From patchwork Fri Apr 19 12:57:47 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Paluri, PavanKumar" X-Patchwork-Id: 13636350 Received: from NAM10-BN7-obe.outbound.protection.outlook.com (mail-bn7nam10on2056.outbound.protection.outlook.com [40.107.92.56]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id E37BA4D137 for ; Fri, 19 Apr 2024 12:58:31 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=fail smtp.client-ip=40.107.92.56 ARC-Seal: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1713531513; cv=fail; b=JFhFXDAXAtsAqUFQEBsDIunAs6+pV8tf8SqgPA7/OMsLH668fABSV5w6Flhm8veJ3b276TWE6ypS4M7/zx4B5vbMNzeyVcZKy3snEbwf190zjPooJ03h9uup8gwWFQwpVDQnCdUa4xPoq2s9BBYO+q9wUSp8fNdGFO6wi1qAlPI= ARC-Message-Signature: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1713531513; c=relaxed/simple; bh=MWPkL+iS0ocZhF6WRsVQ1ADM9sE4GrWZr6LPROuR94I=; h=From:To:CC:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=g2e2HBPq9fAKpxP9XV0PJASJX+fFl4FMQ1tDOkfuJL2Ik14i5dZ8ffg077iWRdGbC54Aeg5jxqhSGJsfHo8mcvmIU6k6SSafc8SjzgjSooYIQcFb+HP9CMid7c7XqZ/PC4NzBy7C+uKVtHT3Wvw0Af/slwNADJrUSklUYNHJeYQ= ARC-Authentication-Results: i=2; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com; spf=fail smtp.mailfrom=amd.com; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b=BKMx1iiV; arc=fail smtp.client-ip=40.107.92.56 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com Authentication-Results: smtp.subspace.kernel.org; spf=fail smtp.mailfrom=amd.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b="BKMx1iiV" ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=bTGHOL+pvVR7RT/cW9nTEfA8A0sM+cK9yGhDJzHuKW47CB1KZ02BnWId6MVPMACDZoVl3yGy4QMCdUV1JX+l27F7cvVLAfIiSeBqykvrOttajBcrfENN1xm3bkZM5ru1CgR4Th2DdTpq4mkuZUfNp8UfXAgJ6iRlO3FEAGIsgr2VbUKK8E5A4BNusQCFaw8AB8xPa/KP4CSPI0kXDr32fFwobtmb62tc0hkDOOvo2IsRDwvOd88Ah3xJmMIvtuZMZJZbmPFx1jUQYB7WVMb+iZjmdYvlFheBlAsZXp75VSirNvrfbBhfhnhqJF/opWbxjbUjhXChZJnC8jffhOaTwg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=LlgVMKaLpMaWyncrPGC59yU6ro+G1mB5s3dSNKwkVXk=; b=ktgmHaXNOwjbsqrBR2xMt/NYbqY4oZ+qQu1V+SYJXzHcZ8gWGTEfNSaoDnVpy41Rrs4O1TGoQKNmZJat+aYN3Cy9W36G1/nQFEZGNdsUHs05wkF0o4/XTwlqLsf/jT5lrMMj6LqabjEgPzRhV3pzyHroALVDKCbPHa+MHIjREfMWPJiypDtFVnFjLvilMDBLczkl2GMb5Pc9dcTBwBJ/2XX8GM9yLjtM0Q2kZN8VFpfbWfnv6pTyFULzBL5pFnmZ6spqKyKofNkhpG8ROsywGxTn9AMp/PXNOTKFbm2quWke3K0mBeKk/88jmixPJ4SPheBdGIYYUb2qU8UT9fj5XA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none (0) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=LlgVMKaLpMaWyncrPGC59yU6ro+G1mB5s3dSNKwkVXk=; b=BKMx1iiV3SjJeYe7l/waf6I+gfQS9Ng/CU5ZRVi90LF8RGzFfz/t21/P5boE7ygkil0bSN2jhlhGTunXdmz4hdtZxMGq5SZuNR+v0FCOqPywCPDA3y0FwCryHz4Okvba4rgPzS3U9+eh+E63XbrBUqbGiYhP7oBM1vrRA+/2eL4= Received: from SA0PR12CA0015.namprd12.prod.outlook.com (2603:10b6:806:6f::20) by PH7PR12MB8828.namprd12.prod.outlook.com (2603:10b6:510:26b::17) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7472.43; Fri, 19 Apr 2024 12:58:25 +0000 Received: from SN1PEPF00036F3F.namprd05.prod.outlook.com (2603:10b6:806:6f:cafe::cb) by SA0PR12CA0015.outlook.office365.com (2603:10b6:806:6f::20) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7495.30 via Frontend Transport; Fri, 19 Apr 2024 12:58:25 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by SN1PEPF00036F3F.mail.protection.outlook.com (10.167.248.23) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.7452.22 via Frontend Transport; Fri, 19 Apr 2024 12:58:25 +0000 Received: from ethanolx16dchost.amd.com (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.35; Fri, 19 Apr 2024 07:58:24 -0500 From: Pavan Kumar Paluri To: CC: Paolo Bonzini , Sean Christophersen , Michael Roth , Tom Lendacky , Pavan Kumar Paluri , "Kim Phillips" , Vasant Karasulli Subject: [kvm-unit-tests RFC PATCH 01/13] x86/apic: Include asm/io.h and use those definitions to avoid duplication Date: Fri, 19 Apr 2024 07:57:47 -0500 Message-ID: <20240419125759.242870-2-papaluri@amd.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20240419125759.242870-1-papaluri@amd.com> References: <20240419125759.242870-1-papaluri@amd.com> Precedence: bulk X-Mailing-List: kvm@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: SN1PEPF00036F3F:EE_|PH7PR12MB8828:EE_ X-MS-Office365-Filtering-Correlation-Id: c3b168c2-d954-4263-385d-08dc607066ae X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: nzXLRBt99XC4YyW7lh0CGMECXWgQNiuT7byzWd5dJ4NCmWdi1pa701LHalB80IoAhZdijKLowRyr59VOhekMv3puAYFRCHtLCOGAiwhGt0tKf+QRTqMSv5f0vYE4oEklWI2T5BBiDKBf2ZbtNHbD4AFOUgBkQFGIxQe759NZlFobiJjTshZS9AiOh42ImlYPfAmNN5XaIksM9JXa0jIKFerTPSY/xHKYCvPlYGpk/iiejWz4zQ4a4tzWelCWJvKyztyfSkXTNkYr9Ek/7LH6f2LyYvuQk6A1oOFyqMF+94bs1S3w2+PSP4g1JrfKSyFrDMhIxRCTbwaRJ8dTI+dUsh01twgjBlWmgy5+pnIKxepoYAAvVgOHGd0dFI45p/d3SdlnJucFZMNRCcuVb24HGIXxxQ7mo3MtUg2koy6JwzsuayOHQv/x6WGf6xvnuaBkTUIoQLu4Rx0yQKrBUaG7B94x1c3UeXsO6lTm26QK7gSaWvKmEXhxD27OfJJ4cmu+1eJZ00YGQZssL44f4YV28OQL83JVsh8zYjpzyr0QwEnMjX+qHuNfaQS+gxk58D9l3VFEPxWfJMg6riI8jQ1nZNhIy7c5BLV451gWrja7ZIDDWnW6qUoiyoT9xk2rEEY2K8YkL/xA4GNmI4Ft+oYWJGeovj4NelCBapKCs7Z5IIiF4Isw9Yr+kiMcRPUpmD61j24EnL+dDkyfTtE40ieGr+w6+d4Acil1GT+PRgm2EE/dW6qAG0QWcWvvzhBMA4t1TrJZMBgk5SKdLcbZrCmykLfIK4xsIDsIa1gEXfbfKVbYenWnsIJykHwTQsHBhRyDkMELhofIv/Tu16MaNS0/fWUDnakhbCS6cq9L3s9yCzaFNWAOdp47IdZOif+tkTENIJbvPOmKPB3drKJ+7hpS+nJIbJTlNUsfpaEyDZib3fiQOQR6CV+b1ACOwfgJ/1Qzl101tam8MzKuSAqRPewO0tVqlQRdU7psq4YvLhdmT78phe9XX8AuaY1x+lHL5Xmks72dUCiTD6Uq3F/xW/E/gXBg7rLVOcYkce1L2RIxiGqrcbd+3hrvHIJ0XK9qXpY/9NKoEKijFnj+PNtv0RTCBY/s8B962JavUdxesqGQM4vnxlNE5E9ILuEBH2duin/fEOLad6+UBG5qvmfja90gIbjjDZr6rLQPX50TVCzFJ+4WD7rxiEx/XTXQ/ui0mSvtVcTHbZ1Q9fxEHevFVQ3C8CS+C0jnUsWg3iKTvD/ObTy99IOuwHWS9oo7WRk25ycHjsX+FUiqDgVmHkKQ5k8pzroAmMusAH37JfwRlsJvIkyTf4jEUhyZkANfhmf7CPf5c9gO2gCppBjSdunCkakNHzQtwTdus/eNkPvPwiSmhC0= X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230031)(36860700004)(82310400014)(376005)(1800799015);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 19 Apr 2024 12:58:25.3658 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: c3b168c2-d954-4263-385d-08dc607066ae X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: SN1PEPF00036F3F.namprd05.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: PH7PR12MB8828 To avoid duplication, use outb() definition from asm/io.h. No functional change has been introduced in this patch. Signed-off-by: Pavan Kumar Paluri --- lib/x86/apic.c | 6 +----- 1 file changed, 1 insertion(+), 5 deletions(-) diff --git a/lib/x86/apic.c b/lib/x86/apic.c index 0d15147677dd..ed22820784cf 100644 --- a/lib/x86/apic.c +++ b/lib/x86/apic.c @@ -4,6 +4,7 @@ #include "processor.h" #include "smp.h" #include "asm/barrier.h" +#include "asm/io.h" /* xAPIC and I/O APIC are identify mapped, and never relocated. */ static void *g_apic = (void *)APIC_DEFAULT_PHYS_BASE; @@ -23,11 +24,6 @@ static struct apic_ops *get_apic_ops(void) return this_cpu_read_apic_ops(); } -static void outb(unsigned char data, unsigned short port) -{ - asm volatile ("out %0, %1" : : "a"(data), "d"(port)); -} - void eoi(void) { apic_write(APIC_EOI, 0); From patchwork Fri Apr 19 12:57:48 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Paluri, PavanKumar" X-Patchwork-Id: 13636351 Received: from NAM02-BN1-obe.outbound.protection.outlook.com (mail-bn1nam02on2086.outbound.protection.outlook.com [40.107.212.86]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 497424D137 for ; Fri, 19 Apr 2024 12:58:43 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=fail smtp.client-ip=40.107.212.86 ARC-Seal: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1713531524; cv=fail; b=nbwmJJhz5gk+LS6R3Wpnf2F9HrVg8srZcgpr5H5EzS55hLO7BOoDN6vA+x1Gdq+HmMwI72qCSVd8BfQC9u9kGDSTm0+3FHG7k/AIO6yz1OSKmuWoqAJkrF61DLqOvCTEAnkbx2sd/TpPJZtZToewbURLTR4MdUkQWuZ2vluwyiw= ARC-Message-Signature: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1713531524; c=relaxed/simple; bh=ZJE4COtvIJin7nKxZa6VUvqFMX76d6XYW5gE0Yc5qyY=; h=From:To:CC:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=MF6yiRmZmqgxUH0/RfQLYATVqB1up3CrTtal9xojOH1MUjLduVQOnH2+zDb8ktSz+jb/SK9cehbHenBvFHEaOyy25HQOb+K4ie7UQxdtzGws424tVsIjgn8bl9+dL8w7lZHhveZi/fZ8CDYRf4Wku2lIx80CR0qGlVE1e23SYww= ARC-Authentication-Results: i=2; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com; spf=fail smtp.mailfrom=amd.com; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b=YoXcAM0C; arc=fail smtp.client-ip=40.107.212.86 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com Authentication-Results: smtp.subspace.kernel.org; spf=fail smtp.mailfrom=amd.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b="YoXcAM0C" ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=bhfGzt4Uv0pTfbyL8LITQE9Lh6CJHiciHqaEYzAIm5tyJpeuwmdNkutdXSU8XYeKsyfE02wsuNpeIHTZj13K4tBlbyEOhpwUQBfXSm8xV5AvIF8OIxAzCbc8bNje2YhiES391IGcyGiHXZANFjjegXyCuZLrwEGKXq2fXuRDSZxgeHTaePZZ0kWTnm76dn1jRoi0kvwaL875e+ItDHTrisDnHLKrfBSOwcqwcqgryJ+BRGhcBQYFVhRE2U3a6S9pcUhhTfQCDew8ZysAyMBts+LiP02xxxijcxiyugGwPqp6KPejG4kE6SpamQK4ah+Xc7iH71EN5v5FZtTTvUbdLQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=5kTICRnIRkUmgxu22iyii6DumxThLJSh/trAtDvNaKc=; b=Pv4IL/r+lzldyHyfWIJtnk+sdlpKg+t6UtIdxn20DGSwaXeWfrlHhOf0lzR7+kVWYYQw8Iioz/1xJSRnxDjt0R0Wv/Q40a2qejVDXPHIn3kx0rYo6hJrG7VD2QpL8x8XD2IDNqws++CvRY5dMR00JgR4toKChc59+lS00/sMoZuJ56vWu7VJEl7Fn4y2x4kVuMhfch4DSiRGXmmTnSS8zhCEc0SMZnUMay8dESDX3j+cXpDCtX9aUt6ZU2tn2GOCHJCxdNN21hTjca9y6fpaxZWkunxE8j4sW1viSrhFiEYknBRxNGAgTP39fUv5uan37JX/nXxIuSk7gaVcg7jTQw== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none (0) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=5kTICRnIRkUmgxu22iyii6DumxThLJSh/trAtDvNaKc=; b=YoXcAM0Cv3X7+wD8gA03YVpQXVha+bNnqxBmykKoiwFNV1UJpOwslrQeSSa0o580x1P1pLuKm9BiR1hPcvN7DeEBmrVuS0mT4W7JIcYcvb5+17GeYv53XfdQYg2QCnV6sFuFGBXalPw7QKCcziMGbRqWWf0avXn4gG+Mt9GkIYQ= Received: from SN1PR12CA0074.namprd12.prod.outlook.com (2603:10b6:802:20::45) by SJ1PR12MB6337.namprd12.prod.outlook.com (2603:10b6:a03:456::20) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7472.43; Fri, 19 Apr 2024 12:58:36 +0000 Received: from SN1PEPF00036F40.namprd05.prod.outlook.com (2603:10b6:802:20:cafe::c8) by SN1PR12CA0074.outlook.office365.com (2603:10b6:802:20::45) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7495.30 via Frontend Transport; Fri, 19 Apr 2024 12:58:36 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by SN1PEPF00036F40.mail.protection.outlook.com (10.167.248.24) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.7452.22 via Frontend Transport; Fri, 19 Apr 2024 12:58:36 +0000 Received: from ethanolx16dchost.amd.com (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.35; Fri, 19 Apr 2024 07:58:35 -0500 From: Pavan Kumar Paluri To: CC: Paolo Bonzini , Sean Christophersen , Michael Roth , Tom Lendacky , Pavan Kumar Paluri , "Kim Phillips" , Vasant Karasulli Subject: [kvm-unit-tests RFC PATCH 02/13] x86/apic: Add MMIO access support for SEV-ES/SNP guest with C-bit unset Date: Fri, 19 Apr 2024 07:57:48 -0500 Message-ID: <20240419125759.242870-3-papaluri@amd.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20240419125759.242870-1-papaluri@amd.com> References: <20240419125759.242870-1-papaluri@amd.com> Precedence: bulk X-Mailing-List: kvm@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: SN1PEPF00036F40:EE_|SJ1PR12MB6337:EE_ X-MS-Office365-Filtering-Correlation-Id: fd974885-6afb-4407-10fc-08dc60706d17 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: oLcocU1QEnUtYEiSAUaOPf07+6utsXxyT8aaY4O/oA+TKMIG7C5L809ILNG5PhJB79kvbYg+I53tALNy3yQNPtbQPYKppta0bhPh3DfRz1j5DMZyBVqQp64IOd2g5yBkRIAAWmfYTMsBWde76Z5DY/NWRU9s3U9aNyOZWfOIHWqRGwVx43N2SC4YDo/7KynawwbdYdlvvupUOxWfE4rfc/KDH1AJSf9Jrkb+QpzHYkIXEyxjACu7D1/vh6PEKB27yiFXVMxq6vYs23M3jDYw1ZtkX+rZ82LunUp42QR+L8FlB9Q1OjYvhIOMvb+X9fAbplgpfyx6XiAr/1Pw1nVRlOZycP5qnVn32WO+AnKLgmpYPjllaVd++DxY6TRepoIRGgMMW3vTaQF8Fdm5W+cC292CwPfNMJDlaWk5bXojI08EG6yOAiWo1iivNMUpQHxCgX6pIdGxJZeKkHA7nCtVGKbxCwm4cTEWfNJOX0hP7DUHMSxoh+rQI9lpFx4vpopecZMEnTCvzMpGUFB85EaVGbWacUhrLr6EbcVcgDbnkttT+vGpEqpCZoIHHGjSc/dOAs7+bhU40Nb4+HAdR5RLKPcjo0nx0rFOb6qT3JuLzKwgh9yRvwIX8/JT1lMjaq7Cy9vpiRbUBGKm4rQWWEoZwfkH4NrIwTYNla2btfXPEebG3cwowB0ndIgbwbbpPlsHqatFLO1y7bqBAp088Rc1t0pJI5DRg8wH5w2rHCw9VThASILobEyBDMztEreaWqe0 X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230031)(82310400014)(376005)(1800799015)(36860700004);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 19 Apr 2024 12:58:36.1349 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: fd974885-6afb-4407-10fc-08dc60706d17 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: SN1PEPF00036F40.namprd05.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: SJ1PR12MB6337 MMIO access to APIC's private GPA with C-bit set that is not backed by memslots is no longer treated as MMIO access and is treated as an invalid guest access. So unset the C-bit on APIC page for it to be treated as a valid MMIO access. This applies to both SEV-ES/SNP guests. Signed-off-by: Pavan Kumar Paluri --- lib/x86/apic.c | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/lib/x86/apic.c b/lib/x86/apic.c index ed22820784cf..c6305e996a35 100644 --- a/lib/x86/apic.c +++ b/lib/x86/apic.c @@ -5,6 +5,8 @@ #include "smp.h" #include "asm/barrier.h" #include "asm/io.h" +#include "amd_sev.h" +#include "x86/vm.h" /* xAPIC and I/O APIC are identify mapped, and never relocated. */ static void *g_apic = (void *)APIC_DEFAULT_PHYS_BASE; @@ -233,7 +235,17 @@ void set_irq_line(unsigned line, int val) void enable_apic(void) { + pteval_t *pte; + printf("enabling apic\n"); + + if (amd_sev_es_enabled()) { + pte = get_pte((pgd_t *)read_cr3(), + (void *)APIC_DEFAULT_PHYS_BASE); + + *pte &= ~(get_amd_sev_c_bit_mask()); + } + xapic_write(APIC_SPIV, 0x1ff); } From patchwork Fri Apr 19 12:57:49 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Paluri, PavanKumar" X-Patchwork-Id: 13636352 Received: from NAM11-CO1-obe.outbound.protection.outlook.com (mail-co1nam11on2062.outbound.protection.outlook.com [40.107.220.62]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 9282C8614B for ; Fri, 19 Apr 2024 12:58:51 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=fail smtp.client-ip=40.107.220.62 ARC-Seal: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1713531533; cv=fail; b=IkzRJg5ip9jmsfMI9Qb8TtSkcog8bTS1tVGlgQzeemtLRqQX/Jrkv8RkoY0/RytXDduzHnG1AIDEa3fyARmjbDU71IsoIdAEEa4ntF82NTvHLwKutMzqHQnvGwUFOqv2NrorViGZyhEBoquR+AbVGmPoUW0t9rYRtM80M1ecw+4= ARC-Message-Signature: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1713531533; c=relaxed/simple; bh=EmQw97ZmKB7w80SRaOVJWdgNDLnX47yoYqVxPMtH0ac=; h=From:To:CC:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=aIYO56693BXdm29POXqmBaHIFQTpAc+/7xTqNrTwXOj3OYhCqVs7b5n89AsFNqIq8RkUmx71uUpbAfP2gnotGY0kKCHHjO6bN+tPGbNEINGi98gLYH+ktrUiNZf13SuQrazbEFD1hCGt4Bsgb7rcqfMW5hCGQEBKBrL0NJJeeVY= ARC-Authentication-Results: i=2; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com; spf=fail smtp.mailfrom=amd.com; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b=KG6TWJYD; arc=fail smtp.client-ip=40.107.220.62 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com Authentication-Results: smtp.subspace.kernel.org; spf=fail smtp.mailfrom=amd.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b="KG6TWJYD" ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=PnfzJYtpNZccPOn0a5BceuO+zvcaeaaIYy+jZY58AVEmuurCZhnf8uSlVv6fPAd83yA1yS7qcMin34/Vg0Bs0iClDTZmcSL9HHgA+6qqvZXXzpEaF6VGXgKPvkfaIUlkYRtaXCbifb8OLszyf4y/njDhWVjsVeLxn0JMAb4J6YFZrCqiXAcirAT2RGzukSL5iJfeoKHNRjHr8Rek9tgutC3nQpO//fzG8cMAql7kOtrvU21q2WImvgabfDWtdqNm6gnv5DHJVHtZkyiQ9dBjHJAUW1dPJspDq3agAJVctB8V3kLJUgocMU0pFf90jU3ez349yCdnBly/k+tyGRLN7g== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=2yxU24CPJJ09EFwR2j/K6gYXPa6xyy5vNC3SwGPiFM0=; b=T4nH3bk290uMkYTXeNz6d4Qt57hJ0WWZS8wjl+IqiebmMmxeLV6IFelAeqyJIx+/dKSeZqVUBRixNmMUoNoYzo1k6qE1K9luqKpey2YKL3FBTMuAOsIQi+k8jOpNUu432s9Zm3C2kSnT0vrbtGOsSrAXnVCr33hYjcplyRyJkmI69KcdHJA6C71bH3zyFjvhjbcSlq6QFn/jvwdNpzpKze13fXdl0KQnC0VknqUJiZWPXS9EWiSUyfREsN7ipHJlKR5G8T4aKm6nHvIOJO7aQowuryU8/qzjRFFpshcj4Qg3YUYGnp9rS5nNti5esgataK8f98hZJBaVhCAqzRPYnw== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none (0) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=2yxU24CPJJ09EFwR2j/K6gYXPa6xyy5vNC3SwGPiFM0=; b=KG6TWJYDlxZEo093ZJ2R71egVtZ/rwbDIaO5XvKT31JsLqvDkNtgmK/QnhXgt7JrSzS0COyc8Dlbz6+W4ZG6NxKJR6tLMh+H1kT+t1xxPotEc7TT1hK9yJq4a7nPxH0keLhn3A9qVVjPwB5jvvh7tf0sHiVrnb/zPNWB4+7lfOU= Received: from BYAPR01CA0021.prod.exchangelabs.com (2603:10b6:a02:80::34) by CY8PR12MB7265.namprd12.prod.outlook.com (2603:10b6:930:57::5) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7472.43; Fri, 19 Apr 2024 12:58:48 +0000 Received: from SN1PEPF00036F42.namprd05.prod.outlook.com (2603:10b6:a02:80:cafe::79) by BYAPR01CA0021.outlook.office365.com (2603:10b6:a02:80::34) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7495.23 via Frontend Transport; Fri, 19 Apr 2024 12:58:47 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by SN1PEPF00036F42.mail.protection.outlook.com (10.167.248.26) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.7452.22 via Frontend Transport; Fri, 19 Apr 2024 12:58:46 +0000 Received: from ethanolx16dchost.amd.com (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.35; Fri, 19 Apr 2024 07:58:46 -0500 From: Pavan Kumar Paluri To: CC: Paolo Bonzini , Sean Christophersen , Michael Roth , Tom Lendacky , Pavan Kumar Paluri , "Kim Phillips" , Vasant Karasulli Subject: [kvm-unit-tests RFC PATCH 03/13] x86/efi: Add support for running tests with UEFI in SEV-SNP environment Date: Fri, 19 Apr 2024 07:57:49 -0500 Message-ID: <20240419125759.242870-4-papaluri@amd.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20240419125759.242870-1-papaluri@amd.com> References: <20240419125759.242870-1-papaluri@amd.com> Precedence: bulk X-Mailing-List: kvm@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: SN1PEPF00036F42:EE_|CY8PR12MB7265:EE_ X-MS-Office365-Filtering-Correlation-Id: 40e58311-33ca-43ad-34a1-08dc6070737b X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: BSHu3b+7Mg4v0V/IfoVpn3BI4pfw74jSJBD9XVZl3T0x4NClEkiFhNnz2XzipBYrNbZwlBGYHk4VBVae7BlNJw6cTWx8YECAC6q8mi+tkMe+AN/3EhUQwN5hWL3kBF2n4Wr6mbZ4VX8gj9+2vgaM4d6rB9a4/U/8uNFtdzREKhWMVM8jpy2owFERC1Mlf4sNh8/QDsdFL579vqiod8fDly1c5L8IWw4mMut3olmYt7ln0nRvxzCxq6fQI5e8J114emBuYb97CIZ6QONeOAlmFSkr+JvAphdv9VXvg2mK89h0pWxOYfIYDv2iRiO6CePpNpmvOWjpCe8xcOp8iwMnDLGQY45RBX6A2kn4BLjXA0i9rVwcXc065sjvnNWlllgoCpXH6lKSWMWp9HPls9RZqFWaIyrQAtcDRBkti3meXsHeITNrrWG1ERLeq58JPayCgkzhgEz0Do9HtzSK/NMzFffI3LTUvffJeO/GB/yZAuI6pa+WRRj5AfogPTQFah/HlTbw/U8DVHHwhafdJE19y4KghgSKtyghQ1BXeuQJgqJeq19Cu2SZAEw+qeeN9eJEtFqTa6jgZdB26FYubdNUtpfs0KJE9tM9UCDbF47Er6sEj0hiNVZxvbGmq/fIteWsjUyvMKkZVoW10/29WlLPJxXw813WH5nOkttOkJ6pyegHy7nm0U7DYj6+7a+mza8ehX1VZysieLsl1unylreqGTlOnqjs2GaFqhHV/xLt2UWBC62HixQNVaWOvnTR+cfVAqZhnuGu6QqJYdztk+JXCEkAfvtjLToCUgz3q2nccSaE5zuwo8AcLD+RfmhTQ44+rvUI/og4qkSTxoxzmvdAhPbKBoc79n7BxkteIkaRNOjH5DPofs+GjTe5/bqPP3EE52InmrWTG+8jvawu99BGfA2AmnSv2I0qw4v8Srme0fh+CMuUQI6+ztl6Z7BZ6NePwpkitvqESOu8kKrC4dHKQHCy5wqjUbKRHkAeduI/OkxrvLY5M0XEykSgsJnQHg20NP6AAExOSzzD52x3qbZ/aAMYBZSSWkMLQt8sDpnCFP8Ob30IZEXuw++aMOY7OUt3j7A8Vq8VLxUXwLWGOm0WRJ94o4BFrul9nhGzUAqcxBxIqGKxlm05HlzNtceijLWrbMY7twARwNUbBoFg0CtjJyErRLl+oj/CZXwQIoVovfE4Zl+RDH/XcgrDCbJG9AQ1/IcgI0q2KLA4H0717a7YUAboVruuU43u49e5ZFuPWOnGiTLyLgjTAgHbON8Z14lLK7oK1fLG36IgZHZIsuDsZQP7KOiD6RREd4lQ1+WZ6tzbbtmJ8C5xfntpSoiJ8oSHsNY8InM1Jhu0BKyfKJjUYWN2w5Hi17lpL0qmv3L1uCwy9xtI82le0tpoZ63aoJDn X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230031)(376005)(1800799015)(82310400014)(36860700004);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 19 Apr 2024 12:58:46.9200 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 40e58311-33ca-43ad-34a1-08dc6070737b X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: SN1PEPF00036F42.namprd05.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: CY8PR12MB7265 SEV-SNP no longer supports using pflash unit=0 for loading the OVMF bios, and instead relies on -bios parameter. So add support for this in the runner script (x86/efi/run). Signed-off-by: Pavan Kumar Paluri --- x86/efi/README.md | 6 ++++++ x86/efi/run | 37 +++++++++++++++++++++++++++++-------- 2 files changed, 35 insertions(+), 8 deletions(-) diff --git a/x86/efi/README.md b/x86/efi/README.md index af6e339c2cca..1653bf60cd13 100644 --- a/x86/efi/README.md +++ b/x86/efi/README.md @@ -34,6 +34,12 @@ the env variable `EFI_UEFI`: EFI_UEFI=/path/to/OVMF.fd ./x86/efi/run ./x86/msr.efi +### Run test cases with UEFI in SEV-SNP environment + +To run a test case with UEFI and AMD SEV-SNP enabled: + + EFI_SNP=y ./x86/efi/run ./x86/amd_sev.efi + ## Code structure ### Code from GNU-EFI diff --git a/x86/efi/run b/x86/efi/run index 85aeb94fe605..2e8e29b947be 100755 --- a/x86/efi/run +++ b/x86/efi/run @@ -15,9 +15,11 @@ source config.mak : "${EFI_SRC:=$TEST_DIR}" : "${EFI_UEFI:=/usr/share/ovmf/OVMF.fd}" +: "${EFI_VARS:=/usr/share/ovmf/OVMF_VARS.fd}" : "${EFI_TEST:=efi-tests}" : "${EFI_SMP:=1}" : "${EFI_CASE:=$(basename $1 .efi)}" +: "${EFI_SNP:=n}" if [ ! -f "$EFI_UEFI" ]; then echo "UEFI firmware not found: $EFI_UEFI" @@ -43,6 +45,24 @@ fi mkdir -p "$EFI_CASE_DIR" cp "$EFI_SRC/$EFI_CASE.efi" "$EFI_CASE_BINARY" +# SEV-SNP no longer supports using pflash unit=0 for loading the bios, +# and instead relies on -bios parameter. pflash unit=0 will instead only +# be used for OVMF_VARS image, if present. +if [ "$EFI_SNP" == "y" ]; then + "$TEST_DIR/run" \ + -bios "${EFI_UEFI}" \ + -drive file="$EFI_VARS",format=raw,if=pflash,unit=0 \ + -drive file.dir="$EFI_TEST/$EFI_CASE/",file.driver=vvfat,file.rw=on,format=raw,if=virtio \ + -net none \ + -nographic \ + -m 512M \ + -object memory-backend-memfd,id=ram1,size=512M,share=true,prealloc=false \ + -machine q35,confidential-guest-support=sev0,memory-backend=ram1 \ + -object sev-snp-guest,id=sev0,cbitpos=51,reduced-phys-bits=1 \ + -cpu EPYC-v4 + + exit $? +else # Run test case with 256MiB QEMU memory. QEMU default memory size is 128MiB. # After UEFI boot up and we call `LibMemoryMap()`, the largest consecutive # memory region is ~42MiB. Although this is sufficient for many test cases to @@ -54,11 +74,12 @@ cp "$EFI_SRC/$EFI_CASE.efi" "$EFI_CASE_BINARY" # to x86/run. This `smp` flag overrides any previous `smp` flags (e.g., # `-smp 4`). This is necessary because KVM-Unit-Tests do not currently support # SMP under UEFI. This last flag should be removed when this issue is resolved. -"$TEST_DIR/run" \ - -drive file="$EFI_UEFI",format=raw,if=pflash,readonly=on \ - -drive file.dir="$EFI_TEST/$EFI_CASE/",file.driver=vvfat,file.rw=on,format=raw,if=virtio \ - -net none \ - -nographic \ - -m 256 \ - "$@" \ - -smp "$EFI_SMP" + "$TEST_DIR/run" \ + -drive file="$EFI_UEFI",format=raw,if=pflash,readonly=on \ + -drive file.dir="$EFI_TEST/$EFI_CASE/",file.driver=vvfat,file.rw=on,format=raw,if=virtio \ + -net none \ + -nographic \ + -m 256 \ + "$@" \ + -smp "$EFI_SMP" +fi From patchwork Fri Apr 19 12:57:50 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Paluri, PavanKumar" X-Patchwork-Id: 13636353 Received: from NAM10-DM6-obe.outbound.protection.outlook.com (mail-dm6nam10on2081.outbound.protection.outlook.com [40.107.93.81]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 6E2B085631 for ; Fri, 19 Apr 2024 12:59:07 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=fail smtp.client-ip=40.107.93.81 ARC-Seal: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1713531548; cv=fail; b=lAT+G+jsNREOD66PmCDP3BWEkxbRTQck4M6OH/LcFkS6waw4PXWBt1KaL3WfxbyKA+tSzcuLJ5CnurKdVmI7ip0wlUEBMdIo7PsipvsEZWN5qsHDRKBFb/WMlNrZCXkYisZFiv2UjUGtlB1ax/qd3SA5G3Ijwh3+vWJ6217ILpY= ARC-Message-Signature: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1713531548; c=relaxed/simple; bh=TB5y/FVK6vMsYYA0u+m/BtBaoNDKHBtmZNdksMS+Ofw=; h=From:To:CC:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=bbc12irIO+yT+46QTbqLiA0e5Al2j22kRXG1yEmC4EDcSYgUlWWD7WNQTt3TBtzygDObzLRLbZTqoDVM3zr7y1gsCr9b2Hw0291vR8OAwAFPi3YbNzTmA08dNHei6XBFUSafFMsuzzFJR6j40ngsao9Qutmso1wHcnONoYQbT1U= ARC-Authentication-Results: i=2; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com; spf=fail smtp.mailfrom=amd.com; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b=QzfOtDcC; arc=fail smtp.client-ip=40.107.93.81 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com Authentication-Results: smtp.subspace.kernel.org; spf=fail smtp.mailfrom=amd.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b="QzfOtDcC" ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=gQCw3k29OCnoQ+GXwsz6ukHBvAe1WPZY13yx7Gg5guBi46qodLh1l7+W6S/HpAzjve+mjqbgBhB/yLHeKWFWtNoPJX2FJnsB4iCptA8BgGDuga1anJbuJ1MtziYdssnckbsV9PBZ2uxmfEW/NVMf7e4L3gKZKsbAxxb3BRUSQBd0+ZwC23+4LJzovRi45qnuvOyZn2+SCTocj75tI4IRgZvbNa7j3SnPaIz6Ln2RHmg8eR2fSTUyQG/NPsJmV/oYVQk2JpcRzY+6uHSj9DEserlAN8ZlXEY+V4W4yJ/+UspKPaubY1YFBhDRUSVFl6ZxGa9TqoZR6/TXnfVCy6cajw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=ZscgyGl0PqcqsV7PmYgd7ckXX4NGNZ0XHTk8Plo3KL8=; b=SQZVrqHzsBvwjbsrrz+l4DNQlxt0Y1wAfin+PVjuRpWWEF+TjwJBjHDqxvLJJjrz4ErLzvtzHdJiDs3xl4f5gQ1kLNgrtW7t9W9tzFWi+yclAacoaoIWsFw97O1x7lTRdppJRYE27IiNlsbfal1WvDGMeHP95tOTof9M86F72AB6sEKGaypy6xfz9nXbPj/kpNAiZOA5wsiu0ai68t1YdUsHeIAYUAQi6GECzJNVUBxge3mb9427ybxGR0IZNj1rTJCxJdbUGn8n087qRVqUnr47GIzQg/muNmxsfZ0oAfYuYey5GGsAGBF3MYRLA62G4zmN3cmgs7iH9ds9/SE/gw== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none (0) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=ZscgyGl0PqcqsV7PmYgd7ckXX4NGNZ0XHTk8Plo3KL8=; b=QzfOtDcCd/hdNrUeUMkUgXaojI4bhBvNm6gYggGt4JU3dFQ9mRSFjdhVGsYujImSFQgidGhEfwBuiaSjz8V5qyiVe/IiyMdoYMujwfnSl2leVCNguXw++jBMfVhyas2dJUluKqHIo8HtHIc8unKsehbwFLGDx3hvkBlUdgLmcv8= Received: from SN6PR08CA0030.namprd08.prod.outlook.com (2603:10b6:805:66::43) by SA0PR12MB7001.namprd12.prod.outlook.com (2603:10b6:806:2c0::11) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7472.42; Fri, 19 Apr 2024 12:59:04 +0000 Received: from SN1PEPF00036F41.namprd05.prod.outlook.com (2603:10b6:805:66:cafe::cf) by SN6PR08CA0030.outlook.office365.com (2603:10b6:805:66::43) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7495.28 via Frontend Transport; Fri, 19 Apr 2024 12:59:04 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by SN1PEPF00036F41.mail.protection.outlook.com (10.167.248.25) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.7452.22 via Frontend Transport; Fri, 19 Apr 2024 12:59:04 +0000 Received: from ethanolx16dchost.amd.com (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.35; Fri, 19 Apr 2024 07:59:01 -0500 From: Pavan Kumar Paluri To: CC: Paolo Bonzini , Sean Christophersen , Michael Roth , Tom Lendacky , Pavan Kumar Paluri , "Kim Phillips" , Vasant Karasulli Subject: [kvm-unit-tests RFC PATCH 04/13] x86 AMD SEV-ES: Rename setup_amd_sev_es() to setup_vc_handler() Date: Fri, 19 Apr 2024 07:57:50 -0500 Message-ID: <20240419125759.242870-5-papaluri@amd.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20240419125759.242870-1-papaluri@amd.com> References: <20240419125759.242870-1-papaluri@amd.com> Precedence: bulk X-Mailing-List: kvm@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: SN1PEPF00036F41:EE_|SA0PR12MB7001:EE_ X-MS-Office365-Filtering-Correlation-Id: de55222c-94c0-439f-5856-08dc60707e22 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: 8vb0xPrqLkfqNauoPV9z1xYcHB+49HwFdvpUa43LD7XTK26lJGp5i6F2jmIwdwdfjXG36In/U0Q5Sx7wA21OqCePqPqTpq0s1NxyhsIzTTK3PXICwtEAK6eVR9dRD0t9QX5RXA5xZ0XlzgwiK1QU5tIDdakdvYblFTbOuNLTCEfIbI1hXm1slCqgQf6sNO6/NNM7LJLfRTz6l60xD/gPaMdZghEKLZgGPr8uSI4kvdca6i0MDGzMR8gaFDZlu93Jm1AEVznoKLpHIRIOisjkElxthvUXV9IYzk0v7B8yvqeuAeklIGLirzE4WxKHpvPEYuIRosJ7UhSrvNcehAVyjRKWWJc3aLpOrpNX24VoE3JXZWd8TdTQfyOk4MKwEc/QSqICl2jVew3yuIxit1BjJvJZv3w2QHlI6r6rnDL6YSceZTKOpcK7HrjCmc5feB8k945o9fjKHQms93Hw0TLMBYRMCqqHvduI5/UEFYRASlgSSYTk11zaWqppb5c4cgBqK6KC8EKNqZN2qWbcDUZ/gxfSnF2l4Vq1eagy7AIisLhYCRHvwOMb9IEj1kBEyKg9t4ULwmd9jUNR4bolevj/8Z2r+OFcj24R004RYV5G47LwYS6Rul8bRXtDZtsR8jjhSrMyDRxw407mjh3vLUv1zwNnKCuRNjkLfpKo4AcKcU2hwBqet3wOviAcMMomjVw4v4mV66ymQ5y3+ahCDiiLJCIb/Dz0jbMUvRE4UhM8d7p3aZTQhFIMYH7k9IPHNH7w X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230031)(82310400014)(1800799015)(36860700004)(376005);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 19 Apr 2024 12:59:04.6989 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: de55222c-94c0-439f-5856-08dc60707e22 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: SN1PEPF00036F41.namprd05.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: SA0PR12MB7001 Re-organize the existing code to include a common helper function setup_vc_handler() to setup #VC handler that now serves as a common #VC handler for both SEV-ES and SEV-SNP guests. On configuring KUT with --amdsev-efi-vc flag, This setup_vc_handler() continues to re-use UEFI's #VC handler. This will be useful in understanding how UEFI modifies SNP CPUID table and also useful in studying the behavior of OVMF's IOIO and MSR #VC handlers as well. However, if one prefers using SEV-ES/SNP's #VC handler, then --amdsev-efi-vc flag should not be passed during configuration. No functional change has been introduced in this patch. Signed-off-by: Pavan Kumar Paluri --- lib/x86/amd_sev.c | 6 +++++- lib/x86/amd_sev.h | 2 +- lib/x86/setup.c | 2 +- 3 files changed, 7 insertions(+), 3 deletions(-) diff --git a/lib/x86/amd_sev.c b/lib/x86/amd_sev.c index 987b59f9d650..ff435c90eeea 100644 --- a/lib/x86/amd_sev.c +++ b/lib/x86/amd_sev.c @@ -89,12 +89,16 @@ bool amd_sev_es_enabled(void) return sev_es_enabled; } -efi_status_t setup_amd_sev_es(void) +efi_status_t setup_vc_handler(void) { struct descriptor_table_ptr idtr; idt_entry_t *idt; idt_entry_t vc_handler_idt; + /* + * If AMD SEV-SNP is enabled, then SEV-ES is also enabled, so + * checking for SEV-ES covers both. + */ if (!amd_sev_es_enabled()) { return EFI_UNSUPPORTED; } diff --git a/lib/x86/amd_sev.h b/lib/x86/amd_sev.h index efd439fb5036..b5715082284b 100644 --- a/lib/x86/amd_sev.h +++ b/lib/x86/amd_sev.h @@ -139,7 +139,7 @@ efi_status_t setup_amd_sev(void); #define SEV_ES_GHCB_MSR_INDEX 0xc0010130 bool amd_sev_es_enabled(void); -efi_status_t setup_amd_sev_es(void); +efi_status_t setup_vc_handler(void); void setup_ghcb_pte(pgd_t *page_table); void handle_sev_es_vc(struct ex_regs *regs); diff --git a/lib/x86/setup.c b/lib/x86/setup.c index 65f5972adb29..d79a9f86eda4 100644 --- a/lib/x86/setup.c +++ b/lib/x86/setup.c @@ -334,7 +334,7 @@ efi_status_t setup_efi(efi_bootinfo_t *efi_bootinfo) /* Continue if AMD SEV is not supported, but skip SEV-ES setup */ if (status == EFI_SUCCESS) { phase = "AMD SEV-ES"; - status = setup_amd_sev_es(); + status = setup_vc_handler(); } if (status != EFI_SUCCESS && status != EFI_UNSUPPORTED) { From patchwork Fri Apr 19 12:57:51 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Paluri, PavanKumar" X-Patchwork-Id: 13636354 Received: from NAM10-DM6-obe.outbound.protection.outlook.com (mail-dm6nam10on2047.outbound.protection.outlook.com [40.107.93.47]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id E016C8595F for ; Fri, 19 Apr 2024 12:59:16 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=fail smtp.client-ip=40.107.93.47 ARC-Seal: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1713531558; cv=fail; b=aeupnXYIcmVG4yyRPmsfEAGR5ngNzbBYi1NBdkEfl2xTH0AEUOqZNl9SGrfUJmhJXt4zqOCK7XIyx1o7a3AZxZ58wmVQCKZRR6pVAV8DnRkAmUwIUatMHy5MWtbDkpOjf+9KmpQmcQGrfSg/nLmHHJBJ7kylujkzYPEGasYkXUE= ARC-Message-Signature: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1713531558; c=relaxed/simple; bh=Yl9EyhtFxlH+gveDrr7JcdVMEJJTNVCydKs8tqzgvpc=; h=From:To:CC:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=RTvoA4nSoO+IFK1t1AcYkuZxIq8p3xvxv1q4TpUmO7uPwUzrYsLnG8ilXknNae2NN2hsB/vS1NWZAKspbVCx53VEXpwzshtob84b6/Y/ZTCJXW3Dy0VOihTo0MaV1pejhb3orYUmR3M7W5y3uWH+B6BUhUMsaatdY6gmfZ/u7XA= ARC-Authentication-Results: i=2; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com; spf=fail smtp.mailfrom=amd.com; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b=2vpqsrbD; arc=fail smtp.client-ip=40.107.93.47 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com Authentication-Results: smtp.subspace.kernel.org; spf=fail smtp.mailfrom=amd.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b="2vpqsrbD" ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=H7qc+cYD5oCoBv/Lk/fWn/ymp6abPqDO7qjm58UA2DjSbJUqxhPjqVo/0P5TlfhV7n01qyGIEk5Fkebr6xxQQhLpvyShvNydQY5mKvM4XRq1m7Rvo2O8QGNDcIM02k2VlrxZg/LL4SjQlYGOY6WYVsK68rJd3kCsf0LYhCUwOBcAW4V6OC3bosdwUp4C8iekTpMHUZ8RrYUGI5aToeo9YZAGFoeolELrnWZzQS4sZ058yZUuicq7L15gaPy3pc9/rdOPr7ypzZE6Ub015DXz8kpwm9Z+AakPGX9owpF6b1TfaHgjgQIdiI5hrlswUEQMyHOsWqmcDBw46A1ydcUBFg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=Ccc9K4l5iixIu1XBWG/iHLGqC9WfkP54y+M3cNVxpWU=; b=FkAaSupWo4mAVPuhJj4mC8/CoDxb0oEHDzKOA4izOuGGWSUmGbwrB6y7XMnWkYQw/wtqNKXPwR0Nhex0L5oOjXbL2Ex0K3KzLwmH/Zycf0irlumuDl2NsDaMVvN3fQF9XrmpxWrd/scKHQBi4NZ7bktaZc0pjKs6ECorQq2hvnBiIfc8LN2uWWvzWSO083oVq9MP0BuVDrXzCPtvnoFicc4/1eFJdYy2XIOPYQqb85nO8pIr2IPsAM6E4DPJISPpOT+NXFI4+9CWkHN1GFGDzfMC+7xwY6I4zNsFJ4gyq/jpSur9K8Ntn9oSL/XL0nnPRpb+I/uNonFvdyhKNdzmYw== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none (0) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=Ccc9K4l5iixIu1XBWG/iHLGqC9WfkP54y+M3cNVxpWU=; b=2vpqsrbDK18dYmFAkzqQCi2Lb43JMzzKQ9Xuwrg/VvoC1r3KoO+YDOzhxdMrH+rFH7W1Oypo8E7ePOTAxL3qReGZLkBsLiVDowhJUmXNJAZEgi2gwQKP0vxd+PBafDo7MF+v0FSglQQVyqEbQIAFkhJNSW265DEZcIgthwDbV3c= Received: from SA0PR12CA0008.namprd12.prod.outlook.com (2603:10b6:806:6f::13) by BL3PR12MB6401.namprd12.prod.outlook.com (2603:10b6:208:3b1::8) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7472.43; Fri, 19 Apr 2024 12:59:13 +0000 Received: from SN1PEPF00036F43.namprd05.prod.outlook.com (2603:10b6:806:6f:cafe::cd) by SA0PR12CA0008.outlook.office365.com (2603:10b6:806:6f::13) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7495.31 via Frontend Transport; Fri, 19 Apr 2024 12:59:13 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by SN1PEPF00036F43.mail.protection.outlook.com (10.167.248.27) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.7452.22 via Frontend Transport; Fri, 19 Apr 2024 12:59:13 +0000 Received: from ethanolx16dchost.amd.com (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.35; Fri, 19 Apr 2024 07:59:12 -0500 From: Pavan Kumar Paluri To: CC: Paolo Bonzini , Sean Christophersen , Michael Roth , Tom Lendacky , Pavan Kumar Paluri , "Kim Phillips" , Vasant Karasulli Subject: [kvm-unit-tests RFC PATCH 05/13] x86 AMD SEV-SNP: Enable SEV-SNP support Date: Fri, 19 Apr 2024 07:57:51 -0500 Message-ID: <20240419125759.242870-6-papaluri@amd.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20240419125759.242870-1-papaluri@amd.com> References: <20240419125759.242870-1-papaluri@amd.com> Precedence: bulk X-Mailing-List: kvm@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: SN1PEPF00036F43:EE_|BL3PR12MB6401:EE_ X-MS-Office365-Filtering-Correlation-Id: ffbd4300-278f-45bf-0ea8-08dc6070834d X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: ZM04aoNRtDdtaoOccPA8836fnthA9n2p8bvdM/wRQsKFOsBHKHQHbR8SkCKvChyYAxZ+y67BWbYbz3Nob2YULxiryaYoAs1wi7MHD5TwUkO3zgERn7yHXQTsbjQUDo76cSSDLC0SGvUQ+fY/chCYmiRpf25G7r0z3qJzc0xGpp6f/J6nPmWAjmv5vtYW3Gx3DIADPytflrGICbx7/n6A+QOBZYUSL2ZUxOGYT3u77ONEmhw/z0lMc/hikU7nh3bOh4WmkjvYKAIIHtkGMvkZ15eYgmtzslGII0GjtYJIWfZk0JKIHICtJUMHrM3S4vZ4EebrF/A2MOFKvlYnI+npx/z32hc4yVcd9mzR4DfwJZg51Zmd1byq3IY50Fv8AOHtHK6iMopumGzd/Ohtw+F1Bbn7r0wLxvk8H60CpLHY8MCukyzRZTmhpYqeJsdMQvVFLKseNPQLhAkSmOMqE812yQ4hOSY9ql1K/4Kyui7hsXtwXOzjA8VPb1vmqwyA+xuukPH8DfYUFnE8ZlbuOoJv5dI0uywR5Sq/kXY5gchNLIEcI0fwcytolrQQmgkQaS2QRobylc1Cd9g6fT1EpvEh5QMlcZYH+MkBcbaC+KJ5D+sa3lTZ6jQA4eKqpXFaxykQu+8Uuzwj4MrtjufMVOUBnmNY0Wgcv//xE/NCkmYPwAnEtnkPVdynwampnRdOAoj5NmBUz1Nah5MUW21Fvc/SzrFd4w0Oz1DSb2M6ivVijWgI3hgEjEpcnq58HjVPomiC X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230031)(36860700004)(1800799015)(82310400014)(376005);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 19 Apr 2024 12:59:13.3986 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: ffbd4300-278f-45bf-0ea8-08dc6070834d X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: SN1PEPF00036F43.namprd05.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: BL3PR12MB6401 Incorporate support for SEV-SNP enablement. Provide a simple activation test to determine whether SEV-SNP is enabled or not. SKIP this activation test if the guest is not an SEV-SNP guest. Signed-off-by: Pavan Kumar Paluri --- lib/x86/amd_sev.c | 16 ++++++++++++++++ lib/x86/amd_sev.h | 2 ++ lib/x86/setup.c | 6 +++--- x86/amd_sev.c | 11 +++++++++++ 4 files changed, 32 insertions(+), 3 deletions(-) diff --git a/lib/x86/amd_sev.c b/lib/x86/amd_sev.c index ff435c90eeea..8af772ec09b3 100644 --- a/lib/x86/amd_sev.c +++ b/lib/x86/amd_sev.c @@ -89,6 +89,22 @@ bool amd_sev_es_enabled(void) return sev_es_enabled; } +bool amd_sev_snp_enabled(void) +{ + static bool sev_snp_enabled; + static bool initialized; + + /* Test if SEV-SNP is enabled */ + if (!initialized) { + if (amd_sev_es_enabled()) + sev_snp_enabled = rdmsr(MSR_SEV_STATUS) & + SEV_SNP_ENABLED_MASK; + initialized = true; + } + + return sev_snp_enabled; +} + efi_status_t setup_vc_handler(void) { struct descriptor_table_ptr idtr; diff --git a/lib/x86/amd_sev.h b/lib/x86/amd_sev.h index b5715082284b..4c58e761c4af 100644 --- a/lib/x86/amd_sev.h +++ b/lib/x86/amd_sev.h @@ -122,6 +122,7 @@ struct es_em_ctxt { #define MSR_SEV_STATUS 0xc0010131 #define SEV_ENABLED_MASK 0b1 #define SEV_ES_ENABLED_MASK 0b10 +#define SEV_SNP_ENABLED_MASK 0b100 bool amd_sev_enabled(void); efi_status_t setup_amd_sev(void); @@ -140,6 +141,7 @@ efi_status_t setup_amd_sev(void); bool amd_sev_es_enabled(void); efi_status_t setup_vc_handler(void); +bool amd_sev_snp_enabled(void); void setup_ghcb_pte(pgd_t *page_table); void handle_sev_es_vc(struct ex_regs *regs); diff --git a/lib/x86/setup.c b/lib/x86/setup.c index d79a9f86eda4..023aa6951183 100644 --- a/lib/x86/setup.c +++ b/lib/x86/setup.c @@ -331,9 +331,9 @@ efi_status_t setup_efi(efi_bootinfo_t *efi_bootinfo) phase = "AMD SEV"; status = setup_amd_sev(); - /* Continue if AMD SEV is not supported, but skip SEV-ES setup */ - if (status == EFI_SUCCESS) { - phase = "AMD SEV-ES"; + /* Continue if AMD SEV is not supported, but skip SEV-ES or SEV-SNP setup */ + if (status == EFI_SUCCESS && amd_sev_es_enabled()) { + phase = amd_sev_snp_enabled() ? "AMD SEV-SNP" : "AMD SEV-ES"; status = setup_vc_handler(); } diff --git a/x86/amd_sev.c b/x86/amd_sev.c index 7757d4f85b7a..241e1472e333 100644 --- a/x86/amd_sev.c +++ b/x86/amd_sev.c @@ -69,6 +69,16 @@ static void test_sev_es_activation(void) } } +static void test_sev_snp_activation(void) +{ + if (!(rdmsr(MSR_SEV_STATUS) & SEV_SNP_ENABLED_MASK)) { + report_skip("SEV-SNP is not enabled"); + return; + } + + report_info("SEV-SNP is enabled"); +} + static void test_stringio(void) { int st1_len = sizeof(st1) - 1; @@ -92,6 +102,7 @@ int main(void) rtn = test_sev_activation(); report(rtn == EXIT_SUCCESS, "SEV activation test."); test_sev_es_activation(); + test_sev_snp_activation(); test_stringio(); return report_summary(); } From patchwork Fri Apr 19 12:57:52 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Paluri, PavanKumar" X-Patchwork-Id: 13636355 Received: from NAM10-MW2-obe.outbound.protection.outlook.com (mail-mw2nam10on2052.outbound.protection.outlook.com [40.107.94.52]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id C496985948 for ; Fri, 19 Apr 2024 12:59:31 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=fail smtp.client-ip=40.107.94.52 ARC-Seal: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1713531573; cv=fail; b=Bv1fSI8WslACYnXS2s/f8NQcfKDjsBD433UEegtRBwf4geZmhf988g+8ae/D5g4myUxp1FpRfktAlmmJhb/t8cztIP/Dt1B7CVISfSZI2eev/y/tmBhVzLk6UZK0foIDIeTdPN6R8E8gOnT/HVNmjW+jYe4nBdzxaSbQBBWsuUs= ARC-Message-Signature: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1713531573; c=relaxed/simple; bh=dvVKHoeLGZ0wBt0oTVyp7FaTUXIDhPng/yKV5j/9V+o=; h=From:To:CC:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=gUvtqmFdoA6XfYG2tRiq/+pInaI2JOUvcyPUfY0QvijqbuDVyn+12kixvq+dLat15gV3AxtSySH+OxPrhsQt4BU+hDC8KNaQYqjJcjtXWIeO26EUlf6BgCwt6wpIkKG7MummdNKAepWibwhU+XwsrbRIX3Kwk3Vg/Xu7Mm8rjA4= ARC-Authentication-Results: i=2; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com; spf=fail smtp.mailfrom=amd.com; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b=zCX3Jppf; arc=fail smtp.client-ip=40.107.94.52 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com Authentication-Results: smtp.subspace.kernel.org; spf=fail smtp.mailfrom=amd.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b="zCX3Jppf" ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=SlosAS4QYmU/XJmnZRzycyA8dI81qwZGfls+85qkjx2lK+ILOAYJUb1gKwNykDFFciG42hUBxYifocUyliNIDg2pZqpU+3jLdmGUT9242p6kRRQMzsIRiI5k5msc4YHzCHIgb+wxfnWiIc9NhaauddeWZBFEr2eC+OtGmZkwuxwBnLYUZrQNROlLhdLq43lBRhZSnojRo23CF5cnbKz+gBcm0hsNjXd0otXZqeLlZ0HRbDSUJK/vrwy+5DkFu0wGWyftW7QrrykZ7SV4RIRQ2fVN8YbXvBhZXl9S9rmbLZz299uWjn1pA78V+aBUmcOrx0tHgjZ0QS/5Wr0lFmSH7Q== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=WG3jANTDSSG1/++/vLnYPLU5dCPv9msFKrszBqlqZ2Q=; b=QiS02HP7t9anPOZAgaSXO2VL8lmApz45IsLrCBCbywWn7sc61tj4vpUSz+NR7KijS2ZIHkjtQurZS6ADozdqtgRdzDkf6NHgokYyDXThgCJ7a2fyOSAY6fr4PHQr/6aRVA3ETe6OxpBXkjoJDbApYok4jROBN9TTDKfEhe2OIqW4qWcXFzw02AEFFNCHZ36WdJqirFKIL3rlMWhenXkWnhijsXqcZEsOAG8Hbpvnq9U/utiOUENRG73mY83iXx0gyuqE+6kvgFqKzWYnj58NNWReFFthBmIqPS+wi03glr4ls/rUH3Lxc20I2lI8i6zZDuUcBpUY1+b/ynTinnu6MQ== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none (0) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=WG3jANTDSSG1/++/vLnYPLU5dCPv9msFKrszBqlqZ2Q=; b=zCX3Jppf9QHL7chSBW505ukMPqbvbTj6cbFtWFxBeC6LZqpSqRD23/5oZ97sjrHXAor91FZGzL9QD8iGFkBhTHVBGtlJFPc/ZJNNmQNJBCaD2A8OpXErBKtYl6RhZVcN2k/sovoLPDJ2Zwc6pNT6Z+7o/oPLi/nx/qI6QzmosDo= Received: from SA1PR03CA0020.namprd03.prod.outlook.com (2603:10b6:806:2d3::17) by MN2PR12MB4128.namprd12.prod.outlook.com (2603:10b6:208:1dd::15) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7472.43; Fri, 19 Apr 2024 12:59:29 +0000 Received: from SN1PEPF00036F3E.namprd05.prod.outlook.com (2603:10b6:806:2d3:cafe::b2) by SA1PR03CA0020.outlook.office365.com (2603:10b6:806:2d3::17) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7495.31 via Frontend Transport; Fri, 19 Apr 2024 12:59:29 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by SN1PEPF00036F3E.mail.protection.outlook.com (10.167.248.22) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.7452.22 via Frontend Transport; Fri, 19 Apr 2024 12:59:29 +0000 Received: from ethanolx16dchost.amd.com (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.35; Fri, 19 Apr 2024 07:59:28 -0500 From: Pavan Kumar Paluri To: CC: Paolo Bonzini , Sean Christophersen , Michael Roth , Tom Lendacky , Pavan Kumar Paluri , "Kim Phillips" , Vasant Karasulli Subject: [kvm-unit-tests RFC PATCH 06/13] x86 AMD SEV-SNP: Add tests for presence of confidential computing blob Date: Fri, 19 Apr 2024 07:57:52 -0500 Message-ID: <20240419125759.242870-7-papaluri@amd.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20240419125759.242870-1-papaluri@amd.com> References: <20240419125759.242870-1-papaluri@amd.com> Precedence: bulk X-Mailing-List: kvm@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: SN1PEPF00036F3E:EE_|MN2PR12MB4128:EE_ X-MS-Office365-Filtering-Correlation-Id: 6bbd1aa5-7e35-495f-ab64-08dc60708cbf X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: H/9aHU5KgiSv9jeHGSzAmWVrfPVBxYpSSgVhZeviXDtVYSN5SA1x4hQszo9tv7tRQHYRnwOWiuXhUJPQ6V88nhowWCt7SYZNYT3Rl+VmJg2Ii3rI1laFKgQ3kAZbuboN3m/NZ1e/KJFSc94fHWe3yNd5zBsrtseVGkJiUtYlnl/siqpgQAD0exrlgzC3n5v3IWx4kOA5V7kpV3wdd4IANbFxNB491yiaAG1u1RVcNQq0cIan5Ovx/JEO3jTwItPdC4DCc0Bw3sdWBgLY0276+ESjBb0AN2eqpA2gjxEcTmhw4zLbY6D78cLZQdwFDmAOG+RVGCseydMI+FLHJXK1DlEv/bbAIwwoyzPcqHcE2GbW7xnm4Uy1AU9ZxQY8rsWGMnaMamb0MfCUdBkw14G+VKjFlL/+PVBkfPHJVGE4s2y0501AFsuO8Vp+nG66D4qAAEfIa4wb1aBKSaDQq/Gd9yJlCNxEm7axrlAF+gsKbxZj0VnsTagtxVf/GV5q+aC2kBsjun4Bp3Mh5OBTwIc2hdRCI6YoX7ynmBJVF/nJQe6W2FNkkrefEq8VFZzfq+d8YrFBdMjYPjc/nVoP7cmR8g+YWyZIGvjQ2EhwC/3L9zpahWQWxYUkSSNLB/QeMvNgdW/LTieX1xtF1Q7NQwpNIsXx30qzu9elIA4eed0sAeIm3TsAw0ail5IP9V3FIyTBreMUmADV5lZE/ckwSPOPC23uezn/hJ1UO66zXne949iwQ/PQ6IopzQbsNxLIoUFtts0SIdTj+V3hkWxGSku1+zvD2F1ITWFboF0T1KLh8QxKhsTgZ5J+EQl0cpZFGKwrk0+WamNtypcr8BjPdszZU1C08wFAoMNwZyOpGTzuLdpKBmcWtw3EC9ufwSdxs2SO24lBQS/FdxReXyNk2kq5OEoLcR4VM54iwf4sCiIUBRjf95ApdTBdbasHiJnbJDnKVY0nGCIoqL7mvtDoSCbhrhWQptr5OwmzXkurOS1RTXhy6avDfcyqXy9KaG0Kc8wlCxEefPYGnOXR9hBTdkFww2WTa0mshc/sArs8b9DyTCfLGmETGzTYA66UPDeAwTm0f5Qb6vbLBOX0/wU37csVDd/xW+9+WcPi1aPHZh6rCrQH7qYEPBY/zwZn++SlKai0UtbkD9jyv50SmJOPzbauKYWcfGOUxtXWu1Ab5isoF5HM+EPiXKWdgl9VIBg4E19nhcOMZHXop/iQjynMTRpDxqr1Mgapxm2j+Ps+b1H/mb89MVVrga3fQ7r3O1whpfgynwkB9A7IeAy4wBTuKm2mztFMmeJLM3fDUujq+UgstjKrQ3G0CEyiVnvbxt1qwI8j X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230031)(376005)(1800799015)(36860700004)(82310400014);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 19 Apr 2024 12:59:29.2336 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 6bbd1aa5-7e35-495f-ab64-08dc60708cbf X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: SN1PEPF00036F3E.namprd05.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: MN2PR12MB4128 Add support to enable search for confidential computing blob in the EFI system configuration table for KVM-Unit-Tests. The SEV-SNP Confidential Computing (CC) blob (GHCB spec, Table-5) contains metadata that needs to remain accessible during the guest's lifetime. The metadata contains information on SNP reserved pages such as pointers to SNP secrets page and SNP CPUID table. Having access to SNP CPUID table aids in providing CPUID #VC handler support. Also, Determining the presence of SNP CC blob in KUT guest verfies whether OVMF has properly provided the CC blob to the guest via the system configuration table. Put out a warning message in case the CC blob is not found. Import the definitions of CC_BLOB_SEV_HDR_MAGIC and cc_blob_sev_info structure from upstream linux (arch/x86/include/asm/sev.h). Signed-off-by: Pavan Kumar Paluri --- lib/linux/efi.h | 1 + lib/x86/amd_sev.h | 18 ++++++++++++++++++ x86/amd_sev.c | 30 ++++++++++++++++++++++++++++++ 3 files changed, 49 insertions(+) diff --git a/lib/linux/efi.h b/lib/linux/efi.h index 8fa23ad078ce..64323ff498f5 100644 --- a/lib/linux/efi.h +++ b/lib/linux/efi.h @@ -69,6 +69,7 @@ typedef guid_t efi_guid_t; #define DEVICE_TREE_GUID EFI_GUID(0xb1b621d5, 0xf19c, 0x41a5, 0x83, 0x0b, 0xd9, 0x15, 0x2c, 0x69, 0xaa, 0xe0) #define LOADED_IMAGE_PROTOCOL_GUID EFI_GUID(0x5b1b31a1, 0x9562, 0x11d2, 0x8e, 0x3f, 0x00, 0xa0, 0xc9, 0x69, 0x72, 0x3b) +#define EFI_CC_BLOB_GUID EFI_GUID(0x067b1f5f, 0xcf26, 0x44c5, 0x85, 0x54, 0x93, 0xd7, 0x77, 0x91, 0x2d, 0x42) #define EFI_LOAD_FILE2_PROTOCOL_GUID EFI_GUID(0x4006c0c1, 0xfcb3, 0x403e, 0x99, 0x6d, 0x4a, 0x6c, 0x87, 0x24, 0xe0, 0x6d) #define LINUX_EFI_INITRD_MEDIA_GUID EFI_GUID(0x5568e427, 0x68fc, 0x4f3d, 0xac, 0x74, 0xca, 0x55, 0x52, 0x31, 0xcc, 0x68) diff --git a/lib/x86/amd_sev.h b/lib/x86/amd_sev.h index 4c58e761c4af..70f3763fe231 100644 --- a/lib/x86/amd_sev.h +++ b/lib/x86/amd_sev.h @@ -106,6 +106,24 @@ struct es_em_ctxt { struct es_fault_info fi; }; +/* + * AMD SEV Confidential computing blob structure. The structure is + * defined in OVMF UEFI firmware header: + * https://github.com/tianocore/edk2/blob/master/OvmfPkg/Include/Guid/ConfidentialComputingSevSnpBlob.h + */ +#define CC_BLOB_SEV_HDR_MAGIC 0x45444d41 +struct cc_blob_sev_info { + u32 magic; + u16 version; + u16 reserved; + u64 secrets_phys; + u32 secrets_len; + u32 rsvd1; + u64 cpuid_phys; + u32 cpuid_len; + u32 rsvd2; +} __packed; + /* * AMD Programmer's Manual Volume 3 * - Section "Function 8000_0000h - Maximum Extended Function Number and Vendor String" diff --git a/x86/amd_sev.c b/x86/amd_sev.c index 241e1472e333..23f6e3490546 100644 --- a/x86/amd_sev.c +++ b/x86/amd_sev.c @@ -69,14 +69,44 @@ static void test_sev_es_activation(void) } } +/* Check to find if SEV-SNP's Confidential Computing Blob is present */ +static efi_status_t find_cc_blob_efi(void) +{ + struct cc_blob_sev_info *snp_cc_blob; + efi_status_t status; + + status = efi_get_system_config_table(EFI_CC_BLOB_GUID, + (void **)&snp_cc_blob); + + if (status != EFI_SUCCESS) + return status; + + if (!snp_cc_blob) { + printf("SEV-SNP CC blob not found\n"); + return EFI_NOT_FOUND; + } + + if (snp_cc_blob->magic != CC_BLOB_SEV_HDR_MAGIC) { + printf("SEV-SNP CC blob header/signature mismatch"); + return EFI_UNSUPPORTED; + } + + return EFI_SUCCESS; +} + static void test_sev_snp_activation(void) { + efi_status_t status; + if (!(rdmsr(MSR_SEV_STATUS) & SEV_SNP_ENABLED_MASK)) { report_skip("SEV-SNP is not enabled"); return; } report_info("SEV-SNP is enabled"); + + status = find_cc_blob_efi(); + report(status == EFI_SUCCESS, "SEV-SNP CC-blob presence"); } static void test_stringio(void) From patchwork Fri Apr 19 12:57:53 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Paluri, PavanKumar" X-Patchwork-Id: 13636356 Received: from NAM11-CO1-obe.outbound.protection.outlook.com (mail-co1nam11on2046.outbound.protection.outlook.com [40.107.220.46]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 182CF7F46C for ; Fri, 19 Apr 2024 12:59:46 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=fail smtp.client-ip=40.107.220.46 ARC-Seal: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1713531588; cv=fail; b=DCdR1/jqIJmTGwowtigM275heu6a+tm8sdgOwYdNg2qGH2r/G4NN9bMTz9YrJzMHsbPa/VaabbVpmsEMiQQSZut7GzYuUg49p1pCze+75nKh5ZpjGta5P09WfzJOMHVyGj16Bm/UCGok4mFsh0h8/K70qWFDx/Z1JbL1/J1mz5U= ARC-Message-Signature: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1713531588; c=relaxed/simple; bh=XM+Onknuvxi4trzncnAy/smX0wqy49T9d3Trw6hFNY8=; h=From:To:CC:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=mod7Bg5wRpIDo6VZpA9HHsUO36jEmRDKtIcOBrlsGAETDpq5dem0r5eM1nWArVObt7QnjFTyfNxN5cmpwLsQUa9isgIbWFaJ4GG45rV41l4tdqbD1JuHV95Yy1IUoLv6Tq/z2b8VUfJlxa3LKK2CcGLX8tUMFviXTQK19ZoHM3Y= ARC-Authentication-Results: i=2; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com; spf=fail smtp.mailfrom=amd.com; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b=s1YTMj6h; arc=fail smtp.client-ip=40.107.220.46 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com Authentication-Results: smtp.subspace.kernel.org; spf=fail smtp.mailfrom=amd.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b="s1YTMj6h" ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=AXax9BLHP1dnGPmjJGzA/NGMUpHH+LTs8wi2rghgXwk+KPh4km1SEJ/2b8Mxp8zYOvypGlfhwdoVBz3CoBhZd54z8oYW/ARKzBN7FWP37Rt8e6RH6HtJMq+btEP6sxfXR4DJtIcwiryqStYcE+iOA8RYJ+8S/Z6LBFUIqGs50ydWBJFxyRM8DXHb99+ljFSC86rl17C6tODX8+Q6Ma49X1UainCumIIyf1zCOXLldSf33gfRFXBumebzSh5g2LnIFzLPeHVdkR3aSfT/L83ClN/bfTqMSO1abAoKfq4RtoCBhNcn1P0byB1R8Jn+AT5Aly4fWi9C3KkIdeBHj88Z0A== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=jLk9vdAMB5tp0CAPWhF4txWpZehPk5b3WqI1Pfeh/XE=; b=BUpRAu2euwQ1A3K8KGdiwvmZv0NVBut/4t1RSq0W2qUG1EiU/lrGx3meYxyQJb+MEFhsGQ+sLzsxSD4AUgvsgMa/ACeUMUx6qJjdc/XOaYMGGa/wFX8CsryONsMCHG+KnHWiFrzmWBs8dlW5hqe98vz06f4wKNiE1yfL+CGiBj4mj2Yl3FXKP3Y9m0+Uw4rpmW2BGTr/qO+pwDwJlM/Llq6y/aeqOhg7MR7dx3nf6wYy8KB69UozqAWzjKHUYZjd/Lah5SghC3eaeLBnRVGes2gSr4kSOiKFi8whTMg6Ziq2u2mYZXxlvhjLKfcje1yIsHczE9JSxyxx0r7FLi0tVw== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none (0) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=jLk9vdAMB5tp0CAPWhF4txWpZehPk5b3WqI1Pfeh/XE=; b=s1YTMj6hUBByPOGck46SYyXUAvZDQv62gmoFN2qsl6SgZumu8bl5t8c9ykMnFyP0VV3K8uzChuzAG5cIdj6lSGaM+HZ8pbB+psSyiN11glGyH7q/pKhXwxzFX/9bZ4IQGTE+fxiTmAeJ9kCV7qt+YQ/EbdadU8x/BnifJ4LBgDI= Received: from SA0PR12CA0019.namprd12.prod.outlook.com (2603:10b6:806:6f::24) by SA1PR12MB8144.namprd12.prod.outlook.com (2603:10b6:806:337::15) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7452.55; Fri, 19 Apr 2024 12:59:45 +0000 Received: from SN1PEPF00036F43.namprd05.prod.outlook.com (2603:10b6:806:6f:cafe::6c) by SA0PR12CA0019.outlook.office365.com (2603:10b6:806:6f::24) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7495.31 via Frontend Transport; Fri, 19 Apr 2024 12:59:45 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by SN1PEPF00036F43.mail.protection.outlook.com (10.167.248.27) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.7452.22 via Frontend Transport; Fri, 19 Apr 2024 12:59:44 +0000 Received: from ethanolx16dchost.amd.com (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.35; Fri, 19 Apr 2024 07:59:44 -0500 From: Pavan Kumar Paluri To: CC: Paolo Bonzini , Sean Christophersen , Michael Roth , Tom Lendacky , Pavan Kumar Paluri , "Kim Phillips" , Vasant Karasulli Subject: [kvm-unit-tests RFC PATCH 07/13] x86 AMD SEV-ES: Set GHCB page attributes for a new page table Date: Fri, 19 Apr 2024 07:57:53 -0500 Message-ID: <20240419125759.242870-8-papaluri@amd.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20240419125759.242870-1-papaluri@amd.com> References: <20240419125759.242870-1-papaluri@amd.com> Precedence: bulk X-Mailing-List: kvm@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: SN1PEPF00036F43:EE_|SA1PR12MB8144:EE_ X-MS-Office365-Filtering-Correlation-Id: 822dfbb0-f849-420c-e2de-08dc60709621 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: i9pya0xkiAQ3cjnvYrXpObDozupfoFAIBVgLZ0TVdEnwEEXyGtuF6/ei6UYahWwhV3dXzBQrXcsXE7ySG+aSg5IG3UWkXZBEN3Qrk7EV99b0J3bB/CAG7VBhpGFpaiWgRhMG+K4/hLXePC18J9npemMTRb1hcPLot1J0Wor/lcf8kgN0SX0vy9q1+yPaQf6mN+nNiG+3KOOlWabHvFazywHftDIAPeN9LemD7NEKlwcRCKlA7wcc1a07oDPnOa802ahnKvUgOt1PYyeCHMmN1nbIQCrcf1RTrSikUnR68CayAC0ET6hkpO8VSx8tif5IIMP6oS9JyPr4b5qRu27CZxDqoFYBME6upprC4joJmOdGcfRH5xns+fJWO3jx1uS7hnNYG2hHTCFgThJNlky9hDpoBFv5LNEjn8oQENZ+Zp5WYuRpzDaUiw04XbILuDCY61JscJgtIFpTr0kRUf2HDzBL0Xvh5pa8Dhfb7uaKNR5Jfu0GCe5P6Hlanfk04BZ7VrBaDCzUswsi7/30bmjAEifq7ejg0Ss04N9X6ylU0EDrNF9PhZlR7LGg3MZ/7EROkOYP3clTj53h+ueg6rDrt/dTrqwyAPo2vkbq5RgClhiushafv2/AlZQJ7TeaEEfgKJ6K9bt8/t3r6uO5EqRGIWDJhCw1pm/pncFi7Vn6txWQQmoTpzznZGhxhLI3VlXXFMC5oOZZc0LqxYL5PM3XjCAh2kLmyvYgFyCeRMJUBerwHcIezMV73uQaGrCKjMtq X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230031)(1800799015)(36860700004)(376005)(82310400014);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 19 Apr 2024 12:59:44.9768 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 822dfbb0-f849-420c-e2de-08dc60709621 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: SN1PEPF00036F43.namprd05.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: SA1PR12MB8144 SEV-ES/SNP guest uses GHCB page to communicate with the host. Such a page should remain unencrypted (its C-bit should be unset in the guest page table). Therefore, call setup_ghcb_pte() in the path of setup_vm() to ensure C-bit of GHCB's pte is unset, for a new page table that will be setup as a part of page allocation for UEFI-based SEV-ES/SNP tests later on. Signed-off-by: Pavan Kumar Paluri --- lib/x86/vm.c | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/lib/x86/vm.c b/lib/x86/vm.c index 90f73fbb2dfd..ce2063aee75d 100644 --- a/lib/x86/vm.c +++ b/lib/x86/vm.c @@ -3,6 +3,7 @@ #include "vmalloc.h" #include "alloc_page.h" #include "smp.h" +#include "amd_sev.h" static pteval_t pte_opt_mask; @@ -197,6 +198,11 @@ void *setup_mmu(phys_addr_t end_of_memory, void *opt_mask) init_alloc_vpage((void*)(3ul << 30)); #endif +#ifdef CONFIG_EFI + if (amd_sev_es_enabled()) + setup_ghcb_pte(cr3); +#endif + write_cr3(virt_to_phys(cr3)); #ifndef __x86_64__ write_cr4(X86_CR4_PSE); From patchwork Fri Apr 19 12:57:54 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Paluri, PavanKumar" X-Patchwork-Id: 13636357 Received: from NAM04-DM6-obe.outbound.protection.outlook.com (mail-dm6nam04on2040.outbound.protection.outlook.com [40.107.102.40]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 50F598592C for ; Fri, 19 Apr 2024 12:59:59 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=fail smtp.client-ip=40.107.102.40 ARC-Seal: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1713531601; cv=fail; b=FC4iitvY9At5f1BouAwGYQOiUlVuVrEVuUyqhdwFD8SRmnwGn2icLnha4aegNW8MsUUlH20UBHa8Va+jDBYjIoDtSc1T4EkyBMnl0m4WgM23UGcZbeEUtufVMuYaj8rDmoPVAsTajvBhixov77LZkQsg5txPDuqwknBE6YicbtM= ARC-Message-Signature: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1713531601; c=relaxed/simple; bh=QpBcmKKB5SgeZbyQwukEH3zOSwVegCQJFwxVDgf4TrU=; h=From:To:CC:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=jfPuq5qgs8wZgmGvshiuGpbIrLh4ZpJI4TOop3qTpT32Thc2LKxkUNp8W0SIAhuKH3+Ux2LV8xapUGHqqhcThQt9OCwHypdVPdhy6WJJvW76LIzZnM3xLYwHfLDJtM5E5Q65a1+s6GJGe4kkRHscoeQQUTYfL7OCONnBF2oOODU= ARC-Authentication-Results: i=2; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com; spf=fail smtp.mailfrom=amd.com; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b=2TD4oR3e; arc=fail smtp.client-ip=40.107.102.40 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com Authentication-Results: smtp.subspace.kernel.org; spf=fail smtp.mailfrom=amd.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b="2TD4oR3e" ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=NtmMBxAHAvNJ+AbkyHx34WWf874vJnP0sJJDav3pIVs5BAftm0NRya9oGPYKKC6o6UWW5ItmePUFr1UWZWAhJwB8QSwlAOOesrWLMEobr2fPWsJFC97n+2XBeJEyrKCl2SgtsZQ5MdrurtsVFV2F5JC8/OB1Wez4LVQxB3S6cqh2Ow61TPNqLX8Q9Z5SxArrNzZjjPneOJx5Ou0sHTUV+C0gWYrquQ9mYfm9hhoOaKA/n9Xlz61Mn3RrIT00xkBswCbQNmhl3Uj7ZsHuQOpqBnorniwQ9H37Nn5H+hS4AgTGBeV2k/G6iPcgjvPqkQtQBure0wEUvBFUQRVFL/o6sw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=8iUMSEN1fAI2NxU47msr7drfMnFNCTpbWT5FNt253Is=; b=KsbsIkUuKYK9LhhaNqOTxAxj7MVj6EoGOqqdTbF7nCvIQPcrJU/8Kx3tRDt7jZJb6o8tKzTIqpOWi6JOy/ISgOeC9/cjnwky1pNdxzeS3YwV+TSb3zsakDLS5zY4msU39f8u8Z2X7Kadj2rwfvGOtpLv44tn6Z8DNlMad4cWm3jKn2ys5nszWsGxLdcceZDjVZCSIMAxjYe2gIe9fm13ps//8acVOHjcPdG3fJP7hFN1JBHuMy+TVZLXYIUAEeCt/gDT0r53X8U0wfieZPv3Lm5SnjnpRVrt0ygNSXZzmyAtJLseZPEG0FDs+MYaK7+E/42f1Pn9gPP+MP3g1PXzbg== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none (0) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=8iUMSEN1fAI2NxU47msr7drfMnFNCTpbWT5FNt253Is=; b=2TD4oR3egC39FWoDfK7JybjcU3dwxmN01ioUhjkOuXC/+wBYh9Qk5daL/JPNqf7MPUFHE/zq+2UYnhA9PnY0of4iw6tfkeLGAs7F8ZEqiRxbqTiAzYyOiuFEBRzQWQfvzxz/F6w2YnDFh0EL/2Vd+aIT5Dm34LJc83AmJMhxsAY= Received: from PH7PR13CA0020.namprd13.prod.outlook.com (2603:10b6:510:174::27) by MW4PR12MB7382.namprd12.prod.outlook.com (2603:10b6:303:222::6) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7472.37; Fri, 19 Apr 2024 12:59:56 +0000 Received: from SN1PEPF00036F3D.namprd05.prod.outlook.com (2603:10b6:510:174:cafe::c6) by PH7PR13CA0020.outlook.office365.com (2603:10b6:510:174::27) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7519.16 via Frontend Transport; Fri, 19 Apr 2024 12:59:56 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by SN1PEPF00036F3D.mail.protection.outlook.com (10.167.248.21) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.7452.22 via Frontend Transport; Fri, 19 Apr 2024 12:59:56 +0000 Received: from ethanolx16dchost.amd.com (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.35; Fri, 19 Apr 2024 07:59:54 -0500 From: Pavan Kumar Paluri To: CC: Paolo Bonzini , Sean Christophersen , Michael Roth , Tom Lendacky , Pavan Kumar Paluri , "Kim Phillips" , Vasant Karasulli Subject: [kvm-unit-tests RFC PATCH 08/13] x86 AMD SEV-SNP: Test Private->Shared Page state changes using GHCB MSR Date: Fri, 19 Apr 2024 07:57:54 -0500 Message-ID: <20240419125759.242870-9-papaluri@amd.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20240419125759.242870-1-papaluri@amd.com> References: <20240419125759.242870-1-papaluri@amd.com> Precedence: bulk X-Mailing-List: kvm@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: SN1PEPF00036F3D:EE_|MW4PR12MB7382:EE_ X-MS-Office365-Filtering-Correlation-Id: b77900af-f0be-4a1c-2e47-08dc60709cb8 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: +0GLTT5PZTjVHNhGDJ/6kSFnv1tuypSQQqMf9BWDE/q2dMaN8PYs7gy3c83u6S+gj+x168hB2S/a4rOZm6a8SbcM11za9Edm527GRb/cT9OfL/c3JBqca/R4luHZ4vq0f5FigT7IanR4togZvCKOUpbDD1RTqkuBrGrlKAL8caqtXz5IoVHr96zVriMxlG4ubHi2yN2wQ7CbrP0Nmg3SO7UvTzZRFnTf3yjeVbIstutMJHKjLYbo5PdrA+EWgAY84jgn6Q5kUc9Ejmpo6V199TQxiMZ4absp4SvD5G2MIyicjZknsBBCmhEKatltR/MCdNM5DVlkhyZdWElSW5VoGrlSY5RT78tbi1uH9tdqQSvmpN4nsPILT8yPXrwBVjoeuuXT+m9YHaKgn2WczP9h701x/nfEaFLEMv0kPgYSgC2N3TufGly3muzVQ5xWZIroSgzHa0c2ewwIb96RZV5Ir8ghMIPMQ0Hss39Fd7JIvRtOaRB+hYtXfwNEll8SSyHPZFWS+enhMZ0EPWXCLomRU0hYx7A5fbNE1FLbX1MzZIGfBUgeRGAHAh6EtUG75Mudk329/xfmVwWomQDVLrGLB9/iLyDaop6TzN9n/U0D+hN1ltaLRoFJqGwn68F1qIvYAwciGQvvttxwWEnsE6e166NdJCd90x/3I+lvN7SoNGyIOJBHab5V2keaAAqxw5GLFtyv902Yu22FBAHnN61gJQ1Fw7sVBJIfob1hZOqyw/Fc6rd90t92t6kB2gfDiNdp X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230031)(1800799015)(82310400014)(36860700004)(376005);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 19 Apr 2024 12:59:56.0281 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: b77900af-f0be-4a1c-2e47-08dc60709cb8 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: SN1PEPF00036F3D.namprd05.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: MW4PR12MB7382 As mentioned in the GHCB spec (Section 2.3.1 GHCB MSR protocol), the SEV-SNP guest VM issues 4K page state change requests to the hypervisor to convert KUT's newly allocated private pages to shared pages using GHCB MSR protcol. The purpose of this test is to determine whether the hypervisor changes the page state to shared. Before the conversion test, ensure the state of the pages are in an expected state (i.e., private) by issuing a re-validation on one of the newly allocated page to determine the expected state of the page matches with the page's current state. Report failure if the expected page state is not private. Import GHCB MSR PSC related definitions from upstream linux (arch/x86/include/asm/sev-common.h and arch/x86/include/asm/sev.h) Signed-off-by: Pavan Kumar Paluri --- lib/x86/amd_sev.h | 51 ++++++++++ x86/amd_sev.c | 241 ++++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 292 insertions(+) diff --git a/lib/x86/amd_sev.h b/lib/x86/amd_sev.h index 70f3763fe231..b648fb0e7873 100644 --- a/lib/x86/amd_sev.h +++ b/lib/x86/amd_sev.h @@ -84,6 +84,15 @@ struct ghcb { #define VMGEXIT() { asm volatile("rep; vmmcall\n\r"); } +/* PVALIDATE return codes */ +#define PVALIDATE_FAIL_SIZEMISMATCH 6 + +/* Software defined (when rFlags.CF = 1) */ +#define PVALIDATE_FAIL_NOUPDATE 255 + +/* RMP page size */ +#define RMP_PG_SIZE_4K 0 + enum es_result { ES_OK, /* All good */ ES_UNSUPPORTED, /* Requested operation not supported */ @@ -157,6 +166,36 @@ efi_status_t setup_amd_sev(void); */ #define SEV_ES_GHCB_MSR_INDEX 0xc0010130 +#define GHCB_DATA_LOW 12 +#define GHCB_MSR_INFO_MASK (BIT_ULL(GHCB_DATA_LOW) - 1) +#define GHCB_RESP_CODE(v) ((v) & GHCB_MSR_INFO_MASK) + +/* + * SNP Page State Change Operation + * + * GHCBData[55:52] - Page operation: + * 0x0001 Page assignment, Private + * 0x0002 Page assignment, Shared + */ +enum psc_op { + SNP_PAGE_STATE_PRIVATE = 1, + SNP_PAGE_STATE_SHARED, +}; + +#define GHCB_MSR_PSC_REQ 0x14 +#define GHCB_MSR_PSC_REQ_GFN(gfn, op) \ + /* GHCBData[55:52] */ \ + (((u64)((op) & 0xf) << 52) | \ + /* GHCBData[51:12] */ \ + ((u64)((gfn) & GENMASK_ULL(39, 0)) << 12) | \ + /* GHCBData[11:0] */ \ + GHCB_MSR_PSC_REQ) + +#define GHCB_MSR_PSC_RESP 0x15 +#define GHCB_MSR_PSC_RESP_VAL(val) \ + /* GHCBData[63:32] */ \ + (((u64)(val) & GENMASK_ULL(63, 32)) >> 32) + bool amd_sev_es_enabled(void); efi_status_t setup_vc_handler(void); bool amd_sev_snp_enabled(void); @@ -166,6 +205,18 @@ void handle_sev_es_vc(struct ex_regs *regs); unsigned long long get_amd_sev_c_bit_mask(void); unsigned long long get_amd_sev_addr_upperbound(void); +/* + * Macros to generate condition code outputs from inline assembly, + * The output operand must be type "bool". + */ +#ifdef __GCC_ASM_FLAG_OUTPUTS__ +# define CC_SET(c) "\n\t/* output condition code " #c "*/\n" +# define CC_OUT(c) "=@cc" #c +#else +# define CC_SET(c) "\n\tset" #c " %[_cc_" #c "]\n" +# define CC_OUT(c)[_cc_ ## c] "=qm" +#endif + /* GHCB Accessor functions from Linux's include/asm/svm.h */ #define GHCB_BITMAP_IDX(field) \ (offsetof(struct ghcb_save_area, field) / sizeof(u64)) diff --git a/x86/amd_sev.c b/x86/amd_sev.c index 23f6e3490546..71d1ee1cef91 100644 --- a/x86/amd_sev.c +++ b/x86/amd_sev.c @@ -14,11 +14,14 @@ #include "x86/processor.h" #include "x86/amd_sev.h" #include "msr.h" +#include "x86/vm.h" +#include "alloc_page.h" #define EXIT_SUCCESS 0 #define EXIT_FAILURE 1 #define TESTDEV_IO_PORT 0xe0 +#define SNP_PSC_ALLOC_ORDER 10 static char st1[] = "abcdefghijklmnop"; @@ -94,6 +97,140 @@ static efi_status_t find_cc_blob_efi(void) return EFI_SUCCESS; } +static inline int pvalidate(u64 vaddr, bool rmp_size, + bool validate) +{ + bool rmp_unchanged; + int result; + + asm volatile(".byte 0xF2, 0x0F, 0x01, 0xFF\n\t" + CC_SET(c) + : CC_OUT(c) (rmp_unchanged), "=a" (result) + : "a" (vaddr), "c" (rmp_size), "d" (validate) + : "memory", "cc"); + + if (rmp_unchanged) + return PVALIDATE_FAIL_NOUPDATE; + + return result; +} + +static efi_status_t __sev_set_pages_state_msr_proto(unsigned long vaddr, int npages, + int operation) +{ + unsigned long vaddr_end = vaddr + (npages * PAGE_SIZE); + unsigned long paddr; + int ret; + u64 val; + + /* + * We are re-using GHCB MSR value setup by OVMF, so save and + * restore it after PSCs. + */ + phys_addr_t ghcb_old_msr = rdmsr(SEV_ES_GHCB_MSR_INDEX); + + while (vaddr < vaddr_end) { + /* + * Although identity mapped, compute GPA to use guest + * physical frame number (GFN) while requesting an + * explicit page state change. + */ + paddr = __pa(vaddr); + + if (operation == SNP_PAGE_STATE_SHARED) { + /* Page invalidation happens before changing to shared */ + ret = pvalidate(vaddr, RMP_PG_SIZE_4K, false); + if (ret) { + printf("Failed to invalidate vaddr: 0x%lx, ret: %d\n", + vaddr, ret); + return ES_UNSUPPORTED; + } + } + + wrmsr(SEV_ES_GHCB_MSR_INDEX, + GHCB_MSR_PSC_REQ_GFN(paddr >> PAGE_SHIFT, operation)); + + VMGEXIT(); + + val = rdmsr(SEV_ES_GHCB_MSR_INDEX); + + if (GHCB_RESP_CODE(val) != GHCB_MSR_PSC_RESP) { + printf("Wrong PSC response code: 0x%x\n", + (unsigned int)GHCB_RESP_CODE(val)); + return ES_VMM_ERROR; + } + + if (GHCB_MSR_PSC_RESP_VAL(val)) { + printf("Failed to change page state to %s paddr: 0x%lx error: 0x%llx\n", + operation == SNP_PAGE_STATE_PRIVATE ? "private" + : "shared", + paddr, GHCB_MSR_PSC_RESP_VAL(val)); + return ES_VMM_ERROR; + } + + if (operation == SNP_PAGE_STATE_PRIVATE) { + ret = pvalidate(vaddr, RMP_PG_SIZE_4K, true); + if (ret) { + printf("Failed to validate vaddr: 0x%lx, ret: %d\n", + vaddr, ret); + return ES_UNSUPPORTED; + } + } + + vaddr += PAGE_SIZE; + } + + /* Restore old GHCB MSR - setup by OVMF */ + wrmsr(SEV_ES_GHCB_MSR_INDEX, ghcb_old_msr); + + return ES_OK; +} + +static void set_pte_decrypted(unsigned long vaddr, int npages) +{ + pteval_t *pte; + unsigned long vaddr_end = vaddr + (npages * PAGE_SIZE); + + while (vaddr < vaddr_end) { + pte = get_pte((pgd_t *)read_cr3(), (void *)vaddr); + + if (!pte) + assert_msg(pte, "No pte found for vaddr 0x%lx", vaddr); + + /* unset c-bit */ + *pte &= ~(get_amd_sev_c_bit_mask()); + + vaddr += PAGE_SIZE; + } + + flush_tlb(); +} + +static efi_status_t sev_set_pages_state_msr_proto(unsigned long vaddr, int npages, + int operation) +{ + efi_status_t status; + + vaddr = vaddr & PAGE_MASK; + + /* + * If the encryption bit is to be cleared, change the page state + * in the RMP table. + */ + if (operation == SNP_PAGE_STATE_SHARED) { + status = __sev_set_pages_state_msr_proto(vaddr, npages, + operation); + if (status != ES_OK) { + printf("Page state change (Private->Shared) failure.\n"); + return status; + } + + set_pte_decrypted(vaddr, npages); + } + + return ES_OK; +} + static void test_sev_snp_activation(void) { efi_status_t status; @@ -109,6 +246,51 @@ static void test_sev_snp_activation(void) report(status == EFI_SUCCESS, "SEV-SNP CC-blob presence"); } +/* + * Perform page revalidation to ensure page is in the expected private + * state. We can confirm this test to succeed when the pvalidate fails + * with a return code of PVALIDATE_FAIL_NOUPDATE. + */ +static bool is_validated_private_page(unsigned long vaddr, bool rmp_size, + bool state) +{ + int ret; + + /* Attempt a pvalidate here for the provided page size */ + ret = pvalidate(vaddr, rmp_size, state); + if (ret == PVALIDATE_FAIL_NOUPDATE) + return true; + + /* + * If PVALIDATE_FAIL_SIZEMISMATCH, Entry in the RMP is a 4K + * entry, and what guest is providing is a 2M entry. Therefore, + * fallback to pvalidating 4K entries within 2M range. + */ + if (rmp_size && ret == PVALIDATE_FAIL_SIZEMISMATCH) { + unsigned long vaddr_end = vaddr + LARGE_PAGE_SIZE; + + for (; vaddr < vaddr_end; vaddr += PAGE_SIZE) { + ret = pvalidate(vaddr, RMP_PG_SIZE_4K, state); + if (ret != PVALIDATE_FAIL_NOUPDATE) + return false; + } + } + + return ret == PVALIDATE_FAIL_NOUPDATE ? true : false; +} + +static int test_write(unsigned long vaddr, int npages) +{ + unsigned long vaddr_end = vaddr + (npages << PAGE_SHIFT); + + while (vaddr < vaddr_end) { + memcpy((void *)vaddr, st1, strnlen(st1, PAGE_SIZE)); + vaddr += PAGE_SIZE; + } + + return 0; +} + static void test_stringio(void) { int st1_len = sizeof(st1) - 1; @@ -126,6 +308,60 @@ static void test_stringio(void) report((got & 0xff00) >> 8 == st1[sizeof(st1) - 2], "outsb up"); } +static void test_sev_psc_ghcb_msr(void) +{ + pteval_t *pte; + unsigned long *vaddr; + efi_status_t status; + + vaddr = alloc_pages(SNP_PSC_ALLOC_ORDER); + if (!vaddr) + assert_msg(vaddr, "Page allocation failure at addr: %p", vaddr); + + /* + * Page state changes using GHCB MSR protocol can only happen on + * 4K pages. + */ + force_4k_page(vaddr); + + /* Use this pte to check the C-bit */ + pte = get_pte_level((pgd_t *)read_cr3(), (void *)vaddr, 1); + if (!pte) { + assert_msg(pte, "No pte found for vaddr %p", vaddr); + return; + } + + if (*pte & get_amd_sev_c_bit_mask()) { + /* + * Before performing private->shared test, ensure the + * page is in private and in a validated state. + */ + report(is_validated_private_page((unsigned long)vaddr, + RMP_PG_SIZE_4K, true), + "Expected page state: Private"); + + report_info("Private->Shared conversion test using GHCB MSR"); + + /* Perform Private->Shared page state change */ + status = sev_set_pages_state_msr_proto((unsigned long)vaddr, + 1 << SNP_PSC_ALLOC_ORDER, + SNP_PAGE_STATE_SHARED); + + report(status == ES_OK, "Private->Shared Page State Change"); + + /* + * Access the now-shared page(s) with C-bit cleared and + * ensure read/writes return expected data. + */ + report(!test_write((unsigned long)vaddr, 1 << SNP_PSC_ALLOC_ORDER), + "Write to %d unencrypted pages after private->shared conversion", + 1 << SNP_PSC_ALLOC_ORDER); + } + + /* Cleanup */ + free_pages_by_order(vaddr, SNP_PSC_ALLOC_ORDER); +} + int main(void) { int rtn; @@ -134,5 +370,10 @@ int main(void) test_sev_es_activation(); test_sev_snp_activation(); test_stringio(); + setup_vm(); + + if (amd_sev_snp_enabled()) + test_sev_psc_ghcb_msr(); + return report_summary(); } From patchwork Fri Apr 19 12:57:55 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Paluri, PavanKumar" X-Patchwork-Id: 13636358 Received: from NAM11-BN8-obe.outbound.protection.outlook.com (mail-bn8nam11on2082.outbound.protection.outlook.com [40.107.236.82]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 55A087F46C for ; Fri, 19 Apr 2024 13:00:15 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=fail smtp.client-ip=40.107.236.82 ARC-Seal: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1713531616; cv=fail; b=YE/Fa6jgyWdXplgGKoZmt+3R1y9WAARtxuWSGfMOLmjgG+IDpy8O/00SkhuHHuC+N4cdsyRZpE82EjYNXattTI5So8pp+FPNVCwkG71irm/wv83bJ9Q+47Md5GzaVaFhFV9qgr80JYioMYAdyY3LEhwWxJKcTppyVizr4/mB/M0= ARC-Message-Signature: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1713531616; c=relaxed/simple; bh=e3BoDNfcZKC4nkb1J/PGqqklcMilNM0SbpqgfMqA9j0=; h=From:To:CC:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=VtdUTWwgDqt7EX7LEyAJTUT9b2YwOElNzaB1tYpIIYSSlzIe4+tGNSFJHN0G9UHfbg9NawOZK4tpCsecMz0RjJRx5hi4qvqA8ELikzejTt9vowRfird3mG0kBT7N+XGi94SOtA+Epr641e4I/9O6imMFJ9wl0ZlmA3qCvSOSZ5I= ARC-Authentication-Results: i=2; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com; spf=fail smtp.mailfrom=amd.com; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b=Fa9Lmh8r; arc=fail smtp.client-ip=40.107.236.82 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com Authentication-Results: smtp.subspace.kernel.org; spf=fail smtp.mailfrom=amd.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b="Fa9Lmh8r" ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=E1ZoBGb/CGPC7w7ScMNxJEIYCKIfKQpAyUMz4OpBJ8OO8UK2XMFh01catpt9+A6dg4adiuzae/XUPBF+0UHs7mBitGMf8QAcXIFAC7yXsgOLFD1jvqaD1carGxGoUmkFPmx2305ZuoRkqOSkjY43seQbJJ2z5bSJ7aVoWhjfN0o87IkzyZJJS1cNrwgX9cbIXqVxMOetlNInD+bAk6RlWuWAwE/IdW/NRVJhe3xgbnf628lYDTVdvs3QK+N6xTzG03h3cGGsWwu7qKw60YYZe1OEQFuektCc3kghKAJg833pTmM4zQjNS0HwrL7Q8jO5vkpYCbtffWJlbItCaEiskw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=6NI4Ikc+Zpyy/Hxr76vLunfzfzuVVYuKCsGYrVazelU=; b=UwbcG6pBNEArv1PycuXGmC95SLR9P2sCwdXHbagZ1Ang72AijUrNqer4wD64ImYB6qmqDK0XDsUzfI+hzZqn5vLTxyfoTN1ZbDHaGSiZqAAMXt+71Jq48TRp+l8+7xPGcNth5zY8vxkpxrUQsY9Ea95v4DM6o50Tbxj2dgJd5SFMjuuM/+AvU67pWJrUtVoyBXi/KvsmJXKFIlKagzlLjX3389yaH1/T0wxT98MfEaNOV9f0OXEoB0b4mfsnY+OBgnINmoFOyJEzDJV//lIlC5XY8T8FBl6WwOXy3ScQJv2UfxRvJSoKISLkg9harooKmU7x+R78YOhh+mt37kQR6A== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none (0) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=6NI4Ikc+Zpyy/Hxr76vLunfzfzuVVYuKCsGYrVazelU=; b=Fa9Lmh8rPZpvM35z1kuohi309pKladAAqWzbfpEzyOIz8IOl/BV2H6hbIi2gLR0q4w6MekVhG9efdE0uO0918frdGMrSSrxOKx8t5K1WHzoqPCA6pAKk5qpYgw1S/KLs6gJZJoPlpFjzv31HMbPm2Rbdy9IHSsQ/r+3QekowRS0= Received: from SA9PR13CA0086.namprd13.prod.outlook.com (2603:10b6:806:23::31) by IA0PR12MB8325.namprd12.prod.outlook.com (2603:10b6:208:407::11) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7472.37; Fri, 19 Apr 2024 13:00:12 +0000 Received: from SN1PEPF00036F3F.namprd05.prod.outlook.com (2603:10b6:806:23:cafe::6a) by SA9PR13CA0086.outlook.office365.com (2603:10b6:806:23::31) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7495.30 via Frontend Transport; Fri, 19 Apr 2024 13:00:11 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by SN1PEPF00036F3F.mail.protection.outlook.com (10.167.248.23) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.7452.22 via Frontend Transport; Fri, 19 Apr 2024 13:00:11 +0000 Received: from ethanolx16dchost.amd.com (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.35; Fri, 19 Apr 2024 08:00:10 -0500 From: Pavan Kumar Paluri To: CC: Paolo Bonzini , Sean Christophersen , Michael Roth , Tom Lendacky , Pavan Kumar Paluri , "Kim Phillips" , Vasant Karasulli Subject: [kvm-unit-tests RFC PATCH 09/13] x86 AMD SEV-SNP: Test Shared->Private Page State Changes using GHCB MSR Date: Fri, 19 Apr 2024 07:57:55 -0500 Message-ID: <20240419125759.242870-10-papaluri@amd.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20240419125759.242870-1-papaluri@amd.com> References: <20240419125759.242870-1-papaluri@amd.com> Precedence: bulk X-Mailing-List: kvm@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: SN1PEPF00036F3F:EE_|IA0PR12MB8325:EE_ X-MS-Office365-Filtering-Correlation-Id: a5ef1902-0bc0-484a-44fc-08dc6070a61f X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: QJXaxwzKpRspbis1pzGZf21rngqcPlANzf6E0xIrbOq6bBH7ujPT0sJRXnc6eM1oRHBKFMnIKCoYtOs1ZtgqDpx90QYQW0KoNGWSbC0X/YpXX4vxTXToj7uxrY9V44eWgFrTuEsE9xm/HJ6rtXbRI7qW17mosWCmS1jT188yQ+4t1I80EqTZ8Oem1XQBgPDZR6F6VrKbtekLDNUP5xlhVp+jRbhQKrfaUD8LhIaA5OjioMPwCvGkVkD8SwV1/m8iaCVxO+qM0BIPI9KLxlL2EP3e0CSQL72E059T+2i3t1XigXykKi6I87Ve03+NPXhmkcVLABiX8abQjT2d53+3/H2VX7yRN5LePL8fNSa7FBWqC+5/syTO5B6FR+S9QqAro6p44VRIS9a8GEl8WAnAoosswvtSJ7L0xdGr4MIZGjyxviZb0m2mvCuGKkIg6rdQzPO3JR1KP0/ruaOqo5giAKfwno9rBHQtU+wbIB1bWqk3IlEPmX8ZN0NJUTWMkMUy4rAFNYjiBgahWb4SInax3HRfyCDzPSoMfy6e11IcjaPM3GH11K3y1+9xid9TQyJ2RanMFk3LOOqBlPFGMNks4RPr6GVQp7TOghSbPB+qJ7e9ekzmmEQPurH/WRbcO2ASR2GRc5cWr3lBBaeCKpgK4QoxaoT9Bor0zQjAl/lH6QZ/AfeCxvhA7vH4tcZoWcaNRMqAeUUsuCywTdLoMdmgGj5U0G1Ha+Kj36gGHJK8b62A+dZmSBQWV+OLH5t6iJrqT5Ct4ULB9U+Qp2N/XOVL05fRoIyuCDfrZ/98FnfRSyy2B3q+9pgYdOo6w7c14ffChFenAbgGDi7hxhgPk4rs6W0Ol+mHsKtDDD1+PNsm8hv8sCEAF0DWkJYEe2fW84tv3DET7aLpMi8f5NF28f9TQjxmdUKNkyECrj87J1xWCQledMgLx0Ni9ZUHICAeJAIlHfUOOATHIVj7Il2hw/qFZuyHBskHero98i4O32voMg0VkAejzABF9ozaET8WINm+5irdBbxkSbH3JcvCi+4Lm3K+ns7JeHST4+aT6pOS+40JEYr7Hk7j3O2FhMT76HFMY6FMryVSu+orafCKDMxm833Xpf6UOLc1RpT8pB7Gsm+G+ADVdiSmwhuZQ387m7bUa5BmZJ76lAvdLSK6EyaBlMcbFRDTCp4kHeBqQx8/85uz7ONnBZM8mxc1oAH0E5gskTD9yNaZ7HIPOHD/VmO0k+Q+8ui8tFDfYtCot1U4F774/tOMPH5DcwdqVe7r9GD06QlJWYGUl/RbRchEl0xiGtuxgROttuXohtvWSQ3Sdar4Ws7WxHPs0MQalq79veWpnfJGJAvMkuIMrNJ5nLLlqeyOUUxsKkHjFYRGeZ/ZMM8= X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230031)(36860700004)(376005)(82310400014)(1800799015);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 19 Apr 2024 13:00:11.8032 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: a5ef1902-0bc0-484a-44fc-08dc6070a61f X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: SN1PEPF00036F3F.namprd05.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: IA0PR12MB8325 The SEV-SNP guest VM issues page state change requests to hypervisor to convert hypervisor-owned 4K shared pages back to private (guest-owned) using GHCB MSR protocol. Guest then issues a 'pvalidate' instruction to validate the pages after the conversions. The purpose of this test is to determine whether the hypervisor changes the page state to shared. After the conversion test, issue a re-validation ('pvalidate' with validated bit set) on one of the converted 4K pages to ensure the page state is actually private. It is important to note that the re-validation test cannot be performed on a shared page ('pvalidate' with validated bit unset) as pvalidate instruction will raise an undefined #PF exception as the page's C-bit will be 0 during the guest page table walk, as mentioned in APM Vol-3, PVALIDATE. Therefore, perform writes to the shared pages (with C-bit unset) to ensure state of the pages are shared. Signed-off-by: Pavan Kumar Paluri --- x86/amd_sev.c | 49 +++++++++++++++++++++++++++++++++++++++++++++++-- 1 file changed, 47 insertions(+), 2 deletions(-) diff --git a/x86/amd_sev.c b/x86/amd_sev.c index 71d1ee1cef91..31d15b49fc7a 100644 --- a/x86/amd_sev.c +++ b/x86/amd_sev.c @@ -206,8 +206,28 @@ static void set_pte_decrypted(unsigned long vaddr, int npages) flush_tlb(); } -static efi_status_t sev_set_pages_state_msr_proto(unsigned long vaddr, int npages, - int operation) +static void set_pte_encrypted(unsigned long vaddr, int npages) +{ + pteval_t *pte; + unsigned long vaddr_end = vaddr + (npages * PAGE_SIZE); + + while (vaddr < vaddr_end) { + pte = get_pte((pgd_t *)read_cr3(), (void *)vaddr); + + if (!pte) + assert_msg(pte, "No pte found for vaddr 0x%lx", vaddr); + + /* Set C-bit */ + *pte |= get_amd_sev_c_bit_mask(); + + vaddr += PAGE_SIZE; + } + + flush_tlb(); +} + +static efi_status_t sev_set_pages_state_msr_proto(unsigned long vaddr, + int npages, int operation) { efi_status_t status; @@ -226,6 +246,16 @@ static efi_status_t sev_set_pages_state_msr_proto(unsigned long vaddr, int npage } set_pte_decrypted(vaddr, npages); + + } else { + set_pte_encrypted(vaddr, npages); + + status = __sev_set_pages_state_msr_proto(vaddr, npages, + operation); + if (status != ES_OK) { + printf("Page state change (Shared->Private failure.\n"); + return status; + } } return ES_OK; @@ -358,6 +388,21 @@ static void test_sev_psc_ghcb_msr(void) 1 << SNP_PSC_ALLOC_ORDER); } + report_info("Shared->Private conversion test using GHCB MSR"); + status = sev_set_pages_state_msr_proto((unsigned long)vaddr, + 1 << SNP_PSC_ALLOC_ORDER, + SNP_PAGE_STATE_PRIVATE); + + report(status == ES_OK, "Shared->Private Page State Change"); + + /* + * After performing shared->private test, ensure the page is in + * private state by issuing a pvalidate on a 4K page. + */ + report(is_validated_private_page((unsigned long)vaddr, + RMP_PG_SIZE_4K, true), + "Expected page state: Private"); + /* Cleanup */ free_pages_by_order(vaddr, SNP_PSC_ALLOC_ORDER); } From patchwork Fri Apr 19 12:57:56 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Paluri, PavanKumar" X-Patchwork-Id: 13636359 Received: from NAM04-BN8-obe.outbound.protection.outlook.com (mail-bn8nam04on2080.outbound.protection.outlook.com [40.107.100.80]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 5EF084D137 for ; Fri, 19 Apr 2024 13:00:33 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=fail smtp.client-ip=40.107.100.80 ARC-Seal: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1713531635; cv=fail; b=CkR/Yrxr1NCDNWN1Ni+ds7BSrQxTCSBFXAPmmnmaJ24zdcS7RlAikOBlUec1mCyVeZHzWHac3eDH8mkHKF49xGgmb5UE4SiIJ08RGiIvA5PbPRwt3yrb2sUUZWx99n27yt04aFNLqTPfjKaBxN54iUf3wjIjP8v7q+zTPpdZp2o= ARC-Message-Signature: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1713531635; c=relaxed/simple; bh=gCVtws/J1e1xkiqygtjlqfH65oz0PbFIIhhyuPinXYo=; h=From:To:CC:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=tLTX7Ovaya2E0X0eVoIb7f15PUkMEGmVrr2ddKa6fDk4q5pTGZJj7saO7hpva7cTURy1EBi03D4JigAmzEx55ApxlhbeheAi/FGAjiAJBMnD7xUyjatN2L3bg6Pn3SdJmEN18329h+VMv7C2W1G7CwVe+rC3c5ehQOqPY8+a9sU= ARC-Authentication-Results: i=2; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com; spf=fail smtp.mailfrom=amd.com; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b=LTVqB+Bi; arc=fail smtp.client-ip=40.107.100.80 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com Authentication-Results: smtp.subspace.kernel.org; spf=fail smtp.mailfrom=amd.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b="LTVqB+Bi" ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=Iem35ThBzA+PYfSDfikUhV6HytbZuSZHqoCa7wHz13COr+JSB4BTunkAZts9o+459b8nnNeDweeDCipaccQRQbwQBFKAxTabOo/UgFeC9chFdABNJoVuQSl5TStVnaeTgsL3+4AEIL8sIMY0J4pizkf8UunzPq+kR1col5bjPGQzxc1MzS6WOBlUH3o6m6HSvBYpo5u39y63pms4+OVxmRHqI4uurwH1nkPIkB444wQvqKM/oA8c4JXOr+9LX6sJnjwj6jaEqPMSHDO42K5XN2sV1EqR/oKmFhq+HFdjYmS5gAumdTWwLWwjAfxyQHDOkRbH/fIXrFHP/KSu8KYVWg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=BFAzf2wWvgUrwlF4rNj5uIM3ZLP7SXl1uKULfaWv6oo=; b=TxwfvVxyAyF7CGoDeD8LpCm/DdE0qDy8pQM82RHxo/mdLRF7VKRyuuGUmySPbiIoUDV1o5RXX8DYpzUXzQZkPzILuwpjftu+T1NBU3569FhDOGoV6BvAYDEseizIUn49YW6LkJmlrPoQKd090yZw9ip/q62v1FB2uYMQn4Ah5k4NwG3nmEswFlfKo7lnIBO/MZiJqVfnfIQo2UHfZYRbYTD5VqZrTAnvEbgWcmvyjlDBTUTyOH855qCJLNzyxHV8Wbjh6hahobwx+dGb7r+ZzWWiZwywtNciWKqm0/WGMP5lcqtJAC3yhvUudjrA4KODtDcQtMOUVkuHtuK3WrkW6A== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none (0) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=BFAzf2wWvgUrwlF4rNj5uIM3ZLP7SXl1uKULfaWv6oo=; b=LTVqB+Bil8pnbMtNaoh3DkVRLIcryDLP28k92j2IDbdyUsSlDUQU5EWEAgbXFn054rXt7htE1JZnMZXdpx+DOKJMWDBiJAB0gA6aZ/rz6mV3x/J1BhaKR77Tdo5Mflqtk1JX6WGB7mHB/btGup1x1Cx4N0CE38i+nHfnbGObZ3k= Received: from PH0PR07CA0018.namprd07.prod.outlook.com (2603:10b6:510:5::23) by MN2PR12MB4440.namprd12.prod.outlook.com (2603:10b6:208:26e::14) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7472.42; Fri, 19 Apr 2024 13:00:30 +0000 Received: from SN1PEPF00036F3C.namprd05.prod.outlook.com (2603:10b6:510:5:cafe::c8) by PH0PR07CA0018.outlook.office365.com (2603:10b6:510:5::23) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7495.30 via Frontend Transport; Fri, 19 Apr 2024 13:00:29 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by SN1PEPF00036F3C.mail.protection.outlook.com (10.167.248.20) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.7452.22 via Frontend Transport; Fri, 19 Apr 2024 13:00:29 +0000 Received: from ethanolx16dchost.amd.com (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.35; Fri, 19 Apr 2024 08:00:26 -0500 From: Pavan Kumar Paluri To: CC: Paolo Bonzini , Sean Christophersen , Michael Roth , Tom Lendacky , Pavan Kumar Paluri , "Kim Phillips" , Vasant Karasulli Subject: [kvm-unit-tests RFC PATCH 10/13] x86 AMD SEV-SNP: Change guest pages from Private->Shared using GHCB NAE Date: Fri, 19 Apr 2024 07:57:56 -0500 Message-ID: <20240419125759.242870-11-papaluri@amd.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20240419125759.242870-1-papaluri@amd.com> References: <20240419125759.242870-1-papaluri@amd.com> Precedence: bulk X-Mailing-List: kvm@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: SN1PEPF00036F3C:EE_|MN2PR12MB4440:EE_ X-MS-Office365-Filtering-Correlation-Id: 9c4e82ea-2c5b-4e60-8bc1-08dc6070b090 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: NIUevlf+lCKmbZWIY6zYhOlquf4EBFUvLtiUPJsVJ4LQ/10kMD33A+DQ8RpOFIgyool7vttmCX3Sw3aAbP3ajQRxOGhpMHzwFCx72KQ2zOtgfQC0/tVIQng3NYrsPBWF1a2f4UqFy6n07Gr3n6PPFqOT+7Txjv7YAmerxXku84aUhq86vIAyhUZOq1EjXKuA3N6mEvo2Sd53W2whAAgCRXVawv7KQu4/QL6IYJqItSsySU98EyyPyD/FMrcU+8Ovofa/SynbexYuvhtjh4+Wy/Bukofmu3roEcvhOS11qygP44EN0V/6tIMfG+/8+KQ3IOmMvyQABfLoSBaotrOUa+RO+01xYiBHt8PxG8eRVQ7/YTEaDTG6/pD605E9TeV6aHm5ClWBhvSoMxxFf5cnGUY60MGCu5ougapElIT3nJXUdrCj1+8dPRH9+nPXd1XOgF1wvshej+LqbxHLAkzvmm+wunMxq8UmgbOPYUriQlCs7FaLbscQ+kRmny3FTJPRX1hb+zhGe2uWJxDwdeR7mBoRDyRBxYlKRkXAHAeTJ2S+fXOo9MfreXATlXkTGehEUVfspVYFOAlcp13eIwGWFBJtjef/Tx3IF/uzrJHvgpbWptsqBHwJedJT5bdrK3h21gtqZWk9/f0cFWCI0Fm2a/jdXV4LzccH/kVG6SV+3e6eap++FOiojzARlhzVr1zZi9Z49SFowKVztkWSov7+L9o8gp7Y7l3vTcxVir9/DBp9CV57+mTRtZX2qJVlCklAQ+4cy3MWQMgk7O5eQXh32GsviRKHzHz5i6qKOKAjazKFZ9w09y2xPG9jOJICQWeJCaadhTrXGO0JXa8WJIm9g7ZpLkmbtelbrFBocr8JCTnwENVNUUDJ7OXe59zJCpgSoD1Jjs0m4pbGRNinzSpeW1tDc9ixk+xAA+9wqtXeCE86JWIrmsRMZrA6k8pYNKnGJxeu+UtnnJ6aizCFPEZRZOcL38rA2tQcfChOJB/MMoY0cqft6G1RbNNr1yU+WUknbjvGUCsAxUX6yZJePbT7DrIA4BhjRjhmX7rrv0gjeStkh+tFmzihwnCk/l1/Ef6MB7KlxjgbC9ANgRlKONKag1+4yWiE9bj2eODIYBBzz8l1DS4isxMHLHkkKpmdtzo+x2hlVwEWcDFdNLhlk+5yc8uw/Pg99ddujxPLLbYRbU1GejYMo72JKd2NWXweVJKtaA5314RUl7nCb2/BbEsrn8JOZ+colK31T6KyJ25cIyyRnMCm3NLdhlczZo/86YKQFENTSEmxVjuy0wUAwDyw51nI/zDrpWo/Wx8tHRxw6QL2jugPrOi6K35e35rxy7vJ8rZaMKq4CzSOwht5aSTHIQWf8hG6GnWEAApuqIgpEknFZaaNkbuVPoblLqUeRWuO X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230031)(1800799015)(36860700004)(376005)(82310400014);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 19 Apr 2024 13:00:29.2134 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 9c4e82ea-2c5b-4e60-8bc1-08dc6070b090 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: SN1PEPF00036F3C.namprd05.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: MN2PR12MB4440 As mentioned in the GHCB spec (Section 4 GHCB Protocol, Table-5 SNP Page state change), perform page state change conversions on a user inputted number of pages from private to hypervisor-owned. The page state change NAE event allows for SEV-SNP guest to request page state changes to hypervisor using GHCB protocol. The test introduces support for both 4K pages as well as 2M large pages, depending on the order specified and whether the address of the page is 2M aligned or not. If 2M range is backed by a 4K page, 'pvalidate' fails with FAIL_SIZE_MISMATCH error. In such a case, the guest tries to pvalidate all the 4K entries in this 2M range. Conduct a test to re-validate the private page before conversion to ensure PVALIDATE_FAIL_NOUPDATE is met, indicating that expected page state is met. Then, perform the page state conversions, unset the C-bits on these pages, and write data to the un-encrypted pages after private->shared conversions to confirm we can write data to the shared guest pages post page state conversions with C-bits unset appropriately. Signed-off-by: Pavan Kumar Paluri --- lib/x86/amd_sev.h | 22 +++++ lib/x86/amd_sev_vc.c | 2 +- lib/x86/svm.h | 1 + x86/amd_sev.c | 216 ++++++++++++++++++++++++++++++++++++++++++- 4 files changed, 239 insertions(+), 2 deletions(-) diff --git a/lib/x86/amd_sev.h b/lib/x86/amd_sev.h index b648fb0e7873..a596f8d334ba 100644 --- a/lib/x86/amd_sev.h +++ b/lib/x86/amd_sev.h @@ -92,6 +92,7 @@ struct ghcb { /* RMP page size */ #define RMP_PG_SIZE_4K 0 +#define RMP_PG_SIZE_2M 1 enum es_result { ES_OK, /* All good */ @@ -165,6 +166,7 @@ efi_status_t setup_amd_sev(void); * - Section "GHCB" */ #define SEV_ES_GHCB_MSR_INDEX 0xc0010130 +#define VMGEXIT_PSC_MAX_ENTRY 253 #define GHCB_DATA_LOW 12 #define GHCB_MSR_INFO_MASK (BIT_ULL(GHCB_DATA_LOW) - 1) @@ -196,11 +198,31 @@ enum psc_op { /* GHCBData[63:32] */ \ (((u64)(val) & GENMASK_ULL(63, 32)) >> 32) +struct psc_hdr { + u16 cur_entry; + u16 end_entry; + u32 reserved; +}; + +struct psc_entry { + u64 cur_page : 12; + u64 gfn : 40; + u64 operation : 4; + u64 pagesize : 1; + u64 reserved : 7; +}; + +struct snp_psc_desc { + struct psc_hdr hdr; + struct psc_entry entries[VMGEXIT_PSC_MAX_ENTRY]; +}; + bool amd_sev_es_enabled(void); efi_status_t setup_vc_handler(void); bool amd_sev_snp_enabled(void); void setup_ghcb_pte(pgd_t *page_table); void handle_sev_es_vc(struct ex_regs *regs); +void vc_ghcb_invalidate(struct ghcb *ghcb); unsigned long long get_amd_sev_c_bit_mask(void); unsigned long long get_amd_sev_addr_upperbound(void); diff --git a/lib/x86/amd_sev_vc.c b/lib/x86/amd_sev_vc.c index aca549b369b1..03286146fb13 100644 --- a/lib/x86/amd_sev_vc.c +++ b/lib/x86/amd_sev_vc.c @@ -12,7 +12,7 @@ extern phys_addr_t ghcb_addr; -static void vc_ghcb_invalidate(struct ghcb *ghcb) +void vc_ghcb_invalidate(struct ghcb *ghcb) { ghcb->save.sw_exit_code = 0; memset(ghcb->save.valid_bitmap, 0, sizeof(ghcb->save.valid_bitmap)); diff --git a/lib/x86/svm.h b/lib/x86/svm.h index 36fbf4559643..582420cc2836 100644 --- a/lib/x86/svm.h +++ b/lib/x86/svm.h @@ -362,6 +362,7 @@ struct __attribute__ ((__packed__)) vmcb { #define SVM_EXIT_NPF 0x400 #define SVM_EXIT_ERR -1 +#define SVM_VMGEXIT_PSC 0x80000010 #define SVM_CR0_SELECTIVE_MASK (X86_CR0_TS | X86_CR0_MP) diff --git a/x86/amd_sev.c b/x86/amd_sev.c index 31d15b49fc7a..1723a235166b 100644 --- a/x86/amd_sev.c +++ b/x86/amd_sev.c @@ -115,6 +115,121 @@ static inline int pvalidate(u64 vaddr, bool rmp_size, return result; } +static void pvalidate_pages(struct snp_psc_desc *desc) +{ + struct psc_entry *entry; + unsigned long vaddr; + int pvalidate_result, i; + bool validate; + + for (i = 0; i <= desc->hdr.end_entry; i++) { + entry = &desc->entries[i]; + + vaddr = (unsigned long)__pa(entry->gfn << PAGE_SHIFT); + validate = entry->operation == SNP_PAGE_STATE_PRIVATE; + + pvalidate_result = pvalidate(vaddr, entry->pagesize, validate); + if (pvalidate_result == PVALIDATE_FAIL_SIZEMISMATCH && + entry->pagesize == RMP_PG_SIZE_2M) { + unsigned long vaddr_end = vaddr + LARGE_PAGE_SIZE; + + for (; vaddr < vaddr_end; vaddr += PAGE_SIZE) { + pvalidate_result = pvalidate(vaddr, RMP_PG_SIZE_4K, + validate); + if (pvalidate_result) + break; + } + } + + if (pvalidate_result) { + assert_msg(!pvalidate_result, "Failed to validate address: 0x%lx, ret: %d\n", + vaddr, pvalidate_result); + } + } +} + +static int verify_exception(struct ghcb *ghcb) +{ + return ghcb->save.sw_exit_info_1 & GENMASK_ULL(31, 0); +} + +static inline int sev_ghcb_hv_call(struct ghcb *ghcb, u64 exit_code, + u64 exit_info_1, u64 exit_info_2) +{ + ghcb->version = GHCB_PROTOCOL_MAX; + ghcb->ghcb_usage = GHCB_DEFAULT_USAGE; + + ghcb_set_sw_exit_code(ghcb, exit_code); + ghcb_set_sw_exit_info_1(ghcb, exit_info_1); + ghcb_set_sw_exit_info_2(ghcb, exit_info_2); + + VMGEXIT(); + + return verify_exception(ghcb); +} + +static int vmgexit_psc(struct snp_psc_desc *desc, struct ghcb *ghcb) +{ + int cur_entry, end_entry, ret = 0; + struct snp_psc_desc *data; + + /* + * If ever sizeof(*desc) becomes larger than GHCB_SHARED_BUF_SIZE, + * adjust the end_entry here to point to the last entry that will + * be copied to GHCB shared buffer in vmgexit_psc(). + */ + if (sizeof(*desc) > GHCB_SHARED_BUF_SIZE) + desc->hdr.end_entry = VMGEXIT_PSC_MAX_ENTRY - 1; + + vc_ghcb_invalidate(ghcb); + + /* Copy the input desc into GHCB shared buffer */ + data = (struct snp_psc_desc *)ghcb->shared_buffer; + memcpy(ghcb->shared_buffer, desc, GHCB_SHARED_BUF_SIZE); + + cur_entry = data->hdr.cur_entry; + end_entry = data->hdr.end_entry; + + while (data->hdr.cur_entry <= data->hdr.end_entry) { + ghcb_set_sw_scratch(ghcb, (u64)__pa(data)); + + ret = sev_ghcb_hv_call(ghcb, SVM_VMGEXIT_PSC, 0, 0); + + /* + * Page state change VMGEXIT passes error code to + * exit_info_2. + */ + if (ret || ghcb->save.sw_exit_info_2) { + printf("SNP: PSC failed ret=%d exit_info_2=%lx\n", + ret, ghcb->save.sw_exit_info_2); + ret = 1; + break; + } + + if (cur_entry > data->hdr.cur_entry) { + printf("SNP: PSC processing going backward, cur_entry %d (got %d)\n", + cur_entry, data->hdr.cur_entry); + ret = 1; + break; + } + + if (data->hdr.end_entry != end_entry) { + printf("End entry mismatch: end_entry %d (got %d)\n", + end_entry, data->hdr.end_entry); + ret = 1; + break; + } + + if (data->hdr.reserved) { + printf("Reserved bit is set in the PSC header\n"); + ret = 1; + break; + } + } + + return ret; +} + static efi_status_t __sev_set_pages_state_msr_proto(unsigned long vaddr, int npages, int operation) { @@ -261,6 +376,66 @@ static efi_status_t sev_set_pages_state_msr_proto(unsigned long vaddr, return ES_OK; } +static unsigned long __sev_set_pages_state(struct snp_psc_desc *desc, + unsigned long vaddr, unsigned long vaddr_end, + int op, struct ghcb *ghcb, bool large_entry) +{ + struct psc_hdr *hdr; + struct psc_entry *entry; + unsigned long pfn; + int iter, ret; + + hdr = &desc->hdr; + entry = desc->entries; + + memset(desc, 0, sizeof(*desc)); + iter = 0; + + while (vaddr < vaddr_end && iter < ARRAY_SIZE(desc->entries)) { + hdr->end_entry = iter; + pfn = __pa(vaddr) >> PAGE_SHIFT; + entry->gfn = pfn; + entry->operation = op; + + if (large_entry && IS_ALIGNED(vaddr, LARGE_PAGE_SIZE) && + (vaddr_end - vaddr) >= LARGE_PAGE_SIZE) { + entry->pagesize = RMP_PG_SIZE_2M; + vaddr += LARGE_PAGE_SIZE; + } else { + entry->pagesize = RMP_PG_SIZE_4K; + vaddr += PAGE_SIZE; + } + + entry++; + iter++; + } + + if (op == SNP_PAGE_STATE_SHARED) + pvalidate_pages(desc); + + ret = vmgexit_psc(desc, ghcb); + assert_msg(!ret, "VMGEXIT failed with return value: %d", ret); + + if (op == SNP_PAGE_STATE_PRIVATE) + pvalidate_pages(desc); + + return vaddr; +} + +static void sev_set_pages_state(unsigned long vaddr, unsigned long npages, + int op, struct ghcb *ghcb, bool large_entry) +{ + struct snp_psc_desc desc; + unsigned long vaddr_end; + + vaddr = vaddr & PAGE_MASK; + vaddr_end = vaddr + (npages << PAGE_SHIFT); + + while (vaddr < vaddr_end) + vaddr = __sev_set_pages_state(&desc, vaddr, vaddr_end, op, + ghcb, large_entry); +} + static void test_sev_snp_activation(void) { efi_status_t status; @@ -407,6 +582,43 @@ static void test_sev_psc_ghcb_msr(void) free_pages_by_order(vaddr, SNP_PSC_ALLOC_ORDER); } +static void test_sev_psc_ghcb_nae(void) +{ + pteval_t *pte; + bool large_page = false; + unsigned long *vm_pages; + struct ghcb *ghcb = (struct ghcb *)(rdmsr(SEV_ES_GHCB_MSR_INDEX)); + + vm_pages = alloc_pages(SNP_PSC_ALLOC_ORDER); + assert_msg(vm_pages, "Page allocation failure"); + + pte = get_pte_level((pgd_t *)read_cr3(), (void *)vm_pages, 1); + if (!pte && IS_ALIGNED((unsigned long)vm_pages, LARGE_PAGE_SIZE)) { + report_info("Installing a large 2M page"); + /* Install 2M large page */ + install_large_page((pgd_t *)read_cr3(), + (phys_addr_t)vm_pages, (void *)(ulong)vm_pages); + large_page = true; + } + + report(is_validated_private_page((unsigned long)vm_pages, large_page, true), + "Expected page state: Private"); + + report_info("Private->Shared conversion test using GHCB NAE"); + /* Private->Shared operations */ + sev_set_pages_state((unsigned long)vm_pages, 1 << SNP_PSC_ALLOC_ORDER, + SNP_PAGE_STATE_SHARED, ghcb, large_page); + + set_pte_decrypted((unsigned long)vm_pages, 1 << SNP_PSC_ALLOC_ORDER); + + report(!test_write((unsigned long)vm_pages, 1 << SNP_PSC_ALLOC_ORDER), + "Write to %d un-encrypted pages after private->shared conversion", + 1 << SNP_PSC_ALLOC_ORDER); + + /* Cleanup */ + free_pages_by_order(vm_pages, SNP_PSC_ALLOC_ORDER); +} + int main(void) { int rtn; @@ -417,8 +629,10 @@ int main(void) test_stringio(); setup_vm(); - if (amd_sev_snp_enabled()) + if (amd_sev_snp_enabled()) { test_sev_psc_ghcb_msr(); + test_sev_psc_ghcb_nae(); + } return report_summary(); } From patchwork Fri Apr 19 12:57:57 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Paluri, PavanKumar" X-Patchwork-Id: 13636360 Received: from NAM02-DM3-obe.outbound.protection.outlook.com (mail-dm3nam02on2076.outbound.protection.outlook.com [40.107.95.76]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 70EAC127B72 for ; Fri, 19 Apr 2024 13:00:51 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=fail smtp.client-ip=40.107.95.76 ARC-Seal: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1713531652; cv=fail; b=R2f8HuTXrDjOLzg/HTO40iQjB9U7RcKLIJGQZ3fREda2DHWBt8FHWEY95WAdSVjlOhorwO4oOIm0+9ytld6bhVlCp2ftzaFndZb+RTNFFXp7ECXmDwUV2NAs68RGy75b8SZcP3RHshAl/Iy35RyQH6pJjt2Yz/pPeujP/wPI/HU= ARC-Message-Signature: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1713531652; c=relaxed/simple; bh=qTPaq2w6tJHgF5F2P5b4etvf+15cQ+IRBt4IEfNs7Ng=; h=From:To:CC:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=K+ff/9XS3IQz1JADgr5c7Y6ezvSO0Ncuu4KYTif03VF1v++Lmfn6mPRGt7YvaOdVf9HEBFaK8MvirUPu1avN1SN11fqV17icgWjqwMqQvYyCXA2/6JJCXOXEbyPVMMDxRZn6Dq8gMBssVy1BvkxI0rdtLYH5MWI3QN+/iIAzObs= ARC-Authentication-Results: i=2; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com; spf=fail smtp.mailfrom=amd.com; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b=2QNlKqBX; arc=fail smtp.client-ip=40.107.95.76 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com Authentication-Results: smtp.subspace.kernel.org; spf=fail smtp.mailfrom=amd.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b="2QNlKqBX" ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=mZUe3Z+ZzHqojJLToSdOS595L0fRf568gp8Wul3gVKeuTdUab0Qe38dT4UXFa/qRd+C9MP9hn8W8EKoV5i5PBdmtNFR1Ts8Ok0F5m3QRKGcgVHamH/+180r9Yapkr3Kv6D7VHRniyHa9XlA9nlLos+nv93FARRCUun3zfpde3hgLvh2Am2b1kko/mZcF7TNnJkVePTPOJKSy/5wTV6ZDxIzfZc74rIkJIq5qj1gKItoEbyj1Tl3d57ZfePj2TjHaF/81Jh4+/ZzrU5hdnpdVZMnZcxZo0PmLp7VpaQvkKuEU40tcthNXGMHF/tuzPHWevywXPeM+h7HzSZbNbGme6g== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=3Rx6KwqiPujosWWeYieqOjSjnN1S58d9zEmWxddj2to=; b=UPD7UA+KbQGnTfAdjJXeoo5WOKqh5g5ug7Zc2cJAhb8FnQA2DIyXOwr6ptfh4+uPdrrEgiTTcnYE9+id9zbkhqMX4TvJKEAyANwx4ce4VZcHoUhA+UnjDSke/pc7DA5MzKDKz8MLmPCo+oA8uY5nEsWGEuMkIrlESYgKMy54b1JVJo4HszyuFQZ3EvWBRRR6Va35HW2YXxsfvjXUpXX8WWcfdoz7lj3T3S9wChLCfo6QMLK5NjkV4rCtAEN5GfYY9IpOrKy/grxKX03vT8Drhnrsd+hYz+SBrXm5cBbvI65EBZiXoSWF0loQEa19lWYOEAWB1CC1d1HZS13+fVDa+g== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none (0) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=3Rx6KwqiPujosWWeYieqOjSjnN1S58d9zEmWxddj2to=; b=2QNlKqBXc7aVZWTl5sqpOOKxT6xJ83pSK1RvhHWqwasA6Nrg2DHQxUM0kPUBGptJuU5Jy9LicbLNRFWxhUqC45e1lL6sx2JfXJkL0cqRHxKKHH817jNumRqbGv5F6lkG9zaoRQ83lp33nz+QWm7FN2E75u2P5dOTPwTc7QVEZ7M= Received: from SN6PR05CA0029.namprd05.prod.outlook.com (2603:10b6:805:de::42) by MW5PR12MB5598.namprd12.prod.outlook.com (2603:10b6:303:193::11) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7472.42; Fri, 19 Apr 2024 13:00:46 +0000 Received: from SN1PEPF00036F40.namprd05.prod.outlook.com (2603:10b6:805:de:cafe::2a) by SN6PR05CA0029.outlook.office365.com (2603:10b6:805:de::42) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7519.12 via Frontend Transport; Fri, 19 Apr 2024 13:00:43 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by SN1PEPF00036F40.mail.protection.outlook.com (10.167.248.24) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.7452.22 via Frontend Transport; Fri, 19 Apr 2024 13:00:43 +0000 Received: from ethanolx16dchost.amd.com (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.35; Fri, 19 Apr 2024 08:00:42 -0500 From: Pavan Kumar Paluri To: CC: Paolo Bonzini , Sean Christophersen , Michael Roth , Tom Lendacky , Pavan Kumar Paluri , "Kim Phillips" , Vasant Karasulli Subject: [kvm-unit-tests RFC PATCH 11/13] x86 AMD SEV-SNP: Change guest pages from Shared->Private using GHCB NAE Date: Fri, 19 Apr 2024 07:57:57 -0500 Message-ID: <20240419125759.242870-12-papaluri@amd.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20240419125759.242870-1-papaluri@amd.com> References: <20240419125759.242870-1-papaluri@amd.com> Precedence: bulk X-Mailing-List: kvm@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: SN1PEPF00036F40:EE_|MW5PR12MB5598:EE_ X-MS-Office365-Filtering-Correlation-Id: e90d47dd-7faa-4863-5c66-08dc6070b8f0 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: oDMYq/i4epQWCj+sDw91EHnePPgp4AzeC2JubvgkaMKSDGnWElvvi+IjVPCQCUCl+Cow8JcdQnBSkwvQrpHUHsZuAXLxUzGuepQztbow98BnQMyIA6SX7yThD27Ud2uivqgFz/IyCphvYal6ZkJiHblqnjf6YqNUYC2S8yTD1o+KS+15/b31iQHJlUS2yuNzrjEUPeXFs7pUlz2sjdb6wldaf7j64ycxJgpdnHyvmZqSJ+wYnxV6eJVlfpE+XOcBqUbhm6gGIv+NNeCFwD54F9hoMUcxcJ9ztfcZufRA2ODbEjK4sFvl1BKmSn9Mj05SWSMKXPIihe/zXreAIqAejeS2zimCkAtKyyS6tLgs9R6nh0S5yWIueb0c/nK/ORZTXtbSss9bcbDzh81uDdEz16PDXgRT8HZWtLz0Vy87HTwWuNIdvBQbr2iF05ikwVKeDR2/5+dHk9++sV0SQ9phV2DDu1nUy4J5zZjVw1J0dUXvV4x3JkU+9C0V0TIy1gi2MhSzjCaY7lq/UwOpo1ErKwoVIrMDzf5ZBdAzeOdlhB36vQoFEZi5yoHv9+fve1nkFnctA7BeIw9f9vsqV81JicZcp8VMJXroj/5IAA1YLJmSs21LybQP5WHeLNQF2HguyJzKTw6ykWsh2oI/rhtmc0KCBDXFog3Zq8JzdrC/H42P6/Y9/cJNvazlXI6l8sYzklQvEYo5yVW5H6msvCiS31ZGTNvM7kFRntbi4sXTMWkqM5Seocif47DSbWkq59Gp X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230031)(82310400014)(376005)(1800799015)(36860700004);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 19 Apr 2024 13:00:43.3881 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: e90d47dd-7faa-4863-5c66-08dc6070b8f0 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: SN1PEPF00036F40.namprd05.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: MW5PR12MB5598 Perform page state conversions to private on a range of pages that are already in a hypervisor-owned state. The test introduces support for both 4K pages as well as 2M large pages depending on the order specified. Perform a write operation on the pages while they are shared pages. After conversion, run a re-validation test on one of the converted pages to ensure the page state is private. Signed-off-by: Pavan Kumar Paluri --- x86/amd_sev.c | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/x86/amd_sev.c b/x86/amd_sev.c index 1723a235166b..6c6fe8e05adb 100644 --- a/x86/amd_sev.c +++ b/x86/amd_sev.c @@ -615,6 +615,17 @@ static void test_sev_psc_ghcb_nae(void) "Write to %d un-encrypted pages after private->shared conversion", 1 << SNP_PSC_ALLOC_ORDER); + /* Shared->Private operations */ + report_info("Shared->Private conversion test using GHCB NAE"); + + set_pte_encrypted((unsigned long)vm_pages, 1 << SNP_PSC_ALLOC_ORDER); + + sev_set_pages_state((unsigned long)vm_pages, 1 << SNP_PSC_ALLOC_ORDER, + SNP_PAGE_STATE_PRIVATE, ghcb, large_page); + + report(is_validated_private_page((unsigned long)vm_pages, large_page, true), + "Expected page state: Private"); + /* Cleanup */ free_pages_by_order(vm_pages, SNP_PSC_ALLOC_ORDER); } From patchwork Fri Apr 19 12:57:58 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Paluri, PavanKumar" X-Patchwork-Id: 13636362 Received: from NAM04-BN8-obe.outbound.protection.outlook.com (mail-bn8nam04on2050.outbound.protection.outlook.com [40.107.100.50]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id DFF2D1292F2 for ; Fri, 19 Apr 2024 13:01:35 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=fail smtp.client-ip=40.107.100.50 ARC-Seal: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1713531697; cv=fail; b=mFtOIZQAqeVkfih01GjjU1ijnGO7f0ccmEh1d/IC50kHAga15m8x08SxngpWG0p2VheKuci7PO9IOpOj47uAFRKql5NtS9L/zOWvz5M2YbaQe7jXGivlkrfnOOdCkfm9cwRSKoCr9VDPYyTMsrtR2lqELT+KiowWoO5bE8NqJxQ= ARC-Message-Signature: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1713531697; c=relaxed/simple; bh=cmdEIbEGRDAZW9ZtHlM3DJnerPFCVq0BzWj1SEqJLMQ=; h=From:To:CC:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=Fa5aA4wNAM7gFAbHMWtK+SNOhbBjMP1FnlNE8GKvkWC9KI0spnXg9umAIUtDaFn4eIJ5OoTRwxs/dwSpAwb0F3qukTstE0rj7GmGK3vPbGjXhvZzpUOQwengZxXFcBvopd8GIHl2YnX/YJUvHMTFwYvmyklSId5GuddkEPfaABA= ARC-Authentication-Results: i=2; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com; spf=fail smtp.mailfrom=amd.com; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b=n/4Jy7vJ; arc=fail smtp.client-ip=40.107.100.50 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com Authentication-Results: smtp.subspace.kernel.org; spf=fail smtp.mailfrom=amd.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b="n/4Jy7vJ" ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=PXQcUpASetya4fYsdXbsIdizaadSMC71B5TDxvgDUb8IeDOqMYmJstSTYCt//YECdLkFUYj9+jAtox0cNNFSL7Lp1IfdZ2iWo2ttuYZwFmfN2lr5rjoLGkP+A6Kj/5/qhky6w+HFAn4YGvQUut53/D84P8H/2z81zsGqxG/4lvp2AwNsnke3adxhzO4hhIEHwPvxPXPcMRGAvY6g59JrkBA34Tmo+6oR689lInvPzGlw5YnazeRmSztVEUGxJpKYjPyS2ciZ6350V86nD2kL6yPM2KeWntwrDaN/2bt7ngEhF2ijw7iXnE2GejDLq0JZr88VoW0yjcoXRi1mHcuvEA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=Lfbahi6+95dnkBaFIA+C7oizvqWDLkrqrVnVEgG+U2w=; b=lEd9l2pYlLdOHyTNQJV4gwfRQdsp3Wuucqr5qD49kJ/dWJMIf/pQigpGGxaVDMCFKT6TOqVTdldgi51puPo1gV2ea96qVGkk+ZaQDfDQLH51ahPq4zACgkeLE2eDSDsEsMcRDK1KG9egSe3QBv2L0CadSu2xDxI0VaHIN3uIp6Yc7hccpmg4138zJElrxoobQKzj3stj0gWQ1NfSN1YI7LWzK8eraSv3uHT9NgITim6bYQLbssSUsY2YEqo8rKHAdDrkyV0OcFYGmJ7ndHiSF1nmuCEGkYEkHHDy/uxGmwj+Wd5WuAYMlR/MzKo+BjJt41+OevOAb/i9xarSviPVEg== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none (0) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=Lfbahi6+95dnkBaFIA+C7oizvqWDLkrqrVnVEgG+U2w=; b=n/4Jy7vJZ0x8d54lzUx1vKfZScjb01378GoXbpHNMyDW1wPuee+K5pO72ht9zXxqLUycHCx54OT725K4Rw1zm2F59nmUM79GX+usrmuhFjtexxE2BpW54Aq+wZoO9i8XvFAcUrN4/zed0GhlebBRqKSjyhpAz7UOWpTzZuyN9Xk= Received: from PH0PR07CA0001.namprd07.prod.outlook.com (2603:10b6:510:5::6) by DS0PR12MB6583.namprd12.prod.outlook.com (2603:10b6:8:d1::12) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7472.37; Fri, 19 Apr 2024 13:01:01 +0000 Received: from SN1PEPF00036F3C.namprd05.prod.outlook.com (2603:10b6:510:5:cafe::fc) by PH0PR07CA0001.outlook.office365.com (2603:10b6:510:5::6) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7495.31 via Frontend Transport; Fri, 19 Apr 2024 13:01:01 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by SN1PEPF00036F3C.mail.protection.outlook.com (10.167.248.20) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.7452.22 via Frontend Transport; Fri, 19 Apr 2024 13:01:00 +0000 Received: from ethanolx16dchost.amd.com (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.35; Fri, 19 Apr 2024 08:00:58 -0500 From: Pavan Kumar Paluri To: CC: Paolo Bonzini , Sean Christophersen , Michael Roth , Tom Lendacky , Pavan Kumar Paluri , "Kim Phillips" , Vasant Karasulli Subject: [kvm-unit-tests RFC PATCH 12/13] x86 AMD SEV-SNP: Test-1: Perform Intermix to 2M Private PSCs Date: Fri, 19 Apr 2024 07:57:58 -0500 Message-ID: <20240419125759.242870-13-papaluri@amd.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20240419125759.242870-1-papaluri@amd.com> References: <20240419125759.242870-1-papaluri@amd.com> Precedence: bulk X-Mailing-List: kvm@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: SN1PEPF00036F3C:EE_|DS0PR12MB6583:EE_ X-MS-Office365-Filtering-Correlation-Id: 7312e099-5ef2-4b86-12f9-08dc6070c357 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: vtbMCZEANUkkZqgvLrlOyeT2LXHjHS6OmaTPLL6AWkrZZI4fRkqblgDH+nFImQ/z35SeuzHE6uyUK/r8Y48xmQhIrbZbVSMIFcx18kkyW8ieIIvBB5zU6pegpswsbm8npJf1AN1hokYrcj7HmBegWQmQA4C5bqaJriF08ig/PSgY4/wLcoBS2+DiTRtJQhMpJraFDDXXqaA5H3YKo8n9CKe1MEIaUli3cAFoR3tY7HzTtOeZ6HQNGG8nOixuXcOLIL4XUf74tWkNy8+8c7rcLrdhoHVaAzl3mkMPzRAsAERseGLhSu9tUSaoVPvUrCR23m27eGBrv1UIrbBnKdCfHx0poCqWwAHld3K9IfoxunFq2SU3JI8NQsj47Ajraa4p8Q4ONbjiR5S1L31SPDrzwZHBkyEpobdrdk/9FoibJ0fjEX2P8tNbSrFp7D+BiiNIc1UXcZ4yhCnZCuxHabaGdeIV03BLeArBhU3IzLTKrIGPpFVWNJM4p6qoSSR9QDXWkTEv5n2Ok04pnb3ZQ+CGLh6PPeqfabJUkX2583aoDK5RNq/tYBEMYDOqW5DryQ60F3T1nD2s1/CRMj9korjhB2eVtFEmpYyRs8BG1aVbQ8OS6WYQGunr74SSUYwgcST3kWCJbq91xlmiPO7FrDbLttZhe/Q6+6PhUYiX/eJP41S1uFJc4gHnjuJzbS9h7kllwLJYhkhJX4Y4z8mi6N6wAsTAGZ0Gi47DNrxID0/aibjW3WSQV55FtC/Xn2caw03a X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230031)(82310400014)(36860700004)(1800799015);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 19 Apr 2024 13:01:00.7447 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 7312e099-5ef2-4b86-12f9-08dc6070c357 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: SN1PEPF00036F3C.namprd05.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: DS0PR12MB6583 The test performs the following actions: 1. Allocates a 2M private page (512 4K entries) and converts the entire range to shared. 2. Performs a write operation on these un-encrypted pages. 3. Performs partial page state change conversions on first 256 4K entries and conducts a re-validation test on one of these now-private entries to determine whether the current page state is private or not. 4. Also conducts a write test on the 256 4K shared entries (with C-bit unset on PMD) to ensure these are in shared state. 5. Converts the whole 2M range from an intermixed state to private and runs a re-validation check on the now-private 2M page. Since the test performs partial page state changes within 2M range, pvalidate would result in a failure in the form of PVALIDATE_FAIL_NOUPDATE since the test would perform same page state change operation on the entries that are already in the same state. Do not treat RMP entry validated bit unchanged as an error for this test. The primary goal of this test is to determine whether a shared->private conversion on a 2M range containing a mix of shared and private entries is handled properly by the hypervisor or not. Such a PSC from an intermixed state may never take place in a conventional SEV-SNP guest. Suggested-by: Michael Roth Signed-off-by: Pavan Kumar Paluri --- x86/amd_sev.c | 101 ++++++++++++++++++++++++++++++++++++++++++++++++-- 1 file changed, 98 insertions(+), 3 deletions(-) diff --git a/x86/amd_sev.c b/x86/amd_sev.c index 6c6fe8e05adb..7b53ef9c44d0 100644 --- a/x86/amd_sev.c +++ b/x86/amd_sev.c @@ -22,8 +22,10 @@ #define TESTDEV_IO_PORT 0xe0 #define SNP_PSC_ALLOC_ORDER 10 +#define INTERMIX_PSC_ORDER 9 static char st1[] = "abcdefghijklmnop"; +static bool allow_noupdate; static int test_sev_activation(void) { @@ -136,15 +138,22 @@ static void pvalidate_pages(struct snp_psc_desc *desc) for (; vaddr < vaddr_end; vaddr += PAGE_SIZE) { pvalidate_result = pvalidate(vaddr, RMP_PG_SIZE_4K, validate); - if (pvalidate_result) + if (!allow_noupdate && pvalidate_result) + break; + else if (allow_noupdate && + (pvalidate_result && + pvalidate_result != PVALIDATE_FAIL_NOUPDATE)) break; } } - if (pvalidate_result) { + if (!allow_noupdate && pvalidate_result) + assert_msg(!pvalidate_result, "Failed to validate address: 0x%lx, ret: %d\n", + vaddr, pvalidate_result); + else if (allow_noupdate && + (pvalidate_result && pvalidate_result != PVALIDATE_FAIL_NOUPDATE)) assert_msg(!pvalidate_result, "Failed to validate address: 0x%lx, ret: %d\n", vaddr, pvalidate_result); - } } } @@ -630,6 +639,91 @@ static void test_sev_psc_ghcb_nae(void) free_pages_by_order(vm_pages, SNP_PSC_ALLOC_ORDER); } +static void __test_sev_psc_private(unsigned long vaddr, struct ghcb *ghcb, + bool large_page, pteval_t *pte) +{ + allow_noupdate = true; + + set_pte_encrypted((unsigned long)vaddr, 1 << INTERMIX_PSC_ORDER); + + /* Convert whole 2M range back to private */ + sev_set_pages_state(vaddr, 512, SNP_PAGE_STATE_PRIVATE, ghcb, + large_page); + + allow_noupdate = false; + + /* Test re-validation on the now-private 2M page */ + report(is_validated_private_page(vaddr, large_page, 1), + "Expected 2M page state: Private"); +} + +static void test_sev_psc_intermix(bool is_private) +{ + unsigned long *vm_page; + bool large_page = false; + pteval_t *pte; + struct ghcb *ghcb = (struct ghcb *)(rdmsr(SEV_ES_GHCB_MSR_INDEX)); + + vm_page = alloc_pages(INTERMIX_PSC_ORDER); + assert_msg(vm_page, "Page allocation failure"); + + pte = get_pte((pgd_t *)read_cr3(), (void *)vm_page); + assert_msg(pte, "Invalid PTE"); + + if (!pte && IS_ALIGNED((unsigned long)vm_page, LARGE_PAGE_SIZE)) { + install_large_page((pgd_t *)read_cr3(), (phys_addr_t)vm_page, + (void *)(ulong)vm_page); + large_page = true; + } + + pte = get_pte_level((pgd_t *)read_cr3(), (void *)vm_page, 1); + if (!pte) + report_info("Intermix test will have 2M mapping"); + + /* Convert the 2M range into shared */ + sev_set_pages_state((unsigned long)vm_page, 512, + SNP_PAGE_STATE_SHARED, ghcb, + large_page); + set_pte_decrypted((unsigned long)vm_page, 1 << INTERMIX_PSC_ORDER); + + report(!test_write((unsigned long)vm_page, 512), + "Write to a 2M un-encrypted range"); + + set_pte_encrypted((unsigned long)vm_page, 1 << INTERMIX_PSC_ORDER); + + /* + * Convert half sub-pages into private and leave other + * half in shared state. + */ + sev_set_pages_state((unsigned long)vm_page, 256, + SNP_PAGE_STATE_PRIVATE, ghcb, false); + + /* Test re-validation on a now-private 4k page */ + report(is_validated_private_page((unsigned long)vm_page, false, 1), + "Expected 4K page state: Private"); + + /* + * Unset C-bit on 2M PMD before issuing read/write to these + * 256 4K shared entries. + */ + set_pte_decrypted((unsigned long)vm_page, 1 << INTERMIX_PSC_ORDER); + + report(!test_write((unsigned long)vm_page + 256 * PAGE_SIZE, 256), + "Write to 256 4K shared pages within 2M un-encrypted page"); + + if (is_private) + __test_sev_psc_private((unsigned long)vm_page, ghcb, + large_page, pte); + + /* Cleanup */ + free_pages_by_order(vm_page, INTERMIX_PSC_ORDER); +} + +static void test_sev_psc_intermix_to_private(void) +{ + test_sev_psc_intermix(true); +} + int main(void) { int rtn; @@ -643,6 +737,7 @@ int main(void) if (amd_sev_snp_enabled()) { test_sev_psc_ghcb_msr(); test_sev_psc_ghcb_nae(); + test_sev_psc_intermix_to_private(); } return report_summary(); From patchwork Fri Apr 19 12:57:59 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Paluri, PavanKumar" X-Patchwork-Id: 13636361 Received: from NAM12-MW2-obe.outbound.protection.outlook.com (mail-mw2nam12on2085.outbound.protection.outlook.com [40.107.244.85]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 5EC5F129A68 for ; Fri, 19 Apr 2024 13:01:13 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=fail smtp.client-ip=40.107.244.85 ARC-Seal: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1713531677; cv=fail; b=W/M4h0+fyfXmgpt8A8RqFUoauihuVv1w6yOuUCJfpYqfb5OaHRS8HhaqF98O+UHyfdCoZpJ97P9+pBdpTXJiEPqHYgMIsDEpBbyWmDvnkW079H0aaLPI6S82VPX473zSjYC+B3mzkyvYMvacS5o7WgKSemNDG7TCUe96WDUs+zw= ARC-Message-Signature: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1713531677; c=relaxed/simple; bh=eAPyrMINYzkq/OYx/DeUeSYhtx2mDzCe51P1bAUqMK4=; h=From:To:CC:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=hAMFqwO4xf+r9IY9T2gKaCznXKdgxzHpmkDDM34KW4lFb9IRP1zaSY0J0KyRECTjKC83ec4ATcllC1M1o/nlkfY8yJx6JD4sxH4hJnOogpscZC+6NR+bUtSBsE170X27RZNT7mwexIRYfLTuDlEhXDCRGy1ront8/MaieHMIPpI= ARC-Authentication-Results: i=2; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com; spf=fail smtp.mailfrom=amd.com; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b=nUhywHFx; arc=fail smtp.client-ip=40.107.244.85 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com Authentication-Results: smtp.subspace.kernel.org; spf=fail smtp.mailfrom=amd.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b="nUhywHFx" ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=cm8K5Hncy80hNNZsl5v56DQo7HuDNh9DhVEOWESJlcptubwhTOwA8QEHzlzn1m9dKJ595lIPA/p/rQUGce8q1X1tAqrz9vev4PIrYJ/FHoGEJjiHGAKlxGF2o3LKkO3Sp7JqSSy2q+q6ldFaJfk7FtWaqXbIhhkS/qJdjH3zYoq6sYSCD6wJJF+D4fE6Na3ai9kJ+U33T0R3HMv3Y5c6KHgMabu09kWGxHOfK1fS9mjQwyJlXRqVQG1aQ5cdtUiTmyqdY7bXRSsGaAEbXrtPW5JY1fmi/helOUSDiO/QtJmHAYdvAXyqONI6Nigw+FMEU6NoGoksrVoqFv3iRtPwYA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=TgKIntb4lfdYDdnoxcM6dD3Z1x+9xugo6c/wWHwFBSE=; b=Zu46SI0Ymk/LIitr4hHr0prj35zJKtE5nkkLd5q8/pzUUO0hXFIB5fSNuD8NXQKXy2sHL+GUDdf6JsXbPaw3anYzyfyat8ld9STp0mR6N3AFgViAZ67ah4MD3NZ0F/z9sCSr5b/M0gbo3s64YnOKdb1Ce+KY3aSW6jyJBZbdX53XjjbDiZHJFcrC/ei7MV4EhrRmuCPlkX9bv+4TUzTY5Ts5ji52tiiSxP/L3vsmMFlsgqt3gltVpjC7v78QyCEsrfRbxjYORq2NJE1Ox7OMVuguq6C2Z/abGWxcnkOtFKb8aA0Xngl5PrxPf1A6QrSDr1k4mZXI9Tfdg7tETKCEBQ== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none (0) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=TgKIntb4lfdYDdnoxcM6dD3Z1x+9xugo6c/wWHwFBSE=; b=nUhywHFxJLpzqi7e7MPcPoNKAoA2jiGi1WNkZpH2PSmz+76aQruYsFm6ERA39t/k46ENRFOLzPZtvbTveKdZP2sCZJutV5BybX423Pr0J8w+ArLqCf0ftrcqk6KAYkoYtRGZjQ7t7WQrh8R0J2EFtNt7645d1/Z7yasEfoFErcQ= Received: from SA9PR13CA0088.namprd13.prod.outlook.com (2603:10b6:806:23::33) by SA1PR12MB8641.namprd12.prod.outlook.com (2603:10b6:806:388::18) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7472.44; Fri, 19 Apr 2024 13:01:10 +0000 Received: from SN1PEPF00036F3F.namprd05.prod.outlook.com (2603:10b6:806:23:cafe::ac) by SA9PR13CA0088.outlook.office365.com (2603:10b6:806:23::33) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7519.14 via Frontend Transport; Fri, 19 Apr 2024 13:01:10 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by SN1PEPF00036F3F.mail.protection.outlook.com (10.167.248.23) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.7452.22 via Frontend Transport; Fri, 19 Apr 2024 13:01:09 +0000 Received: from ethanolx16dchost.amd.com (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.35; Fri, 19 Apr 2024 08:01:08 -0500 From: Pavan Kumar Paluri To: CC: Paolo Bonzini , Sean Christophersen , Michael Roth , Tom Lendacky , Pavan Kumar Paluri , "Kim Phillips" , Vasant Karasulli Subject: [kvm-unit-tests RFC PATCH 13/13] x86 AMD SEV-SNP: Test-2: Perform Intermix to 2M private to 2M shared PSCs Date: Fri, 19 Apr 2024 07:57:59 -0500 Message-ID: <20240419125759.242870-14-papaluri@amd.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20240419125759.242870-1-papaluri@amd.com> References: <20240419125759.242870-1-papaluri@amd.com> Precedence: bulk X-Mailing-List: kvm@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: SN1PEPF00036F3F:EE_|SA1PR12MB8641:EE_ X-MS-Office365-Filtering-Correlation-Id: 3877aa23-388c-4026-f678-08dc6070c8cd X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: J8nJeJhTNfVETym77ZKf3bg9YSS15Y8PQz42id1UHrGH5Yn9CFZ1BTGS/UEWxROQcxa/xhAhFQXmlUPqBip1CyGbehYMxp9klRTCvOqwDq5pX6bIi9rYZ1VR21OlfhAp+mpdMiJoguXKvaHyILjp/YRirBzS2FG0hkdOetKn1jVDYFe2kGZ3zroB1R+M1+oUyw4xMzL6W0XRK52O6G5ExQ4J+ZxERlmtyUM/n/j2GTTaYuozXa/WJGth+4AQCLOwJjpYr6Lw081EM2hEc4r58KQgEyggJKyg59kwQoAQJWLIv9S0A7EzREmo76inBRbDZM9q+dG8GiByjQ2NMV0lYOPZ66HFppyeEjaN9ib9Y3LxLr+S/3cn8rCvHpQlbW6HvPCf5wQj9phAEzXiK9w3LjaSn7WsjYhkzoGptPpi8PlpbJ7e0VQwe2AzTz8vWRBRMWH3ePCSkliJaL+sVf43C9Q3HyizY/D6kQ6zn5vWW9fcGK1A4hkh4Ar6G8dpja7+pwZbKscTStFKW+F4quke0mYcOV9YzQa0azIyZ8k7+Jv4uLy6iMcKmE8giIXuU1EeJ+7H04XwqEinlfNuQ76NDrumqZSMnW31yQ8GzgNBOGp5SPzdgDyffDENgiaCiHTnSto7i9ECdLZZmYnxpk6M5fZ8txpbE1COOclFuM14mEvp1wH2lUpbisxQ3NZdc6Nr+5PzALR1FjtcMuHZHXPuTT9utSRlfcbjH2PLmcng/KjKfaTL0NJL5YnXVQaNOMaV X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230031)(376005)(1800799015)(36860700004)(82310400014);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 19 Apr 2024 13:01:09.9906 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 3877aa23-388c-4026-f678-08dc6070c8cd X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: SN1PEPF00036F3F.namprd05.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: SA1PR12MB8641 The test performs the following actions: 1. Allocates a 2M private page (512 4K entries) and performs 2M private to shared conversion. 2. Performs a write operation on these un-encrypted pages. 3. Performs partial page state changes (shared->private) on first 256 sub-pages and conducts a re-validation ('pvalidate') check on one of these entries to ensure its state has been changed to private. 4. Performs write test on the other set of sub-pages whose state is shared. 5. Performs PSC from 2M intermixed state to private, backed up with a re-validation check on the 2M range to ensure successfull conversion. 6. Performs PSC from 2M private to 2M shared followed by a write operation to ensure the 2M page is successfully changed to shared. The main goal of this test is to ensure 2MB page state changes are handled properly even if the 2MB range is a mix of private/shared pages. Suggested-by: Michael Roth Signed-off-by: Pavan Kumar Paluri --- x86/amd_sev.c | 35 +++++++++++++++++++++++++++++++++++ 1 file changed, 35 insertions(+) diff --git a/x86/amd_sev.c b/x86/amd_sev.c index 7b53ef9c44d0..94944fb80a70 100644 --- a/x86/amd_sev.c +++ b/x86/amd_sev.c @@ -657,6 +657,32 @@ static void __test_sev_psc_private(unsigned long vaddr, struct ghcb *ghcb, "Expected 2M page state: Private"); } +static void __test_sev_psc_shared(unsigned long vaddr, struct ghcb *ghcb, + bool large_page, pteval_t *pte) +{ + allow_noupdate = true; + + set_pte_encrypted((unsigned long)vaddr, 1 << INTERMIX_PSC_ORDER); + + /* Convert the intermixed 2M range to 2M private */ + sev_set_pages_state(vaddr, 512, SNP_PAGE_STATE_PRIVATE, ghcb, + large_page); + + allow_noupdate = false; + + report(is_validated_private_page(vaddr, large_page, 1), + "Expected 2M page state: Private"); + + /* 2M private->shared conversion */ + sev_set_pages_state(vaddr, 512, SNP_PAGE_STATE_SHARED, ghcb, + large_page); + + set_pte_decrypted((unsigned long)vaddr, 1 << INTERMIX_PSC_ORDER); + + report(!test_write((unsigned long)vaddr, 512), + "Write to a 2M un-encrypted range"); +} + static void test_sev_psc_intermix(bool is_private) { unsigned long *vm_page; @@ -714,6 +740,9 @@ static void test_sev_psc_intermix(bool is_private) if (is_private) __test_sev_psc_private((unsigned long)vm_page, ghcb, large_page, pte); + else + __test_sev_psc_shared((unsigned long)vm_page, ghcb, + large_page, pte); /* Cleanup */ free_pages_by_order(vm_page, INTERMIX_PSC_ORDER); @@ -724,6 +753,11 @@ static void test_sev_psc_intermix_to_private(void) test_sev_psc_intermix(true); } +static void test_sev_psc_intermix_to_shared(void) +{ + test_sev_psc_intermix(false); +} + int main(void) { int rtn; @@ -738,6 +772,7 @@ int main(void) test_sev_psc_ghcb_msr(); test_sev_psc_ghcb_nae(); test_sev_psc_intermix_to_private(); + test_sev_psc_intermix_to_shared(); } return report_summary();