From patchwork Sun Apr 21 18:01:01 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Roth X-Patchwork-Id: 13637450 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 50108C04FF8 for ; Sun, 21 Apr 2024 18:08:07 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id DD3B66B00AA; Sun, 21 Apr 2024 14:08:06 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id D843B6B00AB; Sun, 21 Apr 2024 14:08:06 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id BFEE56B00AC; Sun, 21 Apr 2024 14:08:06 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0010.hostedemail.com [216.40.44.10]) by kanga.kvack.org (Postfix) with ESMTP id A36B36B00AA for ; Sun, 21 Apr 2024 14:08:06 -0400 (EDT) Received: from smtpin03.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay03.hostedemail.com (Postfix) with ESMTP id 70EC9A0A74 for ; Sun, 21 Apr 2024 18:08:06 +0000 (UTC) X-FDA: 82034322972.03.C90515C Received: from NAM02-DM3-obe.outbound.protection.outlook.com (mail-dm3nam02on2055.outbound.protection.outlook.com [40.107.95.55]) by imf20.hostedemail.com (Postfix) with ESMTP id AFC021C0006 for ; Sun, 21 Apr 2024 18:08:03 +0000 (UTC) Authentication-Results: imf20.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b=jNGIwzij; arc=pass ("microsoft.com:s=arcselector9901:i=1"); spf=pass (imf20.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.95.55 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com; dmarc=pass (policy=quarantine) header.from=amd.com ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1713722883; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=cXRnpadbMHv81jR+cczjNT88FJu0zOLgWChtKNLc+po=; b=momSkxSfOlAqfFGTv/pGxjthvTMiJ0YUKL77OlETNT9MKP5l6FA259pmBHKf81fQj752p/ CmyhIto2jQu4ZrhWUdGBDduGRlfviqmPD6bQwDzYUNy1xrO2efNSxyC0op0S8TnfOOxPHt duAdw9voScQdufqF0paH44CAC5ztCxk= ARC-Authentication-Results: i=2; imf20.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b=jNGIwzij; arc=pass ("microsoft.com:s=arcselector9901:i=1"); spf=pass (imf20.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.95.55 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com; dmarc=pass (policy=quarantine) header.from=amd.com ARC-Seal: i=2; s=arc-20220608; d=hostedemail.com; t=1713722883; a=rsa-sha256; cv=pass; b=KMBkhAtwu6S1DL4Olz37My5PuzSstCMMtTGxnqXyWQEALLclDyJGmX23vknq+ZYSZQYuhq 3O7Hm59L7N6FY9qIlldf1ckBS46dw9HSaYxAtw6th6lbFJQS1mDwInHiB9S8iO7nvaDKv1 +v86k5nwbqPV5xYxbuFF2mZ5OcjlKGQ= ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=aUET9UShXNzkoIumpCSTkHfkNbTLI8FoD2hpzMvjJ327upulYGzw3bJJdkXJ8zY1bj8JsonJm3Wa65ZuNKbzdS7vnqGoMwDTutQB2pSdjSoDPkhmNwiwtT5kVH8s7J5iUvHQ51YPLzf0yZ4kT0r/JzLfC3m/hHI+P+qqpVZsRtVQJQmNr0hVKqbUxi/7KT5CutZxnKaxdbyCZuj3wDptdKVQZZbgWk0lknBVttflr6vMXhBs0NfJHGwHApLcPXYXDMoQC6sLdsk2NiZkpMap/W39wmJguyw+BcxktALIz/ay13x5y2rnPL700t0c9xnBwzTUpmGyRBQuQMUgURKl2Q== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=cXRnpadbMHv81jR+cczjNT88FJu0zOLgWChtKNLc+po=; b=mmPxUQn63g704oM2HDmjqZrE0ovTfRwobZ4Tir+k9GSdRdUUfnItYDb1H1lviUWlpOEttneXhr6FBaKYxvUmiGtYAgFBNDVH4y4FR1UY4aziqXjagzj30rQNAuK/epQ25SZ4NwmGHey3s7J1hV1Xyf45kdmIC4SXufLSmI0p7kutnkPRiOffOi+iIWle0b040Y15fcgxTWVn3ic22Ap7dW0Wdz8MnqSpbBRuqNPN07IdYb05aK6t2KGv/9qs+QCusmQWQvS9VbO9CbRJpbiL+plzdq0JPyKRB0mOGGmBpmBqXXMNju6WgdcaHWsQMHT/+b2HLd16GLbn0Z6vlsQimw== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none (0) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=cXRnpadbMHv81jR+cczjNT88FJu0zOLgWChtKNLc+po=; b=jNGIwzij1LL7OzMWrMyVixUzZqLyPKmKAE8joenzylDExAw8vvdnc9v03KuYB+Ki0jn2McxIaAVy1J4KPp6HD4YEINcPLvqqAwePERodS3Exlvg2gaFc2g+dtvoBmdpBhkfjW8Aydz7QuG2RO8vCNSK/GpXQ9a7BNIvXbNQxSdQ= Received: from DS7PR03CA0266.namprd03.prod.outlook.com (2603:10b6:5:3b3::31) by PH7PR12MB8106.namprd12.prod.outlook.com (2603:10b6:510:2ba::9) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7472.39; Sun, 21 Apr 2024 18:08:01 +0000 Received: from CY4PEPF0000FCBF.namprd03.prod.outlook.com (2603:10b6:5:3b3:cafe::36) by DS7PR03CA0266.outlook.office365.com (2603:10b6:5:3b3::31) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7495.23 via Frontend Transport; Sun, 21 Apr 2024 18:08:00 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by CY4PEPF0000FCBF.mail.protection.outlook.com (10.167.242.101) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.7519.19 via Frontend Transport; Sun, 21 Apr 2024 18:08:00 +0000 Received: from localhost (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.35; Sun, 21 Apr 2024 13:07:58 -0500 From: Michael Roth To: CC: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , Subject: [PATCH v14 01/22] KVM: SEV: Select KVM_GENERIC_PRIVATE_MEM when CONFIG_KVM_AMD_SEV=y Date: Sun, 21 Apr 2024 13:01:01 -0500 Message-ID: <20240421180122.1650812-2-michael.roth@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20240421180122.1650812-1-michael.roth@amd.com> References: <20240421180122.1650812-1-michael.roth@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: CY4PEPF0000FCBF:EE_|PH7PR12MB8106:EE_ X-MS-Office365-Filtering-Correlation-Id: a1c03493-3d07-441d-f0f2-08dc622dfb3d X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: kjNFs8omnqx05yyFPHINeNWf1DiSBVYTOi4Hv8QxeiuSNhfBnHh2M+vnSO5uM7bE3U40N1xViU6dv8r6d/o8ItcsAIJ0soKG9DU/d77dw9kraiKbkepddsUXhlsMYNzbT+mKuTKFrjeFrfyEuC0ZBa84bwtDLtuz8h0Qz9xJESen9eKosje5ZfJL8bkeZD71WE/Do2UJvpOGjdzKs4kgbMDoTLf83cU5RTGaBaFpNii/8FscpvjjFsWeShqYYEkvJmJRQik/ByWvUK0rqZ9djy7hLDRe0ct2xzPygysPq/fWyDE3qF5Db6dUnjWPLoFwIeKR6VZ0iaxOoy4PRzRAgxdknt2WqU75CEOatGC7HKiBl7TOPesnt2dtsabjmjuxDRj2M2xhxUNqONCucOlh+M1jPJmsFCmoHWHbxEkka4TW4Ti+MLxESck58q5zXU7kNmwYQmbcunuaMNWqqBnBym6Mzb4mp8rHrrxjdFkQXLk0c6tq3uW7g5Hn06ZpLr5I6z63AqmfIU+XERIK2uD0igWcAhF8O6sGeHGPAJBrat4I4PuNGKvLZNO17WRaIp6nEaKPE3w+o5QmRYYJ1r5xaaANhUBwzhEJNle9koyLWQSp2snjx4gyJRhvt57r2r+pUKFmuHsp8JumIU2uspc6wmIGrOQSPhs9H5O58WlxFZTz5JRFFjMfQoEAtG/3CynjnjWUU4W0GP6RAwv4UkhW5Jvswye9RSoO5F64gO56CIbH+vGunAVLbb2h/uZCRGzCk9m1xj+M10RKgpTY5eXtu0X9V3ASP49dfMz+buq35aTJeIVarFWEPUiirLS1MXFJAeBPqud4DhV+izo07QbwXOQqahNPeLB/mEOvXWUkdb7Hf2AWOFwokSlyhyyX0Rl43GKk3Ljd6M0QgXwHgYpLqPgU/KCNkJEMRmDZ7E7cG2OsqnKwsTqZ3F6zPW/yCPfQT77I/BkiXoQuI1XmuXc30SaICSZjnEEreN4F86gOTlPvQ2q23PiQ0jsSNpGnvblNNWHTuBvNfVpfuer5AuTdl7wsrmYb3mpeZAOAT5GAR5i79/NE6u6vp0nHAMS35MnTMw3W+7eGDjGaNKi4GZsPFlrUFIHWWywmA8akZfd949DeKYC0jVuLN6KS3t4hqUBrS+pqWaPB0z7u1jTB1rN8sjQZ86qCW0bb3P6Hg9lreARYNMxUKL7TOrop2j2Eq5MyCCrlGnGbImzPUFiS3hmBS7ms+ST8Y1zdCNJ5gzIqeBmaVMivlffhwKlnfMJkF1GaslytsPDB/74si4zRRK6mz4vDPJ74XU9HsJweL0FCfXuv9yKSyeUo1EOlxBHKzaIsWPr2wMsLnxOnj6j/uhwn+VR6w2+f42sG4TR2PvsAi6a4nj8GtUKvj38wriVgzLIQ X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230031)(7416005)(82310400014)(376005)(1800799015)(36860700004);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 21 Apr 2024 18:08:00.6865 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: a1c03493-3d07-441d-f0f2-08dc622dfb3d X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: CY4PEPF0000FCBF.namprd03.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: PH7PR12MB8106 X-Stat-Signature: xc97hudni6cu1phwcoxuqfm5fqq91yym X-Rspamd-Queue-Id: AFC021C0006 X-Rspamd-Server: rspam10 X-Rspam-User: X-HE-Tag: 1713722883-848953 X-HE-Meta: U2FsdGVkX18geMNOlRHfdY1Ama0O5N2E8u7ZWzytqmjzDNFjxzcKHM8Q/iZrzjXH09Rc219I68DTvnxob55gXXb0vi7VK2U/b4VX5zd+uyxVUs4JDCr5Hz8L+LySwpddTAebjKKDnC+5V6yY15CWnvMLqTWPSvrGp6HkU8xmQCV8CC+dT6q5QUkd6s6yaIKyMIuWdsS5VPmAhfDWFSHUdgkxipFuBJfaf9h88gy0Gknj772rltIQqVbSemkbHltpbPigvlHCxsYA2fSm6nCWYYNzAgvcSIqZfa+ABCR5kTk8FqE7eCncE0OtS6ei/9lrYDN4PqVCt+JR5BOrVJFCU6muP3P8nn2/SY8D0+E5JMIvtk9CNYo8ZXJ/2E8NDqMkC8lp38XuFzVtzPNlfNG9Jq8A7go+dcWHOOt5QQgTf6iA7rahl3TbZdJiHK3rtUFMTvVQ4fsdb8e9bbW/lwp0ZQQ/YJXL7E70YLQk7KaeaJ5gGNaulsdIHGZ8tdzhfxvmAtxf4RjAAFE0cQ4KxFkXRhyH9BuwWc4gTQbpyxYxZilImbAuNZAI4mc/1WFppXWwpLnMeicUfQn0hDPB3SZjt28NpMm91NaZI318mn+6bi/3/f3fcSTNlKTNvQ9Dauq0H1NSIhjZ0SV1GTZLXiu6aWN8VDCO4mRoqrYkYLGjeXGTvv1bEhrP+yCdjAyirzjt+BOLAJIYRfyiL4vp1Kipu96Y0N7QsWt7rogioZkVkky4Rw+Or7SGT3OUhDkn+K7OfCz+8S3MeohGkHHCuPNyOQRsrjqiYllvMaruBoRgLxXMQfOdETd1QWMu8t9KjUjiYXwC79QErqK/eNvVrBPg+7UMS4DBy66wHkroXJ26zrZXHjpISifGL9CntN/ojHAOQj9sQLFajs+diLDA7HVb1K/AAVIIFlYoIifW4h07NR2z2ygxkMnjGJ2I749r2CMgDjbuyOrydFhgoGSKsH2 sW7cYAmT 2kchxM7eGWaumisSfszXqxizxlULYHKOXmUGE X-Bogosity: Ham, tests=bogofilter, spamicity=0.000009, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: SEV-SNP relies on private memory support to run guests, so make sure to enable that support via the CONFIG_KVM_GENERIC_PRIVATE_MEM config option. Signed-off-by: Michael Roth --- arch/x86/kvm/Kconfig | 1 + 1 file changed, 1 insertion(+) diff --git a/arch/x86/kvm/Kconfig b/arch/x86/kvm/Kconfig index d64fb2b3eb69..5e72faca4e8f 100644 --- a/arch/x86/kvm/Kconfig +++ b/arch/x86/kvm/Kconfig @@ -136,6 +136,7 @@ config KVM_AMD_SEV depends on KVM_AMD && X86_64 depends on CRYPTO_DEV_SP_PSP && !(KVM_AMD=y && CRYPTO_DEV_CCP_DD=m) select ARCH_HAS_CC_PLATFORM + select KVM_GENERIC_PRIVATE_MEM help Provides support for launching Encrypted VMs (SEV) and Encrypted VMs with Encrypted State (SEV-ES) on AMD processors. From patchwork Sun Apr 21 18:01:02 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Roth X-Patchwork-Id: 13637453 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id C0417C4345F for ; Sun, 21 Apr 2024 18:09:14 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 5973C6B00B1; Sun, 21 Apr 2024 14:09:14 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 547636B00B2; Sun, 21 Apr 2024 14:09:14 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 399D76B00B3; Sun, 21 Apr 2024 14:09:14 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0017.hostedemail.com [216.40.44.17]) by kanga.kvack.org (Postfix) with ESMTP id 1E0526B00B1 for ; Sun, 21 Apr 2024 14:09:14 -0400 (EDT) Received: from smtpin13.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay06.hostedemail.com (Postfix) with ESMTP id CAEF5A137E for ; Sun, 21 Apr 2024 18:09:13 +0000 (UTC) X-FDA: 82034325786.13.20841E4 Received: from NAM11-CO1-obe.outbound.protection.outlook.com (mail-co1nam11on2050.outbound.protection.outlook.com [40.107.220.50]) by imf15.hostedemail.com (Postfix) with ESMTP id D7685A0012 for ; Sun, 21 Apr 2024 18:09:10 +0000 (UTC) Authentication-Results: imf15.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b=nLjc85bm; arc=pass ("microsoft.com:s=arcselector9901:i=1"); spf=pass (imf15.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.220.50 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com; dmarc=pass (policy=quarantine) header.from=amd.com ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1713722951; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=mUcwiyFHOOyR1TxaHBGwT/R8u08BH+n1ydQXmt0BUDo=; b=N//Ylxkq1N/D96S+BrWky1DpFzoblB0HEiPtMFXW02FI3dCWFwJ8uVAggF3gptpwrZXxX7 RsIvpuj+m845aIO6qF8tuMwCtcvCVLVBOWtlkaSStIvRMpm92OZ3QyEAd6lILVjE2vogg0 NT46XszZ5suGLMjoAYIKvyRYp1ICdCg= ARC-Authentication-Results: i=2; imf15.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b=nLjc85bm; arc=pass ("microsoft.com:s=arcselector9901:i=1"); spf=pass (imf15.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.220.50 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com; dmarc=pass (policy=quarantine) header.from=amd.com ARC-Seal: i=2; s=arc-20220608; d=hostedemail.com; t=1713722951; a=rsa-sha256; cv=pass; b=ljTX1NiV7ALynjDR33OnqFFBqgpUtrhhRvTQeDrF5chRLCysaBIRxqNOuUHevjy3kZqeKQ CUG4fRoT46tNIswVn0lbP2h2c41YEYQT+j540zYE8LcJbfw7WZGnNPbysVvL/vOZmb+hJa KSLu1pHwP6gRjRUhrV+QcHXJG3HEXaw= ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=GhTe5uq0el5Ao6VZyd18+tbbXC5IVMDSuCKTOuGuUE+VFFy6CinTW6rOYBqsOEnWPDnf7CcKUZbq28b0wVVxx4Eh1/AdJk8CWarMMb2/ZFTvMHhJAkfEOd6Z+tE2iQhkrZJVGgX9Ec5t+5QPL59Obd9/LZGdkyh8Euduh3r+1uIKjZJQ+rK/UpiS/T/bAGxLJUkU8kAPxpY5/auFcLjV5b1k/u3ilVitlzW6wg4YtMZcm2Q4GUIMl8J0YyQSr8mK1fFOYkUgS+pH4fbGO7x3y8A/qeFOzJVrPxqNvW+wKSVRizelJbIO06KnBZezzBUi5GIyUDznbf8LCGfgF4WYeA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=mUcwiyFHOOyR1TxaHBGwT/R8u08BH+n1ydQXmt0BUDo=; b=UD8V9GBwoE04GYRd7YZQ0YI4AVyftlEsmbz1G0z9Axszdc7TROobl6ErRfftmNvc1KTvyPHl8dHEtFokQeHygHc4ZY59WOgPlKdJDvpWE0CfHlo97o1xAnhx9zlNdWoNyPUN6cofILh+PGKMR2nEMIh/hHdLZOPzStUZ9gLHOvaTcTXkE8JPO4D8FJ8rGLvq630nsH0j68X/BEXHPeeRpIW6Dz8cNyk5DfqIZ2yWwV2i0sFTVN3e1sPZxQwC+tpbfAjDaGHXb/WSZQEOoVsvK5e52VLdalR4YDmNUKwoRqdQ80tZJB+/WI2nTK+ECyjYzLgM2Aw8zJE1JUfLE7SJmg== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none (0) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=mUcwiyFHOOyR1TxaHBGwT/R8u08BH+n1ydQXmt0BUDo=; b=nLjc85bmeMpHY4+KmPiz1lSmKf5c3iGwtbhjaOCa1ZeHxPklaTmVD8BByuNP6/RzHwGAA838g9SSQN6KUlHoYmaALQMIVR+Kv4IstiGxzJta9u36646ByjECHLgOAElTI15osR/CSVJh8C6ZHSztFR4VENXjLfbc+6WvjeQMU7Y= Received: from BYAPR11CA0097.namprd11.prod.outlook.com (2603:10b6:a03:f4::38) by PH8PR12MB7448.namprd12.prod.outlook.com (2603:10b6:510:214::11) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7472.44; Sun, 21 Apr 2024 18:09:03 +0000 Received: from CY4PEPF0000FCC4.namprd03.prod.outlook.com (2603:10b6:a03:f4:cafe::68) by BYAPR11CA0097.outlook.office365.com (2603:10b6:a03:f4::38) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7495.32 via Frontend Transport; Sun, 21 Apr 2024 18:09:03 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by CY4PEPF0000FCC4.mail.protection.outlook.com (10.167.242.106) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.7519.19 via Frontend Transport; Sun, 21 Apr 2024 18:09:03 +0000 Received: from localhost (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.35; Sun, 21 Apr 2024 13:09:02 -0500 From: Michael Roth To: CC: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , Brijesh Singh Subject: [PATCH v14 02/22] KVM: SEV: Add support to handle AP reset MSR protocol Date: Sun, 21 Apr 2024 13:01:02 -0500 Message-ID: <20240421180122.1650812-3-michael.roth@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20240421180122.1650812-1-michael.roth@amd.com> References: <20240421180122.1650812-1-michael.roth@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: CY4PEPF0000FCC4:EE_|PH8PR12MB7448:EE_ X-MS-Office365-Filtering-Correlation-Id: fc9b7ceb-3d34-4834-4b05-08dc622e20b5 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: huaABAK0E6/58H8ZcUROohLzz652unpG7GsDtz3fKe1GK/gXuqVQ7p2y0MttRBYj+WLS/ftxC2RzSd9Yz9DRWfRK3OvsUKu8b3zkVvBzMutUDBPAv8WmOODrgUrcu9JZQ/b/aRWdcL+Ud+0IPLU9aSOadWlPySp8h4KjN/Rboicfqis3Dg/Q23UcDk8bUwSUEQI1qyWOeN13JZtEkHOA4iv+KJevJPn1cVQ/wNmy5VEdOKyP27UXOoO6lO6mvNxAH/S5VOtMF8egrCY6DkJ6OTs92TbwjEWL1juhO0hPHWrifs40gfXmhSyMSr1bNtQ3pa3O7QsTZ7pEuaF1j7X4nS3JGlN8w6AO9hdzISw3COG57HHeQsD3BH+sZ3gXbf+ermmqi7kOZ9RAch/HORr2KQdgsDbAZzHMjYQSc9faN7AbSbqDyTx4E0O5+QHoY5NwtgYlTmJozQM5zd3O9KrFsVJtyHL2DE1gX27W8OT9rlV9eqswPDtZvxGRdB4yWl+WiYsPqFFX/bcbQADr+4yfpRir18sl2EiJ3vk1SqP3trfWIcn+nS2XcEpS8Ym5QKP6x9Ln7JNIkt0DziUi2xpa+aPFqLQhxNh/NP1l2557/7UgqlL/gl7hKsiRVjs9NLAYpHwFGMtvDJSWSJPUEEp28QaxJ44vldiKHuwjepeyWuHmIydwRNasNGgMh5gou5ZrwuIQYVeXAww5nNGqlcQhBvvZR/z56h1XPhStBhJeQiqUcLIbca6lCDZMjH1eMztCcpjBPR6GVbxZ2HZC/pIJJt6vQqo1DzxoR5BrhqMIEhlvPcwtHF3zZcAP8UccwfwAMsdrqn+JQ+/1JJx5vVWqbMf2f2jFDoETcqZt7EW5nzuW6cCVuwGJguhUEkcEFFjjSn9LcWmXgsnKc02xJj7k6asNVPFlxmsNvMzBeIsXwGNURvqIw8lXuHh6hucjWZpuZkHwu2X0P/M1OSyHg/lwPVZ2umY2l22AM/ri1F8+Uj6Bw0sysSdm9pBnWROj9k/CXgHi7zL/MwZY+/4OMh9nPm6ldfgyaQn4xZRJ60DnaV1OMkjkxSFZTSZ4FXXPTuBtwA8Co5cVEjUYbmdmvr+xr1nRSBheAt9/lAkuHt430GRUrUG7oAQtfFcK3f4LxelFImvcLuJH/ptm9tZSOuHpAegBRFgeiENzbQSpCzD2KazSu8so0uMuY9BzcRzlj0JhtQ94wRyXmBoHczUIWOQbJzZB44OGnleErZ+JxKgDdReh3u5xTLvZ3NOn6AZb+U1Q3CdhUS3RKRQEhOTdBPXe59OouCfCtrToTQhXnslpn/jYjODTGsOs6Plk60x75p8i4kC/SlHYiwVOM43BhmV81p972EiOcumU2suFn3GbuKkwSxIOZkL9UZbT4Vw7gJyh X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230031)(36860700004)(1800799015)(7416005)(376005)(82310400014);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 21 Apr 2024 18:09:03.5600 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: fc9b7ceb-3d34-4834-4b05-08dc622e20b5 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: CY4PEPF0000FCC4.namprd03.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: PH8PR12MB7448 X-Stat-Signature: afdahsqdffoxmxiyr8jrrz3enxttdiwy X-Rspamd-Queue-Id: D7685A0012 X-Rspamd-Server: rspam10 X-Rspam-User: X-HE-Tag: 1713722950-554001 X-HE-Meta: U2FsdGVkX19C0py9b2RF8/kEP/g8szQDlE0p6h1s6linryyrygqDpQsrudpGu6BMnDaVxvFkK1NmRrW+aagMrexerRU21ML2NLxadp8BDV+XX4GLkHHR6zeh3yH7Uh4URpjAHfDs+IIT5Wj6ubSABpENdbRkFZfT7SaOxRuDL/UDbcbKdDD4mQhs0cEvZGntD/i9wiwQoJxpdW2+8NanEhGViOFHE+2Y1/VSSuGIwHW7kX9l8xnEKps4oXZtQf6KAHbKfDUXnfQEOLlOR+DUv+0kKayoADXPQGpTbJDZ6p394M1ou4oxux85XagWrjEGgDCbwWyslJakNGjtnU+CrgRaLRH8eneePBMy336OTACHgXgOz3+e4WMrNAgybw8X+M5PAljUgfaV7EnMuA+h4qntguj3MEnimDGefwPjtazOYgPwd9ro0ZRMgodTtLTOzfvBGIjUsYimUzrQumi/97sJDixlL4+7lDTa/hMfA5WjjpKbWdcV5S//8q30osFQPNf8TiFqTc6mdqd6ld0kDrZCJY3d/YIbaCPMpYLGSWvyvVPa8+uwgkJbIDHOR3Gi1dKUzmeZvyQwCTBQFGGQgEx6GtcK7/uBHcJdHVSRDnVhoQyZXIWMmPtOLBFlYkSABdEG6sfgN9Ix3atlegIHIFh+7TQDyDeQ7OsA+D+f4UJQJJBrSwbo/QwUkXJul5na6soHoB4dgHfsrSgPmb5Ligcvc/t43/vBZA0gdzZRx4h2d4AKwjspgBp3x6gSCzy/MlRQyLxqebfUNBJhmIqkgJDqMZk5UZ0Hn9ctJ1DzkQWoelmvWu4lkNT0QQoktf1E7BlXtMaXyqAXZlWFh8vD7nQ8oFnThgWZvLwnbArzucF3cLvhp7XvwiovkTo026ah8ANrqrD4BiMP0ZRxODEodEJIydxOdjphnvY9CfON0GBhp3VsF9yVXzenmCCRfxna0i3QFVPc9lK5wWtOPT+ 1kXx/ETm Ao1YMhR8vj/Vyjlxct7JAgsYIbSHHVWnYV4lsVxugA9CkeR4cfS9yeQKlPAhHgjz3gRAByY1YfSlmW7xAe6jXXIXz/pIuMMv0DAjmR/0H48ZiQ0rf+R3BNn3EhkGFKavALbLQsokziYDkbjjzcnfK87qEwOSU4HaBqjppfZy/p1Tgak1CwLx0ANH39gdRJmuD2ZGt13rDcFdvFC+9iT4KOufqTfkki1Zzt5cXDcSCrwUSCePzlaUQREqZfzX1gTNWcjNrier47OrCAPf8KgRPUHeDff3q33PSky38xh/Z7xkOMoIxYVNEKg/eei3uU//Klc/tSdNwA8Bv82k= X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: From: Tom Lendacky Add support for AP Reset Hold being invoked using the GHCB MSR protocol, available in version 2 of the GHCB specification. Signed-off-by: Tom Lendacky Signed-off-by: Brijesh Singh Signed-off-by: Ashish Kalra Signed-off-by: Michael Roth --- arch/x86/include/asm/sev-common.h | 6 ++-- arch/x86/kvm/svm/sev.c | 56 ++++++++++++++++++++++++++----- arch/x86/kvm/svm/svm.h | 1 + 3 files changed, 53 insertions(+), 10 deletions(-) diff --git a/arch/x86/include/asm/sev-common.h b/arch/x86/include/asm/sev-common.h index b463fcbd4b90..01261f7054ad 100644 --- a/arch/x86/include/asm/sev-common.h +++ b/arch/x86/include/asm/sev-common.h @@ -54,8 +54,10 @@ (((unsigned long)fn) << 32)) /* AP Reset Hold */ -#define GHCB_MSR_AP_RESET_HOLD_REQ 0x006 -#define GHCB_MSR_AP_RESET_HOLD_RESP 0x007 +#define GHCB_MSR_AP_RESET_HOLD_REQ 0x006 +#define GHCB_MSR_AP_RESET_HOLD_RESP 0x007 +#define GHCB_MSR_AP_RESET_HOLD_RESULT_POS 12 +#define GHCB_MSR_AP_RESET_HOLD_RESULT_MASK GENMASK_ULL(51, 0) /* GHCB GPA Register */ #define GHCB_MSR_REG_GPA_REQ 0x012 diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c index 598d78b4107f..6e31cb408dd8 100644 --- a/arch/x86/kvm/svm/sev.c +++ b/arch/x86/kvm/svm/sev.c @@ -49,6 +49,10 @@ static bool sev_es_debug_swap_enabled = true; module_param_named(debug_swap, sev_es_debug_swap_enabled, bool, 0444); static u64 sev_supported_vmsa_features; +#define AP_RESET_HOLD_NONE 0 +#define AP_RESET_HOLD_NAE_EVENT 1 +#define AP_RESET_HOLD_MSR_PROTO 2 + static u8 sev_enc_bit; static DECLARE_RWSEM(sev_deactivate_lock); static DEFINE_MUTEX(sev_bitmap_lock); @@ -2727,6 +2731,9 @@ static int sev_es_validate_vmgexit(struct vcpu_svm *svm) void sev_es_unmap_ghcb(struct vcpu_svm *svm) { + /* Clear any indication that the vCPU is in a type of AP Reset Hold */ + svm->sev_es.ap_reset_hold_type = AP_RESET_HOLD_NONE; + if (!svm->sev_es.ghcb) return; @@ -2938,6 +2945,22 @@ static int sev_handle_vmgexit_msr_protocol(struct vcpu_svm *svm) GHCB_MSR_INFO_POS); break; } + case GHCB_MSR_AP_RESET_HOLD_REQ: + svm->sev_es.ap_reset_hold_type = AP_RESET_HOLD_MSR_PROTO; + ret = kvm_emulate_ap_reset_hold(&svm->vcpu); + + /* + * Preset the result to a non-SIPI return and then only set + * the result to non-zero when delivering a SIPI. + */ + set_ghcb_msr_bits(svm, 0, + GHCB_MSR_AP_RESET_HOLD_RESULT_MASK, + GHCB_MSR_AP_RESET_HOLD_RESULT_POS); + + set_ghcb_msr_bits(svm, GHCB_MSR_AP_RESET_HOLD_RESP, + GHCB_MSR_INFO_MASK, + GHCB_MSR_INFO_POS); + break; case GHCB_MSR_TERM_REQ: { u64 reason_set, reason_code; @@ -3037,6 +3060,7 @@ int sev_handle_vmgexit(struct kvm_vcpu *vcpu) ret = 1; break; case SVM_VMGEXIT_AP_HLT_LOOP: + svm->sev_es.ap_reset_hold_type = AP_RESET_HOLD_NAE_EVENT; ret = kvm_emulate_ap_reset_hold(vcpu); break; case SVM_VMGEXIT_AP_JUMP_TABLE: { @@ -3280,15 +3304,31 @@ void sev_vcpu_deliver_sipi_vector(struct kvm_vcpu *vcpu, u8 vector) return; } - /* - * Subsequent SIPI: Return from an AP Reset Hold VMGEXIT, where - * the guest will set the CS and RIP. Set SW_EXIT_INFO_2 to a - * non-zero value. - */ - if (!svm->sev_es.ghcb) - return; + /* Subsequent SIPI */ + switch (svm->sev_es.ap_reset_hold_type) { + case AP_RESET_HOLD_NAE_EVENT: + /* + * Return from an AP Reset Hold VMGEXIT, where the guest will + * set the CS and RIP. Set SW_EXIT_INFO_2 to a non-zero value. + */ + ghcb_set_sw_exit_info_2(svm->sev_es.ghcb, 1); + break; + case AP_RESET_HOLD_MSR_PROTO: + /* + * Return from an AP Reset Hold VMGEXIT, where the guest will + * set the CS and RIP. Set GHCB data field to a non-zero value. + */ + set_ghcb_msr_bits(svm, 1, + GHCB_MSR_AP_RESET_HOLD_RESULT_MASK, + GHCB_MSR_AP_RESET_HOLD_RESULT_POS); - ghcb_set_sw_exit_info_2(svm->sev_es.ghcb, 1); + set_ghcb_msr_bits(svm, GHCB_MSR_AP_RESET_HOLD_RESP, + GHCB_MSR_INFO_MASK, + GHCB_MSR_INFO_POS); + break; + default: + break; + } } struct page *snp_safe_alloc_page(struct kvm_vcpu *vcpu) diff --git a/arch/x86/kvm/svm/svm.h b/arch/x86/kvm/svm/svm.h index 323901782547..6fd0f5862681 100644 --- a/arch/x86/kvm/svm/svm.h +++ b/arch/x86/kvm/svm/svm.h @@ -199,6 +199,7 @@ struct vcpu_sev_es_state { u8 valid_bitmap[16]; struct kvm_host_map ghcb_map; bool received_first_sipi; + unsigned int ap_reset_hold_type; /* SEV-ES scratch area support */ u64 sw_scratch; From patchwork Sun Apr 21 18:01:03 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Roth X-Patchwork-Id: 13637454 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id BF3D2C04FF8 for ; Sun, 21 Apr 2024 18:09:33 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 4FC176B00B4; Sun, 21 Apr 2024 14:09:33 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 4AB776B00B5; Sun, 21 Apr 2024 14:09:33 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 34BF46B00B6; Sun, 21 Apr 2024 14:09:33 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0012.hostedemail.com [216.40.44.12]) by kanga.kvack.org (Postfix) with ESMTP id 130C66B00B4 for ; Sun, 21 Apr 2024 14:09:33 -0400 (EDT) Received: from smtpin19.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay01.hostedemail.com (Postfix) with ESMTP id CA4841C0A2E for ; Sun, 21 Apr 2024 18:09:32 +0000 (UTC) X-FDA: 82034326584.19.FBFE376 Received: from NAM11-DM6-obe.outbound.protection.outlook.com (mail-dm6nam11on2077.outbound.protection.outlook.com [40.107.223.77]) by imf25.hostedemail.com (Postfix) with ESMTP id D3811A0003 for ; Sun, 21 Apr 2024 18:09:29 +0000 (UTC) Authentication-Results: imf25.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b=TyI7gEWU; arc=pass ("microsoft.com:s=arcselector9901:i=1"); spf=pass (imf25.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.223.77 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com; dmarc=pass (policy=quarantine) header.from=amd.com ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1713722969; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=fgJgGQzmEQFn3qDjiul4utVDj7Am85Us4DHS4OSv5bE=; b=Iy48YHDEEt4jBRPN29tflqLFToEQb8FiuX5EPfCW3KCRTSI+KjR+Nl5vaoTBoUvvXCBi+4 iAaG5MNEzBleu5i/5SIITGCbB90HZC5KQbkrgLaoFnBfYnv6YjDWykZW2amkjpWcerKcpR higLMdltM2AkA/LLsT5bxe/RMMC5Hng= ARC-Authentication-Results: i=2; imf25.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b=TyI7gEWU; arc=pass ("microsoft.com:s=arcselector9901:i=1"); spf=pass (imf25.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.223.77 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com; dmarc=pass (policy=quarantine) header.from=amd.com ARC-Seal: i=2; s=arc-20220608; d=hostedemail.com; t=1713722969; a=rsa-sha256; cv=pass; b=YEgxRePg0CaPEtMumROqEYZzTtvEf7UXJ8BxL+yhz/+97qjyQcSRV2lhBSODC9IpfiYyA1 MkEXxP4Sfq80ZOQl0RIB+LysX2Gt3WJlnp5vYcWJOZKy1xTLhb0L2cfLmbWEow75RZHtv1 caIwyeXh4Rx3xfwKMfLEz9eCrby5RlE= ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=IFjkivabxXx8qtNwWxwbBn1QAc1+sgmRxpJ/Hn2kpKH2aNH0odV1z32nm6m0q9qHLIdR7bGstjayBKGhJGAgiEQS6R9ZM5EE3alckFMLgkcdlh2/E6V+zlijfvfVAXwHrVWRazl7Nv3IE1mcETfF94IOmmWaK4OYR87NC0zgUQ2CQyfNo+KTWZFvJ6VJTjmQ0P646aGu3/41jFvl2TFRzCXVXZDZLYDNvldWxdcwcBqjmOm6X2U1jPNUWLSvkYSR5EKdYrGryXqOru2rK2LLcOlCZGd2gC+m8YjgatVvELXGNHJtWY6YeFcFjWkbmbcUii7rPIRCjoVgv4akMNZvEg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=fgJgGQzmEQFn3qDjiul4utVDj7Am85Us4DHS4OSv5bE=; b=NufusNhjKmOiYP66dpug1Gj+pepuUxEB+3xzxhQTgI6MaJwmO6n3yVkm3BwKFtwZDrAU0d+a3bdAxm+4OFB3WFRQEpy3xJUEB4PQ+sns1I56lbtsXhIKyJCsyqb/2oe7Ef18I9NOj4xR70JuSgeMm4VxuSmcsvWk3jjEzZaGpmodLfw2q8TXtUIeEe2JZx9MfEUZgv4WyDyj0DCVVv2KG+Ps7t5nqJkx4c0I5VbHt8Cj+ebeXMN9l2tZP2bncQgjx+RVf862EpmzH34PXrvJLXESha1pWQk4Qc6z6No1r/ib0rpol0RHH+G8AGQbkCkbnHqv8RU/ZHgb4lTTyFp0uQ== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none (0) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=fgJgGQzmEQFn3qDjiul4utVDj7Am85Us4DHS4OSv5bE=; b=TyI7gEWUllsimAfPIgcNHv1J/8wRYMmjRwCLEVQq0LkVW5DHkWx2UYAVT2DksGOb+4FPFXetG6Om7WZIp5h8gcl/C4myx3Fasscn1xAMUrMUTLX0tpc8fczN6XiQLJkUDT2yqVDcGA3hX10XSBJXVTwBYdltlA20Hs8ZzaY3S3s= Received: from PH8PR22CA0021.namprd22.prod.outlook.com (2603:10b6:510:2d1::7) by DS0PR12MB8814.namprd12.prod.outlook.com (2603:10b6:8:14e::22) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7472.44; Sun, 21 Apr 2024 18:09:25 +0000 Received: from CY4PEPF0000FCBE.namprd03.prod.outlook.com (2603:10b6:510:2d1:cafe::7c) by PH8PR22CA0021.outlook.office365.com (2603:10b6:510:2d1::7) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7495.33 via Frontend Transport; Sun, 21 Apr 2024 18:09:25 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by CY4PEPF0000FCBE.mail.protection.outlook.com (10.167.242.100) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.7519.19 via Frontend Transport; Sun, 21 Apr 2024 18:09:24 +0000 Received: from localhost (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.35; Sun, 21 Apr 2024 13:09:24 -0500 From: Michael Roth To: CC: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , Brijesh Singh Subject: [PATCH v14 03/22] KVM: SEV: Add GHCB handling for Hypervisor Feature Support requests Date: Sun, 21 Apr 2024 13:01:03 -0500 Message-ID: <20240421180122.1650812-4-michael.roth@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20240421180122.1650812-1-michael.roth@amd.com> References: <20240421180122.1650812-1-michael.roth@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: CY4PEPF0000FCBE:EE_|DS0PR12MB8814:EE_ X-MS-Office365-Filtering-Correlation-Id: fbb9d9f2-33ec-4297-c822-08dc622e2d6f X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: TuCZ4d/xlryLJ/cd8oAhxCsR/JgoPRQlSPbbn3ctk9eAN3PhTTrZ8e6hs57qVm9t2dhNJR9132b8vzeQ8Qzo/57hcIoDphNvoJj0pUXKkS7Od7vFwMX7eAC3mJfCmagAF/THNh2cOiifF/9qZ9je8Mlhxu1+fd0zxl1TTKqGz1k9pzwS8mijVzQeiV+fJqh3p5TNlhN5h9oj3onb5H+tQ5mTQ23pkNpgX6GSR9AOkkH19zhrnYzPsrYpdJW9la7e9TaIYRL1rQ6gMjJwRDqtVBU4MZFFYNeiw9CxSoDgI5iT4x6sg4ykxyo4/Ghmn/S4LkoTSWv+/LLNRNKPhyW09bppVl+Nw5gutrHOmKYGT0lP1owSXooCSVAZKzeCp5gKLpZSwCouqyoZGo+7V8nHamsxt4hrlgIy6AeT44WGDXsEL3u4GA2u3B3qS4T7pAKB4ravE9w76rIW4fs3WTa4lge7UCY+CybQkhDRreERxubflH1BsSFR/Qa4WAgpIjkKxsyZ4Eklwx5lgl7XrUTg4mOIbj8xVMB72T/FhJYeNKshPltb1Si26Bh0UGbYAWfxfiXsgKEZxjL4mQ0vMgjyDc5eBJNr0t19ZqTyI4TEXL7YCi/sYdKfd4DAtBeRVSwqbrLIRmFpzjaVRENrP9QWctJzfvbVBCO33o4LrlGZwOHReBoCKh5YFAZJJexuGBI78+OR8Ci2Lb5ti1sgVncDY+y0qQx+HFQZ4K+W3UVKafdIynbD+SxASLx/uUzPEF6Yus+jcAbZiTTOGmWRAcM798OaBHwX3BXm3SqpEM4pZMNKgloMlPlyhbRRsTobWfZPh+sj80Aenz8XZnfll+zFnTgQnE54oFgx+k6U/P77eSqFY2wov7k0izdfx4MvMG+JI72npsI4Ucev+vqJFPqAgRAAIuWKUk6DDdt8fakkuKqRp7e/1oQMylOBEPuX4QtNut9w8z5HZ+Ya9ENjVR65LNb6Pirq8wdaoCCnqZpLWfN0zVKiSNbD3HDqypSwJBkraGp/MnWF0jeScp/o/4Gpe3R8h49tnGb4bBun5rZkkFIVvolaqTkc9DCLBBtsSqgFviMfccRFi+g7kwPbfgHihmy5i292ZZdsxJ7KAbNW9ehHY7N+euf6DDLaCVkmON3elNPB30tw0o8RaCge8MJDVKnhwnUSADVwEV9HpNHqphSv43EfcM59HjJqeIS1od+ScBgkIbyFxIEmzq0LZpI70ZvJA93oIDV7jk4lnbyaOLa4itJhRtfpgNtHbBiBl6XPbJaELNO3EPgogNOqQOuRtn12+hci4UcW9O8aZjhz8bjYamASphS4OLlTbwiRY20cn0w4Lk4rcf1341SYFy4xuD5LcSUJKG/71LntngFTkRo= X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230031)(1800799015)(7416005)(82310400014)(376005)(36860700004);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 21 Apr 2024 18:09:24.8992 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: fbb9d9f2-33ec-4297-c822-08dc622e2d6f X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: CY4PEPF0000FCBE.namprd03.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: DS0PR12MB8814 X-Stat-Signature: y63d4g8qkr8stgozmkupiq64eknsb4rh X-Rspamd-Queue-Id: D3811A0003 X-Rspamd-Server: rspam02 X-Rspam-User: X-HE-Tag: 1713722969-441527 X-HE-Meta: U2FsdGVkX19w8crUxjAy+k1btldpUj8SB1bfx0WzOIXo507/Q4XrnIsnLjGAkF0fkWA+qi0jWnDqw3Bvpo97lJM/Tljr4Zd1KUgs04QPCTGAX+DebUQ1/bMGQ67Z5B/zZyH7Z6AUQH3zvzjXfKBgRjisO4r1AfwLalLE5o5zz7lDJvx0sc92wzS7K9GixOZUi2tf7ZY1O3IoZPuKc/vtOtx25UwhBVd9+MrwZNE/VAUQagcGsjKDxxhIcKkOrJJw84qv93SncPj2rmNX8X943hK/ydknxkvr0UkGsT1RLvsosK0MlhefGB0mOe6N3VUSCAFKFrQ3rECJnTXYQ3YdOQlh6jr75EpsKs0J79Hpm1rxzX2bYBZ8oTF8goInvI3a3jDKDM3+UPr02NhS6Z5B3D7fakZwcpPoaCTdwf+OQIPAY6dCuYTU6e9beEaLKGEom1XwqHz0vUVPmzKM8lXKgW8RBwG11/itbBZHv4T6ltnDkTA+VFShf519Bx9zyUOb46Pn2seeYqoNXhV420L+8Oqi8rQL/u+hI2VUUbqaJ02cB6hrjJftY8Bq57ht4zaoT4wf81rA1NZ0I4GklUsJVFmVo8JfsRvh3KHOicyYq2iSJpBKlMH+bDjEOTP7GFHAMgc05OPjZwXMlbXelL5g98tsbpvcAbu/7w5vlf+oA/FaNBMlnUsa2N4M+9Ih+4nkWS4DIw40JuaE6O5OvgEYDXQrrqmtCGWSXPytvvKWQpE/sjLobXjIrO49JuRIc4W9akgQ/4GlAAbRPVg/MkMzybAvbtok0HU54EQ1jOR3SU+Megy1DH62gyrBfNyk9B1nUOwi/ld7BXlpaPKu4jst91mPcaxLdOYj5sFu9nlAaMomK5CVKY9831/mbMGuzmyCWg8xR5yE6SNX0NMdTgfa4SYPFEbTVP8O8vKIw8PFR5T1u3CN0xDj4FQHubMtky4m06WVPKjtcvUrjLT56TU 8rb4iN0u ApEhHuviByhfHhiStVH2MftKO03lak3NY6D1q/Yo0B+pifCLZb5Of+eu7oYkXQpuvnLFef4ZbDGzSqgu/XpV4dDTUHtku3faK9ctuRbqYtlp4kwChWbInpmGgj4dIuLSfu+WZgegVmp/PcddKwATXG216nz2fkBoTkC94nBCDnPi0V6lK4TlYeGR5zuENfc6O+4IBbiSJnDI01P8ncGGthAt41A0Iy7/dbRtDYHyaxptPTpsQTKirSa/5hy77VzTje1VJfN7TbuKZeVXTEu2uA6/Svg2pTyJ3O+PcsMPkVhtOOk3PoEBcsNsd9N5V4I/vSyemRj3hQ8CXDGjJyCOw1h4dhPeVfEvT/t3VH7k2UN7edZs1HyRlFTcOtw== X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: From: Brijesh Singh Version 2 of the GHCB specification introduced advertisement of features that are supported by the Hypervisor. Now that KVM supports version 2 of the GHCB specification, bump the maximum supported protocol version. Signed-off-by: Brijesh Singh Signed-off-by: Ashish Kalra Signed-off-by: Michael Roth --- arch/x86/include/asm/sev-common.h | 2 ++ arch/x86/kvm/svm/sev.c | 16 +++++++++++++++- 2 files changed, 17 insertions(+), 1 deletion(-) diff --git a/arch/x86/include/asm/sev-common.h b/arch/x86/include/asm/sev-common.h index 01261f7054ad..5a8246dd532f 100644 --- a/arch/x86/include/asm/sev-common.h +++ b/arch/x86/include/asm/sev-common.h @@ -101,6 +101,8 @@ enum psc_op { /* GHCB Hypervisor Feature Request/Response */ #define GHCB_MSR_HV_FT_REQ 0x080 #define GHCB_MSR_HV_FT_RESP 0x081 +#define GHCB_MSR_HV_FT_POS 12 +#define GHCB_MSR_HV_FT_MASK GENMASK_ULL(51, 0) #define GHCB_MSR_HV_FT_RESP_VAL(v) \ /* GHCBData[63:12] */ \ (((u64)(v) & GENMASK_ULL(63, 12)) >> 12) diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c index 6e31cb408dd8..1d2264e93afe 100644 --- a/arch/x86/kvm/svm/sev.c +++ b/arch/x86/kvm/svm/sev.c @@ -33,9 +33,11 @@ #include "cpuid.h" #include "trace.h" -#define GHCB_VERSION_MAX 1ULL +#define GHCB_VERSION_MAX 2ULL #define GHCB_VERSION_MIN 1ULL +#define GHCB_HV_FT_SUPPORTED GHCB_HV_FT_SNP + /* enable/disable SEV support */ static bool sev_enabled = true; module_param_named(sev, sev_enabled, bool, 0444); @@ -2701,6 +2703,7 @@ static int sev_es_validate_vmgexit(struct vcpu_svm *svm) case SVM_VMGEXIT_AP_HLT_LOOP: case SVM_VMGEXIT_AP_JUMP_TABLE: case SVM_VMGEXIT_UNSUPPORTED_EVENT: + case SVM_VMGEXIT_HV_FEATURES: break; default: reason = GHCB_ERR_INVALID_EVENT; @@ -2961,6 +2964,12 @@ static int sev_handle_vmgexit_msr_protocol(struct vcpu_svm *svm) GHCB_MSR_INFO_MASK, GHCB_MSR_INFO_POS); break; + case GHCB_MSR_HV_FT_REQ: + set_ghcb_msr_bits(svm, GHCB_HV_FT_SUPPORTED, + GHCB_MSR_HV_FT_MASK, GHCB_MSR_HV_FT_POS); + set_ghcb_msr_bits(svm, GHCB_MSR_HV_FT_RESP, + GHCB_MSR_INFO_MASK, GHCB_MSR_INFO_POS); + break; case GHCB_MSR_TERM_REQ: { u64 reason_set, reason_code; @@ -3085,6 +3094,11 @@ int sev_handle_vmgexit(struct kvm_vcpu *vcpu) ret = 1; break; } + case SVM_VMGEXIT_HV_FEATURES: + ghcb_set_sw_exit_info_2(svm->sev_es.ghcb, GHCB_HV_FT_SUPPORTED); + + ret = 1; + break; case SVM_VMGEXIT_UNSUPPORTED_EVENT: vcpu_unimpl(vcpu, "vmgexit: unsupported event - exit_info_1=%#llx, exit_info_2=%#llx\n", From patchwork Sun Apr 21 18:01:04 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Roth X-Patchwork-Id: 13637455 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id D9477C4345F for ; Sun, 21 Apr 2024 18:09:53 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 71E776B0096; Sun, 21 Apr 2024 14:09:53 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 6CEC26B00B5; Sun, 21 Apr 2024 14:09:53 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 523DC6B00B7; Sun, 21 Apr 2024 14:09:53 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0010.hostedemail.com [216.40.44.10]) by kanga.kvack.org (Postfix) with ESMTP id 38CA66B0096 for ; Sun, 21 Apr 2024 14:09:53 -0400 (EDT) Received: from smtpin14.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay08.hostedemail.com (Postfix) with ESMTP id E9050140A81 for ; Sun, 21 Apr 2024 18:09:52 +0000 (UTC) X-FDA: 82034327424.14.AAE6C62 Received: from NAM11-BN8-obe.outbound.protection.outlook.com (mail-bn8nam11on2068.outbound.protection.outlook.com [40.107.236.68]) by imf27.hostedemail.com (Postfix) with ESMTP id 0845C40009 for ; Sun, 21 Apr 2024 18:09:49 +0000 (UTC) Authentication-Results: imf27.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b=dw+McJs7; spf=pass (imf27.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.236.68 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com; arc=pass ("microsoft.com:s=arcselector9901:i=1"); dmarc=pass (policy=quarantine) header.from=amd.com ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1713722990; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=jND0rIFSni1fzAPb7rFmVX0m2deMiEZ6Fpm7E+781BE=; b=ScL4oCSeo53+i1qx3VslHyhBADVfaRl75c6lCX535W6vjOf1B5vTcjF9wRwlk6XHz7Ugi7 rbHEpg/0fqDYSsv1GreiCfJrejhuZkcP7QfplVK4z6BVDX+AF8zeRbnc39D7wo35miUcUz HNisMp76mNNc+BPRU8GtDi3XvqhFDJA= ARC-Seal: i=2; s=arc-20220608; d=hostedemail.com; t=1713722990; a=rsa-sha256; cv=pass; b=wZLOocrXwtbGCCARIJW1MKLAvmsdE+WRi60w+fRrfYHj76yjBVOZp+3fNLI7iXBMDCUGKM ivNLFIMe29THu+Qkim1m7boCy70s8YQx08t3lXPeSbFEa7PVDOX/BQhbTnh7cGNOmcIvPV 4+gjkLxVfUeH3wS2Ex6snSLVxuMHsGA= ARC-Authentication-Results: i=2; imf27.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b=dw+McJs7; spf=pass (imf27.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.236.68 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com; arc=pass ("microsoft.com:s=arcselector9901:i=1"); dmarc=pass (policy=quarantine) header.from=amd.com ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=cOkDr7Owd8bltmHWBf/3CsuSG/hpTmZDPN8TfZwcsFNAG+OtPj8nz1PeexcnEowaLsiXvuG2wUpY63wQO9ddQarxTjLaVuXKNraocN51n7xySagJ9xcPrS/5QuiBGj+CXVOnuL6kKAxUXWlaM1Tsa2c25zAVl5pzNlIyl03dUe7IsKwz8/hbuRDp7O4/QSXaQqkwK/L5DnL/iPfPAVCDVgrMenp8irZZwIcX1DW/L0S1tFBSMuzG054dTTzDy7w1Qd7TwNZmG2itf7MAPdrkYeOJb4o/KruHHrtb1tmhwZQ/kG9uyj2MiF2yAQ9ViCR+WQDpDWPbs8fgx90IszpXUw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=jND0rIFSni1fzAPb7rFmVX0m2deMiEZ6Fpm7E+781BE=; b=UnDpZUEEAttZL9jOs81v9lBjM9C+VVUprqai/PpV6VI/1wLkfPkFm5VbbjrWEps3Ewm8euNKGbmUVzIZp+u2YMtyJKSXUu4ERFKOqs+WD0v8iTFVnmhSZ8YC7vUVVAjkcgUGerfvLQ01/uPVUStw3mZY5HRD7z0iOCUFw7hWfkcb4vKAB4o7AB0/4hdv4SgGtUsbyipyyp9bY+Bv87rpuheSPtyKcLxZgcq0eqOI/CX8kJhEUy4SpCTuGBfQ8zIcVGMGJvV5X19MT70B+QdIQoRnXp0aOLtIZgl6+q+0ZuYSY+1O1P30KDv+Vk0vboLplHrflr+V4A+JNq9SE41BNQ== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none (0) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=jND0rIFSni1fzAPb7rFmVX0m2deMiEZ6Fpm7E+781BE=; b=dw+McJs76Lpvse3/QGtF2piy3q+sKkPjMdMvbKhSabfAOmiETPrUzwltBMa2MRx3LgCOi6rRK0t+djt09kQ22NYsnqyw6fuxcgj1FPg2HosJBJOSpBhkq344xLFP1nOuQVNjwwH0+oXUy7f7D1Zpc2IZHhJzdEKJR48AGIBywPY= Received: from SJ0PR03CA0200.namprd03.prod.outlook.com (2603:10b6:a03:2ef::25) by CY5PR12MB6525.namprd12.prod.outlook.com (2603:10b6:930:32::21) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7472.44; Sun, 21 Apr 2024 18:09:46 +0000 Received: from CY4PEPF0000FCC3.namprd03.prod.outlook.com (2603:10b6:a03:2ef:cafe::3e) by SJ0PR03CA0200.outlook.office365.com (2603:10b6:a03:2ef::25) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7495.31 via Frontend Transport; Sun, 21 Apr 2024 18:09:46 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by CY4PEPF0000FCC3.mail.protection.outlook.com (10.167.242.105) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.7519.19 via Frontend Transport; Sun, 21 Apr 2024 18:09:46 +0000 Received: from localhost (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.35; Sun, 21 Apr 2024 13:09:45 -0500 From: Michael Roth To: CC: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , Brijesh Singh Subject: [PATCH v14 04/22] KVM: SEV: Add initial SEV-SNP support Date: Sun, 21 Apr 2024 13:01:04 -0500 Message-ID: <20240421180122.1650812-5-michael.roth@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20240421180122.1650812-1-michael.roth@amd.com> References: <20240421180122.1650812-1-michael.roth@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: CY4PEPF0000FCC3:EE_|CY5PR12MB6525:EE_ X-MS-Office365-Filtering-Correlation-Id: 3bb56b3f-0b07-4dee-9607-08dc622e3a2c X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: N9uJPWQfKD2LksVi60ok3FruV3KGaWo5O4KpE+QDzQZlairD2IKOsUdnQ2FXI9HKc6XQQh+F4TZfz7/C9nStlqBiLQ6XCf9cvP2AQvceYVXN6ua+wxI2UZuvLsnuzV8yo4vSrD5cqjvqJGXmjU5KNTng6sxTcuF5ZFdNhZ+C52ZM31RLfy7/YTdzzMGUFTTMj4iA6wBB7TlzaDLMRtg7TRs9NJ2ih9iWQKcfvveS673WlQt+wlzLMPAp8b4cieYUvRnK2Ch4Z5nbtl+srYjcqiZ8ITsnGfcvRcQPSdNfStyB/g6dC27G617Z4fskoLEnRP37pHpSu9X6kXbKHNny0epl+/YjR1y3DfuFNfknIBvrA+33Odjc640tEUtrwv2aOGU/10OwgymlSWZNHZHlIieZ1VK34NbK25IYoZmc7uLQGQduSXLyQBZKxj1J9XgUTaejYR2xk75WwmfPYQPC6eprSHW4gvgfb9mBSkjmKvCN8YKx9aHJ5fBMW92JIoaN2lXyNaonOc1Vcvgh/e5N07BnB6xZwLyMetvwkieYHIaqlcP+Sd8Av/tt36sMrhBieR6o2WmluiKuyQRnN+qnhktGtpltCuzo2SW0kqEQlGO5CHsCsoGxG8l9jiPoa4jizC0Mn64kpAp35x2DGbjus+WXnpaw1OGCQoK+5RXZifDLTUyS83BZXlUPH87LG4N3Y1msUuVmATfr41gxuzi8WglH2dgDDkoGY/mCICSR1TAhu/HdP1yVEuCo7O2bMWFOWDWjVjG2QZkgrB6BDvuO0TVdg+CbkiT+WScESB7ca3f635MsvDlo0IXeDnw/L7A8PS4AnIect+6kvZKDwVt0xSV7v8r8D5nMK3+CC/FKtdztQisL+5P6JpY/I9bZolMMz3uRNUDOTFlu5YYv7gPaNQd8xBdakoPSFtcj5K/ceFseWv5wKBPDnODnCSIaYy0Z/rBVs9FYWf5T8RDpABfLB7KbJl13qnUTHN9o7CSkIoWxRXRNc0D8lMgpsmhiYtGDGvaS2iTvUPXjazPbZ+VBbMFD7xtPbILN14POoH5gCSS133CshEfs1MJChWcvryFkCYDRRGWQgKQuO5giHVZWq99iIp27ykdVk9G1ZenWn6Evk27M7JZatSRLPruKG8xPmCDkWbjHHDDirb2+ZeODo3GDHWzxM8N9Lz5eCTOddyv8dyvDWY3Btdl9hjylJfBitVOFr4yqoRauUXafyTtzqLLYksHwlZ5HKicGjS1kwJuvoQTUAwwmFl1t4rUjnzxObiS9KpPo06reht1UtSu7/TXXK7HoQ1gkEumIrcHPXaFj3qMSWmnrEjeUM0NPZqFjJgDmpmKSw89c1OK25tbOR/j75Cbmx0dXbdqU9cPssWK4wjEEfOXjbhfAbYUEdDRB X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230031)(1800799015)(7416005)(82310400014)(376005)(36860700004);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 21 Apr 2024 18:09:46.2692 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 3bb56b3f-0b07-4dee-9607-08dc622e3a2c X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: CY4PEPF0000FCC3.namprd03.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: CY5PR12MB6525 X-Stat-Signature: pwszi36wtmj6q3s6nakmfj7okefb8wtb X-Rspamd-Queue-Id: 0845C40009 X-Rspamd-Server: rspam06 X-Rspam-User: X-HE-Tag: 1713722989-955813 X-HE-Meta: U2FsdGVkX18hUGVE9vWsAdh/6ygAF4KaYhKmaRHQu4NaM2xANRlse5CmDgv3LbrK0/D488xxajbaquTUOjf6ccOtnNhkLkpDN1LCTsODJ9Hj2Dyw+w4Yh3UNl4v03LfoGzY9LTELccr8SdtinUrMg/1oTNb1sCJotQ8wd6wghsoarG1S82mQuvmd9HfCAHYMeB37cWU2qEXiNGW5nCQPcH0gt5aLf7fvJaXjVMtaKwUa4/vEETTel4c0QeFvJ2tnG0bp5APUDDmk4pyXBjJWiQdq4AYND29Io1NcU+VLG9ia6wEncU1FlS86O7NyNxaJ/B9fdY2i9JfqQhK5K03qqb81JJMk5iyBrjJwfT9fCwYM6yjF4FKS49coI6JsGZozGXTHLjFivjk9A+MtUnYgMAk6vLsh2vp/7+0/gtC+fsIrYCuJVpZ0EJpne3XuUpGOIDPY+EU0qcwoXr4wzt1Dmd/lMG3ihr5pVi3KRVgZgibVPqx6hF4KsrAkDYf+7/hJPNHv83AtbtM3UDeAXs29k9qllYQ/pJKPxbmZd5qOmw1iwl0r7qjwFHbjDLWYSB8zWCSj8xG/gsKO4TlihiIGqSmw6DCA3cTf0L1Q78E4n+8Qbvo7i3RAeLd7pEc9+IjeUEw0XAfmhu1oOh2bB5H3jFdREvXFKhHHp4s7OFGga+q0RfvMwx2Zucb9NY1bZs5MNObqYNn2t13jf/NUnSDcTZW183Hlzml1O+d0+j7+CmKgslOrJoXqatT4D/DNCDO/X2CKCmCGDml4H/UmwXjeQL3jS1VWuholYlAfuYMOGfN0n99u0W4ikY98EbFUxd7K61nBQNT6wEoy97mdxjATuQWJQlfY+5x7Ac/HjoElx7kgL6mzoSin96iwBKGjg42J0xsN13r8SZPorJeywykSq8OnGGY0o3/va7/kVeGRfXFmr4xpsXlC9jd2OCKsliGKhx0itgODmguiAhcIlvh H67zFxUd fkDX/QZGEg0cHJKJ5ogfnMfpPeTM0aT7CH1xxgxzpX4MJqrlcQ1DhkeonbzijlTeKmbMgU5vjl07rajV8WDuWuxnssJKE0WrEA11ZBSPH/DHkG+EpkjLGCBEffiUmyr2dKg98aX471bwi6qj+M8NH+98eDXblPtE4GBd18kDtOGFL9h9qYVoZwcqYc9bh4U3+Rd5JzRIDDqYl9PlBOBqAKnCUvmvIiUDiy1lc4o560T2UZ0kOA36xjaWPGXrTyqF671ABNoKBpAwDX7p3RzuSfTd/ZDyk0mObo7BkbMIn0VRchduMYjk4nTmaraQtMdbL98I50klHLWIg28N8HFuk4l0zyZrc/4r8akyjiT7WHAAZOFM= X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: From: Brijesh Singh SEV-SNP builds upon existing SEV and SEV-ES functionality while adding new hardware-based security protection. SEV-SNP adds strong memory encryption and integrity protection to help prevent malicious hypervisor-based attacks such as data replay, memory re-mapping, and more, to create an isolated execution environment. Define a new KVM_X86_SNP_VM type which makes use of these capabilities and extend the KVM_SEV_INIT2 ioctl to support it. Also add a basic helper to check whether SNP is enabled and set PFERR_PRIVATE_ACCESS for private #NPFs so they are handled appropriately by KVM MMU. Signed-off-by: Brijesh Singh Co-developed-by: Michael Roth Signed-off-by: Michael Roth Signed-off-by: Ashish Kalra Reviewed-by: Paolo Bonzini --- arch/x86/include/asm/svm.h | 3 ++- arch/x86/include/uapi/asm/kvm.h | 1 + arch/x86/kvm/svm/sev.c | 21 ++++++++++++++++++++- arch/x86/kvm/svm/svm.c | 8 +++++++- arch/x86/kvm/svm/svm.h | 12 ++++++++++++ 5 files changed, 42 insertions(+), 3 deletions(-) diff --git a/arch/x86/include/asm/svm.h b/arch/x86/include/asm/svm.h index 728c98175b9c..544a43c1cf11 100644 --- a/arch/x86/include/asm/svm.h +++ b/arch/x86/include/asm/svm.h @@ -285,7 +285,8 @@ static_assert((X2AVIC_MAX_PHYSICAL_ID & AVIC_PHYSICAL_MAX_INDEX_MASK) == X2AVIC_ #define AVIC_HPA_MASK ~((0xFFFULL << 52) | 0xFFF) -#define SVM_SEV_FEAT_DEBUG_SWAP BIT(5) +#define SVM_SEV_FEAT_SNP_ACTIVE BIT(0) +#define SVM_SEV_FEAT_DEBUG_SWAP BIT(5) struct vmcb_seg { u16 selector; diff --git a/arch/x86/include/uapi/asm/kvm.h b/arch/x86/include/uapi/asm/kvm.h index 72ad5ace118d..9a8b81d20314 100644 --- a/arch/x86/include/uapi/asm/kvm.h +++ b/arch/x86/include/uapi/asm/kvm.h @@ -872,5 +872,6 @@ struct kvm_hyperv_eventfd { #define KVM_X86_SW_PROTECTED_VM 1 #define KVM_X86_SEV_VM 2 #define KVM_X86_SEV_ES_VM 3 +#define KVM_X86_SNP_VM 4 #endif /* _ASM_X86_KVM_H */ diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c index 1d2264e93afe..c41cc73a1efe 100644 --- a/arch/x86/kvm/svm/sev.c +++ b/arch/x86/kvm/svm/sev.c @@ -46,6 +46,9 @@ module_param_named(sev, sev_enabled, bool, 0444); static bool sev_es_enabled = true; module_param_named(sev_es, sev_es_enabled, bool, 0444); +/* enable/disable SEV-SNP support */ +static bool sev_snp_enabled; + /* enable/disable SEV-ES DebugSwap support */ static bool sev_es_debug_swap_enabled = true; module_param_named(debug_swap, sev_es_debug_swap_enabled, bool, 0444); @@ -275,6 +278,9 @@ static int __sev_guest_init(struct kvm *kvm, struct kvm_sev_cmd *argp, sev->es_active = es_active; sev->vmsa_features = data->vmsa_features; + if (vm_type == KVM_X86_SNP_VM) + sev->vmsa_features |= SVM_SEV_FEAT_SNP_ACTIVE; + ret = sev_asid_new(sev); if (ret) goto e_no_asid; @@ -326,7 +332,8 @@ static int sev_guest_init2(struct kvm *kvm, struct kvm_sev_cmd *argp) return -EINVAL; if (kvm->arch.vm_type != KVM_X86_SEV_VM && - kvm->arch.vm_type != KVM_X86_SEV_ES_VM) + kvm->arch.vm_type != KVM_X86_SEV_ES_VM && + kvm->arch.vm_type != KVM_X86_SNP_VM) return -EINVAL; if (copy_from_user(&data, u64_to_user_ptr(argp->data), sizeof(data))) @@ -2306,11 +2313,16 @@ void __init sev_set_cpu_caps(void) kvm_cpu_cap_set(X86_FEATURE_SEV_ES); kvm_caps.supported_vm_types |= BIT(KVM_X86_SEV_ES_VM); } + if (sev_snp_enabled) { + kvm_cpu_cap_set(X86_FEATURE_SEV_SNP); + kvm_caps.supported_vm_types |= BIT(KVM_X86_SNP_VM); + } } void __init sev_hardware_setup(void) { unsigned int eax, ebx, ecx, edx, sev_asid_count, sev_es_asid_count; + bool sev_snp_supported = false; bool sev_es_supported = false; bool sev_supported = false; @@ -2391,6 +2403,7 @@ void __init sev_hardware_setup(void) sev_es_asid_count = min_sev_asid - 1; WARN_ON_ONCE(misc_cg_set_capacity(MISC_CG_RES_SEV_ES, sev_es_asid_count)); sev_es_supported = true; + sev_snp_supported = sev_snp_enabled && cc_platform_has(CC_ATTR_HOST_SEV_SNP); out: if (boot_cpu_has(X86_FEATURE_SEV)) @@ -2403,9 +2416,15 @@ void __init sev_hardware_setup(void) pr_info("SEV-ES %s (ASIDs %u - %u)\n", sev_es_supported ? "enabled" : "disabled", min_sev_asid > 1 ? 1 : 0, min_sev_asid - 1); + if (boot_cpu_has(X86_FEATURE_SEV_SNP)) + pr_info("SEV-SNP %s (ASIDs %u - %u)\n", + sev_snp_supported ? "enabled" : "disabled", + min_sev_asid > 1 ? 1 : 0, min_sev_asid - 1); sev_enabled = sev_supported; sev_es_enabled = sev_es_supported; + sev_snp_enabled = sev_snp_supported; + if (!sev_es_enabled || !cpu_feature_enabled(X86_FEATURE_DEBUG_SWAP) || !cpu_feature_enabled(X86_FEATURE_NO_NESTED_DATA_BP)) sev_es_debug_swap_enabled = false; diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c index 535018f152a3..422b452fbc3b 100644 --- a/arch/x86/kvm/svm/svm.c +++ b/arch/x86/kvm/svm/svm.c @@ -2056,6 +2056,9 @@ static int npf_interception(struct kvm_vcpu *vcpu) if (WARN_ON_ONCE(error_code & PFERR_SYNTHETIC_MASK)) error_code &= ~PFERR_SYNTHETIC_MASK; + if (sev_snp_guest(vcpu->kvm) && (error_code & PFERR_GUEST_ENC_MASK)) + error_code |= PFERR_PRIVATE_ACCESS; + trace_kvm_page_fault(vcpu, fault_address, error_code); return kvm_mmu_page_fault(vcpu, fault_address, error_code, static_cpu_has(X86_FEATURE_DECODEASSISTS) ? @@ -4899,8 +4902,11 @@ static int svm_vm_init(struct kvm *kvm) if (type != KVM_X86_DEFAULT_VM && type != KVM_X86_SW_PROTECTED_VM) { - kvm->arch.has_protected_state = (type == KVM_X86_SEV_ES_VM); + kvm->arch.has_protected_state = + (type == KVM_X86_SEV_ES_VM || type == KVM_X86_SNP_VM); to_kvm_sev_info(kvm)->need_init = true; + + kvm->arch.has_private_mem = (type == KVM_X86_SNP_VM); } if (!pause_filter_count || !pause_filter_thresh) diff --git a/arch/x86/kvm/svm/svm.h b/arch/x86/kvm/svm/svm.h index 6fd0f5862681..7f2e9c7fc4ca 100644 --- a/arch/x86/kvm/svm/svm.h +++ b/arch/x86/kvm/svm/svm.h @@ -348,6 +348,18 @@ static __always_inline bool sev_es_guest(struct kvm *kvm) #endif } +static __always_inline bool sev_snp_guest(struct kvm *kvm) +{ +#ifdef CONFIG_KVM_AMD_SEV + struct kvm_sev_info *sev = &to_kvm_svm(kvm)->sev_info; + + return (sev->vmsa_features & SVM_SEV_FEAT_SNP_ACTIVE) && + !WARN_ON_ONCE(!sev_es_guest(kvm)); +#else + return false; +#endif +} + static inline void vmcb_mark_all_dirty(struct vmcb *vmcb) { vmcb->control.clean = 0; From patchwork Sun Apr 21 18:01:05 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Roth X-Patchwork-Id: 13637456 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 500D5C4345F for ; Sun, 21 Apr 2024 18:10:16 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id DFD406B00B8; Sun, 21 Apr 2024 14:10:15 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id DAD1A6B00B9; Sun, 21 Apr 2024 14:10:15 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id C03496B00BA; Sun, 21 Apr 2024 14:10:15 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0016.hostedemail.com [216.40.44.16]) by kanga.kvack.org (Postfix) with ESMTP id A15B26B00B8 for ; Sun, 21 Apr 2024 14:10:15 -0400 (EDT) Received: from smtpin24.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay05.hostedemail.com (Postfix) with ESMTP id 67724409AD for ; Sun, 21 Apr 2024 18:10:15 +0000 (UTC) X-FDA: 82034328390.24.8B7E2EF Received: from NAM10-DM6-obe.outbound.protection.outlook.com (mail-dm6nam10on2041.outbound.protection.outlook.com [40.107.93.41]) by imf21.hostedemail.com (Postfix) with ESMTP id 6C9611C0018 for ; Sun, 21 Apr 2024 18:10:12 +0000 (UTC) Authentication-Results: imf21.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b=dcJF1FAK; arc=pass ("microsoft.com:s=arcselector9901:i=1"); spf=pass (imf21.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.93.41 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com; dmarc=pass (policy=quarantine) header.from=amd.com ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1713723012; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=Xj0PCdbxto2/vrk3jZ7QgProPbvUdx01e5v6oTqjQrw=; b=urstACn0uCEVc+e0YoliAmRAUVD7MjR/Kn+nsiBk/wTHlKlEljajvr/8xA/q8+07A1ouxM ethxRkiTK5Ax8qj553bFAllJd4h4ow8bfAgH8x/uPTPA2pyr3VA8Flv+7efCH8IqSbNoQn Q27XuJW//b1eZwPlXGBneFq75NljZFI= ARC-Authentication-Results: i=2; imf21.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b=dcJF1FAK; arc=pass ("microsoft.com:s=arcselector9901:i=1"); spf=pass (imf21.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.93.41 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com; dmarc=pass (policy=quarantine) header.from=amd.com ARC-Seal: i=2; s=arc-20220608; d=hostedemail.com; t=1713723012; a=rsa-sha256; cv=pass; b=Ovxhj6DVtk3b3/RdKqd2QN/s8ngv3CIxkXYjH5+dUMQFdRqSuzFe3fiu8XVr/NWzPkONh5 JtFwJqTghi7Q5tYD7kVsB8kyKC15P0hJpr2vvHSnukUnDmFpOJqnHsvlIWR0vzxxKYow39 RM6xsZd7ZLt5BC4ST0fpInufX2AN5Xc= ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=gwLkY6q8/v+VmYnr9cmGErauJfdtS5l95pB0Q7MMUbtBLl9ySb4MO5t5C18oanzQ62Enbc76e4yIokbdazsUjvUwlzcfuQr+yS+Uiyaydk/Fm540qz0Nb/AaAKfoxoD7NOc8LlNcLlRiuxs4K//DenFZLqXsNy/CdiiOTRWc+zBzgCQpQIbuq5ki0cTPgNQQtfEu+4jd9Fdg8FIK3c3XTE8egBroygV9Qyz9hwLD2Q+paEvQgNluPtBqXQFeH3mLlHeFZyu6q4fTsZp4vT1ufh8w9Wz4rc7Fs0CAfpv+nNlnF7C8LuUSKcXDHDPXBXGAtZ0yXE6SOXl+lj0O0iX1cA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=Xj0PCdbxto2/vrk3jZ7QgProPbvUdx01e5v6oTqjQrw=; b=dSqpuNsfcxgITawXOiwn1+FUxEVthG434CEwbCDZqKo4j74NdLpv1ERJ6ytWBL/sas7Js7VZR9E76X7mcDwAEQG/OxqLDKZeeC5yP8SPVNds679CJ/hNGOKIbiG5bfS2DKIXvgWC0Cd9C8egq3D8UcAenBQdfCyuL9kboIotC6LY3V43oZ+VclKe1AERLs5wvk2Fu9rDis/fKyCfSY8+4oBC1c3aBd17f2dLHddWTnezZ3yrns1o1JK8Nd5n0WS/wPBxZZ2kSTyo2TpYjGiNliL7FGZtyWPw4LUEgNpBFowO+jZYtlFy4qC6wIX9oBtDTS6Q3SA0ULc8L0SKb7APDw== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none (0) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=Xj0PCdbxto2/vrk3jZ7QgProPbvUdx01e5v6oTqjQrw=; b=dcJF1FAK5AvGpELX/N1uDl/Q44ZSTwOJpQiK5RnntZ0PYhLGgIwPw2P/SAYGYQ1xQPNFAdGZbRKcYWIVhKDRgecPNxeiQCFezRgXp+zpfHIjXgCXVXWIhdmDR3NCb/NxY+YhsrU5rQfoFlchVjsGqvkaTe2hNZU3GXKi+IqM+ls= Received: from BY3PR05CA0021.namprd05.prod.outlook.com (2603:10b6:a03:254::26) by SJ2PR12MB8829.namprd12.prod.outlook.com (2603:10b6:a03:4d0::7) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7472.44; Sun, 21 Apr 2024 18:10:08 +0000 Received: from CY4PEPF0000FCC4.namprd03.prod.outlook.com (2603:10b6:a03:254:cafe::6) by BY3PR05CA0021.outlook.office365.com (2603:10b6:a03:254::26) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7519.20 via Frontend Transport; Sun, 21 Apr 2024 18:10:07 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by CY4PEPF0000FCC4.mail.protection.outlook.com (10.167.242.106) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.7519.19 via Frontend Transport; Sun, 21 Apr 2024 18:10:07 +0000 Received: from localhost (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.35; Sun, 21 Apr 2024 13:10:06 -0500 From: Michael Roth To: CC: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , Brijesh Singh Subject: [PATCH v14 05/22] KVM: SEV: Add KVM_SEV_SNP_LAUNCH_START command Date: Sun, 21 Apr 2024 13:01:05 -0500 Message-ID: <20240421180122.1650812-6-michael.roth@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20240421180122.1650812-1-michael.roth@amd.com> References: <20240421180122.1650812-1-michael.roth@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: CY4PEPF0000FCC4:EE_|SJ2PR12MB8829:EE_ X-MS-Office365-Filtering-Correlation-Id: 56afeb3b-2e79-4466-dd95-08dc622e46f9 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: dnVtMqNUQxRHWAwG6QAaPMCZBH45vtGfh9/XojDY6qGZHsU+V1AFa0+B3u8B2woHb29pmiljrLL7x7GX5GCHpB1MFz2dNG4x+1KsDN7n6zFdDaByvgbufIjFmnPrkUxPfgA0m/5gvKoFTE3KsSrarxgIzqSr6l2UbmMYwKyVJuc6n/yzWzdc6fkG7jf/ZqdwZueCjCcEM372RpKSw275nKlCF1n+mwByH66FzvgPMedsEeS7XELdngxb/sU5AdIcrMUb6ATk/ua3Cx+ELbk7di5bE1OCrGdbJgSgW+tcknhVOEkME7AzBh2UqD6Rys6Ifm9+n3qeNHW4NDKhx78/BDEIgFQQDkEP51a453cqKBDYfN6fWNfMe6d5HfX3oNuabxRCtg3rAmNNxi940Dsxe7AKWFiGr8BsEgoQfUFfflBgM/VAr7dLVFI7aIdbS50kM4t4m8d8MDb0wsVKD4iTde3ALZ0aHd3DDQ8s2Y+nIFr0xWw9Hlv7C1en6UaZJsGnMpWbTTPZoKuIsPLotctTY0cJ4bjbfY9NcV8K277eFvsZUZLU21ZdmkvD1sWtFI9jm96bJef34ACkcPc0FnePUIkbiTo/ALtgtKCZK5eYwMBulx5iu89mWbxEM92w5KHk0mKdsnuK2aRJXag8cbvhuTJS50e+Pg7z6UU4CqSfhBexYhqNxOngDA5/fKxuFsw0JyPYGL9W2nLWHUm2K833nk7jAzuxEHG7Qb3tbOJ53OlVvf/nKokFN9fWyCEd7UIcjxkcacLmc8iEC7qyMHPAKvpY6vCTvjJtliRkOsqF2h+cj4X+X5ZxTOmjBqP+8MYsVq3dta8jNqzr77Ih6W6OB2OsJyAU2mYtH0MvezhCT8ygKXrE1Y2cavwmzTpFPY5/k9SrypTBNFoLB+y7UOEYTL1moBHrrRjQBWwfN4QWkHE3x/MTxi5HTQsmTRx7HiST3gm/yhlqjNu0wl4rGXrjH82xL+giwSvPfDSDqcAro1UyIBc9O3/QPncKYsJpLkgdoNyv6NhLg9sbyCvONM9BdcRwuXTsznyKqBwPacCL7OoeqtTOVzrJb7s+HXX6MXYd7j3K0K93NByNq2q0I9BzXRYzmM3rBpvgSEmCpT1mENa4oiCRUedKUUgN2abHeiOYLFWLDiOpgwmJj9Q5vpH11i9HscSN9FDcLnneoRBwg9e9sjnNU+b5l3eyIat2COF/dHJ544v2PjLCJVd3+yTdRqr0+4Y/5skpo/X/S94rF1a1DyXqst5AI9i/oIuilrKCjp4tLhWNc/4ei1w1LgnsR1QnbXo+Cv51rL6v3iqlZ/kzGH4tqxe2BCHIGKreetCL X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230031)(7416005)(82310400014)(376005)(1800799015)(36860700004);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 21 Apr 2024 18:10:07.7472 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 56afeb3b-2e79-4466-dd95-08dc622e46f9 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: CY4PEPF0000FCC4.namprd03.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: SJ2PR12MB8829 X-Stat-Signature: 7sy7didog5ch58g41nz7bwt6upzbk94f X-Rspamd-Queue-Id: 6C9611C0018 X-Rspamd-Server: rspam10 X-Rspam-User: X-HE-Tag: 1713723012-186878 X-HE-Meta: U2FsdGVkX19QvhbwezaFXjI04ejwkQ9jzyWIcsbywQDpKGs9n20PZSF1G/AyDS8BumP77kRRW0IctTpOtR4j2v3wbmLncrJr8q2X9c74/DLAyEv+mq31kytIF/Lv8CyXBd1i2HJn5Q8b7m02kMM1ZmyVnTiGWYBS//4jHDFTctlrHJiry8VrPVqPJhR7HogCwKPtRZWGvMkFoG4n8k0eOnzF50XN+M0VmywW4+UOj3cRnxkMqgz3ZYuCOPrKGHFmSudtKfDIs+1qOwUvlBfj8iIMiZocCC5xAgzqzO7CgdvGvJGo6d0RMT0vQtomiYwvRRN4kMykkfNmbyf7ZTe8yLDt/Mc4GY3MKU+R4ZPlzDxPyBE6mICNTX2jTRFPncTlBCePaQzwwB/YFREs2W+ml6fdn+dbBLTu5rLXOtFhCB2yUzdKUkndutqBqSeKd4y5EFX1Y1Y45gDk7qs5dRm7o/67oX8PasCyTzXw4yhHqLk27u8J7+EkdzNqW0ybx76oH7CWhuGYc6nnqloc95QoV7GfiS7MXxD3Pu+LFoSjEWXv81+GK16Jn222GpYFU6mlrfV2+6b9NfzulKmK/i+uVJMsIJLTkg6ZPi8QP2lR54qxBXyCyaTdb59qmWHtkOn+LvdqOJq1wFuoMJ1fO1UaeKPHOSn5lgT1JIJ0C2po8+/OSIPsT2smAujv0p4FhFpjc61x38Jcylu7OJSe/ldxh9Wi66VMdOoNCBdFmbkfdBkA7AjhKRdH1GvYW5z65h+hRTPyQx86UCGsdBhF5Mww8NTzzGQk/ZosWXNkBN53b1m+T1ubNyWt6Tb4TPnTQuuEftl103OIQWnFDkM3b5b9ZIq7JNo46ns+RsIkRgugD0LqrPxsmSMo37RCFwROll9SQOWvJdfPIKKyNv05YKCX2XVYl3IuhgE/66O6mMaD2mfWKMVWOMyX5j5pzkZLydVTQ8QYmRapj7nuuDXEYTi CsPBF9RV foQCYhcZaZxGQA5ZKWpuOfnVTMZ7cNzS+1ZHj4293a8KgtcPRFxDoODF2BxSc/60fLj33VtCxoS+dm+nSsDfIg72u0Jsu0TlNqNpU+gSlQf5b29zUmZo2vBt3Nskriz73QHyihycbUjUUungm6cil0yK8k7357kurvx/4KG9YgPvhEMI5jyyLEBHH4pxJupVNA8Igsz9IoFwtJj2x2x+MTO6j+0j3dyoWoxCBwdz18K338ELcwCWctsNlS0ECnIYUbo7aQxxYd+nCoYKjztqLJRkqcXpSxNe/JFwqEsEFbVBtjdcYEdZC7duqi9860eIK6meUp+N8tH+ogNthUtUWY03Jf4zZ7yrTN/oa3isWSnS8BEKNSbUAgP4G8c80D72sVmIzT/HZsi/3oP9OZj/7R5w/mNiAFEUymjT19ymGBkvzg1fSWOtN/OP3kk95XvY/LS/2 X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: From: Brijesh Singh KVM_SEV_SNP_LAUNCH_START begins the launch process for an SEV-SNP guest. The command initializes a cryptographic digest context used to construct the measurement of the guest. Other commands can then at that point be used to load/encrypt data into the guest's initial launch image. For more information see the SEV-SNP specification. Signed-off-by: Brijesh Singh Co-developed-by: Michael Roth Signed-off-by: Michael Roth Signed-off-by: Ashish Kalra --- .../virt/kvm/x86/amd-memory-encryption.rst | 28 ++- arch/x86/include/uapi/asm/kvm.h | 11 + arch/x86/kvm/svm/sev.c | 195 +++++++++++++++++- arch/x86/kvm/svm/svm.h | 1 + 4 files changed, 231 insertions(+), 4 deletions(-) diff --git a/Documentation/virt/kvm/x86/amd-memory-encryption.rst b/Documentation/virt/kvm/x86/amd-memory-encryption.rst index 3381556d596d..d4c4a0b90bc9 100644 --- a/Documentation/virt/kvm/x86/amd-memory-encryption.rst +++ b/Documentation/virt/kvm/x86/amd-memory-encryption.rst @@ -459,6 +459,30 @@ issued by the hypervisor to make the guest ready for execution. Returns: 0 on success, -negative on error +18. KVM_SEV_SNP_LAUNCH_START +---------------------------- + +The KVM_SNP_LAUNCH_START command is used for creating the memory encryption +context for the SEV-SNP guest. It must be called prior to issuing +KVM_SEV_SNP_LAUNCH_UPDATE or KVM_SEV_SNP_LAUNCH_FINISH; + +Parameters (in): struct kvm_sev_snp_launch_start + +Returns: 0 on success, -negative on error + +:: + + struct kvm_sev_snp_launch_start { + __u64 policy; /* Guest policy to use. */ + __u8 gosvw[16]; /* Guest OS visible workarounds. */ + __u16 flags; /* Must be zero. */ + __u8 pad0[6]; + __u64 pad1[4]; + }; + +See SNP_LAUNCH_START in the SEV-SNP specification [snp-fw-abi]_ for further +details on the input parameters in ``struct kvm_sev_snp_launch_start``. + Device attribute API ==================== @@ -490,9 +514,11 @@ References ========== -See [white-paper]_, [api-spec]_, [amd-apm]_ and [kvm-forum]_ for more info. +See [white-paper]_, [api-spec]_, [amd-apm]_, [kvm-forum]_, and [snp-fw-abi]_ +for more info. .. [white-paper] https://developer.amd.com/wordpress/media/2013/12/AMD_Memory_Encryption_Whitepaper_v7-Public.pdf .. [api-spec] https://support.amd.com/TechDocs/55766_SEV-KM_API_Specification.pdf .. [amd-apm] https://support.amd.com/TechDocs/24593.pdf (section 15.34) .. [kvm-forum] https://www.linux-kvm.org/images/7/74/02x08A-Thomas_Lendacky-AMDs_Virtualizatoin_Memory_Encryption_Technology.pdf +.. [snp-fw-abi] https://www.amd.com/system/files/TechDocs/56860.pdf diff --git a/arch/x86/include/uapi/asm/kvm.h b/arch/x86/include/uapi/asm/kvm.h index 9a8b81d20314..5765391f0fdb 100644 --- a/arch/x86/include/uapi/asm/kvm.h +++ b/arch/x86/include/uapi/asm/kvm.h @@ -697,6 +697,9 @@ enum sev_cmd_id { /* Second time is the charm; improved versions of the above ioctls. */ KVM_SEV_INIT2, + /* SNP-specific commands */ + KVM_SEV_SNP_LAUNCH_START = 100, + KVM_SEV_NR_MAX, }; @@ -822,6 +825,14 @@ struct kvm_sev_receive_update_data { __u32 pad2; }; +struct kvm_sev_snp_launch_start { + __u64 policy; + __u8 gosvw[16]; + __u16 flags; + __u8 pad0[6]; + __u64 pad1[4]; +}; + #define KVM_X2APIC_API_USE_32BIT_IDS (1ULL << 0) #define KVM_X2APIC_API_DISABLE_BROADCAST_QUIRK (1ULL << 1) diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c index c41cc73a1efe..9d08d1202544 100644 --- a/arch/x86/kvm/svm/sev.c +++ b/arch/x86/kvm/svm/sev.c @@ -25,6 +25,7 @@ #include #include #include +#include #include "mmu.h" #include "x86.h" @@ -58,6 +59,21 @@ static u64 sev_supported_vmsa_features; #define AP_RESET_HOLD_NAE_EVENT 1 #define AP_RESET_HOLD_MSR_PROTO 2 +/* As defined by SEV-SNP Firmware ABI, under "Guest Policy". */ +#define SNP_POLICY_MASK_API_MINOR GENMASK_ULL(7, 0) +#define SNP_POLICY_MASK_API_MAJOR GENMASK_ULL(15, 8) +#define SNP_POLICY_MASK_SMT BIT_ULL(16) +#define SNP_POLICY_MASK_RSVD_MBO BIT_ULL(17) +#define SNP_POLICY_MASK_DEBUG BIT_ULL(19) +#define SNP_POLICY_MASK_SINGLE_SOCKET BIT_ULL(20) + +#define SNP_POLICY_MASK_VALID (SNP_POLICY_MASK_API_MINOR | \ + SNP_POLICY_MASK_API_MAJOR | \ + SNP_POLICY_MASK_SMT | \ + SNP_POLICY_MASK_RSVD_MBO | \ + SNP_POLICY_MASK_DEBUG | \ + SNP_POLICY_MASK_SINGLE_SOCKET) + static u8 sev_enc_bit; static DECLARE_RWSEM(sev_deactivate_lock); static DEFINE_MUTEX(sev_bitmap_lock); @@ -68,6 +84,8 @@ static unsigned int nr_asids; static unsigned long *sev_asid_bitmap; static unsigned long *sev_reclaim_asid_bitmap; +static int snp_decommission_context(struct kvm *kvm); + struct enc_region { struct list_head list; unsigned long npages; @@ -94,12 +112,17 @@ static int sev_flush_asids(unsigned int min_asid, unsigned int max_asid) down_write(&sev_deactivate_lock); wbinvd_on_all_cpus(); - ret = sev_guest_df_flush(&error); + + if (sev_snp_enabled) + ret = sev_do_cmd(SEV_CMD_SNP_DF_FLUSH, NULL, &error); + else + ret = sev_guest_df_flush(&error); up_write(&sev_deactivate_lock); if (ret) - pr_err("SEV: DF_FLUSH failed, ret=%d, error=%#x\n", ret, error); + pr_err("SEV%s: DF_FLUSH failed, ret=%d, error=%#x\n", + sev_snp_enabled ? "-SNP" : "", ret, error); return ret; } @@ -1976,6 +1999,125 @@ int sev_dev_get_attr(u32 group, u64 attr, u64 *val) } } +/* + * The guest context contains all the information, keys and metadata + * associated with the guest that the firmware tracks to implement SEV + * and SNP features. The firmware stores the guest context in hypervisor + * provide page via the SNP_GCTX_CREATE command. + */ +static void *snp_context_create(struct kvm *kvm, struct kvm_sev_cmd *argp) +{ + struct sev_data_snp_addr data = {}; + void *context; + int rc; + + /* Allocate memory for context page */ + context = snp_alloc_firmware_page(GFP_KERNEL_ACCOUNT); + if (!context) + return NULL; + + data.address = __psp_pa(context); + rc = __sev_issue_cmd(argp->sev_fd, SEV_CMD_SNP_GCTX_CREATE, &data, &argp->error); + if (rc) { + pr_warn("Failed to create SEV-SNP context, rc %d fw_error %d", + rc, argp->error); + snp_free_firmware_page(context); + return NULL; + } + + return context; +} + +static int snp_bind_asid(struct kvm *kvm, int *error) +{ + struct kvm_sev_info *sev = &to_kvm_svm(kvm)->sev_info; + struct sev_data_snp_activate data = {0}; + + data.gctx_paddr = __psp_pa(sev->snp_context); + data.asid = sev_get_asid(kvm); + return sev_issue_cmd(kvm, SEV_CMD_SNP_ACTIVATE, &data, error); +} + +static int snp_launch_start(struct kvm *kvm, struct kvm_sev_cmd *argp) +{ + struct kvm_sev_info *sev = &to_kvm_svm(kvm)->sev_info; + struct sev_data_snp_launch_start start = {0}; + struct kvm_sev_snp_launch_start params; + int rc; + + if (!sev_snp_guest(kvm)) + return -ENOTTY; + + if (copy_from_user(¶ms, u64_to_user_ptr(argp->data), sizeof(params))) + return -EFAULT; + + /* Don't allow userspace to allocate memory for more than 1 SNP context. */ + if (sev->snp_context) { + pr_debug("%s: SEV-SNP context already exists. Refusing to allocate an additional one.\n", + __func__); + return -EINVAL; + } + + sev->snp_context = snp_context_create(kvm, argp); + if (!sev->snp_context) + return -ENOTTY; + + if (params.flags) { + pr_debug("%s: SEV-SNP hypervisor does not support requested flags 0x%x\n", + __func__, params.flags); + return -EINVAL; + } + + if (params.policy & ~SNP_POLICY_MASK_VALID) { + pr_debug("%s: SEV-SNP hypervisor does not support requested policy 0x%llx (supported 0x%llx).\n", + __func__, params.policy, SNP_POLICY_MASK_VALID); + return -EINVAL; + } + + if (!(params.policy & SNP_POLICY_MASK_RSVD_MBO)) { + pr_debug("%s: SEV-SNP hypervisor does not support requested policy 0x%llx (must be set 0x%llx).\n", + __func__, params.policy, SNP_POLICY_MASK_RSVD_MBO); + return -EINVAL; + } + + if (params.policy & SNP_POLICY_MASK_SINGLE_SOCKET) { + pr_debug("%s: SEV-SNP hypervisor does not support limiting guests to a single socket.\n", + __func__); + return -EINVAL; + } + + if (!(params.policy & SNP_POLICY_MASK_SMT)) { + pr_debug("%s: SEV-SNP hypervisor does not support limiting guests to a single SMT thread.\n", + __func__); + return -EINVAL; + } + + start.gctx_paddr = __psp_pa(sev->snp_context); + start.policy = params.policy; + memcpy(start.gosvw, params.gosvw, sizeof(params.gosvw)); + rc = __sev_issue_cmd(argp->sev_fd, SEV_CMD_SNP_LAUNCH_START, &start, &argp->error); + if (rc) { + pr_debug("%s: SEV_CMD_SNP_LAUNCH_START firmware command failed, rc %d\n", + __func__, rc); + goto e_free_context; + } + + sev->fd = argp->sev_fd; + rc = snp_bind_asid(kvm, &argp->error); + if (rc) { + pr_debug("%s: Failed to bind ASID to SEV-SNP context, rc %d\n", + __func__, rc); + goto e_free_context; + } + + return 0; + +e_free_context: + snp_decommission_context(kvm); + + return rc; +} + int sev_mem_enc_ioctl(struct kvm *kvm, void __user *argp) { struct kvm_sev_cmd sev_cmd; @@ -1999,6 +2141,15 @@ int sev_mem_enc_ioctl(struct kvm *kvm, void __user *argp) goto out; } + /* + * Once KVM_SEV_INIT2 initializes a KVM instance as an SNP guest, only + * allow the use of SNP-specific commands. + */ + if (sev_snp_guest(kvm) && sev_cmd.id < KVM_SEV_SNP_LAUNCH_START) { + r = -EPERM; + goto out; + } + switch (sev_cmd.id) { case KVM_SEV_ES_INIT: if (!sev_es_enabled) { @@ -2063,6 +2214,9 @@ int sev_mem_enc_ioctl(struct kvm *kvm, void __user *argp) case KVM_SEV_RECEIVE_FINISH: r = sev_receive_finish(kvm, &sev_cmd); break; + case KVM_SEV_SNP_LAUNCH_START: + r = snp_launch_start(kvm, &sev_cmd); + break; default: r = -EINVAL; goto out; @@ -2258,6 +2412,33 @@ int sev_vm_copy_enc_context_from(struct kvm *kvm, unsigned int source_fd) return ret; } +static int snp_decommission_context(struct kvm *kvm) +{ + struct kvm_sev_info *sev = &to_kvm_svm(kvm)->sev_info; + struct sev_data_snp_addr data = {}; + int ret; + + /* If context is not created then do nothing */ + if (!sev->snp_context) + return 0; + + data.address = __sme_pa(sev->snp_context); + down_write(&sev_deactivate_lock); + ret = sev_do_cmd(SEV_CMD_SNP_DECOMMISSION, &data, NULL); + if (WARN_ONCE(ret, "failed to release guest context")) { + up_write(&sev_deactivate_lock); + return ret; + } + + up_write(&sev_deactivate_lock); + + /* free the context page now */ + snp_free_firmware_page(sev->snp_context); + sev->snp_context = NULL; + + return 0; +} + void sev_vm_destroy(struct kvm *kvm) { struct kvm_sev_info *sev = &to_kvm_svm(kvm)->sev_info; @@ -2299,7 +2480,15 @@ void sev_vm_destroy(struct kvm *kvm) } } - sev_unbind_asid(kvm, sev->handle); + if (sev_snp_guest(kvm)) { + if (snp_decommission_context(kvm)) { + WARN_ONCE(1, "Failed to free SNP guest context, leaking asid!\n"); + return; + } + } else { + sev_unbind_asid(kvm, sev->handle); + } + sev_asid_free(sev); } diff --git a/arch/x86/kvm/svm/svm.h b/arch/x86/kvm/svm/svm.h index 7f2e9c7fc4ca..0654fc91d4db 100644 --- a/arch/x86/kvm/svm/svm.h +++ b/arch/x86/kvm/svm/svm.h @@ -92,6 +92,7 @@ struct kvm_sev_info { struct list_head mirror_entry; /* Use as a list entry of mirrors */ struct misc_cg *misc_cg; /* For misc cgroup accounting */ atomic_t migration_in_progress; + void *snp_context; /* SNP guest context page */ }; struct kvm_svm { From patchwork Sun Apr 21 18:01:06 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Roth X-Patchwork-Id: 13637457 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id BC845C4345F for ; Sun, 21 Apr 2024 18:10:36 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 4FC6F6B00A9; Sun, 21 Apr 2024 14:10:36 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 4ACAA6B00B0; Sun, 21 Apr 2024 14:10:36 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 326616B00B9; Sun, 21 Apr 2024 14:10:36 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0015.hostedemail.com [216.40.44.15]) by kanga.kvack.org (Postfix) with ESMTP id 12E966B00A9 for ; Sun, 21 Apr 2024 14:10:36 -0400 (EDT) Received: from smtpin08.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay04.hostedemail.com (Postfix) with ESMTP id 8DADC1A06A8 for ; Sun, 21 Apr 2024 18:10:35 +0000 (UTC) X-FDA: 82034329230.08.6DFD388 Received: from NAM11-DM6-obe.outbound.protection.outlook.com (mail-dm6nam11on2059.outbound.protection.outlook.com [40.107.223.59]) by imf23.hostedemail.com (Postfix) with ESMTP id 8D193140010 for ; Sun, 21 Apr 2024 18:10:32 +0000 (UTC) Authentication-Results: imf23.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b=pThR3fq4; dmarc=pass (policy=quarantine) header.from=amd.com; spf=pass (imf23.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.223.59 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com; arc=pass ("microsoft.com:s=arcselector9901:i=1") ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1713723032; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=7ifoIm3z3q+4x9tHjaEAojEBO0qTFnu+1pfl6Hw9N6I=; b=KiQ4kS8V3YAYXdazItgvvPm6Ms5MTMhFchik+UjK7GerrBI3IH/AwkVjWdU0XNChOCYRvo i02jzdyrisYXQUU9qzuNC8NI0abWFSUuRWagz88qe1UTjEttBOGO5eQvs9MSqX6uopKlBm kH9x1dePA9Ivhew6SP0rImHWoOGcIIg= ARC-Authentication-Results: i=2; imf23.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b=pThR3fq4; dmarc=pass (policy=quarantine) header.from=amd.com; spf=pass (imf23.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.223.59 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com; arc=pass ("microsoft.com:s=arcselector9901:i=1") ARC-Seal: i=2; s=arc-20220608; d=hostedemail.com; t=1713723032; a=rsa-sha256; cv=pass; b=4pjJuH01BTnznD5ArNaHpVm6H2DuUrk4Yhb6mR4pJVKraqqMjar07JYPjG+9naLDIxukT1 iMw57tqo8VwJE6kCErlMAox8bvTqGssXydqsTXA5pJPkm/20CpFuRlIG8zaWtbUFZjdFM0 CNxuoKAhjUFkU636J5zkxjp85/E11RA= ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=oNKbjQGF4t8OKoxuxFp6Qh8zIiaM9TI6Fx1wN8TN/8fe0BUcqwfC7+u3vr5MHRDpyDjSDOS29w5lACEmNh5FLzBfSw2RgP9z/pZg4Q+GC8rxg86boNHnESjoTDkeNtKM5SyaOYfaTt675WziSisaOSkDnG5+7ryG1E1yOHMODZOTLyok6uX7oMF08vvqyYIJr9ie78bc06vgP7qvYcZU6EkTOQJPkeMURTiYBF6Zw8Wx136E6fFfFsypLbA/SO8ioBWzC6GlA3JX3BVGgD8Wu2TXhiF3Q1He/1JfVZ8dJOWgoexs4t6rC52TuTjnODHNI5ZscV/0k1J8OyDqyi5kJw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=7ifoIm3z3q+4x9tHjaEAojEBO0qTFnu+1pfl6Hw9N6I=; b=ZhiMS4P6a+ZgLhI42TSNjsWaT78nYxC0zQ0jLRLf5zvQ5qttUT52+DctRyuIMuJM3wcssycl98fjkOQQmXVenzeUBByE6yRIljfSXqpCR4W+yxFBRNYcg/XQfJGl5B0ehw+wj+XvafXLXUIp5SzYe6PZlV2O2vPir33IM5BzDW3Or0BgqYVNGGbn7O3StExd53zDFw8mDrJdZ5jetwaWzB6EhqPCzzDgACB8oxt3CP/B0zzn8RCB7eocjkrJY0nu6IWk+34/w+DSiylaljo/JMX91HBj2ahmM8FGaJ9iD9XZPlWTeZyWVzOfcEgFPXarmc285e6/qJnoxO9XWX/ufA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none (0) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=7ifoIm3z3q+4x9tHjaEAojEBO0qTFnu+1pfl6Hw9N6I=; b=pThR3fq4k4TRaHhoEBQH61V4lr+oXfsBDlN8woxM5MGda7X8+TU8OHTrPP8JWBDWZ/I44GQrNQ89CKaeQeoJD/TlQ8dxt1i6IVtfm5AnTKHBMrYkBsxSHZf9O5cHAnIPTngpB1QnrNS7rAv00N4ojgwRIbOzNmuNLkstflfei4k= Received: from DS7PR07CA0012.namprd07.prod.outlook.com (2603:10b6:5:3af::20) by CY8PR12MB8242.namprd12.prod.outlook.com (2603:10b6:930:77::5) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7472.44; Sun, 21 Apr 2024 18:10:29 +0000 Received: from CY4PEPF0000FCC2.namprd03.prod.outlook.com (2603:10b6:5:3af:cafe::63) by DS7PR07CA0012.outlook.office365.com (2603:10b6:5:3af::20) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7495.33 via Frontend Transport; Sun, 21 Apr 2024 18:10:29 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by CY4PEPF0000FCC2.mail.protection.outlook.com (10.167.242.104) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.7519.19 via Frontend Transport; Sun, 21 Apr 2024 18:10:28 +0000 Received: from localhost (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.35; Sun, 21 Apr 2024 13:10:28 -0500 From: Michael Roth To: CC: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , Brijesh Singh Subject: [PATCH v14 06/22] KVM: SEV: Add KVM_SEV_SNP_LAUNCH_UPDATE command Date: Sun, 21 Apr 2024 13:01:06 -0500 Message-ID: <20240421180122.1650812-7-michael.roth@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20240421180122.1650812-1-michael.roth@amd.com> References: <20240421180122.1650812-1-michael.roth@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: CY4PEPF0000FCC2:EE_|CY8PR12MB8242:EE_ X-MS-Office365-Filtering-Correlation-Id: 3744ae5d-1643-45f3-5007-08dc622e539a X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: W3D2AZZTPw6plIHUVp5KnTClhw/ewUem7wzLaiYf5NxkfSfuCswAb95XruQ+6zfdcNayGDPuIgaoJctETK9Hgm+YoCsZAbSAPoSWTXQ4/0BPUubA15VZM8LrAfmtmdd6trogXEx3re/eUp3AoJ36OyaV652oDZF/AW2zwIjE4OW5j+ijsIuk/ON9zitd5AWjxsQ1QeunMwzAUW4zOdV8CLFmWNBmAevHFdtDvaQHHhO8klrLjlerTGRaIk+agxL6hT1DeMCJxLUHw78GWGocNCPiA/mZjJk81ILIt9o5YNOuQ2q6Fq/71Tz0TS/ovj6fAP1iSZmnQ8PgxYsX3hxg4LkcmVVY3H1l56AMFy769lvbIU9vG+vn2HOPaseOZJcCCZNX/Y6mViaC9+GBH04aFlMLNh6OUrl9cAJkdCIYW3XZU7mbrYbcydl+7+xoti5HAiuEEkyYDW3Z22PsVLJ9kqHkNgapFmjxPSipyEhVAL0xfio52pl7ni5ri/ksRRstq945tlNL+qdwjvZ4HfNd8Wra/5b2wUa7ARECo7kQyr4te76BwWWvEe4ejiGuifVbaX09VxrfT2U7E/4XxZ+4AXI9pz8HyuJvV6yHY9WdtnxKaKgOiWsAEJ4QxJgugq33zUKpP5+hklMcvukhtL4YQzMt89/iwrKDLirMCRtK02nre2qsIcOdFAQ1bXiox0sa60d7b7c3B8Rbtrj3swMjS5/hp21GM0ZXQwYGJremkNODTBQ9DVlSKldq9v5eUhy9OhMZkMX6P7AX7Glvgxk6PKRJB7ijo9SirCk7np0vArJCUngqbRaS1ckS7jJWniy3N7j9pPPqTF1MYALFMQwPU5Isj7v4OUmIMUB0fmRZOXGBynU9F22DD/CTpFhamrkWIcEU5uZKw/1sH+hnWrSF9Fb0vdGyJuUQWl75+XNUlVgiVlOEVvC4cI+BKqJNnOtf4sj15XcJfSnjSYid+NHb/s5DY8rfNfh+WUaGjuallPohlnjPCu9edoQEqLoVBf2eVzCkISjZ2bt1Yl9seHzIGtwkPR2FZxgSr7kdz/hTQAKOvFrG+SfdoO5h6WUNoU0/Z0p5rBqdQoG8+bHsfcVCrUZZEtuEwYx4Z29nQHoWulDSRGwiF9cI7FHCdbChpRbUHfgTY+UEC/5dNxEBiJNfDmX33+UO1gps+J1SlWa/xdUmc08CFmoGWyCL1vvrF+Q08dcv3BXP1YexcOKLtSOYt8kcwmeLWFIdDsbvy5iVgd/WeycmaXLEeUYyojWGsjq3H3UYLsz8QGKZYDReThRsWLJoSzxkLQjOsKiYqKpkiqZqUQL3klLAdvGKusWKoP/LEBsfWFl/JSqzheDFDTv1LmBSWGUw/QjFbKXi6nty/yoHApURuycRofiJHBmANv9C X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230031)(36860700004)(1800799015)(7416005)(376005)(82310400014);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 21 Apr 2024 18:10:28.9313 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 3744ae5d-1643-45f3-5007-08dc622e539a X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: CY4PEPF0000FCC2.namprd03.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: CY8PR12MB8242 X-Rspam-User: X-Rspamd-Server: rspam11 X-Rspamd-Queue-Id: 8D193140010 X-Stat-Signature: 79qgewpeqiamfb4qyeaqbzibbsb4gequ X-HE-Tag: 1713723032-626154 X-HE-Meta: U2FsdGVkX18OsLkqUlrmTbGLX/PbDNE1yieC2S37RdQnK32eF75gajHOyt+ggtk4rRgFOu5OMRxpTlx77t++Ft+X0APD8Z79SZ73+oWks/tYa6pQfyDwE6rLrYV5vKbp3tgpN8G27rLYwrRVi0/kKZSmQu8Is0lAeUtIq/7/dtG4zsTz7A4TP9+P2bIiJJS6CL2yHT1WA/rW7mlshJ/myWPw95F/xB2W3nQeO8FZeU2dQ9tqwRtIGiP4I7b7yD5jTfio5n8clmnSXJTxVI66gY1hc/tTmjYq0N/sQzMAffz0wrIzgZNGnHIY//J+ClcUeo1D/T4iRVXw9bmW4UKeJuHPJTFFrAgDLbSIhVy/Vom4oKT3BmjyCWzH/2/jCitlx0RRG4ON1RZz5PV9v/4Mfl7pi9KJVcm3IJvy+ZxxQeFKof2CUduUPl8wLV9Axhap95XixaeDM2konQgQ6EEPC5wy7r657gBXDtdngUFCpPM75Vg5ygeAXG+FsLhHGn6kPm4oqRBjuQlNVkHLqQBfFyLAzBqym5sayfUe/wfnwxMqxj3aAAWBzRDhVwlE4sLVEyGhVwn5IItoSWP1CA9WF5Yta2gqM/dy4ejvqbpPx8VR7cu6CVmHN80Q40ijuXzXn7g4XT5fgz9yLCcbYRlcRl41EHVr+qXmvv6pX8qyrUOCAkZ2dpV9/clGnCEoMM9MetDdD3FGk4Z36yjwn9dD97ulNUNDDmeBrYHB0WB6hr7O8iauWi5bjQvm265hUynWH4lyFiT5MB6SMeQ1clw31iV9ZGFOmUHhqkQfqHwpqgEDgIHRVXLQIOV2787aRP13LtGs3CH3YCOB92oyhiOJrpLx/pzLtb8i0hEMclok7Z783AxaTw7G4IHkIzPeN8/tmcnZz52jSTCkSLc0LRWDmN3Oy+gMAS7yX3JPEMCwmDKlJ7KLM1cwpRtmSGTlwwMHWtDJAZhAKP497yVCbnG BhfGOuNn jbCQxC5DmjtFPq7y6kacJRJHJjvw12QzmfkEOvASlgwVCtOA9SyXMZ/uNizDmoTE2FDLLAk5/09f5VCe0oHF3MoYniVHIunA3QKO9vQUt2my1KsezjTHQc6j8wCrE7/BlCJ0sAE8OXPol1DVecYRDI9KixX4mgnMUzeLEAQe8YVsTO8dZc9jVYc9ASI7qDvojttDROW4Ds/dpRsWpxBdwoTXdGLR1KPYZ9INBzv8E9Wpw8HERn92TnxzvDPiwyGaWgeNuflIUlcnELKiqAqY5CulnNv+cL9N2IsiCGRAGKfJf8WgmSJxWj5v5FApK+cVjur9SdI0hAwxAOS6Xz1wwGYRmd9rvY3PkdNFupd1lKsX2vbJCaOfTwsVRoBIXvpsEKvgs X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: From: Brijesh Singh A key aspect of a launching an SNP guest is initializing it with a known/measured payload which is then encrypted into guest memory as pre-validated private pages and then measured into the cryptographic launch context created with KVM_SEV_SNP_LAUNCH_START so that the guest can attest itself after booting. Since all private pages are provided by guest_memfd, make use of the kvm_gmem_populate() interface to handle this. The general flow is that guest_memfd will handle allocating the pages associated with the GPA ranges being initialized by each particular call of KVM_SEV_SNP_LAUNCH_UPDATE, copying data from userspace into those pages, and then the post_populate callback will do the work of setting the RMP entries for these pages to private and issuing the SNP firmware calls to encrypt/measure them. For more information see the SEV-SNP specification. Signed-off-by: Brijesh Singh Co-developed-by: Michael Roth Signed-off-by: Michael Roth Signed-off-by: Ashish Kalra --- .../virt/kvm/x86/amd-memory-encryption.rst | 54 ++++ arch/x86/include/uapi/asm/kvm.h | 19 ++ arch/x86/kvm/svm/sev.c | 237 ++++++++++++++++++ 3 files changed, 310 insertions(+) diff --git a/Documentation/virt/kvm/x86/amd-memory-encryption.rst b/Documentation/virt/kvm/x86/amd-memory-encryption.rst index d4c4a0b90bc9..60728868c5c6 100644 --- a/Documentation/virt/kvm/x86/amd-memory-encryption.rst +++ b/Documentation/virt/kvm/x86/amd-memory-encryption.rst @@ -483,6 +483,60 @@ Returns: 0 on success, -negative on error See SNP_LAUNCH_START in the SEV-SNP specification [snp-fw-abi]_ for further details on the input parameters in ``struct kvm_sev_snp_launch_start``. +19. KVM_SEV_SNP_LAUNCH_UPDATE +----------------------------- + +The KVM_SEV_SNP_LAUNCH_UPDATE command is used for loading userspace-provided +data into a guest GPA range, measuring the contents into the SNP guest context +created by KVM_SEV_SNP_LAUNCH_START, and then encrypting/validating that GPA +range so that it will be immediately readable using the encryption key +associated with the guest context once it is booted, after which point it can +attest the measurement associated with its context before unlocking any +secrets. + +It is required that the GPA ranges initialized by this command have had the +KVM_MEMORY_ATTRIBUTE_PRIVATE attribute set in advance. See the documentation +for KVM_SET_MEMORY_ATTRIBUTES for more details on this aspect. + +Upon success, this command is not guaranteed to have processed the entire +range requested. Instead, the ``gfn_start``, ``uaddr``, and ``len`` fields of +``struct kvm_sev_snp_launch_update`` will be updated to correspond to the +remaining range that has yet to be processed. The caller should continue +calling this command until those fields indicate the entire range has been +processed, e.g. ``len`` is 0, ``gfn_start`` is equal to the last GFN in the +range plus 1, and ``uaddr`` is the last byte of the userspace-provided source +buffer address plus 1. In the case where ``type`` is KVM_SEV_SNP_PAGE_TYPE_ZERO, +``uaddr`` will be ignored completely. + +Parameters (in): struct kvm_sev_snp_launch_update + +Returns: 0 on success, < 0 on error, -EAGAIN if caller should retry + +:: + + struct kvm_sev_snp_launch_update { + __u64 gfn_start; /* Guest page number to load/encrypt data into. */ + __u64 uaddr; /* Userspace address of data to be loaded/encrypted. */ + __u64 len; /* 4k-aligned length in bytes to copy into guest memory.*/ + __u8 type; /* The type of the guest pages being initialized. */ + __u8 pad0; + __u16 flags; /* Must be zero. */ + __u32 pad1; + __u64 pad2[4]; + + }; + +where the allowed values for page_type are #define'd as:: + + KVM_SEV_SNP_PAGE_TYPE_NORMAL + KVM_SEV_SNP_PAGE_TYPE_ZERO + KVM_SEV_SNP_PAGE_TYPE_UNMEASURED + KVM_SEV_SNP_PAGE_TYPE_SECRETS + KVM_SEV_SNP_PAGE_TYPE_CPUID + +See the SEV-SNP spec [snp-fw-abi]_ for further details on how each page type is +used/measured. + Device attribute API ==================== diff --git a/arch/x86/include/uapi/asm/kvm.h b/arch/x86/include/uapi/asm/kvm.h index 5765391f0fdb..3c9255de76db 100644 --- a/arch/x86/include/uapi/asm/kvm.h +++ b/arch/x86/include/uapi/asm/kvm.h @@ -699,6 +699,7 @@ enum sev_cmd_id { /* SNP-specific commands */ KVM_SEV_SNP_LAUNCH_START = 100, + KVM_SEV_SNP_LAUNCH_UPDATE, KVM_SEV_NR_MAX, }; @@ -833,6 +834,24 @@ struct kvm_sev_snp_launch_start { __u64 pad1[4]; }; +/* Kept in sync with firmware values for simplicity. */ +#define KVM_SEV_SNP_PAGE_TYPE_NORMAL 0x1 +#define KVM_SEV_SNP_PAGE_TYPE_ZERO 0x3 +#define KVM_SEV_SNP_PAGE_TYPE_UNMEASURED 0x4 +#define KVM_SEV_SNP_PAGE_TYPE_SECRETS 0x5 +#define KVM_SEV_SNP_PAGE_TYPE_CPUID 0x6 + +struct kvm_sev_snp_launch_update { + __u64 gfn_start; + __u64 uaddr; + __u64 len; + __u8 type; + __u8 pad0; + __u16 flags; + __u32 pad1; + __u64 pad2[4]; +}; + #define KVM_X2APIC_API_USE_32BIT_IDS (1ULL << 0) #define KVM_X2APIC_API_DISABLE_BROADCAST_QUIRK (1ULL << 1) diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c index 9d08d1202544..d3ae4ded91df 100644 --- a/arch/x86/kvm/svm/sev.c +++ b/arch/x86/kvm/svm/sev.c @@ -258,6 +258,35 @@ static void sev_decommission(unsigned int handle) sev_guest_decommission(&decommission, NULL); } +static int snp_page_reclaim(u64 pfn) +{ + struct sev_data_snp_page_reclaim data = {0}; + int err, rc; + + data.paddr = __sme_set(pfn << PAGE_SHIFT); + rc = sev_do_cmd(SEV_CMD_SNP_PAGE_RECLAIM, &data, &err); + if (WARN_ON_ONCE(rc)) { + /* + * This shouldn't happen under normal circumstances, but if the + * reclaim failed, then the page is no longer safe to use. + */ + snp_leak_pages(pfn, 1); + } + + return rc; +} + +static int host_rmp_make_shared(u64 pfn, enum pg_level level) +{ + int rc; + + rc = rmp_make_shared(pfn, level); + if (rc) + snp_leak_pages(pfn, page_level_size(level) >> PAGE_SHIFT); + + return rc; +} + static void sev_unbind_asid(struct kvm *kvm, unsigned int handle) { struct sev_data_deactivate deactivate; @@ -2118,6 +2147,211 @@ static int snp_launch_start(struct kvm *kvm, struct kvm_sev_cmd *argp) return rc; } +struct sev_gmem_populate_args { + __u8 type; + int sev_fd; + int fw_error; +}; + +static int sev_gmem_post_populate(struct kvm *kvm, gfn_t gfn_start, kvm_pfn_t pfn, + void __user *src, int order, void *opaque) +{ + struct sev_gmem_populate_args *sev_populate_args = opaque; + struct kvm_sev_info *sev = &to_kvm_svm(kvm)->sev_info; + int n_private = 0, ret, i; + int npages = (1 << order); + gfn_t gfn; + + pr_debug("%s: gfn_start 0x%llx pfn_start 0x%llx npages %d\n", + __func__, gfn_start, pfn, npages); + + if (WARN_ON_ONCE(sev_populate_args->type != KVM_SEV_SNP_PAGE_TYPE_ZERO && !src)) { + ret = -EINVAL; + goto out; + } + + for (gfn = gfn_start, i = 0; gfn < gfn_start + npages; gfn++, i++) { + struct sev_data_snp_launch_update fw_args = {0}; + bool assigned; + void *vaddr; + int level; + + if (!kvm_mem_is_private(kvm, gfn)) { + pr_debug("%s: Failed to ensure GFN 0x%llx has private memory attribute set\n", + __func__, gfn); + ret = -EINVAL; + break; + } + + ret = snp_lookup_rmpentry((u64)pfn + i, &assigned, &level); + if (ret || assigned) { + pr_debug("%s: Failed to ensure GFN 0x%llx RMP entry is initial shared state, ret: %d assigned: %d\n", + __func__, gfn, ret, assigned); + ret = -EINVAL; + break; + } + + if (src) { + vaddr = kmap_local_pfn(pfn + i); + ret = copy_from_user(vaddr, src + i * PAGE_SIZE, PAGE_SIZE); + if (ret) { + pr_debug("Failed to copy source page into GFN 0x%llx\n", gfn); + goto out_unmap; + } + } + + ret = rmp_make_private(pfn + i, gfn << PAGE_SHIFT, PG_LEVEL_4K, + sev_get_asid(kvm), true); + if (ret) { + pr_debug("%s: Failed to mark RMP entry for GFN 0x%llx as private, ret: %d\n", + __func__, gfn, ret); + goto out_unmap; + } + + n_private++; + + fw_args.gctx_paddr = __psp_pa(sev->snp_context); + fw_args.address = __sme_set(pfn_to_hpa(pfn + i)); + fw_args.page_size = PG_LEVEL_TO_RMP(PG_LEVEL_4K); + fw_args.page_type = sev_populate_args->type; + ret = __sev_issue_cmd(sev_populate_args->sev_fd, SEV_CMD_SNP_LAUNCH_UPDATE, + &fw_args, &sev_populate_args->fw_error); + if (ret) { + pr_debug("%s: SEV-SNP launch update failed, ret: 0x%x, fw_error: 0x%x\n", + __func__, ret, sev_populate_args->fw_error); + + if (WARN_ON_ONCE(snp_page_reclaim(pfn + i))) + goto out_unmap; + + /* + * When invalid CPUID function entries are detected, + * firmware writes the expected values into the page and + * leaves it unencrypted so it can be used for debugging + * and error-reporting. + * + * Copy this page back into the source buffer so + * userspace can use this information to provide + * information on which CPUID leaves/fields failed CPUID + * validation. + */ + if (sev_populate_args->type == KVM_SEV_SNP_PAGE_TYPE_CPUID && + sev_populate_args->fw_error == SEV_RET_INVALID_PARAM) { + if (WARN_ON_ONCE(host_rmp_make_shared(pfn + i, PG_LEVEL_4K))) + goto out_unmap; + + if (copy_to_user(src + i * PAGE_SIZE, vaddr, + PAGE_SIZE)) + pr_debug("Failed to write CPUID page back to userspace\n"); + + /* PFN is hypervisor-owned at this point, skip cleanup for it. */ + n_private--; + } + } + +out_unmap: + kunmap_local(vaddr); + if (ret) + break; + } + +out: + if (ret) { + pr_debug("%s: exiting with error ret %d, restoring %d gmem PFNs to shared.\n", + __func__, ret, n_private); + for (i = 0; i < n_private; i++) + WARN_ON_ONCE(host_rmp_make_shared(pfn + i, PG_LEVEL_4K)); + } + + return ret; +} + +static int snp_launch_update(struct kvm *kvm, struct kvm_sev_cmd *argp) +{ + struct kvm_sev_info *sev = &to_kvm_svm(kvm)->sev_info; + struct sev_gmem_populate_args sev_populate_args = {0}; + struct kvm_sev_snp_launch_update params; + struct kvm_memory_slot *memslot; + long npages, count; + void __user *src; + int ret = 0; + + if (!sev_snp_guest(kvm) || !sev->snp_context) + return -EINVAL; + + if (copy_from_user(¶ms, u64_to_user_ptr(argp->data), sizeof(params))) + return -EFAULT; + + pr_debug("%s: GFN start 0x%llx length 0x%llx type %d flags %d\n", __func__, + params.gfn_start, params.len, params.type, params.flags); + + if (!PAGE_ALIGNED(params.len) || params.flags || + (params.type != KVM_SEV_SNP_PAGE_TYPE_NORMAL && + params.type != KVM_SEV_SNP_PAGE_TYPE_ZERO && + params.type != KVM_SEV_SNP_PAGE_TYPE_UNMEASURED && + params.type != KVM_SEV_SNP_PAGE_TYPE_SECRETS && + params.type != KVM_SEV_SNP_PAGE_TYPE_CPUID)) + return -EINVAL; + + npages = params.len / PAGE_SIZE; + + /* + * For each GFN that's being prepared as part of the initial guest + * state, the following pre-conditions are verified: + * + * 1) The backing memslot is a valid private memslot. + * 2) The GFN has been set to private via KVM_SET_MEMORY_ATTRIBUTES + * beforehand. + * 3) The PFN of the guest_memfd has not already been set to private + * in the RMP table. + * + * The KVM MMU relies on kvm->mmu_invalidate_seq to retry nested page + * faults if there's a race between a fault and an attribute update via + * KVM_SET_MEMORY_ATTRIBUTES, and a similar approach could be utilized + * here. However, kvm->slots_lock guards against both this as well as + * concurrent memslot updates occurring while these checks are being + * performed, so use that here to make it easier to reason about the + * initial expected state and better guard against unexpected + * situations. + */ + mutex_lock(&kvm->slots_lock); + + memslot = gfn_to_memslot(kvm, params.gfn_start); + if (!kvm_slot_can_be_private(memslot)) { + ret = -EINVAL; + goto out; + } + + sev_populate_args.sev_fd = argp->sev_fd; + sev_populate_args.type = params.type; + src = params.type == KVM_SEV_SNP_PAGE_TYPE_ZERO ? NULL : u64_to_user_ptr(params.uaddr); + + count = kvm_gmem_populate(kvm, params.gfn_start, src, npages, + sev_gmem_post_populate, &sev_populate_args); + if (count < 0) { + argp->error = sev_populate_args.fw_error; + pr_debug("%s: kvm_gmem_populate failed, ret %ld (fw_error %d)\n", + __func__, count, argp->error); + ret = -EIO; + } else if (count <= npages) { + params.gfn_start += count; + params.len -= count * PAGE_SIZE; + if (params.type != KVM_SEV_SNP_PAGE_TYPE_ZERO) + params.uaddr += count * PAGE_SIZE; + + ret = copy_to_user(u64_to_user_ptr(argp->data), ¶ms, sizeof(params)) + ? -EIO : 0; + } else { + WARN_ONCE(1, "Completed page count %ld exceeds requested amount %ld", + count, npages); + ret = -EINVAL; + } + +out: + mutex_unlock(&kvm->slots_lock); + + return ret; +} + int sev_mem_enc_ioctl(struct kvm *kvm, void __user *argp) { struct kvm_sev_cmd sev_cmd; @@ -2217,6 +2451,9 @@ int sev_mem_enc_ioctl(struct kvm *kvm, void __user *argp) case KVM_SEV_SNP_LAUNCH_START: r = snp_launch_start(kvm, &sev_cmd); break; + case KVM_SEV_SNP_LAUNCH_UPDATE: + r = snp_launch_update(kvm, &sev_cmd); + break; default: r = -EINVAL; goto out; From patchwork Sun Apr 21 18:01:07 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Roth X-Patchwork-Id: 13637458 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 99A67C4345F for ; Sun, 21 Apr 2024 18:10:59 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 2DA856B00B6; Sun, 21 Apr 2024 14:10:59 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 28A136B00BB; Sun, 21 Apr 2024 14:10:59 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 0DCDD6B00BC; Sun, 21 Apr 2024 14:10:59 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0012.hostedemail.com [216.40.44.12]) by kanga.kvack.org (Postfix) with ESMTP id E2A186B00B6 for ; Sun, 21 Apr 2024 14:10:58 -0400 (EDT) Received: from smtpin18.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay07.hostedemail.com (Postfix) with ESMTP id 9D06416014F for ; Sun, 21 Apr 2024 18:10:58 +0000 (UTC) X-FDA: 82034330196.18.F994DB7 Received: from NAM11-DM6-obe.outbound.protection.outlook.com (mail-dm6nam11on2084.outbound.protection.outlook.com [40.107.223.84]) by imf18.hostedemail.com (Postfix) with ESMTP id 99E571C0008 for ; Sun, 21 Apr 2024 18:10:55 +0000 (UTC) Authentication-Results: imf18.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b=LpfFNfWi; dmarc=pass (policy=quarantine) header.from=amd.com; spf=pass (imf18.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.223.84 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com; arc=pass ("microsoft.com:s=arcselector9901:i=1") ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1713723055; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=bMLcSqMLx+WnMuvKssjd3QjQtrtM9T0ZYvsTn0pvMl8=; b=aVW46PjyEI2EiUXtJFJxAotJv/VmUlQh/FU9HZhLYfUsCzNlI166peKOg8Y78gyAK7J+2m xxOQNRdQJgL7pEWrfU7XnmAYWge10khhS/euybIII4nzgIo2QvRwP0fawjrQ0DvSuShIvo d8DqwyPA6Y2qW1mgBXnp3XWaI+6Jgzc= ARC-Authentication-Results: i=2; imf18.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b=LpfFNfWi; dmarc=pass (policy=quarantine) header.from=amd.com; spf=pass (imf18.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.223.84 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com; arc=pass ("microsoft.com:s=arcselector9901:i=1") ARC-Seal: i=2; s=arc-20220608; d=hostedemail.com; t=1713723055; a=rsa-sha256; cv=pass; b=Hc/Xzbl3iN8yso2sKMSbbOM1W6Yaer/SRKBMIfJkSZCQOYEQKTbb4bsu5yKqiaiWScpE3O vu2bf0jWhGqoP+9zZXO9q6mQQImAfdExVQPe5A0OSEZiF2j06a8yL7fK94L3zkO4BuNl3y 37o+emzCi+wcE0aT6m4f4EWQU+aKoVc= ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=VO8Z4KACOlo7i10oZJnVx72lCiMcuCyIzAF9a6Epd3Xs0WQ+f1M6Mmz71sqJijM8p6zUeXuyJp4xjH04QYxWstri4AFVMPO5IlTVgeytHRv68n82d9MfBjZsw30xHorDlloGzfLalyE1hkp54a3l7wnxMI+dJi34M4XEFhERMnJZM0i64fZPHud8Apb8QOqcS8QOnVfsubw1lZapJQQs1b889XQSFzf33PTkri/MFGWewnEYf31nvf3LL9sWQK4EqH+JPJTMmQyqFxZjLKZcaizW4ZiWdFBuTGW7dTf3K/Mhcv9Cc1JnDNbCRnmlyTbyPt+c1hOLP3g5OScKAbiHLg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=bMLcSqMLx+WnMuvKssjd3QjQtrtM9T0ZYvsTn0pvMl8=; b=MJi1V/hUTwPAQ9wshO7bI3bxBpGwP3qO6McNSeDxMuiDulw+ghyn/DO/KfFfxdkggK2b1qhfu4rHvh9qQXo5P4AJHNIfAozUkq5hvnZSPX5HuF8w16Wu9J0+H0aZLs/EexAOlKuvNWYVLXzgzHpPM1KLZfHG8XUh2gmm9julIrCeBCMATqKX+y0YYxmzoI94xY9o6PK4Yres4tg/YRBbgra0haQRK8rDKz5DDQvWs3YMYTPyexaW6YNaL12qz2PAgX81gvY3nv7r/xE8c6pMseVJllzWrSPOEIbFDZLtifqjNmhiDJK32SR3r4fEBRHWI2Ed0QhiGBcADpJ4J82cMw== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none (0) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=bMLcSqMLx+WnMuvKssjd3QjQtrtM9T0ZYvsTn0pvMl8=; b=LpfFNfWiKv37Tzasc1Mc8lcpSJpLcfNfn27yREUr7dUAn/dSuc1/kp6MxSDiUTbBGbQ6svqGfBoGP9G2JuiP1ancqxTiTp9izKXkJgut3W6OzrboC8ajaHArlJeqajBuI9NRE8TlBe4s/u7u03PNeMXt1tR/qm/aos0rIil+sMs= Received: from CY5PR15CA0010.namprd15.prod.outlook.com (2603:10b6:930:14::15) by PH7PR12MB9127.namprd12.prod.outlook.com (2603:10b6:510:2f6::17) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7472.44; Sun, 21 Apr 2024 18:10:50 +0000 Received: from CY4PEPF0000FCC0.namprd03.prod.outlook.com (2603:10b6:930:14:cafe::42) by CY5PR15CA0010.outlook.office365.com (2603:10b6:930:14::15) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7495.33 via Frontend Transport; Sun, 21 Apr 2024 18:10:50 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by CY4PEPF0000FCC0.mail.protection.outlook.com (10.167.242.102) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.7519.19 via Frontend Transport; Sun, 21 Apr 2024 18:10:50 +0000 Received: from localhost (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.35; Sun, 21 Apr 2024 13:10:49 -0500 From: Michael Roth To: CC: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , Brijesh Singh , Harald Hoyer Subject: [PATCH v14 07/22] KVM: SEV: Add KVM_SEV_SNP_LAUNCH_FINISH command Date: Sun, 21 Apr 2024 13:01:07 -0500 Message-ID: <20240421180122.1650812-8-michael.roth@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20240421180122.1650812-1-michael.roth@amd.com> References: <20240421180122.1650812-1-michael.roth@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: CY4PEPF0000FCC0:EE_|PH7PR12MB9127:EE_ X-MS-Office365-Filtering-Correlation-Id: fbfdbd03-fb5d-41ed-9a5f-08dc622e604f X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: 6Kb8w0IroJPUKsvnn8rC69EBDDxQU1KmmBIrQpnQuVNfV+be5u1wsjWDpeMMvtIXhGsQbcWR0XyP1ujDYL3Xx1PSP/KLsvB0w/BF0qdi3nBnTA8EqUzEAMn3lXQmwS2McksfALN11AQmUQqNW3XZu5HIRL8L67m58NIVkhLZe7YQ/ZJCBqrTHWPqxy/bMtCcezmFuOIyF9SwBEK0VUc3eEJ7L8eSiJkOFyBL+uxPU+64PvH80IaFk8TZlByOtcfLOJQ7OQkoSaI/oGKYpfsLQI52ImSjBKNmbq/hCRgETPEJ20y11qwlv0/XDTpjTHkY809Aq9FNaZNDE73z9iTB6gIu5/K7kJoXdi8vz6yThSDKqoNxul6utfhvIezHubh0xuryTM+cHJA/oKarCF8FW8pENEc07GmqGmPq9QPMKvKmgGKvgNdqaiB/ZJ18ZMLw0MwATxXtoJ04vrcmQdmboG4qlp6algyWjMWtQRfJfVanXZMQH35qwkCXDp7n3yS3zrdIDn6FrZsa+S6kXDur1Eb49z98cGCNA5NTyBtVIjNFZC+kDokfZLZCSE12HyrKhXIMGsXpt5PBh2q9J4W9o+Fe+nqlGqLtV2zQpDcl7MlqffoqwqBYx03QQ6ZqMtaw7jM+6Ob4saexxvaHEiIxYiiPSYehHL+iIiOarqu7abY5AZBsPnBQyMfGDN3ErOYrsSjjvS08uM7tnK1YX36k9BWIkCDmMlsuNCFSeg72MWSHmyh+qVDr3295N7OoAC+rBlHvz6N2dM7YpKAump/RvKjUWbjGdNRYG2iyRz9d9Whdvj1k6kavs3/yd5lRPmRh9rTYoFbWHQGD9ZBHeqt5gqrPkDDxkbzCWE7WQcKtjrYu2SlauW4fdDTot9zdbgChpeB56yPLAN+TpYj/x0u1XHFE9Yobku2Fw7XPboQtyV0D0LjAwbTjABb0+xOx9qLiqi4XVUHNmdorQTBxbBWYdDGoenTwxrEGdL8TQCvGs6iGx0awVfMIk73yOO4CSdjOUV42ImR6eoHkgvSm8//WZpTYMhEmk740dzl+KZlMvQnHiKVW9VFsTY3SsJBAG0Bys+tsJ7J91Uhk1wZYkjrAMP+5xk9e1r/Eb2qVIqFYwlxAzDjHrWqZvcBsk82aIFkRchcbQtbssgBBgvAYPmaNAW6UMkCVE6FOJLdZ10SYlTSSRkAfx2kQhgrFy0IT75OfxUy6RoCoO8Z8li5mG9gJkAainjMGw5KnW2k2T+N8P9BtpbmgtETmW6E3vVn33mFgMjBsWMf4zMHVR1fEIDT+53DPUvk1KsZiUIrSw6YViJ65I6eYWVMXgLUgzLBowaZqW9Y+sA+1Qz8xTMkiCerswrFzKGuzAYpt7Ah57GPtiYSeJaS8o5ACxPYBlEoUlxcG X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230031)(376005)(1800799015)(7416005)(36860700004)(82310400014);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 21 Apr 2024 18:10:50.2677 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: fbfdbd03-fb5d-41ed-9a5f-08dc622e604f X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: CY4PEPF0000FCC0.namprd03.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: PH7PR12MB9127 X-Rspam-User: X-Rspamd-Server: rspam11 X-Rspamd-Queue-Id: 99E571C0008 X-Stat-Signature: kchdxqt5ydfwkj3o661j9ysbn1pudfjg X-HE-Tag: 1713723055-242197 X-HE-Meta: U2FsdGVkX19hld5myOFDREb/H/pzJQ7Mh5KK9DT+Y7QoraK1jOWVctj6Fx9p2FNtFXORbDxdNY5N3GEdQFtkIa0/iWYlSeHc9bzMH2B9Hw/XH2MGikyr6e9Z9gAn3p6xSUFaaijwSgUdqYBw68qRxkKXBQ5/oAP5U+nZwg6SPCmjB7pZNM9YeDEUPokhkBuO8VUMUSQdTJduVNFC/10ALBUijWzBTSlog60Y4oEcIR5VlizasjSTMeEWB9aj6HcWUP9dqnUP5SJHzm3Tn9t58V5pzjankimPaZSskKSZHkBtsKrDnuaktLcIclykcB8yW+L6Xw2b9RuZEc+a3zGDXL/Y8I3BLZCDhnn9sdbmmdNp35nlbmQED8RRKiv0qcFfCcx0lrpCiQdU0QndU5x0XuITwfTzvIb27ulEhuHumZkVDUHwV/jTxk1Av3WEd4BjS0vK8MdVJulsBztdKSpUyuUAW7QNQF8dorAdZ+y+C1BQM6PYtcPVAp9AqVplPFw1+rRDyfSI/vT8C4t2mUjAloEqUrdwiN05LHrRvhIOeKtup5R8BPezDlwIdN/O8NeQ506LSjG5tH0GnOwiu3e8/0k1BF8Kn7d2mPu2If7U8Erv0SI3OcJjQJUA9fQP2mTmTtnHJMS4FbIXehqNMEvxdAghedZCPMN+CI7YrIRtZlaU1fvH55e9oJq05nOo009WswGM63qv+QyhpWgiKPelbWlHwjtuMbdjDhk+TaCFDu4gKUiSMS/VKG5ksYZMD6ZPQ5uCzIPQUqqFIdKCkUH+0VeVK4Kh+ywe4rxYaAh6HRSFHTFm0TxBaKg+Jcw0jWWk+Qh6HvCFyC7qDh8DvPYqA60Lbynm0hhO3syRiBtZqLphS3sgPhZK54dWWLNOdwLUzhXJ6LPerEYXlIQ1Tof6+vTScOpwUKm7Axaz0co7MICXiWym7vPsDlhQBy19ec/vem39YX4lKk8zGpptpCu +DK3clJq euJwB1VimxuFemLS7Dp8ZGYPItZwQYZH6ENTAYB9Qm7f8o99g+ihcOz74zGDJUHZgxcdMlWv3RFedhWHcukjO/zZEW+79UpbhTmxmLjaOAMHUUyu8jeuuAE/C12mwBycCgQT6oviGBLDZUw7Y2VABy9jBVJd8Y/ldfl048vg377CqeJ06FTXAyVV8sllBKrCIK3hs+29CtyTmb8KE9UVlcq+CeianxTtsVtIroCp+FsXw5HAjuiG5syzt68yyvosVu0ykr5sjqHjVcs46D6+hH5V292CsnJyBexCRQ7/QL49+RmBHTerk0Qtqap6xzCpBtU73uib2LcEcTUSCw/MRTnb6shuJVUe9A/8B5fZxEP31XpNkgba8m4hWq9TBSSFPQLgBnX0SERaPu3GjX1bU/RnecsChZRyp1kQ4+gaZsUr7z6UKaQcQDXQ1sS5v78XkAwm2 X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: From: Brijesh Singh Add a KVM_SEV_SNP_LAUNCH_FINISH command to finalize the cryptographic launch digest which stores the measurement of the guest at launch time. Also extend the existing SNP firmware data structures to support disabling the use of Versioned Chip Endorsement Keys (VCEK) by guests as part of this command. While finalizing the launch flow, the code also issues the LAUNCH_UPDATE SNP firmware commands to encrypt/measure the initial VMSA pages for each configured vCPU, which requires setting the RMP entries for those pages to private, so also add handling to clean up the RMP entries for these pages whening freeing vCPUs during shutdown. Signed-off-by: Brijesh Singh Co-developed-by: Michael Roth Signed-off-by: Michael Roth Signed-off-by: Harald Hoyer Signed-off-by: Ashish Kalra --- .../virt/kvm/x86/amd-memory-encryption.rst | 28 ++++ arch/x86/include/uapi/asm/kvm.h | 17 +++ arch/x86/kvm/svm/sev.c | 126 ++++++++++++++++++ include/linux/psp-sev.h | 4 +- 4 files changed, 174 insertions(+), 1 deletion(-) diff --git a/Documentation/virt/kvm/x86/amd-memory-encryption.rst b/Documentation/virt/kvm/x86/amd-memory-encryption.rst index 60728868c5c6..67bcede94bb5 100644 --- a/Documentation/virt/kvm/x86/amd-memory-encryption.rst +++ b/Documentation/virt/kvm/x86/amd-memory-encryption.rst @@ -537,6 +537,34 @@ where the allowed values for page_type are #define'd as:: See the SEV-SNP spec [snp-fw-abi]_ for further details on how each page type is used/measured. +20. KVM_SEV_SNP_LAUNCH_FINISH +----------------------------- + +After completion of the SNP guest launch flow, the KVM_SEV_SNP_LAUNCH_FINISH +command can be issued to make the guest ready for execution. + +Parameters (in): struct kvm_sev_snp_launch_finish + +Returns: 0 on success, -negative on error + +:: + + struct kvm_sev_snp_launch_finish { + __u64 id_block_uaddr; + __u64 id_auth_uaddr; + __u8 id_block_en; + __u8 auth_key_en; + __u8 vcek_disabled; + __u8 host_data[32]; + __u8 pad0[3]; + __u16 flags; /* Must be zero */ + __u64 pad1[4]; + }; + + +See SNP_LAUNCH_FINISH in the SEV-SNP specification [snp-fw-abi]_ for further +details on the input parameters in ``struct kvm_sev_snp_launch_finish``. + Device attribute API ==================== diff --git a/arch/x86/include/uapi/asm/kvm.h b/arch/x86/include/uapi/asm/kvm.h index 3c9255de76db..8007fbfe0160 100644 --- a/arch/x86/include/uapi/asm/kvm.h +++ b/arch/x86/include/uapi/asm/kvm.h @@ -700,6 +700,7 @@ enum sev_cmd_id { /* SNP-specific commands */ KVM_SEV_SNP_LAUNCH_START = 100, KVM_SEV_SNP_LAUNCH_UPDATE, + KVM_SEV_SNP_LAUNCH_FINISH, KVM_SEV_NR_MAX, }; @@ -852,6 +853,22 @@ struct kvm_sev_snp_launch_update { __u64 pad2[4]; }; +#define KVM_SEV_SNP_ID_BLOCK_SIZE 96 +#define KVM_SEV_SNP_ID_AUTH_SIZE 4096 +#define KVM_SEV_SNP_FINISH_DATA_SIZE 32 + +struct kvm_sev_snp_launch_finish { + __u64 id_block_uaddr; + __u64 id_auth_uaddr; + __u8 id_block_en; + __u8 auth_key_en; + __u8 vcek_disabled; + __u8 host_data[KVM_SEV_SNP_FINISH_DATA_SIZE]; + __u8 pad0[3]; + __u16 flags; + __u64 pad1[4]; +}; + #define KVM_X2APIC_API_USE_32BIT_IDS (1ULL << 0) #define KVM_X2APIC_API_DISABLE_BROADCAST_QUIRK (1ULL << 1) diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c index d3ae4ded91df..6ca1b13c9beb 100644 --- a/arch/x86/kvm/svm/sev.c +++ b/arch/x86/kvm/svm/sev.c @@ -74,6 +74,8 @@ static u64 sev_supported_vmsa_features; SNP_POLICY_MASK_DEBUG | \ SNP_POLICY_MASK_SINGLE_SOCKET) +#define INITIAL_VMSA_GPA 0xFFFFFFFFF000 + static u8 sev_enc_bit; static DECLARE_RWSEM(sev_deactivate_lock); static DEFINE_MUTEX(sev_bitmap_lock); @@ -2352,6 +2354,114 @@ static int snp_launch_update(struct kvm *kvm, struct kvm_sev_cmd *argp) return ret; } +static int snp_launch_update_vmsa(struct kvm *kvm, struct kvm_sev_cmd *argp) +{ + struct kvm_sev_info *sev = &to_kvm_svm(kvm)->sev_info; + struct sev_data_snp_launch_update data = {}; + struct kvm_vcpu *vcpu; + unsigned long i; + int ret; + + data.gctx_paddr = __psp_pa(sev->snp_context); + data.page_type = SNP_PAGE_TYPE_VMSA; + + kvm_for_each_vcpu(i, vcpu, kvm) { + struct vcpu_svm *svm = to_svm(vcpu); + u64 pfn = __pa(svm->sev_es.vmsa) >> PAGE_SHIFT; + + /* Perform some pre-encryption checks against the VMSA */ + ret = sev_es_sync_vmsa(svm); + if (ret) + return ret; + + /* Transition the VMSA page to a firmware state. */ + ret = rmp_make_private(pfn, INITIAL_VMSA_GPA, PG_LEVEL_4K, sev->asid, true); + if (ret) + return ret; + + /* Issue the SNP command to encrypt the VMSA */ + data.address = __sme_pa(svm->sev_es.vmsa); + ret = __sev_issue_cmd(argp->sev_fd, SEV_CMD_SNP_LAUNCH_UPDATE, + &data, &argp->error); + if (ret) { + snp_page_reclaim(pfn); + return ret; + } + + svm->vcpu.arch.guest_state_protected = true; + } + + return 0; +} + +static int snp_launch_finish(struct kvm *kvm, struct kvm_sev_cmd *argp) +{ + struct kvm_sev_info *sev = &to_kvm_svm(kvm)->sev_info; + struct kvm_sev_snp_launch_finish params; + struct sev_data_snp_launch_finish *data; + void *id_block = NULL, *id_auth = NULL; + int ret; + + if (!sev_snp_guest(kvm)) + return -ENOTTY; + + if (!sev->snp_context) + return -EINVAL; + + if (copy_from_user(¶ms, u64_to_user_ptr(argp->data), sizeof(params))) + return -EFAULT; + + if (params.flags) + return -EINVAL; + + /* Measure all vCPUs using LAUNCH_UPDATE before finalizing the launch flow. */ + ret = snp_launch_update_vmsa(kvm, argp); + if (ret) + return ret; + + data = kzalloc(sizeof(*data), GFP_KERNEL_ACCOUNT); + if (!data) + return -ENOMEM; + + if (params.id_block_en) { + id_block = psp_copy_user_blob(params.id_block_uaddr, KVM_SEV_SNP_ID_BLOCK_SIZE); + if (IS_ERR(id_block)) { + ret = PTR_ERR(id_block); + goto e_free; + } + + data->id_block_en = 1; + data->id_block_paddr = __sme_pa(id_block); + + id_auth = psp_copy_user_blob(params.id_auth_uaddr, KVM_SEV_SNP_ID_AUTH_SIZE); + if (IS_ERR(id_auth)) { + ret = PTR_ERR(id_auth); + goto e_free_id_block; + } + + data->id_auth_paddr = __sme_pa(id_auth); + + if (params.auth_key_en) + data->auth_key_en = 1; + } + + data->vcek_disabled = params.vcek_disabled; + + memcpy(data->host_data, params.host_data, KVM_SEV_SNP_FINISH_DATA_SIZE); + data->gctx_paddr = __psp_pa(sev->snp_context); + ret = sev_issue_cmd(kvm, SEV_CMD_SNP_LAUNCH_FINISH, data, &argp->error); + + kfree(id_auth); + +e_free_id_block: + kfree(id_block); + +e_free: + kfree(data); + + return ret; +} + int sev_mem_enc_ioctl(struct kvm *kvm, void __user *argp) { struct kvm_sev_cmd sev_cmd; @@ -2454,6 +2564,9 @@ int sev_mem_enc_ioctl(struct kvm *kvm, void __user *argp) case KVM_SEV_SNP_LAUNCH_UPDATE: r = snp_launch_update(kvm, &sev_cmd); break; + case KVM_SEV_SNP_LAUNCH_FINISH: + r = snp_launch_finish(kvm, &sev_cmd); + break; default: r = -EINVAL; goto out; @@ -2944,11 +3057,24 @@ void sev_free_vcpu(struct kvm_vcpu *vcpu) svm = to_svm(vcpu); + /* + * If it's an SNP guest, then the VMSA was marked in the RMP table as + * a guest-owned page. Transition the page to hypervisor state before + * releasing it back to the system. + */ + if (sev_snp_guest(vcpu->kvm)) { + u64 pfn = __pa(svm->sev_es.vmsa) >> PAGE_SHIFT; + + if (host_rmp_make_shared(pfn, PG_LEVEL_4K)) + goto skip_vmsa_free; + } + if (vcpu->arch.guest_state_protected) sev_flush_encrypted_page(vcpu, svm->sev_es.vmsa); __free_page(virt_to_page(svm->sev_es.vmsa)); +skip_vmsa_free: if (svm->sev_es.ghcb_sa_free) kvfree(svm->sev_es.ghcb_sa); } diff --git a/include/linux/psp-sev.h b/include/linux/psp-sev.h index 3705c2044fc0..903ddfea8585 100644 --- a/include/linux/psp-sev.h +++ b/include/linux/psp-sev.h @@ -658,6 +658,7 @@ struct sev_data_snp_launch_update { * @id_auth_paddr: system physical address of ID block authentication structure * @id_block_en: indicates whether ID block is present * @auth_key_en: indicates whether author key is present in authentication structure + * @vcek_disabled: indicates whether use of VCEK is allowed for attestation reports * @rsvd: reserved * @host_data: host-supplied data for guest, not interpreted by firmware */ @@ -667,7 +668,8 @@ struct sev_data_snp_launch_finish { u64 id_auth_paddr; u8 id_block_en:1; u8 auth_key_en:1; - u64 rsvd:62; + u8 vcek_disabled:1; + u64 rsvd:61; u8 host_data[32]; } __packed; From patchwork Sun Apr 21 18:01:08 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Roth X-Patchwork-Id: 13637475 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id C3068C4345F for ; Sun, 21 Apr 2024 18:11:20 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 599B66B00BE; Sun, 21 Apr 2024 14:11:20 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 549B36B00BF; Sun, 21 Apr 2024 14:11:20 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 375466B00C0; Sun, 21 Apr 2024 14:11:20 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0015.hostedemail.com [216.40.44.15]) by kanga.kvack.org (Postfix) with ESMTP id 18B216B00BE for ; Sun, 21 Apr 2024 14:11:20 -0400 (EDT) Received: from smtpin11.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay02.hostedemail.com (Postfix) with ESMTP id CCCD41209F4 for ; Sun, 21 Apr 2024 18:11:19 +0000 (UTC) X-FDA: 82034331078.11.57862B9 Received: from NAM10-MW2-obe.outbound.protection.outlook.com (mail-mw2nam10on2050.outbound.protection.outlook.com [40.107.94.50]) by imf15.hostedemail.com (Postfix) with ESMTP id DD841A0012 for ; Sun, 21 Apr 2024 18:11:16 +0000 (UTC) Authentication-Results: imf15.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b=lQ739nUT; arc=pass ("microsoft.com:s=arcselector9901:i=1"); spf=pass (imf15.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.94.50 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com; dmarc=pass (policy=quarantine) header.from=amd.com ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1713723077; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=FkoJgGls1EeSRyZ3p+3ldCDDaRRNh/kfCmt+Ww644qk=; b=q9B0Q0yaKw4hvel1W7e/KgHHcMp7WQ7MqKM9bEgxhUwJBkV21IfP3gu5EbZDh1mczWRbzy mPubojk64Blrsy3pqTm+v/xOtrUtaohg3bSrIDTzaHGw1Nl3k3jRZuubeX1+osCDlMOkXz XsQss4VbG2vHvfK+L7YeRYmfkC9uvfA= ARC-Authentication-Results: i=2; imf15.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b=lQ739nUT; arc=pass ("microsoft.com:s=arcselector9901:i=1"); spf=pass (imf15.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.94.50 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com; dmarc=pass (policy=quarantine) header.from=amd.com ARC-Seal: i=2; s=arc-20220608; d=hostedemail.com; t=1713723077; a=rsa-sha256; cv=pass; b=AHLgO9LgbgFdEmLjpz3RvCa6CSxocEPD8rOByF8hkqWYiJLDATDouQPhwV1x1kQ+RPqzSy F7z8o5a23OBlcNKcxZ/vfQ02E3xyj01opUPS7u4yzU13wdzLk2P6w6iJ2NE2OtjJQMBraQ C8sXKpX5SHdT42i01+gCo2LQjo9D1EU= ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=SkmHTnDXGqvKb959gGSGuUntybW7bHMgjgHEUxAqc7yIwsVpfuQcPwWimYLcd074WoeBmbJ5a2YC/Y4slDxcmoeLnw3yvXAc06381K9gXdgaOMyLrQoAjFuotcfpGjB6bbhvAuUKMUxmzY+paabb1WV7LaBtGu+QnA7MkvN9vIaLkykVOGhYje8cSvVFOCX4sozdpKe1Kl5TKXKemOhOfiLDvjJI4sbhdzHEg+34nZ1a1HvfND9egczISAcMGjCVjKVoI7Ycfxlc3Ak3blUo871Q8YCg1yDwyPORfgpVRcSeTGLeBk8dT18n5WiMG79efTuotDxgcE5oAHaMUlJd6A== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=FkoJgGls1EeSRyZ3p+3ldCDDaRRNh/kfCmt+Ww644qk=; b=bEYnOSJSVHwVm4XAhcGzil0fFGNdP1+RlJteGyAKlBzGmh6f6u/G1+XP7WdZK1qKFvBXJ+zj28iXy9eEVeDNmoJp/b54U8ZrFj1r5/PPmBPq/SZc3FPoD7U5VziDZvRIHHiVvkIunwV1VtKvjX/0oqYIxudcpiOmqy6huvaV6g2kA+gImkI3fYRyOWmyRM+oCGTbgfy7O2O1Ygrk19aJpvu21ICvQ5ii/gcdlXNyPcnkAf5KywFcZf67r4JfmjtMASuGPpljYP3DQFSJ7CaTjkfM0UFZEXoqiwOz8+zU3Qo0jJ3rqifv9KxgRMeHaIUB+kCE4yuTKoD2tnlupFzkCw== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none (0) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=FkoJgGls1EeSRyZ3p+3ldCDDaRRNh/kfCmt+Ww644qk=; b=lQ739nUTldDzCkPUu8sUao43YNzc0giCUNmuOFtUPrQCbBFR75WMKbpiCDXovrO+jXL9uNlS+9xzQbzlAuojVsrlZRQ8h+yETRVAc9YcntUo/yI8v5W81pk3VXrPXXCKHhQbP1rsUC3qJqwksFoFNXJbF1RfKar6ZjSidccNZeQ= Received: from CY5PR15CA0018.namprd15.prod.outlook.com (2603:10b6:930:14::14) by SA3PR12MB7805.namprd12.prod.outlook.com (2603:10b6:806:319::20) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7472.44; Sun, 21 Apr 2024 18:11:11 +0000 Received: from CY4PEPF0000FCC0.namprd03.prod.outlook.com (2603:10b6:930:14:cafe::14) by CY5PR15CA0018.outlook.office365.com (2603:10b6:930:14::14) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7495.33 via Frontend Transport; Sun, 21 Apr 2024 18:11:11 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by CY4PEPF0000FCC0.mail.protection.outlook.com (10.167.242.102) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.7519.19 via Frontend Transport; Sun, 21 Apr 2024 18:11:11 +0000 Received: from localhost (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.35; Sun, 21 Apr 2024 13:11:10 -0500 From: Michael Roth To: CC: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , Brijesh Singh Subject: [PATCH v14 08/22] KVM: SEV: Add support to handle GHCB GPA register VMGEXIT Date: Sun, 21 Apr 2024 13:01:08 -0500 Message-ID: <20240421180122.1650812-9-michael.roth@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20240421180122.1650812-1-michael.roth@amd.com> References: <20240421180122.1650812-1-michael.roth@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: CY4PEPF0000FCC0:EE_|SA3PR12MB7805:EE_ X-MS-Office365-Filtering-Correlation-Id: 548ed092-99a8-41d2-9a19-08dc622e6d03 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: Oi8Q8RS29bk0s3+zAJZUIn6DdIMOwHdrPgBVFKPi1q2boPyn/W+w/V8aqaEp9t8oiuXPOwtZn2DS9YdESSeT8zKInYqSOYPz/lBB8LSvqMTwZLc8vDNRgMKt39eJ2Klo0mukQSQCMx3ob1BVllJ9Papi20zjerw5DZk9ZwQY1hPHbPgS84ZqOfhHZbBIIB8POr5SFnqgvN3eybQXzYsT66npLv3pgmUX9H56zsWA/QTyfQyS+Dg7b7/2Nu3aQHd7ktd9+chHvuFmzkB0eRWBLgz+fjfU/Gl0D09GkUtL8T9JbH+IMLkrPsYjeFLR6Usi4Oteh34dFbavfAxZ8PwUUi7c+aR3aKMzke4AC+h7we89WAuaR0CTOgapEaIRoU1N6aBD6tnWeGHKNj8UNFTGXDex1mjATAEMsNZkT3pUcuUWlclqATMIvuAuaAG4AafRA6bHlX+gU7WypJKaF7IzLPEjaYy4R+jC2VmpplwHhz+yi0TYML//IIIm38Z2nl+tdKr80yIZ+aGrHziFYWLMX/DAG2zdzc6m8CpOug5PFCeuCrkt6UgwO0PGFmmBY/hIuUJTecBeDOaQepaTn3i9H2JBB8ANa4WebIzxJpVUZKQ1AlaHC7gvjn2r2/L54FLORG8yUXhgEdf178IjkauPwE1mB7v6NsWkKEG/UFhMP++pVG2tMyMUa0FtwkoTvL/c6m9EKuZkIrYjxVPEsZr15Rul5TuAPJMOdaVOXPEUwxbYCUSOktb5BpzyP+mRzw8qUpH1uDbdtgKAr15hRg4WIV08HZ8rtJfhu6Mq76zFChROhygN4RtFzthk3suJTsO3qGlWrJ2eQboRyTy+KHxECt6UaMMAND63OEj761DihpxNEGPq/ib1vRpUaIWYzXRQ57SW7kPPNZM7czAj2Xb7OH/knvi9nqqcOdqMva4NCV7y+M4tWWi5gSVqflxzHivxToWHU3EA9vufsmTsWlm6BVpgMH/oRCXwwcjqEecw/l/V/rL4l3rDxKv+7pTzGnZQs/N95jtJvXqnhGBfMJfSCugeMGcUC6pIdtQfVpwIn0DApZloOQ3MrIpAGaR7w1z5cBIY6CfJDReta80rEaL8BYjXJHxVkYmM99b0r2FjI8xN07hQa1fZNXrOO5DBYgsj0oD4XKpRXCBqWBFeKB1Yt/ohytb+hXQX0tXoYjI2mEbkHq+FZMzbf7zwVJB147ySfUpyny9plH5wesm6ohicuEpqGjmOzcUdLDsgO/D2w/FsiSYuCbN0lejW6k4DigymjoT3vPUeWFPhAY3a1HHk0KuxHB1C/mEoDosOq225vcDH4+SofjFXY5cBddL1iLVdGppayEU+HF+3PH8z6tuTWxEhGKfDunxKQYGrVQTLfN0= X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230031)(1800799015)(7416005)(376005)(82310400014)(36860700004);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 21 Apr 2024 18:11:11.5800 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 548ed092-99a8-41d2-9a19-08dc622e6d03 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: CY4PEPF0000FCC0.namprd03.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: SA3PR12MB7805 X-Stat-Signature: zpxddzss3xxwjshsxqfxns9yyag1tsnt X-Rspamd-Queue-Id: DD841A0012 X-Rspamd-Server: rspam02 X-Rspam-User: X-HE-Tag: 1713723076-713196 X-HE-Meta: U2FsdGVkX1+2A8dsY9rNgmL0jnLAXmZgzneADGu2KG4kpJvYA064IcMTY7cdVnO1Ag5NI0KVnXXvavnkcVRHyWuBU9g623defUDIAx2uMh5PmH30unL4qKKNyjxqGzK+3f8fsfhawXGPAqpzhNkwyKr6eTjstImpS1HrkBODfuAI29NXooY+N9P6nZ6WqBZGEHDWYCZF8aSjlIxgQAqNI8oA0mlJnM0dS1MOmnTu+mkQUEiVH9cU4udkStFeaImA0aQobG8ycCEji9hvWvMXmr+qEHgY1eGX6IdGszqN7pWOjN+it1tZqiyku9b9/WD4wWqZ3A/uq5Iyzdfe6X9fj47Qu8tLgSDNA3esruqfmU7a0SVPstsnwATx5im+7cVZocb54+peo6kvu4icVzU+iwSz5gMVc7Jdzt5WjQY9oB+RivdomQ4gCsdJ25oRftzO5w40ngFjd2AbkN5yxNd3BkxF/SUEFNNklj3Q0G6LJEnJhSwanlWwatD3A9F32vKzvkVXDlUIPPexBeZxS1MquqTyhrhHtmJGFWq/ATmgpndea+jLAdRq5sa9NbR5QuucZ8pYrk5yQ1q3af7nbtyl2K2a1uTx6ohoRaYEPhtm1JbImOyOF8U2GjAiwutoUfOXxBa/OeWVKk9poG/Tjjh0UDmw/5cXiyUTMGXLisQyr/YvIQMRjjdu6GydIkaxER6mwFy019Jza10nb0/a5y2qhjvWWypkWMYUnv5f5FfXrTg0HLO7HbH4tMjTjDYMWkg3Fx9uw5PZPBEN9DwrG/XIiRorKdS7RcN+dvpThzRuXnSTuuIdotSMBTktOcLKdlXFZc84xVmYbnLfA2pBDC1zB13s3A9c1w6VyFd9N9V5ZE+iAI5a5ifbszqWQKdy4+KXZpbIEkNgH96EGX/LHZRULUIILUKvZfzTTNuX+1Sb6TyfC0kimu2r2w7AH2mEpFWpkRSXtEgC78r1dRMsD11 1L1509eM evAMtplF8MSd+FYFmzxHT2k7Pb9hBym8mXSkFxj3wyrWQRchKuCkKVLGZFdJO6mwvOz3ah4bV1QFfug0bDUklGUXosMWnayAZslKqIxWIkHLyrzy+mVXTUcXWZmCWsZ1QYup+3ErTNHOFb5LXdBGrmsmo23p95SIqNRgpyXUwddsu5TPgmMe+bQZmWK2PuZTkRdweM+Mw8napMF2zAwyOD9kk5ZMwVG/NapwIkTgN7JZZAAuqLIeR/wBi3VHxjKdy4IksGVXZydsrGxpYYSEanYyU1U+c7NbY5BvHhxa/puZGAmfHiU/MYlGlgRYKo7NwGgUqpuCCKqSzCZs= X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: From: Brijesh Singh SEV-SNP guests are required to perform a GHCB GPA registration. Before using a GHCB GPA for a vCPU the first time, a guest must register the vCPU GHCB GPA. If hypervisor can work with the guest requested GPA then it must respond back with the same GPA otherwise return -1. On VMEXIT, verify that the GHCB GPA matches with the registered value. If a mismatch is detected, then abort the guest. Signed-off-by: Brijesh Singh Signed-off-by: Ashish Kalra Signed-off-by: Michael Roth --- arch/x86/include/asm/sev-common.h | 8 ++++++++ arch/x86/kvm/svm/sev.c | 27 +++++++++++++++++++++++++++ arch/x86/kvm/svm/svm.h | 7 +++++++ 3 files changed, 42 insertions(+) diff --git a/arch/x86/include/asm/sev-common.h b/arch/x86/include/asm/sev-common.h index 5a8246dd532f..1006bfffe07a 100644 --- a/arch/x86/include/asm/sev-common.h +++ b/arch/x86/include/asm/sev-common.h @@ -59,6 +59,14 @@ #define GHCB_MSR_AP_RESET_HOLD_RESULT_POS 12 #define GHCB_MSR_AP_RESET_HOLD_RESULT_MASK GENMASK_ULL(51, 0) +/* Preferred GHCB GPA Request */ +#define GHCB_MSR_PREF_GPA_REQ 0x010 +#define GHCB_MSR_GPA_VALUE_POS 12 +#define GHCB_MSR_GPA_VALUE_MASK GENMASK_ULL(51, 0) + +#define GHCB_MSR_PREF_GPA_RESP 0x011 +#define GHCB_MSR_PREF_GPA_NONE 0xfffffffffffff + /* GHCB GPA Register */ #define GHCB_MSR_REG_GPA_REQ 0x012 #define GHCB_MSR_REG_GPA_REQ_VAL(v) \ diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c index 6ca1b13c9beb..76084e109f66 100644 --- a/arch/x86/kvm/svm/sev.c +++ b/arch/x86/kvm/svm/sev.c @@ -3541,6 +3541,26 @@ static int sev_handle_vmgexit_msr_protocol(struct vcpu_svm *svm) set_ghcb_msr_bits(svm, GHCB_MSR_HV_FT_RESP, GHCB_MSR_INFO_MASK, GHCB_MSR_INFO_POS); break; + case GHCB_MSR_PREF_GPA_REQ: + set_ghcb_msr_bits(svm, GHCB_MSR_PREF_GPA_NONE, GHCB_MSR_GPA_VALUE_MASK, + GHCB_MSR_GPA_VALUE_POS); + set_ghcb_msr_bits(svm, GHCB_MSR_PREF_GPA_RESP, GHCB_MSR_INFO_MASK, + GHCB_MSR_INFO_POS); + break; + case GHCB_MSR_REG_GPA_REQ: { + u64 gfn; + + gfn = get_ghcb_msr_bits(svm, GHCB_MSR_GPA_VALUE_MASK, + GHCB_MSR_GPA_VALUE_POS); + + svm->sev_es.ghcb_registered_gpa = gfn_to_gpa(gfn); + + set_ghcb_msr_bits(svm, gfn, GHCB_MSR_GPA_VALUE_MASK, + GHCB_MSR_GPA_VALUE_POS); + set_ghcb_msr_bits(svm, GHCB_MSR_REG_GPA_RESP, GHCB_MSR_INFO_MASK, + GHCB_MSR_INFO_POS); + break; + } case GHCB_MSR_TERM_REQ: { u64 reason_set, reason_code; @@ -3604,6 +3624,13 @@ int sev_handle_vmgexit(struct kvm_vcpu *vcpu) trace_kvm_vmgexit_enter(vcpu->vcpu_id, svm->sev_es.ghcb); sev_es_sync_from_ghcb(svm); + + /* SEV-SNP guest requires that the GHCB GPA must be registered */ + if (sev_snp_guest(svm->vcpu.kvm) && !ghcb_gpa_is_registered(svm, ghcb_gpa)) { + vcpu_unimpl(&svm->vcpu, "vmgexit: GHCB GPA [%#llx] is not registered.\n", ghcb_gpa); + return -EINVAL; + } + ret = sev_es_validate_vmgexit(svm); if (ret) return ret; diff --git a/arch/x86/kvm/svm/svm.h b/arch/x86/kvm/svm/svm.h index 0654fc91d4db..730f5ced2a2e 100644 --- a/arch/x86/kvm/svm/svm.h +++ b/arch/x86/kvm/svm/svm.h @@ -208,6 +208,8 @@ struct vcpu_sev_es_state { u32 ghcb_sa_len; bool ghcb_sa_sync; bool ghcb_sa_free; + + u64 ghcb_registered_gpa; }; struct vcpu_svm { @@ -361,6 +363,11 @@ static __always_inline bool sev_snp_guest(struct kvm *kvm) #endif } +static inline bool ghcb_gpa_is_registered(struct vcpu_svm *svm, u64 val) +{ + return svm->sev_es.ghcb_registered_gpa == val; +} + static inline void vmcb_mark_all_dirty(struct vmcb *vmcb) { vmcb->control.clean = 0; From patchwork Sun Apr 21 18:01:09 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Roth X-Patchwork-Id: 13637414 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id DAD7DC4345F for ; Sun, 21 Apr 2024 18:03:32 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 4802B6B0088; Sun, 21 Apr 2024 14:03:32 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 430EA6B0089; Sun, 21 Apr 2024 14:03:32 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 25BB76B008A; Sun, 21 Apr 2024 14:03:32 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0014.hostedemail.com [216.40.44.14]) by kanga.kvack.org (Postfix) with ESMTP id 06F206B0088 for ; Sun, 21 Apr 2024 14:03:32 -0400 (EDT) Received: from smtpin02.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay04.hostedemail.com (Postfix) with ESMTP id 7FF4B1A02F1 for ; Sun, 21 Apr 2024 18:03:31 +0000 (UTC) X-FDA: 82034311422.02.FEC1013 Received: from NAM10-BN7-obe.outbound.protection.outlook.com (mail-bn7nam10on2073.outbound.protection.outlook.com [40.107.92.73]) by imf14.hostedemail.com (Postfix) with ESMTP id 8F6D910000D for ; Sun, 21 Apr 2024 18:03:28 +0000 (UTC) Authentication-Results: imf14.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b=YFCO0C5m; arc=pass ("microsoft.com:s=arcselector9901:i=1"); spf=pass (imf14.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.92.73 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com; dmarc=pass (policy=quarantine) header.from=amd.com ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1713722608; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=XgK+wk8bsGy4rKToqYdvg77hh1L0DI8bg/xj6fFNtII=; b=Z4U0Yao8vmxHKjrpKCzmz+2BS5h0vRU9YkXggmqsNk0c3MFcivw4asZzqKIbtbuulqV3L+ X061j3fRPoHtcbYymNVNl2rtXQU2v+BNVkntTT7g+tpp1Jyp1LglW0wEzo+yGaDWTwtts8 9T0s2Z3kuHgEvCNwvmTwmLQSFVWvRC0= ARC-Authentication-Results: i=2; imf14.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b=YFCO0C5m; arc=pass ("microsoft.com:s=arcselector9901:i=1"); spf=pass (imf14.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.92.73 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com; dmarc=pass (policy=quarantine) header.from=amd.com ARC-Seal: i=2; s=arc-20220608; d=hostedemail.com; t=1713722608; a=rsa-sha256; cv=pass; b=WEhoLJCCVJ+DQIpYB17psCLiKkg/wGmKhpOuHDBf3ZLjgMBcagU8KZOye/eMdOUAEV8iFC qllPUAQys2ziPDq+3xxWXyJ8akmrh2z368JUEacL8e/BffEWPZbMK3B+5XFpcFvIyNbF/+ jmoDE89dXGg3LYzot+MAisdf+eYZ3cI= ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=e1Ob2u4hYIQwx7XQsuZcqfU3lKx77awx2LtzQUcvijOqymTfTRy62O6RAYg+0KlrvvVyC3RVCi+nGAUvy64/NEQ7wfoEmjF1/SnYrEwZDU6W+uuqEcJwaP6Hlw8/aLnp/GiNZ/OG6a9EM0qXn09Js8i7NFrG3vSG0BJiXG/diyEPQdE88vFuHzYtr4LHPlz7XhFNjQTeEwcvvEuNXvdIh9L9hJkkzJgrIY6cvtPJzhqBIXo8ZQNdpUveElPqj3uNXhKxk+C1gEMSjz/X8kv3O5gTHoOJQu/YFsS577ymx/kjGjIvyWq+r/o+pQW9rTjkp5bqaNvOnpzJ5BhrizmAiA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=XgK+wk8bsGy4rKToqYdvg77hh1L0DI8bg/xj6fFNtII=; b=dM5Gp2RRTIqXkTszcVjwcnd1MjLTkJcHo9aqpbRpTA+9Dwrp3V0WE6VuU1Jiw3c3tTXty4/+qLZptE+5tiSvQjsSdTmCcI8g4GPA7wn3CKMI6NeXCiwZOQ0d0hDKdZ49LyIoQDCbavI5z7HIgcGB3SVtrAbP1vX8VUN07plflCd1xr/YE4sMl4A+9kHv51N34b1G5ruvx/jYFwspE19bb+r8vMBhFX8CM41q1mlORAKa8elGrva72vfY2ymRvAN589UcsFeezwaAyrxUa/RluvIjULPfyzKYCg4HlegXXanVa0Rl/iMkIjDdq5yTVe+erEkE8k2AGxjW/ga0ea8dAg== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none (0) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=XgK+wk8bsGy4rKToqYdvg77hh1L0DI8bg/xj6fFNtII=; b=YFCO0C5me/uC1nCLz7623r5zrSUP06rrAsAFVIR2DqAo8Ra54jBqfWr0+VOntkpCowgMo2RWHPTDYYJcbAENP6FPwv0uKIiWg34Ab8rAkfpRzTpEny0Ixne6M/hzchDfVrWrlnS5xEmhph+OBSjKsycRelukhfPNpclhsGPtFV4= Received: from BL6PEPF00013DF7.NAMP222.PROD.OUTLOOK.COM (2603:10b6:22e:400:0:1001:0:9) by MW4PR12MB5668.namprd12.prod.outlook.com (2603:10b6:303:16b::13) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7472.44; Sun, 21 Apr 2024 18:03:22 +0000 Received: from MN1PEPF0000ECD8.namprd02.prod.outlook.com (2a01:111:f403:f902::2) by BL6PEPF00013DF7.outlook.office365.com (2603:1036:903:4::4) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7472.33 via Frontend Transport; Sun, 21 Apr 2024 18:03:22 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by MN1PEPF0000ECD8.mail.protection.outlook.com (10.167.242.137) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.7519.19 via Frontend Transport; Sun, 21 Apr 2024 18:03:22 +0000 Received: from localhost (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.35; Sun, 21 Apr 2024 13:03:21 -0500 From: Michael Roth To: CC: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , Brijesh Singh Subject: [PATCH v14 09/22] KVM: SEV: Add support to handle MSR based Page State Change VMGEXIT Date: Sun, 21 Apr 2024 13:01:09 -0500 Message-ID: <20240421180122.1650812-10-michael.roth@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20240421180122.1650812-1-michael.roth@amd.com> References: <20240421180122.1650812-1-michael.roth@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: MN1PEPF0000ECD8:EE_|MW4PR12MB5668:EE_ X-MS-Office365-Filtering-Correlation-Id: 4b0fb1f0-ec97-47af-16c7-08dc622d551b X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: vdq+VbfFpAn/rUDNdZCcdlEJ6yXayKY1o9aEnCfKtdsF9jvlsM2+fl0xafx4yzOAIqzV7XBpafsu0NsAkPFgzglpX8OPzngCluUjfNTbMmGPdlTXe1ZXUP9bSwaBt31TDqH/X5m6rrVP7b2+Gl6Uix4q0ePHgwy7s5seVXjmRUcWil4xNjnaAaokj/Mrhb1R1txAzNnCrZ+oT8ZFHnuU9t42B50JiF9oggisCz824t7PGzOsfifpHmfDr7qJsqksez7DomUYxYF8LQi0nripBSqHUM257RQNnT05bzRoaNOT8ujMm8T4gUYoxbG9DrTkzpetGoJrfuVLa75L85A8BTfWJpc76C+EZD5+wzAAtBhyLKqMUm5VTCbwaX0c1qZgcFgKP2J/DFS6zd6eSADFNT1Ig80g27eG21zCpK9zGZtX3w6y9G54EkBlQSBtqBktFpS+VuWRGl1KAryq2MNgOEDHCPcohxxs9XCdTkyn3ZuIO4qgLoWRYxhTtrOscSKXEqFkYHnJ70lIfPBTU+70njyLS+9BbF+2fnFnptWBR07ZxZqnzryYMBJHRNdt6XcMhv8oJBnsDNtt1OgMz7RlYMJHiqEQrCc+MwZjAYfehTULkLLS4W14u7Z9mRC/hsGKwryF+UfaWmCbXt+4s8rL+Az2PGxEV5ADaczY9u1mULVQbvxRfaCk1b7vNTtV067jNqG/L95JWJBJ80bpXA55OpSTCNnNMfJoJEMU8LMi9L0SlcYndcolAXj4C+TKAxZJUoghkEm6CYqvJKJm3AvmEa4DY81iCqXKdhbOLR2gvCXd2lCIEO0JbjPIzAbrhV6qyFo43ccO0Pcm0lyozDiPzpzamp3/BxqYPi7noZUTIoIw+A1ICoXEnul0tuFcsW7fOy1xblu0gPm4KSaSrtd1k17sx6VK54sIvZVwRaqzx+iJI+5ltzAj6kmcZ0ohx7WDjhA2sy5lTtAnCv3lWWQkE/cXZrCMUSfKuLKzF2iNOBvcyt3pPGp+hFQ8FfoV1XpfO0iuv70ViQUWxJaiu1Q6FIASmFselt9whh8vSke9IND/87jCdv35XFllnpokilukwvtaZ2yu90YQCi7KD3xgXJAX0wK1uo2GU2Io35MfseBSJ7ipkVqTBu8EBvgtwTfeDa0hdm7T/7gmnxuDV0BhOTEU1rVnCPSOprGaVHOIq1mm+0y2l5vc/IGPkN1Y4rUpfDR/qIrS6iwqS/JwXrfLkjRWaasABPNSYE2RQBI9C2vJSHM7vkiR5yAvvDSmOTGWuNFuUli+izUYbY41sxfBlDfofV5bNzBo/6RXyIH6PRNsWFj5EgpNj4IBi/X55hJmTKajWdlwgvWsGlosFeXaRdjuowytA7vPzN50jgeZdbUp3H/HgoJO9aLolIWIWlDB X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230031)(82310400014)(376005)(7416005)(1800799015)(36860700004);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 21 Apr 2024 18:03:22.0188 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 4b0fb1f0-ec97-47af-16c7-08dc622d551b X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: MN1PEPF0000ECD8.namprd02.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: MW4PR12MB5668 X-Stat-Signature: o7bjio1nkngpktz9x8wrtpdksuas5y6z X-Rspamd-Queue-Id: 8F6D910000D X-Rspamd-Server: rspam10 X-Rspam-User: X-HE-Tag: 1713722608-366642 X-HE-Meta: U2FsdGVkX1/rciDAgfADegdu5dvWTki8Cl5Mt7F3Gbne9q2+gCrYFqWf4Bx7/mzCl2Ai2z2sZkPjAUc4ht9b9d8Vdx934+QxN5xSZSP5L8Cfz1uqCh0Y+Z9Ar4b939kAMr6CiDOKjUMZc84cVVfArrw9s+XuEuPqcaIfxr1gH/w84mv7uBFfd+dt55Yw8bTZ23tmoWyaDq40cRnnBAROGZ0OmKp/2ovcEDpMlDhnhH7HhJvwgEwJ41aHkGEFCLKhqRCcRnCNe9VcS1HAYNAlWbqZ8S2iC1Lr2utGb2ln4wqgvnOjbZCvAyGlcROD2Kv1mfV3fH+aQupSBiEZ7vkyLkCat+SFMxsGV0v+i8JNURp2VotkF64woCdn9RC4Mmcja9el+yRp992mZ+UYf1WcGxYuSLPHi5OoJosHdwUGna50H+eN6sue/VKn/8+GMwYnG2KqdW0JP95d15MjtSs1uzU6A1fE3rcM/upHqBzg+5ckgFOxWyoAsCFNAYnWRBQkfeLwjnOVpPQ0RRM71Ra+9HEHQ42osHn2ts3TUkR8T0UsosIjNpiJvQe21U9LnaoBSOL2H1cTfnJfi4odnjIE0DnWPfG8V9hAm4/coVMyFUjWL1bAdN2n0UeArIEeLn5L/8YEIZTj3IShiq0pNzfgQ0vK+K2v0TCbU209JCHJJu8HETQB5Yf02S1IeK8Y2j7I/D6/X/aX7Q51Fe+xqQmgL6nzUua4Fz0XZrkq6fWtr86wER0UjRKI7wefft583Z8+W7xm+Xqy4yzhSjMF16vZNXj+nrA4+oB40QNT22zGMqvzpCtRIFic5BjcegV9Xy2lZbmFGICYuvSDEEmnzpa88oZ/fA4qqrG6G0Y5+64bgl/cOdOCffhhsoijlVDkCa6bPqXe2sKmYQ37toWaVt3x+LJTTFr3h/up9ILU23Tw2hR0vCkzif3kRU3GH2a5iFHaM1JT/CKL6cPmyCkXHeZ pS69zBm3 wkeX9gWSiUlrHws8aV+HnQ3d4YVBkd7Ur3/fkTxSqUtCHZfsplCS//QWaLWglIDAWA8f5taLcnREMCcUP8nnxXYsWTpSYxxZW4pLvLbkCuAWfqRRIiff7z5ntVwZHzuilC7HgFviUfquqzQHUKeA5HLOekfOKr9y6RTFbLAp+ix41Nyj1i3O+mGBmILq0l/BeX1sFF6TRykKqCMHInEauLPDZOuozbnDb54wKjtrRJ6kl42X+TCCvdFfKj2KpskRW7uA4XL3UcUh37c7Su8Cudlqlt6ornTXWFgE4QSqBPWLua8sHGU2KwbxAj2y0CYgnGvwX+g3EFnHTsZY= X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: From: Brijesh Singh SEV-SNP VMs can ask the hypervisor to change the page state in the RMP table to be private or shared using the Page State Change MSR protocol as defined in the GHCB specification. When using gmem, private/shared memory is allocated through separate pools, and KVM relies on userspace issuing a KVM_SET_MEMORY_ATTRIBUTES KVM ioctl to tell the KVM MMU whether or not a particular GFN should be backed by private memory or not. Forward these page state change requests to userspace so that it can issue the expected KVM ioctls. The KVM MMU will handle updating the RMP entries when it is ready to map a private page into a guest. Define a new KVM_EXIT_VMGEXIT for exits of this type, and structure it so that it can be extended for other cases where VMGEXITs need some level of handling in userspace. Co-developed-by: Michael Roth Signed-off-by: Michael Roth Signed-off-by: Brijesh Singh Signed-off-by: Ashish Kalra --- Documentation/virt/kvm/api.rst | 33 +++++++++++++++++++++++++++++++ arch/x86/include/asm/sev-common.h | 6 ++++++ arch/x86/kvm/svm/sev.c | 33 +++++++++++++++++++++++++++++++ include/uapi/linux/kvm.h | 17 ++++++++++++++++ 4 files changed, 89 insertions(+) diff --git a/Documentation/virt/kvm/api.rst b/Documentation/virt/kvm/api.rst index f0b76ff5030d..4a7a2945bc78 100644 --- a/Documentation/virt/kvm/api.rst +++ b/Documentation/virt/kvm/api.rst @@ -7060,6 +7060,39 @@ Please note that the kernel is allowed to use the kvm_run structure as the primary storage for certain register types. Therefore, the kernel may use the values in kvm_run even if the corresponding bit in kvm_dirty_regs is not set. +:: + + /* KVM_EXIT_VMGEXIT */ + struct kvm_user_vmgexit { + #define KVM_USER_VMGEXIT_PSC_MSR 1 + __u32 type; /* KVM_USER_VMGEXIT_* type */ + union { + struct { + __u64 gpa; + #define KVM_USER_VMGEXIT_PSC_MSR_OP_PRIVATE 1 + #define KVM_USER_VMGEXIT_PSC_MSR_OP_SHARED 2 + __u8 op; + __u32 ret; + } psc_msr; + }; + }; + +If exit reason is KVM_EXIT_VMGEXIT then it indicates that an SEV-SNP guest +has issued a VMGEXIT instruction (as documented by the AMD Architecture +Programmer's Manual (APM)) to the hypervisor that needs to be serviced by +userspace. These are generally handled by the host kernel, but in some +cases some aspects handling a VMGEXIT are handled by userspace. + +A kvm_user_vmgexit structure is defined to encapsulate the data to be +sent to or returned by userspace. The type field defines the specific type +of exit that needs to be serviced, and that type is used as a discriminator +to determine which union type should be used for input/output. + +For the KVM_USER_VMGEXIT_PSC_MSR type, the psc_msr union type is used. The +kernel will supply the 'gpa' and 'op' fields, and userspace is expected to +update the private/shared state of the GPA using the corresponding +KVM_SET_MEMORY_ATTRIBUTES ioctl. The 'ret' field is to be set to 0 by +userpace on success, or some non-zero value on failure. 6. Capabilities that can be enabled on vCPUs ============================================ diff --git a/arch/x86/include/asm/sev-common.h b/arch/x86/include/asm/sev-common.h index 1006bfffe07a..6d68db812de1 100644 --- a/arch/x86/include/asm/sev-common.h +++ b/arch/x86/include/asm/sev-common.h @@ -101,11 +101,17 @@ enum psc_op { /* GHCBData[11:0] */ \ GHCB_MSR_PSC_REQ) +#define GHCB_MSR_PSC_REQ_TO_GFN(msr) (((msr) & GENMASK_ULL(51, 12)) >> 12) +#define GHCB_MSR_PSC_REQ_TO_OP(msr) (((msr) & GENMASK_ULL(55, 52)) >> 52) + #define GHCB_MSR_PSC_RESP 0x015 #define GHCB_MSR_PSC_RESP_VAL(val) \ /* GHCBData[63:32] */ \ (((u64)(val) & GENMASK_ULL(63, 32)) >> 32) +/* Set highest bit as a generic error response */ +#define GHCB_MSR_PSC_RESP_ERROR (BIT_ULL(63) | GHCB_MSR_PSC_RESP) + /* GHCB Hypervisor Feature Request/Response */ #define GHCB_MSR_HV_FT_REQ 0x080 #define GHCB_MSR_HV_FT_RESP 0x081 diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c index 76084e109f66..f6f54a889fde 100644 --- a/arch/x86/kvm/svm/sev.c +++ b/arch/x86/kvm/svm/sev.c @@ -3463,6 +3463,36 @@ static void set_ghcb_msr(struct vcpu_svm *svm, u64 value) svm->vmcb->control.ghcb_gpa = value; } +static int snp_complete_psc_msr(struct kvm_vcpu *vcpu) +{ + struct vcpu_svm *svm = to_svm(vcpu); + u64 vmm_ret = vcpu->run->vmgexit.psc_msr.ret; + + set_ghcb_msr(svm, (vmm_ret << 32) | GHCB_MSR_PSC_RESP); + + return 1; /* resume guest */ +} + +static int snp_begin_psc_msr(struct kvm_vcpu *vcpu, u64 ghcb_msr) +{ + u64 gpa = gfn_to_gpa(GHCB_MSR_PSC_REQ_TO_GFN(ghcb_msr)); + u8 op = GHCB_MSR_PSC_REQ_TO_OP(ghcb_msr); + struct vcpu_svm *svm = to_svm(vcpu); + + if (op != SNP_PAGE_STATE_PRIVATE && op != SNP_PAGE_STATE_SHARED) { + set_ghcb_msr(svm, GHCB_MSR_PSC_RESP_ERROR); + return 1; /* resume guest */ + } + + vcpu->run->exit_reason = KVM_EXIT_VMGEXIT; + vcpu->run->vmgexit.type = KVM_USER_VMGEXIT_PSC_MSR; + vcpu->run->vmgexit.psc_msr.gpa = gpa; + vcpu->run->vmgexit.psc_msr.op = op; + vcpu->arch.complete_userspace_io = snp_complete_psc_msr; + + return 0; /* forward request to userspace */ +} + static int sev_handle_vmgexit_msr_protocol(struct vcpu_svm *svm) { struct vmcb_control_area *control = &svm->vmcb->control; @@ -3561,6 +3591,9 @@ static int sev_handle_vmgexit_msr_protocol(struct vcpu_svm *svm) GHCB_MSR_INFO_POS); break; } + case GHCB_MSR_PSC_REQ: + ret = snp_begin_psc_msr(vcpu, control->ghcb_gpa); + break; case GHCB_MSR_TERM_REQ: { u64 reason_set, reason_code; diff --git a/include/uapi/linux/kvm.h b/include/uapi/linux/kvm.h index 2190adbe3002..54b81e46a9fa 100644 --- a/include/uapi/linux/kvm.h +++ b/include/uapi/linux/kvm.h @@ -135,6 +135,20 @@ struct kvm_xen_exit { } u; }; +struct kvm_user_vmgexit { +#define KVM_USER_VMGEXIT_PSC_MSR 1 + __u32 type; /* KVM_USER_VMGEXIT_* type */ + union { + struct { + __u64 gpa; +#define KVM_USER_VMGEXIT_PSC_MSR_OP_PRIVATE 1 +#define KVM_USER_VMGEXIT_PSC_MSR_OP_SHARED 2 + __u8 op; + __u32 ret; + } psc_msr; + }; +}; + #define KVM_S390_GET_SKEYS_NONE 1 #define KVM_S390_SKEYS_MAX 1048576 @@ -178,6 +192,7 @@ struct kvm_xen_exit { #define KVM_EXIT_NOTIFY 37 #define KVM_EXIT_LOONGARCH_IOCSR 38 #define KVM_EXIT_MEMORY_FAULT 39 +#define KVM_EXIT_VMGEXIT 40 /* For KVM_EXIT_INTERNAL_ERROR */ /* Emulate instruction failed. */ @@ -433,6 +448,8 @@ struct kvm_run { __u64 gpa; __u64 size; } memory_fault; + /* KVM_EXIT_VMGEXIT */ + struct kvm_user_vmgexit vmgexit; /* Fix the size of the union. */ char padding[256]; }; From patchwork Sun Apr 21 18:01:10 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Roth X-Patchwork-Id: 13637415 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 5FAD2C4345F for ; Sun, 21 Apr 2024 18:03:51 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id E93036B008A; Sun, 21 Apr 2024 14:03:50 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id E1B6C6B008C; Sun, 21 Apr 2024 14:03:50 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id C6E6F6B0092; Sun, 21 Apr 2024 14:03:50 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0013.hostedemail.com [216.40.44.13]) by kanga.kvack.org (Postfix) with ESMTP id A44A16B008A for ; Sun, 21 Apr 2024 14:03:50 -0400 (EDT) Received: from smtpin03.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay06.hostedemail.com (Postfix) with ESMTP id 23350A08C0 for ; Sun, 21 Apr 2024 18:03:50 +0000 (UTC) X-FDA: 82034312220.03.3B354C7 Received: from NAM11-DM6-obe.outbound.protection.outlook.com (mail-dm6nam11on2060.outbound.protection.outlook.com [40.107.223.60]) by imf14.hostedemail.com (Postfix) with ESMTP id 450C0100007 for ; Sun, 21 Apr 2024 18:03:47 +0000 (UTC) Authentication-Results: imf14.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b=JvRezQBa; arc=pass ("microsoft.com:s=arcselector9901:i=1"); spf=pass (imf14.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.223.60 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com; dmarc=pass (policy=quarantine) header.from=amd.com ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1713722627; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=Vbdpkwf3WqWD2bfPQccxax6mE79R6wo8R9w46YmoB1c=; b=yU9/sw0PUrCbJXdJpxizvSzBk9ltSCwjx4W5cUSK0sRQGXS9XEB/Mvc7S6tfxvRjOndpCK eJNN1UhPz7ME52J5hh2tXikwq7FpLiqzIHFMiaKp47L4+5M2ffwRu8+CwV0Ax36aw/8htf V1Olo+8i3HTZVzTW9dF029a74/BSdSQ= ARC-Authentication-Results: i=2; imf14.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b=JvRezQBa; arc=pass ("microsoft.com:s=arcselector9901:i=1"); spf=pass (imf14.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.223.60 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com; dmarc=pass (policy=quarantine) header.from=amd.com ARC-Seal: i=2; s=arc-20220608; d=hostedemail.com; t=1713722627; a=rsa-sha256; cv=pass; b=aCmxVmZOtU80pNaoUfycslGBfWgEsApcPGaxWusKs1Stf3BuuAOVRiXPsNJJG4dzAB/Oud 0Z55zaLnkb8YKOtDZJ36G5k+NfhIkzfaRY0M6SWUgEfHxfu/ZJguWi3lAARcWBDCVU5gn+ PjVTLU6pgRuDr8HzjBH25uYtZ1R38bs= ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=OWMZxIKKCOTyjKlMfmtFlVAhQRPa+lqPTugnaczSdFJfR0KHafuWDe/r9AnD8us+uxxUQva13zZg1n/vFt6VFl3jYcDHhQjEEZeuz8gHBP4i/+OrSshyesye2rdEB3SYOdvosmH92V7soQ+pJ01XVL94I2KeXuaZxAr/k5NuoNepG3F5/djh2C1GpVwGpqzclV3wazLpV5F+kxCGWF+qg4uxSyjPSGZIxzUuyyWZpB7Q09bGnYEvnwXsdYZfKYYsgWM8m0oxoF7fsJmGebvPP4dmI+YEztRkXJGJsmQPK7J7KkBhQY4MzGjl4faTk3PlWnp/D8U6VYr4mshr2TmweA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=Vbdpkwf3WqWD2bfPQccxax6mE79R6wo8R9w46YmoB1c=; b=SRXC3mpifNL6gN2QZS/KHNRTwT8BMtmgFDDkF+LayjFeTMbtzVYgMs+iK9xlxdHe8hvvGZeMQlmP8+7S8OJuZamIMhkniNmGWluH77G5P+ckwtznPHye2IZ6oaFP//WUeUs/Hvhoo6CCaZ1Gkd+GVvc2u+QaSp1wbcAGb0AZ+MW9T7e9WpQclJZzbf5KPMtlNfNoov76UWJgUztajH7b1d1XyvyADpS3sq+x0WTh35RIV9fHyKTqaoorQh9/kwCg0lPdLc3prG+VAb2PWR5RXHPZ4y8yL7JVu3CGLunfusSB8JATc3wyvoAhU1GBMnwVGUZisrUmIb6XA+bzNN0VAw== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none (0) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=Vbdpkwf3WqWD2bfPQccxax6mE79R6wo8R9w46YmoB1c=; b=JvRezQBaMPaWbdn4phF41P8uG8BugrQItXisyfdBeHGjsX/EgkVUsKZl8Ddf7uE0/erDs4ECBabR0CzSHrH7regxcU6CHPko1ac/7Ze0rEh082LVk7Ufad/GTqSDy8EtHLu8BAo4dmSjSEPNoAgJKUeIRJn30joYaqpEW/F1TL8= Received: from BL6PEPF00013E0E.NAMP222.PROD.OUTLOOK.COM (2603:10b6:22e:400:0:1001:0:f) by SA1PR12MB7248.namprd12.prod.outlook.com (2603:10b6:806:2be::12) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7472.44; Sun, 21 Apr 2024 18:03:43 +0000 Received: from MN1PEPF0000ECD8.namprd02.prod.outlook.com (2a01:111:f403:f902::2) by BL6PEPF00013E0E.outlook.office365.com (2603:1036:903:4::4) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7495.26 via Frontend Transport; Sun, 21 Apr 2024 18:03:43 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by MN1PEPF0000ECD8.mail.protection.outlook.com (10.167.242.137) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.7519.19 via Frontend Transport; Sun, 21 Apr 2024 18:03:43 +0000 Received: from localhost (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.35; Sun, 21 Apr 2024 13:03:42 -0500 From: Michael Roth To: CC: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , Brijesh Singh Subject: [PATCH v14 10/22] KVM: SEV: Add support to handle Page State Change VMGEXIT Date: Sun, 21 Apr 2024 13:01:10 -0500 Message-ID: <20240421180122.1650812-11-michael.roth@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20240421180122.1650812-1-michael.roth@amd.com> References: <20240421180122.1650812-1-michael.roth@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: MN1PEPF0000ECD8:EE_|SA1PR12MB7248:EE_ X-MS-Office365-Filtering-Correlation-Id: 06924529-0962-46e8-e5c1-08dc622d61d3 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: 9Mz+RDQ/eZS4yQYkTQY3DfIPzAWcH6JSWdQex/i+0YpBx9ulgiyD0lkw47o0ytsj14sY34po9GX88Mzbe5v9GMlbGA3kVk5qMigXkxHkm5UPzTIh8UGV4cj4P2AK/uDJqSrF24/giWzqLIT7hMgzq0dEpKNpId46GGIJmfl9+5AYMKKnVcFCC9zaMnFvdSNr/H+x8B3jrZ7Ldt2LwBxYqotPmsCHyMYSgk2c9bK+m9oVGUad7JVAfpc48ZeQe1Xtb/Sgskotne5J4DYfruh9RyZXhtIVLBfIJ9kMBpbn7uskh5cuV+NLeRAxNMwK91a24vI/H45S34fiy3gNf0w+Qb4uN/YQ+IIgwo7IEzaIeeNfSvH2OXZPIvkKi+Bwn2SLwjzSUWSbfWn4Ae7KMaJouz5KU6CGua5BW1ywQIvx5vbwcU9prqjKQc3pcwroljCx4TVgec6iuvZaxujfQS4D/AVSlhM+Zk7dRmvOBlOijEGwHoomno92WQIBhW8/YhfNbPKDQ/DfRtTr/2qWfDERmPQtx7IeGvwzttRSQEFOfkQHzgeEoq8FMYQsV+T3e2EQiM/Lmy4//R1YdX2xcdFHZ8zYe1OKszvTYU/O/g6ALS8pXGauuejMPk08Fcpg5nAXZodS3fUUKsJcj3AZsI2qN4epO53cu4ZIChqyNuFP1T7fQHMwx8zfh71v5XMerofKZ+kEJgZaFfi5HQgABKJxaNE4o9v/I1m8iSVfl3lg+4g3IJ01GIhp0bTl0MFH+nK3z/Bq25H4u8AiivPJK9QZE2FGWV4aF4K0qZdk4Optn/pmI+hU0QlsQ0uXdzEwZoa1TMHUQch+Bz3UNFXNqMjq/rIdgE6Bqbh7R8YBNcZRjXaDFemPDpKEgD7fF9U5gceL/MTPKY/THIHd+sJsb2/HAm3M9v1V3/OXJrwqDoCtIJ7HrwW5j+KeNk01zKTsInkFbWgIYPU1AiDwnBcY1MpVgip2vGu64Cb05eG9cw5RQFfVclkg2LVtdrwfUsR46v2+w/UQnKciWG0Pf9CgFvjRXDDCtavliayHk+hwiiJAp4hMnNJdTZY5Rlz+Os2xPVQM+AnP/+/3I0aVpLPaoYRvOs8gFofZrGr9tqe29hEVGZ/d2bgqT7CpBaaHrbzIc1kLCY8unPvpDBqMBaZJaEwlrDacNBrD6uFhEJ9k1gLeM7rJ/tmhpFBxeXdDAQtR7WvmIDAwRUAZVMd44U+DguFsH3kd47y+w6WDjBp1wxbQiPt4GTIpWOIkMWJyzg3hFr4Zpasj6Rtbkv5PYCdjQshax3qB7gZ939R7twbeNk0Db+G/fj4IwOHWlq9/dld4826z/xd2u76DLNigmf5mOulQ4GxIa7X3MrQdEz6rk8KVurc= X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230031)(376005)(1800799015)(7416005)(36860700004)(82310400014);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 21 Apr 2024 18:03:43.3626 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 06924529-0962-46e8-e5c1-08dc622d61d3 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: MN1PEPF0000ECD8.namprd02.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: SA1PR12MB7248 X-Rspamd-Queue-Id: 450C0100007 X-Stat-Signature: t8x7peop3hgbwo456ib7oysfd6sip85a X-Rspam-User: X-Rspamd-Server: rspam07 X-HE-Tag: 1713722627-862792 X-HE-Meta: U2FsdGVkX1/GQxHTLrIlIkriiWZHowBmmwq0hmUXNUg+ObU+CKYWTczFrtNAnJi4blCwL9zvrBebCbXss2y7fVFubJZeMxn/D5ns5ckYwZvYELJj775we1UmWos40q5CQTrq3AB14DC3zGShKFswKEZGwkabg2zjyR0aknAnEGmJ4XB73RO4pIAaoUQJeCfhbGu8NM362IsACTCWcWP+us6Km32XrWJQrbHYx9UROMimfORe9MlKXhcEr2V2jU0IxywhIVS0MnJVGaWhrMKufdPZpJIsf/VJ2cFTibO+RbzjUTVFgwuhctwQZAggBeP4drY04MDWOVjeZcU6XfAG/w7YoqVEv3lqtPg+ijLsjOknEXGmQWXLdrUaoeueINY0dNlh/4M+Aztmfl2xx/BuruyX8/DmlL6PBsfShc1obJsRFOtZUbOfERb14XnIu5hlDW2expWSjP+ponU7xsQzxXC97FkGTvM5APtLoQ1ZDGtTGSxKpuY3bSNnwqHM+uPST+XcCKt90ZHJmFRbO7Fff6+Pz9fKTnqLIXTFGRUw/ogg0AsPDowm4njx/xJXGiCVmdnKjSyRkHU3FXDYejd/wDA14RXh+KTrh9bb45t+tp3JIjwdh/vivpwPxSbBj0/ZjvJ13vsRVbelVBuNLRGHIB75Af6iIC3Yik20l0yqM1R9/yHfX50S1o43f8W6Fz6xsm3L5FM752WCMhAFavrakCl4nt3vGSftIhHPl+W9D/nuB5JV2MPo8ta7d//WzlHExlKcuQcxWhTIISBnahMneZ7eHrSeQkw9GUR3oA4tW89+qvoY44afRJp3KBT0QNMkG1NxjH7ffxYIFk1cAtfFOO1fIkUS/eKC+hn0TXfRrmuDQi/dfS/oWrhrl0NU/BMsJNiEHMi+4eKY9bclI+trBzHySV3FRaeVMgnJi6wC9vJq9nZ8Fc8VAB2JLpVE5WPdrX+2i45AbQPgVYzgzPE +P+dWoid SdSOFn1R8/h8piTC4gtfjKyDhSTHlsWk6B7Jzh7Zz0sc31DNXM+FPLgJtooHkTmHAGxpVvmgh5ymCOAjaWahR0pkt+bwDFRW9p5SpuddlTKcDohFNQdf69eGg6rdd9hJd1kexWkyE7AWg+tti+kolc/aP2PSyszhs7QHawDp7IoWoIORznPeUbAL0W+H7TRdGBPkl6Coq+buw0+aGA4PHi0CbEjB/3Unk3Y/bZPOonUniVfNBDvMnBq/5UZCqtxqYEPEYGtS9zzrjcBYhbAIyoE4AhQ820axli5DnD7wm5XnymZyXZac7Wafrs4+mjpsB2qque/aCzhbmZ88= X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: From: Brijesh Singh SEV-SNP VMs can ask the hypervisor to change the page state in the RMP table to be private or shared using the Page State Change NAE event as defined in the GHCB specification version 2. Forward these requests to userspace as KVM_EXIT_VMGEXITs, similar to how it is done for requests that don't use a GHCB page. Co-developed-by: Michael Roth Signed-off-by: Michael Roth Signed-off-by: Brijesh Singh Signed-off-by: Ashish Kalra --- Documentation/virt/kvm/api.rst | 14 ++++++++++++++ arch/x86/kvm/svm/sev.c | 16 ++++++++++++++++ include/uapi/linux/kvm.h | 5 +++++ 3 files changed, 35 insertions(+) diff --git a/Documentation/virt/kvm/api.rst b/Documentation/virt/kvm/api.rst index 4a7a2945bc78..85099198a10f 100644 --- a/Documentation/virt/kvm/api.rst +++ b/Documentation/virt/kvm/api.rst @@ -7065,6 +7065,7 @@ values in kvm_run even if the corresponding bit in kvm_dirty_regs is not set. /* KVM_EXIT_VMGEXIT */ struct kvm_user_vmgexit { #define KVM_USER_VMGEXIT_PSC_MSR 1 + #define KVM_USER_VMGEXIT_PSC 2 __u32 type; /* KVM_USER_VMGEXIT_* type */ union { struct { @@ -7074,9 +7075,14 @@ values in kvm_run even if the corresponding bit in kvm_dirty_regs is not set. __u8 op; __u32 ret; } psc_msr; + struct { + __u64 shared_gpa; + __u64 ret; + } psc; }; }; + If exit reason is KVM_EXIT_VMGEXIT then it indicates that an SEV-SNP guest has issued a VMGEXIT instruction (as documented by the AMD Architecture Programmer's Manual (APM)) to the hypervisor that needs to be serviced by @@ -7094,6 +7100,14 @@ update the private/shared state of the GPA using the corresponding KVM_SET_MEMORY_ATTRIBUTES ioctl. The 'ret' field is to be set to 0 by userpace on success, or some non-zero value on failure. +For the KVM_USER_VMGEXIT_PSC type, the psc union type is used. The kernel +will supply the GPA of the Page State Structure defined in the GHCB spec. +Userspace will process this structure as defined by the GHCB, and issue +KVM_SET_MEMORY_ATTRIBUTES ioctls to set the GPAs therein to the expected +private/shared state. Userspace will return a value in 'ret' that is in +agreement with the GHCB-defined return values that the guest will expect +in the SW_EXITINFO2 field of the GHCB in response to these requests. + 6. Capabilities that can be enabled on vCPUs ============================================ diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c index f6f54a889fde..e9519af8f14c 100644 --- a/arch/x86/kvm/svm/sev.c +++ b/arch/x86/kvm/svm/sev.c @@ -3275,6 +3275,7 @@ static int sev_es_validate_vmgexit(struct vcpu_svm *svm) case SVM_VMGEXIT_AP_JUMP_TABLE: case SVM_VMGEXIT_UNSUPPORTED_EVENT: case SVM_VMGEXIT_HV_FEATURES: + case SVM_VMGEXIT_PSC: break; default: reason = GHCB_ERR_INVALID_EVENT; @@ -3493,6 +3494,15 @@ static int snp_begin_psc_msr(struct kvm_vcpu *vcpu, u64 ghcb_msr) return 0; /* forward request to userspace */ } +static int snp_complete_psc(struct kvm_vcpu *vcpu) +{ + struct vcpu_svm *svm = to_svm(vcpu); + + ghcb_set_sw_exit_info_2(svm->sev_es.ghcb, vcpu->run->vmgexit.psc.ret); + + return 1; /* resume guest */ +} + static int sev_handle_vmgexit_msr_protocol(struct vcpu_svm *svm) { struct vmcb_control_area *control = &svm->vmcb->control; @@ -3730,6 +3740,12 @@ int sev_handle_vmgexit(struct kvm_vcpu *vcpu) ret = 1; break; + case SVM_VMGEXIT_PSC: + vcpu->run->exit_reason = KVM_EXIT_VMGEXIT; + vcpu->run->vmgexit.type = KVM_USER_VMGEXIT_PSC; + vcpu->run->vmgexit.psc.shared_gpa = svm->sev_es.sw_scratch; + vcpu->arch.complete_userspace_io = snp_complete_psc; + break; case SVM_VMGEXIT_UNSUPPORTED_EVENT: vcpu_unimpl(vcpu, "vmgexit: unsupported event - exit_info_1=%#llx, exit_info_2=%#llx\n", diff --git a/include/uapi/linux/kvm.h b/include/uapi/linux/kvm.h index 54b81e46a9fa..e33c48bfbd67 100644 --- a/include/uapi/linux/kvm.h +++ b/include/uapi/linux/kvm.h @@ -137,6 +137,7 @@ struct kvm_xen_exit { struct kvm_user_vmgexit { #define KVM_USER_VMGEXIT_PSC_MSR 1 +#define KVM_USER_VMGEXIT_PSC 2 __u32 type; /* KVM_USER_VMGEXIT_* type */ union { struct { @@ -146,6 +147,10 @@ struct kvm_user_vmgexit { __u8 op; __u32 ret; } psc_msr; + struct { + __u64 shared_gpa; + __u64 ret; + } psc; }; }; From patchwork Sun Apr 21 18:01:11 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Roth X-Patchwork-Id: 13637417 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id A8B14C4345F for ; Sun, 21 Apr 2024 18:04:36 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 3BEF56B0095; Sun, 21 Apr 2024 14:04:36 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 36E066B0096; Sun, 21 Apr 2024 14:04:36 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 19A186B0098; Sun, 21 Apr 2024 14:04:36 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0013.hostedemail.com [216.40.44.13]) by kanga.kvack.org (Postfix) with ESMTP id EC3936B0095 for ; Sun, 21 Apr 2024 14:04:35 -0400 (EDT) Received: from smtpin05.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay02.hostedemail.com (Postfix) with ESMTP id A828A120995 for ; Sun, 21 Apr 2024 18:04:35 +0000 (UTC) X-FDA: 82034314110.05.64DBD21 Received: from NAM10-DM6-obe.outbound.protection.outlook.com (mail-dm6nam10on2069.outbound.protection.outlook.com [40.107.93.69]) by imf29.hostedemail.com (Postfix) with ESMTP id AE0E612000A for ; Sun, 21 Apr 2024 18:04:32 +0000 (UTC) Authentication-Results: imf29.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b=ZUcRjb8b; spf=pass (imf29.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.93.69 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com; dmarc=pass (policy=quarantine) header.from=amd.com; arc=pass ("microsoft.com:s=arcselector9901:i=1") ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1713722672; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=6eik/hCULgEHAtiA7GJPxEV3QNjFxNvc8fyzTC/iuEI=; b=me0m6eXKnZ1DFQ0mY3zputaUKLVV34kZ9ar8cuujAEA6ZGbmAaUHtDN3TGiId2VdOPvSjM kapv4VArWIoI3l6r1eJjRVbEwfgy/99dpi6+B7ICGYZbXA7OYXw75Azfeclk33/LabM7LU 8fnXmsK1e7dIDwJi3tRCylGatCrEzjk= ARC-Seal: i=2; s=arc-20220608; d=hostedemail.com; t=1713722672; a=rsa-sha256; cv=pass; b=SBLk0RqxigAvaeHouY3UEzT+VQm+oORRanGSOUjb2IyCw27w6q0uBYCiKr+uhr9E9epq62 r9MTRyui3KBMvRJGuSV5SSAzBFf+Y3uZTI1r/BYcRv7JrSUD2lYx5dy2jlIkWyP3c0Y6vX fC2adJg2KQy1kiPsiQopxQmfiE26JQs= ARC-Authentication-Results: i=2; imf29.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b=ZUcRjb8b; spf=pass (imf29.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.93.69 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com; dmarc=pass (policy=quarantine) header.from=amd.com; arc=pass ("microsoft.com:s=arcselector9901:i=1") ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=FLWNP107Hb+pdSEQTAwNrEU/evH11zYMeffdOgxk0TWVS9zS6IwAq4E0bj1yxWXCSktMCPfIMfLpUgq6xs98lWXVM5T2FIApFWuQWBUsS97tME9Zyr9z73yGbNQpSbfmaMkCxz0Gz3UyU4vt1oUnar1lzEIwMowCjQe8HSMmkM/Mr6UkkMAPMRtdyItE5rnZVS9CdsGRwdhQ7eNJuoEHqE8PjND2JPl79eXDDhw3ExpkOmL/qy/duMjh5AHJZw+0/3CCGz1kxZbVbWYY+g8ENaW3SyzTn4IrX5NX2SZCF7lhSsmyEtVPXMsq4PmwqrOkJ4xjpMSQlhg+yhPUfxrdLQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=6eik/hCULgEHAtiA7GJPxEV3QNjFxNvc8fyzTC/iuEI=; b=X/pdyCgt4shTyzNskb2HcUZ17HQuJxf/6XyhIzl9waZqZI65l5V1y/z9O1HYyejOKdXkKNHXI79fKSYRtMiMiNKhNUn4XIssUmz2uhQrOFMMNRqq0NJDmej4/BosXzuZPoQHoCUBgMNcIcKcKftb5A1xrFG+TujSAQiW6VnifoPLVzJl/tmwYZzOCVOiclni501ajWK9X8GSmNnk8BX0JvRXCJIBoxFqCoAlkZtzuMNJ1xgxc2KzytgToBg+zC+u1jDRBKvcgX4ZDwMGaogAOkJamp4d/gaxhWGCFm8OO3F3uik9NouK+i6zWLOXcJQwh0xQiJJbuTlZEYQCgmjnog== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none (0) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=6eik/hCULgEHAtiA7GJPxEV3QNjFxNvc8fyzTC/iuEI=; b=ZUcRjb8bWrj3iAag0Q9JPHbXQ3Ds/z2PdEjSKJgTJN0nerIkZ4Ve1BH551AfjUCk7VqNaUZ+tysPqX+j6iBhwknRknHlBzFVHJ4Ni+/+M4ONH4wwPi4HxV03MKiEcMoNdEhvjSw4SzpMTioN90P9jVuX57a62v/T/pgA3rHpxu8= Received: from MN2PR11CA0025.namprd11.prod.outlook.com (2603:10b6:208:23b::30) by SJ2PR12MB7963.namprd12.prod.outlook.com (2603:10b6:a03:4c1::6) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7472.44; Sun, 21 Apr 2024 18:04:26 +0000 Received: from MN1PEPF0000ECD8.namprd02.prod.outlook.com (2603:10b6:208:23b:cafe::ff) by MN2PR11CA0025.outlook.office365.com (2603:10b6:208:23b::30) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7495.33 via Frontend Transport; Sun, 21 Apr 2024 18:04:26 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by MN1PEPF0000ECD8.mail.protection.outlook.com (10.167.242.137) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.7519.19 via Frontend Transport; Sun, 21 Apr 2024 18:04:26 +0000 Received: from localhost (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.35; Sun, 21 Apr 2024 13:04:25 -0500 From: Michael Roth To: CC: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , Brijesh Singh Subject: [PATCH v14 11/22] KVM: SEV: Add support to handle RMP nested page faults Date: Sun, 21 Apr 2024 13:01:11 -0500 Message-ID: <20240421180122.1650812-12-michael.roth@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20240421180122.1650812-1-michael.roth@amd.com> References: <20240421180122.1650812-1-michael.roth@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: MN1PEPF0000ECD8:EE_|SJ2PR12MB7963:EE_ X-MS-Office365-Filtering-Correlation-Id: 8e62e364-3328-48e9-83df-08dc622d7b45 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: yirHvShTIwlR3MvxRmYd8yCGKgCPQX2PE0kY9lH00m4zWFBb7Y3KKK864NyHht4EVLpGpKBl2JfzO+KbMLRVNXQBMZ2bxPB4kBona1tRp72w9vfKSy4DuKX5/JXwm4MNh5N4T3D2a4RkI8nE6RISYUJtap+4Ai9iw9YHbZzHPIFJ/+ofjYG82V5l8wcDkDy3jfp9iJA2GNS2RECq/dGiA+bRq+aYAYO6RXltkOScJZ9kCs8y6pdNSJ4wQL8xGklhDRg/WeKJggiW08UV68dv6Rh7M0OiJjJ8/IbYMUGdJYWsCEA3WaRANkHA7pn06DogcXS2w4Y+B2UkIWE50eu5ydz9wOyhJN8rBW51YdJZYYqnyYUtfcPxlI4ONX1NbIyXGkmrDC+1w8UjBPV73JjTST5n3YLkVbKjulrXvZK+Z2XZobcUzoOJFayMwVcxvQnio5L4b5Tk3f/TEiVq6hvUh9P0i5AgB/1GZQedFongzTB/X9QLgfZjRTUbyluB7nk73yD4Vri+eHbChb9X1CTIvkMH6eE8S+G0ZaMBUxzbOLxqo+q8HJD5ye+eRsHHbyAX2q4tMdnEKbDnYzzUE2uGP3VJ8H6y2KjEu3SrElp9xQm2cYYLfUWBQxGKcTZDynm1jzBh1ZBWnQ3lKEWDdBjAQGIAJ+ooGontctz0gjsOEV0uA8YvmpsNIVV+oSxXREReNRtJ7sWe58gNIkhOOykqtKIqoQIJ3VZwqhu/b0k/Py62W8bNNiY2JKxlBFr0UFpYiMwfk64tvTZn8g6gQmAOdv6oIPyOpSsl0Z2yCfas5Sh7brbYAFKWfmjD3I0xJKlh2BCrH5P1U5zvAOJYS9i5PriTDtwJa9TrkhLw+s1J321JsRItFuHxBXHn6MhbXWhzx+nHqax6y+hKYHD2dZ0GPPgrfX5Rrymnw7qEgt3Emqr69GMqaII7OYqM21qR3BHC9oTXw7LX2kuTRoftW7LQKRsnFKuCZscUY2Z8e5/ZD6YRypVjnsoJskiX3n7vg/YN/HdT0UhZ8ANfcUPlshlhQSalQgkL1e+uV97Y6DYKVhQdwWqPX5am9/bRE8ZEqP9PiHkvhF/qRtEezx5SmCObjHz3EReVS9OAKIq+doPu3bnnW6PR8TXrJi76l8y2OChLKPBlRy2cFDiXaAlMjxnavzKm68XVWFGbJDs5SQApkgYwBTd8j1zZVhF0XJa+84fxXF8E9mukFSBY3yN5l76CHN4CN9xEJWAoW+I8OHRcwsFh+Q1ri76o1zbi2+oKrN1ycyfeJWdRPOozI/iRRBIFIEOiIwZJVXq2ZuZVGmrkF1shJJafG3vg+2akYIdGvACTXfXic7ky43ZnMwKl4iLliX3E9qOo7B0CCv9+hQXEyOqQ96FvSbUtCni7dBVN6lvx X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230031)(7416005)(82310400014)(376005)(1800799015)(36860700004);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 21 Apr 2024 18:04:26.0346 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 8e62e364-3328-48e9-83df-08dc622d7b45 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: MN1PEPF0000ECD8.namprd02.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: SJ2PR12MB7963 X-Rspamd-Server: rspam01 X-Rspamd-Queue-Id: AE0E612000A X-Stat-Signature: rcaows4mqe6eyxuxmg1pehta8bsyj3sh X-Rspam-User: X-HE-Tag: 1713722672-396635 X-HE-Meta: U2FsdGVkX18aEt89AbuKPWTEhSlkpkC3n6z5RungBdmNCIZCRlKx0RFJwvGXv6IMfDws4/n+sI3jUopxhWBQzqLbiv54KQbsBuqKfW1+RKdSPzBJkNZBW2rJ7okuA/1+U5wLQjfuQjrg26YGNYJX0J6lW8tjmrnGcNVd5msZcWKV7zVHZAuawVSOZwWs8Z0UuvxQ/M5yL4JXbujvggwG1i/M3tzJUavtCzgHHNoYEnlvPuhY4IU+jlJkwoFmGsFHgcSn6dSwjviNEooRLCUeeBqDxH5/1pholQoeYoblzQAGYu4QrfsdgOT2KO629Q0V6KM4/xqw1ADO2EcSds+w5g/Sfwg8gXbd5iHEH328v2ZGezQJZXlGe6NK/Jt4IQXPctCP7B87O21O+5m1NjkbWdHQSJhM3VylggUQCVQpwd1j/m2PZMIbI+xNGNEJszpzKy6sSWVE0fjWnutvqTl7jhtgxJxo1wa+/b+DDQryDac1WBeQRGppH74xOVFvBHKUKbES7o/dj3377Z5h3TkU8AMhVB770UEGDvjn78JrzktWwJkODeGmYOch8xNZ4zt+cko8foqVsXvKov2gyKY53y8LNlPHUa3Ff5xsGNchOPPeAn+tttzp4WN86G+ce+EfDVVABnzNZHysWlT2D5NNCN1hDGbObiR3c3w0YkxfUwNO3hvURCer214ZdnZ3itfKHc5B6tAbfasP0Z6YxwNG8MuV23T7IOr05znd+m01tW0AbXg1+QAlIyahkexF2MBSpYCOLGsxD61fGoqhhTL9Ylm763++i8KfM1utWqr7TaNTdzgBCdcNVa5Qy1t1pjkx5iVGXfvbd1DdskinELKvbN9s0OEoYyNvaprzISoIOf1ch3T+B4y+i+EWZzoVhUOs0cIPxh1HKi3kqMY//Rbsfxh5ME1qhEFtDrH4q1gHJRXrOiSegfHrnDZZMlDVmxOIL/WrPfNiHNhepTj5DvP XeICZKaT FWlOgUR3P0YupeYaVIBi0Bnshhu9Wx8IJ/D+tmT25Etn59gJUulNTSa3uY42xxT2rth/UsRFoxRiKNXzkzJOKL21O15kb1YglBRs8FCjWxOjdEJXYlmqgjT/9G24s9NJYrz07t36ysXnLYplMbCxzbzz/nTx1CRq8Ps8Z617CxH8rhrH4ebKoGgBUqB5/0skA8qBF7wIhzkJ1RcDLpKSmPM3REBZ2xoXbfBVhFxfKyfe5BfdeGYMSGJVMzizOY2OEfYwOdrLxmA3sRL9KFsnKQUQNvBoha10plYHCWV0Hmtm7a7dM3liP5qCGO1m8lh4VLcEjS70+6ynoL1E= X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: From: Brijesh Singh When SEV-SNP is enabled in the guest, the hardware places restrictions on all memory accesses based on the contents of the RMP table. When hardware encounters RMP check failure caused by the guest memory access it raises the #NPF. The error code contains additional information on the access type. See the APM volume 2 for additional information. When using gmem, RMP faults resulting from mismatches between the state in the RMP table vs. what the guest expects via its page table result in KVM_EXIT_MEMORY_FAULTs being forwarded to userspace to handle. This means the only expected case that needs to be handled in the kernel is when the page size of the entry in the RMP table is larger than the mapping in the nested page table, in which case a PSMASH instruction needs to be issued to split the large RMP entry into individual 4K entries so that subsequent accesses can succeed. Signed-off-by: Brijesh Singh Co-developed-by: Michael Roth Signed-off-by: Michael Roth Signed-off-by: Ashish Kalra --- arch/x86/include/asm/kvm_host.h | 1 + arch/x86/include/asm/sev.h | 3 + arch/x86/kvm/mmu.h | 2 - arch/x86/kvm/mmu/mmu.c | 1 + arch/x86/kvm/svm/sev.c | 109 ++++++++++++++++++++++++++++++++ arch/x86/kvm/svm/svm.c | 21 ++++-- arch/x86/kvm/svm/svm.h | 3 + arch/x86/kvm/trace.h | 31 +++++++++ arch/x86/kvm/x86.c | 1 + 9 files changed, 166 insertions(+), 6 deletions(-) diff --git a/arch/x86/include/asm/kvm_host.h b/arch/x86/include/asm/kvm_host.h index 4c9d8a22840a..90f0de2b8645 100644 --- a/arch/x86/include/asm/kvm_host.h +++ b/arch/x86/include/asm/kvm_host.h @@ -1945,6 +1945,7 @@ void kvm_mmu_slot_leaf_clear_dirty(struct kvm *kvm, const struct kvm_memory_slot *memslot); void kvm_mmu_invalidate_mmio_sptes(struct kvm *kvm, u64 gen); void kvm_mmu_change_mmu_pages(struct kvm *kvm, unsigned long kvm_nr_mmu_pages); +void kvm_zap_gfn_range(struct kvm *kvm, gfn_t gfn_start, gfn_t gfn_end); int load_pdptrs(struct kvm_vcpu *vcpu, unsigned long cr3); diff --git a/arch/x86/include/asm/sev.h b/arch/x86/include/asm/sev.h index 7f57382afee4..3a06f06b847a 100644 --- a/arch/x86/include/asm/sev.h +++ b/arch/x86/include/asm/sev.h @@ -91,6 +91,9 @@ extern bool handle_vc_boot_ghcb(struct pt_regs *regs); /* RMUPDATE detected 4K page and 2MB page overlap. */ #define RMPUPDATE_FAIL_OVERLAP 4 +/* PSMASH failed due to concurrent access by another CPU */ +#define PSMASH_FAIL_INUSE 3 + /* RMP page size */ #define RMP_PG_SIZE_4K 0 #define RMP_PG_SIZE_2M 1 diff --git a/arch/x86/kvm/mmu.h b/arch/x86/kvm/mmu.h index 2343c9f00e31..e3cb35b9396d 100644 --- a/arch/x86/kvm/mmu.h +++ b/arch/x86/kvm/mmu.h @@ -251,8 +251,6 @@ static inline bool kvm_mmu_honors_guest_mtrrs(struct kvm *kvm) return __kvm_mmu_honors_guest_mtrrs(kvm_arch_has_noncoherent_dma(kvm)); } -void kvm_zap_gfn_range(struct kvm *kvm, gfn_t gfn_start, gfn_t gfn_end); - int kvm_arch_write_log_dirty(struct kvm_vcpu *vcpu); int kvm_mmu_post_init_vm(struct kvm *kvm); diff --git a/arch/x86/kvm/mmu/mmu.c b/arch/x86/kvm/mmu/mmu.c index eebb1562c5bc..b6d0aa18b72b 100644 --- a/arch/x86/kvm/mmu/mmu.c +++ b/arch/x86/kvm/mmu/mmu.c @@ -6752,6 +6752,7 @@ static bool kvm_mmu_zap_collapsible_spte(struct kvm *kvm, return need_tlb_flush; } +EXPORT_SYMBOL_GPL(kvm_zap_gfn_range); static void kvm_rmap_zap_collapsible_sptes(struct kvm *kvm, const struct kvm_memory_slot *slot) diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c index e9519af8f14c..65882033a82f 100644 --- a/arch/x86/kvm/svm/sev.c +++ b/arch/x86/kvm/svm/sev.c @@ -3464,6 +3464,23 @@ static void set_ghcb_msr(struct vcpu_svm *svm, u64 value) svm->vmcb->control.ghcb_gpa = value; } +static int snp_rmptable_psmash(kvm_pfn_t pfn) +{ + int ret; + + pfn = pfn & ~(KVM_PAGES_PER_HPAGE(PG_LEVEL_2M) - 1); + + /* + * PSMASH_FAIL_INUSE indicates another processor is modifying the + * entry, so retry until that's no longer the case. + */ + do { + ret = psmash(pfn); + } while (ret == PSMASH_FAIL_INUSE); + + return ret; +} + static int snp_complete_psc_msr(struct kvm_vcpu *vcpu) { struct vcpu_svm *svm = to_svm(vcpu); @@ -4023,3 +4040,95 @@ struct page *snp_safe_alloc_page(struct kvm_vcpu *vcpu) return p; } + +void sev_handle_rmp_fault(struct kvm_vcpu *vcpu, gpa_t gpa, u64 error_code) +{ + struct kvm_memory_slot *slot; + struct kvm *kvm = vcpu->kvm; + int order, rmp_level, ret; + bool assigned; + kvm_pfn_t pfn; + gfn_t gfn; + + gfn = gpa >> PAGE_SHIFT; + + /* + * The only time RMP faults occur for shared pages is when the guest is + * triggering an RMP fault for an implicit page-state change from + * shared->private. Implicit page-state changes are forwarded to + * userspace via KVM_EXIT_MEMORY_FAULT events, however, so RMP faults + * for shared pages should not end up here. + */ + if (!kvm_mem_is_private(kvm, gfn)) { + pr_warn_ratelimited("SEV: Unexpected RMP fault for non-private GPA 0x%llx\n", + gpa); + return; + } + + slot = gfn_to_memslot(kvm, gfn); + if (!kvm_slot_can_be_private(slot)) { + pr_warn_ratelimited("SEV: Unexpected RMP fault, non-private slot for GPA 0x%llx\n", + gpa); + return; + } + + ret = kvm_gmem_get_pfn(kvm, slot, gfn, &pfn, &order); + if (ret) { + pr_warn_ratelimited("SEV: Unexpected RMP fault, no backing page for private GPA 0x%llx\n", + gpa); + return; + } + + ret = snp_lookup_rmpentry(pfn, &assigned, &rmp_level); + if (ret || !assigned) { + pr_warn_ratelimited("SEV: Unexpected RMP fault, no assigned RMP entry found for GPA 0x%llx PFN 0x%llx error %d\n", + gpa, pfn, ret); + goto out_no_trace; + } + + /* + * There are 2 cases where a PSMASH may be needed to resolve an #NPF + * with PFERR_GUEST_RMP_BIT set: + * + * 1) RMPADJUST/PVALIDATE can trigger an #NPF with PFERR_GUEST_SIZEM + * bit set if the guest issues them with a smaller granularity than + * what is indicated by the page-size bit in the 2MB RMP entry for + * the PFN that backs the GPA. + * + * 2) Guest access via NPT can trigger an #NPF if the NPT mapping is + * smaller than what is indicated by the 2MB RMP entry for the PFN + * that backs the GPA. + * + * In both these cases, the corresponding 2M RMP entry needs to + * be PSMASH'd to 512 4K RMP entries. If the RMP entry is already + * split into 4K RMP entries, then this is likely a spurious case which + * can occur when there are concurrent accesses by the guest to a 2MB + * GPA range that is backed by a 2MB-aligned PFN who's RMP entry is in + * the process of being PMASH'd into 4K entries. These cases should + * resolve automatically on subsequent accesses, so just ignore them + * here. + */ + if (rmp_level == PG_LEVEL_4K) + goto out; + + ret = snp_rmptable_psmash(pfn); + if (ret) { + /* + * Look it up again. If it's 4K now then the PSMASH may have + * raced with another process and the issue has already resolved + * itself. + */ + if (!snp_lookup_rmpentry(pfn, &assigned, &rmp_level) && + assigned && rmp_level == PG_LEVEL_4K) + goto out; + + pr_warn_ratelimited("SEV: Unable to split RMP entry for GPA 0x%llx PFN 0x%llx ret %d\n", + gpa, pfn, ret); + } + + kvm_zap_gfn_range(kvm, gfn, gfn + PTRS_PER_PMD); +out: + trace_kvm_rmp_fault(vcpu, gpa, pfn, error_code, rmp_level, ret); +out_no_trace: + put_page(pfn_to_page(pfn)); +} diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c index 422b452fbc3b..7c9807fdafc3 100644 --- a/arch/x86/kvm/svm/svm.c +++ b/arch/x86/kvm/svm/svm.c @@ -2043,6 +2043,7 @@ static int pf_interception(struct kvm_vcpu *vcpu) static int npf_interception(struct kvm_vcpu *vcpu) { struct vcpu_svm *svm = to_svm(vcpu); + int rc; u64 fault_address = svm->vmcb->control.exit_info_2; u64 error_code = svm->vmcb->control.exit_info_1; @@ -2060,10 +2061,22 @@ static int npf_interception(struct kvm_vcpu *vcpu) error_code |= PFERR_PRIVATE_ACCESS; trace_kvm_page_fault(vcpu, fault_address, error_code); - return kvm_mmu_page_fault(vcpu, fault_address, error_code, - static_cpu_has(X86_FEATURE_DECODEASSISTS) ? - svm->vmcb->control.insn_bytes : NULL, - svm->vmcb->control.insn_len); + rc = kvm_mmu_page_fault(vcpu, fault_address, error_code, + static_cpu_has(X86_FEATURE_DECODEASSISTS) ? + svm->vmcb->control.insn_bytes : NULL, + svm->vmcb->control.insn_len); + + /* + * rc == 0 indicates a userspace exit is needed to handle page + * transitions, so do that first before updating the RMP table. + */ + if (error_code & PFERR_GUEST_RMP_MASK) { + if (rc == 0) + return rc; + sev_handle_rmp_fault(vcpu, fault_address, error_code); + } + + return rc; } static int db_interception(struct kvm_vcpu *vcpu) diff --git a/arch/x86/kvm/svm/svm.h b/arch/x86/kvm/svm/svm.h index 730f5ced2a2e..d2b0ec27d4fe 100644 --- a/arch/x86/kvm/svm/svm.h +++ b/arch/x86/kvm/svm/svm.h @@ -722,6 +722,7 @@ void sev_hardware_unsetup(void); int sev_cpu_init(struct svm_cpu_data *sd); int sev_dev_get_attr(u32 group, u64 attr, u64 *val); extern unsigned int max_sev_asid; +void sev_handle_rmp_fault(struct kvm_vcpu *vcpu, gpa_t gpa, u64 error_code); #else static inline struct page *snp_safe_alloc_page(struct kvm_vcpu *vcpu) { return alloc_page(GFP_KERNEL_ACCOUNT | __GFP_ZERO); @@ -735,6 +736,8 @@ static inline void sev_hardware_unsetup(void) {} static inline int sev_cpu_init(struct svm_cpu_data *sd) { return 0; } static inline int sev_dev_get_attr(u32 group, u64 attr, u64 *val) { return -ENXIO; } #define max_sev_asid 0 +static inline void sev_handle_rmp_fault(struct kvm_vcpu *vcpu, gpa_t gpa, u64 error_code) {} + #endif /* vmenter.S */ diff --git a/arch/x86/kvm/trace.h b/arch/x86/kvm/trace.h index c6b4b1728006..3531a187d5d9 100644 --- a/arch/x86/kvm/trace.h +++ b/arch/x86/kvm/trace.h @@ -1834,6 +1834,37 @@ TRACE_EVENT(kvm_vmgexit_msr_protocol_exit, __entry->vcpu_id, __entry->ghcb_gpa, __entry->result) ); +/* + * Tracepoint for #NPFs due to RMP faults. + */ +TRACE_EVENT(kvm_rmp_fault, + TP_PROTO(struct kvm_vcpu *vcpu, u64 gpa, u64 pfn, u64 error_code, + int rmp_level, int psmash_ret), + TP_ARGS(vcpu, gpa, pfn, error_code, rmp_level, psmash_ret), + + TP_STRUCT__entry( + __field(unsigned int, vcpu_id) + __field(u64, gpa) + __field(u64, pfn) + __field(u64, error_code) + __field(int, rmp_level) + __field(int, psmash_ret) + ), + + TP_fast_assign( + __entry->vcpu_id = vcpu->vcpu_id; + __entry->gpa = gpa; + __entry->pfn = pfn; + __entry->error_code = error_code; + __entry->rmp_level = rmp_level; + __entry->psmash_ret = psmash_ret; + ), + + TP_printk("vcpu %u gpa %016llx pfn 0x%llx error_code 0x%llx rmp_level %d psmash_ret %d", + __entry->vcpu_id, __entry->gpa, __entry->pfn, + __entry->error_code, __entry->rmp_level, __entry->psmash_ret) +); + #endif /* _TRACE_KVM_H */ #undef TRACE_INCLUDE_PATH diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c index 83b8260443a3..14693effec6b 100644 --- a/arch/x86/kvm/x86.c +++ b/arch/x86/kvm/x86.c @@ -13996,6 +13996,7 @@ EXPORT_TRACEPOINT_SYMBOL_GPL(kvm_vmgexit_enter); EXPORT_TRACEPOINT_SYMBOL_GPL(kvm_vmgexit_exit); EXPORT_TRACEPOINT_SYMBOL_GPL(kvm_vmgexit_msr_protocol_enter); EXPORT_TRACEPOINT_SYMBOL_GPL(kvm_vmgexit_msr_protocol_exit); +EXPORT_TRACEPOINT_SYMBOL_GPL(kvm_rmp_fault); static int __init kvm_x86_init(void) { From patchwork Sun Apr 21 18:01:12 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Roth X-Patchwork-Id: 13637418 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 8D84EC4345F for ; Sun, 21 Apr 2024 18:04:57 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 19C566B0098; Sun, 21 Apr 2024 14:04:57 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 14BA86B0099; Sun, 21 Apr 2024 14:04:57 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id EBD046B009A; Sun, 21 Apr 2024 14:04:56 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0013.hostedemail.com [216.40.44.13]) by kanga.kvack.org (Postfix) with ESMTP id CA1996B0098 for ; Sun, 21 Apr 2024 14:04:56 -0400 (EDT) Received: from smtpin07.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay08.hostedemail.com (Postfix) with ESMTP id 80CB5140A77 for ; Sun, 21 Apr 2024 18:04:56 +0000 (UTC) X-FDA: 82034314992.07.EB37408 Received: from NAM02-BN1-obe.outbound.protection.outlook.com (mail-bn1nam02on2066.outbound.protection.outlook.com [40.107.212.66]) by imf22.hostedemail.com (Postfix) with ESMTP id 8257AC0004 for ; Sun, 21 Apr 2024 18:04:53 +0000 (UTC) Authentication-Results: imf22.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b=JGQNNVJ7; arc=pass ("microsoft.com:s=arcselector9901:i=1"); spf=pass (imf22.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.212.66 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com; dmarc=pass (policy=quarantine) header.from=amd.com ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1713722693; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=GQAiXfOM/3SgxppVrmPGEZoI09fg6zDss3nrFIdmRvo=; b=Ddl1vCGEMYY+3AJXReRv7o6+4w/PgHKnkn/LAti+8WwjNq/rdDa4mj51hUs4htmghKtjIM in6pT0Cw8o2XsmstAwprR2GKp4cQoIOLDqjw293pEoADUoUiS5kuGE7nDCoO+bMBUGo5sb zYhDrJ4GNLl1rHJX/I5AwdOz2zW6zKQ= ARC-Authentication-Results: i=2; imf22.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b=JGQNNVJ7; arc=pass ("microsoft.com:s=arcselector9901:i=1"); spf=pass (imf22.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.212.66 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com; dmarc=pass (policy=quarantine) header.from=amd.com ARC-Seal: i=2; s=arc-20220608; d=hostedemail.com; t=1713722693; a=rsa-sha256; cv=pass; b=KBmOgwBijt63F8Ewh4mpXL/nKEs9uaNzb5Rs0UU1clS3TdwlIyQAWFjOl7wBv72TKjNSmg 61+JHYdqGQui81sPUpbott3RMh2uaJL3TQ9Ek1M12MwoFJZpjyoQiMiOMOSaTZO9BXp6Sc OQlAqqR6AiG6sZIsbaejgeTp36f8MA4= ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=kb7MrtS6RQb5UAmLAN4bKBJFZLeoa5H4W7FDrgYQk+9SyEQxoETRACvXZb+KHegM6dl4m+NnUYlFDRBhX+Cg5JnAXSzJ2nxzBkjPCKUzlf0wZhWj22veKwpLD4mZFs3ypy4HOIleAsUx/fCfDWO3NGj61HnhS5V0U3eBpG5VYOZs0CzBy7wAEBHE/r6yZkuVKM08tKU27jZ+aAECEN//KriDmRXCoyV2BljTNW1fI94YxAKnn5zOxco1OV86KzP6Sih3jVNjpAek2nDkDpM6CaL9QTz/XnTu7F30NprMp+1BTOl/jt+V56iBtfrF0yt4r5AXmiM4MwEWG0RjWMuppw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=GQAiXfOM/3SgxppVrmPGEZoI09fg6zDss3nrFIdmRvo=; b=YZZmcpQ3/MR5SDIbWvCLB/wPoNRZkGEqUxktFbYKO4QBk0xsSGbXxUea17OLZXZ3nEIwDpvGxFA9StUSQNtlXuvC4jmV6JieYxc1DhMLjAgiM1+6PvkGGXyBOPxdFp2ro2PUetdjIurNl1Jr28NaNoov8y848GbRDT+zQkkcVbDEqEuc3CyzA6UCBAma3kLmvpThBz1v85Q3Td9PnH7dgV8IPwLgGys6NzmPp9FdKeyqgzDKFe80iYc0SSCwv6fl8zeVXCN6tKTEC+0rtvdjcj/VWmrvZApjoChOkJdtHEVNWdzx69aJjr8vUDb46A4pA9P/eHRwJd0wlJkoyjLxFg== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none (0) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=GQAiXfOM/3SgxppVrmPGEZoI09fg6zDss3nrFIdmRvo=; b=JGQNNVJ7DvRzsAS3eKmM10UECCZeBZ+cK9VM0AtXI0ZDYYTELL1ugJ2ef9yu3SgGNUgiKZwj8k4uA4WqEhcb0alqRgdWVdbpF857Zs9HSR5zYgeOrwd9cqinqDZpiurdepBYD4ysye5XiAMFw2UCdQr+y1qHRsGu9sE3bFCF3vs= Received: from BL1PR13CA0158.namprd13.prod.outlook.com (2603:10b6:208:2bd::13) by PH0PR12MB7908.namprd12.prod.outlook.com (2603:10b6:510:28e::10) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7472.44; Sun, 21 Apr 2024 18:04:47 +0000 Received: from MN1PEPF0000ECD6.namprd02.prod.outlook.com (2603:10b6:208:2bd:cafe::b3) by BL1PR13CA0158.outlook.office365.com (2603:10b6:208:2bd::13) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7519.20 via Frontend Transport; Sun, 21 Apr 2024 18:04:47 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by MN1PEPF0000ECD6.mail.protection.outlook.com (10.167.242.135) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.7519.19 via Frontend Transport; Sun, 21 Apr 2024 18:04:47 +0000 Received: from localhost (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.35; Sun, 21 Apr 2024 13:04:46 -0500 From: Michael Roth To: CC: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , Brijesh Singh Subject: [PATCH v14 12/22] KVM: SEV: Support SEV-SNP AP Creation NAE event Date: Sun, 21 Apr 2024 13:01:12 -0500 Message-ID: <20240421180122.1650812-13-michael.roth@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20240421180122.1650812-1-michael.roth@amd.com> References: <20240421180122.1650812-1-michael.roth@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: MN1PEPF0000ECD6:EE_|PH0PR12MB7908:EE_ X-MS-Office365-Filtering-Correlation-Id: c882ede4-bebd-4011-11e1-08dc622d87f9 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: HuniGN1ApAj8XiJPiySfSE1OL1aBZ0T+OCmplsq8BZund/NZiiflxOPpWzcoVn4OEKxNrDGcWv484hiCcbQaqaJRIXisOVKKJl4UYPmXW5OD7PAlVqmnKU78OXNT3GVuXi4SbbEZX9tGN1uooai14ED6YVubsjRa/Eby5vqQF/X+Z66QLYjk/kut4z85J+c7edXpDO5y4b3wA7uzvGVefMvJLW8RfvL8E5hta0tHA9oOfrsz8s5GgD82H4rTm4tKdwcldOVBHUOWxnhnO62+zzOakz1BkwqATAIW2NqqUYY1pOD3UOoHkVo6Livp+yv+LerJv5hWAHUj9ZbXPy61AvezuTVbHBVCdVHZm0wafqklRAeNHSe5Hy0/4V6S6W21ADSALOZhfPzFnJGro/JFx2dSfoNO9To9dcIL4Adt/93BUu08qHEDz5kmE+YYBb3sm+tT251Ri/grncixAV1tV+dH1g3Un3MnHvbKByy27l3sWWQ0cfIqjAKB/Ilyv10WJNEiGC3ZUt/38U9DLJNSoxjwMpkW5qL34kb2THEB49jRlmBDbBWsgTUVyeAiw/TXf+vnhFpbFTjOSGAYOPtk4GvRQqmAIgW10EZmhvK4RbA1wlDi6npNOBawoyFYelM4pg3iQAD6pB0ibfJacg8vBAOBFkCLuoGU5cwDDko/aFoPkND/IHvvwGi8zTY0pSqPLfeVXSaDUiKXybFUIsoet8jSRvXTNhilyvPPyuHXZcp2+5YCy0D6EANXsf1iKFFfrygc8DUP7m01k36cec7UqIGwV4pEzRFj6N3EQbDT52hSdg9em5BRWXMqcauCe0L168oQ/SHpYasOzLV5xjGBGuvHEgZPmnx4ByIGOTLXWk6fFiXYE/SYoYE97L8CDBy2D4Ss2+MmsE6IPgefxGG0Tc/RY9j8ETEDkvjqN+h3NZgDOXQGX95X3EWnHWlHW+snNtyZoPxLuE1bvk3ejsjfzgHlRXfip1dxOBdI8TwXVy7wa1qls1dbl72yskzHoXFdDNxS5bEd8ARttyIpS5JVZZ3z66k57KomgNfMW4zWSs8Ep8rJbpYAgEPYkBxo48Pe7108p+xCCJroHh2ljP90L17tF8ShrGbt4x/jRbAeK8Hx3motBOh03u6Ur2agjfuYLxwH98XcxEpTpn75/WucgFnA73I9JfRfyQtb+OlNRtK1lIsDXBpXcVKBAZBFOf4k0z2EYFPMhTs27SO1llVH+orDTTocuOcxS6TBkQp4Ziv7L6phIIskulgDHqpwyLKx6oEmJmhcen05RMlMsylQ1guBEhFi1Oqt2LnOrsCn/Z6no0LhM1PDjfmno/nCYIYdwMGcdG22dCHpFYAZBJRS08HuoFtzL7LfcRZO9JMvnQY= X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230031)(1800799015)(376005)(82310400014)(7416005)(36860700004);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 21 Apr 2024 18:04:47.3596 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: c882ede4-bebd-4011-11e1-08dc622d87f9 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: MN1PEPF0000ECD6.namprd02.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: PH0PR12MB7908 X-Stat-Signature: 7416k4fs4etjogj8jmqw7znnp3913643 X-Rspamd-Queue-Id: 8257AC0004 X-Rspamd-Server: rspam10 X-Rspam-User: X-HE-Tag: 1713722693-29199 X-HE-Meta: U2FsdGVkX19mDLjrEZ5rjYPfkUsYBAF2MZpta3WM2GSEiAHzm6noZ2G3bVrXf3gaJj4M7X8EBSyOHs43HIewYEA39wVdyp7qBFGOt7DB/DXIJo/21oWjeOIDTvsI70B3c3nX/+7dhl1egNDIOEFKEUOUTXcQ8Y3EYLviKGgiaM58jfxI8tmgCJn561gVidpbMwLBt3ieOGEZFIta1MRCwVH1o5ItSd4JPq2PqPwg8E0F6+oLo+Y8hN7GOligKhe9nK3P8tP7kH5H1/9oRY40RBjkYQh6Rt5i2yeL1mPXkoy/Bk84AO3fo20cglBFbGK9ZqiaVwt4sz2XuSSjPtnjwKSQ2irQwCLpjorzStZqBHcPKR+EWLQ5H4N6iNHTsfHbj2qcplJwsAeoL9ibnYmG1srd6bGwxCwGYCea0duQN1yznbJK40HMm5mc2OO7ya8mzjcnAhVSWCBMKQ30KeUo7lhN8WWvxAZlkuHLdrFGalWA6AHdpqqTTMu+OvqywmmmNf9tgbSoHvWWzVObTq0jBBphZmoKEAOtzZ5ptjkTK8RPbwsvbF4JIiDuC4P539MJN3LwzUMv1U/sgAdp++vUvuj2L7K52PZpEPDXrRRUvwpQIFz+FI4/r2xwQz820aMt7+NYMyjZF9tw5aEf5kxwGKQLsS6e0cIHTi5B1VhJYZpErFxeI/UbEOo38M5H1vOlB2YfExZ1OHXXuzdtMpAkYbI6Z4Z/qQ2R/5jHPdy/AwVf0qmkG2kI4iTbtQWNs26r8yubWAYcfNX4C02WdautbpBKoRf7kcbROgTUDWNfma/SteeWzgR8DTMV4k2lBkxbWcQ9c/bdRzt7DJ03cATKZCsxzGiI5SKfzEcEphxPsQNzNenrvuITUCy7wnFXOok2U7ekgSqFlI+tEOeQtuACAY1mHio3539bs+9av6qqoc0sniC2QjI15VWWqhjXzcpmMap+xcr2AdMaQ2pP7xK N9L167Bu DDisNUbfeXsMfGO3Qp2Ofr5+TyijjAKITEqJ67+VY8X1ofutDGiYZFL01F6qi/fS8XCQiMgluU66hL/5d6WOVyHKTOvdJfzH3dEOh9ClOdjlkRA2e/9TB5qOoMEF3Kp5dvIotIWT3zCLOeRLRz5HR6xONfLI64SZb8tHXJeNmkIrXitLJocsWMEJgQp/TqFr/Irq1O8+oBMH9Wez6HvScv6bL7pDeFvkOLHIHxOCq72VHl67RX/h06KRYpRJc5mwwL25MqBAJkJ3lMSAb0tYaDdvjoMv4uOtYCXPvkmW5SnV/pAr2ltDro3w91NdthD/pVZPAmVEgdFTu2E8= X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: From: Tom Lendacky Add support for the SEV-SNP AP Creation NAE event. This allows SEV-SNP guests to alter the register state of the APs on their own. This allows the guest a way of simulating INIT-SIPI. A new event, KVM_REQ_UPDATE_PROTECTED_GUEST_STATE, is created and used so as to avoid updating the VMSA pointer while the vCPU is running. For CREATE The guest supplies the GPA of the VMSA to be used for the vCPU with the specified APIC ID. The GPA is saved in the svm struct of the target vCPU, the KVM_REQ_UPDATE_PROTECTED_GUEST_STATE event is added to the vCPU and then the vCPU is kicked. For CREATE_ON_INIT: The guest supplies the GPA of the VMSA to be used for the vCPU with the specified APIC ID the next time an INIT is performed. The GPA is saved in the svm struct of the target vCPU. For DESTROY: The guest indicates it wishes to stop the vCPU. The GPA is cleared from the svm struct, the KVM_REQ_UPDATE_PROTECTED_GUEST_STATE event is added to vCPU and then the vCPU is kicked. The KVM_REQ_UPDATE_PROTECTED_GUEST_STATE event handler will be invoked as a result of the event or as a result of an INIT. If a new VMSA is to be installed, the VMSA guest page is set as the VMSA in the vCPU VMCB and the vCPU state is set to KVM_MP_STATE_RUNNABLE. If a new VMSA is not to be installed, the VMSA is cleared in the vCPU VMCB and the vCPU state is set to KVM_MP_STATE_HALTED to prevent it from being run. Signed-off-by: Tom Lendacky Co-developed-by: Michael Roth Signed-off-by: Michael Roth Signed-off-by: Brijesh Singh Signed-off-by: Ashish Kalra --- arch/x86/include/asm/kvm_host.h | 1 + arch/x86/include/asm/svm.h | 6 + arch/x86/kvm/svm/sev.c | 229 +++++++++++++++++++++++++++++++- arch/x86/kvm/svm/svm.c | 11 +- arch/x86/kvm/svm/svm.h | 9 ++ arch/x86/kvm/x86.c | 11 ++ 6 files changed, 264 insertions(+), 3 deletions(-) diff --git a/arch/x86/include/asm/kvm_host.h b/arch/x86/include/asm/kvm_host.h index 90f0de2b8645..54aafcb50d8b 100644 --- a/arch/x86/include/asm/kvm_host.h +++ b/arch/x86/include/asm/kvm_host.h @@ -121,6 +121,7 @@ KVM_ARCH_REQ_FLAGS(31, KVM_REQUEST_WAIT | KVM_REQUEST_NO_WAKEUP) #define KVM_REQ_HV_TLB_FLUSH \ KVM_ARCH_REQ_FLAGS(32, KVM_REQUEST_WAIT | KVM_REQUEST_NO_WAKEUP) +#define KVM_REQ_UPDATE_PROTECTED_GUEST_STATE KVM_ARCH_REQ(34) #define CR0_RESERVED_BITS \ (~(unsigned long)(X86_CR0_PE | X86_CR0_MP | X86_CR0_EM | X86_CR0_TS \ diff --git a/arch/x86/include/asm/svm.h b/arch/x86/include/asm/svm.h index 544a43c1cf11..f0dea3750ca9 100644 --- a/arch/x86/include/asm/svm.h +++ b/arch/x86/include/asm/svm.h @@ -286,8 +286,14 @@ static_assert((X2AVIC_MAX_PHYSICAL_ID & AVIC_PHYSICAL_MAX_INDEX_MASK) == X2AVIC_ #define AVIC_HPA_MASK ~((0xFFFULL << 52) | 0xFFF) #define SVM_SEV_FEAT_SNP_ACTIVE BIT(0) +#define SVM_SEV_FEAT_RESTRICTED_INJECTION BIT(3) +#define SVM_SEV_FEAT_ALTERNATE_INJECTION BIT(4) #define SVM_SEV_FEAT_DEBUG_SWAP BIT(5) +#define SVM_SEV_FEAT_INT_INJ_MODES \ + (SVM_SEV_FEAT_RESTRICTED_INJECTION | \ + SVM_SEV_FEAT_ALTERNATE_INJECTION) + struct vmcb_seg { u16 selector; u16 attrib; diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c index 65882033a82f..67e245a0d2bb 100644 --- a/arch/x86/kvm/svm/sev.c +++ b/arch/x86/kvm/svm/sev.c @@ -37,7 +37,7 @@ #define GHCB_VERSION_MAX 2ULL #define GHCB_VERSION_MIN 1ULL -#define GHCB_HV_FT_SUPPORTED GHCB_HV_FT_SNP +#define GHCB_HV_FT_SUPPORTED (GHCB_HV_FT_SNP | GHCB_HV_FT_SNP_AP_CREATION) /* enable/disable SEV support */ static bool sev_enabled = true; @@ -3270,6 +3270,11 @@ static int sev_es_validate_vmgexit(struct vcpu_svm *svm) if (!kvm_ghcb_sw_scratch_is_valid(svm)) goto vmgexit_err; break; + case SVM_VMGEXIT_AP_CREATION: + if (lower_32_bits(control->exit_info_1) != SVM_VMGEXIT_AP_DESTROY) + if (!kvm_ghcb_rax_is_valid(svm)) + goto vmgexit_err; + break; case SVM_VMGEXIT_NMI_COMPLETE: case SVM_VMGEXIT_AP_HLT_LOOP: case SVM_VMGEXIT_AP_JUMP_TABLE: @@ -3520,6 +3525,205 @@ static int snp_complete_psc(struct kvm_vcpu *vcpu) return 1; /* resume guest */ } +static int __sev_snp_update_protected_guest_state(struct kvm_vcpu *vcpu) +{ + struct vcpu_svm *svm = to_svm(vcpu); + + WARN_ON(!mutex_is_locked(&svm->sev_es.snp_vmsa_mutex)); + + /* Mark the vCPU as offline and not runnable */ + vcpu->arch.pv.pv_unhalted = false; + vcpu->arch.mp_state = KVM_MP_STATE_HALTED; + + /* Clear use of the VMSA */ + svm->vmcb->control.vmsa_pa = INVALID_PAGE; + + if (VALID_PAGE(svm->sev_es.snp_vmsa_gpa)) { + gfn_t gfn = gpa_to_gfn(svm->sev_es.snp_vmsa_gpa); + struct kvm_memory_slot *slot; + kvm_pfn_t pfn; + + slot = gfn_to_memslot(vcpu->kvm, gfn); + if (!slot) + return -EINVAL; + + /* + * The new VMSA will be private memory guest memory, so + * retrieve the PFN from the gmem backend. + */ + if (kvm_gmem_get_pfn(vcpu->kvm, slot, gfn, &pfn, NULL)) + return -EINVAL; + + /* + * From this point forward, the VMSA will always be a + * guest-mapped page rather than the initial one allocated + * by KVM in svm->sev_es.vmsa. In theory, svm->sev_es.vmsa + * could be free'd and cleaned up here, but that involves + * cleanups like wbinvd_on_all_cpus() which would ideally + * be handled during teardown rather than guest boot. + * Deferring that also allows the existing logic for SEV-ES + * VMSAs to be re-used with minimal SNP-specific changes. + */ + svm->sev_es.snp_has_guest_vmsa = true; + + /* Use the new VMSA */ + svm->vmcb->control.vmsa_pa = pfn_to_hpa(pfn); + + /* Mark the vCPU as runnable */ + vcpu->arch.pv.pv_unhalted = false; + vcpu->arch.mp_state = KVM_MP_STATE_RUNNABLE; + + svm->sev_es.snp_vmsa_gpa = INVALID_PAGE; + + /* + * gmem pages aren't currently migratable, but if this ever + * changes then care should be taken to ensure + * svm->sev_es.vmsa is pinned through some other means. + */ + kvm_release_pfn_clean(pfn); + } + + /* + * When replacing the VMSA during SEV-SNP AP creation, + * mark the VMCB dirty so that full state is always reloaded. + */ + vmcb_mark_all_dirty(svm->vmcb); + + return 0; +} + +/* + * Invoked as part of svm_vcpu_reset() processing of an init event. + */ +void sev_snp_init_protected_guest_state(struct kvm_vcpu *vcpu) +{ + struct vcpu_svm *svm = to_svm(vcpu); + int ret; + + if (!sev_snp_guest(vcpu->kvm)) + return; + + mutex_lock(&svm->sev_es.snp_vmsa_mutex); + + if (!svm->sev_es.snp_ap_waiting_for_reset) + goto unlock; + + svm->sev_es.snp_ap_waiting_for_reset = false; + + ret = __sev_snp_update_protected_guest_state(vcpu); + if (ret) + vcpu_unimpl(vcpu, "snp: AP state update on init failed\n"); + +unlock: + mutex_unlock(&svm->sev_es.snp_vmsa_mutex); +} + +static int sev_snp_ap_creation(struct vcpu_svm *svm) +{ + struct kvm_sev_info *sev = &to_kvm_svm(svm->vcpu.kvm)->sev_info; + struct kvm_vcpu *vcpu = &svm->vcpu; + struct kvm_vcpu *target_vcpu; + struct vcpu_svm *target_svm; + unsigned int request; + unsigned int apic_id; + bool kick; + int ret; + + request = lower_32_bits(svm->vmcb->control.exit_info_1); + apic_id = upper_32_bits(svm->vmcb->control.exit_info_1); + + /* Validate the APIC ID */ + target_vcpu = kvm_get_vcpu_by_id(vcpu->kvm, apic_id); + if (!target_vcpu) { + vcpu_unimpl(vcpu, "vmgexit: invalid AP APIC ID [%#x] from guest\n", + apic_id); + return -EINVAL; + } + + ret = 0; + + target_svm = to_svm(target_vcpu); + + /* + * The target vCPU is valid, so the vCPU will be kicked unless the + * request is for CREATE_ON_INIT. For any errors at this stage, the + * kick will place the vCPU in an non-runnable state. + */ + kick = true; + + mutex_lock(&target_svm->sev_es.snp_vmsa_mutex); + + target_svm->sev_es.snp_vmsa_gpa = INVALID_PAGE; + target_svm->sev_es.snp_ap_waiting_for_reset = true; + + /* Interrupt injection mode shouldn't change for AP creation */ + if (request < SVM_VMGEXIT_AP_DESTROY) { + u64 sev_features; + + sev_features = vcpu->arch.regs[VCPU_REGS_RAX]; + sev_features ^= sev->vmsa_features; + + if (sev_features & SVM_SEV_FEAT_INT_INJ_MODES) { + vcpu_unimpl(vcpu, "vmgexit: invalid AP injection mode [%#lx] from guest\n", + vcpu->arch.regs[VCPU_REGS_RAX]); + ret = -EINVAL; + goto out; + } + } + + switch (request) { + case SVM_VMGEXIT_AP_CREATE_ON_INIT: + kick = false; + fallthrough; + case SVM_VMGEXIT_AP_CREATE: + if (!page_address_valid(vcpu, svm->vmcb->control.exit_info_2)) { + vcpu_unimpl(vcpu, "vmgexit: invalid AP VMSA address [%#llx] from guest\n", + svm->vmcb->control.exit_info_2); + ret = -EINVAL; + goto out; + } + + /* + * Malicious guest can RMPADJUST a large page into VMSA which + * will hit the SNP erratum where the CPU will incorrectly signal + * an RMP violation #PF if a hugepage collides with the RMP entry + * of VMSA page, reject the AP CREATE request if VMSA address from + * guest is 2M aligned. + */ + if (IS_ALIGNED(svm->vmcb->control.exit_info_2, PMD_SIZE)) { + vcpu_unimpl(vcpu, + "vmgexit: AP VMSA address [%llx] from guest is unsafe as it is 2M aligned\n", + svm->vmcb->control.exit_info_2); + ret = -EINVAL; + goto out; + } + + target_svm->sev_es.snp_vmsa_gpa = svm->vmcb->control.exit_info_2; + break; + case SVM_VMGEXIT_AP_DESTROY: + break; + default: + vcpu_unimpl(vcpu, "vmgexit: invalid AP creation request [%#x] from guest\n", + request); + ret = -EINVAL; + break; + } + +out: + if (kick) { + kvm_make_request(KVM_REQ_UPDATE_PROTECTED_GUEST_STATE, target_vcpu); + + if (target_vcpu->arch.mp_state == KVM_MP_STATE_UNINITIALIZED) + kvm_make_request(KVM_REQ_UNBLOCK, target_vcpu); + + kvm_vcpu_kick(target_vcpu); + } + + mutex_unlock(&target_svm->sev_es.snp_vmsa_mutex); + + return ret; +} + static int sev_handle_vmgexit_msr_protocol(struct vcpu_svm *svm) { struct vmcb_control_area *control = &svm->vmcb->control; @@ -3763,6 +3967,15 @@ int sev_handle_vmgexit(struct kvm_vcpu *vcpu) vcpu->run->vmgexit.psc.shared_gpa = svm->sev_es.sw_scratch; vcpu->arch.complete_userspace_io = snp_complete_psc; break; + case SVM_VMGEXIT_AP_CREATION: + ret = sev_snp_ap_creation(svm); + if (ret) { + ghcb_set_sw_exit_info_1(svm->sev_es.ghcb, 2); + ghcb_set_sw_exit_info_2(svm->sev_es.ghcb, GHCB_ERR_INVALID_INPUT); + } + + ret = 1; + break; case SVM_VMGEXIT_UNSUPPORTED_EVENT: vcpu_unimpl(vcpu, "vmgexit: unsupported event - exit_info_1=%#llx, exit_info_2=%#llx\n", @@ -3857,7 +4070,7 @@ static void sev_es_init_vmcb(struct vcpu_svm *svm) * the VMSA will be NULL if this vCPU is the destination for intrahost * migration, and will be copied later. */ - if (svm->sev_es.vmsa) + if (svm->sev_es.vmsa && !svm->sev_es.snp_has_guest_vmsa) svm->vmcb->control.vmsa_pa = __pa(svm->sev_es.vmsa); /* Can't intercept CR register access, HV can't modify CR registers */ @@ -3930,6 +4143,8 @@ void sev_es_vcpu_reset(struct vcpu_svm *svm) set_ghcb_msr(svm, GHCB_MSR_SEV_INFO(GHCB_VERSION_MAX, GHCB_VERSION_MIN, sev_enc_bit)); + + mutex_init(&svm->sev_es.snp_vmsa_mutex); } void sev_es_prepare_switch_to_guest(struct vcpu_svm *svm, struct sev_es_save_area *hostsa) @@ -4041,6 +4256,16 @@ struct page *snp_safe_alloc_page(struct kvm_vcpu *vcpu) return p; } +void sev_vcpu_unblocking(struct kvm_vcpu *vcpu) +{ + if (!sev_snp_guest(vcpu->kvm)) + return; + + if (kvm_test_request(KVM_REQ_UPDATE_PROTECTED_GUEST_STATE, vcpu) && + vcpu->arch.mp_state == KVM_MP_STATE_UNINITIALIZED) + vcpu->arch.mp_state = KVM_MP_STATE_RUNNABLE; +} + void sev_handle_rmp_fault(struct kvm_vcpu *vcpu, gpa_t gpa, u64 error_code) { struct kvm_memory_slot *slot; diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c index 7c9807fdafc3..b70556608e8d 100644 --- a/arch/x86/kvm/svm/svm.c +++ b/arch/x86/kvm/svm/svm.c @@ -1398,6 +1398,9 @@ static void svm_vcpu_reset(struct kvm_vcpu *vcpu, bool init_event) svm->spec_ctrl = 0; svm->virt_spec_ctrl = 0; + if (init_event) + sev_snp_init_protected_guest_state(vcpu); + init_vmcb(vcpu); if (!init_event) @@ -4944,6 +4947,12 @@ static void *svm_alloc_apic_backing_page(struct kvm_vcpu *vcpu) return page_address(page); } +static void svm_vcpu_unblocking(struct kvm_vcpu *vcpu) +{ + sev_vcpu_unblocking(vcpu); + avic_vcpu_unblocking(vcpu); +} + static struct kvm_x86_ops svm_x86_ops __initdata = { .name = KBUILD_MODNAME, @@ -4966,7 +4975,7 @@ static struct kvm_x86_ops svm_x86_ops __initdata = { .vcpu_load = svm_vcpu_load, .vcpu_put = svm_vcpu_put, .vcpu_blocking = avic_vcpu_blocking, - .vcpu_unblocking = avic_vcpu_unblocking, + .vcpu_unblocking = svm_vcpu_unblocking, .update_exception_bitmap = svm_update_exception_bitmap, .get_msr_feature = svm_get_msr_feature, diff --git a/arch/x86/kvm/svm/svm.h b/arch/x86/kvm/svm/svm.h index d2b0ec27d4fe..81e335dca281 100644 --- a/arch/x86/kvm/svm/svm.h +++ b/arch/x86/kvm/svm/svm.h @@ -210,6 +210,11 @@ struct vcpu_sev_es_state { bool ghcb_sa_free; u64 ghcb_registered_gpa; + + struct mutex snp_vmsa_mutex; /* Used to handle concurrent updates of VMSA. */ + gpa_t snp_vmsa_gpa; + bool snp_ap_waiting_for_reset; + bool snp_has_guest_vmsa; }; struct vcpu_svm { @@ -723,6 +728,8 @@ int sev_cpu_init(struct svm_cpu_data *sd); int sev_dev_get_attr(u32 group, u64 attr, u64 *val); extern unsigned int max_sev_asid; void sev_handle_rmp_fault(struct kvm_vcpu *vcpu, gpa_t gpa, u64 error_code); +void sev_vcpu_unblocking(struct kvm_vcpu *vcpu); +void sev_snp_init_protected_guest_state(struct kvm_vcpu *vcpu); #else static inline struct page *snp_safe_alloc_page(struct kvm_vcpu *vcpu) { return alloc_page(GFP_KERNEL_ACCOUNT | __GFP_ZERO); @@ -737,6 +744,8 @@ static inline int sev_cpu_init(struct svm_cpu_data *sd) { return 0; } static inline int sev_dev_get_attr(u32 group, u64 attr, u64 *val) { return -ENXIO; } #define max_sev_asid 0 static inline void sev_handle_rmp_fault(struct kvm_vcpu *vcpu, gpa_t gpa, u64 error_code) {} +static inline void sev_vcpu_unblocking(struct kvm_vcpu *vcpu) {} +static inline void sev_snp_init_protected_guest_state(struct kvm_vcpu *vcpu) {} #endif diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c index 14693effec6b..b20f6c1b8214 100644 --- a/arch/x86/kvm/x86.c +++ b/arch/x86/kvm/x86.c @@ -10938,6 +10938,14 @@ static int vcpu_enter_guest(struct kvm_vcpu *vcpu) if (kvm_check_request(KVM_REQ_UPDATE_CPU_DIRTY_LOGGING, vcpu)) static_call(kvm_x86_update_cpu_dirty_logging)(vcpu); + + if (kvm_check_request(KVM_REQ_UPDATE_PROTECTED_GUEST_STATE, vcpu)) { + kvm_vcpu_reset(vcpu, true); + if (vcpu->arch.mp_state != KVM_MP_STATE_RUNNABLE) { + r = 1; + goto out; + } + } } if (kvm_check_request(KVM_REQ_EVENT, vcpu) || req_int_win || @@ -13145,6 +13153,9 @@ static inline bool kvm_vcpu_has_events(struct kvm_vcpu *vcpu) if (kvm_test_request(KVM_REQ_PMI, vcpu)) return true; + if (kvm_test_request(KVM_REQ_UPDATE_PROTECTED_GUEST_STATE, vcpu)) + return true; + if (kvm_arch_interrupt_allowed(vcpu) && (kvm_cpu_has_interrupt(vcpu) || kvm_guest_apic_has_interrupt(vcpu))) From patchwork Sun Apr 21 18:01:13 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Roth X-Patchwork-Id: 13637419 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id EAADAC4345F for ; Sun, 21 Apr 2024 18:05:19 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 8A10A6B009A; Sun, 21 Apr 2024 14:05:19 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 850726B009B; Sun, 21 Apr 2024 14:05:19 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 6A3906B009C; Sun, 21 Apr 2024 14:05:19 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0013.hostedemail.com [216.40.44.13]) by kanga.kvack.org (Postfix) with ESMTP id 4C8346B009A for ; Sun, 21 Apr 2024 14:05:19 -0400 (EDT) Received: from smtpin09.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay08.hostedemail.com (Postfix) with ESMTP id 17906140A67 for ; Sun, 21 Apr 2024 18:05:19 +0000 (UTC) X-FDA: 82034315958.09.EA0AA18 Received: from NAM11-CO1-obe.outbound.protection.outlook.com (mail-co1nam11on2071.outbound.protection.outlook.com [40.107.220.71]) by imf19.hostedemail.com (Postfix) with ESMTP id 488C21A000B for ; Sun, 21 Apr 2024 18:05:16 +0000 (UTC) Authentication-Results: imf19.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b=JUBGz3yn; dmarc=pass (policy=quarantine) header.from=amd.com; arc=pass ("microsoft.com:s=arcselector9901:i=1"); spf=pass (imf19.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.220.71 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1713722716; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=DyFt9nWIzOZuIP2XGjP5mX6hVeYpS/HgXrectrvJ2BE=; b=J/dspbV//nb0PO3oxeFj7h1xxqtsi9MPBUVZOs8nuDOm7qoB0tZmbVK4EYuWzvXF22SX6k 28MluLV5ACdk3eD9KubDXvnDrmKmDuaol3G/8nLLPekUUALSoPPXRplaygNfmELjNDd9vk LxZFIJwqbiWKyqS+V5TXjZvrFuDa71c= ARC-Authentication-Results: i=2; imf19.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b=JUBGz3yn; dmarc=pass (policy=quarantine) header.from=amd.com; arc=pass ("microsoft.com:s=arcselector9901:i=1"); spf=pass (imf19.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.220.71 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com ARC-Seal: i=2; s=arc-20220608; d=hostedemail.com; t=1713722716; a=rsa-sha256; cv=pass; b=ghoT4lttKPINVM9mk7heMqOjstBji5Y8UZyMlI0ZNBzgb2liKVMcQ4Q8XvcH8SKdeX/nez Bsl2Z3Y6SzdCJg955fkgYADXZbONSZ46PeiPlF0I/jtFUSrMG3Atb5Ce2V8K0SOAVrItJC YT9jCdWJDLzwjbqVO8Q9wGCGYFtYQ0s= ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=dBjZ3QC8SDBybSAmhVzlHDGLbqPoJc8wXuCW/O8zaYR7hEkP3Jtg7jAO6/84alpNoVVryAjJ593PKgWjcKiPpsoaUYZQuG4iBg5SBwuPeCrBpT0hRRkU7rH7FbiDQB64J8T7A9vDZ9HhO1rKWNjgLnfuxoaLS20rlMsObNx02qiRKgm4/a7mj9wG0fylkm7JiXM+o658kwwn0xfUy7ObRyRrFrN7sCEOplXq5QpP2llb972P/gBnNb7k4OgF+WeRF+FADPae7rQIEJ9d66+OcRt+MX/F2geHKEUBMUXJj2cYnZv/MooCqSisujv5pCoiXHgow2+zUPBdIirKhOfL3w== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=DyFt9nWIzOZuIP2XGjP5mX6hVeYpS/HgXrectrvJ2BE=; b=WlaP6MJ5Jmt/9FWGy0iph5F6MyzbqHM2PFxN0FlkSDY9Zh1nNVVEZbo+dD61/8mZ7lD0HeQBi67C+DmHIbaHNJzc0WdB38WJHe3WmYIO0LiwRrEQvP0qEN8Ec8Cpgvxxs2aINqj0koknghGAO+Yli7L/g1JWYDyql/g4t4jpt3E3clVop5pTU1sfa+aQ5CPvzlt2KQ7OqwBKDcYEq4fkj/Xv8GiCFE/Z9RR4JxlUf/+Jh3cUW9ORVBuUvn3wYuFO9Rvf2juKCli75V2Cg0nQZhNPbrLvApg0wGTOADi1U6LZh+sc114oxNgbi2jCH3qcC1T9JSWCC9vZ9PbXVWqCsg== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none (0) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=DyFt9nWIzOZuIP2XGjP5mX6hVeYpS/HgXrectrvJ2BE=; b=JUBGz3yn0UyWPXlBkY/i2i+UadOAdV98E9pVBt5t5GIwQ1cKtwJZS9URlL4Ib1Ti5fHwtUZ7FmhaEJy9LIzKMPs3rs998q+0rU6WvLCoAwst+1SdVj/QxaNYmAHRsgnSayXmxpjn9F/199PYY8z2kYfOPFYhDpMnhL/8q8mEwGU= Received: from BLAPR05CA0035.namprd05.prod.outlook.com (2603:10b6:208:335::16) by MN0PR12MB5788.namprd12.prod.outlook.com (2603:10b6:208:377::5) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7472.44; Sun, 21 Apr 2024 18:05:08 +0000 Received: from MN1PEPF0000ECDA.namprd02.prod.outlook.com (2603:10b6:208:335:cafe::40) by BLAPR05CA0035.outlook.office365.com (2603:10b6:208:335::16) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7519.20 via Frontend Transport; Sun, 21 Apr 2024 18:05:08 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by MN1PEPF0000ECDA.mail.protection.outlook.com (10.167.242.134) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.7519.19 via Frontend Transport; Sun, 21 Apr 2024 18:05:08 +0000 Received: from localhost (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.35; Sun, 21 Apr 2024 13:05:08 -0500 From: Michael Roth To: CC: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , Subject: [PATCH v14 13/22] KVM: SEV: Add support for GHCB-based termination requests Date: Sun, 21 Apr 2024 13:01:13 -0500 Message-ID: <20240421180122.1650812-14-michael.roth@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20240421180122.1650812-1-michael.roth@amd.com> References: <20240421180122.1650812-1-michael.roth@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: MN1PEPF0000ECDA:EE_|MN0PR12MB5788:EE_ X-MS-Office365-Filtering-Correlation-Id: 43f32f30-c734-43fa-bb81-08dc622d94a6 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: Rye0CGSjcTyRvqP3pPVAmUv3PzdbYrPFKfaw1XMdA3GS8fu7b9AW6soMyQ9Po8goq4997OXtvIU65DlU4RRuvSfcfsyauOESztJ/+k2waRd5APWPH95b1i/GbVZZdGiHamlyD/F5IAeTACyJq/sXqUfm2/uM7v0+K61IVsM3Bm7avyJ2Z9stAG6LPbCiT/PzFqQeBYVJUCdvG8Vx4Ngi1Vzd/gpZagHTdU1XmvpM5/AhcZsmWyhSz7KBgCOjETYZv5VW+BgV6BghsF8ey9hWWF0TRIjbvx7kYt3SeXunHuu3m6yM0LlFLu8AMJyrwZdFEVarP1JP1ygdWSa16lfQsBL1tGGHrFSM0zYdtbkZmQ3n7Kbr2NtwHyNH1YM3iBL+LrQc9SQxe5lkVfp9SZE4ImUD9DwK91Rdq3/ebU4oxOCMVEj0I6c6tl0UhygMRFMHcWWLmcNuGr/mCQILDYgGndtHWC8u7+W88pTF79Y8f5+f0npZi8gpojG5ZM47T6cGlvOO44cRFaZVWfmrKQojiwcemoCZxUBgZW1uef4NzB/INiB39UX+4KwIJfT1Nos+yznRgXHE+z1k3rHnavYJRiUUb60YTZnjISmEA+VkYxzoCQBnKlfie0qUeF07Kx0MLWCN9D52DiMudX5IJmaQGhk3bdgf5FVs22ZvDdrWeMahCl7G7xpVL8omo6OadqqjqVnYknD6lcpIgyyJT0DupVqvECjILh07C4FlLgJWe0F5AkSteuo7SAEBX0UcEb0cQD2imwm1Pofi8B+ImOBrOn5GtQ/F/Yv7Qx0uMMoe/QeOdldD4VkYWe7FGaTBn5ZlayKJ227eZTFqHpe2v9MSSzFolF5KbIpBAIoKnTaRPpUuBaTT+UTnNnxOxhTL1LaAt64cREgNBLlfoYawwCRqaroPjXns7SoO7v2UoKilAPwZm4cDXOF1KPpdFOzt58wLvNqhYQP9p30ybE6MI7DJeP2IK4P52PPgQtEO/EfW2dRHGn2jm4r2ztJdFhODBtdGGqgQgm9Zp7sMSHYmQkPcyLmizohdmT/zmRqbYJrAHxlacRf3rAJsaoOTO2fuKOR1kntKXkxN2dCFHvNtT4sNH1Uhb8FSfqCv3nhjCMmPhaYwviII7owYto1k2JkzS8L6CmVO+Gm8Te8wkHZVOSbsMPjKBfS+cIjIwV1a7ydrkiEbTAB0+7RRapdZx3FLCR5YNx4xQGJacTKmRswOXQoqho2thG2a2LQ+chskJ69dByUcDsIb0LKNzWlTO8ndpY7vIrFfE631YCD/GzYukPKCp2Oiav7AW7mUYkAy09UPc6V7t7sXbcYD7wvBr8eMvu7RI80cdHZzbnQ1AWW9x9Y37S40mabpPazJ5BdpNA/IvrI= X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230031)(1800799015)(7416005)(376005)(82310400014)(36860700004);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 21 Apr 2024 18:05:08.6148 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 43f32f30-c734-43fa-bb81-08dc622d94a6 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: MN1PEPF0000ECDA.namprd02.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: MN0PR12MB5788 X-Rspamd-Server: rspam04 X-Rspamd-Queue-Id: 488C21A000B X-Rspam-User: X-Stat-Signature: n6csdfx646ngh4w7rz3cduhxgpuuxmxy X-HE-Tag: 1713722716-604164 X-HE-Meta: U2FsdGVkX19UrXn31ehsddhrghLMZVQ28UnfYbWZ9IKFjykRQZTEMiqjuVbstWmnKXG1A8S+KuWbaUz/GAksj9uvcCyu75aJm0OlyjPF2/i72pmzZq2aTLS5xJE+0hM2W4pXPqP0jJpImiZfL0EUCdM+0GCHi/sqqSbwHTMKg6+PxPhSmiogIhcAxi53oQpER317J16klG86lgxHgd3lPCDaEDIMx2IHgtYXHK7WMyXM/ODH80vX236Pw1KvM4HNxCEeUoOCQmncUZU/b7Vw8VaeX+X+MLFR3B2+bqLlYc2tdDoXTlf3exWiaJGYannduNPCvqPgzMAluKxPqdSTy719AbAziv4EA4ZJyGmH068477r3awvFE3IbIv+Jn6zpXGDb2HjEJXMawaA88JKaFu+SpF45yX2FMFrx2sc8F3/TOnGIaZLKA7sdh2G8R1bA5u0BAFaJJDOxnlUHWRP9EPSsp3JZDgOSHNckf+0C8UIz2aMCSEo4uiLo+RhYECv7UE6dBVClyw3XBSKhSiRHkxymgPAu22zbZPQvdqeedauqNU6vp2TTpJ3luqXnWasHzfCEhMZBjpMbuzFX7EdpEcznzwjs7qTkCbN0OeuN5EI5b3fU0qnVyB6/93FlQ5stP9VYsPF/sEFB+jTW2weduUjT1rvUWRjb7+mvbLqnQVF5O9AalZ6o0dRuGmvUtGxgm4ksAxFaO//NX7duVMNh9c82+ZhMXCpE/hShpJRmqrRa7J4gN8eFOZC6hIz8P5W5xnjuzTeyXk69e7fdQQ/8ZXcDIj8lh09LAej90pZOMG/suxlOBnB6o3upxKXG5coKorvE3zYb7RUTU2DB0lkYivKo/e/u9u+MJBZw9ctgO3MRyYn4sCgzxVs93HNha2sXJFXcgVukdPT9wLttf8htG+qOVY1nGnCX6Am3qEzefKot62AH4d+I5Ex7v3qhdOx2e1++5mfJ9AWcgDGgNNI qxw== X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: GHCB version 2 adds support for a GHCB-based termination request that a guest can issue when it reaches an error state and wishes to inform the hypervisor that it should be terminated. Implement support for that similarly to GHCB MSR-based termination requests that are already available to SEV-ES guests via earlier versions of the GHCB protocol. See 'Termination Request' in the 'Invoking VMGEXIT' section of the GHCB specification for more details. Signed-off-by: Michael Roth --- arch/x86/kvm/svm/sev.c | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c index 67e245a0d2bb..1d18e3497b4e 100644 --- a/arch/x86/kvm/svm/sev.c +++ b/arch/x86/kvm/svm/sev.c @@ -3281,6 +3281,7 @@ static int sev_es_validate_vmgexit(struct vcpu_svm *svm) case SVM_VMGEXIT_UNSUPPORTED_EVENT: case SVM_VMGEXIT_HV_FEATURES: case SVM_VMGEXIT_PSC: + case SVM_VMGEXIT_TERM_REQUEST: break; default: reason = GHCB_ERR_INVALID_EVENT; @@ -3976,6 +3977,14 @@ int sev_handle_vmgexit(struct kvm_vcpu *vcpu) ret = 1; break; + case SVM_VMGEXIT_TERM_REQUEST: + pr_info("SEV-ES guest requested termination: reason %#llx info %#llx\n", + control->exit_info_1, control->exit_info_2); + vcpu->run->exit_reason = KVM_EXIT_SYSTEM_EVENT; + vcpu->run->system_event.type = KVM_SYSTEM_EVENT_SEV_TERM; + vcpu->run->system_event.ndata = 1; + vcpu->run->system_event.data[0] = control->ghcb_gpa; + break; case SVM_VMGEXIT_UNSUPPORTED_EVENT: vcpu_unimpl(vcpu, "vmgexit: unsupported event - exit_info_1=%#llx, exit_info_2=%#llx\n", From patchwork Sun Apr 21 18:01:14 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Roth X-Patchwork-Id: 13637420 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 1C1F3C04FF8 for ; Sun, 21 Apr 2024 18:05:40 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id A4EB06B009C; Sun, 21 Apr 2024 14:05:39 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 9FF9F6B009D; Sun, 21 Apr 2024 14:05:39 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 851596B009E; Sun, 21 Apr 2024 14:05:39 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0017.hostedemail.com [216.40.44.17]) by kanga.kvack.org (Postfix) with ESMTP id 659BE6B009C for ; Sun, 21 Apr 2024 14:05:39 -0400 (EDT) Received: from smtpin25.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay07.hostedemail.com (Postfix) with ESMTP id E54F0160818 for ; Sun, 21 Apr 2024 18:05:38 +0000 (UTC) X-FDA: 82034316756.25.23D17F9 Received: from NAM12-BN8-obe.outbound.protection.outlook.com (mail-bn8nam12on2041.outbound.protection.outlook.com [40.107.237.41]) by imf28.hostedemail.com (Postfix) with ESMTP id 06C5FC0006 for ; Sun, 21 Apr 2024 18:05:35 +0000 (UTC) Authentication-Results: imf28.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b=PO5o7L7c; spf=pass (imf28.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.237.41 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com; arc=pass ("microsoft.com:s=arcselector9901:i=1"); dmarc=pass (policy=quarantine) header.from=amd.com ARC-Seal: i=2; s=arc-20220608; d=hostedemail.com; t=1713722736; a=rsa-sha256; cv=pass; b=1ke+9wMOJXiVnVP4PtAXNVbmWyn66jp5u8jieFx9LPPZmq13pT5ik2k6YefEWuBQeRFdvZ wISTWNUQoq/5R1DfP+nqjQxQWX6jRoZ1vzDeR+soPghQM+mJPhXzJn//bB94zmh50bKILj 9LpmYxfp2W3Vts8m9J9Zqx08qNKQNQ8= ARC-Authentication-Results: i=2; imf28.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b=PO5o7L7c; spf=pass (imf28.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.237.41 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com; arc=pass ("microsoft.com:s=arcselector9901:i=1"); dmarc=pass (policy=quarantine) header.from=amd.com ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1713722736; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=u1ja8RHXJaIbh2PVGzrVcY1yY9fmZFt6AG053sx89PQ=; b=S6uczuAFxSk/y2M3k/lJPWpyr4D1q/hTwnrORguI4bQWjb+XSc4RBQSFu0ZxiEn1Biaoep Afx0ZkOhqBgqnJ9iLC3LINY8G6HIUmFEMhGZZE6SFOKGSl9GFpkz9zqhYb9d5bLFashJfS tkjeHx2CPZTKXmWLVn0fc1rur8YSgm8= ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=ZPSHmGuG8eNka05y4OArI3qYG+Pmojcz9i2TcB66GKpSHzDIEdtREjPUx++/l6x0n97wfZLrRHu1aD2NuawIvvlDxQJWNwQegJ8Gr9WOube9/QNZaLRYdyk2sJN/5YdvjTRe2SKlotje73ArkcqMM6Aq6PNpLlu3O7m4rRHtfu+KGUMmWc8GX4WF01HwaK0z3pjZ7asMJJBQfzGZtYLIunmCI9gfyiz1RS6LcWiAOsTPup5rzqh7KsqAB14ROOK7l36iuSGcwP0GyJ1JNq/n6W+X8OMuAm/9DvGKQVZzW2qxllDC9Y6oFyFiSsTz3ZyIBMogiz+lZOOGQvq+NAnSDg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=u1ja8RHXJaIbh2PVGzrVcY1yY9fmZFt6AG053sx89PQ=; b=c2o8C9adjCYfzM5bokHQyjs0GAmhwsjJHcuYPkEQZGFyl4gny/znma2qx78hoYVC6OSC0YpF/AGmS0s0pIhboRAqXbNpQ1w7NvwBJs32gWml5EwuIHs+m0V8JB467H6AlFtenNhJ8oZOA6IsO68rOt5nuerhfJ1XJGp1QNklGLztnLn4Z9Z2x1K/o3NRDS4Oq0Bc5q1I2MkLR4fAPdmVOl4z+uDfqFEYJ1pvNK8gVDCUeRFFovTFCsnKslXtNUj5hGQdwlRnjh6SnGn9CuPbmjqRItyLalAfw8MnMop/VdURIavQ5ygbyLKQGb8eKhbfHGQ7AY8TkphT8iMdBv71+Q== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none (0) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=u1ja8RHXJaIbh2PVGzrVcY1yY9fmZFt6AG053sx89PQ=; b=PO5o7L7cy8+AiJCjiTXgR8VpDjHPU/sdz43fElM3yAxAHEDADeqApujzJCovUyb+wTYk8RQHk9nid3eCdmC4SHN1j7TJkHYCxwxB8jH7hpJsf0NsY8Ih8Jeu4lS62aTo7pbFyRrzeYE0JG5TlYw3Nwzuud1FnMljyCz2VEZoGOs= Received: from BLAPR05CA0036.namprd05.prod.outlook.com (2603:10b6:208:335::17) by IA1PR12MB8586.namprd12.prod.outlook.com (2603:10b6:208:44e::9) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7472.44; Sun, 21 Apr 2024 18:05:30 +0000 Received: from MN1PEPF0000ECDA.namprd02.prod.outlook.com (2603:10b6:208:335:cafe::d6) by BLAPR05CA0036.outlook.office365.com (2603:10b6:208:335::17) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7519.20 via Frontend Transport; Sun, 21 Apr 2024 18:05:30 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by MN1PEPF0000ECDA.mail.protection.outlook.com (10.167.242.134) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.7519.19 via Frontend Transport; Sun, 21 Apr 2024 18:05:29 +0000 Received: from localhost (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.35; Sun, 21 Apr 2024 13:05:29 -0500 From: Michael Roth To: CC: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , Subject: [PATCH v14 14/22] KVM: SEV: Implement gmem hook for initializing private pages Date: Sun, 21 Apr 2024 13:01:14 -0500 Message-ID: <20240421180122.1650812-15-michael.roth@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20240421180122.1650812-1-michael.roth@amd.com> References: <20240421180122.1650812-1-michael.roth@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: MN1PEPF0000ECDA:EE_|IA1PR12MB8586:EE_ X-MS-Office365-Filtering-Correlation-Id: 08a72c89-d34c-4f91-4991-08dc622da164 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: Fj/nMYNjh+mMQS/rR+1N9Dnz0F+VRop69BImcshPFGEU70FRAonn1lks5AzB6V4Ykhkd73YcCmDjAO6M6gwSfCWQpR2AsB+mfcSy8kYbr1IWZ5x1hpKEWL52Fr0Udag7WUDMmqOp/vKMFWEnY4xhteLF1AgrOISV9RaVsy4pqkMf9ECLx+Zcs3YLlgel8YsHQs9Oq1Pw2pKroJN+Ab6lpJYlp3EqYc3fdYgQQ/ZAjUY+hYOOm7XAyrq5A8WxFDaPiAvVTrn74jaTnyw44FyudQEam5eqbWpqKKgpmbW9K3u/87pCm2mQWZQcx7vqIEG9frHuGBkaWAdIgKc0lXpzVeh4fI7lFBEVeVemJZpSDVXLK8E63euxdBrQl+swUSCjmxMYhl3DpICJSDAELVP5DpTzx04+1S893Sgz2a1aqZFaZgHFscHEKhkm95rzDEfSyMiuwgLGCq2yZusSSjYsYjl/stqo3jL/NNTmRAPZdRIzCUw1c7X4PEtpxhzStjKX50Z3dwYiBRcNUJ9cMQm2s4jpXY2womufyadOTMox7bcFuRWQBIGufXJHXbCYOf4iISnR3fHM0LfU5pK4myKIlest0tMzO0T2IuUMl+CrxzmNAUDkM9qP8RWIheYd/7dE/5PI8PPqRO/l1zyULyyXq31fIfIIWk4cjqjCC6hthhwC6CJB2nrSz4xWpSyp91+spRnX1ldW1z2dDazhsN7iBkXvS/gYB8Em2XT8ar37hoK8OX0T7QQIdz65j1sxG4Iwuq1j8WE/3jalre+hY95+VJa1htP5zewS/SdzlaUaZnouRff3uUUSoT9EWxgiVhv+Fik/imqwIry6II2L7nD4Je5Ka5YJkxosqhU4vUAeBaO0YS+ZzJyvc3tk6n/4GLu2BJF8uPozlK3JYcdREfXslB06QgY2cXFOdVzucu9Lq4LPgIzXcyqFRNMjzpiJ94L9qp/qc5NcIY0jMZn5db6LSNVS+WT4dDlZqJ1BFM8kPV9Hb+7+XL4ba123GzMh3KpXXe7dFvOwSYG1y2sHcYANKLOYXY0MxyRSumGe1M79eMc3BfukPzA0qhi1NooUFm2QSVYilwj/zmSMO8SluYwE1makczw6NUXJy41boIZLOWiHfrrGLmzww1d+13MmlvkXuPpfn0H/1LMtuhH9+BAytrvz0D+5nyni/NxsrdNTN1DJiNWlLukuaWJWLr4dy0S38MN3+NhKKoMPTyA7napZLQqjLz1Yi6MqwiS03SQ2Sz7+V37twZV2erl4mSagJlqynX5FEma3ifxNMn55onxFPv0Xmvrrn0sa7Q9ZyrTncC+lOuNsrix2mRSgjOPJ70Judz2gUqeVvpgcwGbcbbNq4TBOL0D4LEOubdzIbeGEgD5HQTvRfHKheCn8X1Gi+SQM X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230031)(376005)(1800799015)(7416005)(36860700004)(82310400014);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 21 Apr 2024 18:05:29.9897 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 08a72c89-d34c-4f91-4991-08dc622da164 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: MN1PEPF0000ECDA.namprd02.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: IA1PR12MB8586 X-Rspamd-Server: rspam03 X-Rspamd-Queue-Id: 06C5FC0006 X-Stat-Signature: sxfsuujza9wp5qdkrqi95nt64e4zxti5 X-Rspam-User: X-HE-Tag: 1713722735-197162 X-HE-Meta: U2FsdGVkX1+ke0AgRiUaJqbjfXxNQtASlARDrEf5hwSOUNQVqR6P9TMG7z84B/BLR5iIqESx5S79/lVtIWbBcDwcyx6KK52tGksWFuwfr4UVOcFDY44St8xo9jiNG/hkcLP842DJAvPa7cmDQ7ddEFEC+mFTi13NJpoFDmb4U2o2e70pl14jOz4lK4EBB68736BAtUzGQU7eiX+tMCGAM/zAkWLxJ2Lcte+7/nJ+jbGt0nDLN5QcGYZZGuPrcafWfnxch5DzyfSac3kWz4sHONVCzlDmQd347luhQqxJWcvDCqsIDzazCYNTnHAV+e4n/UcrACwMwm6vxKwbTxrS3cDc4g6pog1zFvmuUYpU5eEhNl1JTuFvfCnijs5p9jI3Q2mdkOOBvQTlqWYkqiUnPeCj2n5mbXhTlhTHBjuk6k2DKgiscTepdEH7vB3i6AQfUQNdQ2WndjFWqivHgI9YC5KcDTxvpQat29ni5ajhLNCv3IbaRwBshumknG/Rh6DkFXvMsEHdu6QJqGwnAHlR6PT4X9ujfjaJkbA3XnWd7gUo/AqRswmtQmWRbEiPp4BWe/qL+1Vqv0wpqcyTVmhZvaW9tF7l+N7wAxtYI0dTAUr9RUugHOP1yoSyJavXeJsbkotAdyGMJ8h5u/CEA3xmSxaerx69hKZPi7JBGho65AdyJVJVtKiimuSSEDfFpi8NkVG8iVAEQmGAuF7Vwfv4WOO5CQRdRn4JnCoKdbPdw7C5Q+ysFeRiRD+eJaddqN5HLGP7WArs96r2X/nHwxTXJjWEtxPbBXp/e4d5wRJ+Zgzv1xfUhOTUqxixT08K64OuRGvULNxWoLbDoObeiRwhcOV3Rdb44L3Z+nC7P9wrv8PnrOFCAH5vrpAeFiyazo74fB0PioAi9qeRpIZyctnx74fRaEzTA21fzpYTrWlebcvdXfq4QJbLWgxpRMIWNY7gh7NYopxfFekNTcZBmR8 Ohk1gANK p9pFhaRShZ3jOdJf52Oux9C13neNmcJmL/MWE4k+a8/8uKusJGDXHfCMc0Qt2Gns9Ivfrl6DmCTxCEGdMr4bre3VNuk+KJwMiDT7W+GLiTnP3f6nW9d83o5lZ5sH8QRgOENHwMjBoac0QR9EY6Y8yNk0IJjQlzcxrPkMgs0DQ1RE33HlzklrX9H1RSdQCwfdg3lJrTQ+g6TzjEENg2yRIWbKYFqOGGnHy5iexOtCao8X8kxsJXKcnheBd4Ujl5BdaH1t9B0y2BGZDRLQzsNLLs/7S65xhmYxr19QZkUGUaoQIGKPX3OskQDd5lI5FeYyscxJff3OBE9lOoBGrQUY/M0kwtNZL+uAd3WQdxOfmzszMX9Y= X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: This will handle the RMP table updates needed to put a page into a private state before mapping it into an SEV-SNP guest. Reviewed-by: Paolo Bonzini Signed-off-by: Michael Roth --- arch/x86/kvm/Kconfig | 1 + arch/x86/kvm/svm/sev.c | 98 ++++++++++++++++++++++++++++++++++++++++++ arch/x86/kvm/svm/svm.c | 2 + arch/x86/kvm/svm/svm.h | 5 +++ arch/x86/kvm/x86.c | 5 +++ virt/kvm/guest_memfd.c | 4 +- 6 files changed, 113 insertions(+), 2 deletions(-) diff --git a/arch/x86/kvm/Kconfig b/arch/x86/kvm/Kconfig index 5e72faca4e8f..10768f13b240 100644 --- a/arch/x86/kvm/Kconfig +++ b/arch/x86/kvm/Kconfig @@ -137,6 +137,7 @@ config KVM_AMD_SEV depends on CRYPTO_DEV_SP_PSP && !(KVM_AMD=y && CRYPTO_DEV_CCP_DD=m) select ARCH_HAS_CC_PLATFORM select KVM_GENERIC_PRIVATE_MEM + select HAVE_KVM_GMEM_PREPARE help Provides support for launching Encrypted VMs (SEV) and Encrypted VMs with Encrypted State (SEV-ES) on AMD processors. diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c index 1d18e3497b4e..2906fee3187d 100644 --- a/arch/x86/kvm/svm/sev.c +++ b/arch/x86/kvm/svm/sev.c @@ -4366,3 +4366,101 @@ void sev_handle_rmp_fault(struct kvm_vcpu *vcpu, gpa_t gpa, u64 error_code) out_no_trace: put_page(pfn_to_page(pfn)); } + +static bool is_pfn_range_shared(kvm_pfn_t start, kvm_pfn_t end) +{ + kvm_pfn_t pfn = start; + + while (pfn < end) { + int ret, rmp_level; + bool assigned; + + ret = snp_lookup_rmpentry(pfn, &assigned, &rmp_level); + if (ret) { + pr_warn_ratelimited("SEV: Failed to retrieve RMP entry: PFN 0x%llx GFN start 0x%llx GFN end 0x%llx RMP level %d error %d\n", + pfn, start, end, rmp_level, ret); + return false; + } + + if (assigned) { + pr_debug("%s: overlap detected, PFN 0x%llx start 0x%llx end 0x%llx RMP level %d\n", + __func__, pfn, start, end, rmp_level); + return false; + } + + pfn++; + } + + return true; +} + +static u8 max_level_for_order(int order) +{ + if (order >= KVM_HPAGE_GFN_SHIFT(PG_LEVEL_2M)) + return PG_LEVEL_2M; + + return PG_LEVEL_4K; +} + +static bool is_large_rmp_possible(struct kvm *kvm, kvm_pfn_t pfn, int order) +{ + kvm_pfn_t pfn_aligned = ALIGN_DOWN(pfn, PTRS_PER_PMD); + + /* + * If this is a large folio, and the entire 2M range containing the + * PFN is currently shared, then the entire 2M-aligned range can be + * set to private via a single 2M RMP entry. + */ + if (max_level_for_order(order) > PG_LEVEL_4K && + is_pfn_range_shared(pfn_aligned, pfn_aligned + PTRS_PER_PMD)) + return true; + + return false; +} + +int sev_gmem_prepare(struct kvm *kvm, kvm_pfn_t pfn, gfn_t gfn, int max_order) +{ + struct kvm_sev_info *sev = &to_kvm_svm(kvm)->sev_info; + kvm_pfn_t pfn_aligned; + gfn_t gfn_aligned; + int level, rc; + bool assigned; + + if (!sev_snp_guest(kvm)) + return 0; + + rc = snp_lookup_rmpentry(pfn, &assigned, &level); + if (rc) { + pr_err_ratelimited("SEV: Failed to look up RMP entry: GFN %llx PFN %llx error %d\n", + gfn, pfn, rc); + return -ENOENT; + } + + if (assigned) { + pr_debug("%s: already assigned: gfn %llx pfn %llx max_order %d level %d\n", + __func__, gfn, pfn, max_order, level); + return 0; + } + + if (is_large_rmp_possible(kvm, pfn, max_order)) { + level = PG_LEVEL_2M; + pfn_aligned = ALIGN_DOWN(pfn, PTRS_PER_PMD); + gfn_aligned = ALIGN_DOWN(gfn, PTRS_PER_PMD); + } else { + level = PG_LEVEL_4K; + pfn_aligned = pfn; + gfn_aligned = gfn; + } + + rc = rmp_make_private(pfn_aligned, gfn_to_gpa(gfn_aligned), level, sev->asid, false); + if (rc) { + pr_err_ratelimited("SEV: Failed to update RMP entry: GFN %llx PFN %llx level %d error %d\n", + gfn, pfn, level, rc); + return -EINVAL; + } + + pr_debug("%s: updated: gfn %llx pfn %llx pfn_aligned %llx max_order %d level %d\n", + __func__, gfn, pfn, pfn_aligned, max_order, level); + + return 0; +} diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c index b70556608e8d..60783e9f2ae8 100644 --- a/arch/x86/kvm/svm/svm.c +++ b/arch/x86/kvm/svm/svm.c @@ -5085,6 +5085,8 @@ static struct kvm_x86_ops svm_x86_ops __initdata = { .vcpu_deliver_sipi_vector = svm_vcpu_deliver_sipi_vector, .vcpu_get_apicv_inhibit_reasons = avic_vcpu_get_apicv_inhibit_reasons, .alloc_apic_backing_page = svm_alloc_apic_backing_page, + + .gmem_prepare = sev_gmem_prepare, }; /* diff --git a/arch/x86/kvm/svm/svm.h b/arch/x86/kvm/svm/svm.h index 81e335dca281..7712ed90aae8 100644 --- a/arch/x86/kvm/svm/svm.h +++ b/arch/x86/kvm/svm/svm.h @@ -730,6 +730,7 @@ extern unsigned int max_sev_asid; void sev_handle_rmp_fault(struct kvm_vcpu *vcpu, gpa_t gpa, u64 error_code); void sev_vcpu_unblocking(struct kvm_vcpu *vcpu); void sev_snp_init_protected_guest_state(struct kvm_vcpu *vcpu); +int sev_gmem_prepare(struct kvm *kvm, kvm_pfn_t pfn, gfn_t gfn, int max_order); #else static inline struct page *snp_safe_alloc_page(struct kvm_vcpu *vcpu) { return alloc_page(GFP_KERNEL_ACCOUNT | __GFP_ZERO); @@ -746,6 +747,10 @@ static inline int sev_dev_get_attr(u32 group, u64 attr, u64 *val) { return -ENXI static inline void sev_handle_rmp_fault(struct kvm_vcpu *vcpu, gpa_t gpa, u64 error_code) {} static inline void sev_vcpu_unblocking(struct kvm_vcpu *vcpu) {} static inline void sev_snp_init_protected_guest_state(struct kvm_vcpu *vcpu) {} +static inline int sev_gmem_prepare(struct kvm *kvm, kvm_pfn_t pfn, gfn_t gfn, int max_order) +{ + return 0; +} #endif diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c index b20f6c1b8214..0fb76ef9b7e9 100644 --- a/arch/x86/kvm/x86.c +++ b/arch/x86/kvm/x86.c @@ -13610,6 +13610,11 @@ bool kvm_arch_no_poll(struct kvm_vcpu *vcpu) EXPORT_SYMBOL_GPL(kvm_arch_no_poll); #ifdef CONFIG_HAVE_KVM_GMEM_PREPARE +bool kvm_arch_gmem_prepare_needed(struct kvm *kvm) +{ + return kvm->arch.vm_type == KVM_X86_SNP_VM; +} + int kvm_arch_gmem_prepare(struct kvm *kvm, gfn_t gfn, kvm_pfn_t pfn, int max_order) { return static_call(kvm_x86_gmem_prepare)(kvm, pfn, gfn, max_order); diff --git a/virt/kvm/guest_memfd.c b/virt/kvm/guest_memfd.c index a44f983eb673..7d3932e5a689 100644 --- a/virt/kvm/guest_memfd.c +++ b/virt/kvm/guest_memfd.c @@ -46,8 +46,8 @@ static int kvm_gmem_prepare_folio(struct inode *inode, pgoff_t index, struct fol gfn = slot->base_gfn + index - slot->gmem.pgoff; rc = kvm_arch_gmem_prepare(kvm, gfn, pfn, compound_order(compound_head(page))); if (rc) { - pr_warn_ratelimited("gmem: Failed to prepare folio for index %lx, error %d.\n", - index, rc); + pr_warn_ratelimited("gmem: Failed to prepare folio for index %lx GFN %llx PFN %llx error %d.\n", + index, gfn, pfn, rc); return rc; } } From patchwork Sun Apr 21 18:01:15 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Roth X-Patchwork-Id: 13637421 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 7D4AAC4345F for ; Sun, 21 Apr 2024 18:05:58 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 1752B6B009E; Sun, 21 Apr 2024 14:05:58 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 14DB16B009F; Sun, 21 Apr 2024 14:05:58 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id F0ABA6B00A0; Sun, 21 Apr 2024 14:05:57 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0013.hostedemail.com [216.40.44.13]) by kanga.kvack.org (Postfix) with ESMTP id D68CF6B009E for ; Sun, 21 Apr 2024 14:05:57 -0400 (EDT) Received: from smtpin23.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay09.hostedemail.com (Postfix) with ESMTP id 9252E803BD for ; Sun, 21 Apr 2024 18:05:57 +0000 (UTC) X-FDA: 82034317554.23.9DBA388 Received: from NAM10-DM6-obe.outbound.protection.outlook.com (mail-dm6nam10on2079.outbound.protection.outlook.com [40.107.93.79]) by imf19.hostedemail.com (Postfix) with ESMTP id 9C9891A000C for ; Sun, 21 Apr 2024 18:05:54 +0000 (UTC) Authentication-Results: imf19.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b=m49fIUlX; dmarc=pass (policy=quarantine) header.from=amd.com; arc=pass ("microsoft.com:s=arcselector9901:i=1"); spf=pass (imf19.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.93.79 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1713722754; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=1IAnBuGrHv5XET7nTC2pQ71BloNuV9/+sLv+g+toff4=; b=nQY3b2zxKyx3rMI8ZEFbXUXhf0sdyB5sLjF84hjFPiMum/JAO9isu2Z2w28cVBhiiNKoUN UXl6cOfIungKF7z+24nskWkzSkIFg14lIagaJYceg048ztQplRYr75a2mEXnrnS7S77VdK LP43l1FfaLt+Oc1tSkHqZFa9+Lkt3yc= ARC-Authentication-Results: i=2; imf19.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b=m49fIUlX; dmarc=pass (policy=quarantine) header.from=amd.com; arc=pass ("microsoft.com:s=arcselector9901:i=1"); spf=pass (imf19.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.93.79 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com ARC-Seal: i=2; s=arc-20220608; d=hostedemail.com; t=1713722754; a=rsa-sha256; cv=pass; b=AloQdS/pBndVnwKDUE6FtIDXL4D9a3Nx374Qev7EskYrJYqWmkHY2JlllP9E1I+S5DyajK DewgNzoo6tXiQ763KwHDz6vRu0Ffafw/EZyoKsPwd1Q3uOWNR4XPkxeGZU8YyTPshRJPTT Qs6Kf2o3bA/lvzXbS/moS5GX9pEWdSY= ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=b8aEe7jkrfF4E5uYNpP5AEa3h/LG+nZk/FT3s0nYhOg48IDvRxKAq7J7UK/3OOCwue3OqunuL4rjSh2cQR9Pn/FOpflPFNTBqj4wYZMfRfXV8RqasmCcEyYxGe4JKgdhwnm92z2S5GLuG/fdP14+lWFoi04Qdu59AOVQ5CH+/Diy1gJ7PR4CQYKSDtBhT7/i79bfDuDxqDXlN4rpNtOP/8jiiitfsXMRYzYV4Av0aV+OeeA3RhPR96l7tY7WBBXfFi3oqIECBzK2lpVFHPFmanrydT++BZcFH7id5NajxvSp7sB7IM//3PYtrYz86NL7CZaT6xXbJ74O9nOkkUgvpg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=1IAnBuGrHv5XET7nTC2pQ71BloNuV9/+sLv+g+toff4=; b=GCp8x4UI2NXk9KAqf5X+BQ9g6XnNM0l3mRPsBLKuDAGypvJmNwWbM4y07n0U9aiJgmMqF10TKfAFEzezcnFa1Vh2NdeuqyuOaVWF39FW3PZgkaVgcvhrrZj5mt7XAu+WOmS0Q2SAXx7Mu5yW8Y0uaeHYCCHodVnhUyvtOq23X5KkmBfLV66hmIM11UAIX3oowgaxLGEDSfl0UgiSW2uwoXhEwoaeT9O43gkvasaax4D1ZvQqvWzwb9zjbFs9QrRZHjNjqg+BYUyCf7zhpD0V5BoFv3fi/GBzwQvCYlCO4l4J4crCZ1ZR2zP7Yl/vfPnwzJK0HjeUmSz8xiZGNZYnbg== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none (0) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=1IAnBuGrHv5XET7nTC2pQ71BloNuV9/+sLv+g+toff4=; b=m49fIUlXggrPhi6tGTUv2fEshDCT2nEDqc0HYyI01PiZ36PKIHSkTrbtqiJ1ojTOs3bUkJ91lRJE8hHsJXf+ABdJHCNQNRPJt83oyMP/i2ZIGFpXPrAKuPFE8rqy4QWUWs3XhTKYY99ms5/F+EkC+8jVWhnMIBjkVHlsofarIjI= Received: from MN2PR17CA0027.namprd17.prod.outlook.com (2603:10b6:208:15e::40) by BL1PR12MB5897.namprd12.prod.outlook.com (2603:10b6:208:395::14) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7472.44; Sun, 21 Apr 2024 18:05:51 +0000 Received: from MN1PEPF0000ECD7.namprd02.prod.outlook.com (2603:10b6:208:15e:cafe::3e) by MN2PR17CA0027.outlook.office365.com (2603:10b6:208:15e::40) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7472.30 via Frontend Transport; Sun, 21 Apr 2024 18:05:51 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by MN1PEPF0000ECD7.mail.protection.outlook.com (10.167.242.136) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.7519.19 via Frontend Transport; Sun, 21 Apr 2024 18:05:51 +0000 Received: from localhost (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.35; Sun, 21 Apr 2024 13:05:50 -0500 From: Michael Roth To: CC: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , Subject: [PATCH v14 15/22] KVM: SEV: Implement gmem hook for invalidating private pages Date: Sun, 21 Apr 2024 13:01:15 -0500 Message-ID: <20240421180122.1650812-16-michael.roth@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20240421180122.1650812-1-michael.roth@amd.com> References: <20240421180122.1650812-1-michael.roth@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: MN1PEPF0000ECD7:EE_|BL1PR12MB5897:EE_ X-MS-Office365-Filtering-Correlation-Id: e741124e-f421-4beb-6fe7-08dc622dae20 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: csPeDVrNlJZJG62QCgZn+G0FTJFPpnXRTl1PONOpbPaTNrQCXFJ8tvCai2FE2PSjTt4v8BpEoUP7/VYtvI4gyS2GqQMtBF2ylDaHT3mfaNUj94e/mJ7LlUqYiGRX3QCZixZAGPVCMwGioNWnfi2SxDsdZvsKxC9lHadrdPXoRbpIXUUD/hO+QERzYOBzw9fmi0bBrJC2TBZUN3NPXHtG3+DeSluTnAC+IH0Y0Litu3QdES4WrFc7+K1M0dB95gIGB9iF8eHpOdaY0frWt/VU7aYkaMs06+GjXgkMVNbh3Ey5y5bU6G+t9l6YdRpXk2u6Q3ohMmrgkDNo2p9dy+H+HmENil73z0Pt1RqPycZHbEFpKC2dmUzIL74n+D9c09Dtq/u0DxuXiw1WG0UCo8t00rgPZdpZoRUgFjdRFCCYtc/2atEvP5PLpi3u3eEEmp3nvktAoRhkqndwtZeKIM59kfecJkjUFTK8MlkZIMMtnywqcqD4Te6lV48dxxjZr7DYKfr6XRR9YDPxd1gX0zgjEBmzsVYKYFt8C4U/IC0IgQZcWixS38yOTkxUrtAitaVcaALtMR5ul1L2Bnv1JajlPVatwzEG40rBxDvdAlZLKdfMjU2+y0DUDlvbxvffgG3OVGHtHOgIaGsTeBuaUN0qmVagiBnHoKZiMM8O2NF0AxXxcqWQw3thhjwAUpWsFVwvtHgkzk2lqcV5VjcB7hU7AhaqbPmIeuqiu7DgfaM/Etce1oJulVl0HaXdrHPsdeNiUMIWlQ1OT6NsQyxJsqjc1XBIr8vKk1PcyKYrBLyPb5ZNUdStQbXh5L/xLknu9vP2GpL/53VC2bKzY/KZk7IGf1Nr1/b+WxY5kxmqC0FTwxPAsawRWTI+j14UhQ+rBf49v9TqbhxFPCG+B/oHCjuRyZuHU61N+j7uXW3VOkUyOsTl3qRNog4wo8xMY2FCXqnsTTWYNtybcMytSwqgKmDJKjaJX+yy7eNzJMZOts/OIJYNftGAHiTAH5ZJISrKkZA0dKENCJWQjc091XexWW/8PwMEAwTILEuoQ4b7btYY5KuG9C1fJIpLib8wL98ehi3XuHc4RMmhxM+OffGN+2vPjWTqkTR9geX2o3vCjfnx3Z4qT5IQjInGh+ZLMYKVB+Af8LZSdVNZQDirhzNZ+BUsHmAlk1FgLDYYkwsybBRRYtPR1X0I1C1PZPvUQaS+qbjcxtee5I5zLrZBtTBIFdeDvfNfZX8FTFG6tj5n8+okTa+JRxhJy+PMR+FbXxSXYLeVNQYpHT1tGQqFntCjKNIawXjGsMs3miqPyDErn0M9d/v+H9l4+mmMOE8yrIg7OiJI9RWH6YgMcAWV4GHkfoeikYRsa3YsQN5WAnyn3TsoVac= X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230031)(376005)(1800799015)(36860700004)(7416005)(82310400014);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 21 Apr 2024 18:05:51.3554 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: e741124e-f421-4beb-6fe7-08dc622dae20 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: MN1PEPF0000ECD7.namprd02.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: BL1PR12MB5897 X-Rspamd-Server: rspam04 X-Rspamd-Queue-Id: 9C9891A000C X-Rspam-User: X-Stat-Signature: p6queyxkt38kgty3h8hestuw6jreaat6 X-HE-Tag: 1713722754-50417 X-HE-Meta: U2FsdGVkX1+isCCaxLo8QOAc7QUJ/jG4st2O/L5QRwLerQR46mMucB7jyRJ97P9za69Ka7kjyRXB1YR+rkxEn9OGZR0wctI91iewThmQF216kaxOd+HvAQCmkT4xjl+xYgoLgWJSAabVChyd0MBHlzF3gcsKMn3OeK9FtGyuaCgiKajhJildUU2WuO1dz/eOjDvw/BfvfZCgdgWRYaKsc/f3VwTJRIbXp6Tbh3u2UzDIDBXWaThHJiBjfcGGJI9JgoaHDOZHOtycqSt0ZTXBP95lIQ6ImFPji7E3Hhs3fadviuwP9Ab+rUNOqsYL9ko0E9EaF7gSDfa3VsOQxioNgAwhdFtyCJz/ujeE1kELFuW7GCTvPYigczR7b/nHiX1Rhqks5b3v3KrqAy8J0r9EkyZIHGs8Qo821qIm0RtwbbITQBVO49S5WmEBMiPvDtX4zFFKkszEQoKyZfu2HRvM6+rh1bYo8CQXYaq7bla+1YbIwQiIxjcRpUK19angsZ5WMNhiFpoP0+kvNeblhdg6EvEsHA+51YZ3qbyIjxjTtl2cImsCqanXekW6OT4oSKcpICXrAnYq6HJClLd83xNUKaW22UuIKcKSaAL3lp/n+l5DGHqxaZ0/RTMghhU+0dHxa+BjAHDuhTadVp6SIM51FHtgOJS+552an/Rb4oIEfG1tVAyoi52RzJ20a+qsQYHe0wTnzNJ0yOVwPyK7rLtDc1bKZT8Ly3/tTh2G93GrDIYgpcrA9EzVNAMPq8imDb/aACaQG5Oapuzxqkt6atk+4PZRE/ksv0/v7HTi+XeRl1N4A7b8oPJvQlEoAV6ZAYzk5ReCktBlSX36ayic7YOJdtHtoolCiL7JPTpYPMmstg8Wz/NsR7Ei/v6zMU1DjKSbohQoJ/h2HtQzxR6jfCNu2RMs3AroquuCeklQN/jEnLUXQrjcCGbXZXPnW7p5vrE5YOXbJTKfI9fMTqtltsy QiWrJv0A x5cjBfFm8Iz0vENKLyDmuU1tun8nTy7YSVQ51IpI9QAJ5h8+aFzAQ9zVKqQzH9zHJz+TmLUp0rgDQkZLZn3FH9taNwgug3hQB6iduZgVhzotXkHSmj9e0cOrsB7Oemkxo09TxjNb/WtLc4do93J+l49NWE3VAUybn9vN2mTSW93fC+ZsJQqdcdg9g4WPtzCRGOEjozI2xvhWg/A3n3OL0hNO+kC2OI+RmOqHYt65zoj33PwoJcvCYCrQJzpB0PCJEtDzNEQOeVKGY4dRnUgC3v/05l7PJkF78Hy966/d8reLF2e/vEH4czPJfgYe/xlj7dHObcrdR2gxPbXU= X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: Implement a platform hook to do the work of restoring the direct map entries of gmem-managed pages and transitioning the corresponding RMP table entries back to the default shared/hypervisor-owned state. Signed-off-by: Michael Roth --- arch/x86/kvm/Kconfig | 1 + arch/x86/kvm/svm/sev.c | 64 ++++++++++++++++++++++++++++++++++++++++++ arch/x86/kvm/svm/svm.c | 1 + arch/x86/kvm/svm/svm.h | 2 ++ 4 files changed, 68 insertions(+) diff --git a/arch/x86/kvm/Kconfig b/arch/x86/kvm/Kconfig index 10768f13b240..2a7f69abcac3 100644 --- a/arch/x86/kvm/Kconfig +++ b/arch/x86/kvm/Kconfig @@ -138,6 +138,7 @@ config KVM_AMD_SEV select ARCH_HAS_CC_PLATFORM select KVM_GENERIC_PRIVATE_MEM select HAVE_KVM_GMEM_PREPARE + select HAVE_KVM_GMEM_INVALIDATE help Provides support for launching Encrypted VMs (SEV) and Encrypted VMs with Encrypted State (SEV-ES) on AMD processors. diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c index 2906fee3187d..ff9b8c68ae56 100644 --- a/arch/x86/kvm/svm/sev.c +++ b/arch/x86/kvm/svm/sev.c @@ -4464,3 +4464,67 @@ int sev_gmem_prepare(struct kvm *kvm, kvm_pfn_t pfn, gfn_t gfn, int max_order) return 0; } + +void sev_gmem_invalidate(kvm_pfn_t start, kvm_pfn_t end) +{ + kvm_pfn_t pfn; + + pr_debug("%s: PFN start 0x%llx PFN end 0x%llx\n", __func__, start, end); + + for (pfn = start; pfn < end;) { + bool use_2m_update = false; + int rc, rmp_level; + bool assigned; + + rc = snp_lookup_rmpentry(pfn, &assigned, &rmp_level); + if (WARN_ONCE(rc, "SEV: Failed to retrieve RMP entry for PFN 0x%llx error %d\n", + pfn, rc)) + goto next_pfn; + + if (!assigned) + goto next_pfn; + + use_2m_update = IS_ALIGNED(pfn, PTRS_PER_PMD) && + end >= (pfn + PTRS_PER_PMD) && + rmp_level > PG_LEVEL_4K; + + /* + * If an unaligned PFN corresponds to a 2M region assigned as a + * large page in the RMP table, PSMASH the region into individual + * 4K RMP entries before attempting to convert a 4K sub-page. + */ + if (!use_2m_update && rmp_level > PG_LEVEL_4K) { + /* + * This shouldn't fail, but if it does, report it, but + * still try to update RMP entry to shared and pray this + * was a spurious error that can be addressed later. + */ + rc = snp_rmptable_psmash(pfn); + WARN_ONCE(rc, "SEV: Failed to PSMASH RMP entry for PFN 0x%llx error %d\n", + pfn, rc); + } + + rc = rmp_make_shared(pfn, use_2m_update ? PG_LEVEL_2M : PG_LEVEL_4K); + if (WARN_ONCE(rc, "SEV: Failed to update RMP entry for PFN 0x%llx error %d\n", + pfn, rc)) + goto next_pfn; + + /* + * SEV-ES avoids host/guest cache coherency issues through + * WBINVD hooks issued via MMU notifiers during run-time, and + * KVM's VM destroy path at shutdown. Those MMU notifier events + * don't cover gmem since there is no requirement to map pages + * to a HVA in order to use them for a running guest. While the + * shutdown path would still likely cover things for SNP guests, + * userspace may also free gmem pages during run-time via + * hole-punching operations on the guest_memfd, so flush the + * cache entries for these pages before free'ing them back to + * the host. + */ + clflush_cache_range(__va(pfn_to_hpa(pfn)), + use_2m_update ? PMD_SIZE : PAGE_SIZE); +next_pfn: + pfn += use_2m_update ? PTRS_PER_PMD : 1; + cond_resched(); + } +} diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c index 60783e9f2ae8..29dc5fa28d97 100644 --- a/arch/x86/kvm/svm/svm.c +++ b/arch/x86/kvm/svm/svm.c @@ -5087,6 +5087,7 @@ static struct kvm_x86_ops svm_x86_ops __initdata = { .alloc_apic_backing_page = svm_alloc_apic_backing_page, .gmem_prepare = sev_gmem_prepare, + .gmem_invalidate = sev_gmem_invalidate, }; /* diff --git a/arch/x86/kvm/svm/svm.h b/arch/x86/kvm/svm/svm.h index 7712ed90aae8..6721e5c6cf73 100644 --- a/arch/x86/kvm/svm/svm.h +++ b/arch/x86/kvm/svm/svm.h @@ -731,6 +731,7 @@ void sev_handle_rmp_fault(struct kvm_vcpu *vcpu, gpa_t gpa, u64 error_code); void sev_vcpu_unblocking(struct kvm_vcpu *vcpu); void sev_snp_init_protected_guest_state(struct kvm_vcpu *vcpu); int sev_gmem_prepare(struct kvm *kvm, kvm_pfn_t pfn, gfn_t gfn, int max_order); +void sev_gmem_invalidate(kvm_pfn_t start, kvm_pfn_t end); #else static inline struct page *snp_safe_alloc_page(struct kvm_vcpu *vcpu) { return alloc_page(GFP_KERNEL_ACCOUNT | __GFP_ZERO); @@ -751,6 +752,7 @@ static inline int sev_gmem_prepare(struct kvm *kvm, kvm_pfn_t pfn, gfn_t gfn, in { return 0; } +static inline void sev_gmem_invalidate(kvm_pfn_t start, kvm_pfn_t end) {} #endif From patchwork Sun Apr 21 18:01:16 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Roth X-Patchwork-Id: 13637445 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 48562C4345F for ; Sun, 21 Apr 2024 18:06:21 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id CC1AD6B00A0; Sun, 21 Apr 2024 14:06:20 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id C7A676B00A1; Sun, 21 Apr 2024 14:06:20 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id AC5366B00A2; Sun, 21 Apr 2024 14:06:20 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0010.hostedemail.com [216.40.44.10]) by kanga.kvack.org (Postfix) with ESMTP id 916556B00A0 for ; Sun, 21 Apr 2024 14:06:20 -0400 (EDT) Received: from smtpin03.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay02.hostedemail.com (Postfix) with ESMTP id 1BA35120974 for ; Sun, 21 Apr 2024 18:06:20 +0000 (UTC) X-FDA: 82034318520.03.DD666A0 Received: from NAM12-DM6-obe.outbound.protection.outlook.com (mail-dm6nam12on2081.outbound.protection.outlook.com [40.107.243.81]) by imf17.hostedemail.com (Postfix) with ESMTP id 204DD40006 for ; Sun, 21 Apr 2024 18:06:16 +0000 (UTC) Authentication-Results: imf17.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b=dVPOefbd; dmarc=pass (policy=quarantine) header.from=amd.com; arc=pass ("microsoft.com:s=arcselector9901:i=1"); spf=pass (imf17.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.243.81 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1713722777; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=uIkMtRSRO7fH3cVhAkacQeEXCXRCe0mzWjsGllchBtU=; b=RwCB2bQeS9F6K9SU6PL11qM9Ho50/rSFz7GbMkhRwnc3MTlANWVqwJ1XXeMlc2jYRjCd1N JjwVZYLyyF7Qjxw4LbcfJ/3YGBH/c4ydXyNm0wI6XpnIYsyFu354+05YnBDXXbtA4SsVjA eS3kvhtA89JrKIuWQF0GbR4YvWDyqL8= ARC-Authentication-Results: i=2; imf17.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b=dVPOefbd; dmarc=pass (policy=quarantine) header.from=amd.com; arc=pass ("microsoft.com:s=arcselector9901:i=1"); spf=pass (imf17.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.243.81 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com ARC-Seal: i=2; s=arc-20220608; d=hostedemail.com; t=1713722777; a=rsa-sha256; cv=pass; b=e8nJ4pF3vlaPqPveYposMp6JCX9dPMnnLPVrmJENoDNLOArsebESKh6DLl4y1Pp6+nxZnL kswoBY3hMc2SoTOYZ6bLMCDp9QJc1nbG5op5UMdr30/AuQcK/lKXJX/mJKNdA77bflnRUW CqoE2Q3z0n5UkE4jrbmIzbBlUk1Bh3Q= ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=mZ9MXYRG0BBxEVKhVyT5Z0fMvaBNYVNTnAgyaQWnCOLk8f31linBlwyNvubIVAONGshkJMwpwKpN3zMvLlfR0SNqNpDwCj1O2+0Fn43PdcFOKRbpEDotpYcRKtgMr5nJI+MlIOWEB0fvZOEhrIst+gqc2hzbyVCiby33PsPJSDmXycxmgdH47HHpYsppqzsteIeURea8zJFC5pXgkzvXJtHlNLBpldSH9AHo8h01fOpKd2rqWYEBaBeu45yEBwinSH7bwRjo3tXCjN0KV2H01Oqr7atlCGj0yCcJ79DSMA95/bLmsjZxssAKhcFkk2HKPV9c0MWgU37F1RZhLEXJQw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=uIkMtRSRO7fH3cVhAkacQeEXCXRCe0mzWjsGllchBtU=; b=ZIQ6VU8vxxXO9IIdslJFCFMFYGxEoUZUGUXZw+jjIZaCAHZECUbrrwaO00U5h744v+BAaMLpjeCDD+UjegtU37+1JPDqaQbY2AmLjj0dzr3pLsd6r2G32mzTV8UbGaprhX+rEgSO178vVlUhZoPEg7d9WLLPYlTbWwyYl4Qdie3omtc4RVAaXNUdgiVDGZdk3Fm1Ix0RHke47QrTH9XR2tyIwGA1g3goF5OuX2YLUDd0/yoF8lZb/ELHXSt6UFlChVQf8JSK8awSgPgS4Y1dQnalSEJrSH+ybFe8Wdl1JDfFHdX4T1qZKmYOhU7nhT2LS6/OE2M1ji6XLA0JT2g20A== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none (0) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=uIkMtRSRO7fH3cVhAkacQeEXCXRCe0mzWjsGllchBtU=; b=dVPOefbdIpWbBZO/Z1RhRtuNxaDcl0zh7xkg0pFVTpheIp6NHPPQiaNVts2YKKx7QvENdGOfVHHH7vsZXbz64krAiJTG7zSy17T5cLF3wO/AqWnDap7lxseNSVdTGqF/gHB3ETHufoC7r9xHI12pZNjpIJyAzWx83VbNZEIqXIQ= Received: from BLAPR05CA0036.namprd05.prod.outlook.com (2603:10b6:208:335::17) by SN7PR12MB7855.namprd12.prod.outlook.com (2603:10b6:806:343::14) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7472.44; Sun, 21 Apr 2024 18:06:13 +0000 Received: from MN1PEPF0000ECD4.namprd02.prod.outlook.com (2603:10b6:208:335:cafe::b5) by BLAPR05CA0036.outlook.office365.com (2603:10b6:208:335::17) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7519.20 via Frontend Transport; Sun, 21 Apr 2024 18:06:13 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by MN1PEPF0000ECD4.mail.protection.outlook.com (10.167.242.132) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.7519.19 via Frontend Transport; Sun, 21 Apr 2024 18:06:13 +0000 Received: from localhost (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.35; Sun, 21 Apr 2024 13:06:12 -0500 From: Michael Roth To: CC: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , Subject: [PATCH v14 16/22] KVM: x86: Implement gmem hook for determining max NPT mapping level Date: Sun, 21 Apr 2024 13:01:16 -0500 Message-ID: <20240421180122.1650812-17-michael.roth@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20240421180122.1650812-1-michael.roth@amd.com> References: <20240421180122.1650812-1-michael.roth@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: MN1PEPF0000ECD4:EE_|SN7PR12MB7855:EE_ X-MS-Office365-Filtering-Correlation-Id: ebf4550d-c5e9-442d-29d0-08dc622dbb4b X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: kuJRvVWvpkNCyoQBgjjAx1z3yn12tzygLsvdu2fAcwaSquc3FsXgyTGBHgOLTXLMt057UuwF1AGq+C+kOFipSLSnWu9TfrdlcZUr0HZ8FLnKYTu+oUGi+zfkxwaYUcPqOzbEhCtnNChHKP7YiQlfpwKo/9qSm3ceJ3WTiu7jPrUH9pWGexmykyzDK3PJcfBY912qR13AunLbypebDksJt1iKlUSqTv0FuXjhJoYVh0ST2dDQymCjeYtnoT9EJIKNYBT+76t6kKgUV21Or801hwdPYuorCZUQDcFJjaF0y168qj9yeeipkznjKSufxEqaNyJxGGl2vq/BjOnHl4LRcSWmGP0a/9+7he7rlHJdC22DpVFUVkdihm+yH93AwyBhPwTJeGiYf8OGIei4kOkAR4oe2bAXllUz1MqTRj6L4pHgMLZw3ABTbx0Bp8MgLDVNXec7/JV1SmLXIHE46Uu0NL14uesLrvvFNF79383vNUKTAyeOOKBty45AQ/8o6+YEJE36wiRnJp1E2TiKjUDeg2omQp7HP2eoAHzfV8MiVzK2N+NKZWysiE7ylsVXwdnR7faRjDXC4PVZiQDVFw1JwjEMjg8Wj3byoLfiIeotvnm5QMkVUGxAeO3z99Jn1qmxhSMByu5cpHXt7tCjYwjD6+6LPxk7C5M4fPDfdyreqQkQ1jx1Xg3XrSymIEnaa6JvWdljhT8tGNNUYnHr2lFgFybQ+sRZ7jeYvyoxYdrCl54U5PXnZ5pQhoEOwvv66PPAQiBBBnh8qdGJHG2DrRr1VWh/sM+fwysvEbEc2TM9MWKzent3fhVREVOIKP9kHraaRB9V3xiq5AWI44H+zEtptK9yRKrabr2AUQT+kp3E3zMsOiPVAQUBZX0T9k1ZypPyDNAYsIjr42KsA3Op2a+jipHZdrpC3hd/OaecyUs7uG6lUVcXUFDKIF0O6hVvxYHdaMP75ZL/3nvRl1V0iQPC40kXi/ZfOuVL6APoOOoxfbBn6UJhXL+VZEGZCvGsKNTM6jZCoWzIxnWoKKzQy+A22fRUwwjucQwwQ3Y3w+c4U2aTD/jAVXR/3uuVFoOGXaIHunJe8b9eQQ5OfwzciFLhhdmlaqBzBilir81UueZXpFwZQcgpjr+9NeVWpCYYAJT4tu9FjwxZJssHMkgjfiI4559cOhqRAeIP0auzHLhEyflymLj3DWR1YkudVreVwoOmLmFusuqCHq9Fyo64bhLGPZ4oSFMrRrSWQwBMaASFIxx5bJUATfcdmERIzikxCotj3m+mKIS8Jqo/iFADza5YcEqXdveDwSI7MrTHFYC+eNKSjvtp9J7/CjEqkZMl7Ie9JtqzKvDArHEK2QAOjMvy2dAUyBMVzZfk3uV2CVd+SrONLQRdBqXdEoumT62VW8Pj X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230031)(376005)(1800799015)(7416005)(36860700004)(82310400014);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 21 Apr 2024 18:06:13.4459 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: ebf4550d-c5e9-442d-29d0-08dc622dbb4b X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: MN1PEPF0000ECD4.namprd02.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: SN7PR12MB7855 X-Rspam-User: X-Rspamd-Server: rspam08 X-Rspamd-Queue-Id: 204DD40006 X-Stat-Signature: bnb1iwa6qiwuw43r717ctrhexk54bh8x X-HE-Tag: 1713722776-926521 X-HE-Meta: U2FsdGVkX19gO13Kqv/d/tgJCj4qz9nfIdwCLXtC6IxNLBdK21vBmcrIJQSXjSKsvinAnD7mJsc5WZR5lzZCtwpry3CaV2NJ6fZnN+PDbVDsCbGQyfPkTmP7DH0SUFWWDhsYaq2eVo6y7nLjH9Up0b2SFSQGdgClAKjFWr1kfKApVVeKix49DDHGzLfPdgrkcH4IIkMhLPLS/yXCVgomDPbKWNtr5+CGbIJV9oKYwWQDCO8TEsPqZhuGhaekpGrNQfYmq+XoTneiGq/ucRIN6AMx4BWbiUEgjjoYAVZrIyy5ZxgmDxgy5yDZbkgeZJSsTQ3nyYV6ct4W7YhleZw9QkrBvK29W8Y+KxrYQpLOQHJoc/WVAuJMCp+EcdjUN4HbTu4h0T+85IbDdc6BFxeUY8w+ZtgUsur7lVneQhziEiijDthdADRwgDGcy9rPQnwUQu4j5kBu/YG+VyKbtMzjr/FB+yNJlFo6FY6Vbcsk7/E8/wdTyVXbfxIr+Aig4TCuOUP5l6hlyvHg3cFLWyPBM2KFibadhZMT9dn5qY2CQU3LaFIR0pIw8x6NIO0rfwhWemJ6zpMHSBEIsnnVqF6omM9p3fLGPn4gqD25wQlTwgiKOpwOBMSk0Q3kIMHTQXWAmh0elaGGcpXK+QokUgc6AxZTEevsZkukKMLiTraKF+t1Htex6vOvFqX5IsH8mZadvfNHBz3BbgfnATBucObT4g3unlnH/OEHQGfNRZCcbDfFA/Mi8S7HegLn5Qwyw3OxkRAvOpUGepLOzlRVpALPgW7tycL1NCsPBCb/gjmc2KJrNrISdKJSmgVWDH5dNLVHtzPG0p/Dt2cHGaXSshuySWA1bSH6/lcQxmhnkahVmqvWMOV2gaBeFpcbu86ZvFkegu9PsZDUvcPOP8mcjmlZZ5Y6g42gzPcDke2OFtz93nNumTMYzyykVubBnjQ6XpNyP/clqVPF49qllEm+oyx o+k8jeop gPkftw1DW26DXyEE4OJFXxfC2w+EIa0kvwmCM0fQbOuLyS4YTs7j7vvju16kjnyIeD5jkm9aNTVksNoH0XQOWw3RT2xxnD/mhG5rwiEeXZtKL/3bYVCnxmz575J8qLTdQE6p82WIQMVXusq+vT67BL6tLrrVEvUn5OA9OILV021czgUmyrpda/Kji0YRD/Sdzx3LHD5xdFBjiQ7fJ/40QRNsj8/oFetHPsupFivn9Y3OwuzL9N3QAvP/5n328oEOqdwz3pzH0eBdAFcBTll6YieY0LVxqFkUTJNENH2ikD2reOgAZ5Nk+w5U4Mo+AlJbmZiG1aHvabLlrZ1Zz/y194EwiPW57byGAvz/1hY3Nkb96hpc= X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: In the case of SEV-SNP, whether or not a 2MB page can be mapped via a 2MB mapping in the guest's nested page table depends on whether or not any subpages within the range have already been initialized as private in the RMP table. The existing mixed-attribute tracking in KVM is insufficient here, for instance: - gmem allocates 2MB page - guest issues PVALIDATE on 2MB page - guest later converts a subpage to shared - SNP host code issues PSMASH to split 2MB RMP mapping to 4K - KVM MMU splits NPT mapping to 4K - guest later converts that shared page back to private At this point there are no mixed attributes, and KVM would normally allow for 2MB NPT mappings again, but this is actually not allowed because the RMP table mappings are 4K and cannot be promoted on the hypervisor side, so the NPT mappings must still be limited to 4K to match this. Implement a kvm_x86_ops.gmem_validate_fault() hook for SEV that checks for this condition and adjusts the mapping level accordingly. Reviewed-by: Paolo Bonzini Signed-off-by: Michael Roth --- arch/x86/kvm/svm/sev.c | 32 ++++++++++++++++++++++++++++++++ arch/x86/kvm/svm/svm.c | 1 + arch/x86/kvm/svm/svm.h | 7 +++++++ 3 files changed, 40 insertions(+) diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c index ff9b8c68ae56..243369e302f4 100644 --- a/arch/x86/kvm/svm/sev.c +++ b/arch/x86/kvm/svm/sev.c @@ -4528,3 +4528,35 @@ void sev_gmem_invalidate(kvm_pfn_t start, kvm_pfn_t end) cond_resched(); } } + +/* + * Re-check whether an #NPF for a private/gmem page can still be serviced, and + * adjust maximum mapping level if needed. + */ +int sev_gmem_validate_fault(struct kvm *kvm, kvm_pfn_t pfn, gfn_t gfn, bool is_private, + u8 *max_level) +{ + int level, rc; + bool assigned; + + if (!sev_snp_guest(kvm)) + return 0; + + rc = snp_lookup_rmpentry(pfn, &assigned, &level); + if (rc) { + pr_err_ratelimited("SEV: RMP entry not found: GFN %llx PFN %llx level %d error %d\n", + gfn, pfn, level, rc); + return -ENOENT; + } + + if (!assigned) { + pr_err_ratelimited("SEV: RMP entry is not assigned: GFN %llx PFN %llx level %d\n", + gfn, pfn, level); + return -EINVAL; + } + + if (level < *max_level) + *max_level = level; + + return 0; +} diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c index 29dc5fa28d97..c26a7a933b93 100644 --- a/arch/x86/kvm/svm/svm.c +++ b/arch/x86/kvm/svm/svm.c @@ -5088,6 +5088,7 @@ static struct kvm_x86_ops svm_x86_ops __initdata = { .gmem_prepare = sev_gmem_prepare, .gmem_invalidate = sev_gmem_invalidate, + .gmem_validate_fault = sev_gmem_validate_fault, }; /* diff --git a/arch/x86/kvm/svm/svm.h b/arch/x86/kvm/svm/svm.h index 6721e5c6cf73..8a8ee475ad86 100644 --- a/arch/x86/kvm/svm/svm.h +++ b/arch/x86/kvm/svm/svm.h @@ -732,6 +732,8 @@ void sev_vcpu_unblocking(struct kvm_vcpu *vcpu); void sev_snp_init_protected_guest_state(struct kvm_vcpu *vcpu); int sev_gmem_prepare(struct kvm *kvm, kvm_pfn_t pfn, gfn_t gfn, int max_order); void sev_gmem_invalidate(kvm_pfn_t start, kvm_pfn_t end); +int sev_gmem_validate_fault(struct kvm *kvm, kvm_pfn_t pfn, gfn_t gfn, bool is_private, + u8 *max_level); #else static inline struct page *snp_safe_alloc_page(struct kvm_vcpu *vcpu) { return alloc_page(GFP_KERNEL_ACCOUNT | __GFP_ZERO); @@ -753,6 +755,11 @@ static inline int sev_gmem_prepare(struct kvm *kvm, kvm_pfn_t pfn, gfn_t gfn, in return 0; } static inline void sev_gmem_invalidate(kvm_pfn_t start, kvm_pfn_t end) {} +static inline int sev_gmem_validate_fault(struct kvm *kvm, kvm_pfn_t pfn, gfn_t gfn, + bool is_private, u8 *max_level) +{ + return 0; +} #endif From patchwork Sun Apr 21 18:01:17 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Roth X-Patchwork-Id: 13637446 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id E7F50C4345F for ; Sun, 21 Apr 2024 18:06:40 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 7B84D6B00A4; Sun, 21 Apr 2024 14:06:40 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 767A56B00A3; Sun, 21 Apr 2024 14:06:40 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 5E1546B00A4; Sun, 21 Apr 2024 14:06:40 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0016.hostedemail.com [216.40.44.16]) by kanga.kvack.org (Postfix) with ESMTP id 40A6E6B00A2 for ; Sun, 21 Apr 2024 14:06:40 -0400 (EDT) Received: from smtpin13.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay02.hostedemail.com (Postfix) with ESMTP id EC541120A30 for ; Sun, 21 Apr 2024 18:06:39 +0000 (UTC) X-FDA: 82034319318.13.00CBD04 Received: from NAM10-MW2-obe.outbound.protection.outlook.com (mail-mw2nam10on2072.outbound.protection.outlook.com [40.107.94.72]) by imf13.hostedemail.com (Postfix) with ESMTP id 116322001A for ; Sun, 21 Apr 2024 18:06:36 +0000 (UTC) Authentication-Results: imf13.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b=wn40Le87; dmarc=pass (policy=quarantine) header.from=amd.com; arc=pass ("microsoft.com:s=arcselector9901:i=1"); spf=pass (imf13.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.94.72 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1713722797; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=hcTo69bz2FR2QQt37dRJeiSzEAGpfA9OYhZgvIIVOpk=; b=Zvgse71Xgz0IrcN1+4Kt3/hTYhK7qqS/fj1QPd0OC5Mu8VgS3+H7KXDt4skAc6A8T+7vD9 vln4leHTw95mvcyQSTqCV5vlcEci/VAyBWpV+QiectJqPidBdOMCqzP4zNtKGHMukhPtQK GoZVX/KSUoATqLK3Le3Rs1DBPdDQg9Y= ARC-Authentication-Results: i=2; imf13.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b=wn40Le87; dmarc=pass (policy=quarantine) header.from=amd.com; arc=pass ("microsoft.com:s=arcselector9901:i=1"); spf=pass (imf13.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.94.72 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com ARC-Seal: i=2; s=arc-20220608; d=hostedemail.com; t=1713722797; a=rsa-sha256; cv=pass; b=DRrJ4VQdTGaM5jYN39bgIGSXJO+z4QbKvL2PxhtmfeVwPz2zGwMEoIlU91W/OWoU6W9S31 QpnFd/ytki0or9xG0zVm7UygnaKnp/kTPkd/Ra4naiC+3VAXbicPPOkZLGw2Jxy4GxNLcc exfncoOJyLo/lWIXWiIE+gOHVluW6dg= ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=B7RU7YIic+iI1r/IacHFYbq+brVmTBzDBCSopRnpU4YQsvzNvlnXD2HDS6wgUd4N5D4+fDRhAi8x554xZoW8+35mufO3xMRPooayY7vlLucHB9nO9tzID+5BZp8jsE+aXoXWlX7XEDnu2DwZOODo3NKOph23u/YtD3sP6LG+84dJMxN7xrcpbdVwjdnQtK6/qu3zrfeeKq6Bxkt2Vk+HT3u1s3n6qcBzEVcbTwjjk8cVXeS+tMQcu0klNi0/R7fc/QgSFEv+YbZBF5W3Jowj+pkRmxe5qr5G7tLKheKZI3DoP2RflsiemD7KPPRDruGbemYk909FsU/vWkE4QUZtMw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=hcTo69bz2FR2QQt37dRJeiSzEAGpfA9OYhZgvIIVOpk=; b=h8KRNLhd7HOd+RFMRj0JkB4ChnFtdPjFBJwfjDwJyg2yhTG1vAa13V9lnFqeiNCMl2v1k614rtFtdGr0Nv5OfGMiLrC4rBb0qYwB73H68HnIeeGyoWmoW96hVmMoRw3IMkE8BL37kdO8TX8QSiTTDjYoSQ5yIAsjcVTG8+mu7Rmp+Svy9ml79WVGVfgs7ljd/6Tuo7iOpjJnsgP9YEJR9xcn7jPYSRgONQBmfP2QeNraZbbI68MrNilqVHVYQ4aeRreQ/Te7WfhupRFe6IV9bzSqpVeT9zc+o6XUDG4ja8DFfEtoIHpchAOJ4h9kself5Pw7TUS7HMeWfBkvQMFJQw== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none (0) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=hcTo69bz2FR2QQt37dRJeiSzEAGpfA9OYhZgvIIVOpk=; b=wn40Le87rhtx01MZwwCyPuuPGE8Ie82EzuISqmeeyLDkEhOWt+u+suTw4UdjV2vcYRQqsqvPo2EZNuw1UeQBawnRfOIoxqI4WS533qUgnRS8M4Yg33waquMADi97BcTZsDRdLhRwjLWeAYkyQLstDc2k6g0iGwOSfumHpAp+xgc= Received: from BL1PR13CA0120.namprd13.prod.outlook.com (2603:10b6:208:2b9::35) by CH3PR12MB7572.namprd12.prod.outlook.com (2603:10b6:610:144::17) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7472.44; Sun, 21 Apr 2024 18:06:34 +0000 Received: from MN1PEPF0000ECDB.namprd02.prod.outlook.com (2603:10b6:208:2b9:cafe::62) by BL1PR13CA0120.outlook.office365.com (2603:10b6:208:2b9::35) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7519.20 via Frontend Transport; Sun, 21 Apr 2024 18:06:34 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by MN1PEPF0000ECDB.mail.protection.outlook.com (10.167.242.139) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.7519.19 via Frontend Transport; Sun, 21 Apr 2024 18:06:33 +0000 Received: from localhost (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.35; Sun, 21 Apr 2024 13:06:33 -0500 From: Michael Roth To: CC: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , Subject: [PATCH v14 17/22] KVM: SEV: Avoid WBINVD for HVA-based MMU notifications for SNP Date: Sun, 21 Apr 2024 13:01:17 -0500 Message-ID: <20240421180122.1650812-18-michael.roth@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20240421180122.1650812-1-michael.roth@amd.com> References: <20240421180122.1650812-1-michael.roth@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: MN1PEPF0000ECDB:EE_|CH3PR12MB7572:EE_ X-MS-Office365-Filtering-Correlation-Id: 1ca948b7-bf41-41b4-ec30-08dc622dc77f X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: bMr6STBnd4yEOr0JC23az6fvQZlxEA1dgI+88us6vfAstKZgWl1yK2vnzeCIqmbLztS+vHHbdaD6pMKIPNn82w4zRBwjhKybNOXVuimkt5CWH25IPs/dJPC1yZT2m2KtfZNwKlw2D7w1/qdqfTr3kaKbOWELN2dq3ZKOWRChVRsZlbcf0Urtb6BgSwux48Mg6q02WsjewIsiZEPiY3AJ6o0je32Nk+jvPdPG7bYvZsZ6YHms4sUP47DXbcYQFMW8RabZQNCLWwFzoKPVoPpRKZHX3OYxIpo10w8hZZ/DwMLZm3BAvpHfErGbEd9nmpSma/qkugFei61DsKMOYkR2D8V7aYlmLeuvZ8OZZlZvTHy82QfdtSWVCKGvedb9YZE58ztM3dEetwEmbliH7SNGbtXCWQLieBWlmCs9E9lnG+9iJxseq2ww5pMF6eKHPtgtExj3Xai7t/y5VO+ju05QMxoxjHejKYHWh02OZyQUtVlBHxxKwHCZ+CiBuZ2pNqtsQiTL73U6BCCcElGvhigCTAqDnLhkMOlk8nj4O9Bo4BZpu8Olww1dtITtk2hVwsIJdLbDJWz9hHweMhUE192NzvwLBtvDKxGD3bdRU+LPdYoizR519jiJzLKxIpeBJJNH2ErCfUnar1v4PohZXUQ85/O1wDfKcK5MOoI4Bskx3dijcUUXtJp6CYN03Hmz1sNtSUM1Vrkon6UEBBtcQMa0WVwBnPzubH6/QVKjS0cC4ursp5ZN6+GaY+OIL9nzYKq5WyANqWn4n6JVvP/RRB0qsy/++aoO84IF9jhYDR+BkKCRvjZzq1PrxB6a0WtdW/z8WK7PLFyitXDRbR4FPEH1KfUInwoDdIndNtwhzqFSLLb7m+Sa1xhGeeLNS0AiF1Ax4+BI8sSvHf50NHH1LLRKYCeAxbPHb8I+B+KJFkUCF0au2K56C3jDQboUceN07BG9P9wTbWYQkCcG/yL8rCfwjqxSX9amAZIZe06ykEzKKLQZXGNlL1LlMpRs/IDfuiLMQVQwNpboAHAVkrCs0I6NbBKztVptcMtyKkXZscnHsVPaR+bsYOJ4NtvfPUBdR1//I60gQAO29ftzvUZQB1rzKi5UyBT4kvBxyN9JxZwl4OUZW9eXHMHVTuqX4ZQd0SNjclrltwCCArG5nDWla8+ki118iylyyhMFOMgkJTno2lgWGxLAqZctuZC/aS4Y2LQq2RWRfF0T2Aqlt2Q7P9XtbnOZgot7eMS+gsuMXCXUXBnzUyXmz+sXRZdlGM5bn2fsOTmMWmjNnmAckNb/lP/GcErAiIGsqvwekKeLuNcP8CBVFHuJ/2oS88hSQ+3WuKIdfF7El38cV+FpZXoBKgY8Nl3CMTc9kJVb7/PsgnFaJt4= X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230031)(82310400014)(376005)(7416005)(1800799015)(36860700004);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 21 Apr 2024 18:06:33.9242 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 1ca948b7-bf41-41b4-ec30-08dc622dc77f X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: MN1PEPF0000ECDB.namprd02.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: CH3PR12MB7572 X-Rspamd-Server: rspam04 X-Rspamd-Queue-Id: 116322001A X-Rspam-User: X-Stat-Signature: 9bknokb7np5k7eqrtgwzu3ccjf8i6g7d X-HE-Tag: 1713722796-600589 X-HE-Meta: U2FsdGVkX1+9K8+aSAMFClXl1jAdYta73j0NGAP0yJIVSxrtDmybqj1KbNbsRudHn5XBaMrJHw65GFUrig7VCjT/mB8xxfiRCPSE1G2cJHNrFrovBrKncAmYXRSak4s4c/TO125GF7VeixbvIWY7H7d11vHDmw5LSCnOz9ICdl7rcu0B5o/QKuTCOlCoXy0bQ4/QfZDLg1/UpbKn0fS6Gnzj8W2v9pztqgSH/77Scw4Zyg8YZoh5Xt58/d5K55SmNx7GwALtojudwJ6P7V0h+ThmAJ0vqBVc6LqiVEuemfvrm9LkkwNHnVNZBrI3yjz7FI775tsavXJNvWWmeVUa9ynO9qBNBhdJ/8kVPY5alAIsCBAUp1RnZLyNBNXD4Hk0Al1fjUhcCtEEfqBxKDl4E2lQZKXnqN7J6xSEHT/GJPg45A9HLkdjE5OwTv9W6idhTAc6g8XymUhiJDjwM93RyOByzag0SEWfG3a3qF7oK5jPgbpIcxc6mmAYj7rleB3RNr/pC5/DTCuPJEZJ8Wh3PhyNAhhv7qa0ku08x58juPKi7MQRkK2EzjoOW/ymkZJcywuXLzXmWiDsUvcsKmix2o2UE/LzApRzqQhvdUyQr1CeoFzZt7o8xoFXsKjaCWBLsj0DB8iUAOLN0/fHSehk+JWZiBRrsUqr8XHjLmHHcjW684i092at7UbxLLNWElcNs8bzl1cf499fETDnKu+U/qS9FzomDVyetVi3fiAe5R01U53dvzMWHqe0Mj6FEMw/gCtiqBME9yT22EK1nJXFtaoF58vVRTVqyloFShwSfCMgkew1G8w79FsYYW/+fbL3OTWt53I5OLQRl8+Vk/YeZyi+sd+RjTCWZ00fJM0s5h2TWMQu4szjT8QQxtyZOT2XvQdcOECTZwk+1JDeNmFg/7bras2sBqmvw/4QYRke/vZvbLzRPFqDO6z8IKgIDfh4XJHeKl6CU3+n9JoJeS8 BZ1kpOdn +ktNE369mbrRrwfdgiIDgmJJuKmptg6VyT48kiDe7ZwfGivhjaFs0QCYAKBjiuSTaYnJyZpc6a22eECzHDcaZGaZjX5X1DDTt35VM8ih1kEsrb7UweFcQIHObMnLUr6j7OIIxIA08FsEnUQCUFV9MhLs9U/iaXRUVDwhtdUOeR2/tHsTptahCYCsTa/jsYUyIlQdEvZdKm6mpo0e6kmJoK8YzGZdonlPTEdj+UYGOjJfZ0LbFLZNERfwydDRl0YmcH2buLZvjshFQF1CbfoceLMGbNVv8fsMfq8vvsIw90sJWpavkQE1Hbxkra8BL5Jnt+5dGfoH6Rc/hhCdWI+ulLQAyVX4/z9ZW4xEwPESD+aG5aSk= X-Bogosity: Ham, tests=bogofilter, spamicity=0.000010, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: From: Ashish Kalra With SNP/guest_memfd, private/encrypted memory should not be mappable, and MMU notifications for HVA-mapped memory will only be relevant to unencrypted guest memory. Therefore, the rationale behind issuing a wbinvd_on_all_cpus() in sev_guest_memory_reclaimed() should not apply for SNP guests and can be ignored. Signed-off-by: Ashish Kalra Reviewed-by: Paolo Bonzini [mdr: Add some clarifications in commit] Signed-off-by: Michael Roth --- arch/x86/kvm/svm/sev.c | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c index 243369e302f4..cf00a811aca5 100644 --- a/arch/x86/kvm/svm/sev.c +++ b/arch/x86/kvm/svm/sev.c @@ -3042,7 +3042,14 @@ static void sev_flush_encrypted_page(struct kvm_vcpu *vcpu, void *va) void sev_guest_memory_reclaimed(struct kvm *kvm) { - if (!sev_guest(kvm)) + /* + * With SNP+gmem, private/encrypted memory should be + * unreachable via the hva-based mmu notifiers. Additionally, + * for shared->private translations, H/W coherency will ensure + * first guest access to the page would clear out any existing + * dirty copies of that cacheline. + */ + if (!sev_guest(kvm) || sev_snp_guest(kvm)) return; wbinvd_on_all_cpus(); From patchwork Sun Apr 21 18:01:18 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Roth X-Patchwork-Id: 13637447 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id C5AFAC4345F for ; Sun, 21 Apr 2024 18:07:05 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 5E3526B00A3; Sun, 21 Apr 2024 14:07:05 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 593706B00A5; Sun, 21 Apr 2024 14:07:05 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 435A56B00A6; Sun, 21 Apr 2024 14:07:05 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0013.hostedemail.com [216.40.44.13]) by kanga.kvack.org (Postfix) with ESMTP id 2221A6B00A3 for ; Sun, 21 Apr 2024 14:07:05 -0400 (EDT) Received: from smtpin07.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay01.hostedemail.com (Postfix) with ESMTP id D5FCC1C08B5 for ; Sun, 21 Apr 2024 18:07:04 +0000 (UTC) X-FDA: 82034320368.07.B163F78 Received: from NAM11-BN8-obe.outbound.protection.outlook.com (mail-bn8nam11on2042.outbound.protection.outlook.com [40.107.236.42]) by imf26.hostedemail.com (Postfix) with ESMTP id 2E4AE140007 for ; Sun, 21 Apr 2024 18:07:00 +0000 (UTC) Authentication-Results: imf26.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b="pMe4/7sB"; dmarc=pass (policy=quarantine) header.from=amd.com; arc=pass ("microsoft.com:s=arcselector9901:i=1"); spf=pass (imf26.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.236.42 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1713722822; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=DWxiMrBbWnKcm6ydpzx29svDwThWmkLP9QyIGv8efkM=; b=Qqf6DsecmBWRePMnZGCrnkyewQuEr6+J5z2D5cxKDgtXn6gFejUEp6uDf0L7Y6vI/FQOGX NfTxgFXZv03YF9WLmCwmniCvlPTJtAPXfv60eQ2Q7nxi26IeH7WTs8RDGKxq8WNv2Dtjzc WSa9Gw1xXTLtgb3c0DNhttmY5pUf8HI= ARC-Authentication-Results: i=2; imf26.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b="pMe4/7sB"; dmarc=pass (policy=quarantine) header.from=amd.com; arc=pass ("microsoft.com:s=arcselector9901:i=1"); spf=pass (imf26.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.236.42 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com ARC-Seal: i=2; s=arc-20220608; d=hostedemail.com; t=1713722822; a=rsa-sha256; cv=pass; b=Ao1OBmzoD47jINuKH100c0D6bTYhsFUZQccpzx4fRfOrAY68GLnmlgZjcUg0xQ+UCrub+i Z00rUNCaq0bXl+jiu4jthD6G63kuOaW06MlIR9pt78K8zBSYC747yT0Z+7J7Ep5bTqtxdR zMzETF1aoiAVwXWYA8DFrOoCt2uXcfI= ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=lchikEj6lzpwCZPpoc4/RZBVpisku0V/1DsE0zd4ywix1wFeU6PWnczzk+3x/J2C17L8iO1zg34H36cJjC2NMEKVY1qS0vd/NkItEjLiLFpsXbGc4cTMzTdbTj3ultUVOIoJeICnAOfV//jiZzFg6nhBy6CSU+JTS29jKmVIoc3s+Np+OrnbNs3ZPtAattKF/IrMyXz/QoV0VgjPXdarPzgUYY4M/qKZXjforqyevUlHKOSQCChvb+etB+L9JaEy1df5iD59zl3ySJQc6o+X/zLJ7d+2MwsEvPl1rM8oklXEYXjj2DoI44UQ+cTrm9Z/BAKnABCIRwo+B8uAkxZpCg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=DWxiMrBbWnKcm6ydpzx29svDwThWmkLP9QyIGv8efkM=; b=ftPXJ+jVxjcfdYzDwxn0noZkhVoHdyjEDmfXYTQnFuZ2nQkT7b5gf2KSPQxcZ/HPRX9kozyyHY982+IIzh4Op4oEUV4HUsku247419wJgeCL7vCkYhEG/x8eA+iP3qbfF0RaHD6VDuDRuhvzzU/2Rmx0yrO4/AtxueXiyOqpO8j9AM1RS1b/LW2sI8NmUYxPdCYWU1Cd05f+VChTl2drZzbj4QytuQ94Vf/mq+5j2eF93XkhwJeI3pkUt2gi3u8Y13qddmzhZNJOfh5s8iPUxtPAMvLOWyIrBuRFCg1VHrR/+pkQ7gxcSlmxJ9eNZMdAYETcZguJADmLgRYZPyPoiA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none (0) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=DWxiMrBbWnKcm6ydpzx29svDwThWmkLP9QyIGv8efkM=; b=pMe4/7sBvEAq0OuZr6MNt6tGtLittwOHovoQ7xaNweolwSFHIfN9VhLCfB648zXg1wuh3umCz5FDrVyaDwlIeXlpruoSv3xYO5iymucWLJEnYTRJ8ju9TJdjuv0IY+jOR5PSWU71oJ5TfW7iuMPxi19o2pJmv5StPDqKDEWZe3g= Received: from MN2PR14CA0011.namprd14.prod.outlook.com (2603:10b6:208:23e::16) by PH7PR12MB9066.namprd12.prod.outlook.com (2603:10b6:510:1f6::5) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7472.41; Sun, 21 Apr 2024 18:06:55 +0000 Received: from MN1PEPF0000ECD5.namprd02.prod.outlook.com (2603:10b6:208:23e:cafe::d9) by MN2PR14CA0011.outlook.office365.com (2603:10b6:208:23e::16) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7495.33 via Frontend Transport; Sun, 21 Apr 2024 18:06:55 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by MN1PEPF0000ECD5.mail.protection.outlook.com (10.167.242.133) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.7519.19 via Frontend Transport; Sun, 21 Apr 2024 18:06:55 +0000 Received: from localhost (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.35; Sun, 21 Apr 2024 13:06:54 -0500 From: Michael Roth To: CC: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , Brijesh Singh Subject: [PATCH v14 18/22] KVM: SVM: Add module parameter to enable SEV-SNP Date: Sun, 21 Apr 2024 13:01:18 -0500 Message-ID: <20240421180122.1650812-19-michael.roth@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20240421180122.1650812-1-michael.roth@amd.com> References: <20240421180122.1650812-1-michael.roth@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: MN1PEPF0000ECD5:EE_|PH7PR12MB9066:EE_ X-MS-Office365-Filtering-Correlation-Id: b56e8a82-40cd-4e50-ebe2-08dc622dd439 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: AiLufHETMZV2o/iR+DNIPiYIdRlsvMk0NENoITWX0b3Pl54nf9gTBXTHbRoAx4p/8Awr3ADafvwT6V4eCRpjL23hFeoVImkSDwSHc6VIeg3e8xETTpFAzvFhFKgzDAAGs4+r8tZtOdchm3aACrdtu1qIrb7DGtNjjLaMaKF2t6szw61+QMtI7HJxLhsH81AJ8kaimpoIYgDR6QCQLUr7ql6CqaeR9MTeyCAllsstCwb+O74NIiH1Hxh/l0ITXCrjRUju3ZgDjVj3pVm4KopU5wkNn4hTzxNhsy4WbNU3mmBQN0idc5WlXz5YxE144KkFvLfG74ZzbvnGCUCZMz5+wYAp2he8lEvXL/MIjlgmAnTcxkvMrxbwjCXCXGmrg5N1eqn2rLqwyZ5ehqBYY+hhcb1BlM6MR/J0utJsAiancBA1RQEx4yUfkP4S3UynZ1Nh1WjpzsFjHQXz8A5zjI1xJLTf+VtlVMOdvlnPuYbwyR2T3uv2eMWkSzO6DdJHKyPDbSbkCB4N2ks/HlylOshZuBVuflzLmUDF3sQDOcCBCm1RhhomsxWmuAM7Sw7uepEu/cNizKjDfkX8CpVjw8llUcnHPqJ6i/sll+veZbbEkX7qNFLAojMuNu79qj+ebO9aQrmnFYaC2ZUkINWwGMGC21gCSRjfFo0txZmeI8A//0rvouUt/+7MnClWWAZISOLf0TyP85V1bbtWkTmA8KOwr+WN/CAF+ayTc1WKsadl4iGN9b5u5NcGfzyJlPERBXG+1LwOO5T3X05+mLuFnuUFBDDMAWxi4fF8F41TPdDuwGV9XOwYSRmxjmWR2JF25+0Mwrr/nDxbfIhqr1SLOF02UBi9OYwFb+yDWWT+iq/WigAfVyoeEuDgFP1l+vEnBPbbOd4/F1p5ci+rwgzuWVokR4Wr+d0ZFDg/8KBbbL492dcJ28RywvsSH4zlJfMdIp+WOiJOsxHuI2kUX59JIF/moJcTk+4ZNyZwSN8NMojBtscu0zIbpV0Ku8vt2Y5Ovy8D4PbwwyW6a0acgcKq6fr9T+j0Y8aGivQAzZEd6LXBUNv+JvAKzD14K6ONgBL9m2c1mwa+N/GWb+vpXeQRAJ/mqR/4o5440/bQ62tDfVHgxwPp5/2EHLVn6LvIR97h2CS6R36I7AfQn6+HKkIVKRad7KZCCzCeOfRI8hlvdHctiJGy4ukk28QLQlza1uJXo6M6bLo1kjZlMBs63CyLNqqp3OSr+/VS4+Go1cXyc5EpbmewCo0RbETE7YBhBPqBruiCBriwsweINhqRdWbMQg8N2YZeG4Iw3g0fQucjGO67i0xJgObXZCjN/Tl29jfyJ02fazDdr3/MFKpFJm2lslGonIfOyZvdjL5lvFG1WSm/89M= X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230031)(7416005)(376005)(1800799015)(82310400014)(36860700004);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 21 Apr 2024 18:06:55.2758 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: b56e8a82-40cd-4e50-ebe2-08dc622dd439 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: MN1PEPF0000ECD5.namprd02.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: PH7PR12MB9066 X-Rspamd-Server: rspam04 X-Rspamd-Queue-Id: 2E4AE140007 X-Rspam-User: X-Stat-Signature: mzfn4hhmpn5ff9rb7bhqmugzrskx4s4w X-HE-Tag: 1713722820-180211 X-HE-Meta: U2FsdGVkX184TuDrE0PsCEt3Ei/hnM0rxS9yJuyzXRjhHRLv9epoAPXGaIMEYFWfyVwDXWk4oQdFHDokpyAcix1DS4B0HsM2GOSiCSe39MhQUW8N2FL7xuPawwGr51gJRC7w3Rlj4zYz1SxxiNPVNQsuaYnWIwqM0ooYcRvxoW2a6WYzL/4zuYT4P1wbN3b1+ychlCzgYYyRPhn3sjDYfEf3Xk7XUjIwSAtMhcakIsGohdBGK48TpllSA3TCq/RgO3gFNxiMc0qXY0unqaEsg4peoWWCYKhE58R/q5cS1Cw2p0XB6z3UpJ1O+U0hsqfiq2XkNGcv+eWrw7RKs26/suvBjn39DEOrDlNa5QbW+7q2HTj4WjRe3qy125hwqtFz9JC0vLVBBaJvqg8sgHuLB1BDu3lAuY4uO8Iy3w2Qk0WPVPWut4jqEMKDKPCFypg+OboyL+NI/YQW00MaIPFUAo2IFgNm60pN/SszffzgX+xqmUgEDUQ1X6tnA66tiKMGgnJFS0VvZ7JLTp/19rIa4w+Dv7vdTspdv/A4qaZjvtMTXWrd7sbfmaLy3Y+AbSyW7L84ybuhtAt74YaVY59wT2hW5Ma55n6B+YGUuQGHVo/Tj40hV/TiAUe9mVcbxmFU/7x1fMdjkEvi2mvai80D27LC0iGB7HyHJuST4T5e4oyfY0yn6sbVI0zw76YjS0dbHG2V5UpedRrROrUxWcBWS5IXEl2bntMVINcRQvC/gGlJ5vVAlPqOW3wVK7YsfKeMaqPv4IvBcpfFMyJj7RAe3ri8/csS52vyLx/jzDRxxLyyrTU19LTLvsmBJ4CmEoHghxefbmaR9lokPH6AuzmvB0b6U9V5m09DNcFjoEReJrRi5zeNcEGQJWBXdN0r5sEpvHVf+pRyn1Ji3Tp7kcNTuKeqmn4UkvvJVsSfZFcWqPj1vpIVLPrq7GvgN12JHdHsftZQuwqN35w0GVDODsV Tmth77vW UT4WVq/V29Oig+UR/60RcEOWVa1v9/6knCSe3TFD4+gBcAMwghiSrLf2cCZP0vY4cm7YBO0zQukU3teA8QJKiwA9dTSscpkAhB9v/zRJzTOcZxGhnFXJCerRM6BhwpRJuFIX8svELMZwZ2luyjowckPAZWh+glqp9bluRvbBaIq1E39pOOgLLkUs2UqQFv66HKsvoBVQ4VvG+exKbn0ARuVZXMAphiygGURuEYx6+qewSJW9kiYqf5tYfhZFMp3rykkj0yUnlZZM5Qk1ciEFgXAmzTli+SHLZaV19Ao8esnrqTPM3bzrpBOMtPP5hEroSlCR4XN4xzui78JZmOKPldL1WNW/v+qrQNZ9sKsUmzuY6zJg= X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: From: Brijesh Singh Add a module parameter than can be used to enable or disable the SEV-SNP feature. Now that KVM contains the support for the SNP set the GHCB hypervisor feature flag to indicate that SNP is supported. Signed-off-by: Brijesh Singh Reviewed-by: Paolo Bonzini Signed-off-by: Ashish Kalra --- arch/x86/kvm/svm/sev.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c index cf00a811aca5..c354aca721e5 100644 --- a/arch/x86/kvm/svm/sev.c +++ b/arch/x86/kvm/svm/sev.c @@ -48,7 +48,8 @@ static bool sev_es_enabled = true; module_param_named(sev_es, sev_es_enabled, bool, 0444); /* enable/disable SEV-SNP support */ -static bool sev_snp_enabled; +static bool sev_snp_enabled = true; +module_param_named(sev_snp, sev_snp_enabled, bool, 0444); /* enable/disable SEV-ES DebugSwap support */ static bool sev_es_debug_swap_enabled = true; From patchwork Sun Apr 21 18:01:19 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Roth X-Patchwork-Id: 13637448 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 351EBC4345F for ; Sun, 21 Apr 2024 18:07:26 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id C25066B00A6; Sun, 21 Apr 2024 14:07:25 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id BD5B96B00A7; Sun, 21 Apr 2024 14:07:25 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id A28FC6B00A8; Sun, 21 Apr 2024 14:07:25 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0010.hostedemail.com [216.40.44.10]) by kanga.kvack.org (Postfix) with ESMTP id 847686B00A6 for ; Sun, 21 Apr 2024 14:07:25 -0400 (EDT) Received: from smtpin15.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay03.hostedemail.com (Postfix) with ESMTP id 4F7B7A01E4 for ; Sun, 21 Apr 2024 18:07:25 +0000 (UTC) X-FDA: 82034321250.15.6B8AE6B Received: from NAM10-BN7-obe.outbound.protection.outlook.com (mail-bn7nam10on2082.outbound.protection.outlook.com [40.107.92.82]) by imf04.hostedemail.com (Postfix) with ESMTP id 6A58740002 for ; Sun, 21 Apr 2024 18:07:22 +0000 (UTC) Authentication-Results: imf04.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b=uflDKhja; spf=pass (imf04.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.92.82 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com; arc=pass ("microsoft.com:s=arcselector9901:i=1"); dmarc=pass (policy=quarantine) header.from=amd.com ARC-Seal: i=2; s=arc-20220608; d=hostedemail.com; t=1713722842; a=rsa-sha256; cv=pass; b=ELg0s0SUYhbWP3AQvySY8mtLLrljhKxhe15VPxXCmEKUaG+lYzxpDZq76C3k5F3tGjKkmq T9FmWUPxOzU2ioH5pkrWXUfZXJb6mqmEACbRFtZknIxDP0NkmA9sJJzSUIVu7xfuoB+iwf fPTwHzs7Qcjqd8IOPSzbZvc07O7n4Y0= ARC-Authentication-Results: i=2; imf04.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b=uflDKhja; spf=pass (imf04.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.92.82 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com; arc=pass ("microsoft.com:s=arcselector9901:i=1"); dmarc=pass (policy=quarantine) header.from=amd.com ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1713722842; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=Bus4TEffan/BVjoh4Oajo39KRfhFAGiDquSIGK1ZPI0=; b=GDBZ7l1S7P/9CbWGll3s90az+AF8koUf400kVrkB7rpBYoD4GhC94jmRkdq6xZmVRvHVe+ vEeYnvWkBk4aLoKzEPHlhm4W0HfInfPxsLGTcA/cEHLzIKH+HCiiOUVG38RvhCpSAqZ45A HRp0VTOFl684B/mEdvhSOItFRKLiZ7s= ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=O2DiXqKwXp5SHUvmgO4g7QDjkDxn2tacapMU7zlvDaar1+eqkIonR+WlgGsHB5xDq1yCFwSEG3zNVCvyS9xxYAUOHVCSnW18Xjbme1fxJC+rTJVNsODQHifPaD1UiMiaGdB5r7JIPuhU3FSMnFoQwalQp8VTmEKbLTQB+yOfUYY9lvjsb0FfZgbMn5ya36J0DIEJked1JNJCmb/qKMzNZRIA4ai1Sn8HPOCBQwuBUcauZClQgIY7cwveEh7iQAOCGdDtTQ05Alm6U1xKraps3jhk1zqoUp2TXFGs90yM3w5pjmDehSnMXiC4S1FRViXvqdqD7d8NQcDzD2sYMC3/xw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=Bus4TEffan/BVjoh4Oajo39KRfhFAGiDquSIGK1ZPI0=; b=XXPD0qrvpI11XFwFWc59TiJe/4R0PmwhTuoz36d054dKVE+Z+Xt39QXmEdX9KSIsuw7AjMBLIFDe3xrbmGdisi0KdfbHP45ahd7w90OfXXtGbW5MSdtS25u8GaJfHIc1wHLx/9G4QQz8qEk+KLLkD+P6OUAEFdcPjZZpYS3EgeABEiqlU+WN3r+2F/9rQnbsWpoVzXq5G9/2IVL2a0xyrviRPxSdEz1YqQ3Aojan63s9Il3Sns/wuBk5WPSw0iw9E+XRADLHiOes3e+SQ7/XlyD20KSIPb8FPqBfvPDF01QyjrqsFwXt7XoaFb2l+2s36vAHLSO+cKYJ0clHXrM10w== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none (0) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=Bus4TEffan/BVjoh4Oajo39KRfhFAGiDquSIGK1ZPI0=; b=uflDKhjae0QSo5LCT472jzygfyQB6L0mZqAkIYv1AhsU6GuD1vO4PjaAJuHmTn+z3KyeCT2u1MPia/j7oRtKGNDn3ZtqKOBuGousE76jJC+jaJUTZda3FYI2wNB26TOwWEutXMvXf3tGBgyn/sjyZJDJNDZjdmqUXT0yRa7R/NQ= Received: from BL1PR13CA0112.namprd13.prod.outlook.com (2603:10b6:208:2b9::27) by DM6PR12MB4171.namprd12.prod.outlook.com (2603:10b6:5:21f::18) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7472.44; Sun, 21 Apr 2024 18:07:16 +0000 Received: from MN1PEPF0000ECDB.namprd02.prod.outlook.com (2603:10b6:208:2b9:cafe::a7) by BL1PR13CA0112.outlook.office365.com (2603:10b6:208:2b9::27) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7519.20 via Frontend Transport; Sun, 21 Apr 2024 18:07:16 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by MN1PEPF0000ECDB.mail.protection.outlook.com (10.167.242.139) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.7519.19 via Frontend Transport; Sun, 21 Apr 2024 18:07:16 +0000 Received: from localhost (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.35; Sun, 21 Apr 2024 13:07:16 -0500 From: Michael Roth To: CC: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , Brijesh Singh , Alexey Kardashevskiy Subject: [PATCH v14 19/22] KVM: SEV: Provide support for SNP_GUEST_REQUEST NAE event Date: Sun, 21 Apr 2024 13:01:19 -0500 Message-ID: <20240421180122.1650812-20-michael.roth@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20240421180122.1650812-1-michael.roth@amd.com> References: <20240421180122.1650812-1-michael.roth@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: MN1PEPF0000ECDB:EE_|DM6PR12MB4171:EE_ X-MS-Office365-Filtering-Correlation-Id: 9d79f16c-498d-4a62-79a9-08dc622de0f1 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: eCAG4AUg6Q6qW+/fzfhYTs3Ve+OfZUYy7xyWWHPiVB950i2vJOYwMnHL1KF87dx3qQMZTMmHQ9TStuZ+dgglm/MPAqXrG7mZfcn6JmHDblGy1Ew+M4ZA/9h/aoz7a8TBxYE+svARcIHxU9gYbn7kj4tEXl8VF80UE7qX4+v3Fq+1/+AzgPxow4kn+vfvWgSotNbTVieFlFCWb79xn8BPCwQ0wefIdOOJJGAvNoIiPlFzFyZpuHr/ZCo+wVe5bbFRMUVvr1B4utMxgtRqzlZkbmFLo/a4MhS1t51TQ/SHFaDegTbvzrBcrRnR8IxKoZhhIdVzXYtVfqRVKvPfXsRi+7BzYXcSnzS7WeRQV+vInf+xX1R5ek2Dmpjrh3GCrFBv1fXW+Qebk9TwiYVtanqGjxClm667YEdqpEd3Py+yrWYdXe2WKQFJ7fdmkFyc6sLpevMCg1HdrS/E6+EFtDHzTvgWmqShsI5qj75pOmlOY7F+tMUy9/Z4hvJRBhmwYGwzjNIJJn3mhDIJZiM5FxwY/T36x0LOfIxPN91BEau7OAobro/jOSTioQtDABWDCWIX5cruzDTkvDDq/DManVh5y04NZFNEPpa3CV6v87JFLcmLaXnDLzO898sdncM/EylI3qmZlEyPN6p0uZzz0Yfn8x6cf6qARLqHlDMoDZrCpjB6dK6zDvQz83XZEMKoJYCr5AcNaW4fdQxi/MaFPMRSlWag6URx2oSzf36YTtHO7smMb2GzoNwjDuWX2N1ZLcypKzDe2Ir5pvSZZ85qxDTAiYkwbOanw6zAB6H9Mnu+UhIndb12ouVgbmS392OBLVw4GxLHXlXlEBYt5y2pXAS33CH78aRJx6i6DurKnmeAecxFG6kNyEKFuG2SrF7+jP+R0yG1o4t87PiBp/OhVPbCXOlvzOzGfuZEI1L/bCsjeiZVeRRZ4TAnAmRCpHBXb5q2ZrGxmD4MgMNR7FUgGhvKdNoxSSEskdbOyH4LoMHcPZRUYsn6QLKqU+k4xAeTqoVJXzR4lGIP91kRPtQQwwwnNo4yiUZWIKSxhpdiMq+T/nEGNxS63xoXgoBoSx5CL4sC8DFcULo7LRLASy7yzetSWvqSPEhFZ+Sb9thQtmtzllCOk2kuxtemr+3DEoYXpCEUrYwob2CfmRdWlb+RV3bCzI0/hJwtIufNSTnnuZmwOpdrlUoyX9UzG1h3VExG8M2kL65sHcjKAbRLrTn8CAcxlnGD5bBRUq+6d5XndGmkJ6APnarOfu7o+K0C8ktJWuhsNz2CstHWNrBSYhRp4zzksioUhYmSCIdL4lRqnXnmuZUDbFANtv2NhVMT8sj4etihekThoWdkOijTqa+aQ3zF/xpOLUqf3bqXzVqXTAutWBQj8uxfKCRC8yydl7nHA77I X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230031)(1800799015)(82310400014)(7416005)(376005)(36860700004);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 21 Apr 2024 18:07:16.6114 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 9d79f16c-498d-4a62-79a9-08dc622de0f1 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: MN1PEPF0000ECDB.namprd02.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM6PR12MB4171 X-Rspamd-Server: rspam03 X-Rspamd-Queue-Id: 6A58740002 X-Stat-Signature: auh69ftsyxu59qjy6eunmruu6nban9o8 X-Rspam-User: X-HE-Tag: 1713722842-780707 X-HE-Meta: U2FsdGVkX18t2vRi+phghlJju05NNaVSGhnaOWISe+N7ooqOBNNkF2YBjRlxwXzqGCPU+uc+csebgdfddGwmUy+4dLxDQcchUrVhg3IUsgoOaMcsVEyM6ht0iPZ3atylmDNLoCVHplWESw/SyNvLrZm/KlqEaPf4Nw0cu9mMr/GjY9hSNMAy2ISIrN6SOqeC+Qa79F6dzjq0bnAQ4nEOSppmdITqW05poxh4gI2v19fb2RnLDTtM4U+EbsAs7EMXZhcBOxKGruH8Mw7GKUa0yuAdYoUWpy8WCFgvDTfqdcmRy5TaxblJn7aqGfq2FShOp4BUiFOBE1XadKD3aYABtpY/7QK51rQvlWyosRAt0W+E7SQDlkAGE3PeUC1cSJuC2oxj5ZBK8xqz29qGVJbmJW6VXS9z0Q7vQes99KvekMLsTIBAf0CkS6xxd+yB9UmqHM/xcbammkareadWnrr+XcUIKBC+udN0u4x+7RmGMnmjkr5ZsHlM5Cq13MNdxZM0r35Q1C8gB8q9SSo+/DTB6xt8I+Y1l2RnB4NcsfsY/qm2V5WMUUvGNaMn1dOMwgiq64rXycns17f0u/tHzejomj7tNwiEP4g+eHq7f6OOP8Ax4XOSqGrAVKE/V+L4H0DyLIvumoutdHeraxKiSHjw4jAbxGHzYGLKBBhuLgRxGpJDbx7wSG2UeMzDueJL1HVqm4GDf5mnBbag6VXX3UL9d/YlKpW2UNa3lqD6roY2HK9Dv84q3e+/KYrGjVQawC+c5qyO8q5c5iTgWOnN10GGHcEGS+9C+GFc4zu1sFgu1EO0xplPZcCFNNSypuovkYLrnUNGtdDAjDbxIQWrdlnLhEZsX6faIgfdfYGT29GwW4h+biYPt/q6dXPQpwdSu1trW/ByvVueWyk9x0uyf8ZNLFCGqnh4CDM96k3FFJI3Bz68h1yce8TYRKanU3lk1KkAtpkmOD42aXVhJs11bjQ GgoHaS6e YxPBeaj6eCWs/Vf3VqQduvp1D4Hmp0adbxWVUcfYSABz6xPuA70rbvZd7el39BbOLOz4oqXyvyiBUQ/n0wo4YA2alupDnoqWVduhIiVh41dMCpNFH49v5FmVX/eYIQ0FqDiQ4A3KeAjuMpvqEC//KyvTdGQyF1Yt0mKqdbzAq9irXbuLC8AjXihgH+Dih7KQDXM2oMuBFNRA9rTSX8ty9GAIbDEXiKRzM4+vcW9dVFgA1iWTacswSHzsIB8d+XAnSS/24UkKF47KnMjVVtCzOVSaQNdL43C0uGZ4yMeMhy997POtGlmVyNlXrrJXQ7WgC6eW0u6MbvPfNup8Vl6BsH0bUCBo6mCvr9WyBxi1b+H6IkTavh46M1IPql5YG7lX41T9P X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: From: Brijesh Singh Version 2 of GHCB specification added support for the SNP Guest Request Message NAE event. The event allows for an SEV-SNP guest to make requests to the SEV-SNP firmware through hypervisor using the SNP_GUEST_REQUEST API defined in the SEV-SNP firmware specification. This is used by guests primarily to request attestation reports from firmware. There are other request types are available as well, but the specifics of what guest requests are being made are opaque to the hypervisor, which only serves as a proxy for the guest requests and firmware responses. Implement handling for these events. Signed-off-by: Brijesh Singh Co-developed-by: Alexey Kardashevskiy Signed-off-by: Alexey Kardashevskiy Co-developed-by: Ashish Kalra Signed-off-by: Ashish Kalra Reviewed-by: Tom Lendacky [mdr: ensure FW command failures are indicated to guest, drop extended request handling to be re-written as separate patch, massage commit] Signed-off-by: Michael Roth --- arch/x86/kvm/svm/sev.c | 83 ++++++++++++++++++++++++++++++++++ include/uapi/linux/sev-guest.h | 9 ++++ 2 files changed, 92 insertions(+) diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c index c354aca721e5..68db390b19d0 100644 --- a/arch/x86/kvm/svm/sev.c +++ b/arch/x86/kvm/svm/sev.c @@ -19,6 +19,7 @@ #include #include #include +#include #include #include @@ -3290,6 +3291,7 @@ static int sev_es_validate_vmgexit(struct vcpu_svm *svm) case SVM_VMGEXIT_HV_FEATURES: case SVM_VMGEXIT_PSC: case SVM_VMGEXIT_TERM_REQUEST: + case SVM_VMGEXIT_GUEST_REQUEST: break; default: reason = GHCB_ERR_INVALID_EVENT; @@ -3733,6 +3735,83 @@ static int sev_snp_ap_creation(struct vcpu_svm *svm) return ret; } +static bool snp_setup_guest_buf(struct kvm *kvm, struct sev_data_snp_guest_request *data, + gpa_t req_gpa, gpa_t resp_gpa) +{ + struct kvm_sev_info *sev = &to_kvm_svm(kvm)->sev_info; + kvm_pfn_t req_pfn, resp_pfn; + + if (!PAGE_ALIGNED(req_gpa) || !PAGE_ALIGNED(resp_gpa)) + return false; + + req_pfn = gfn_to_pfn(kvm, gpa_to_gfn(req_gpa)); + if (is_error_noslot_pfn(req_pfn)) + return false; + + resp_pfn = gfn_to_pfn(kvm, gpa_to_gfn(resp_gpa)); + if (is_error_noslot_pfn(resp_pfn)) + return false; + + if (rmp_make_private(resp_pfn, 0, PG_LEVEL_4K, 0, true)) + return false; + + data->gctx_paddr = __psp_pa(sev->snp_context); + data->req_paddr = __sme_set(req_pfn << PAGE_SHIFT); + data->res_paddr = __sme_set(resp_pfn << PAGE_SHIFT); + + return true; +} + +static bool snp_cleanup_guest_buf(struct sev_data_snp_guest_request *data) +{ + u64 pfn = __sme_clr(data->res_paddr) >> PAGE_SHIFT; + + if (snp_page_reclaim(pfn)) + return false; + + if (rmp_make_shared(pfn, PG_LEVEL_4K)) + return false; + + return true; +} + +static bool __snp_handle_guest_req(struct kvm *kvm, gpa_t req_gpa, gpa_t resp_gpa, + sev_ret_code *fw_err) +{ + struct sev_data_snp_guest_request data = {0}; + struct kvm_sev_info *sev; + bool ret = true; + + if (!sev_snp_guest(kvm)) + return false; + + sev = &to_kvm_svm(kvm)->sev_info; + + if (!snp_setup_guest_buf(kvm, &data, req_gpa, resp_gpa)) + return false; + + if (sev_issue_cmd(kvm, SEV_CMD_SNP_GUEST_REQUEST, &data, fw_err)) + ret = false; + + if (!snp_cleanup_guest_buf(&data)) + ret = false; + + return ret; +} + +static void snp_handle_guest_req(struct vcpu_svm *svm, gpa_t req_gpa, gpa_t resp_gpa) +{ + struct kvm_vcpu *vcpu = &svm->vcpu; + struct kvm *kvm = vcpu->kvm; + sev_ret_code fw_err = 0; + int vmm_ret = 0; + + if (!__snp_handle_guest_req(kvm, req_gpa, resp_gpa, &fw_err)) + vmm_ret = SNP_GUEST_VMM_ERR_GENERIC; + + ghcb_set_sw_exit_info_2(svm->sev_es.ghcb, SNP_GUEST_ERR(vmm_ret, fw_err)); +} + static int sev_handle_vmgexit_msr_protocol(struct vcpu_svm *svm) { struct vmcb_control_area *control = &svm->vmcb->control; @@ -3993,6 +4072,10 @@ int sev_handle_vmgexit(struct kvm_vcpu *vcpu) vcpu->run->system_event.ndata = 1; vcpu->run->system_event.data[0] = control->ghcb_gpa; break; + case SVM_VMGEXIT_GUEST_REQUEST: + snp_handle_guest_req(svm, control->exit_info_1, control->exit_info_2); + ret = 1; + break; case SVM_VMGEXIT_UNSUPPORTED_EVENT: vcpu_unimpl(vcpu, "vmgexit: unsupported event - exit_info_1=%#llx, exit_info_2=%#llx\n", diff --git a/include/uapi/linux/sev-guest.h b/include/uapi/linux/sev-guest.h index 154a87a1eca9..7bd78e258569 100644 --- a/include/uapi/linux/sev-guest.h +++ b/include/uapi/linux/sev-guest.h @@ -89,8 +89,17 @@ struct snp_ext_report_req { #define SNP_GUEST_FW_ERR_MASK GENMASK_ULL(31, 0) #define SNP_GUEST_VMM_ERR_SHIFT 32 #define SNP_GUEST_VMM_ERR(x) (((u64)x) << SNP_GUEST_VMM_ERR_SHIFT) +#define SNP_GUEST_FW_ERR(x) ((x) & SNP_GUEST_FW_ERR_MASK) +#define SNP_GUEST_ERR(vmm_err, fw_err) (SNP_GUEST_VMM_ERR(vmm_err) | \ + SNP_GUEST_FW_ERR(fw_err)) +/* + * The GHCB spec only formally defines INVALID_LEN/BUSY VMM errors, but define + * a GENERIC error code such that it won't ever conflict with GHCB-defined + * errors if any get added in the future. + */ #define SNP_GUEST_VMM_ERR_INVALID_LEN 1 #define SNP_GUEST_VMM_ERR_BUSY 2 +#define SNP_GUEST_VMM_ERR_GENERIC BIT(31) #endif /* __UAPI_LINUX_SEV_GUEST_H_ */ From patchwork Sun Apr 21 18:01:20 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Roth X-Patchwork-Id: 13637449 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 65C5EC4345F for ; Sun, 21 Apr 2024 18:07:47 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id E96B56B00A8; Sun, 21 Apr 2024 14:07:46 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id E46BA6B00A9; Sun, 21 Apr 2024 14:07:46 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id C99986B00AA; Sun, 21 Apr 2024 14:07:46 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0012.hostedemail.com [216.40.44.12]) by kanga.kvack.org (Postfix) with ESMTP id AED986B00A8 for ; Sun, 21 Apr 2024 14:07:46 -0400 (EDT) Received: from smtpin11.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay01.hostedemail.com (Postfix) with ESMTP id 387331C08AC for ; Sun, 21 Apr 2024 18:07:46 +0000 (UTC) X-FDA: 82034322132.11.A277FFE Received: from NAM11-CO1-obe.outbound.protection.outlook.com (mail-co1nam11on2045.outbound.protection.outlook.com [40.107.220.45]) by imf01.hostedemail.com (Postfix) with ESMTP id 31F1240003 for ; Sun, 21 Apr 2024 18:07:42 +0000 (UTC) Authentication-Results: imf01.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b=mb3W0eKX; spf=pass (imf01.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.220.45 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com; dmarc=pass (policy=quarantine) header.from=amd.com; arc=pass ("microsoft.com:s=arcselector9901:i=1") ARC-Seal: i=2; s=arc-20220608; d=hostedemail.com; t=1713722863; a=rsa-sha256; cv=pass; b=562hbceF85WADDSBIPOHgVU5nw4KmwvJxeL777aht8ZUCrW0jhtB+NlWz0khJt4CMpTukB NO2UxpO69jr0mvCe55fkMTL0nTh1zVF++btGbmdBE0vLPWaSnI/HQxUOeTKECuIPZmUdky V2VI5HfZms+C/LkjcPFSg7PGf7Lgq18= ARC-Authentication-Results: i=2; imf01.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b=mb3W0eKX; spf=pass (imf01.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.220.45 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com; dmarc=pass (policy=quarantine) header.from=amd.com; arc=pass ("microsoft.com:s=arcselector9901:i=1") ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1713722863; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=BrLx/Gtif4PESh/Cb7f+ZeKvu4HjLI75t/BpaHSyZ/E=; b=GwBlXN3ESTWkyvCU3WhDmkgEzvDxZPwuo86gOYYxAs8hDTb3mbiM+PmRsraNdL7jtc03z4 w4IqiuBr9w/K4BQROMivV6BWDixe53MaD9i2kqdMH7r1MfjRHSFn5d/P/HGnHdl756C7fQ aRlTnf90xnbjAtKIERk7mq+rhHYwCb0= ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=SZ5QCOCBcK3z9KYe3JMshEvWDt0rrAJi01FcQDKk8ODiYX4aNjV3Gj3vH07NA8wd4jZZH8voHxTcmErkrtH3j0T6uNPzAWTR+0oDmbmtKvdehjJbsEwHEcfRG6GdTSbOR71B1QsVPBtbJQNROIEaayi9x4nEfFXLPj/hXKcKMTgNj4Rw9IQsj2bGrg+bF1QFsJ/rKNuy0+rnvGl7GgthfKl+mcIwXuQ458JUn0S4H8JYLUqojdxdl66PePO1sxF6Pufk/4dvYRIL9upKBZwaoYQgu+pPmYV6TRxGVoZ4GrQMsushtks+nTUqFpzqQ9oCEfUk5fQbMSbanj9dMjFNXw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=BrLx/Gtif4PESh/Cb7f+ZeKvu4HjLI75t/BpaHSyZ/E=; b=VB5n1xg0eHbkaCfTWyIJCyNnb+EgdAirW0lwfTf31j5TXxzgwUfP6GV8RteiMLnT5npHOQliHwwzMRPGxZVcIsH4hW1H100Me5bFiabViUFEZtAO3fQNBsIjB2NvrGj+zzXrWhXZjhoWGVSwN8Nc3qGx+wycTfpeI2zKt8ycGTYPDUXn2aJ3iANiGpZ8GA1zpq5TVaoYmGsXyIWYNlmHxcsIa0fELiY/i2TQvtLgYBZMfotb8a114lttNtsX3ObDoYXlgeJcofgDQCKkRZU2LtlXQUPth2qTrzM34WA7ljSzO1WFENyVkIBICjLQs9lj1SWSvWPR/jwnQNQg2+iaEA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none (0) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=BrLx/Gtif4PESh/Cb7f+ZeKvu4HjLI75t/BpaHSyZ/E=; b=mb3W0eKXkT/S98/8IaV2rxOQLY0uumunVbCGB7VdrkhMuBJmpMzxBvqEMQz3+GfJ+u1ilU8ebVJqhJzoQQB33OmZOjCOPBNRLmrII0GU+mP4IfstPQIQWZ+Iq3FZUoyU7vOBwF36Prttsm8dFWHh/XeNvrJ1JC3qOppb0EV1n/8= Received: from MN2PR03CA0026.namprd03.prod.outlook.com (2603:10b6:208:23a::31) by CH3PR12MB9395.namprd12.prod.outlook.com (2603:10b6:610:1ce::18) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7472.44; Sun, 21 Apr 2024 18:07:38 +0000 Received: from MN1PEPF0000ECD8.namprd02.prod.outlook.com (2603:10b6:208:23a:cafe::ef) by MN2PR03CA0026.outlook.office365.com (2603:10b6:208:23a::31) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7495.33 via Frontend Transport; Sun, 21 Apr 2024 18:07:38 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by MN1PEPF0000ECD8.mail.protection.outlook.com (10.167.242.137) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.7519.19 via Frontend Transport; Sun, 21 Apr 2024 18:07:38 +0000 Received: from localhost (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.35; Sun, 21 Apr 2024 13:07:37 -0500 From: Michael Roth To: CC: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , Subject: [PATCH v14 20/22] crypto: ccp: Add the SNP_VLEK_LOAD command Date: Sun, 21 Apr 2024 13:01:20 -0500 Message-ID: <20240421180122.1650812-21-michael.roth@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20240421180122.1650812-1-michael.roth@amd.com> References: <20240421180122.1650812-1-michael.roth@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: MN1PEPF0000ECD8:EE_|CH3PR12MB9395:EE_ X-MS-Office365-Filtering-Correlation-Id: 6f34b018-8ef8-46eb-b7f3-08dc622dedb1 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: M8A9gaA4D+sYw2B+QfIxPu22rbdC38dppteFptNvVjqzyxvDJecploCuZIuja3XNjTKgF7UodbpCCD1atlPw4b8YHzeWll4UFkxuMnyqdlsT1gqu03gYLsg4sduvEruOqyzbMEX8gGXzjHO9zxxhiGhGTCYyzLFNcCrrW+SwydYZruOn+AaGg9SHe8IPQBaQ71EsTkBFNJD4IoMLnJNfzU0easXkUxi+36BhYU4UKueeDpKUJo+O93l8MAX0xuLjWlhtRbVSOhtcfZwNTnpIgQSyTTjnW84oA3VcP70sGTzF5skyeVaBXN3P1JkYHRpYpQBd+m2lOG60dRVawpa0Zv3QAFRvho5dYATM14bqHoX9UocHTi2UYBdLcDdv2lxyWfvtxGMMjSdcWUdZ8NhX/k07NkAicO1sM+mJ90Wv5D+P74GP7+q2tC/CG9XmkMyeWNL4vPWsjaLyvK4kdgU+rSI5BaU6k/k23Y2B6JRaWAmRc90FJvfVB8j1lJpVWmeHTPAHhRGl60eIYKLlxsu+EZvL09gyrXmki8q0UBQYREZZ1/ktxKt/+r0YRdOmglZrlknhUJIijC85daupPVEYxhiLkdGd0JBwc1IhC0r8X8E7eq6uaVb9hMhYYwHVo3zTvacg/6jhE9Rz2cYzeZTy3E8Qpnb0E7xX+04V/QZ7rX/tSWZ5ZwObgjYxqwsgjhZSxJ3GcuoukcTkC9vclUPemN+dLYXW/d54IrGWp7VeracWWBJ+xvw+//aVh9o4Nh0s+yTokeB1ElcxGpmaX+u+W5PaTT+KAP2URurIbxvkE/SRfCPAKoL/WRbyTqJXzdCFPmRd1+jB4wTJxnI79d9iohV6qdok7AYUw85LLrWXIFrLU2A1m8zemWX0zAHaT0e+rAFeb39vFGO3wVQNeJkjO2JTLQc1/x2blieAbO4idAKgAwnQgdtJNily8990M08zAQ2viap/gcL/5OkMGGuHlcv65tMs3tRypDjAWrqTQEOIcSYfoOCPZPLhGvKah2qSp7HXok6EMEssAPqkTrIut4/sRBh+uoDqHS3Fgzvi46AezR5cb6Irhkw2kdmVfReLB5XRV+Dxjfngkysjr1+aNXYzgswFrNKzwqE+PVzIs1KerMvwfLIjQ/nSwU2ig1wQ16DzTv7wCqgnHu23v+sqSuN8bRPx8ZdSSJCm49b8ofQUs2+A1nTK20AMdSrXBHEsC4pWa3sYZvJXasMZQJmkv5m+kt3GYlFOQa0XV2WZ2pFMVikpPwUUd0pDpEky0Prf0Ghpi9iIavLfmFZUF3pgEIZAsTT7nedz5T88HKDRCr+VjYy3PVXFk4ZlkEk/u3kpeRTFFwLhlKx7kDEsddah0fA15QaL9lUdh30CP2ZIqnDd1fd//4BFEji9ipSWJfE/ X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230031)(1800799015)(7416005)(376005)(82310400014)(36860700004);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 21 Apr 2024 18:07:38.0196 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 6f34b018-8ef8-46eb-b7f3-08dc622dedb1 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: MN1PEPF0000ECD8.namprd02.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: CH3PR12MB9395 X-Rspamd-Server: rspam09 X-Rspamd-Queue-Id: 31F1240003 X-Stat-Signature: 9aeqch64m9bsj95j7ow4mmco7sm1cph8 X-Rspam-User: X-HE-Tag: 1713722862-108331 X-HE-Meta: U2FsdGVkX19yL8iSER8XeFJdroo/YNzHonDlWM5FlxC+ksQOClVPgyz21HYDdmiexKvZ3zaU1Y9n+DG0tMFmI9mdzF433XCWR+68crMimYDAGPaVitYKz0+6Rr+j2NAAqda3CCwztGed6upR/klnJg9sjfH55eGXWPL1cSXA0MU6V6yWJ6h4nGx/mIutqXRS3fY7psIAmsVDQByxqoaBfiPn029gRrmXlwML9uJZbKUAg8jLnmSTa0tpszBQTpD5uF1bT/4h6+U5i/XihddsKnrLH8TMwxCWyWnGdvblQBefvfjIRLs0brWEskkpvieEY3JYILs5DgPxIK5YRpCFk8wosBVGtk88f+nh+gyYR685FP06UEjDdHQG/OftAeqopTIbVFT29qHmLJY3icDrYVVgsqQtzETQHiuOaJigGCdcOLQhXloNvNOARXvA2/clT4zVnNP8qfzfJrPgngbOYw2OyrmctlUnAWfPEs4tJcxELtD4yTouPjU02mZMZdbHVESog3d3idGpurhr6PUMeGIfz/9VGf7YSwqjPIjloGlmox25fjotIcJh+d/8/TugDJKWcUJt4+ydPUhE0kOLmW0+v8Yq8gfHrPFYVTGWJKiG2QcAM+wGGRoDuPOx+mh+9MkvXsZ8XvYMwiiJCUpHtxIF4kYJF1mXIExovlRz5ik0lvRX6m1lFlUxsE9oGmycnJm8wDwmS8hJ05e4tcwiLAp3YyTBUp/+719lU4ux5Qhbs0yWNzXfhfCDzvIDEU7jn5SnQNUN+ggg9CewX8huBqx4ScYK3ZQQde/x6GLepR8QX6NHs1y+nN6zxbxaYSpjN7x3jT61bp8kMjJESgSWDIZ/NCiVpeR/9dxi4hAESNAwKCy2JXJEdSfgfFAvRqexPDRrJGbIJ4oXQr2HNXf/iS3b/dKaoTXcdmuL0YLDH/gIrpnzdbUBzQxxjNecKFzHNFVkjWafLsip3/Dzr7h nbWiWf0A FDZW7eP1BJaElR6+dRCewFOcqPixB+PdMheWfBOtyVsIS4cADFQchTfP/XuIf/Me2aZ0QZvMjxwRVT5rbLtdDMzuvVfK/ze1D1vob8SjOBcDz8KdYXn8dtHd66a1pEs5a1pFzlbVJv3Ldzeotnyt3U1ECUPMCnDglHDE3B194D7tY6B6+xVdxEA3012LczL2mjjxoLQA7KeKPaoEylpi+okSjNNqDbQruwTqjhDZQVfWBQaJguPXtu/mp+bsrVjwZuBATOBkikavEp6IdC13/HND2JflsC07bIZ3O7k7MKLiB/c8koisJ9DUkgSlkOEai+xXw2CugqOX07aieLB7jHCnXY68Nf+79yTgHb5UfZpM72odoGCS54N7TVESH5bFXlEjp X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: When requesting an attestation report a guest is able to specify whether it wants SNP firmware to sign the report using either a Versioned Chip Endorsement Key (VCEK), which is derived from chip-unique secrets, or a Versioned Loaded Endorsement Key (VLEK) which is obtained from an AMD Key Derivation Service (KDS) and derived from seeds allocated to enrolled cloud service providers (CSPs). For VLEK keys, an SNP_VLEK_LOAD SNP firmware command is used to load them into the system after obtaining them from the KDS. Add a corresponding userspace interface so to allow the loading of VLEK keys into the system. See SEV-SNP Firmware ABI 1.54, SNP_VLEK_LOAD for more details. Reviewed-by: Tom Lendacky Signed-off-by: Michael Roth --- Documentation/virt/coco/sev-guest.rst | 19 ++++++++++++++ drivers/crypto/ccp/sev-dev.c | 36 +++++++++++++++++++++++++++ include/uapi/linux/psp-sev.h | 27 ++++++++++++++++++++ 3 files changed, 82 insertions(+) diff --git a/Documentation/virt/coco/sev-guest.rst b/Documentation/virt/coco/sev-guest.rst index e1eaf6a830ce..de68d3a4b540 100644 --- a/Documentation/virt/coco/sev-guest.rst +++ b/Documentation/virt/coco/sev-guest.rst @@ -176,6 +176,25 @@ to SNP_CONFIG command defined in the SEV-SNP spec. The current values of the firmware parameters affected by this command can be queried via SNP_PLATFORM_STATUS. +2.7 SNP_VLEK_LOAD +----------------- +:Technology: sev-snp +:Type: hypervisor ioctl cmd +:Parameters (in): struct sev_user_data_snp_vlek_load +:Returns (out): 0 on success, -negative on error + +When requesting an attestation report a guest is able to specify whether +it wants SNP firmware to sign the report using either a Versioned Chip +Endorsement Key (VCEK), which is derived from chip-unique secrets, or a +Versioned Loaded Endorsement Key (VLEK) which is obtained from an AMD +Key Derivation Service (KDS) and derived from seeds allocated to +enrolled cloud service providers. + +In the case of VLEK keys, the SNP_VLEK_LOAD SNP command is used to load +them into the system after obtaining them from the KDS, and corresponds +closely to the SNP_VLEK_LOAD firmware command specified in the SEV-SNP +spec. + 3. SEV-SNP CPUID Enforcement ============================ diff --git a/drivers/crypto/ccp/sev-dev.c b/drivers/crypto/ccp/sev-dev.c index 2102377f727b..97a7959406ee 100644 --- a/drivers/crypto/ccp/sev-dev.c +++ b/drivers/crypto/ccp/sev-dev.c @@ -2027,6 +2027,39 @@ static int sev_ioctl_do_snp_set_config(struct sev_issue_cmd *argp, bool writable return __sev_do_cmd_locked(SEV_CMD_SNP_CONFIG, &config, &argp->error); } +static int sev_ioctl_do_snp_vlek_load(struct sev_issue_cmd *argp, bool writable) +{ + struct sev_device *sev = psp_master->sev_data; + struct sev_user_data_snp_vlek_load input; + void *blob; + int ret; + + if (!sev->snp_initialized || !argp->data) + return -EINVAL; + + if (!writable) + return -EPERM; + + if (copy_from_user(&input, u64_to_user_ptr(argp->data), sizeof(input))) + return -EFAULT; + + if (input.len != sizeof(input) || input.vlek_wrapped_version != 0) + return -EINVAL; + + blob = psp_copy_user_blob(input.vlek_wrapped_address, + sizeof(struct sev_user_data_snp_wrapped_vlek_hashstick)); + if (IS_ERR(blob)) + return PTR_ERR(blob); + + input.vlek_wrapped_address = __psp_pa(blob); + + ret = __sev_do_cmd_locked(SEV_CMD_SNP_VLEK_LOAD, &input, &argp->error); + + kfree(blob); + + return ret; +} + static long sev_ioctl(struct file *file, unsigned int ioctl, unsigned long arg) { void __user *argp = (void __user *)arg; @@ -2087,6 +2120,9 @@ static long sev_ioctl(struct file *file, unsigned int ioctl, unsigned long arg) case SNP_SET_CONFIG: ret = sev_ioctl_do_snp_set_config(&input, writable); break; + case SNP_VLEK_LOAD: + ret = sev_ioctl_do_snp_vlek_load(&input, writable); + break; default: ret = -EINVAL; goto out; diff --git a/include/uapi/linux/psp-sev.h b/include/uapi/linux/psp-sev.h index b7a2c2ee35b7..2289b7c76c59 100644 --- a/include/uapi/linux/psp-sev.h +++ b/include/uapi/linux/psp-sev.h @@ -31,6 +31,7 @@ enum { SNP_PLATFORM_STATUS, SNP_COMMIT, SNP_SET_CONFIG, + SNP_VLEK_LOAD, SEV_MAX, }; @@ -214,6 +215,32 @@ struct sev_user_data_snp_config { __u8 rsvd1[52]; } __packed; +/** + * struct sev_data_snp_vlek_load - SNP_VLEK_LOAD structure + * + * @len: length of the command buffer read by the PSP + * @vlek_wrapped_version: version of wrapped VLEK hashstick (Must be 0h) + * @rsvd: reserved + * @vlek_wrapped_address: address of a wrapped VLEK hashstick + * (struct sev_user_data_snp_wrapped_vlek_hashstick) + */ +struct sev_user_data_snp_vlek_load { + __u32 len; /* In */ + __u8 vlek_wrapped_version; /* In */ + __u8 rsvd[3]; /* In */ + __u64 vlek_wrapped_address; /* In */ +} __packed; + +/** + * struct sev_user_data_snp_vlek_wrapped_vlek_hashstick - Wrapped VLEK data + * + * @data: Opaque data provided by AMD KDS (as described in SEV-SNP Firmware ABI + * 1.54, SNP_VLEK_LOAD) + */ +struct sev_user_data_snp_wrapped_vlek_hashstick { + __u8 data[432]; /* In */ +} __packed; + /** * struct sev_issue_cmd - SEV ioctl parameters * From patchwork Sun Apr 21 18:01:21 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Roth X-Patchwork-Id: 13637451 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 4F037C4345F for ; Sun, 21 Apr 2024 18:08:33 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id B63166B00AC; Sun, 21 Apr 2024 14:08:32 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id B12E26B00AD; Sun, 21 Apr 2024 14:08:32 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 965D66B00AE; Sun, 21 Apr 2024 14:08:32 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0012.hostedemail.com [216.40.44.12]) by kanga.kvack.org (Postfix) with ESMTP id 780BE6B00AC for ; Sun, 21 Apr 2024 14:08:32 -0400 (EDT) Received: from smtpin03.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay03.hostedemail.com (Postfix) with ESMTP id 3BF30A0A71 for ; Sun, 21 Apr 2024 18:08:32 +0000 (UTC) X-FDA: 82034324064.03.F64D7FF Received: from NAM11-DM6-obe.outbound.protection.outlook.com (mail-dm6nam11on2049.outbound.protection.outlook.com [40.107.223.49]) by imf05.hostedemail.com (Postfix) with ESMTP id 5D5E5100011 for ; Sun, 21 Apr 2024 18:08:28 +0000 (UTC) Authentication-Results: imf05.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b=mBUq2h6F; dmarc=pass (policy=quarantine) header.from=amd.com; arc=pass ("microsoft.com:s=arcselector9901:i=1"); spf=pass (imf05.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.223.49 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1713722908; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=vrwzof3RVQhyZxlUzlSBLTxrCF2ZDlYFNuyZSJEeWoo=; b=uNe9skoS4xSPgA45O/diVm8vCsLCXghofgkqLNWjWHtzYaE3SshB/D+7Wsxw/dbRCnFh7z 8+nSgVJKvqaDYhPyEeyDxOi0E+FhQTnN7BeXC0RoGqgcIfc2pb9MWBpLj0AEyRWyxiuglf ywxBbyY841p3yqjfieoVDo6HOEytgoM= ARC-Authentication-Results: i=2; imf05.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b=mBUq2h6F; dmarc=pass (policy=quarantine) header.from=amd.com; arc=pass ("microsoft.com:s=arcselector9901:i=1"); spf=pass (imf05.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.223.49 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com ARC-Seal: i=2; s=arc-20220608; d=hostedemail.com; t=1713722908; a=rsa-sha256; cv=pass; b=7MgycAmYhmCl6e6IDi5LGDw3DDm/0ZKRKZmedHwKLHDLPQOYTHnjfrW+XkTkIEnNOd5+Mb nsUcqBbC5l22Gdv9NZbuB4VqtxEbPzZ2PDjKG8fB6nwFuh3EoWo6v2HcYJKiAUF4oOeh7j O/bHJeujVxdOjwwexJdVBHkzv+HJPXY= ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=YlfbPQ4chavtj2GAhNzFPVWIKtcfd9HXo5eCpSdE1mWONgDv0J+0Xb9mQ3Ik9VDmrnDNMc1JqeXabdYeaBzOIXfpiOTOqo6miIL4SdoQzKKW3mYIjwq9ThjWbPJfHSDSZ6o/uJf9p+4ml3EAcRusMiS8Ku1N9zh6STDJESKYibho6Ha5kqIEb3Bq2rn66MjkvHBydVQsJzT4yV/3wmRmlYfqxHqsFWCPbrPXZEK0XHlN1WXzl5EikB4Ud/5N7ipSn3ZyUWwd9OPNDDBUoav2IH7b2s86D5+eBWLeYj8K7J9SvwshJKhgfVyqZ5BgGwHV1X9J5KhyxkuAGk4cn444IQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=vrwzof3RVQhyZxlUzlSBLTxrCF2ZDlYFNuyZSJEeWoo=; b=QiW+5s0OhTtm1ZCdAyQfOoX5wZTxRfDW55JidxwfVhWKVgIPdZOsEKZy5bNkRAJV9GLbjRiK0VE/WsYMIW7E1B5emJPXUBpOQu90scMXV5qAyuVwp5dwdLf+eaNvoT8QfC6g9Db47ZBBYKDYWRby+w/YJpgu0I82uwii4J+rKyWXWW9ZBdGC2jw7a8gUqnxPkXr2DNfDp17PsjjTfJpKhiVHHsfIaZkBbannFRK7h0C/bciEwXYMGUl6G44I0Q2DVgWgNQcmb7kL6suZjnMx0DtFouD+Gi06hQ4IP4m9YMkzVy9Q6i39hSXebT/NClRnOp9CzubCx6RLgWvqKRj9Xg== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=temperror (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=temperror action=none header.from=amd.com; dkim=none (message not signed); arc=none (0) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=vrwzof3RVQhyZxlUzlSBLTxrCF2ZDlYFNuyZSJEeWoo=; b=mBUq2h6FzyxZrZFhfOV885V3NsKBl7SjL8YtLlOb6jcWSk4fyFhym3yfLTpWnSN/gpUursb/TIdZaxdVmsrvD0ksH+o/uKAqpeP1/bcyG0RUVQFUfuUeOwnP5QIQVJ+omizSQNk3RMuSrmqCXkkU/7qbVZ86dmllKt0hDBMhcUM= Received: from DS7PR03CA0209.namprd03.prod.outlook.com (2603:10b6:5:3b6::34) by PH7PR12MB6787.namprd12.prod.outlook.com (2603:10b6:510:1ad::15) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7472.44; Sun, 21 Apr 2024 18:08:23 +0000 Received: from CY4PEPF0000FCC1.namprd03.prod.outlook.com (2603:10b6:5:3b6:cafe::8) by DS7PR03CA0209.outlook.office365.com (2603:10b6:5:3b6::34) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7495.33 via Frontend Transport; Sun, 21 Apr 2024 18:08:23 +0000 X-MS-Exchange-Authentication-Results: spf=temperror (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=temperror action=none header.from=amd.com; Received-SPF: TempError (protection.outlook.com: error in processing during lookup of amd.com: DNS Timeout) Received: from SATLEXMB04.amd.com (165.204.84.17) by CY4PEPF0000FCC1.mail.protection.outlook.com (10.167.242.103) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.7519.19 via Frontend Transport; Sun, 21 Apr 2024 18:08:21 +0000 Received: from localhost (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.35; Sun, 21 Apr 2024 13:08:20 -0500 From: Michael Roth To: CC: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , Subject: [PATCH v14 21/22] crypto: ccp: Add the SNP_{PAUSE,RESUME}_ATTESTATION commands Date: Sun, 21 Apr 2024 13:01:21 -0500 Message-ID: <20240421180122.1650812-22-michael.roth@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20240421180122.1650812-1-michael.roth@amd.com> References: <20240421180122.1650812-1-michael.roth@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: CY4PEPF0000FCC1:EE_|PH7PR12MB6787:EE_ X-MS-Office365-Filtering-Correlation-Id: 276599a1-f3d7-4eb7-4b86-08dc622e0795 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: mab1Krx9HrNJ1ocHgLLI4hv71P2gMkOS1CVuiBvp6u5zGODxqXsXbB/nLTR0xvBnc1BT8L92zFp6AsLDc3GSnOP3Y8jYidAgvy/6LbQveIl+5/XLAaKa4NZKJJtbOCcHhVukhhcfHr7Pz8A4KSEI6us0n1lbUmtHfgLp4N7HMKZd+V7kisu/cBNKPWgvcjzEgeudxaaGv8f3xzMGVGdzUFosWQ4dI6xJvgXWdqoiEbPZTWH6w4G6skDlWCs3bAMKSSkmzQOU969sGB7sAIl0pyxoY6/Fem13LONb6q7pDqxlHBoyB2/PMiN3K2hW2+wSPb5r/xB01ovaZmPW7UYO5olnn7mWw6TccK9aemtGjfQZ0UPnh47cX/ch9FOiqKvgCgytb1fl3B4rvWWxOG/GXlfAbfzS0X6rq9FInuMYQDVqX469k61dUOYjIvwJZHwaVmhFdvpz+eEqyLusaWZZxs0MyZ6o3LWiWfuoJNzlqqSSWjRX/Q6d6fkkK8ScnZ6vlL4LxGIZD7AgH7n5kpiRCUHibdX9w/q2j9ise0ZpR9v9VdTaLH4Jd6WP39t6aOw+kCsmYsWy1umreimCWFJvsFNBvJTp/+iVHumUIiDCEwv8jVPC4+BiNhdpLbO+svD7Jes4GdQMBuwmJglN6J0r4lWio7E0u8L7viLz+zn3A5cYSbSuLIpWJ4Wu1/E0a5Y5GEufzu3B8valeB3z6zzW9rOIiSqf2EYLk9xCtTPBnbsuXGIIFH1cnF/y0k7CBR58GNtt4JVp5ZqFGTSROahfcpl+p5XdzVJWrHTygVzwx0iIgYAYzxee5uSRXM4Sa9z/cEuDctXXewPNQSEEmK6yEaMFvwZ4lFyZnlz0nZM5xMj0dmrZKGM/NBLGN7UxyHnjrbJAl6kwVPjY4EtxblU+XtW2CX0YPCw9n9e9/wpTGzSZQKGi1f5aFDTlTMtmOh6T6PAk/Y5orm5xbKDPHPu7RbMtN4cirnoh6kHFgZv2cWMS2cDPxGgUc57kihEA9QqtCNUVotOm1yo7cIQSJ/eXD2MEUhBdJBGBSH6McxkOrWNlisPkL2slF4M3cgoB7ZaJnaVHHKda/tt8PeOAeUEjIfLd2NDDJZASZL/Ti2mL5hxSYoPx4MZRCJStPMw2p2+uzfTDSaWLLR4qidbNvHhYF0m/ixqtNNWlTA+II6ugUeQlDLcfEBFv2qXTWutn+jJGcL/PNGWaJ7KwwKaGcuLZ1Ff5vuTdhiRQPBXDa7YLFLMk2v7wbb3WJ5Ts+Gnf2ysF2C/zpaZbgrXeqVYRZAt0PkE+ydsvriM2lQDRygbTo+lm5+4+X2aLw+a11ry1HX6/A1UhrAKEq90KSUz7356Qi/Nli++SrQ0xEADhNeRuIp3ek/yNVyaXkjrTIzfmvGwl X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230031)(1800799015)(7416005)(376005)(82310400014)(36860700004);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 21 Apr 2024 18:08:21.4072 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 276599a1-f3d7-4eb7-4b86-08dc622e0795 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: CY4PEPF0000FCC1.namprd03.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: PH7PR12MB6787 X-Rspamd-Server: rspam04 X-Rspamd-Queue-Id: 5D5E5100011 X-Rspam-User: X-Stat-Signature: 3mfhi3m7317yjx739bskpi59eo73jo1p X-HE-Tag: 1713722908-308077 X-HE-Meta: U2FsdGVkX1+FmYEb4cEDVwK6KPbDGaRTflA/TmDQ/IBmLGpBXdSlxCdK2Anc4hzu0eBlRH+IXmvRugZdrosQxe/OEnuL9aC8WJVWFZnO5Jnlt3qvLrgDJV0LwR9TlQiDNDcbwdbvPBY9bnYe4LozgAybWZ2xwj7b7vVPYuyNX8Cpq6CNP8Sl74QCMeN7RkaR/WtFdLXhAZ3qzf3RipYSeTViEPnUsgzftK6UwyUCipnVbuXQWOmkH+5lxIDtP4umq6f/sub/+bbX4mgLccP+uiGfA3MIjjCssYYYAWDgL4cr67Hnno0l/HuHO20OvSkGOZSkaSM9gEJnFwJ7+jtrS4pmJEucM0tsFPGT21NIY8xyqVkVxCyBKqOvFzIoKCDo8IbUzo+2GBUliQJmBZ0pXAR8xuQhlOpZcmSm/fK9M+M0cS9DaJEibNm2tbYIsdTMzzowYBcqcjrAH4Cce2VAl0wbGQe7Ryep+AszlBL3VMSn4mURRdvdYVKElKgqEdVMdz35Kwk6lPUP5YNClaJFdHZgAhOdxJPv4v11bcS7cYykh9ZZexfPBe6hIpSERHrFlp6DsnVhh0ChIN1uBwjdYeZxjelwiGtGmv2YRRK8ftrsj1XJvT6NjDyJx3UTzwnH0VMuNCjE0JPq7Ja6NzFGUIV1iDgQorJutDyLB+g5bFnm67tpDxVkb6CeqVGBeaXybSGD5ImgXj6yOij6yYszRW7ibshwscmHniqrr/JcQcPcTVynlsWwmQElkkYTtoS0Ztz+abJNHAGfNNP8QwnvvFy15qXPqx26Ai1O6tccMJKsgPBi9nn2mwirT2lLriA2EZC2u1fbUwFtJPEDwDja6pl6vlWLR0TYn/PrcvMCsjN2XB3KBfH7GR55rxQyxn9qV2YYeGXorogrovJsd8gxaZjOb9D/6EOYzIi9uOe3o81N7wWJIoNC947IzGytK4LBDOPgLNs8eUxZ3rUGSgG WRH7XYpj HIrEMHLbnQn4AOFgNgW3GFsweKCWGu+x+yb5+XuLAgsvZsh3c0GWs/XI2Rp0gyRDehisCY3JSfWaooeCFEvdfdh9omWt071eel3WkIMLcjy1UyHdAKCWXoW6ZwDjasymkv3rgqWBGVFheimREaYV4+86Lcz94ZGFKl6JovWS9L01S4nD5yb/8URVaAY1FstkJR3+ytqaqI03TMtZZava9/9fFucq+RU6XqPdPSDY/NK/i2Sw0dHuiC3gF3UrMVceqVv459chW/3P74q7lfLUo/oH+oTyzkgzSiNGLpZBCymhRFKFVWEQjFELd/51UC3YjoRJNZyVhkEAVFYxRjsWfftCLA/xonM6+dCFS4Z31nHQPta/CzMzbkKzXdAWCKTdMeXH/ X-Bogosity: Ham, tests=bogofilter, spamicity=0.000003, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: These commands can be used to pause servicing of guest attestation requests. This useful when updating the reported TCB or signing key with commands such as SNP_SET_CONFIG/SNP_COMMIT/SNP_VLEK_LOAD, since they may in turn require updates to userspace-supplied certificates, and if an attestation request happens to be in-flight at the time those updates are occurring there is potential for a guest to receive a certificate blob that is out of sync with the effective signing key for the attestation report. These interfaces also provide some versatility with how similar firmware/certificate update activities can be handled in the future. Reviewed-by: Tom Lendacky Signed-off-by: Michael Roth --- Documentation/virt/coco/sev-guest.rst | 50 +++++++++++++++++++++++++-- arch/x86/include/asm/sev.h | 6 ++++ arch/x86/virt/svm/sev.c | 43 +++++++++++++++++++++++ drivers/crypto/ccp/sev-dev.c | 47 +++++++++++++++++++++++++ include/uapi/linux/psp-sev.h | 12 +++++++ 5 files changed, 156 insertions(+), 2 deletions(-) diff --git a/Documentation/virt/coco/sev-guest.rst b/Documentation/virt/coco/sev-guest.rst index de68d3a4b540..ab192a008ba7 100644 --- a/Documentation/virt/coco/sev-guest.rst +++ b/Documentation/virt/coco/sev-guest.rst @@ -128,8 +128,6 @@ the SEV-SNP specification for further details. The SNP_GET_EXT_REPORT ioctl is similar to the SNP_GET_REPORT. The difference is related to the additional certificate data that is returned with the report. -The certificate data returned is being provided by the hypervisor through the -SNP_SET_EXT_CONFIG. The ioctl uses the SNP_GUEST_REQUEST (MSG_REPORT_REQ) command provided by the SEV-SNP firmware to get the attestation report. @@ -195,6 +193,54 @@ them into the system after obtaining them from the KDS, and corresponds closely to the SNP_VLEK_LOAD firmware command specified in the SEV-SNP spec. +2.8 SNP_PAUSE_ATTESTATION / SNP_RESUME_ATTESTATION +-------------------------------------------------- +:Technology: sev-snp +:Type: hypervisor ioctl cmd +:Parameters (out): struct sev_user_data_snp_pause_transaction +:Returns (out): 0 on success, -negative on error + +When requesting attestation reports, SNP guests have the option of issuing +an extended guest request which allows host userspace to supply additional +certificate data that can be used to validate the signature used to sign +the attestation report. This signature is generated using a key that is +derived from the reported TCB that can be set via the SNP_SET_CONFIG and +SNP_COMMIT ioctls, so the accompanying certificate data needs to be kept in +sync with the changes made to the reported TCB via these ioctls. + +Similarly, interfaces like SNP_LOAD_VLEK can modify the key used to sign +the attestation reports, which may in turn require updating the certificate +data provided to guests via extended guest requests. + +To allow for updating the reported TCB, endorsement key, and any certificate +data in a manner that is atomic to guests, the SNP_PAUSE_ATTESTATION and +SNP_RESUME_ATTESTATION commands are provided. + +After SNP_PAUSE_ATTESTATION is issued, any attestation report requests via +extended guest requests that are in-progress, or received after +SNP_PAUSE_ATTESTATION is issued, will result in the guest receiving a +GHCB-defined error message instructing it to retry the request. Once all +the desired reported TCB, endorsement keys, or certificate data updates +are completed on the host, the SNP_RESUME_ATTESTATION command must be +issued to allow guest attestation requests to proceed. + +In general, hosts should serialize updates of this sort and never have more +than 1 outstanding transaction in flight that could result in the +interleaving of multiple SNP_PAUSE_ATTESTATION/SNP_RESUME_ATTESTATION pairs. +To guard against this, SNP_PAUSE_ATTESTATION will fail if another process +has already paused attestation requests. + +However, there may be occassions where a transaction needs to be aborted due +to unexpected activity in userspace such as timeouts, crashes, etc., so +SNP_RESUME_ATTESTATION will always succeed. Nonetheless, this could +potentially lead to SNP_RESUME_ATTESTATION being called out of sequence, so +to allow for callers of SNP_{PAUSE,RESUME}_ATTESTATION to detect such +occurrences, each ioctl will return a transaction ID in the response so the +caller can monitor whether the start/end ID both match. If they don't, the +caller should assume that attestation has been paused/resumed unexpectedly, +and take whatever measures it deems necessary such as logging, reporting, +auditing the sequence of events. + 3. SEV-SNP CPUID Enforcement ============================ diff --git a/arch/x86/include/asm/sev.h b/arch/x86/include/asm/sev.h index 3a06f06b847a..ee24ef815e35 100644 --- a/arch/x86/include/asm/sev.h +++ b/arch/x86/include/asm/sev.h @@ -82,6 +82,8 @@ extern void vc_no_ghcb(void); extern void vc_boot_ghcb(void); extern bool handle_vc_boot_ghcb(struct pt_regs *regs); +extern struct mutex snp_pause_attestation_lock; + /* PVALIDATE return codes */ #define PVALIDATE_FAIL_SIZEMISMATCH 6 @@ -272,6 +274,8 @@ int rmp_make_private(u64 pfn, u64 gpa, enum pg_level level, u32 asid, bool immut int rmp_make_shared(u64 pfn, enum pg_level level); void snp_leak_pages(u64 pfn, unsigned int npages); void kdump_sev_callback(void); +int snp_pause_attestation(u64 *transaction_id); +void snp_resume_attestation(u64 *transaction_id); #else static inline bool snp_probe_rmptable_info(void) { return false; } static inline int snp_lookup_rmpentry(u64 pfn, bool *assigned, int *level) { return -ENODEV; } @@ -285,6 +289,8 @@ static inline int rmp_make_private(u64 pfn, u64 gpa, enum pg_level level, u32 as static inline int rmp_make_shared(u64 pfn, enum pg_level level) { return -ENODEV; } static inline void snp_leak_pages(u64 pfn, unsigned int npages) {} static inline void kdump_sev_callback(void) { } +static inline int snp_pause_attestation(u64 *transaction_id) { return 0; } +static inline void snp_resume_attestation(u64 *transaction_id) {} #endif #endif diff --git a/arch/x86/virt/svm/sev.c b/arch/x86/virt/svm/sev.c index ab0e8448bb6e..b75f2e7d4012 100644 --- a/arch/x86/virt/svm/sev.c +++ b/arch/x86/virt/svm/sev.c @@ -70,6 +70,11 @@ static DEFINE_SPINLOCK(snp_leaked_pages_list_lock); static unsigned long snp_nr_leaked_pages; +/* For synchronizing TCB/certificate updates with extended guest requests */ +DEFINE_MUTEX(snp_pause_attestation_lock); +static u64 snp_transaction_id; +static bool snp_attestation_paused; + #undef pr_fmt #define pr_fmt(fmt) "SEV-SNP: " fmt @@ -568,3 +573,41 @@ void kdump_sev_callback(void) if (cc_platform_has(CC_ATTR_HOST_SEV_SNP)) wbinvd(); } + +int snp_pause_attestation(u64 *transaction_id) +{ + mutex_lock(&snp_pause_attestation_lock); + + if (snp_attestation_paused) { + mutex_unlock(&snp_pause_attestation_lock); + return -EBUSY; + } + + /* + * The actual transaction ID update will happen when + * snp_resume_attestation() is called, so return + * the *anticipated* transaction ID that will be + * returned by snp_resume_attestation(). This is + * to ensure that unbalanced/aborted transactions will + * be noticeable when the caller that started the + * transaction calls snp_resume_attestation(). + */ + *transaction_id = snp_transaction_id + 1; + snp_attestation_paused = true; + + mutex_unlock(&snp_pause_attestation_lock); + + return 0; +} +EXPORT_SYMBOL_GPL(snp_pause_attestation); + +void snp_resume_attestation(u64 *transaction_id) +{ + mutex_lock(&snp_pause_attestation_lock); + + snp_attestation_paused = false; + *transaction_id = ++snp_transaction_id; + + mutex_unlock(&snp_pause_attestation_lock); +} +EXPORT_SYMBOL_GPL(snp_resume_attestation); diff --git a/drivers/crypto/ccp/sev-dev.c b/drivers/crypto/ccp/sev-dev.c index 97a7959406ee..7eb18a273731 100644 --- a/drivers/crypto/ccp/sev-dev.c +++ b/drivers/crypto/ccp/sev-dev.c @@ -2060,6 +2060,47 @@ static int sev_ioctl_do_snp_vlek_load(struct sev_issue_cmd *argp, bool writable) return ret; } +static int sev_ioctl_do_snp_pause_attestation(struct sev_issue_cmd *argp, bool writable) +{ + struct sev_user_data_snp_pause_attestation transaction = {0}; + struct sev_device *sev = psp_master->sev_data; + int ret; + + if (!sev->snp_initialized || !argp->data) + return -EINVAL; + + if (!writable) + return -EPERM; + + ret = snp_pause_attestation(&transaction.id); + if (ret) + return ret; + + if (copy_to_user((void __user *)argp->data, &transaction, sizeof(transaction))) + return -EFAULT; + + return 0; +} + +static int sev_ioctl_do_snp_resume_attestation(struct sev_issue_cmd *argp, bool writable) +{ + struct sev_user_data_snp_pause_attestation transaction = {0}; + struct sev_device *sev = psp_master->sev_data; + + if (!sev->snp_initialized || !argp->data) + return -EINVAL; + + if (!writable) + return -EPERM; + + snp_resume_attestation(&transaction.id); + + if (copy_to_user((void __user *)argp->data, &transaction, sizeof(transaction))) + return -EFAULT; + + return 0; +} + static long sev_ioctl(struct file *file, unsigned int ioctl, unsigned long arg) { void __user *argp = (void __user *)arg; @@ -2123,6 +2164,12 @@ static long sev_ioctl(struct file *file, unsigned int ioctl, unsigned long arg) case SNP_VLEK_LOAD: ret = sev_ioctl_do_snp_vlek_load(&input, writable); break; + case SNP_PAUSE_ATTESTATION: + ret = sev_ioctl_do_snp_pause_attestation(&input, writable); + break; + case SNP_RESUME_ATTESTATION: + ret = sev_ioctl_do_snp_resume_attestation(&input, writable); + break; default: ret = -EINVAL; goto out; diff --git a/include/uapi/linux/psp-sev.h b/include/uapi/linux/psp-sev.h index 2289b7c76c59..7b35b2814a99 100644 --- a/include/uapi/linux/psp-sev.h +++ b/include/uapi/linux/psp-sev.h @@ -32,6 +32,8 @@ enum { SNP_COMMIT, SNP_SET_CONFIG, SNP_VLEK_LOAD, + SNP_PAUSE_ATTESTATION, + SNP_RESUME_ATTESTATION, SEV_MAX, }; @@ -241,6 +243,16 @@ struct sev_user_data_snp_wrapped_vlek_hashstick { __u8 data[432]; /* In */ } __packed; +/** + * struct sev_user_data_snp_pause_attestation - metadata for pausing attestation + * + * @id: the ID of the transaction started/ended by a call to SNP_PAUSE_ATTESTATION + * or SNP_RESUME_ATTESTATION, respectively. + */ +struct sev_user_data_snp_pause_attestation { + __u64 id; /* Out */ +} __packed; + /** * struct sev_issue_cmd - SEV ioctl parameters * From patchwork Sun Apr 21 18:01:22 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Roth X-Patchwork-Id: 13637452 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 61113C04FF8 for ; Sun, 21 Apr 2024 18:08:51 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id E71836B0089; Sun, 21 Apr 2024 14:08:50 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id E21B06B00A5; Sun, 21 Apr 2024 14:08:50 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id C73EC6B00AF; Sun, 21 Apr 2024 14:08:50 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0012.hostedemail.com [216.40.44.12]) by kanga.kvack.org (Postfix) with ESMTP id A89486B0089 for ; Sun, 21 Apr 2024 14:08:50 -0400 (EDT) Received: from smtpin06.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay05.hostedemail.com (Postfix) with ESMTP id 5B13440A11 for ; Sun, 21 Apr 2024 18:08:50 +0000 (UTC) X-FDA: 82034324820.06.93052E8 Received: from NAM12-DM6-obe.outbound.protection.outlook.com (mail-dm6nam12on2081.outbound.protection.outlook.com [40.107.243.81]) by imf23.hostedemail.com (Postfix) with ESMTP id 64A8014000C for ; Sun, 21 Apr 2024 18:08:47 +0000 (UTC) Authentication-Results: imf23.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b=tlSEWCCc; dmarc=pass (policy=quarantine) header.from=amd.com; arc=pass ("microsoft.com:s=arcselector9901:i=1"); spf=pass (imf23.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.243.81 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1713722927; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=agCuD0cvtD6/j72PtGo3DJ5+sXz548I6rxzD/SUBvFY=; b=5GEBK5abCJ/sYypvR/WzOD6pphhVxYStTpRhpWPTIjm+3cO/64Wk7IXZhBjW7vmprAXX0b Qn0G6/OD84FvZYE7S3N+cCJnE1dVV1rnvAakMaQpDndCBTcePJW6/T0bsROEbPeee5Cp6G C0wVaIPV0ucjnqo2DM2cVXTuPg4AzqA= ARC-Authentication-Results: i=2; imf23.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b=tlSEWCCc; dmarc=pass (policy=quarantine) header.from=amd.com; arc=pass ("microsoft.com:s=arcselector9901:i=1"); spf=pass (imf23.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.243.81 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com ARC-Seal: i=2; s=arc-20220608; d=hostedemail.com; t=1713722927; a=rsa-sha256; cv=pass; b=oyueCmAmkDKSA0x9CJskSpQXh123ikaxPFNo1Nits5NPCFhuzKAPN/GVfQZlzoVQ43h9uQ YPbd6dN/DxgPKVm50r/XcCSN3KG+7J9KCySuojfqPhcoP+rmblxj3ufrZs4PO5dYHdNIV9 /QXuzBMCBzM+4e1LNs4X3YIxISgerG0= ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=nHPlmFiD4JG39A65gyJ/7H3XKSvChChPfFo/CDn4f4pplozAzPjVjUhonKHGiZakGJvf2iOPTnQ+Ghyv2V2inW0MmkpLxMBCwC4gF+IRFIfXmfhHehMRWDjsarIFzDEKwi23FU5iVmyiVpvoJu4WdEfD7N6eV6WAbO5amIpW04GRgwB63+A8Ea1u/7XNntxgsePMWuB76DWPDz3Bsp66qnQJew7m4VcJ4/0YIkoCS8lHp6AKjcoCYod5ZKPdamabjMCYxTUWmEgpDnPPC8uYlv96xqJGWVCrHztUeb8odXNUAKqle4TYoWiQAbX0MWi2no321kQufYEPn5lJlZtr/A== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=agCuD0cvtD6/j72PtGo3DJ5+sXz548I6rxzD/SUBvFY=; b=G9gYeka2ZYYr67ui0/51G0jgTPMQ2Vp5ka/PIOQqQi70VDK+lYdQ2bjgZdQZ9zuynmbFR2vMzrKHWZce095Vx3otdco72K1fSnWHegIv/gG5T1AmUI0JabgchMmlQrhnXYYhEDum6A69wgek14Ss97DvPg7+ib+h+0L5BjvRfjKTBYXIE+Lngi0H0wj1s0UVUfM+6/ZVid+gZGoa4Tfo5mUAbRNAwoCgFRtsbP0OByGVvfgMmJVT8f6uX5RnQ2Xnc0DT/0H+/5NpkQwOCl8JK5dEA9BSPg0QJZpBdDX6az9tA4Qs/lChemPkYe6+sWQ7WxmIr1hkF0rJr52v843scQ== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none (0) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=agCuD0cvtD6/j72PtGo3DJ5+sXz548I6rxzD/SUBvFY=; b=tlSEWCCcsu4BzPgUAxmtkzS3zf/DsMPTwPN9l0A7H31v0j/YYEF7p6N46BLKJCFb1lM6/uxlcg90So6ouLuPRo+2pmPwP0BlMbQ63jUHv4Uzm8v7CltbSyhKdrqIJhUHZz6fYbOHRxn0m0Raz+6TtnJdJJPeU1OnBzqghY1UVaU= Received: from DS7PR07CA0014.namprd07.prod.outlook.com (2603:10b6:5:3af::17) by SJ0PR12MB6877.namprd12.prod.outlook.com (2603:10b6:a03:47f::19) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7472.44; Sun, 21 Apr 2024 18:08:43 +0000 Received: from CY4PEPF0000FCC2.namprd03.prod.outlook.com (2603:10b6:5:3af:cafe::41) by DS7PR07CA0014.outlook.office365.com (2603:10b6:5:3af::17) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7495.33 via Frontend Transport; Sun, 21 Apr 2024 18:08:42 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by CY4PEPF0000FCC2.mail.protection.outlook.com (10.167.242.104) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.7519.19 via Frontend Transport; Sun, 21 Apr 2024 18:08:42 +0000 Received: from localhost (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.35; Sun, 21 Apr 2024 13:08:41 -0500 From: Michael Roth To: CC: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , Subject: [PATCH v14 22/22] KVM: SEV: Provide support for SNP_EXTENDED_GUEST_REQUEST NAE event Date: Sun, 21 Apr 2024 13:01:22 -0500 Message-ID: <20240421180122.1650812-23-michael.roth@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20240421180122.1650812-1-michael.roth@amd.com> References: <20240421180122.1650812-1-michael.roth@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: CY4PEPF0000FCC2:EE_|SJ0PR12MB6877:EE_ X-MS-Office365-Filtering-Correlation-Id: cdce3836-cdfc-449e-85e1-08dc622e142b X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: h+/5bJsUiNDrDBBLQN8Xlp1hZ8JUS8GdykALPHwCO8xk4i8EJw6thevATD0mZXt5xExYSB4pys/qB5R1Jvi4NrW7q/a+hfywRjU/wb2pxtB5w3yw6dFJFfMzMEu5GdhL5kdBYsFX+tcZvhRVZSO4pmK6BH1OUcnyvZn09KXisc0zl9xFH/m6PZh8o9UjRFShEAc4JIsQiCpjnEuGLjioBthfeOabX8JdUHkT31sz0cCpQh5IR8jfGnxa9ZRhISXgfjQq84XAXNcTdL8xi56PePv9AkncXKgajEc3chSabbfoADREsvTAKVdO2IPmhYQGo9QyuKNEO442Oy9fm4HCUFi8q8ry1D+oAog1bITFPbnFvO7sKECw2G1oOyEkcUOue1BkG1lYJOp4/8vupoae4HocjqesEDHIHXJLqTV1d4CjiowqxaQdtoJUIzqE9+EOsLiws1pCzbaB7E4qTa8IVCWT6YKVTNVRD/KgOWV3dlz1M3lGMTxQ2fVzWGlXqv+7sQyIovnHelCrGkqmiSOCuu0s++m1cHMuIcSozeTxF+SNKChM4cSMup6O2XqlzirQMvZzspZKKvpi88cBCKUO5wt9KvfsMeufB4luzsOHF242IEIAgFQaTeZni8OZcNtBcwLK9nW59pGIFoGMwT9qKJ26faQmID35p09wKvRdLip3Dcj/iX5YBsPT3lrfCrVwYUXHkNRY4csn5VVP1Mb0frpKR3nWIJimMBNeYIFc552LFEgLR04WH+ZIgNhmbSWTGf/eLfB824ult90yC7L3P76sGQV8nVb8oSmvuTrPFU17ih3pDv9eJFXV62RB/ULGeCcBCyzA/Cl+cZ1Swm5fmX8is5UOW59ouWqwwL2HKlQOw1qDgZbYxPztGU8pafoYOJPU8TbkzqLsggVO/syEHr4kl/w9cpnXGFblEOjnRAUtG//PWqAehYl9iIhfGyEnGzI148fSBqf66qfNVLLrExs2QRXr2IjdwgK970ielHajFN3KxDFcoOndDBZ7sktjlA3ZnkGSNlPrlUGxtUcFB/UF5N82CriArHn21S1fzOsKaZSh3WYXrMnS1o2XAwLYPG/5yF9OYmC4mqnQ/MDiLUn6Oc568G7ORaiik6k5jGCYKPrvf2SESD0lJGF7pQtr1Klrpv0F6uRyTaRfZ8D+Gcg/GrQ2jk4j2o8LXFWoBrraBOtIbrgtZYmxljEy8V8ENX6PRAHK1ZMuBEPtedEYBUoJa7Ibqv6+ONqFxrDjHPnH1kSsVkyAWnsQRQ+XBliGTszxCQqgzm3iI/gDXZxfzGsQtSmvTBLCzMtkhDDOCIu2LQdbNWj9IkNR+1ckwwG6AxWh2BtQo6J+RhcFaQw4eh1MMBdh4UXkaoC8+F/OVwzCOvvG20RqbmvcrjLqtrEZ X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230031)(7416005)(376005)(1800799015)(82310400014)(36860700004);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 21 Apr 2024 18:08:42.5088 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: cdce3836-cdfc-449e-85e1-08dc622e142b X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: CY4PEPF0000FCC2.namprd03.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: SJ0PR12MB6877 X-Rspamd-Server: rspam04 X-Rspamd-Queue-Id: 64A8014000C X-Rspam-User: X-Stat-Signature: n3myr69scge8rhhgw1h6a5riu9djoyrk X-HE-Tag: 1713722927-227621 X-HE-Meta: U2FsdGVkX19Ap8zeimPjfwJYn1Aajm3Aash3+ii11R4PnjRK+B41zuG/wNb9vst1vA86T4hj8O5ohTXRLlqKsQM51Xu/L3p9z5KqLBoIZSDhVuhpBRNokHAn+uRCAPWFfWB8z6tOrXX5hID624Okl2gaDvIUMscJJl0kPWnNjdgZtAVJHPD251P/NqmRR0fBKY7KAg5IB69iiyeJpboVH/qsQnZxOGRYVhFWrcAybSukAp3w0cYrmFn1FxwaLAQ2hxD5J25uN2xuU2QNfpSm4sMcwS9fJUpCGcbWJ/AoUqv9rnJ2ktO1SF6S1jAcsjzri5+A2grd/k639C1ISscTz1nEaQBv9HvcwZsIIgjWRm77GCeui5JoxwG+5wxKjanllSDZXyLgttPsDesTWpmo4uVeBwRxgp79ed13684cvnNo/05+6eW/uDMcGKLRHGMsEnUEqJongCNTzvBXnZV0y7ZXOibKig5DAvylVn3l8rHzWzft0vOQglZEMJBEMfF8fVGjrEkoTX2EXbccgozrb519nPXGcpbyJFfg7R3DVnFlj80B9IpibbhX/kETZquAgwRrOBro3s8IpoKmbgH80Hwdh6lQZjO0Z+5orR/+XqYnjNA2AfyPysffGcUi5cX0ZuuXHaAgWO6AtdwaA9S80mrtqNoQVyVCDe5RNZll9KitJORV4keCLbLpm06bFU1hf2a/u43279VllsiBQfcqpcLHJT58fK30sjQFeSGRqtFjG6fYBrbEywWUQGbfs6GvZ6ET3eWl8/84pGf5i3/xGWu11l1SWiUjgGFhIVkyzk84OjDR5IEvHmilN7NMZ2DBC5KwVniRClmsPIXnGIj+aGjuGpL/YXYu+8morGWn/KNSuRk015055NVGG1Bcu3cZ9KJpMGWoAtABS4n31kT288WWFbIUgaB0xk0pabX4l91i1OYK1jQEnpXGlaS7SqeGOgRbWICiFy4Frtui2+l IYxOQOR2 M4+GHFICyrhFUNqGMxhcQVlpLqbLy2hTLIk8OWKCerjyyRS/LcT6KmHXTT7umphqWCqQb8MESNgIB7uTc3PIMpWq6DghCo65jcRMe0M/5lK46AEjiAQBXmrYHWsI863Rv3uEQ5CmqDR6l/pi2WV74IVDBQhxFZ9v1S1aHdQNTKyhZkTtNjTwuKMV2M+B7BdrDihocZZnfoYLDf+Bn04GI+erhCveGVQACW8b/k1ThXfjwV1HTPGTYw1t1MFqpNhHD8xYOmC/1EvHM+F44kyh2NoBdz7e05efaJ1NUn9NpF/+ordm+vn6nKcTmRl/Sgj3ySOFIWh4ZcN5KozG4h/kyS8WLMxgzDjwVEvVyTKGmxF+4rvqYQSPYlfyBqFOAvaHMJyp3 X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: Version 2 of GHCB specification added support for the SNP Extended Guest Request Message NAE event. This event serves a nearly identical purpose to the previously-added SNP_GUEST_REQUEST event, but allows for additional certificate data to be supplied via an additional guest-supplied buffer to be used mainly for verifying the signature of an attestation report as returned by firmware. This certificate data is supplied by userspace, so unlike with SNP_GUEST_REQUEST events, SNP_EXTENDED_GUEST_REQUEST events are first forwarded to userspace via a KVM_EXIT_VMGEXIT exit type, and then the firmware request is made only afterward. Implement handling for these events. Since there is a potential for race conditions where the userspace-supplied certificate data may be out-of-sync relative to the reported TCB or VLEK that firmware will use when signing attestation reports, make use of the synchronization mechanisms wired up to the SNP_{PAUSE,RESUME}_ATTESTATION SEV device ioctls such that the guest will be told to retry the request while attestation has been paused due to an update being underway on the system. Signed-off-by: Michael Roth --- Documentation/virt/kvm/api.rst | 26 +++++++++++ arch/x86/include/asm/sev.h | 6 +++ arch/x86/kvm/svm/sev.c | 82 ++++++++++++++++++++++++++++++++++ arch/x86/kvm/svm/svm.h | 3 ++ arch/x86/virt/svm/sev.c | 37 +++++++++++++++ include/uapi/linux/kvm.h | 6 +++ 6 files changed, 160 insertions(+) diff --git a/Documentation/virt/kvm/api.rst b/Documentation/virt/kvm/api.rst index 85099198a10f..6cf186ed8f66 100644 --- a/Documentation/virt/kvm/api.rst +++ b/Documentation/virt/kvm/api.rst @@ -7066,6 +7066,7 @@ values in kvm_run even if the corresponding bit in kvm_dirty_regs is not set. struct kvm_user_vmgexit { #define KVM_USER_VMGEXIT_PSC_MSR 1 #define KVM_USER_VMGEXIT_PSC 2 + #define KVM_USER_VMGEXIT_EXT_GUEST_REQ 3 __u32 type; /* KVM_USER_VMGEXIT_* type */ union { struct { @@ -7079,6 +7080,11 @@ values in kvm_run even if the corresponding bit in kvm_dirty_regs is not set. __u64 shared_gpa; __u64 ret; } psc; + struct { + __u64 data_gpa; + __u64 data_npages; + __u32 ret; + } ext_guest_req; }; }; @@ -7108,6 +7114,26 @@ private/shared state. Userspace will return a value in 'ret' that is in agreement with the GHCB-defined return values that the guest will expect in the SW_EXITINFO2 field of the GHCB in response to these requests. +For the KVM_USER_VMGEXIT_EXT_GUEST_REQ type, the ext_guest_req union type +is used. The kernel will supply in 'data_gpa' the value the guest supplies +via the RAX field of the GHCB when issued extended guest requests. +'data_npages' will similarly contain the value the guest supplies in RBX +denoting the number of shared pages available to write the certificate +data into. + + - If the supplied number of pages is sufficient, userspace should write + the certificate data blob (in the format defined by the GHCB spec) in + the address indicated by 'data_gpa' and set 'ret' to 0. + + - If the number of pages supplied is not sufficient, userspace must write + the required number of pages in 'data_npages' and then set 'ret' to 1. + + - If userspace is temporarily unable to handle the request, 'ret' should + be set to 2 to inform the guest to retry later. + + - If some other error occurred, userspace should set 'ret' to a non-zero + value that is distinct from the specific return values mentioned above. + 6. Capabilities that can be enabled on vCPUs ============================================ diff --git a/arch/x86/include/asm/sev.h b/arch/x86/include/asm/sev.h index ee24ef815e35..dfc28ac4dd0e 100644 --- a/arch/x86/include/asm/sev.h +++ b/arch/x86/include/asm/sev.h @@ -276,6 +276,9 @@ void snp_leak_pages(u64 pfn, unsigned int npages); void kdump_sev_callback(void); int snp_pause_attestation(u64 *transaction_id); void snp_resume_attestation(u64 *transaction_id); +u64 snp_transaction_get_id(void); +bool __snp_transaction_is_stale(u64 transaction_id); +bool snp_transaction_is_stale(u64 transaction_id); #else static inline bool snp_probe_rmptable_info(void) { return false; } static inline int snp_lookup_rmpentry(u64 pfn, bool *assigned, int *level) { return -ENODEV; } @@ -291,6 +294,9 @@ static inline void snp_leak_pages(u64 pfn, unsigned int npages) {} static inline void kdump_sev_callback(void) { } static inline int snp_pause_attestation(u64 *transaction_id) { return 0; } static inline void snp_resume_attestation(u64 *transaction_id) {} +static inline u64 snp_transaction_get_id(void) { return 0; } +static inline bool __snp_transaction_is_stale(u64 transaction_id) { return false; } +static inline bool snp_transaction_is_stale(u64 transaction_id) { return false; } #endif #endif diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c index 68db390b19d0..1cec466e593b 100644 --- a/arch/x86/kvm/svm/sev.c +++ b/arch/x86/kvm/svm/sev.c @@ -3292,6 +3292,7 @@ static int sev_es_validate_vmgexit(struct vcpu_svm *svm) case SVM_VMGEXIT_PSC: case SVM_VMGEXIT_TERM_REQUEST: case SVM_VMGEXIT_GUEST_REQUEST: + case SVM_VMGEXIT_EXT_GUEST_REQUEST: break; default: reason = GHCB_ERR_INVALID_EVENT; @@ -3812,6 +3813,84 @@ static void snp_handle_guest_req(struct vcpu_svm *svm, gpa_t req_gpa, gpa_t resp ghcb_set_sw_exit_info_2(svm->sev_es.ghcb, SNP_GUEST_ERR(vmm_ret, fw_err)); } +static int snp_complete_ext_guest_req(struct kvm_vcpu *vcpu) +{ + struct vcpu_svm *svm = to_svm(vcpu); + struct vmcb_control_area *control; + struct kvm *kvm = vcpu->kvm; + sev_ret_code fw_err = 0; + int vmm_ret; + + vmm_ret = vcpu->run->vmgexit.ext_guest_req.ret; + if (vmm_ret) { + if (vmm_ret == SNP_GUEST_VMM_ERR_INVALID_LEN) + vcpu->arch.regs[VCPU_REGS_RBX] = + vcpu->run->vmgexit.ext_guest_req.data_npages; + goto abort_request; + } + + control = &svm->vmcb->control; + + /* + * To avoid the message sequence number getting out of sync between the + * actual value seen by firmware verses the value expected by the guest, + * make sure attestations can't get paused on the write-side at this + * point by holding the lock for the entire duration of the firmware + * request so that there is no situation where SNP_GUEST_VMM_ERR_BUSY + * would need to be returned after firmware sees the request. + */ + mutex_lock(&snp_pause_attestation_lock); + + if (__snp_transaction_is_stale(svm->snp_transaction_id)) + vmm_ret = SNP_GUEST_VMM_ERR_BUSY; + else if (!__snp_handle_guest_req(kvm, control->exit_info_1, + control->exit_info_2, &fw_err)) + vmm_ret = SNP_GUEST_VMM_ERR_GENERIC; + + mutex_unlock(&snp_pause_attestation_lock); + +abort_request: + ghcb_set_sw_exit_info_2(svm->sev_es.ghcb, SNP_GUEST_ERR(vmm_ret, fw_err)); + + return 1; /* resume guest */ +} + +static int snp_begin_ext_guest_req(struct kvm_vcpu *vcpu) +{ + int vmm_ret = SNP_GUEST_VMM_ERR_GENERIC; + struct vcpu_svm *svm = to_svm(vcpu); + unsigned long data_npages; + sev_ret_code fw_err; + gpa_t data_gpa; + + if (!sev_snp_guest(vcpu->kvm)) + goto abort_request; + + data_gpa = vcpu->arch.regs[VCPU_REGS_RAX]; + data_npages = vcpu->arch.regs[VCPU_REGS_RBX]; + + if (!IS_ALIGNED(data_gpa, PAGE_SIZE)) + goto abort_request; + + svm->snp_transaction_id = snp_transaction_get_id(); + if (snp_transaction_is_stale(svm->snp_transaction_id)) { + vmm_ret = SNP_GUEST_VMM_ERR_BUSY; + goto abort_request; + } + + vcpu->run->exit_reason = KVM_EXIT_VMGEXIT; + vcpu->run->vmgexit.type = KVM_USER_VMGEXIT_EXT_GUEST_REQ; + vcpu->run->vmgexit.ext_guest_req.data_gpa = data_gpa; + vcpu->run->vmgexit.ext_guest_req.data_npages = data_npages; + vcpu->arch.complete_userspace_io = snp_complete_ext_guest_req; + + return 0; /* forward request to userspace */ + +abort_request: + ghcb_set_sw_exit_info_2(svm->sev_es.ghcb, SNP_GUEST_ERR(vmm_ret, fw_err)); + return 1; /* resume guest */ +} + static int sev_handle_vmgexit_msr_protocol(struct vcpu_svm *svm) { struct vmcb_control_area *control = &svm->vmcb->control; @@ -4076,6 +4155,9 @@ int sev_handle_vmgexit(struct kvm_vcpu *vcpu) snp_handle_guest_req(svm, control->exit_info_1, control->exit_info_2); ret = 1; break; + case SVM_VMGEXIT_EXT_GUEST_REQUEST: + ret = snp_begin_ext_guest_req(vcpu); + break; case SVM_VMGEXIT_UNSUPPORTED_EVENT: vcpu_unimpl(vcpu, "vmgexit: unsupported event - exit_info_1=%#llx, exit_info_2=%#llx\n", diff --git a/arch/x86/kvm/svm/svm.h b/arch/x86/kvm/svm/svm.h index 8a8ee475ad86..28140bc8af27 100644 --- a/arch/x86/kvm/svm/svm.h +++ b/arch/x86/kvm/svm/svm.h @@ -303,6 +303,9 @@ struct vcpu_svm { /* Guest GIF value, used when vGIF is not enabled */ bool guest_gif; + + /* Transaction ID associated with SNP config updates */ + u64 snp_transaction_id; }; struct svm_cpu_data { diff --git a/arch/x86/virt/svm/sev.c b/arch/x86/virt/svm/sev.c index b75f2e7d4012..f1f7486a3dcf 100644 --- a/arch/x86/virt/svm/sev.c +++ b/arch/x86/virt/svm/sev.c @@ -72,6 +72,7 @@ static unsigned long snp_nr_leaked_pages; /* For synchronizing TCB/certificate updates with extended guest requests */ DEFINE_MUTEX(snp_pause_attestation_lock); +EXPORT_SYMBOL_GPL(snp_pause_attestation_lock); static u64 snp_transaction_id; static bool snp_attestation_paused; @@ -611,3 +612,39 @@ void snp_resume_attestation(u64 *transaction_id) mutex_unlock(&snp_pause_attestation_lock); } EXPORT_SYMBOL_GPL(snp_resume_attestation); + +u64 snp_transaction_get_id(void) +{ + u64 id; + + mutex_lock(&snp_pause_attestation_lock); + id = snp_transaction_id; + mutex_unlock(&snp_pause_attestation_lock); + + return id; +} +EXPORT_SYMBOL_GPL(snp_transaction_get_id); + +/* Must be called with snp_pause_attestion_lock held */ +bool __snp_transaction_is_stale(u64 transaction_id) +{ + lockdep_assert_held(&snp_pause_attestation_lock); + + return (snp_attestation_paused || + transaction_id != snp_transaction_id); +} +EXPORT_SYMBOL_GPL(__snp_transaction_is_stale); + +bool snp_transaction_is_stale(u64 transaction_id) +{ + bool stale; + + mutex_lock(&snp_pause_attestation_lock); + + stale = __snp_transaction_is_stale(transaction_id); + + mutex_unlock(&snp_pause_attestation_lock); + + return stale; +} +EXPORT_SYMBOL_GPL(snp_transaction_is_stale); diff --git a/include/uapi/linux/kvm.h b/include/uapi/linux/kvm.h index e33c48bfbd67..585de3a2591e 100644 --- a/include/uapi/linux/kvm.h +++ b/include/uapi/linux/kvm.h @@ -138,6 +138,7 @@ struct kvm_xen_exit { struct kvm_user_vmgexit { #define KVM_USER_VMGEXIT_PSC_MSR 1 #define KVM_USER_VMGEXIT_PSC 2 +#define KVM_USER_VMGEXIT_EXT_GUEST_REQ 3 __u32 type; /* KVM_USER_VMGEXIT_* type */ union { struct { @@ -151,6 +152,11 @@ struct kvm_user_vmgexit { __u64 shared_gpa; __u64 ret; } psc; + struct { + __u64 data_gpa; + __u64 data_npages; + __u32 ret; + } ext_guest_req; }; }; From patchwork Tue Apr 23 16:21:38 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Roth X-Patchwork-Id: 13640344 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id ACC8CC4345F for ; Tue, 23 Apr 2024 16:23:57 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 10F8B6B012C; Tue, 23 Apr 2024 12:23:57 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 098CB6B012D; Tue, 23 Apr 2024 12:23:57 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id E2DE66B012E; Tue, 23 Apr 2024 12:23:56 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0013.hostedemail.com [216.40.44.13]) by kanga.kvack.org (Postfix) with ESMTP id BAF116B012C for ; Tue, 23 Apr 2024 12:23:56 -0400 (EDT) Received: from smtpin14.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay08.hostedemail.com (Postfix) with ESMTP id 5516D14049D for ; Tue, 23 Apr 2024 16:23:56 +0000 (UTC) X-FDA: 82041318072.14.3CA440A Received: from NAM11-CO1-obe.outbound.protection.outlook.com (mail-co1nam11on2074.outbound.protection.outlook.com [40.107.220.74]) by imf03.hostedemail.com (Postfix) with ESMTP id 3E7C320024 for ; Tue, 23 Apr 2024 16:23:53 +0000 (UTC) Authentication-Results: imf03.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b=Xhg5CJpY; spf=pass (imf03.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.220.74 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com; arc=pass ("microsoft.com:s=arcselector9901:i=1"); dmarc=pass (policy=quarantine) header.from=amd.com ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1713889433; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=Ukt0dfh46WsP7kqfOQpXbL4+TBUFfUgpVFR7pGR/JeY=; b=5S0ky+q7n5GK/mPJw2rmQOtZGsaQPsbtVk16+2R6qzSALaVO4zx1kIkVW3Ei1KhfMebDM9 gZF2P7P4g1YLFwz4l9hHcMgiUb267lAVSNW0TXsiyN8h6wkn0jmQvI/OBiW0hSDaGxu7Dp rVmxhtQKdIBnoQHlsIgv6O+OPxqTzz8= ARC-Seal: i=2; s=arc-20220608; d=hostedemail.com; t=1713889433; a=rsa-sha256; cv=pass; b=N7mudXShnzs+LnfwLn7nW1VimznBf7RRieUx/RnhsVUTyEwzzOoQ6S8d5wAOpJ5kzfNH7b R0pUjqafz+r+HEnSZGAz6ix9G4iEkenjvQb2kt/zXVyyvAYC29w9KfiXl7YIzy3nLCxbPK u4/s+Za6AnQUf+XiC4OlxyoNLAskC2Q= ARC-Authentication-Results: i=2; imf03.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b=Xhg5CJpY; spf=pass (imf03.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.220.74 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com; arc=pass ("microsoft.com:s=arcselector9901:i=1"); dmarc=pass (policy=quarantine) header.from=amd.com ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=NbCr9Gb/gRKAYFxDyNXxzsWikQzcWcPOEkvFAlHYTKuQ37litzimRSdHcCZO1MuSz+beTGGYLyKhuhwbTxlbYgbMJUnc8qLwMuyr68ROH02VT3hJs3a1QL38p2/lP7fmfwTj/HuETEl7tAlYuXwK4DH1BlJb33pHJ/L7krWX/Qi6woHH/X3UNxHFeFZtqyiKrNVwec5+73WX7vN6Z5xvnw2DAQBj8d4Cen606gP7hB5uw0qprebw6H6bxHA/hgJmbejRkOC5bY/b0ecF+FpswmylJStc4Z0K4jDCdc5SsW7bQlNndz6Hyiu6nej68Xja/I4hWSWHWFksl71yaYXTpQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=Ukt0dfh46WsP7kqfOQpXbL4+TBUFfUgpVFR7pGR/JeY=; b=klEmjiaO5cFsupyE2wraZK6qVYu6atuKSBnfXfoLeaH0lXwWNUNpo6wMMIsAG7BFfU0jrvTUQfiZ7dpnd9+eWnRlkdDPfEdpfoVjhosApv+xh/2OJqDdur93UWQslrn773dj8KR3hrWlpXFNmDXJF3EcfmyfwZiTEUCQPZMwnmU7pfM6fNPPgPorifVrWeDYuuKWKa8H90yCiH3uZYIwGW6JQeVG06AfAy50hX+jwiwZL2hp2hPeBGZQkWVehFa67zDyefHHEOJ3jEoSAjM4dj72uDidMPlbn3ChVVHbdxmk22nz8qFcmxS+otTgvhhY1VPxgUj/HTQAuo1UmtjCnQ== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none (0) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=Ukt0dfh46WsP7kqfOQpXbL4+TBUFfUgpVFR7pGR/JeY=; b=Xhg5CJpY+rwam0zs5F0DtWoJ7yB4LDhAmzZsAm8D++I4i7GQKfXOciHlwByTlnI1Vle59Q+tafHc95Tk8ipNsZZaSLu7ONsJJYbR+OeVzEXP9D0IpEIjoSWQD4WNJjjqjb3QNepjXt376WleFsxEIgTcv1FlgFYPy2xZAXxH10E= Received: from DM6PR01CA0025.prod.exchangelabs.com (2603:10b6:5:296::30) by LV8PR12MB9335.namprd12.prod.outlook.com (2603:10b6:408:1fc::22) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7472.44; Tue, 23 Apr 2024 16:23:50 +0000 Received: from CH1PEPF0000AD81.namprd04.prod.outlook.com (2603:10b6:5:296:cafe::80) by DM6PR01CA0025.outlook.office365.com (2603:10b6:5:296::30) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7519.22 via Frontend Transport; Tue, 23 Apr 2024 16:23:49 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by CH1PEPF0000AD81.mail.protection.outlook.com (10.167.244.89) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.7452.22 via Frontend Transport; Tue, 23 Apr 2024 16:23:49 +0000 Received: from localhost (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.35; Tue, 23 Apr 2024 11:23:49 -0500 From: Michael Roth To: CC: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , Subject: [PATCH v14 23/22] [SQUASH] KVM: SEV: Add support to handle GHCB GPA register VMGEXIT Date: Tue, 23 Apr 2024 11:21:38 -0500 Message-ID: <20240423162144.1780159-1-michael.roth@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20240421180122.1650812-1-michael.roth@amd.com> References: <20240421180122.1650812-1-michael.roth@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB04.amd.com (10.181.40.145) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: CH1PEPF0000AD81:EE_|LV8PR12MB9335:EE_ X-MS-Office365-Filtering-Correlation-Id: 56a7b175-1353-4317-f9f2-08dc63b1c239 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: uFQyLsmnn3kfiH7YOz+EMM1mlUpUBgoxbW+pdJGm04Mn3eKQ63odTbFEidG7EN2sB+djnnKQNugWcZSdzFUlPmaXunCWwerrZZxgq4znghgHDNpk7bdxObZ6x9mexPmDb5VKxCXLYxYxkmA0Cy28ez+Id/oGvuCssaPm+IU45YHnbhgIBMby36MAvJj9U1CWm14GNAXITlkSYPwaqsOf9RTWgFCQM/x+APu2DJMfzgepZWNDm9NPrN0MRjw/irGKbRWEhS3xQzbnOV9UITldpL5Jv+r2HqlkTsvYOBwHzPs6j9dz9E4xn6aibTK9gc6J5i2nRQdQIc6p5J5jHC4nFDkQLtMryQRNmPZ45bpkmNzXraLwWD0s36lCf7A5DPHRcAQPdjXbqUziehCL5qOEIPRJ85tM5jo9s9yAAXHic5VmzKzvo23PnNNI7DzYqbFENyPFJ4a9+lxDJb2e0J+orXglgExl34Rt6n1tnTJUhKMvmYgbuf5UlPGE76/9VX6hjT4Ciqotb6xx38+nHgfUKUDL4K4gVTExdaQeVtcEbz7NsCAMl/7SpOPpgbSh8Jd87FkuQwx4B4RB3hgbswMKT2JbnL/TfYorKyuWf5nZUey9X9dTn7DtXCnsr2INcM7N6vJMNnphuNEXgZAyB7clWr8fdohygVyROenkS3cm9XobuYQu6L2QU20pB78SSvSpK7NjzfnZYFdd5tS03gvYiSXF0/vMpTVDQIc4Sg9nP0JK2YUJtx8YjNdLTeRN6GaPprqjc5slgnyCRxhHFXFVq4GFhtRt+E4X0Z3J+Y18+ixJUdwZshLCpMyV7G+7LSkV/ZLP7P65cnfY2em4MlyBynL7LyTsJ2/Iyg9nNY12Or5qZD3ZTI1X2oRuAwDAbb9/FaAEx6NpQqdOktQewVhZC6Zp0Ch70iZGe1ogpM/KZr3l9axssJRQfwKmKBEIheT2rcSeAZB8Gc5fwm9Y8PZS/q6Tv+SBy3t/JQlTmgDD7slhT4Tzdxemz5iDmCmoGEVGlkfaH6K/ynXxF8suJcZZrs3GYlcpowF3EIfYJVA1dHEqouBpx1VOxkSs+BQq8dqs9aYGtbzV8dOYkcaPEEwaEmlqjM0MUfjwjh1IGoOnXMMdSw4yK4dtS+39+KVi5C9+mHCjQt+LAmPBl82Ms8jN4yG4d+PTz/JFRobwfWQ7QGzNnMr5eRPKEYLrN1MH+uq9kuUwK/sfW6r7brd47ZfDF9g3lGsLMF68shc1rTxCKiPL35uwkP4gIB9Fc1io3QqqBTJ42/88MsD6xtNtaQTb2z5tm8RiVb1/ZpoUY0idcv+7UEDaVcSuZbJw5G9SyQH6bxWk8zXCgH8xFRdQWqG5Oxve0wtUEINOcuDHb5U5IUh3W9FJudhAaQv5uyJoaxXS X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230031)(376005)(1800799015)(82310400014)(7416005)(36860700004);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 23 Apr 2024 16:23:49.8083 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 56a7b175-1353-4317-f9f2-08dc63b1c239 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: CH1PEPF0000AD81.namprd04.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: LV8PR12MB9335 X-Stat-Signature: j98guqfgtibxni3mminb4x7gczb39yo4 X-Rspamd-Queue-Id: 3E7C320024 X-Rspamd-Server: rspam06 X-Rspam-User: X-HE-Tag: 1713889433-682253 X-HE-Meta: U2FsdGVkX1+uwu0DvBLzV31hQDK6uLiPlF1bjiuL6PM41JG7esSBEovvTITOQ8obKRZvRbFRKMAyfcg8FzxzjHDbFLMWJPchelLX7DX0TPdMweGn8xtWOyxbBrL0D+m9glFtnLm7V9KOpSMYcKSUTXwH7aNbpVI43fzlWRN1YKHjGz9PkDsE3F2jwAaLiaRbGWbrr2+cA2SOM2tjMW1C8esgrbLqutawPT/NRcbV8qGhTHf5WiivERJw3XneVZomZ5shoRG5zONLyXE9RDDB3D+6ddVat0rTJa5yqu+joi2O0IeX76MpUu/YA9x8wKSNnQ9x3H327/9Y+Rnbt+5axu7Sqw9x+VCJx9qy/8U7vFAXN2Gq90xxeA2rXbH5Xo3Yn8UXRbS5PGeWa4/pcHg72eyQj1/Pdn+aOsndaUzVjMaOysSoYGaZcrASLqMqsUoHywHNsDk8OTFXo+Rj/7Mj8i1pfS2N+IAnKzltzbE1mFEsLEdOXu3FuWyHE35jjqEWS/vNgPSvT5QuaBJVd6nlZ9eq5q7li6d9C7mnMIEWnjgT6fIEQRhSvCZnQWq1HwuXdLHdMcqa8Uj5Q7S2voQleGNSppBClB+/xNpw8prBC9HshEPzh4KwVZCPeH5UR7M1h7Azq21IM6a8WQ4k+bzahQQULCbQJpPbayryUOXxu1ZO7FLVzSKvC1LMhsVDELkugb3ncqCORYm8XCFTcRlqKr20EQkZXXATV2KpSuYroMIkJk8boqIcar7cjv+xL9oDM67shk11Kpw4j8I3LQuYrA+tVqmPuQTk+H5ZGM66bp4UYdFrsIiVhriaq0KfmpvPdTCqKUgY3MrRXv8nO2D7k2BDYGFBr6dkKrY2qmUVLAPNVs6LQoFDp7bb5bboWEBVkwB2aVwiDYz1c8XRPTu7uAoTXYXHwSehlYO4hjIUhBtNUf2YkVYaxXbUlCpu0OHA+gRes2ZvrQiSu3SKv7a HN4mFeyr j5YfUtNSzvsAHEdItpbHs7kWYCpcBKehJhHottAOosyPOkvpHb6T60QMiX5FbBDssij6KE1xLbdgy6oElXJVzUsZAELjMeWvQYpDYungq0awJrRXa2athAwZNUs/GJfvHzzN1Jw7v54bC8biyD5MejSEMKBOGtg18HlJi+4ub/mvrvM2qlOKGb7Mzn/DIDmyfk6rQ0LVB2akWUIgFaFsWBuuXk5f7Mi73QUeEMnKQz9UyQR1Kcie4OAFiwPlqL49O4XKkEuZ1FTmb429+NptVFsQQfAOYAdh69Evw/6GaZDFjslX7SxPP9A+u/lJR5EgxhNE4P1EK8oj6a+o= X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: Terminate if an non-SNP guest attempts to register a GHCB page; this is an SNP-only GHCB request. Signed-off-by: Michael Roth --- arch/x86/kvm/svm/sev.c | 21 +++++++++++++++------ 1 file changed, 15 insertions(+), 6 deletions(-) diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c index 1cec466e593b..088eca85a6ac 100644 --- a/arch/x86/kvm/svm/sev.c +++ b/arch/x86/kvm/svm/sev.c @@ -3970,6 +3970,9 @@ static int sev_handle_vmgexit_msr_protocol(struct vcpu_svm *svm) GHCB_MSR_INFO_MASK, GHCB_MSR_INFO_POS); break; case GHCB_MSR_PREF_GPA_REQ: + if (!sev_snp_guest(vcpu->kvm)) + goto out_terminate; + set_ghcb_msr_bits(svm, GHCB_MSR_PREF_GPA_NONE, GHCB_MSR_GPA_VALUE_MASK, GHCB_MSR_GPA_VALUE_POS); set_ghcb_msr_bits(svm, GHCB_MSR_PREF_GPA_RESP, GHCB_MSR_INFO_MASK, @@ -3978,6 +3981,9 @@ static int sev_handle_vmgexit_msr_protocol(struct vcpu_svm *svm) case GHCB_MSR_REG_GPA_REQ: { u64 gfn; + if (!sev_snp_guest(vcpu->kvm)) + goto out_terminate; + gfn = get_ghcb_msr_bits(svm, GHCB_MSR_GPA_VALUE_MASK, GHCB_MSR_GPA_VALUE_POS); @@ -4004,12 +4010,7 @@ static int sev_handle_vmgexit_msr_protocol(struct vcpu_svm *svm) pr_info("SEV-ES guest requested termination: %#llx:%#llx\n", reason_set, reason_code); - vcpu->run->exit_reason = KVM_EXIT_SYSTEM_EVENT; - vcpu->run->system_event.type = KVM_SYSTEM_EVENT_SEV_TERM; - vcpu->run->system_event.ndata = 1; - vcpu->run->system_event.data[0] = control->ghcb_gpa; - - return 0; + goto out_terminate; } default: /* Error, keep GHCB MSR value as-is */ @@ -4020,6 +4021,14 @@ static int sev_handle_vmgexit_msr_protocol(struct vcpu_svm *svm) control->ghcb_gpa, ret); return ret; + +out_terminate: + vcpu->run->exit_reason = KVM_EXIT_SYSTEM_EVENT; + vcpu->run->system_event.type = KVM_SYSTEM_EVENT_SEV_TERM; + vcpu->run->system_event.ndata = 1; + vcpu->run->system_event.data[0] = control->ghcb_gpa; + + return 0; } int sev_handle_vmgexit(struct kvm_vcpu *vcpu) From patchwork Tue Apr 23 16:21:39 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Roth X-Patchwork-Id: 13640345 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 8D808C04FFE for ; Tue, 23 Apr 2024 16:24:19 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 1ABC46B012D; Tue, 23 Apr 2024 12:24:19 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 15C3E6B012F; Tue, 23 Apr 2024 12:24:19 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id EF0D56B0130; Tue, 23 Apr 2024 12:24:18 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0014.hostedemail.com [216.40.44.14]) by kanga.kvack.org (Postfix) with ESMTP id CD3C46B012D for ; Tue, 23 Apr 2024 12:24:18 -0400 (EDT) Received: from smtpin08.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay06.hostedemail.com (Postfix) with ESMTP id 86743A10D3 for ; Tue, 23 Apr 2024 16:24:18 +0000 (UTC) X-FDA: 82041318996.08.E0CC132 Received: from NAM02-SN1-obe.outbound.protection.outlook.com (mail-sn1nam02on2071.outbound.protection.outlook.com [40.107.96.71]) by imf01.hostedemail.com (Postfix) with ESMTP id B08A44000C for ; Tue, 23 Apr 2024 16:24:14 +0000 (UTC) Authentication-Results: imf01.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b="41FS75/K"; spf=pass (imf01.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.96.71 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com; dmarc=pass (policy=quarantine) header.from=amd.com; arc=pass ("microsoft.com:s=arcselector9901:i=1") ARC-Seal: i=2; s=arc-20220608; d=hostedemail.com; t=1713889454; a=rsa-sha256; cv=pass; b=hH8nrZ5WyjdhpFkd234N2jY9VrQvbGNpQ51Y7U34CF6/t3OWo39s64oBXsRkaQfZ7whtnV t+jEPS/4i1BC/dKyHhrRprLr0EJjm+Q3yZz/K4L8sXRYHhdRJibW0xX9LNkQWa1LgmoP2d aYGEON0DNkMJO23g84ASy6OHN126Nes= ARC-Authentication-Results: i=2; imf01.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b="41FS75/K"; spf=pass (imf01.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.96.71 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com; dmarc=pass (policy=quarantine) header.from=amd.com; arc=pass ("microsoft.com:s=arcselector9901:i=1") ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1713889454; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=42poRSSSZjU7ZDIoATOoyv6W5iD879/831zPKtREN28=; b=vl411zJzogzOScbUlZ9X0ylZ8cjQICf+WwhtGVZemLN3L6KRVeXkEgFdp1169yNy5yed+h +i3eLJzA8Vi60LlFrmSWiqJYoTjlJeRcgiftNWPc0ClvLlTLPDotVCw3FtWB1/ok0KIMXZ eK6sGZEVtrxSxyDLelJSDPFiqd19sW8= ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=UaGiWUn6ozUhSQFnBvZUkQj60BR/s8Aui9Yks9nOIoSyex+lgIeccwbFhdgM1pnQAVyjY/BcdI3PLtEt1MA8YTdBWqBqgbLhTcOPmLT1BIalAtJ/4LCBRLFYcKTYTC+y5PyIuZ4HSP5hZKiLIJg/rk5hBcud4xAcPQ+5jih5OWRzVkYHDyJHHwpao4g/Zxzz3X6njiZ5hz3zI3JIh+3zjVoPkziEo/uj1ofvkHRZGCeTsNCFVr3y/qAdnGBJygLABawpy3ME20gRrDnRbsEdqAR5AcRTV04xgL94x7eBqS3UGKjuCVpMzNR2iyIGLHrqBYbETDvyy4HqhxO652EELw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=42poRSSSZjU7ZDIoATOoyv6W5iD879/831zPKtREN28=; b=OVM2Nm4qweTtoHO/vFQXmYfbq5E0U0uTaY/iB5KP4ckVzCT28v641VwgtSfkIKYLezhPKw5WqA/5QAGSSePywQns9mC1hGsqfzpJhwYYAjj2smAcVZCy5M6YinAx0Ya2Dy0mJWFmxjHjvuYM/Yu3GCAI74qEqkBD+z9GnO+aiByOI4k4DWlha2slcHYbOITFW/4xbaVDOth+jo+TNPf7Tr81v74nEERdZdn/sbyYJW5N9nft4v2VsqI5y1FT/mqlqs/CsjQYxZvS15WtLQTUkfVLGfXVLmRhta0rG1r0PWAL6JE46PasfHcC5FEiu/K+f22jhpB04K2RUSDqg603nw== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none (0) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=42poRSSSZjU7ZDIoATOoyv6W5iD879/831zPKtREN28=; b=41FS75/KPaWpArDiiBZLd+PkK5YTj51RaEea0Jh+aEQv4jvZUJYowTYe+zvf8XC0K6jPS4oxFESWXPeY9eAjgYDT3j3N3AKcvj8wCtXznXggM4uumWQfbRVtfnUFCF881LUPRDb9T1PqrFf6xoO6ro+T0Ybw/4J4yY1eQkcvMlY= Received: from CH2PR05CA0026.namprd05.prod.outlook.com (2603:10b6:610::39) by SA1PR12MB5637.namprd12.prod.outlook.com (2603:10b6:806:228::13) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7472.44; Tue, 23 Apr 2024 16:24:11 +0000 Received: from CH1PEPF0000AD83.namprd04.prod.outlook.com (2603:10b6:610:0:cafe::df) by CH2PR05CA0026.outlook.office365.com (2603:10b6:610::39) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7519.22 via Frontend Transport; Tue, 23 Apr 2024 16:24:11 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by CH1PEPF0000AD83.mail.protection.outlook.com (10.167.244.85) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.7452.22 via Frontend Transport; Tue, 23 Apr 2024 16:24:10 +0000 Received: from localhost (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.35; Tue, 23 Apr 2024 11:24:10 -0500 From: Michael Roth To: CC: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , Subject: [PATCH v14 24/22] [SQUASH] KVM: SEV: Add support to handle MSR based Page State Change VMGEXIT Date: Tue, 23 Apr 2024 11:21:39 -0500 Message-ID: <20240423162144.1780159-2-michael.roth@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20240423162144.1780159-1-michael.roth@amd.com> References: <20240421180122.1650812-1-michael.roth@amd.com> <20240423162144.1780159-1-michael.roth@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB04.amd.com (10.181.40.145) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: CH1PEPF0000AD83:EE_|SA1PR12MB5637:EE_ X-MS-Office365-Filtering-Correlation-Id: 3e43b350-c4c4-4d9b-040e-08dc63b1cebc X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: CClBPY/hTgsf3/TZ1EyxMIJJ65mWV0yWnXodD/weCP8SiKzFUmyns/Zs9Pnd8QlRqugiHlst36tFTTadDsAZNlsJVUi3kjSx/ppeD8ybkx6GOWn8BWxYC96TEd3pQ2h5EN7oDcaVCwrMKt4eJXH6DJHqvD0yiOPdosXzm00Gf2vV+Rxkwa+JRT1prB8O9HbPKpruwyPHcNGywDH1A2a4MRRnZQYCl4A+mLJhyOnQgdRBkCkk4YGkI0PuH+gQT5G2szr/yxMtNmLYGNwy2Eq4SlGrvTbuK3RlfNa5J+yKPBpDAkHxkSS4U2c3vdlA/29S/e+SF35Q1pmzbgreRxszIsaOLPjXZUhPH9UArWZ2qFvAHOQLjOySFe4uCpi/QOLD8INHDZ0+fbNtqxtLUoVra4o0xTiB3OEx75AL2XiS4CWVqI71E+NcHeOj6d+5wac9caecwm0xjdSAd/4cjdQ7CSur3tQxZ1OlD9B7L/xsNoWi70Jlt2pyAhZR0mMgdto7a7w8t8+YsLzoAxeVpA+99waPRZyRh5YxXHzNHEvzM0gzJ45lEWHuDDqyaTSNEK4J2/lDRtnQt6jN34m0Kgvrb5HUGn5HG6h1XLVDX4osB67RXJLkvfp3QfH/pWQbO2XKSUbDYhXyB5N9WFiPtZ/Nh3hCguMSLKiAqRDkoXngY2GHpt4u1E5YZigdBbYCLS/bgtzD+Hl/LJ486FIHVcpsfTJTkt+9gIu2o33YKML4qUUqRJdNUw6D7i/tWdl2M4kzpDN6aAdBXsqKGAXQ+XTAbAc6PLh3cJGkXBeY4YVbJ513zeM7a9rY+PcrBXSuG1OpZyYxLF6QuaKWbj1pMATPObqskFTVZFhJ8FJHJzOs/NollXpKwdSUQU11QPv3q7rKOoiiJF8L4s+T+JlRyLgHjn1ihsvCFqvZyuPICKVmA26dLh0dKIJ2B5f/7iiCjE5my5Qjl3pRefmKHzowEQym9Bkd9HownqeHcVY4dIRwa+WpoVjUqOtRrqwTMmR9C9prA1Jrly27ys6WX4Vu3BwHvmUt3u3121lyXMCUZDY4u1JKT94AM/D3dnQFxN9Hzgswa3z/ev2vpH+MnB6v81U9eRj8vNDqdqFo6pjmFjqmNV/vRv4Ze8+TTs3GVq70NmmfCAhTI6IXvbk6YTAoI/0JCTW3n+g3/m9vUrcsEJUibMEsdzGu/Hv2CrWv6f15qbUMQExlih71Dwg0m4QDD86sy1jGP66V+4NXKqyt5KUgU7K2lHqm4J6hhEWt9U2EvLj0t1Pg/TKrcaR+MxdK075afJtyJkcqunG3vNC2trJZSvjkR+f2Tmo5Qum6ufmuGeRe+Cuep7qTwBWJQJbkZAIns+rjMzlBHWt4oH3GYJHicjs= X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230031)(7416005)(376005)(1800799015)(82310400014)(36860700004);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 23 Apr 2024 16:24:10.7776 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 3e43b350-c4c4-4d9b-040e-08dc63b1cebc X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: CH1PEPF0000AD83.namprd04.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: SA1PR12MB5637 X-Rspamd-Server: rspam09 X-Rspamd-Queue-Id: B08A44000C X-Stat-Signature: xrn6eifxqzk6kuufx1xqr5ysnfqz6ys5 X-Rspam-User: X-HE-Tag: 1713889454-556313 X-HE-Meta: U2FsdGVkX1/CeShc5nP39PEDsDna2XO07Ks1a/JkaWZow/8YwFeagJq7ut1bzOWRcYqEoVXyQtT31bp/GSKbw0tyWnC+m3lma9LH/8LjAMyENnAWDJlJZoI1FhFmd0QO8tN1Qk6yOzh0vBEknKdVUxobi1Mw8lbqQQhGqxkjjNK6nkdDTP0y78K2j7ur1LzABLsak6rC37B9OmNvMSD3Xigl2FAwXQ2GD/m/1IKudd6qCluc0rzYsRJV0Msi7vCV8CZy3Y/lIkWkXUrPktdJDBonA58aMgIE1D/Q/Y7lZkEbSA98d8CcEpHTQ08g2AISPWbtnPhUQBeaOGNzLHanWhsi492S38S7FN06+14IS8ePu9ct6Mq7XbhusMmiiolY+q6W3uEnMqwDoQc085Eg3V0ub8rQ+9J30+sdLeVvEyIjpkYNICMrT5bKvbP9ko/FRstVWtsLULrHN+FtFY77hFrzt3V0APGywxSQYjvtHdRoZup16Qlfh+jLq0JBDhzkTmAEyd2jnROfA/8TzTJxch6h3hb9fPQ0HL1HtgwNxvClRCee6kb+UpCA7HtG+I3q4KYX8XQDb0RkoTPiMXsrNcviZTeXyj688LX7BWdDAEc+/wKlIG7e/X6mM1fAq8WzjMNFK2q2rNQTunHj7I896mT2wKjYslY4VmMH+/NBtrk3p7UyfLo1rSeKtXON49jv2nAkNqnlf37VEd60WrPBL3Tihi8dOtWixMgKBobC99lg9i7HUOsUxgyETOfwD0Xi6Yl4CvTOyQS2hNEQL2x9cV55qwdMbCWDYDZ38cIObSW/w6i6w6a/lnh8zQ8/R4eKlgXFSBVWiWnR/2juX9Mpg77EGvWMbbjX9xumobYjo7fydUYPrqktAVRCVuM5LWIypogVYKCt7+YDN+aoiZQ2QB/l5tJ2IZI7NBhrk0zL7EAr8/UYTFmNOsjNxta2KlByEBpId0h9U9rWsSGJlTD PhGimHiS AVccCZag8AuJbk7WHqn82AL6eES6o4HSzWAbX0Qx0dA1HRUGIVo/kjaTR2WwuhRVl/YF4NPd6MBcZZoSZEUF3SZziXnebipkWX9oJ1JerwWv0PFqA6lcYQulv6aaI25f4RFwKIZ8dMMR1HCsnXsSiy3OuO4dFVrk5Qg+00V1LRwhltRzBYUPuHPnbT2dBrlVNG8IW959FJb5xBLjjD7PE3dy+FTz3ZDRHqJO0a/tAN7+7CENxnDbPBr06WxWuon2HAtkvAZzN15UF8uv0Fw0ZD+ULPAjuUtbAKyx9p/AgQZCWZry+w3YROUIS55D2s66pltzsldhBfogG99M= X-Bogosity: Ham, tests=bogofilter, spamicity=0.000001, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: Terminate if an non-SNP guest attempts to issue a Page State Change GHCB request; this is only allowed for SNP. Signed-off-by: Michael Roth --- arch/x86/kvm/svm/sev.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c index 088eca85a6ac..0d8fbd5e25fe 100644 --- a/arch/x86/kvm/svm/sev.c +++ b/arch/x86/kvm/svm/sev.c @@ -3996,6 +3996,9 @@ static int sev_handle_vmgexit_msr_protocol(struct vcpu_svm *svm) break; } case GHCB_MSR_PSC_REQ: + if (!sev_snp_guest(vcpu->kvm)) + goto out_terminate; + ret = snp_begin_psc_msr(vcpu, control->ghcb_gpa); break; case GHCB_MSR_TERM_REQ: { From patchwork Tue Apr 23 16:21:40 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Roth X-Patchwork-Id: 13640346 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 1DD94C4345F for ; Tue, 23 Apr 2024 16:24:46 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id A37D16B012F; Tue, 23 Apr 2024 12:24:45 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 9E8066B0131; Tue, 23 Apr 2024 12:24:45 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 83A766B0132; Tue, 23 Apr 2024 12:24:45 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0015.hostedemail.com [216.40.44.15]) by kanga.kvack.org (Postfix) with ESMTP id 6536C6B012F for ; Tue, 23 Apr 2024 12:24:45 -0400 (EDT) Received: from smtpin15.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay04.hostedemail.com (Postfix) with ESMTP id 1FF451A08E3 for ; Tue, 23 Apr 2024 16:24:45 +0000 (UTC) X-FDA: 82041320130.15.84C8F83 Received: from NAM02-BN1-obe.outbound.protection.outlook.com (mail-bn1nam02on2060.outbound.protection.outlook.com [40.107.212.60]) by imf05.hostedemail.com (Postfix) with ESMTP id 5E4AD100016 for ; Tue, 23 Apr 2024 16:24:42 +0000 (UTC) Authentication-Results: imf05.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b=K7W31fdf; dmarc=pass (policy=quarantine) header.from=amd.com; arc=pass ("microsoft.com:s=arcselector9901:i=1"); spf=pass (imf05.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.212.60 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1713889482; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=BY/I7ozujrmCPZSKVlzIglXdTpwpe1w6o5CGT23N+mY=; b=jmggNLPi5qSAXQ3xSPncnMWYs910gEYdzriH7G+WnH99LFYmmG1/6h9jlZ0X3JSes3sN6a DmzXVeNFar42Ju8x3MGFzbiWZmZj+lTTWi3GwNIXQ8pYvDg8eUBnCYVWlZa+MSZBFNqYCk ZzE499jxgRMTThfq5yCi7R+LPs0SE24= ARC-Authentication-Results: i=2; imf05.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b=K7W31fdf; dmarc=pass (policy=quarantine) header.from=amd.com; arc=pass ("microsoft.com:s=arcselector9901:i=1"); spf=pass (imf05.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.212.60 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com ARC-Seal: i=2; s=arc-20220608; d=hostedemail.com; t=1713889482; a=rsa-sha256; cv=pass; b=CIEr1HJtTp9/p94AMOhkPWbODyRFLYxOyzvRZyD+YLqSQW+bKDysKHoyj+ZGlPNZ7UmEuP RR4GLPsgdmSWe952E6DnDDPZrg1fZkXIeVx4zAPbAHPqV0pdWJIh28gHLdrsv6vcGpiVUJ sq34gwnBMulprzVV/WtOqVs2zKl7Q78= ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=J/EE16NayFsF+FhtM0Iu4/GSdbjyo4C1iBtsaTcjqL7kI1kZMLW+hJCPfwKUKl+mCBOtfyxknY3wlOsFsB7tF2WPZaYVm0UqOuc0aTYzcTlX2N5inQUzs5LFWSpUnfFQ+gMIsCWXSGz1pYCoOPWppTFwZQJCycCEdJ3sTm22Kt6ePj8gH8jDMNc+mENDYC1IEcP03aat1ZKLaAViHhTQHPxhSyuW7iB6WJKwYvtx+pEwBRTB/+IFPnJeSeIWc+xHOxmo/JBgXjt78XsoPAn/Mmgzvilry1/GC3uyp7/kL/vtEL0o476OZbscihkush4CdVcXytDlj+TL3YweoDJQow== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=BY/I7ozujrmCPZSKVlzIglXdTpwpe1w6o5CGT23N+mY=; b=mP3vAyygOeIg7PLdaITMakd8snoad8LNZZQp6LVxqLb9ik73NsQTW8O4Bd9ddSlayeqoy7o2m6NuS4mZ81WMkwvDD9VNQCowHzEykQXaYM8XkAYgArGk8+X5tYk3UO+0bwCRC1IRU+QhS0UDE5CVyS6jNlrZvqnKNiW9S0U3hBAMSB8lMhuJ64iLSVg/CF6AJZk7MbffRKt3IkKButdbr9Va3RvLoGZcBrAjAJjr7pA66JnJ6r7ZWkKyeWRcrvPmkSpHsPU8mZhSvG46o9NJY56lP7Z5orGbFWOf+jpbCcug4ibT57zr0Oeeq0N53jRRTCMp/lu2lRU3o7DseBDyYw== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none (0) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=BY/I7ozujrmCPZSKVlzIglXdTpwpe1w6o5CGT23N+mY=; b=K7W31fdfdblGwh56Y06HEWZETCOz4akX39lfYFbMpVLqbrBgJ+JMqR0WTcEv0IZiDnDb0OqsFH3W8L89NG0H4w07HiUngKC2UDSeSVMNF0l64JaK6R2XmPmxESK8jVUDZfmqnRxXcX6NZKHGShaj4Wv8wqZuW8rTQ7JUHzHmei8= Received: from CH0PR08CA0027.namprd08.prod.outlook.com (2603:10b6:610:33::32) by SN7PR12MB6837.namprd12.prod.outlook.com (2603:10b6:806:267::10) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7472.44; Tue, 23 Apr 2024 16:24:38 +0000 Received: from CH1PEPF0000AD7D.namprd04.prod.outlook.com (2603:10b6:610:33:cafe::54) by CH0PR08CA0027.outlook.office365.com (2603:10b6:610:33::32) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7495.34 via Frontend Transport; Tue, 23 Apr 2024 16:24:38 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by CH1PEPF0000AD7D.mail.protection.outlook.com (10.167.244.86) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.7452.22 via Frontend Transport; Tue, 23 Apr 2024 16:24:38 +0000 Received: from localhost (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.35; Tue, 23 Apr 2024 11:24:31 -0500 From: Michael Roth To: CC: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , Subject: [PATCH v14 25/22] [SQUASH] KVM: SEV: Add support to handle Page State Change VMGEXIT Date: Tue, 23 Apr 2024 11:21:40 -0500 Message-ID: <20240423162144.1780159-3-michael.roth@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20240423162144.1780159-1-michael.roth@amd.com> References: <20240421180122.1650812-1-michael.roth@amd.com> <20240423162144.1780159-1-michael.roth@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB04.amd.com (10.181.40.145) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: CH1PEPF0000AD7D:EE_|SN7PR12MB6837:EE_ X-MS-Office365-Filtering-Correlation-Id: 5cb5a873-f16f-4084-e72e-08dc63b1df23 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: l6waoU2XMOWanTkZ5WtTnMNx+kcSGXWlJf643oUy21oNNktezfgEw97q2sr0J7spJ1O6NkYxXNFOCYq6CaVdZMeGY0y0ExUmD/yR2ts78c17EJyxcwRoPiRf31oDwUI8kyg0Lc4xPyKjcE9SWpwoJxvQVwRJALwRPnQQSkGHrhnEeY6y/GI9EG9g9KgkE7dgAIYulnrw4JjP+X6Y/o8VSQA9+6qMgUYLfdY3ckK8Q8ovNiqOSFOYGW6kdqQxLPzhee8oxgeVoXedV7xQ/s0kloOQKguPc+RABnxSogeGR5oXcDe4eFbcU3ZAW2ubA2tRlPddbOMmMjfBFa1UFgUvw7Nx+PDloU+LGbGAceUy1oRVmEsuy8AzhWbMTGcTl2FA3nXQasbq0BCRv/8pI+NDKEaEXA2wciKAh2TStB77kMa/krYen79XHNmv/Sf5sOtyPfwjWFnhEAoSJ4Db4ZyYBbXN1Co/48rsIL9AsMTZSQbXJ/MClb+4Hcisz5wIqoMcVmq2kMp+9O9rHFQqpTppUt1zIJKquGvQUo9etSbocUBBYWQOGrmUZbnYOISMzTJA1T/7RW6i+44EwdxxknlDl4nByy0d9g/DOBqBwaxjPwi9YF7Nc9u89ytkMzVMymQ5+wmpDOHYKfCFhI+nKDRtI01YdetCEWEx+TqMMoZRJHZ8yTJJb+WOJ/BNXvdgarBLLD6dRNFTx7Bz2QIf+w5DXAiBZb85kyaPac9h4iHSMm8yx6fbJN3BOfl0UAdqs0+oujAppj8VLMnatATvUJUPqkC3Nr5mw31s6yrDXRW8Cy8vuopM04t2MZBnwysomHSWFyHATpNOzpA2fm2Z/w18Z3nPdcr0HDhjIoK3aA0D4fitMaCAJ8EtjUNDWWvD3wJkupkRkoOL2ZkJwqAz7xIv2iBDZbn1ebbRCwNJDgzTjZsrhhsM1fPcVy1gwG2CNN/PcIPsiPdM2QBn03ksxudd6jKWJAh4OcQCBHM3UrDYMHhuzSpoZJtBjpyUlv+ja3dXpySm7q/9h1+zaE4mpMViaW+lmdL34YRDqYTZ6MABaClnvNX9gAzDo8Khy5bQFfKgUVMj3Pkn/POi2x4eq+qfRXbhfLfmFzy1Cpe0hqvyfTTIv2Vg4DMiI/ZwEycmRL5BUGrQhcYxoZcy1atBeoSQ3ZeRYeoxXDNuCxYEfJwpjPhkwOnHOjaDbE2wq5onJzpQb2obusAN93GM7INhRoNzsxddB9WKYK/x9g5mG0XBazFuEVB8EdPGLVYXc1GJd6jF/awoDmylL4OUp7cYdQKUQcMehNgHU9bvWpCNgeRVrdp83BH1OJUqHE5PfiD8m0xzqlxdX+wG2G1wr+xS/zMOAD57r9VPTjDptS53uMR1EuQ= X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230031)(376005)(82310400014)(1800799015)(7416005)(36860700004);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 23 Apr 2024 16:24:38.3176 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 5cb5a873-f16f-4084-e72e-08dc63b1df23 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: CH1PEPF0000AD7D.namprd04.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: SN7PR12MB6837 X-Rspamd-Server: rspam04 X-Rspamd-Queue-Id: 5E4AD100016 X-Rspam-User: X-Stat-Signature: hr44ahpejomgbwytmacwx6kp3fxfc46p X-HE-Tag: 1713889482-237257 X-HE-Meta: U2FsdGVkX1/TGzBdwk2z/jBJnyKV/vTtJ+LbjEekP9pkHakgL8MnuQvULY4x7yDiJGjXqQCqULCb5uTxCb6d6WpScjtxW0CoQAbC2zZtsewtL9HaL2zrcepCL1GEJFyuLKpywnMU7T8TlCP6aJ/N3qLm0Aw/CpEuc4J4679xJEEabUl5VJPk5UqavELHXhkObAHysbLL1J1OOR22GueA9YtdbPnhERtqXJiQ3EVIG0KyofsQWKl8xcZGiT77MH5PsEa/P2/6j+aumYpW3jPJJE9kHKtuxQEReIJX784ZBfAUeoak34X8ifOGbDx9y5TCojmCeVSrmFlBT18VPOtgfeyna26z+0nwotBFiKHX1LxCXDDwTVWAAcYoGdtFjQQcux7dma1bvLB5Aw5t8dvRK+f3imnLSo/M5N/NUBvdiiJDN2clL6eDkbRw1rjHM0HTPhicfmNgJwQi3cbaHRz+9icWPCCflyBksNTq3faOGzxggf8yt1r8hZXjhkDKkeA6d7jU4M9CO9FkxCMIG69Dk9nUfqbEKsJi47Z9fxeWcgu5dvAij9xdPOilQkyWtIoRCAIHG/PsxaxPcjeJF8w/wTFAxpK4MFSrNacgxq5+D+rcH1M4H+UObzLpPXgOUVz8wuAcJ8CD2yCMPlNgeLGAGNzdbjkEXCnYW1qdnemt4B4PzdzX/dWbaruUjbUaTCrPr/OWRH5a64F9TDNOlOKB1tDWl/Y4V26WGYAhfnOIDm5k+GvmlyuRNyc7p4IBSXV5wANYJmDNK8taJAnzXCjYr0HFv7uA5nUtSygQ6YYXC9k/65rwMEuWb2wmpUFcjEHddC6EyRz+k2vkdPK1EeBuAdrmz+MoIUFDOM4gD5Dm3Y6UETwlT5SaSEPk6EWPxCvuwNm2Rl3Zy4cdkpYdLNM0gfQqSXm51+NeJVMSJH3TqGzr/PGWijz99/sPOWWrDb/aNy89lreFRn5vEuMZN0b OuQ== X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: Report an error to guest if non-SNP attempts to issue GHCB-based Page State Change. Signed-off-by: Michael Roth --- arch/x86/kvm/svm/sev.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c index 0d8fbd5e25fe..c00081248ffe 100644 --- a/arch/x86/kvm/svm/sev.c +++ b/arch/x86/kvm/svm/sev.c @@ -3289,7 +3289,11 @@ static int sev_es_validate_vmgexit(struct vcpu_svm *svm) case SVM_VMGEXIT_AP_JUMP_TABLE: case SVM_VMGEXIT_UNSUPPORTED_EVENT: case SVM_VMGEXIT_HV_FEATURES: + break; case SVM_VMGEXIT_PSC: + if (!sev_snp_guest(vcpu->kvm)) + goto vmgexit_err; + break; case SVM_VMGEXIT_TERM_REQUEST: case SVM_VMGEXIT_GUEST_REQUEST: case SVM_VMGEXIT_EXT_GUEST_REQUEST: From patchwork Tue Apr 23 16:21:41 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Roth X-Patchwork-Id: 13640347 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id D5DB8C4345F for ; Tue, 23 Apr 2024 16:25:01 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 68D4E6B0131; Tue, 23 Apr 2024 12:25:01 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 616CA6B0133; Tue, 23 Apr 2024 12:25:01 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 469BA6B0134; Tue, 23 Apr 2024 12:25:01 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0011.hostedemail.com [216.40.44.11]) by kanga.kvack.org (Postfix) with ESMTP id 28B2F6B0131 for ; Tue, 23 Apr 2024 12:25:01 -0400 (EDT) Received: from smtpin12.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay09.hostedemail.com (Postfix) with ESMTP id BCC7480F45 for ; Tue, 23 Apr 2024 16:25:00 +0000 (UTC) X-FDA: 82041320760.12.FF16EAB Received: from NAM12-DM6-obe.outbound.protection.outlook.com (mail-dm6nam12on2059.outbound.protection.outlook.com [40.107.243.59]) by imf09.hostedemail.com (Postfix) with ESMTP id E743F14001C for ; Tue, 23 Apr 2024 16:24:57 +0000 (UTC) Authentication-Results: imf09.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b=Zf0ivwYA; spf=pass (imf09.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.243.59 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com; dmarc=pass (policy=quarantine) header.from=amd.com; arc=pass ("microsoft.com:s=arcselector9901:i=1") ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1713889498; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=vG3S0O2gsTtGwJiNSTKKUogiFWvFQ7jZZ4ltgA63IYQ=; b=mUPaeMO7XDHCoUO7lZq02ejSjaBi/St4fJuw0eJDbe2H3D5lQu6Tqji5d/9ZIuC24WHQnr gtsJFUVi1t9X1XxoAjLAcX1LzAetiLL8FwPVQRWcj8ImwDGF/TPEhmJ/WWst4nWbfaWM+h sZCX/hy6hip6QhlsIhPA96JKKz6vM6U= ARC-Seal: i=2; s=arc-20220608; d=hostedemail.com; t=1713889498; a=rsa-sha256; cv=pass; b=zMvUOoowWVFzCUcsDQWACCNk/g/v5p/A437mF9d4TOkeK/be3isLxHNvODb6gO66acwnhD hR1pilbMCRZx5jnClKmU3QFY+MVlgg2FWHB65Chvxv2+FQ/TPIRQtWUimuUguSZnZ1pQtI FSdpnTTM0eSbsfhu2nBwANePAzVL+nE= ARC-Authentication-Results: i=2; imf09.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b=Zf0ivwYA; spf=pass (imf09.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.243.59 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com; dmarc=pass (policy=quarantine) header.from=amd.com; arc=pass ("microsoft.com:s=arcselector9901:i=1") ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=AcPvJhDC4DpDvm8BPhHiA3xj7rxj7SxRQk5/+IFNoauCms5JJpbpiZ0PNJ8OVdtyUN9SjuB73OW6I7eq3P/lMyFt5gM5f2HrKbtgIsLLBlMtXOTuWsNlkIHCoKbmYfJHrs61tc/nY3tY6Pst6Vq+I801nG8lUQk1RHLP/ZCQB/DFwgh9o5/lPPKeLuSU24A1Tjus7VIc5j4QADRYr3U/QKKSJXn5GmPcKR9sw4SIqZmmJzhxB9S+uXzfzFPdXBKT85CLfuqxxVBVIm7IgRV4NvqEvU8MBWpvmjJ6x6SKPEzdCjuKn168fCqdMTePKH02Tq3tfY2X9TorDQ9RJGBjdw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=vG3S0O2gsTtGwJiNSTKKUogiFWvFQ7jZZ4ltgA63IYQ=; b=DguE2FHaX2DD5wmF9waZ78meSY2M5LMw7JoZz13CJv0BgJRtnxP4cpvXydUBcXngzxtEjTpWzffSH3O6Xw7tgN8OSD0P5CTPDZg3dotfPNN6f59LgXzkDDKVs2f6XDmeB29zWYj8E39xsRGcd3LX04Lmb9FOxaVI4UEEiC/9fdb1/a8daF23ZnGnb+bG9Exj8rb46w4/PGghh1MxdaLP/jfQezI0yrPgr72Yr5f/Y3WD0aR6/dqJEU7kmvaqmreiQ/Xy5QOvBPlPssDF1WN5FuaKbL4eDoEcawDYPOS/EW7dkklp0mcw3FuPE6Vg6FoPXybgIuXWO4RLCURp18Fsnw== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none (0) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=vG3S0O2gsTtGwJiNSTKKUogiFWvFQ7jZZ4ltgA63IYQ=; b=Zf0ivwYAX7fy+wdEF9Qof4MGa15Oop3e78JZSbYLrp+EklV6j+B3NgQPBWu3UkKAheug890adq40bHLaJ6BxCfztPJmFrZsWfgS3PgZtx2KW7yceHVPswqDunuUuOhopNHjyQUTa79CxJPHWJng5dbfOvFDlaDk6j8ghqmbGI14= Received: from CH2PR16CA0021.namprd16.prod.outlook.com (2603:10b6:610:50::31) by SA1PR12MB8723.namprd12.prod.outlook.com (2603:10b6:806:385::12) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7472.44; Tue, 23 Apr 2024 16:24:53 +0000 Received: from CH1PEPF0000AD7C.namprd04.prod.outlook.com (2603:10b6:610:50:cafe::22) by CH2PR16CA0021.outlook.office365.com (2603:10b6:610:50::31) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7519.22 via Frontend Transport; Tue, 23 Apr 2024 16:24:52 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by CH1PEPF0000AD7C.mail.protection.outlook.com (10.167.244.84) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.7452.22 via Frontend Transport; Tue, 23 Apr 2024 16:24:52 +0000 Received: from localhost (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.35; Tue, 23 Apr 2024 11:24:52 -0500 From: Michael Roth To: CC: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , Subject: [PATCH v14 26/22] [SQUASH] KVM: SEV: Add support for GHCB-based termination requests Date: Tue, 23 Apr 2024 11:21:41 -0500 Message-ID: <20240423162144.1780159-4-michael.roth@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20240423162144.1780159-1-michael.roth@amd.com> References: <20240421180122.1650812-1-michael.roth@amd.com> <20240423162144.1780159-1-michael.roth@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB04.amd.com (10.181.40.145) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: CH1PEPF0000AD7C:EE_|SA1PR12MB8723:EE_ X-MS-Office365-Filtering-Correlation-Id: 8381055b-eb61-4371-7071-08dc63b1e7c2 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: 2E/YhoPMALZc/IJA508pKeutHS4hK7cBi5reSnPozTyqJjT6i/iX62LCNxwALSTOT9n8c21mRjjGvoBnSGHcGaZFaPvEdvFVP1GK/Plu1qBlaHC6gLUm2OcQ9hT6jaW9i9FdO9IlGWuCLlYWP21etOE3daiRurrEmzJOVve6eF9u2GnCPJ6aLy7d0t1tSDOtyueZP6POJAdxASpomOfWxq/ZhOQasJnYub+p5OYQ6bZrD8awKZ7EO7oomB5OJ2yp5ssM8hoFBYdnV6e9iT0TjjoFW87BaJorh6uvOby7CpRYxI7cYWGW2kg2p7BL1FJ9qrjGNn/UrMf7A2FOb/uzjYmK6J87yusdlbFv+6x/S3bR7NmlsnRIWgKUmKmxoQAFePWuAduiVnYvVAjk5P85LoqzMcmN2twEm7ignNY4rbs9knXuHa16faZIHTynz5kS12f7gAIqX7YNGx3pNRbiUTEUScLTOuMuoxwJodkhF0aZ4O91TqcIPpzw2EqXPwDGfYQW9o6+JZ+hN/UCThWj2z78qPnOXQy1TKaoxGOBxcaPp+/nkCc5XSI1R7UMYhJzNcrO3i8C6Ot1UtvvutpVoMrth5uTRVjaml2dJ2bIKD2GyKyF5JkdudR2z913y9cBj2hDxMYFCtQSevujXKV0d4Y6SsqfG0KSkFCQ+inTZksblOomCozv9zOYpdCq3kNW4889l8LKU9mQYWwZ+P8JwkFdDy9+1OVsU+vsFxmzhQkCStmzzA42JwLZN3F+nnqvpoh04gmfSXYPA1hNcmMqVBI2wodKRyZ0grhjg88/x02Sn1xshiGO6AfgpkT/mzuUESlgEnIZdKKvcjjl90ZOZM0zhwwPNmz0B86dP9j8Z9PPqqfloUW0mECExsroZ7dUUINdhY0UxeWxjiJc1c919dv73YcYUIAabtKpbA6kVPQ/wR3vbHr2PM1CZHU9jvNPoieszm1H8oU4gfEw/m8hYot68jSHxFgu48yrHuayjH84fFgIdbMJ9e97cvv23ElN+KBGTKZWzEQT0qKE4FWDputoHkdZkS5o+U7EBcSHzTSKFYRcQ5oKtTD8dztrcX4sySTxaFMaSIghjM4HwlYmu2rDLyVFrtqbQJMQ075czxPbhw32/J3MjMJduI8E6xQ1QIkea+J4zUe9/rOrCxGTU2ZtGiw+6JI3sFLVCRIrX/OsrYkTmS0aM17899fdDSIBSa0UQEjZGUg43KdkvD8HxsoGJQWibuK1k0NnV9O2YReRJmYbSXhVv8iXWhktlkseZPU64sidJIfjQUuT6a/UKqsm4ErbOqUF/mgvlXkgOxwj6JleMXyeoou8nq5+hJOU3BK316KvIi7v/d35Of4asLDvnht4u57HSKnj13ITxrQ= X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230031)(1800799015)(7416005)(376005)(82310400014)(36860700004);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 23 Apr 2024 16:24:52.7627 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 8381055b-eb61-4371-7071-08dc63b1e7c2 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: CH1PEPF0000AD7C.namprd04.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: SA1PR12MB8723 X-Rspamd-Server: rspam01 X-Rspamd-Queue-Id: E743F14001C X-Stat-Signature: tiuserkhkpn8haxu6wjj1xppe39fekj7 X-Rspam-User: X-HE-Tag: 1713889497-487537 X-HE-Meta: U2FsdGVkX1/aZB0x84ShpNORVpnAFjRDaH6CPQBcSk4z6Bn4PVPvhMCNl53Wafp67oV7DA7H8DYN0ga92CduZ/Hd41Txe5xTlVNz9mBAqVJ8fdvYGwJTi8DJIJzU5fqlo+BL/8ihRix1knOPLMd1VtqAAIRV0PFlGiRo2JA9pZ84jHlv4o6C4dmkd+BqFCaCEoioYgpgjvE8zNJ+Brdaal/C9LlkKYH2wevBpIYB2QWxczNVBOpLM+gIpkwHsS+bngn4bYxGAvsJv4Jy849w0s+eF7KTUeIS71a52bv8HD7NtdENolZ3IdSXsDEOOcI4Xco6OWg2OFTWe9kTE7xJxyeE9sBITXDnrKKDfqwjT4qyX/4UwudcNICa8XdGArXwl+seFLyR6OaHa0BD8j+iM5AFL1QlKBBs/41Qee2w8ZxYsi84Y/aoPhP4g1Qf7bztrzPi6XqeE/ULxkpoo0IyhkvZUTR0BmONjSKpmUZXKK9PCeEct0RObSnD2iQgUAdeCrgAC5lWf9E4oi0MGHoZ/uz7UBjQoM/TQw5H2ZptXOfSSchJP7lj63tIBmf4UaprTH7wg3TXsiroNgm2+f/PfsyKUAHtVjqIbrvvmPs87aJw5u5pLWLp9RYtk+uWNXHmA2lRR2IL40d0ypYPH8cf7cToOs307QgH4PJ/SfkJ33HOs8rr8E295tdfAXcFfkthn3B/fIetOnvV/3TcslrCagQsr3pSb+jeU28Rmaz0AZwuF9n+5W+YCOAq9ZYpXzXbUI8WvPO2LkkY+9btoEO7Vl/+x3nkIZXS1Bbyf740VR1Cbf0KrNDgDl12Mk0m9kiUns6DcEx/4KmzGD4aeV6jmXhD/KUDlh7R/tZKFgPS3lymHt1c8GDWx6H2OqYHDF7EqVNEiWOz3fgNrtVVpy1aFKkcWeqLk0A6/xsVL73YFru6HIshZxLSKMtiYmd38Dnk+BWMIrS9/Xe6QDqLh8V n/Q== X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: Move the case statement out of the SNP-specific block so it can be handled the same way other SEV-ES requests are handled. Signed-off-by: Michael Roth --- arch/x86/kvm/svm/sev.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c index c00081248ffe..0e22f588dbe4 100644 --- a/arch/x86/kvm/svm/sev.c +++ b/arch/x86/kvm/svm/sev.c @@ -3289,12 +3289,12 @@ static int sev_es_validate_vmgexit(struct vcpu_svm *svm) case SVM_VMGEXIT_AP_JUMP_TABLE: case SVM_VMGEXIT_UNSUPPORTED_EVENT: case SVM_VMGEXIT_HV_FEATURES: + case SVM_VMGEXIT_TERM_REQUEST: break; case SVM_VMGEXIT_PSC: if (!sev_snp_guest(vcpu->kvm)) goto vmgexit_err; break; - case SVM_VMGEXIT_TERM_REQUEST: case SVM_VMGEXIT_GUEST_REQUEST: case SVM_VMGEXIT_EXT_GUEST_REQUEST: break; From patchwork Tue Apr 23 16:21:42 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Roth X-Patchwork-Id: 13640348 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id B497AC4345F for ; Tue, 23 Apr 2024 16:25:20 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 46B236B0133; Tue, 23 Apr 2024 12:25:20 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 3F4136B0135; Tue, 23 Apr 2024 12:25:20 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 220476B0136; Tue, 23 Apr 2024 12:25:20 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0014.hostedemail.com [216.40.44.14]) by kanga.kvack.org (Postfix) with ESMTP id F261B6B0133 for ; Tue, 23 Apr 2024 12:25:19 -0400 (EDT) Received: from smtpin11.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay01.hostedemail.com (Postfix) with ESMTP id AE76A1C0BB5 for ; Tue, 23 Apr 2024 16:25:19 +0000 (UTC) X-FDA: 82041321558.11.F6D0857 Received: from NAM11-BN8-obe.outbound.protection.outlook.com (mail-bn8nam11on2082.outbound.protection.outlook.com [40.107.236.82]) by imf25.hostedemail.com (Postfix) with ESMTP id D7B06A000F for ; Tue, 23 Apr 2024 16:25:16 +0000 (UTC) Authentication-Results: imf25.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b=FTjCWayX; spf=pass (imf25.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.236.82 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com; dmarc=pass (policy=quarantine) header.from=amd.com; arc=pass ("microsoft.com:s=arcselector9901:i=1") ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1713889517; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=uGdYWeUMgqUQNiInAjcQTgDZEuZULJnifx5b/bbLioA=; b=0QsSzb3Nba1tfZXFh6/BVylI7rBNFt/97CcjljotNBkWRRPMIH3sdSIb5HCJlhdym/ua0x e/Zpj1EdP89hAK5/uxNawweq2IZex+FuBGfLuuQQqzMXuWIh1jnhG/v6cavtPzDI0HK7Xy vi2RwiO05UIYMMndFeI7GUTJiYxncyI= ARC-Seal: i=2; s=arc-20220608; d=hostedemail.com; t=1713889517; a=rsa-sha256; cv=pass; b=Ik8IF9Oz4Hbw6+1hBwg2gStIx9ZoQaErRJWzayPpn5vCiNq2cvcupymzNy2AHGCDwI3rRS OFKxOKBGpvRxZEwAl0Z72jKCB67I6GpyvHO4UeUoGDbHLtcxes8YBo7RIl9t585yh7iiRZ +TraxxADhALMMsmY25esjuUe4IrN6LU= ARC-Authentication-Results: i=2; imf25.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b=FTjCWayX; spf=pass (imf25.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.236.82 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com; dmarc=pass (policy=quarantine) header.from=amd.com; arc=pass ("microsoft.com:s=arcselector9901:i=1") ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=Ne4rwnXmWgfPefIaSnCkSTYah74AkqekI+U23EwscScRD3CEF+xjZ5nLHqCYqDSPeaSf2QjIKjxSn34ouwgWLsU1fef1IVYKCanEKgS+0BDumq/yBQuaK1lPQIZBpmMogf0OoPnxXwvI2PftXZIBouXjRGzHPfWQglkNZASXhx3yDEkqFFrhltUSBpyXJyoDI3vt++XhUVCSs+QnxsLp1reUQqyJz+psjRakObuWh5jABja7+n02r9qILvNFTDJEEuk3awGoSbwnMEgjy2g0b54fYsQnvt7SGrYlQT3fR4EUMG2KiHTfguhSO8FHvADDmblRTzm+l1J9Yt0NA2nmOQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=uGdYWeUMgqUQNiInAjcQTgDZEuZULJnifx5b/bbLioA=; b=kdhzWVpCX1d435zcjxuvBDxev49UP5FMDFZB+J4CiSty/6I4w2ryKCpm0H7YZhQhnXFeNidP+Orau+SDL57ntMuABOiWN4ZLo8FligYfmHz2rta62qHMH9Gqssx4NXBLTNoTXHnnuUAXbhBwo8rYrmcygc3RZITYbn4lxiyVyoGzSpZM49L8bNH3fU/sdTev2lu9mFRU8r7Vzibew9QJ/It2sSYYrL6cJ8kxYLreDwP01O5N5uMn+lZz9EguCreCeMzAl5jitFA9ujAn6odubm3i6+sUWLYIiByMHE5r7vNpyI+Rzm0pcFyTcxiWx5DuqJ9Z6Rpjs61B964/MeXI3A== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none (0) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=uGdYWeUMgqUQNiInAjcQTgDZEuZULJnifx5b/bbLioA=; b=FTjCWayXZMrCOyUhMR8KcgYukLA+G5LpdsCsv4FefIU85HG2svFjOUsW3XtHCSE72GpipRhlmzxNKe0z8yIQT9ixKMNxa2VlYTh2MGiSVG1DNUGljz7K3Iswx8phEtkja73sqaH3VAaJhIjByfaagA2+Sn6kWfjze61KJoZ3a2E= Received: from CH2PR15CA0017.namprd15.prod.outlook.com (2603:10b6:610:51::27) by PH7PR12MB9204.namprd12.prod.outlook.com (2603:10b6:510:2e7::14) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7472.44; Tue, 23 Apr 2024 16:25:14 +0000 Received: from CH1PEPF0000AD7F.namprd04.prod.outlook.com (2603:10b6:610:51:cafe::9c) by CH2PR15CA0017.outlook.office365.com (2603:10b6:610:51::27) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7519.22 via Frontend Transport; Tue, 23 Apr 2024 16:25:13 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by CH1PEPF0000AD7F.mail.protection.outlook.com (10.167.244.88) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.7452.22 via Frontend Transport; Tue, 23 Apr 2024 16:25:13 +0000 Received: from localhost (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.35; Tue, 23 Apr 2024 11:25:13 -0500 From: Michael Roth To: CC: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , Subject: [PATCH v14 27/22] [SQUASH] KVM: SEV: Provide support for SNP_GUEST_REQUEST NAE event Date: Tue, 23 Apr 2024 11:21:42 -0500 Message-ID: <20240423162144.1780159-5-michael.roth@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20240423162144.1780159-1-michael.roth@amd.com> References: <20240421180122.1650812-1-michael.roth@amd.com> <20240423162144.1780159-1-michael.roth@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB04.amd.com (10.181.40.145) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: CH1PEPF0000AD7F:EE_|PH7PR12MB9204:EE_ X-MS-Office365-Filtering-Correlation-Id: e5ffe3ab-2aa7-4b93-e711-08dc63b1f441 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: KXlemEq4XVwpbgBmb8EyCJNbbuwMfnN5C2eHNCo7CGtMtWHaevcm31Mb4v+PBIXPt72h8GuqlDNeWG3kieluz+jbv8mOxH1Ak+AkuofRVgppdnLug4Pq6y5sNpnUwyLODa03oinp2SGRBdRH/7I84FUhJ6HJtGTe71LeUoeoqQWa7rGSqurD4eLvPRf3KSelv7PB2uBsgjtmEnwa0GqsviCAgs9L9rpBXaJ4etN92Poso45r8PLJQLeArOATc5VlXn0RTtIC15VEEx2Y6rOFr4u2wR7gscfMJofE1hi6TU2QPPVXdc3eHN1LA2y9QMDQrNedZR8A+5f9PIRLlcKMGf55jEwPf/FrvGkxyb3Yv8HlMDiZ3/6hmbuqZpKHJVClXq6NcbXHBJAHtEbc9/ShBwC3gt8qbK7npBE/u8LynezSVravbhCmmep+YQ8lhG16ZBlZQcX8WbeYsy7wx74WPunGt90VcWNNewI1brSM9rmqTDbR0Z0CgSmBjttEVjkoLQpwJoSE1m1jKDrSbYdwFRhRguDw1xBuJUQBGE7Pbb4Ioc1+fWgbekqmcLhyITlYyYOZBU+Naxo1ZUvEJtg9xTcoFO8KopgO5OuNq7HeLBRuNEDHlW4YfhAz8+s3pTB7tcyZs6Iu0qcrOJiWwubLbxw/4Qhdmo2PSLkkdJxVBAGK8hvxV09g3qo0Ia9X9vBis5+RLdcvhtZwVukM87RolzRFdIMwLRLZoT5Z9kkcy2B+w6pQQAX16OT9/PNz49hWZDy4ViYo1zHz3HCSfay8Uw9vIYQZFfPDxmu6dpJHYv1/1MG+I+BiBDT+xsVRKqcCQS0MhFeXIeHvvkI4q12BxEjD5PTZBn3xIDb1WtP34rSJje6CTxiCeudtOn3fbYbXKcCx3fDXZyZkJlD0iwKdyTDmO9O4eBAy6EyGkR0uop3rEwm7u7vUD29yz+7mrru8/M/C2HAeiyezdhE2EH5+NwyYo2T6+yB+xlC6oy6xZ0kUwk2ELxuqhHnHyHn/hDDREUC+xuDalIXrjPWTlKGhr8lqgSZlQKOh4lATjSSXD+YNIoexE81OKEgPPf1Ca8FmygIqLaHA0Xma/Qv9hb/bpLOxO9U/JaRLuKKeiU9RqFgb8UKIGQUj2BnOC8CJ4BHHtuUe1A0sCrF4pKyyIyJZhv5MYygKKi79uvgpcs7it7E/YziTm/fuo/yjyRF5sDRDkpYCrh5kNtt5RU2KlSpiVCV70HXy+cn3I2YBGU6sRgQedzM5qN8503lpboASt2YMyjZElriOPANGIvqLmJTWzCge7y/ChQwJT48q072w6b+gt/fimQ1BnePej8Qqz0vPA0pdSCIhP14xP5JmPTJjuFdkMH/GV/ffnKQViLru7nk= X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230031)(82310400014)(376005)(7416005)(1800799015)(36860700004);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 23 Apr 2024 16:25:13.7307 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: e5ffe3ab-2aa7-4b93-e711-08dc63b1f441 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: CH1PEPF0000AD7F.namprd04.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: PH7PR12MB9204 X-Rspamd-Server: rspam01 X-Rspamd-Queue-Id: D7B06A000F X-Stat-Signature: ijahxnuu6mpo3kb8swyqc461ooqyashy X-Rspam-User: X-HE-Tag: 1713889516-560655 X-HE-Meta: U2FsdGVkX1+mf3j6T91s73nf0ASvscV4qMxcJivHuR8kvWZJp6zptDH4Wiojctzdhcovk5iJPEJIgdd9bAOVpOCjQactMAmfDXSsEeR68KdPPKASyFcm9I39DX2MzuRjrVBK1tk5jOgSwyubeGHqIqLw16wxnFM3WQ9xznO3Ew8mfdOcrdjiSjJsoYQSSpnmqJFsw4/6Aa/KAc7teXDNJCR29EZIJKsf0P/O+2HmF89aZX+OXw2Z/Fa07rBcSVs5COeDhKdZ/0dnll8UoQtFE7lcwCcvekTlSWIc6Dz9ldAUeSAIKWQ18ZwNWapYCgzGU1vepclLXzuGYk7/yA0n+hXD4yG/x6EEuQi7rMdbmEitRNB311UfGiu2Jcqv2jVsCMCuqDqCQ9tpknZHw0eTqjxxaIdndxMfJQbi+TvMy7r3u6AW6A1XBaoyNN4e5xTEwqS8FMpBgSlPmSDZ76FXqdsjEs8VpZ5QfYblPw9Vj4U2E6KIdqVclipkeetlNbtJnh1kRQs7DDR9/TdFugYRMvA0EI7YvqNjpzBKZAuHRoszghaOlF5ex3YHAsP3NuHtkDEQzL1ghjNXaCfNguOYN9hpNy+cLF+ChGTAXEv/mg3i8/qqLX6kTIZo9G//ODfgIBPjaXLvFBK+TereYxKNsQGncty/1TVLsQUDykpygjkMDmUpAV+F2JbAa9dygJbEJBPNhYeqW7/2NsgrSZEoe1s2e51UWFG5S+4iUk1GJZaa5e2x8plwOOvgEjSQeW40tGu0EaQ0A1mk83mGk0bnd0dUsuYBWjvHs+xIahOJtlpDzZGn7aUk1aTJJ0fk6MJlkRxaVxD9gw+ZuHinArbp57vmLNgor5AaLzafn5Auz7XKVmRL12+J/IMf84jQ9TXFF54L7DsmPAiMVfWFzluNL0n9nHO+QUKVKNetyfaR3dneavErzQ2DOna+W3mepxQu6grLk/DizIT++wVDueh sKVuSe1C 8Bb2nt+Lw22LWDPIGH3cKfeW20aF74Sm1GL8n X-Bogosity: Ham, tests=bogofilter, spamicity=0.000544, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: As with SVM_VMGEXIT_PSC, ensure that SVM_VMGEXIT_GUEST_REQUEST can only be issued by an SNP guest. Signed-off-by: Michael Roth --- arch/x86/kvm/svm/sev.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c index 0e22f588dbe4..2b30b3b0eec8 100644 --- a/arch/x86/kvm/svm/sev.c +++ b/arch/x86/kvm/svm/sev.c @@ -3292,10 +3292,10 @@ static int sev_es_validate_vmgexit(struct vcpu_svm *svm) case SVM_VMGEXIT_TERM_REQUEST: break; case SVM_VMGEXIT_PSC: + case SVM_VMGEXIT_GUEST_REQUEST: if (!sev_snp_guest(vcpu->kvm)) goto vmgexit_err; break; - case SVM_VMGEXIT_GUEST_REQUEST: case SVM_VMGEXIT_EXT_GUEST_REQUEST: break; default: From patchwork Tue Apr 23 16:21:43 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Roth X-Patchwork-Id: 13640349 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 4C329C04FFE for ; Tue, 23 Apr 2024 16:25:44 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id D44A36B0135; Tue, 23 Apr 2024 12:25:43 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id CCE396B0137; Tue, 23 Apr 2024 12:25:43 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id B1FE06B0138; Tue, 23 Apr 2024 12:25:43 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0013.hostedemail.com [216.40.44.13]) by kanga.kvack.org (Postfix) with ESMTP id 9381B6B0135 for ; Tue, 23 Apr 2024 12:25:43 -0400 (EDT) Received: from smtpin04.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay03.hostedemail.com (Postfix) with ESMTP id 50C65A056C for ; Tue, 23 Apr 2024 16:25:43 +0000 (UTC) X-FDA: 82041322566.04.F0AA933 Received: from NAM11-DM6-obe.outbound.protection.outlook.com (mail-dm6nam11on2070.outbound.protection.outlook.com [40.107.223.70]) by imf16.hostedemail.com (Postfix) with ESMTP id 5C90E18000C for ; Tue, 23 Apr 2024 16:25:40 +0000 (UTC) Authentication-Results: imf16.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b=UrtawqBp; arc=pass ("microsoft.com:s=arcselector9901:i=1"); spf=pass (imf16.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.223.70 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com; dmarc=pass (policy=quarantine) header.from=amd.com ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1713889540; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=1uvqxf4AAT/4+K/snKnusN567i81xeodAMTISj8yubc=; b=pKIuU66QMSioS/AAQPpbZyp0pkwjJu5YA2m5prtryZzw6+1j1h3xEvY3NTBT0Sp6U2ab5O qZhcIUeU+Allw0u6IiLVJXsnUUflkJdBJo33Wa29dwsjWXLmoareSQKdJsqcokSXVajFW7 QoVVhSV2Q4TsL6LkDXvI8FQkOPlTSyQ= ARC-Authentication-Results: i=2; imf16.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b=UrtawqBp; arc=pass ("microsoft.com:s=arcselector9901:i=1"); spf=pass (imf16.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.223.70 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com; dmarc=pass (policy=quarantine) header.from=amd.com ARC-Seal: i=2; s=arc-20220608; d=hostedemail.com; t=1713889540; a=rsa-sha256; cv=pass; b=VlWETD86hQE6F3py6VUqtUTraTnaN72sWLAQuMVXYqqXQuY+o2rNPXkbWqn1sZHD+CrbD/ z9xx0mMopKGftH+ES/1xcHb0AOA4BCCk8YHIuKmRbRh6HJbIRrsrsW+1BqEUMpe0ebAgca yjoUB84B6he3WCzZ72NJaBk+enaQqz0= ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=E4u3tBlykwixD/HcTjA0n8RlC0TwLAdZ/ub3dX3q1bje/39QQKRpm4k1FmsUXH24xzKkdF+FWInqK5B/cbj9e35n9NireC6gNYtq5bjsvmowhkDUyg6QhkjZWlPYyixM2AI5VVUA4x856+1f95ZZutairtbHb7NneV2OQG7pFG3gTHfg0Kdj3Q8VnH6jgVmgCIkYml1c8HkSs/FXEY5r0NEif8yvLW2535thcFFIA0xunwj+2gbKuVdEoJ+TgggVMa3QkdtSR842EtziA0Zr0qM0MzQetqDLvf7d+SPu5toz1iarANZAbCodU358zGXfjG0Tyyb/gFp5ejVZX8kldw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=1uvqxf4AAT/4+K/snKnusN567i81xeodAMTISj8yubc=; b=ajSoNjZxlVAsCPSTooZyatngFHnBrz5bD7uzTTeDFFEa+DfofXA6gR9AgZVi/8X25E309rALOOppKLCjA7D8fNzPi18Um3fqqrfUtvDYLw8UbKDViTw9a65/oAftsEz785bs1wltncOZGhJeL5mg1B+9Q9DdjHnue+ycaeojIiNMdXO8hNqrc2BQkbhdTUCvMuoAUU45RBgsXQzjGpI5Dyg9MNXYXyXxmHe+fsShEcbUfvIOzjKxoUNjiv+e6h82XAMoEXZy1eqhaozAF8Sw3cNsgX9Zs+c7nAf4kWrk+X0Tcb1SyQF9KrTdNkxWc7t2+a8yqp6/hpe7IiYrK7x0dw== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none (0) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=1uvqxf4AAT/4+K/snKnusN567i81xeodAMTISj8yubc=; b=UrtawqBpfwlFpR0JhIGiTeXDK3ACDmvJXSKMJs97LGGT3jgUVnZUVPXuf7sKImeZYtvrHJeC91V7liuAy1HxzA3lGrCKhuHFwCTUDlxEYdPXLVGv+LyqyIcRUliOnYKC4XZpCN8asBH2xvLES02KeXrkc/uVLIRYxzVs/ECerAY= Received: from CH0PR04CA0023.namprd04.prod.outlook.com (2603:10b6:610:76::28) by CY5PR12MB6060.namprd12.prod.outlook.com (2603:10b6:930:2f::9) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7472.44; Tue, 23 Apr 2024 16:25:35 +0000 Received: from CH1PEPF0000AD81.namprd04.prod.outlook.com (2603:10b6:610:76:cafe::57) by CH0PR04CA0023.outlook.office365.com (2603:10b6:610:76::28) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7495.35 via Frontend Transport; Tue, 23 Apr 2024 16:25:34 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by CH1PEPF0000AD81.mail.protection.outlook.com (10.167.244.89) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.7452.22 via Frontend Transport; Tue, 23 Apr 2024 16:25:34 +0000 Received: from localhost (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.35; Tue, 23 Apr 2024 11:25:34 -0500 From: Michael Roth To: CC: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , Subject: [PATCH v14 28/22] [SQUASH] KVM: SEV: Provide support for SNP_EXTENDED_GUEST_REQUEST NAE event Date: Tue, 23 Apr 2024 11:21:43 -0500 Message-ID: <20240423162144.1780159-6-michael.roth@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20240423162144.1780159-1-michael.roth@amd.com> References: <20240421180122.1650812-1-michael.roth@amd.com> <20240423162144.1780159-1-michael.roth@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB04.amd.com (10.181.40.145) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: CH1PEPF0000AD81:EE_|CY5PR12MB6060:EE_ X-MS-Office365-Filtering-Correlation-Id: 094770ec-aaba-4a75-6ebb-08dc63b200c6 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: YzZ82casV1xpEF1kUPpSiTFHOFMGH+HTfEhuHKEHoDMM5op2AxTEexLWi7KiHSsRhN1DwvLgOVaFet+yEEtemSiNHK5SIbrJkqSRixnvUgMNlribdxovjlgElI+Gmu5mvHYwFywJi+9giglvBQ+VQ3Gvkp4iEl73fsMNmYWVPAQgfeoGdKZi6el/0+q/is1MB3dSgvWKiivoKL8rVDcX7HJ1JqV6hSJLC6hjethPRXgovXy9oCoCaziMNVWEB0/AOi7eTa0lC34kMSElO/qXLH6pRUnq3oY+YGD1+GBKzl+AubTRUXqhONxRmIXeZ+1tg6BR/1j6LBwcggXjY4gCQ2M73nMFl+JBAb5mB8MLqhyApjsWCK9e/hF3Ugoje1862Ikr+MKkPKwc3vUNhEvOJla6vrQbeSN0GaVatk78YDq1Ic8PeBkaANtlDGEa8sw1wi+ZKYBX591SurYLOStnvUxFnp8FaCQaunDd02rF2qf/L7i2Fbl5ZTyWGRhlZtwVhLzPQ6XQaH+7OMWdmoV1iKKscIo4LOD5FIv+3fPZDz3xFr9v8QeRfqW/KAdn06RdJByMY1v30zbUGdNTj1W09oObP1+pWP6Rlj+/B+CVG0Xi/vVN88nV/Yvob4WrRexLNE4/BuvRpnqdmAkROEDByJMjECCnIcnrXznvq1vft8JY02mhYM4nwgGd75uLw3oBjQSCaFmj3s8jdeE7H+b4jLZwI9VjJvnJdFAi/5RVysJ6CD5dwTV+9/kVpAVZ6Rv0q0a2lLRHufIZ34ek/rIaqZtC9skFlNV1e64vsVkCmfo8ZhDZ8wnTRfrQZyvUbx36DhAGW5aUaljxz1iHpf6WgpnbkSnOicip7l+2NuzclMndwOmAv34zf7DDJo/vLGXgzUS1iMEJXkOGfRS6xdDUmCsZTH/LBt2E83tL6DXGr+yXgQWHs6bBh9vebVt34f4hDEBwvGer262wRcTRrxT2sCVpXrjz8tY9qBJRonflE67liYwk3/JkDNzpxw9tS0DDDIgna/2xY08hXvsQxviFePBaoIDvC2ufz2v86UCjYMea3KQi0d29hty43zWjQBYZUQxQ2aTixgr2B1RcuRg/JwVvZ55a7Xcjr2rS+6nlV2GP6sxYaUSryE76BpNTFATaD2oX9EUQlbpc//OANg7DJLqd40KrbivAUzjnyNeAbR2EyF6PUR7pNn8Xg0iKob+9NdVxGXW9M60x10pOZLn85zYWtGn+LedbXKoEBWzswgMNb4ZYARZM7CkT+WOcmq9HmxWFcvdSfO5XBV/0A8ACUe3CPPe8fFIBPfMdKrs+IL28RM5M/PfLZ8DVF+Dse388PsJjTAMzJ2wDRA9+HoMtCkp4OQ7duutlYPR/CJRfYzk= X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230031)(82310400014)(376005)(7416005)(36860700004)(1800799015);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 23 Apr 2024 16:25:34.7319 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 094770ec-aaba-4a75-6ebb-08dc63b200c6 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: CH1PEPF0000AD81.namprd04.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: CY5PR12MB6060 X-Stat-Signature: hdfnfetyapgn6i9eygfsx57crkdbrbrh X-Rspamd-Queue-Id: 5C90E18000C X-Rspamd-Server: rspam02 X-Rspam-User: X-HE-Tag: 1713889540-286156 X-HE-Meta: U2FsdGVkX18Bj8oAEy/6faYbv1q1o4DJwyiDxq7FqKmKFlAzq7PIMQTkJMhbL9xN7hdi97W+wB3hNtzfAHQ7AsIIPsZamzs+jgJbXJ5njGS46i7Q2Qnoyogh034c1qC0BsFuc01uePLvnwAZN2LAOsC1z+GQu3wAVdQSTbMr8YDNy/eENqMJKyPvmAW4Wx1HMHR3ibX2iIu+U8TEp5GMJVKuSmjhjjndqPqSK2nTmTEQhSuh0OvGBzPpDM1qcKc3N4WWfZGR0d5rThWwmlO3TESLzLaos4FgxUVRgFsR513mBlb66o79b/23kSnPwvw3Dt0TwUuQPJDWVF3OX9oGTxmQZWPJCo7GaCP5lRIx4ByoIkgC4ZcweTHYxzKDg6fN5dhBp95rBr5EbdrKUn8JhxH8M6ZPsjtvApswYcPGE78ZIas+lnRKIs+ydRc7PSnzojdgPITpHe9ov5aimNIiT3F+WlZYXL0K46yS31v0u28jfRcUfOUSoi+nDWojsm4xppUOjMNjZi3xBBo5SUKvkrt7LO94zeeUIOoDNojptOMmaEmS6P5opQyUsK2K/gTRwex+b18rg5p9zV/1/oVHJLAbsdfegR4bUbCu9IGsiJkpDgHdGZk7X0mPsZA6UWvUF+K1YolQd3DrkVLPjhJxxHat8/sys9wUajsrYpsZcsWnCM+PubwAIzQ3E7gWHn4oEu/q+jCUPABxJyNGYqMMlp4jmBR+PewyrfZ5MXrxKiQXxbGNFgahs/UGSmY5mnUgkhDiwpvpNjSoWfAHyRS3YRaCvgWSHxCx7JOg+yjA+XBl3+Jf5MeQnRMc/HFZoYTct1XbtPuBVCZJCrOl06bEW7ylbQYY6vh3j95JcvedBKoYxDeskp3CxKiVWCIeOVOBEgGbg7I5AN5RqJvoou2MUuSm92pguB01xW9NJBwEyQURVOFgQZhEXX9vU/IpskCgAhrGcFRA3tMRGrveiw3 T35iUu/F tyODmjgYqNx224fT+D9DngEuK6CbsG0OnJX/ZUpyGL82bBze7De4M7BwZt+dPFbM0JeH2cZ3yQet5V+bc9akBZ3ZouQwMUvZonjajENBjc4co18qevSuD8i7HPIjeloDiBT2CsF16mhajTqykuvO229GazCq4qj+j1tsrKGlGaKMQ3J0rZfGXnz9mm2MoSlDQFB7M/joPxiDI5AQaDx3LCFoiraAKmyakzHPdirsvon/Z1Kvlh4JOtJVXMrpDlWuEO3pw3vYukQeB9yvL9XUKkQGaYUxctcAF2RQtZzid0sbYzR7mBdd+cAbte05Ujv5wKYu6p1igXRr2Yy2zVhoVPvGgewsMl5CvblM9yNGopTgGerGKHjc1n91lsnPRl9+pPwIt X-Bogosity: Ham, tests=bogofilter, spamicity=0.000057, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: Ensure an error is returned if a non-SNP guest attempts to issue an Extended Guest Request. Also add input validation for RAX/RBX. Signed-off-by: Michael Roth --- arch/x86/kvm/svm/sev.c | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c index 2b30b3b0eec8..ff64ed8df301 100644 --- a/arch/x86/kvm/svm/sev.c +++ b/arch/x86/kvm/svm/sev.c @@ -3297,6 +3297,11 @@ static int sev_es_validate_vmgexit(struct vcpu_svm *svm) goto vmgexit_err; break; case SVM_VMGEXIT_EXT_GUEST_REQUEST: + if (!sev_snp_guest(vcpu->kvm)) + goto vmgexit_err; + if (!kvm_ghcb_rax_is_valid(svm) || + !kvm_ghcb_rbx_is_valid(svm)) + goto vmgexit_err; break; default: reason = GHCB_ERR_INVALID_EVENT; From patchwork Tue Apr 23 16:21:44 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Roth X-Patchwork-Id: 13640350 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id AF981C4345F for ; Tue, 23 Apr 2024 16:26:03 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 221756B0137; Tue, 23 Apr 2024 12:26:03 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 1AB0A6B0139; Tue, 23 Apr 2024 12:26:03 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id F3FF06B013A; Tue, 23 Apr 2024 12:26:02 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0010.hostedemail.com [216.40.44.10]) by kanga.kvack.org (Postfix) with ESMTP id CFA4E6B0137 for ; Tue, 23 Apr 2024 12:26:02 -0400 (EDT) Received: from smtpin02.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay02.hostedemail.com (Postfix) with ESMTP id 53E1712034B for ; Tue, 23 Apr 2024 16:26:02 +0000 (UTC) X-FDA: 82041323364.02.4FBC33F Received: from NAM02-BN1-obe.outbound.protection.outlook.com (mail-bn1nam02on2042.outbound.protection.outlook.com [40.107.212.42]) by imf17.hostedemail.com (Postfix) with ESMTP id 4640B4000A for ; Tue, 23 Apr 2024 16:25:59 +0000 (UTC) Authentication-Results: imf17.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b=3UfvZggH; spf=pass (imf17.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.212.42 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com; dmarc=pass (policy=quarantine) header.from=amd.com; arc=pass ("microsoft.com:s=arcselector9901:i=1") ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1713889559; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=CwkhCL+vr2XzfwAv20MKLDTPT0xknnynFHwZccJ5W20=; b=i6M5YpnMq1oyBie0QSMKrC7a2X2bs0r1cqJZmH+M6FXOV8rKk/cmpvi2SNRRJK/t92hjV6 /ODy7tL8DEwTu4XuZRj5NzB0apopCc3ozRg06pn8wZ3ODND+DGqFuvCN/2j3c1IgBacg9O 5NghJillcjs/JhCYG6uhf7Vg0yajHeU= ARC-Seal: i=2; s=arc-20220608; d=hostedemail.com; t=1713889559; a=rsa-sha256; cv=pass; b=wdY04X15JEuzx1sazeA9zVXwbn7VDLAVs9GDltrzCfbcl+2nXRBRBqVI/1yjZxnCnXLZAb IC9MzvbF0XUzs+s4uIjPT4EoWDFGVrKCGwVqniYjGqvW3nevBPdYexjB3yQbwdt6mlPS19 18fnjdMe6W6WeHRbvD6KYo9fEnOUEE4= ARC-Authentication-Results: i=2; imf17.hostedemail.com; dkim=pass header.d=amd.com header.s=selector1 header.b=3UfvZggH; spf=pass (imf17.hostedemail.com: domain of Michael.Roth@amd.com designates 40.107.212.42 as permitted sender) smtp.mailfrom=Michael.Roth@amd.com; dmarc=pass (policy=quarantine) header.from=amd.com; arc=pass ("microsoft.com:s=arcselector9901:i=1") ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=Yfci2WfrZHHz5nlRGHSbC57A4hLpTeFjrkamiRRG6HrlXcp2AYLT1PCHDd3f7tur0KjQN8ybKoEzszeU4heiQzaxP2py1Uob7R8+NPO1ZnBHbY2IHw4PvPksmPlVHfe7tO/jk91dS80+JogCroX99Y+efNyj59cnHL7IvaWftEytGtnIgyZ5GWiuVo/VLvU/7qILfX1+QVp4g+Ke86yXAky7FKL5i7p6cmK3Qtbhfn5zhXIzNDE6TYvvnZkCgpthDAtomwCA1KZ3ZXVnAi4ZMM1fIgwO4acmr8WG5RhU8AC4YOeo7nbfu01PBcdFsTyf3wFWAIRgM/S67UXz/sk+Gw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=CwkhCL+vr2XzfwAv20MKLDTPT0xknnynFHwZccJ5W20=; b=I/LX0CDB8z0wr7DlN2Gzws7N/ZfkcYFi/TfvUFSHU7qGx9SQAq5ehnWXZUoB5rQJaclgyIZgffa57H2ZZR4mA4pjsmlh/eZogVWuzVfzHMx0SxaVUyy9uS3zS4f9AwOASkPa1iko1rECP1O7Ke4hipKb7OvbzzqeaM18BV2jwmbicoxXW0XZXwQPImmHcL3J1RagVuF9YO18Zxvr3v5ICPPH9BazN8vodUQ895K+OflaqLnnBkkBWUCV6HKe8TpktPWJzDxceNvAQl9W8hT0hQBsV4+IaklUdV5uQ6odVSrb7AvvW3Iv+9SQTq1zUo8/mb/x4WH0Hd7eYdmU3I6IHg== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none (0) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=CwkhCL+vr2XzfwAv20MKLDTPT0xknnynFHwZccJ5W20=; b=3UfvZggHkPDy+NNrAzZVL1QaINhmd/4wg+UOPZ93iljHnHdYBShLLK3dogH/hBh+9YvJ1tyq2LM3HkiavpY3Lx/qDDq5We0+10mEUBUzDwrl04rPHwFJc8XFf0r3iM7r/72GPgHRcvFHyXoY6vW0HBEW3j1aWzCpOA1nEmN3eEQ= Received: from CH2PR03CA0026.namprd03.prod.outlook.com (2603:10b6:610:59::36) by MW3PR12MB4425.namprd12.prod.outlook.com (2603:10b6:303:5e::21) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7472.44; Tue, 23 Apr 2024 16:25:56 +0000 Received: from CH1PEPF0000AD7D.namprd04.prod.outlook.com (2603:10b6:610:59:cafe::51) by CH2PR03CA0026.outlook.office365.com (2603:10b6:610:59::36) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7495.35 via Frontend Transport; Tue, 23 Apr 2024 16:25:56 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by CH1PEPF0000AD7D.mail.protection.outlook.com (10.167.244.86) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.7452.22 via Frontend Transport; Tue, 23 Apr 2024 16:25:56 +0000 Received: from localhost (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.35; Tue, 23 Apr 2024 11:25:55 -0500 From: Michael Roth To: CC: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , Subject: [PATCH v14 29/22] [SQUASH] KVM: SEV: Support SEV-SNP AP Creation NAE event Date: Tue, 23 Apr 2024 11:21:44 -0500 Message-ID: <20240423162144.1780159-7-michael.roth@amd.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20240423162144.1780159-1-michael.roth@amd.com> References: <20240421180122.1650812-1-michael.roth@amd.com> <20240423162144.1780159-1-michael.roth@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB04.amd.com (10.181.40.145) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: CH1PEPF0000AD7D:EE_|MW3PR12MB4425:EE_ X-MS-Office365-Filtering-Correlation-Id: c96d2bce-f9f7-4b06-87ed-08dc63b20d74 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: yLZdUGzG5KhLqt5/mgdReNk1Bu4q0B2UNRQNa1pKLc2iR5qEUFQQWkmMGYxVBcXFBsYRcf6MthaCA/2rD/FmDZkSqTs2GAXx+1RyVZj4GlFexXM0PbC1bOvHBSIomrXMJTw0XqxdzutXGW9veD17b30uuE+Zbl8RX7paa7cbX1OZtacfv9wt+s06XLhUkKZX6D2n1p8G+ApH4PPlew/mmnFVCje4AoVbYUzy9K7g+22wKRHr1BtLnrBiQcNS2UwCfQ2OSEDcTKriJH2CnmmZEhobTrowHVkJt5yDSuzwaTHMa1CXATtXMDlarhtnWCYSjst4U+/svPhwND+Z1Z4IKKpTjcfD3iIndbqOnDcE8biRl2wAMnVTu6CIQkGASDK4GSN4IWuPHoYWrxXM01dDseQKGQCIWNdhTt1ZcrA/dQmJQvdcfunItZrTIyvgMLbO9UqzCcRyreO+bQYGfsVug4UucG2GAXM1/IeFFdhmAVbkMJmVX7YebA+iRHLA7PdahRy5uu5JNN6NKml/xU+HvWy48W08rt/trygewendQJn6W1LWnr6QJIGrcKVyygVo7EPoEfc1zeX/FXVkZZ9RCd/8Gcuc9CtItgBwWDu27kXNE+ROgE1dAdNuePCqddZwPduDt8CKUa8k/exqki503GPRtWcz/CghPiCHGBoTxbAq/cN1Sa66+r/pC/FLwnfxr9dRvpkaxmhpyfmUIsBElvVE+Hup4SKMl++zI1zuwc46Ni7eHndfBBkNOjKeHbYXb7ucyy7usLShHQxv/UJM7ugShcdjzyWT9Ru8xqjEI3Dn9x31XQPEeji3yS0FO2zoIFFi6Fm7Eng4VkXcM+LXeB81YtbOLpiTkPd0XicKL3xgnNiNlFmNevbw7IKEKVD7CTAjjG3ubVjZQHwUS9qMp5Yh0aPzGaJRBjxmx/FmKW2R2Z8BzMNxvrD0ni21CFlVmjnTvde4Y/3UycoElzCFNMczvUc2OKIrE84lBzneyOWUs/M6HfeYfgVkdtFK2We87V/P6iJVwztE02P5vCTPwmlwOtYlvh0t7vSnLffZcUeR/V8eotBMK3BsYEMgHKqO4lpNk62iEA6+/hdzuCSeVvv/9vRvAlIpaJ337OgLmHu1bP94PKI/P2qlymMTtcNRdyzJQWdwMGpAYev+pBa2TQq3tFdaMy8iHibPeIStpF2xfiIzRuoXh+iLmPqPErd9csdJ2IU7KWx2W8f+I131SD/S+bSI9w679GntYXAxbTxmNOed1mQX07vTLSPtm/WQP/0thUVahY5kF4fjhZg/xv2H7rdKWMvtogX5hZiAtG/2jFUoIIBkO9eG7Ky9RTYbo9s75i0Ui0rLRuHJ+rEY3B2MX1ibUdef2NgkXJVNjFQ= X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230031)(1800799015)(376005)(36860700004)(7416005)(82310400014);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 23 Apr 2024 16:25:56.0055 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: c96d2bce-f9f7-4b06-87ed-08dc63b20d74 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: CH1PEPF0000AD7D.namprd04.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: MW3PR12MB4425 X-Rspamd-Server: rspam12 X-Rspamd-Queue-Id: 4640B4000A X-Rspam-User: X-Stat-Signature: 1ne3iwor9c4ofb8fcoxzmy84cgbxz38a X-HE-Tag: 1713889559-952119 X-HE-Meta: U2FsdGVkX1+oavSX7t0uZZs/7DNVOOiAF/CeILYkpyBRK4ecDWZZYjMQ1NyEF+31VCcIiarTnv1hdOtoJ7IGcrgbHUPxQr94eZO9M9EJNPEtjHca0NJMQw+MC8Fz/EkOu7HGffZwNuDYegvBvp9V5YSMVe8xcfjKVlzEB6+1gS4iJoDzF//8XG5ZR+BdDV31oCLKU7UTjeLtfLgt7F6rPO0yPn3kJvOZnII/M7ltESR6VEmEdJeTVTo2oT4nchVmlvdSUbaSLJKMtGbisV8HRkWnxxMdls6FtcS/O6Pt3X9T4FNSglZtd/wJ5XHNmdKuDhOo6iV55+N1ueN+MuOco3m8v6zKCjRUqg3btX6X8wMDr5EobCyPKHCVsMKwN7kJZXxA1Rt5bCZYpbJOiGh+DBDxP7XJMOYvls7yZMrOYwc1sS06wPjVNhYsclLvloirYVYPMu2CJNg5euQjOOmhC2wxE6wGL8fTCmB6GNfm/jTVekFoE2zsWlGVt9Wm5lLXHT6e/8nVkZRu5AfScQHHivHNpq00A7SqHPvD+s1xIqEO+m1A1cRDf1FjjIhRaL0egWo2wBViY56ldCbwTctKsY8QOEQfq5MEpBe+4Dv8Bn1uEeJxzJI6aoDp2U7FFr1Z6fAIcUms6v7TSGZO4PGcCyNhVjFr7m4WPB6fCcuE+lMxDP0dcO7OSFPtO+segz/Wv6w7tv4G9LBjbw2r5QCGIf6F+hxHDhAJX3a0UIGtlUtLzDxNxCb0K8YrkOfaK+teYW02lAOybcxVF4vJ6EPzsuamNTLlOE7fVMOrpCNxnjo8JepAKOZwioq9NWb1Rcf1kgaCY4+4mExILwcc08CvoP2MpyvSi9a0KwtSPWAXuxg1E1EcXfBCY9xBCLXNzFkiLEi6g3DqhqiQGBVrdefnnsqHA0chTBPDkg2LNqxrf6N8EhBHta+JA4qveMQ5S/1D81Q1+6lWI2/phZqx2gq zowHWzzz sQCzvDNmiuPTYmEwj9TXiB4ZnFVAbY3HtVGfmCVPiBcnSBOS9tLXRXHhcq25hEppLuIROItADGoeqvpN61Cwz+ZRwBkxUcfNuYNmgK2zTRThYuuc+RQrp9YTkUSfGLsSipLZGD2z8zdRuNHalf7c/KDunVg2+p5z1Z23VNTufrWnz0ByQts12KxMRZKsb/f9ACVYD9LJToX68O7XsqhApEoIJbTA3V/RXgTYm/TkYTFwHChF54OOkznYIGre8shMZJpQZLSowNd/4/aomm8dt8I25uMEZMUbKgmt10P3usKSu1Opid6SGA+2J1O89rnt5TIdKmW6eQaADMwc= X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: Return an error if non-SNP guest issues AP Creation request. Signed-off-by: Michael Roth --- arch/x86/kvm/svm/sev.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c index ff64ed8df301..1137a7f4136b 100644 --- a/arch/x86/kvm/svm/sev.c +++ b/arch/x86/kvm/svm/sev.c @@ -3280,6 +3280,8 @@ static int sev_es_validate_vmgexit(struct vcpu_svm *svm) goto vmgexit_err; break; case SVM_VMGEXIT_AP_CREATION: + if (!sev_snp_guest(vcpu->kvm)) + goto vmgexit_err; if (lower_32_bits(control->exit_info_1) != SVM_VMGEXIT_AP_DESTROY) if (!kvm_ghcb_rax_is_valid(svm)) goto vmgexit_err;