJXjyTFeUJh4o2KfzhPyicqpFkGB7Uh2UiBTM7socADOnK7EDjFpoV+YGPRb5sIxjReIxhB+OgFxG2kfl70eoGhW2xlS3r3/kzs6pCCfYrFcZQDWdwh93D5IdyNMgpw/lUyp6QSGg9hzPAUCDDESKOzLQRW8ZnyhRFdTrAboZKSbDbBWqerj7jSaQaMninQOkGqvFUdd3eCazihDSGXEEO5u8gy7r2Xmg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=c83HM5braGtmsmOQhGi/rs5ShU/4UgIj0xjH/xtMows=; b=LPwg+wX731pwUhXhNF/SFjKh06vSJBZuBrPGRnLv49YA1nK2DSYHZN9F08Uct1FJWvUpVBfj0h/C7ldtp02xQiS4zeB+dIKDS/9zFfM4h2MLdGoSH7XFDLmAy6LUCcbHOw04ZEeBN4xzaxsj+z7Iqp28n/iQplUVw4Vm3BQklnnGkplfH5lQtaYCpsV8VWGx7Tj5e/fMFLRUxgj1DOJNsVcYXT506c98GLP8RKk/MlZyvfrxof0bB4AIVjxjtEvh+UTQcY6WFHReuDWda5RRjoTbh6Y7uk6WuWtbeFB/8uOZz1Y4Ag6oyvOaelfe3yQ+nyuz/4NdJKi+z6bt6jN9Pg== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none (0) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=c83HM5braGtmsmOQhGi/rs5ShU/4UgIj0xjH/xtMows=; b=eJowD5NCC68zJsdfPmA/hVzlONYlxBMJhQ6NE3zsh4HOOiGwseFN52NFxC9PJfMuehZiTohSeY57KdlESTqh2N0sqdxK7zm7YG0vdow/tqQboohICGKJJbOk/FHGxErQrVK5pUpTk02XWg93knNJm7UOrSZlSpZyMFQ8ev/Jc6g= Received: from MW4PR03CA0042.namprd03.prod.outlook.com (2603:10b6:303:8e::17) by MW5PR12MB5650.namprd12.prod.outlook.com (2603:10b6:303:19e::12) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7135.22; Sat, 30 Dec 2023 17:33:44 +0000 Received: from CO1PEPF000044EE.namprd05.prod.outlook.com (2603:10b6:303:8e:cafe::4d) by MW4PR03CA0042.outlook.office365.com (2603:10b6:303:8e::17) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7135.20 via Frontend Transport; Sat, 30 Dec 2023 17:33:44 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by CO1PEPF000044EE.mail.protection.outlook.com (10.167.241.68) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.7159.9 via Frontend Transport; Sat, 30 Dec 2023 17:33:44 +0000 Received: from localhost (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.34; Sat, 30 Dec 2023 11:33:43 -0600 From: Michael Roth To: CC: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , Brijesh Singh , Alexey Kardashevskiy Subject: [PATCH v11 33/35] KVM: SEV: Provide support for SNP_GUEST_REQUEST NAE event Date: Sat, 30 Dec 2023 11:23:49 -0600 Message-ID: <20231230172351.574091-34-michael.roth@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20231230172351.574091-1-michael.roth@amd.com> References: <20231230172351.574091-1-michael.roth@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: CO1PEPF000044EE:EE_|MW5PR12MB5650:EE_ X-MS-Office365-Filtering-Correlation-Id: 06977612-de3a-4a6c-0b6a-08dc095d78bc X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: XkssRwmS9CbE2bdAyGu63/Q6W9BrH8ZgAeu3mPlXMl8jhVkdQ7/qBCWNgJyLXazpEMgE8nE8CJ2bIaxuzhMziQK1E26wqMyeVl12c5oEcxAdn/dXlER22KG317UpbJm0F2dgqXqTvJY9ZI4oJGdzgGjhFPapHpeR1a6DP3C8DL2JwNIsLRR3x22F4fcP3yxYB2z9g17GE2DZ3TcJ+S1b3yiYKmfnqZYDcJO5wGJPV6TEfIGyZz6W78xVZ8LLS8SdNFp1kUd3Zwh14va8xwU+nYHaGIj8ZgKs51Pq5z2LHJouCVeHVa09jPBGyCYYoTjN4Z8ByLxXlX5aZMDJMrjDYLlk/h0yn6eUfE41DJpAC9v385h+JpFWAg4rUZM1S4Rja29RX8/7qQpPH84UISjUTFM0P+9XcowuYER7hCZjUkmhlpPFm9zlfgYRndMQWB5/ech4CdkaGiwSN5U9U5mex1/yDItNSoS5I7hmp7qLnM4dRlaNV1dhnKA7K3pCsyPmxv5EZSJKYb6lepF6H7d98zcOdr+EufA/4S9LaXTaYBt16vWd01W8GL3zJnswL1V3m4+b+RZNqmgiwZx79vusR7dYrstAOYiAFQ4m/0yELWNqXCdxJU9tQ8UegyGZQYZY5/iS0PWz6G787r+iNwcRmV/biBcSrhHE6bUE6D8phCtXpJiyPJqkyUiPk78zSVDI9mhU/AGIMqfey9x/XltmihMA7qIiEYdeGcYriCsWmuFFZs/5jKR24n9I+h+eIpim9ZhrTl4rKq3SP4msAGX5Ug== X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230031)(4636009)(39860400002)(396003)(346002)(376002)(136003)(230922051799003)(82310400011)(186009)(64100799003)(451199024)(1800799012)(40470700004)(46966006)(36840700001)(40480700001)(40460700003)(41300700001)(2906002)(7416002)(7406005)(5660300002)(44832011)(8676002)(4326008)(316002)(6916009)(54906003)(70206006)(70586007)(8936002)(36756003)(86362001)(82740400003)(81166007)(356005)(478600001)(47076005)(83380400001)(36860700001)(1076003)(26005)(2616005)(426003)(16526019)(336012)(36900700001);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 30 Dec 2023 17:33:44.0403 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 06977612-de3a-4a6c-0b6a-08dc095d78bc X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: CO1PEPF000044EE.namprd05.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: MW5PR12MB5650 X-Rspam-User: X-Rspamd-Server: rspam12 X-Rspamd-Queue-Id: 92E2C160004 X-Stat-Signature: wbpmjsxp7tpo1psfp5uyyauads7umzi4 X-HE-Tag: 1703957629-685306 X-HE-Meta: U2FsdGVkX18bf8Sxg9ZIgcDwd0TtTzYEcEKJ7MgZ8XhhiprQCKaS8VFpmT4BYGXxFgOviHbi0ccWtnEz7UOaZH609tV5XrvJan2e+quIe6h2K9uR67K62UjkwIqjye106I4dtfqFw6gPGrGPg0xJ/QXUIyQPHvXI1uAaiLXj7JCvH8HIvx0EFiIBAPoDllX099qrBvJGSr6HiIqdHAhEGh6oWQCHQIADgV9CvZ5nPjcld5qDP0ZYclQql8zsZTEZXFGgZkAInUlRk3rooDQ5G4zlXoP8IGZSrSu4MPk+q41rKBM97xXGjwPU5UCkl8r0VFwpXOqW7vFovgqeqfICjSpZk0z6xblam7hlmNX8mKuiW1m+IP9zHk/vTQ9PGLEPQNEhcGnKdTd1eIR8+bznMjWk++cbMcVm5qyY+0QRSZXxi0DuySL86mnRIEpM+RwlGH2d4VbPeuU+17VdBkdfj2AOqgzEWakijMAA8WA1+WGlYXK+XgGC+oHyQ+KZuBtMbadKkbyvetdW8Rry6SsvFbUm3dApR9sbGkdLW8zrtb1GHn/o9K/10E9+qnKGlrmHqNymp8hd+obeRjmhFhRiOZzysphZqaZIjeVriLAQw/JTCJMkxhI/nBl/Ao4iob2ERygBWmrNZwb3GzzXJzgU1Bj5ISQmWVCyQHID3PtcZ0+w8UhHQuyydMLgnskL1CS+kGhv+c6Anna5NvFvL9/wK9jfh1aX+etS4FQxgpQVdZeLJvtO304hWyvI2i4D9lbFjy2Fkq5F/Uy3gIRsFwuZXCHqGpFODcS3hLurZ2cj8OaqbAVNh20bghhI8TvWVRZ+IQwyAR7h+hRB903zK/LTlrUVSG8/EExSwD3YLSjEAwFvTZuUBIaBOMp8uQfbBO97bZ2NbmYBMKF14cLAjwcQLxhKVTWromO3Ezua/MJ7IOB14idXQZQnyoa7PCEcNXQwfdcz5HlYSSO8PftWNEE 8211lJay bY7WqKum7Goj5UkclNBPWaStkcndpnls7ukDpJn13ORiPzaYA14m17iLS3942exfK1Dpv1T7ZZG4x85XZm0iw4iSWORMgYDbponi8tG75/8OD0LOE/z2t+dCINhwi5LqjNQcSIht7/BML+hwVjWjsryWd9Eo8sw2JPlWxs4PzZ5GZsrHW8xvxaGrXQ26xQtb0rpA2SfWsFkNwLrcwhbl01YhUz61EmV+es12DY7KJG80i5ZLo4MFcuo4PyysPe16aW0PTpfMkODvqbiHLL3u26K1WX0axkGr+gM2shXf/nxNLwnYEZKFMR0fY/slVQnVmRl4fXo6fG1JiGvmXli5TPpV/9gjZO1d/0Yo3s+yWYTeV2Yrsa6R4aKWlgxx6CkU7vmv7 X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: From: Brijesh Singh Version 2 of GHCB specification added support for the SNP Guest Request Message NAE event. The event allows for an SEV-SNP guest to make requests to the SEV-SNP firmware through hypervisor using the SNP_GUEST_REQUEST API defined in the SEV-SNP firmware specification. This is used by guests primarily to request attestation reports from firmware. There are other request types are available as well, but the specifics of what guest requests are being made are opaque to the hypervisor, which only serves as a proxy for the guest requests and firmware responses. Implement handling for these events. Co-developed-by: Alexey Kardashevskiy Signed-off-by: Alexey Kardashevskiy Signed-off-by: Brijesh Singh Signed-off-by: Ashish Kalra [mdr: ensure FW command failures are indicated to guest, drop extended request handling to be re-written as separate patch, massage commit] Signed-off-by: Michael Roth --- arch/x86/kvm/svm/sev.c | 83 ++++++++++++++++++++++++++++++++++ include/uapi/linux/sev-guest.h | 9 ++++ 2 files changed, 92 insertions(+) diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c index 30a2e75fd94f..05051e36926d 100644 --- a/arch/x86/kvm/svm/sev.c +++ b/arch/x86/kvm/svm/sev.c @@ -19,6 +19,7 @@ #include #include #include +#include #include #include @@ -3109,6 +3110,7 @@ static int sev_es_validate_vmgexit(struct vcpu_svm *svm) case SVM_VMGEXIT_HV_FEATURES: case SVM_VMGEXIT_PSC: case SVM_VMGEXIT_TERM_REQUEST: + case SVM_VMGEXIT_GUEST_REQUEST: break; default: reason = GHCB_ERR_INVALID_EVENT; @@ -3539,6 +3541,83 @@ static int sev_snp_ap_creation(struct vcpu_svm *svm) return ret; } +static bool snp_setup_guest_buf(struct kvm *kvm, struct sev_data_snp_guest_request *data, + gpa_t req_gpa, gpa_t resp_gpa) +{ + struct kvm_sev_info *sev = &to_kvm_svm(kvm)->sev_info; + kvm_pfn_t req_pfn, resp_pfn; + + if (!IS_ALIGNED(req_gpa, PAGE_SIZE) || !IS_ALIGNED(resp_gpa, PAGE_SIZE)) + return false; + + req_pfn = gfn_to_pfn(kvm, gpa_to_gfn(req_gpa)); + if (is_error_noslot_pfn(req_pfn)) + return false; + + resp_pfn = gfn_to_pfn(kvm, gpa_to_gfn(resp_gpa)); + if (is_error_noslot_pfn(resp_pfn)) + return false; + + if (rmp_make_private(resp_pfn, 0, PG_LEVEL_4K, 0, true)) + return false; + + data->gctx_paddr = __psp_pa(sev->snp_context); + data->req_paddr = __sme_set(req_pfn << PAGE_SHIFT); + data->res_paddr = __sme_set(resp_pfn << PAGE_SHIFT); + + return true; +} + +static bool snp_cleanup_guest_buf(struct sev_data_snp_guest_request *data) +{ + u64 pfn = __sme_clr(data->res_paddr) >> PAGE_SHIFT; + + if (snp_page_reclaim(pfn)) + return false; + + if (rmp_make_shared(pfn, PG_LEVEL_4K)) + return false; + + return true; +} + +static bool __snp_handle_guest_req(struct kvm *kvm, gpa_t req_gpa, gpa_t resp_gpa, + sev_ret_code *fw_err) +{ + struct sev_data_snp_guest_request data = {0}; + struct kvm_sev_info *sev; + bool ret = true; + + if (!sev_snp_guest(kvm)) + return false; + + sev = &to_kvm_svm(kvm)->sev_info; + + if (!snp_setup_guest_buf(kvm, &data, req_gpa, resp_gpa)) + return false; + + if (sev_issue_cmd(kvm, SEV_CMD_SNP_GUEST_REQUEST, &data, fw_err)) + ret = false; + + if (!snp_cleanup_guest_buf(&data)) + ret = false; + + return ret; +} + +static void snp_handle_guest_req(struct vcpu_svm *svm, gpa_t req_gpa, gpa_t resp_gpa) +{ + struct kvm_vcpu *vcpu = &svm->vcpu; + struct kvm *kvm = vcpu->kvm; + sev_ret_code fw_err = 0; + int vmm_ret = 0; + + if (!__snp_handle_guest_req(kvm, req_gpa, resp_gpa, &fw_err)) + vmm_ret = SNP_GUEST_VMM_ERR_GENERIC; + + ghcb_set_sw_exit_info_2(svm->sev_es.ghcb, SNP_GUEST_ERR(vmm_ret, fw_err)); +} + static int sev_handle_vmgexit_msr_protocol(struct vcpu_svm *svm) { struct vmcb_control_area *control = &svm->vmcb->control; @@ -3799,6 +3878,10 @@ int sev_handle_vmgexit(struct kvm_vcpu *vcpu) vcpu->run->system_event.ndata = 1; vcpu->run->system_event.data[0] = control->ghcb_gpa; break; + case SVM_VMGEXIT_GUEST_REQUEST: + snp_handle_guest_req(svm, control->exit_info_1, control->exit_info_2); + ret = 1; + break; case SVM_VMGEXIT_UNSUPPORTED_EVENT: vcpu_unimpl(vcpu, "vmgexit: unsupported event - exit_info_1=%#llx, exit_info_2=%#llx\n", diff --git a/include/uapi/linux/sev-guest.h b/include/uapi/linux/sev-guest.h index 154a87a1eca9..7bd78e258569 100644 --- a/include/uapi/linux/sev-guest.h +++ b/include/uapi/linux/sev-guest.h @@ -89,8 +89,17 @@ struct snp_ext_report_req { #define SNP_GUEST_FW_ERR_MASK GENMASK_ULL(31, 0) #define SNP_GUEST_VMM_ERR_SHIFT 32 #define SNP_GUEST_VMM_ERR(x) (((u64)x) << SNP_GUEST_VMM_ERR_SHIFT) +#define SNP_GUEST_FW_ERR(x) ((x) & SNP_GUEST_FW_ERR_MASK) +#define SNP_GUEST_ERR(vmm_err, fw_err) (SNP_GUEST_VMM_ERR(vmm_err) | \ + SNP_GUEST_FW_ERR(fw_err)) +/* + * The GHCB spec only formally defines INVALID_LEN/BUSY VMM errors, but define + * a GENERIC error code such that it won't ever conflict with GHCB-defined + * errors if any get added in the future. + */ #define SNP_GUEST_VMM_ERR_INVALID_LEN 1 #define SNP_GUEST_VMM_ERR_BUSY 2 +#define SNP_GUEST_VMM_ERR_GENERIC BIT(31) #endif /* __UAPI_LINUX_SEV_GUEST_H_ */ From patchwork Sat Dec 30 17:23:50 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Roth X-Patchwork-Id: 13507024 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 8013EC46CD2 for ; Sat, 30 Dec 2023 17:34:12 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 1526B8D0023; Sat, 30 Dec 2023 12:34:12 -0500 (EST) Received: by kanga.kvack.org (Postfix, from userid 40) id 103648D0012; Sat, 30 Dec 2023 12:34:12 -0500 (EST) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id E96D98D0023; Sat, 30 Dec 2023 12:34:11 -0500 (EST) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0014.hostedemail.com [216.40.44.14]) by kanga.kvack.org (Postfix) with ESMTP id D667F8D0012 for ; Sat, 30 Dec 2023 12:34:11 -0500 (EST) Received: from smtpin27.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay06.hostedemail.com (Postfix) with ESMTP id B59A7A198B for ; Sat, 30 Dec 2023 17:34:11 +0000 (UTC) X-FDA: 81624183102.27.2E8DCE6 Received: from NAM11-BN8-obe.outbound.protection.outlook.com (mail-bn8nam11on2041.outbound.protection.outlook.com [40.107.236.41]) by imf12.hostedemail.com (Postfix) with ESMTP id B977540002 for ; Sat, 30 Dec 2023 17:34:08 +0000 (UTC) Authentication-Results: imf12.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b=NxN+tESr; spf=pass (imf12.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.236.41 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com; dmarc=pass (policy=quarantine) header.from=amd.com; arc=pass ("microsoft.com:s=arcselector9901:i=1") ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1703957648; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=OBZ+nSrwGeIdfIdDGpvKWJpGg1lN5AAkK8SmiPKEG/8=; b=hj3EViM/2BlioY18ZG5W+76wKVbb0P2hb37mllTwrP6phFSvLG2/dI9dZRZ31LFA/UEG6Q qBLL1Cy5IMEb6kQp8XVmgh1MdFBupKxqXYsUZ/ulEjr40oZvmTK8WTk3mzVMm0/LcDWOcE DCZisb9ihBiE6pGLzRfFb9DeUPOMNQs= ARC-Seal: i=2; s=arc-20220608; d=hostedemail.com; t=1703957648; a=rsa-sha256; cv=pass; b=vBB+brSbiPej0J9hwVh5MCMmNnuvbYtbmqBk3ItvfAsetHTuP7wQ1dJUsQJlTiC7kbLul6 /fXk4klEtagAFl1beK2c9XEDq04t3/QBmEzSKq43yL3qrDhAXeZTJMsPHZJnMTHfujkfFp v0ZZJybOQYH/ECk3Viy38kOvLHnNVt0= ARC-Authentication-Results: i=2; imf12.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b=NxN+tESr; spf=pass (imf12.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.236.41 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com; dmarc=pass (policy=quarantine) header.from=amd.com; arc=pass ("microsoft.com:s=arcselector9901:i=1") ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=d6OzabGEefmxWECjGW0+leNgqcr1s8KBLhwHTuoam4jPI7ybaOXVJkaXeB8ve4f1e1A4b6d1MTfaLR/rG9Z4KseXDUfLQ04c7Svn+7unv7o4HHjQSYbA4tyyzPXhYRJeF4+dxrg4oGnXdZcBmKOrRNlnVHuajwKcf4OhOFvjwqs8Xm9LEbLaJcItjWi3yBVHf84MC9tTpJwY9CGh18lMAqEoo7WVzJ2+zpW+wmkKcFDk3Lc7CsRt06a1h10XWzg4bQeU6lYJa08SvAIlbbHL4Lw2zcsVFP28v6qKs9scJqe6N0eTfi9rtBkpphHSmlqsCNaRTtsEobCcZree0ugDHQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=OBZ+nSrwGeIdfIdDGpvKWJpGg1lN5AAkK8SmiPKEG/8=; b=l3ZmjQwvIv15TKHCRK3hc8DxGhCdVAXrWkoVOZfQYQyGdZf3AkLycOO/gXMzLUxgAte+gxKXGLLRDs+E1IOv4AIyQEYfyMeA4eT7SSKLe04W1jnPdD+PDfjUZpdlpTncf3D7X+noSmvalM+Vfs2iuQoBxXNXZhGeHG02lj6wL7s+UeO7qT8JdwPtA4kgGRBfGvpjlQQYPjo85ycWP5zBhHeluLyhIV3NjQfAvo1ADlZ29Ob3p7BraPPZdjIvjqhnF97UUNaMEJkzacoxB/jkFoopAilZzfZjCPfc2ggVLrzAYIYVWjcyBCVZ1HxeTxPgmowFJ3zXobq9wC7npip7QA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none (0) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=OBZ+nSrwGeIdfIdDGpvKWJpGg1lN5AAkK8SmiPKEG/8=; b=NxN+tESrp4uTgQ6OeMhwqHOVHasTuTl25y0DThYySnnqr5veDLCpCqNNScGcljEBDqmHVuEsPdoo/j/kYmVFEZdU5BVoixZ2QMDypTiiRrUWaDfi3CFvROSHyiO5IFoXZOBi6iOXkP1tQAvKi13op9gX7Th1R7pIznzHjaxUZ1I= Received: from MW4PR03CA0237.namprd03.prod.outlook.com (2603:10b6:303:b9::32) by MN0PR12MB6103.namprd12.prod.outlook.com (2603:10b6:208:3c9::19) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7135.23; Sat, 30 Dec 2023 17:34:05 +0000 Received: from CO1PEPF000044F0.namprd05.prod.outlook.com (2603:10b6:303:b9:cafe::54) by MW4PR03CA0237.outlook.office365.com (2603:10b6:303:b9::32) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7135.21 via Frontend Transport; Sat, 30 Dec 2023 17:34:05 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by CO1PEPF000044F0.mail.protection.outlook.com (10.167.241.70) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.7159.9 via Frontend Transport; Sat, 30 Dec 2023 17:34:04 +0000 Received: from localhost (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.34; Sat, 30 Dec 2023 11:34:04 -0600 From: Michael Roth To: CC: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , Subject: [PATCH v11 34/35] crypto: ccp: Add the SNP_SET_CONFIG_{START,END} commands Date: Sat, 30 Dec 2023 11:23:50 -0600 Message-ID: <20231230172351.574091-35-michael.roth@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20231230172351.574091-1-michael.roth@amd.com> References: <20231230172351.574091-1-michael.roth@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: CO1PEPF000044F0:EE_|MN0PR12MB6103:EE_ X-MS-Office365-Filtering-Correlation-Id: b41db981-faa0-4363-fad7-08dc095d852d X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: fy5BnvsnP9lk20RkToVZ17q5jBZxN0yvitSwr1RGxpPyg8eaNdMitCTNOeEWiMKnl5+Qo0/gvLGTed5porcv8IVrnIsBEvYIUpkleo6fNdTxVN79lupbM1kdpi08fdCo8lY5RPsSyKs7i4Oi0/Dc1JZ3C8wSxXA4Tx2Pkwo2PJ+/wabMQZsOwpkxKt0csmpoo32UFOpacqDP4pabW8u/HpCY01wXLSyshWXF0VKJKcJK4T00fFGxdNSvqm3MUVwF8taGsyUNK59vG2Ba38JjQ/+8hIT7YGJBNfpreAeVCPI0t3GR1zSGzIRZxBvpsFHmHF8RLI45NIMq+64W3DSMopF+CbtXgmv6PheLxrSNNlze0anrcnU3pKNHJf0s5TZ0SJTkS1senBlV2OHrDELM5lvJ0m3H13d/rYFONEkz6Or/pkYRcfIsiEIXY2mp5tFGb87VNvqKasPGxBShth0kn4ngqEEeolpcsV8NykYBO8UsTULyf2SfwXB56jDmn0YfHdrRvksbAu3smN1VZyjHF2ovNSJkFrEtb5sUsWhmLNf++7kPiFTPxDrTmdbhSRhQnLMZRROVkTRHm588w8X8NjK7cbnIFig9IE810yO0yGxRSN2y/Xzy8GEHRRTmFHrliKOmnG4alm6Y3CxkC0rAYeyEFnmWgclBGz+jeIy2sxKmcaAPdnRgZ9uUuBtfh3chW39Xq8NhkC+GqVZlxIpwLp2wB49gOyRTCvX8FTlwWGP63NAW84OTcoRxuQkhR1v1A5a0JuYSJVpYBdOHJgWtBw== X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230031)(4636009)(376002)(346002)(396003)(39860400002)(136003)(230922051799003)(1800799012)(451199024)(186009)(82310400011)(64100799003)(36840700001)(46966006)(40470700004)(7416002)(7406005)(2906002)(44832011)(5660300002)(41300700001)(356005)(81166007)(478600001)(86362001)(82740400003)(6666004)(36756003)(83380400001)(26005)(1076003)(2616005)(336012)(426003)(16526019)(36860700001)(47076005)(8936002)(8676002)(316002)(4326008)(6916009)(54906003)(70586007)(70206006)(40480700001)(40460700003)(36900700001);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 30 Dec 2023 17:34:04.9353 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: b41db981-faa0-4363-fad7-08dc095d852d X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: CO1PEPF000044F0.namprd05.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: MN0PR12MB6103 X-Rspamd-Queue-Id: B977540002 X-Rspam-User: X-Rspamd-Server: rspam11 X-Stat-Signature: h58r1pm8zczjpnm3j6boh4g76sgu6wym X-HE-Tag: 1703957648-787780 X-HE-Meta: U2FsdGVkX1/adQHyxoADHVIfGnGqRQcEqm4rdjcIAr+TEw9KqXxdZf6tbKwUDUOVWbbOkjd7VsLW/4zNHJpvsLqcxH6S5RZ8GxAP9Duik82U7JGZFvRsNWMivWWsbrLL3aUEKlt245Y87JIMk7F38XyW4msHQ1dcQ3bFKstFqlusCMz5XnAf5Wg2MgW1hzdoNpaAkjNl6Q/yiNpU2i2iXACeoaV67UX3DfS7rLcnUQALdShp3WzwIh301tlpGBWfbEZWUZPBqFkklUSVQrE6j28O/wN99VvYhkAkljXqJzSwvbdE0dlsnz/NnxIQx2CJ0qVxaa17Idx5X+6rPI5AxfH9SiXrnopL1WkSXgfCQG8lwNZb0fFo57PYBiikKIWbPaJXUypKvZTbVg1gbeEukxPyO1xadC0A7mnO1uWyOoMBo7kdZMs7+vWtpNmIqEHuhToFKWF/WkHWS3xIOtcL0r2PErcvzl+v26Tb2J+QpnP7wAZyFEe8HjF0BxtxsDz5So37sm6X0LITUMsMaRh5rLUBc1DdOVEYNHrQypvBTZ+Wh8P4e1cLj2//N36wHrLel9hp4/ZUEy0Em8LW6/ROEfg3VuB4xzCQj8kZ8WWQxoNVSbPGrU82VmbP+FXFKgxGSjj5gmBzU+o8DTEVkykpgdyhgsnCQfo+3q7sQP/9cHcYasqHk+nbO5Zwd1n8v24/v64rD16rwQjHRyzikX9GqK1A/3BJtQR3n/YmWZBSYxO7lo5S8xcIrY6FfOHm0gPeTIt/qYfQIGmP5teswdaftXyHOUJ7hmWW/yCDCQCPiuXwZkFBmjxqjZ1hyGSVgERCUaCwPrCWdfH4KVqwt8MLCkinU2jGMMmbGmJTo0DAYGpDAwekBh7M7s3DkSHnGadai9gn7BKTD2CX8LAJGR+9Lg0WMvBKX0P9u+mW8CTw8mdIxosYEAPwGp2rZH9m2O1M4+Ynk9dh1f3zDwLloYM HQENXRZN GwZOGg5TGGxBOIyQRc9o3GnGCg4HNhFjnIgY1FNdctmE1rzXwOYxtq99MBn88ZtpuUHEB2Q0RiC3m+/IMM5u50jA0kAWNMfj86ilCmPgpZcLPa29NdqYliBO9uzNdGAj/prNGUFvMTgShxKvC35Jbtp4Qu/r43eWM7WrIslMOVjUGqXm8qghwH5maX27y4PJjTn/Lf6qxUQw87U8UAB5f8Npp+75bzLjrWfsv+9Cc89WDbtUDzGS30DXaGsSYs+RofOLmprgYL66Roy9DP+fwLJB3rYny+ChZy1rC73zdiJ20yJCrh+0yR88JXkq3EVDA3rgiBAnC8y0mZOWPp3doGzQ42ZmiJ3jM5b5BPDZNrhwQJPyPMnz1xZGn30WsYumyCG4z X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: These commands can be used to create a transaction such that commands that update the reported TCB, such as SNP_SET_CONFIG/SNP_COMMIT, and updates to userspace-supplied certificates, can be handled atomically relative to any extended guest requests issued by any SNP guests while the updates are taking place. Without this interface, there is a risk that a guest will be given certificate information that does not correspond to the VCEK/VLEK used to sign a particular attestation report unless all the running guests are paused in advance, which would cause disruption to all guests in the system even if no attestation requests are being made. Even then, care is needed to ensure that KVM does not pass along certificate information that was fetched from userspace in advance of the guest being paused. This interface also provides some versatility with how similar firmware maintenance activity can be handled in the future without passing unnecessary management complexity on to userspace. Signed-off-by: Michael Roth --- Documentation/virt/coco/sev-guest.rst | 33 ++++++++++++++++++-- arch/x86/include/asm/sev.h | 4 +++ arch/x86/virt/svm/sev.c | 31 +++++++++++++++++++ drivers/crypto/ccp/sev-dev.c | 44 +++++++++++++++++++++++++++ include/uapi/linux/psp-sev.h | 12 ++++++++ 5 files changed, 122 insertions(+), 2 deletions(-) diff --git a/Documentation/virt/coco/sev-guest.rst b/Documentation/virt/coco/sev-guest.rst index 4f696aacc866..0426ebad7671 100644 --- a/Documentation/virt/coco/sev-guest.rst +++ b/Documentation/virt/coco/sev-guest.rst @@ -127,8 +127,6 @@ the SEV-SNP specification for further details. The SNP_GET_EXT_REPORT ioctl is similar to the SNP_GET_REPORT. The difference is related to the additional certificate data that is returned with the report. -The certificate data returned is being provided by the hypervisor through the -SNP_SET_EXT_CONFIG. The ioctl uses the SNP_GUEST_REQUEST (MSG_REPORT_REQ) command provided by the SEV-SNP firmware to get the attestation report. @@ -175,6 +173,37 @@ SNP_CONFIG command defined in the SEV-SNP spec. The current values of the firmware parameters affected by this command can be queried via SNP_PLATFORM_STATUS. +2.7 SNP_SET_CONFIG_START / SNP_SET_CONFIG_END +--------------------------------------------- +:Technology: sev-snp +:Type: hypervisor ioctl cmd +:Parameters (out): struct sev_user_data_snp_config_transaction +:Returns (out): 0 on success, -negative on error + +When requesting attestation reports, SNP guests have the option of issuing +an extended guest request which allows host userspace to supply additional +certificate data that can be used to validate the signature used to sign +the attestation report. This signature is generated using a key that is +derived from the reported TCB that can be set via the SNP_SET_CONFIG and +SNP_COMMIT ioctls, so the accompanying certificate data needs to be kept in +sync with the changes made to the reported TCB via these ioctls. + +To allow for this, SNP_SET_CONFIG_START can be issued prior to performing +any updates to the reported TCB or certificate data that will be fetched +from userspace. Any attestation report requests via extended guest requests +that are in-progress, or received after SNP_SET_CONFIG_START is issued, will +result in the guest receiving a GHCB-defined error message instructing it to +retry the request. Once the updates are completed on the host, +SNP_SET_CONFIG_END must be issued to resume normal servicing of extended +guest requests. + +In general, hosts should avoid having more than 1 outstanding +SNP_SET_CONFIG_{START,END} transaction in flight at any point in time, but +each ioctl will return a transaction ID in the response so the caller can +monitor whether the start/end ID both match. If they don't, the caller +should assume the transaction has been invalidated and retry the full update +sequence. + 3. SEV-SNP CPUID Enforcement ============================ diff --git a/arch/x86/include/asm/sev.h b/arch/x86/include/asm/sev.h index e84dd1d2d8ab..925578ad34e6 100644 --- a/arch/x86/include/asm/sev.h +++ b/arch/x86/include/asm/sev.h @@ -268,6 +268,8 @@ int psmash(u64 pfn); int rmp_make_private(u64 pfn, u64 gpa, enum pg_level level, int asid, bool immutable); int rmp_make_shared(u64 pfn, enum pg_level level); void snp_leak_pages(u64 pfn, unsigned int npages); +u64 snp_config_transaction_start(void); +u64 snp_config_transaction_end(void); #else static inline bool snp_probe_rmptable_info(void) { return false; } static inline int snp_lookup_rmpentry(u64 pfn, bool *assigned, int *level) { return -ENODEV; } @@ -280,6 +282,8 @@ static inline int rmp_make_private(u64 pfn, u64 gpa, enum pg_level level, int as } static inline int rmp_make_shared(u64 pfn, enum pg_level level) { return -ENODEV; } static inline void snp_leak_pages(u64 pfn, unsigned int npages) {} +static inline u64 snp_config_transaction_start(void) { return 0; } +static inline u64 snp_config_transaction_end(void) { return 0; } #endif #endif diff --git a/arch/x86/virt/svm/sev.c b/arch/x86/virt/svm/sev.c index 0f2e1ce241b5..fc9e1b7fc187 100644 --- a/arch/x86/virt/svm/sev.c +++ b/arch/x86/virt/svm/sev.c @@ -71,6 +71,11 @@ static DEFINE_SPINLOCK(snp_leaked_pages_list_lock); static unsigned long snp_nr_leaked_pages; +/* For synchronizing TCB updates with extended guest requests */ +static DEFINE_MUTEX(snp_transaction_lock); +static u64 snp_transaction_id; +static bool snp_transaction_pending; + #undef pr_fmt #define pr_fmt(fmt) "SEV-SNP: " fmt @@ -511,3 +516,29 @@ void snp_leak_pages(u64 pfn, unsigned int npages) spin_unlock(&snp_leaked_pages_list_lock); } EXPORT_SYMBOL_GPL(snp_leak_pages); + +u64 snp_config_transaction_start(void) +{ + u64 id; + + mutex_lock(&snp_transaction_lock); + snp_transaction_pending = true; + id = ++snp_transaction_id; + mutex_unlock(&snp_transaction_lock); + + return id; +} +EXPORT_SYMBOL_GPL(snp_config_transaction_start); + +u64 snp_config_transaction_end(void) +{ + u64 id; + + mutex_lock(&snp_transaction_lock); + snp_transaction_pending = false; + id = snp_transaction_id; + mutex_unlock(&snp_transaction_lock); + + return id; +} +EXPORT_SYMBOL_GPL(snp_config_transaction_end); diff --git a/drivers/crypto/ccp/sev-dev.c b/drivers/crypto/ccp/sev-dev.c index c5b26b3fe7ff..d81f86d2697a 100644 --- a/drivers/crypto/ccp/sev-dev.c +++ b/drivers/crypto/ccp/sev-dev.c @@ -2035,6 +2035,44 @@ static int sev_ioctl_do_snp_set_config(struct sev_issue_cmd *argp, bool writable return __sev_do_cmd_locked(SEV_CMD_SNP_CONFIG, &config, &argp->error); } +static int sev_ioctl_do_snp_set_config_start(struct sev_issue_cmd *argp, bool writable) +{ + struct sev_user_data_snp_config_transaction transaction = {0}; + struct sev_device *sev = psp_master->sev_data; + + if (!sev->snp_initialized || !argp->data) + return -EINVAL; + + if (!writable) + return -EPERM; + + transaction.id = snp_config_transaction_start(); + + if (copy_to_user((void __user *)argp->data, &transaction, sizeof(transaction))) + return -EFAULT; + + return 0; +} + +static int sev_ioctl_do_snp_set_config_end(struct sev_issue_cmd *argp, bool writable) +{ + struct sev_user_data_snp_config_transaction transaction = {0}; + struct sev_device *sev = psp_master->sev_data; + + if (!sev->snp_initialized || !argp->data) + return -EINVAL; + + if (!writable) + return -EPERM; + + transaction.id = snp_config_transaction_end(); + + if (copy_to_user((void __user *)argp->data, &transaction, sizeof(transaction))) + return -EFAULT; + + return 0; +} + static long sev_ioctl(struct file *file, unsigned int ioctl, unsigned long arg) { void __user *argp = (void __user *)arg; @@ -2095,6 +2133,12 @@ static long sev_ioctl(struct file *file, unsigned int ioctl, unsigned long arg) case SNP_SET_CONFIG: ret = sev_ioctl_do_snp_set_config(&input, writable); break; + case SNP_SET_CONFIG_START: + ret = sev_ioctl_do_snp_set_config_start(&input, writable); + break; + case SNP_SET_CONFIG_END: + ret = sev_ioctl_do_snp_set_config_end(&input, writable); + break; default: ret = -EINVAL; goto out; diff --git a/include/uapi/linux/psp-sev.h b/include/uapi/linux/psp-sev.h index f28d4fb5bc21..9deacb894b1e 100644 --- a/include/uapi/linux/psp-sev.h +++ b/include/uapi/linux/psp-sev.h @@ -31,6 +31,8 @@ enum { SNP_PLATFORM_STATUS, SNP_COMMIT, SNP_SET_CONFIG, + SNP_SET_CONFIG_START, + SNP_SET_CONFIG_END, SEV_MAX, }; @@ -214,6 +216,16 @@ struct sev_user_data_snp_config { __u8 rsvd1[52]; } __packed; +/** + * struct sev_user_data_snp_config_transaction - metadata for config transactions + * + * @id: the ID of the transaction started/ended by a call to SNP_SET_CONFIG_START + * or SNP_SET_CONFIG_END, respectively. + */ +struct sev_user_data_snp_config_transaction { + __u64 id; /* Out */ +} __packed; + /** * struct sev_issue_cmd - SEV ioctl parameters * From patchwork Sat Dec 30 17:23:51 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Roth X-Patchwork-Id: 13507025 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id A8F8FC46CD2 for ; Sat, 30 Dec 2023 17:34:34 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 415896B00B9; Sat, 30 Dec 2023 12:34:34 -0500 (EST) Received: by kanga.kvack.org (Postfix, from userid 40) id 3C21A6B016D; Sat, 30 Dec 2023 12:34:34 -0500 (EST) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 1EDD06B00DC; Sat, 30 Dec 2023 12:34:34 -0500 (EST) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0017.hostedemail.com [216.40.44.17]) by kanga.kvack.org (Postfix) with ESMTP id 083366B00AE for ; Sat, 30 Dec 2023 12:34:34 -0500 (EST) Received: from smtpin23.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay08.hostedemail.com (Postfix) with ESMTP id CB58E140304 for ; Sat, 30 Dec 2023 17:34:33 +0000 (UTC) X-FDA: 81624184026.23.16B23E1 Received: from NAM10-MW2-obe.outbound.protection.outlook.com (mail-mw2nam10on2055.outbound.protection.outlook.com [40.107.94.55]) by imf06.hostedemail.com (Postfix) with ESMTP id 8E0ED18000F for ; Sat, 30 Dec 2023 17:34:30 +0000 (UTC) Authentication-Results: imf06.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b=dEAGLnKo; spf=pass (imf06.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.94.55 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com; dmarc=pass (policy=quarantine) header.from=amd.com; arc=pass ("microsoft.com:s=arcselector9901:i=1") ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1703957670; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=FraUpaS9l6U3ZDvNj1uyAcaXSYZFmTy9tuFYu3AMFic=; b=MdNqon83ZZRSXwRSwDWqOroRlViQQNjvRAZa5kOaXU4WlmxCMx0YSjcEX00b6FXwNieTUi eeQkXbCdon6R1qoUyVu5/pQRkMBHVNWtTucPcUjzl+qQb7NuekIa/tHEjMLRvRQWdRRPza N+Tkyc3AOwnnBuMCXM9+Mk07Gp5xKBI= ARC-Seal: i=2; s=arc-20220608; d=hostedemail.com; t=1703957670; a=rsa-sha256; cv=pass; b=sP7zW8sv8S1fRCeqSsO47tK81Kj7bZJlYkD4g4WdyTGoMVMFRt+w8VUA+e/8pQqZiAg8Uc ogWqi0rK+/rpTlzgtCskyhB0PSCGhvspPXr4QuF6oENQhjdaDX/VhzNGweeTDyJ7HlaGXD YGNg/ECrlpuroHNFuBaOrXCKj4k2Wes= ARC-Authentication-Results: i=2; imf06.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b=dEAGLnKo; spf=pass (imf06.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.94.55 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com; dmarc=pass (policy=quarantine) header.from=amd.com; arc=pass ("microsoft.com:s=arcselector9901:i=1") ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=NpSyfscAP5ew+obYFDBjAj66rjGsPWXQNmJDz7XXxmvbhbaSVF0sjt+EQghCAqazXuzXxV4psY7560FF9W/KGMPAqStjk3DWhYMuR7urdauK1IV9jSeezlJo85mtmM5q5KVUZnh1kZEXUBWOGt0x7ub5s/9s1luJkYH58NvLJRhpO7+NLStDE+0wEAYabb9xM/njEY8MUBsRbUeHju5iytPTTngLoOSqBA71GfRKLwClamKs4fs/qrfWpWcajA8TJzhEtqKDwkvjfD0Q2wnHkaYHG5kxoZ+dBdwmgUZLpUwr4GQYJ7lb9MEWoeUcBlorJ0RIJveK6voLIw1Y2y0ofA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=FraUpaS9l6U3ZDvNj1uyAcaXSYZFmTy9tuFYu3AMFic=; b=Nds6MSzRtwMcms6RVWzjvlJMT3QbPIGPjbX4S+k+LvwAMwIiBxAf8pNxMuZWlqtoTiJJ87vMM9FYGs4LuG+siUAzf1jMI55PRhQEWPMaJh4cBW/GhZILGLcCGbBJe7gnM3jh6c8rUG3d011szPZNYZQysz46wV0BkmGoEn73eS3ZFZMHYY/hwb18QZTzvUMe3c/Xbdob+UxEk5GdJ/yyoZrXiJ+eLV5ElyZwlZNCImYWEp+++RiE0nAox1HmYitn3Ipk+FFtieFTECkJyhDEzDRlX22OhmSd5kmJx4JD+NzCqdIGy4FrE71G4gApGkCd8PvfDMUgUDLKWNrja93Zwg== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none (0) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=FraUpaS9l6U3ZDvNj1uyAcaXSYZFmTy9tuFYu3AMFic=; b=dEAGLnKouXyvBhboReYlHhJBzIFybiGTZ833vRMRI5xCdKYfx6EMz5DS6G0Kz2YGvvhJLVAA9mnPar+lV0fsnDkAc09EHWz6RQIvDvnfkP6KXgMYGOOByoPU27bsZJxqwVDa0TKEMyWvxGNVBm+X4a2gKZLXJANO2jiZpZaCDzU= Received: from MW4PR03CA0138.namprd03.prod.outlook.com (2603:10b6:303:8c::23) by IA1PR12MB8190.namprd12.prod.outlook.com (2603:10b6:208:3f2::7) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7135.22; Sat, 30 Dec 2023 17:34:26 +0000 Received: from CO1PEPF000044F4.namprd05.prod.outlook.com (2603:10b6:303:8c:cafe::91) by MW4PR03CA0138.outlook.office365.com (2603:10b6:303:8c::23) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7135.20 via Frontend Transport; Sat, 30 Dec 2023 17:34:26 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by CO1PEPF000044F4.mail.protection.outlook.com (10.167.241.74) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.7159.9 via Frontend Transport; Sat, 30 Dec 2023 17:34:25 +0000 Received: from localhost (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.34; Sat, 30 Dec 2023 11:34:24 -0600 From: Michael Roth To: CC: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , Subject: [PATCH v11 35/35] KVM: SEV: Provide support for SNP_EXTENDED_GUEST_REQUEST NAE event Date: Sat, 30 Dec 2023 11:23:51 -0600 Message-ID: <20231230172351.574091-36-michael.roth@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20231230172351.574091-1-michael.roth@amd.com> References: <20231230172351.574091-1-michael.roth@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: CO1PEPF000044F4:EE_|IA1PR12MB8190:EE_ X-MS-Office365-Filtering-Correlation-Id: 9cd22ee4-a4bf-4328-c24b-08dc095d91aa X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: k5yfa+1E6gwKsl/ZyGfXGW4lv+vEtMDIfxiKSVSKnwOqtrks7iC+0f4Z0ejoDqpWUhDXmreILOmv9Ozxz7ASMLBhojrV8QcV3EOsUSTQJZ9lASkwgmChYvSpRt+a8EeFrdWgfLl7pigkiaMMMos+ONtt0eJO6UQCW4gmCD+5maQevVRBD2OJ9gANhopLPqZ2NprXib5/jXqB8HwkwVUue30ef2trvTVTM4Sw1Ne2bxehKgAsNFWFHdHNA9/ypfmIAqWQUIFYbVg2GyTWc7U8P2CSYzuozpUTJQ7gI2ksJNLTkPNnnhjCcUpmd7/MWzcwQn6cLpA8xlHnisirnycU1wEugXYDnELEKFO/IOg+vvhzqJE8cxLkNc2c4fZ/9bm0/C64kvtm7ur3NsGJ+KTIon3VfoczlwERo+xs5tvUbE9uio5c760qP608CR5UqmwAFq35kF3uSRFnceFvtuSIQD9Zg3Wl/yU9A99HMJbISidB0tndQMx5igTnOy9rGLeabWKACeNQL0eLj5o5SlZkjh4nfzTuxouLOQXQFkmnr5Aa8aCdxnTL6IVJJnN0Jn2mvAMEHWGPt7kIszNMYOS1p4olAb22smRIcEV7SXfEqZs8mikoYN0fcflxxjFQxYM/vYiFdOkybaXliDMjoFs2p8zg/qrYwaibbIU31VU6tDJZj+8CwfXl3uoxVPIU0tk100YNrLjc2X1mhHM8VoqDZIQjidrCoOzC5TP//+srAg+2M1RRv+CnBzpgoY3YO/8ltG/Z/YkMJb6w+r7QbeqaNA== X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230031)(4636009)(136003)(39860400002)(376002)(346002)(396003)(230922051799003)(64100799003)(82310400011)(186009)(1800799012)(451199024)(40470700004)(36840700001)(46966006)(40460700003)(40480700001)(16526019)(426003)(336012)(1076003)(26005)(83380400001)(86362001)(36756003)(81166007)(356005)(82740400003)(47076005)(4326008)(44832011)(5660300002)(7416002)(7406005)(2616005)(36860700001)(6666004)(54906003)(8936002)(8676002)(70206006)(70586007)(316002)(6916009)(2906002)(41300700001)(478600001)(36900700001);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 30 Dec 2023 17:34:25.8700 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 9cd22ee4-a4bf-4328-c24b-08dc095d91aa X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: CO1PEPF000044F4.namprd05.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: IA1PR12MB8190 X-Rspamd-Queue-Id: 8E0ED18000F X-Rspam-User: X-Stat-Signature: x173tuc7hpeyn8ze4k7t87xirfjs83f7 X-Rspamd-Server: rspam03 X-HE-Tag: 1703957670-386384 X-HE-Meta: U2FsdGVkX1/bWYdl0I3ox4rqqQmk3d2g70FgZMfuiVdzeklhEyvLg2u2fmXozfpU8X5rf8EvNIfgm8ziS6Xnod2tQ3xYajjjy3vRckjWTXhwhudCVEYaruM3Ey6WSeIAHHRG6LVD6Wr2FUppysX+Bgno1sAOdnFzwBrmtBqNlKnhW/abUyKrNVXTeL7y2CH87pmbVRXiGpPztKHTQGYLLssZZIBLYXsjMeVfsmI0YtgMcYT/jHDKL8LArmze7Nkgv5nyGh6M6OcxWZCpEVvZH9+m1bWDvOBLrLWpV18er+Y7xfFML3121FyZf4koPoCHgBlLEHJctifwXNLLF13CvYLoAQTXqsA80tOZFkzHAFgWB53CcRXAhziiziAwKjxabKe/6FCfWYmjzT6gg103g80KnmCmj2d94viKIzv6WQzpJDCYHuUeLLtAUykmswmz907967wZhRqWfScC/iKbW2nlGP9nW7EpogTI+HKG7i5toBVyXGnX7PvcTX1AssNEvoX4CK0RHEG8hUP6XZMKpISnMIpXM/3VFpilMANKFZuY65ubmT8ulOlsmL6ne9eg8bypdz0eYdtwJqKaHxaquXKfCsIMbyImLpVfSaQiUBrdRhgUbkfBvo4XTFJd18Jb7oQmbFpkALgLlHpV1kboEPW05tR5OcYoObG8ztDHJMAESruIR14uMcZD+B6s7USn99NKYNTgwd/GwWreNaB91i/wI0D4uJzMuXFfnNbAYiOLu7/Zva/wtnShuUuf4yJZpBfdq0IvAA6ZOhqQd8ZAQfvqx37rUxUNWccGjzoIBEC74UDursR9HqPtC3CBaRTePldIZucqy7sIOfRzrn+UnoJuozQgkNEWgdrzPkm3UBlut3KNtFT9yOQKvPPZvQPZfeMBmV9lt0H4tW6Id9g+0RMs1XkaW3LhT0B9llqEmfawjxYYUor9szSUiDiVCnifaR8CtbT0h5PT9bzCKLa W2vubOJM wi36F3hI/I6q/RZa0ZIQQVx4R4wRajTa65C2S8HWJ6FuTGGZ7xqfu4BpMmO6uR9tF8sKqhUunnp4Qk9Cm7Dto1epYd4j4wZ0VdqwlyORkHX0Fl25eJXPO31KbFlhgcdXLUCqmDI6NrAYvs9rRXaW7rbAFdOPw6wqvefxXhbSJR3Gv4ch8HL3/9BDYFg1FNWCPY9RJaWBx8Trur/tnObwzDwCSYhoR1MCGuk2tyQiKNb7zFllVLQroPB2P+qC62jBPW3RjWAcL5ddFLExpj1gJG+v5TGeG8mpa0uXOa0QdMXmRaAoWNcEzQynj3HYTXzTvquNRN37whIhelADNsgXExw/Y7trJ6w1SYLJiUDo07bi/4PBLG2ubzPV18e7sOd6s1irr X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: Version 2 of GHCB specification added support for the SNP Extended Guest Request Message NAE event. This event serves a nearly identical purpose to the previously-added SNP_GUEST_REQUEST event, but allows for additional certificate data to be supplied via an additional guest-supplied buffer to be used mainly for verifying the signature of an attestation report as returned by firmware. This certificate data is supplied by userspace, so unlike with SNP_GUEST_REQUEST events, SNP_EXTENDED_GUEST_REQUEST events are first forwarded to userspace via a KVM_EXIT_VMGEXIT exit type, and then the firmware request is made only afterward. Implement handling for these events. Since there is a potential for race conditions where the userspace-supplied certificate data may be out-of-sync relative to the reported TCB that firmware will use when signing attestation reports, make use of the transaction/synchronization mechanisms added by the SNP_SET_CONFIG_{START,END} SEV device ioctls such that the guest will be told to retry the request when an update to reported TCB or userspace-supplied certificates may have occurred or is in progress while an extended guest request is being processed. Signed-off-by: Michael Roth --- Documentation/virt/kvm/api.rst | 26 ++++++++++++ arch/x86/include/asm/sev.h | 4 ++ arch/x86/kvm/svm/sev.c | 75 ++++++++++++++++++++++++++++++++++ arch/x86/kvm/svm/svm.h | 3 ++ arch/x86/virt/svm/sev.c | 20 +++++++++ include/uapi/linux/kvm.h | 6 +++ 6 files changed, 134 insertions(+) diff --git a/Documentation/virt/kvm/api.rst b/Documentation/virt/kvm/api.rst index 2a526b4f8e06..960e2153d468 100644 --- a/Documentation/virt/kvm/api.rst +++ b/Documentation/virt/kvm/api.rst @@ -7037,6 +7037,7 @@ values in kvm_run even if the corresponding bit in kvm_dirty_regs is not set. struct kvm_user_vmgexit { #define KVM_USER_VMGEXIT_PSC_MSR 1 #define KVM_USER_VMGEXIT_PSC 2 + #define KVM_USER_VMGEXIT_EXT_GUEST_REQ 3 __u32 type; /* KVM_USER_VMGEXIT_* type */ union { struct { @@ -7050,6 +7051,11 @@ values in kvm_run even if the corresponding bit in kvm_dirty_regs is not set. __u64 shared_gpa; __u64 ret; } psc; + struct { + __u64 data_gpa; + __u64 data_npages; + __u32 ret; + } ext_guest_req; }; }; @@ -7079,6 +7085,26 @@ private/shared state. Userspace will return a value in 'ret' that is in agreement with the GHCB-defined return values that the guest will expect in the SW_EXITINFO2 field of the GHCB in response to these requests. +For the KVM_USER_VMGEXIT_EXT_GUEST_REQ type, the ext_guest_req union type +is used. The kernel will supply in 'data_gpa' the value the guest supplies +via the RAX field of the GHCB when issued extended guest requests. +'data_npages' will similarly contain the value the guest supplies in RBX +denoting the number of shared pages available to write the certificate +data into. + + - If the supplied number of pages is sufficient, userspace should write + the certificate data blob (in the format defined by the GHCB spec) in + the address indicated by 'data_gpa' and set 'ret' to 0. + + - If the number of pages supplied is not sufficient, userspace must write + the required number of pages in 'data_npages' and then set 'ret' to 1. + + - If userspace is temporarily unable to handle the request, 'ret' should + be set to 2 to inform the guest to retry later. + + - If some other error occurred, userspace should set 'ret' to a non-zero + value that is distinct from the specific return values mentioned above. + 6. Capabilities that can be enabled on vCPUs ============================================ diff --git a/arch/x86/include/asm/sev.h b/arch/x86/include/asm/sev.h index 925578ad34e6..25f533827d62 100644 --- a/arch/x86/include/asm/sev.h +++ b/arch/x86/include/asm/sev.h @@ -270,6 +270,8 @@ int rmp_make_shared(u64 pfn, enum pg_level level); void snp_leak_pages(u64 pfn, unsigned int npages); u64 snp_config_transaction_start(void); u64 snp_config_transaction_end(void); +u64 snp_config_transaction_get_id(void); +bool snp_config_transaction_is_stale(u64 id); #else static inline bool snp_probe_rmptable_info(void) { return false; } static inline int snp_lookup_rmpentry(u64 pfn, bool *assigned, int *level) { return -ENODEV; } @@ -284,6 +286,8 @@ static inline int rmp_make_shared(u64 pfn, enum pg_level level) { return -ENODEV static inline void snp_leak_pages(u64 pfn, unsigned int npages) {} static inline u64 snp_config_transaction_start(void) { return 0; } static inline u64 snp_config_transaction_end(void) { return 0; } +static inline u64 snp_config_transaction_get_id(void) { return 0; } +static inline bool snp_config_transaction_is_stale(u64 id) { return false; } #endif #endif diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c index 05051e36926d..dda195999c42 100644 --- a/arch/x86/kvm/svm/sev.c +++ b/arch/x86/kvm/svm/sev.c @@ -3111,6 +3111,7 @@ static int sev_es_validate_vmgexit(struct vcpu_svm *svm) case SVM_VMGEXIT_PSC: case SVM_VMGEXIT_TERM_REQUEST: case SVM_VMGEXIT_GUEST_REQUEST: + case SVM_VMGEXIT_EXT_GUEST_REQUEST: break; default: reason = GHCB_ERR_INVALID_EVENT; @@ -3618,6 +3619,77 @@ static void snp_handle_guest_req(struct vcpu_svm *svm, gpa_t req_gpa, gpa_t resp ghcb_set_sw_exit_info_2(svm->sev_es.ghcb, SNP_GUEST_ERR(vmm_ret, fw_err)); } +static int snp_complete_ext_guest_req(struct kvm_vcpu *vcpu) +{ + struct vcpu_svm *svm = to_svm(vcpu); + struct vmcb_control_area *control; + struct kvm *kvm = vcpu->kvm; + sev_ret_code fw_err = 0; + int vmm_ret; + + vmm_ret = vcpu->run->vmgexit.ext_guest_req.ret; + if (vmm_ret) { + if (vmm_ret == SNP_GUEST_VMM_ERR_INVALID_LEN) + vcpu->arch.regs[VCPU_REGS_RBX] = + vcpu->run->vmgexit.ext_guest_req.data_npages; + goto abort_request; + } + + control = &svm->vmcb->control; + + if (!__snp_handle_guest_req(kvm, control->exit_info_1, control->exit_info_2, + &fw_err)) + vmm_ret = SNP_GUEST_VMM_ERR_GENERIC; + + /* + * Give errors related to stale transactions precedence to provide more + * potential options for servicing firmware while guests are running. + */ + if (snp_config_transaction_is_stale(svm->snp_transaction_id)) + vmm_ret = SNP_GUEST_VMM_ERR_BUSY; + +abort_request: + ghcb_set_sw_exit_info_2(svm->sev_es.ghcb, SNP_GUEST_ERR(vmm_ret, fw_err)); + + return 1; /* resume guest */ +} + +static int snp_begin_ext_guest_req(struct kvm_vcpu *vcpu) +{ + int vmm_ret = SNP_GUEST_VMM_ERR_GENERIC; + struct vcpu_svm *svm = to_svm(vcpu); + unsigned long data_npages; + sev_ret_code fw_err; + gpa_t data_gpa; + + if (!sev_snp_guest(vcpu->kvm)) + goto abort_request; + + data_gpa = vcpu->arch.regs[VCPU_REGS_RAX]; + data_npages = vcpu->arch.regs[VCPU_REGS_RBX]; + + if (!IS_ALIGNED(data_gpa, PAGE_SIZE)) + goto abort_request; + + svm->snp_transaction_id = snp_config_transaction_get_id(); + if (snp_config_transaction_is_stale(svm->snp_transaction_id)) { + vmm_ret = SNP_GUEST_VMM_ERR_BUSY; + goto abort_request; + } + + vcpu->run->exit_reason = KVM_EXIT_VMGEXIT; + vcpu->run->vmgexit.type = KVM_USER_VMGEXIT_EXT_GUEST_REQ; + vcpu->run->vmgexit.ext_guest_req.data_gpa = data_gpa; + vcpu->run->vmgexit.ext_guest_req.data_npages = data_npages; + vcpu->arch.complete_userspace_io = snp_complete_ext_guest_req; + + return 0; /* forward request to userspace */ + +abort_request: + ghcb_set_sw_exit_info_2(svm->sev_es.ghcb, SNP_GUEST_ERR(vmm_ret, fw_err)); + return 1; /* resume guest */ +} + static int sev_handle_vmgexit_msr_protocol(struct vcpu_svm *svm) { struct vmcb_control_area *control = &svm->vmcb->control; @@ -3882,6 +3954,9 @@ int sev_handle_vmgexit(struct kvm_vcpu *vcpu) snp_handle_guest_req(svm, control->exit_info_1, control->exit_info_2); ret = 1; break; + case SVM_VMGEXIT_EXT_GUEST_REQUEST: + ret = snp_begin_ext_guest_req(vcpu); + break; case SVM_VMGEXIT_UNSUPPORTED_EVENT: vcpu_unimpl(vcpu, "vmgexit: unsupported event - exit_info_1=%#llx, exit_info_2=%#llx\n", diff --git a/arch/x86/kvm/svm/svm.h b/arch/x86/kvm/svm/svm.h index a56109e100ac..a2ac6dc3a79a 100644 --- a/arch/x86/kvm/svm/svm.h +++ b/arch/x86/kvm/svm/svm.h @@ -307,6 +307,9 @@ struct vcpu_svm { /* Guest GIF value, used when vGIF is not enabled */ bool guest_gif; + + /* Transaction ID associated with SNP config updates */ + u64 snp_transaction_id; }; struct svm_cpu_data { diff --git a/arch/x86/virt/svm/sev.c b/arch/x86/virt/svm/sev.c index fc9e1b7fc187..fee273a84030 100644 --- a/arch/x86/virt/svm/sev.c +++ b/arch/x86/virt/svm/sev.c @@ -542,3 +542,23 @@ u64 snp_config_transaction_end(void) return id; } EXPORT_SYMBOL_GPL(snp_config_transaction_end); + +u64 snp_config_transaction_get_id(void) +{ + return snp_transaction_id; +} +EXPORT_SYMBOL_GPL(snp_config_transaction_get_id); + +bool snp_config_transaction_is_stale(u64 id) +{ + bool stale = false; + + mutex_lock(&snp_transaction_lock); + if (snp_transaction_pending || + id != snp_transaction_id) + stale = true; + mutex_unlock(&snp_transaction_lock); + + return stale; +} +EXPORT_SYMBOL_GPL(snp_config_transaction_is_stale); diff --git a/include/uapi/linux/kvm.h b/include/uapi/linux/kvm.h index e0599144387b..fe8994b95de9 100644 --- a/include/uapi/linux/kvm.h +++ b/include/uapi/linux/kvm.h @@ -170,6 +170,7 @@ struct kvm_xen_exit { struct kvm_user_vmgexit { #define KVM_USER_VMGEXIT_PSC_MSR 1 #define KVM_USER_VMGEXIT_PSC 2 +#define KVM_USER_VMGEXIT_EXT_GUEST_REQ 3 __u32 type; /* KVM_USER_VMGEXIT_* type */ union { struct { @@ -183,6 +184,11 @@ struct kvm_user_vmgexit { __u64 shared_gpa; __u64 ret; } psc; + struct { + __u64 data_gpa; + __u64 data_npages; + __u32 ret; + } ext_guest_req; }; };