From patchwork Wed Oct 9 09:28:32 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Nikunj A. Dadhania" X-Patchwork-Id: 13827990 Received: from NAM12-DM6-obe.outbound.protection.outlook.com (mail-dm6nam12on2077.outbound.protection.outlook.com [40.107.243.77]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 53E4818C92A; Wed, 9 Oct 2024 09:29:19 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=fail smtp.client-ip=40.107.243.77 ARC-Seal: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1728466162; cv=fail; b=hAPc22JVZfWrShwqFGBRap2DfKwo5nFtSRkLrpb0PC2ucZYcw556T+V8RYznDvY22oDDyNpscsFjSKOzcQ19PAtnGadCWjpYUa78hsEUGZZ3i2APKbNl+Q1n/R0wREPopbE0MXEHdbxhLKggKcV9TgExXQyT0HJXnYO1k0kkag0= ARC-Message-Signature: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1728466162; c=relaxed/simple; bh=TzgnhTMOVegJARAFZmIEILbs6YYugunyYXQhXk4K9/M=; h=From:To:CC:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=mcOI98+XzbmocYDvPvrhGPBHThgvcKDrJ5er9OcwUN0OjNoOKbEBOye0yFjDTOdquAAGQ6kigKJC4kCtj6wWQ7MNVqmhXSjVvzMdX+F8hdm3FjjT+pZdS5QKqRjfsm76XFsVS95A2oXdnguec1a+yS1KYqvUhjgysKoUaw67Kx8= ARC-Authentication-Results: i=2; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com; spf=fail smtp.mailfrom=amd.com; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b=cqtpifjm; arc=fail smtp.client-ip=40.107.243.77 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com Authentication-Results: smtp.subspace.kernel.org; spf=fail smtp.mailfrom=amd.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b="cqtpifjm" ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=NX+o1/h+MA2S8YET/woNx3apErs1++pSgd2k9Yb3wsn7pCwoGIthVdlGNqeCB2GLYcuWlZDHZV1eyww+ngjZvPIajy2EQ2OQo7s18WGT9a3ia9LWNZzNht0Pcqvo/pm2P8wV1tANOajbqpb/J3Z55xy46SGaIiR+pqTb/iGoz/jqoALXmeORM84iRRTr9BdWBkD0JGexdJXDRAOLmJv7codmMr0eHPrK4SeIgxairbk5BV+TpwIXRE8LiD0LtihpVNWVG6nVRpda53Kv6T30aSsjf2m9vQo0DHVS4KbMXwI6GX+dMVSspN14Lv1MazTSt8ABg59k3c0iU6zmOqvEZA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=qE2W4H7qYSC3ZeBcnVoVxgKT810IWrwsCctTxclwap8=; b=sXBlpF0AjRqsUbOBH4qkxuUGkz44/eZxicc10upxjBhyfBIPMda54QcbS8tfuZaLcebGYNSFGPscK9IB5zaPWriY8/6bRohZjWkQHsX9tLGOx88TogkRT+g6Sf4Rxpwzt3O05bxd8qhgOkBzsTps8GrOqTxz3OA726EtFHfR0G8hZsmt2ZPbJQlJUk/f2kG4MQy8XVGDnJ284Zk1ENjqO26dzKTbXus4Lv9Xdr44kXPB7otr/3nP/9sq3cMFWArtiJl4nfMJYuPVKPZsU4R8pMu4cRqSUPr2lfG7CBgfmoGYGjDyxV0Sl4zfrqj3uS/mAMZJ6h/B0YzE1/zuTG5bCA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none (0) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=qE2W4H7qYSC3ZeBcnVoVxgKT810IWrwsCctTxclwap8=; b=cqtpifjmlFPUxp6fOB/ZHTh/Exl4jVVmQH14R74HOwuYAoSuMpu0Jbgq2MZfvO+uRJ3Iv2Kqm6L8sOF+pR0qdzrxMjFFhdFkKbasAzwHpqfutZvjD9R2GPKWuQT4TfwcAUQccEYw9Fym1zKHSWFRkYbZwYziAesFHN9NbLYDMXU= Received: from MN2PR17CA0022.namprd17.prod.outlook.com (2603:10b6:208:15e::35) by CH3PR12MB8581.namprd12.prod.outlook.com (2603:10b6:610:15d::9) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.8048.18; Wed, 9 Oct 2024 09:29:14 +0000 Received: from BL02EPF00021F69.namprd02.prod.outlook.com (2603:10b6:208:15e:cafe::c8) by MN2PR17CA0022.outlook.office365.com (2603:10b6:208:15e::35) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.8048.17 via Frontend Transport; Wed, 9 Oct 2024 09:29:14 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by BL02EPF00021F69.mail.protection.outlook.com (10.167.249.5) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.8048.13 via Frontend Transport; Wed, 9 Oct 2024 09:29:14 +0000 Received: from gomati.amd.com (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.39; Wed, 9 Oct 2024 04:29:10 -0500 From: Nikunj A Dadhania To: , , , , CC: , , , , , , Subject: [PATCH v12 01/19] virt: sev-guest: Use AES GCM crypto library Date: Wed, 9 Oct 2024 14:58:32 +0530 Message-ID: <20241009092850.197575-2-nikunj@amd.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20241009092850.197575-1-nikunj@amd.com> References: <20241009092850.197575-1-nikunj@amd.com> Precedence: bulk X-Mailing-List: kvm@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: BL02EPF00021F69:EE_|CH3PR12MB8581:EE_ X-MS-Office365-Filtering-Correlation-Id: 799f8dc4-1ee9-445c-0ed7-08dce844d723 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0;ARA:13230040|1800799024|7416014|36860700013|376014|82310400026; X-Microsoft-Antispam-Message-Info: tlkj9rZHLHT0UuoEe07Pbl2XP6ETzAp67eVnugM6IZH/oZMfVLoYXnnvnvhwiYsGsxg0NfzTd5MArAfZOO5ndJxKW9lc7IaciKvHENXV8KBySg1jLTLtIc/jJE6nAfX4HJQlXOYpJyLr9DYP09DaX+KMVyLjlePltX2i5g64Mik67x814kuGVILQLKcYw3ZEBzRoQxdOtVn0DXpfMqC2B5eDsINuJEJnh5xGg20l62XKXb1KaFboUL7ZKzaESb6iELTrg/j/iYreCQEcJ9KvSZwe5WITGuzdUM76MYIgjk2nOgARplYgZo6BfHCvCcFcdPkO9svrJ1Dm+AAhHbb1MToAqjz4wjuJWPPcrLbetFZf4HFdz2ngio5GgZCdJHaKwSvfVD0hyvEPWNIS3vErl6LxdPYCSbUfPVSBqrLtpFfI+P41BGNg9axkukguSlM5hPCCBa6cWfCjFohSE/xkAqpQT6TBCg7j4S37SY10gJqMk0gX0vPbSNJR1nLfzmqRNhuFkpyyqkcVGqI1avUinBedSvybGxQDnl+vpTIHcnSidzwKj8DD49w9/d1YlNY2rTBGlYkKI6PgmXVALXIHEVo/Suhr+9BBJMgKjgr+TfhKiEz1ZhK0FY5xppPiYBAKOxhMRhARSzT1wbCu4M6mIxH55RAaxVnJhXw2CyFhgCzX20qOA3grFJnKMzZ8+A1PkrUOVALok085SyYBTwHMTxHnY5pG1OVbq8MRcE9DhcSA4Q+S44mHWLiPWr3l4vnZyb3XPsXMuouELCv/NKNCRVDuvVBc+9uOjz3dreBwipY/JoM3Se3t+xOzWJnMTR1mnUEQRKllL9AS0Vxjuc3QxBQAkjSy4OyZzdjaJGlwg6yNuEj+XdxhiogenLnV5JDX+nr4KjjLZQSxlSPKwwkYXXv27iwqWv7C2R/N9KzG7PWwKhc5PAsxfaruU9dr0xRMlvWac3fh2WEg/AThijNWCLY67wvm5Ns6Sox7ykIRviH1SkkNFzjXsZfPTMPt6rt1yFQ8U6UlS+mgJkz0aCZ4jgfLeOj3MuI9YGWs3RS4swiMA8rtygz7N8ZdKUGDMXyP7vKQWDH2f2lur0fWsefFgtl1H6OptvFK7xmYowFOaRRJnX0ldLg1OZlKidvhOr0uFd2wVhNgzeDHMSvglFXWP6MlPVaCngCyN+2VFuKcVIWrp6TkoQ3bKDSm0FXshPmYJP+p72NxFG2XyRNUyhvkvVYzx+ADJHj0na4aonJIOk2kLxw7J3MIMhXAHPJKF7QfgwlAJngjG9IrRfBAilsyO+W6mDwfND9haadfyy1K7J6Z9QWDa7qGDgiwzFR7NlZ7OWCfb23vJNK+B839Fvat9JUTcq2rDlYbAiIed84QvIU+F9irArrEuL5UqTUHfaeU X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230040)(1800799024)(7416014)(36860700013)(376014)(82310400026);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 09 Oct 2024 09:29:14.3961 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 799f8dc4-1ee9-445c-0ed7-08dce844d723 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: BL02EPF00021F69.namprd02.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: CH3PR12MB8581 The sev-guest driver encryption code uses the crypto API for SNP guest messaging with the AMD Security processor. In order to enable secure TSC, SEV-SNP guests need to send such a TSC_INFO message before the APs are booted. Details from the TSC_INFO response will then be used to program the VMSA before the APs are brought up. However, the crypto API is not available this early in the boot process. In preparation for moving the encryption code out of sev-guest to support secure TSC and to ease review, switch to using the AES GCM library implementation instead. Drop __enc_payload() and dec_payload() helpers as both are small and can be moved to the respective callers. CC: Ard Biesheuvel Signed-off-by: Nikunj A Dadhania Reviewed-by: Tom Lendacky Tested-by: Peter Gonda Acked-by: Borislav Petkov (AMD) --- arch/x86/include/asm/sev.h | 3 + drivers/virt/coco/sev-guest/sev-guest.c | 175 ++++++------------------ drivers/virt/coco/sev-guest/Kconfig | 4 +- 3 files changed, 43 insertions(+), 139 deletions(-) diff --git a/arch/x86/include/asm/sev.h b/arch/x86/include/asm/sev.h index ee34ab00a8d6..e7977f76d77e 100644 --- a/arch/x86/include/asm/sev.h +++ b/arch/x86/include/asm/sev.h @@ -120,6 +120,9 @@ struct snp_req_data { }; #define MAX_AUTHTAG_LEN 32 +#define AUTHTAG_LEN 16 +#define AAD_LEN 48 +#define MSG_HDR_VER 1 /* See SNP spec SNP_GUEST_REQUEST section for the structure */ enum msg_type { diff --git a/drivers/virt/coco/sev-guest/sev-guest.c b/drivers/virt/coco/sev-guest/sev-guest.c index 89754b019be2..a33daff516ed 100644 --- a/drivers/virt/coco/sev-guest/sev-guest.c +++ b/drivers/virt/coco/sev-guest/sev-guest.c @@ -17,8 +17,7 @@ #include #include #include -#include -#include +#include #include #include #include @@ -31,26 +30,18 @@ #include #define DEVICE_NAME "sev-guest" -#define AAD_LEN 48 -#define MSG_HDR_VER 1 #define SNP_REQ_MAX_RETRY_DURATION (60*HZ) #define SNP_REQ_RETRY_DELAY (2*HZ) #define SVSM_MAX_RETRIES 3 -struct snp_guest_crypto { - struct crypto_aead *tfm; - u8 *iv, *authtag; - int iv_len, a_len; -}; - struct snp_guest_dev { struct device *dev; struct miscdevice misc; void *certs_data; - struct snp_guest_crypto *crypto; + struct aesgcm_ctx *ctx; /* request and response are in unencrypted memory */ struct snp_guest_msg *request, *response; @@ -169,132 +160,31 @@ static inline struct snp_guest_dev *to_snp_dev(struct file *file) return container_of(dev, struct snp_guest_dev, misc); } -static struct snp_guest_crypto *init_crypto(struct snp_guest_dev *snp_dev, u8 *key, size_t keylen) +static struct aesgcm_ctx *snp_init_crypto(u8 *key, size_t keylen) { - struct snp_guest_crypto *crypto; + struct aesgcm_ctx *ctx; - crypto = kzalloc(sizeof(*crypto), GFP_KERNEL_ACCOUNT); - if (!crypto) + ctx = kzalloc(sizeof(*ctx), GFP_KERNEL_ACCOUNT); + if (!ctx) return NULL; - crypto->tfm = crypto_alloc_aead("gcm(aes)", 0, 0); - if (IS_ERR(crypto->tfm)) - goto e_free; - - if (crypto_aead_setkey(crypto->tfm, key, keylen)) - goto e_free_crypto; - - crypto->iv_len = crypto_aead_ivsize(crypto->tfm); - crypto->iv = kmalloc(crypto->iv_len, GFP_KERNEL_ACCOUNT); - if (!crypto->iv) - goto e_free_crypto; - - if (crypto_aead_authsize(crypto->tfm) > MAX_AUTHTAG_LEN) { - if (crypto_aead_setauthsize(crypto->tfm, MAX_AUTHTAG_LEN)) { - dev_err(snp_dev->dev, "failed to set authsize to %d\n", MAX_AUTHTAG_LEN); - goto e_free_iv; - } + if (aesgcm_expandkey(ctx, key, keylen, AUTHTAG_LEN)) { + pr_err("Crypto context initialization failed\n"); + kfree(ctx); + return NULL; } - crypto->a_len = crypto_aead_authsize(crypto->tfm); - crypto->authtag = kmalloc(crypto->a_len, GFP_KERNEL_ACCOUNT); - if (!crypto->authtag) - goto e_free_iv; - - return crypto; - -e_free_iv: - kfree(crypto->iv); -e_free_crypto: - crypto_free_aead(crypto->tfm); -e_free: - kfree(crypto); - - return NULL; -} - -static void deinit_crypto(struct snp_guest_crypto *crypto) -{ - crypto_free_aead(crypto->tfm); - kfree(crypto->iv); - kfree(crypto->authtag); - kfree(crypto); -} - -static int enc_dec_message(struct snp_guest_crypto *crypto, struct snp_guest_msg *msg, - u8 *src_buf, u8 *dst_buf, size_t len, bool enc) -{ - struct snp_guest_msg_hdr *hdr = &msg->hdr; - struct scatterlist src[3], dst[3]; - DECLARE_CRYPTO_WAIT(wait); - struct aead_request *req; - int ret; - - req = aead_request_alloc(crypto->tfm, GFP_KERNEL); - if (!req) - return -ENOMEM; - - /* - * AEAD memory operations: - * +------ AAD -------+------- DATA -----+---- AUTHTAG----+ - * | msg header | plaintext | hdr->authtag | - * | bytes 30h - 5Fh | or | | - * | | cipher | | - * +------------------+------------------+----------------+ - */ - sg_init_table(src, 3); - sg_set_buf(&src[0], &hdr->algo, AAD_LEN); - sg_set_buf(&src[1], src_buf, hdr->msg_sz); - sg_set_buf(&src[2], hdr->authtag, crypto->a_len); - - sg_init_table(dst, 3); - sg_set_buf(&dst[0], &hdr->algo, AAD_LEN); - sg_set_buf(&dst[1], dst_buf, hdr->msg_sz); - sg_set_buf(&dst[2], hdr->authtag, crypto->a_len); - - aead_request_set_ad(req, AAD_LEN); - aead_request_set_tfm(req, crypto->tfm); - aead_request_set_callback(req, 0, crypto_req_done, &wait); - - aead_request_set_crypt(req, src, dst, len, crypto->iv); - ret = crypto_wait_req(enc ? crypto_aead_encrypt(req) : crypto_aead_decrypt(req), &wait); - - aead_request_free(req); - return ret; -} - -static int __enc_payload(struct snp_guest_dev *snp_dev, struct snp_guest_msg *msg, - void *plaintext, size_t len) -{ - struct snp_guest_crypto *crypto = snp_dev->crypto; - struct snp_guest_msg_hdr *hdr = &msg->hdr; - - memset(crypto->iv, 0, crypto->iv_len); - memcpy(crypto->iv, &hdr->msg_seqno, sizeof(hdr->msg_seqno)); - - return enc_dec_message(crypto, msg, plaintext, msg->payload, len, true); -} - -static int dec_payload(struct snp_guest_dev *snp_dev, struct snp_guest_msg *msg, - void *plaintext, size_t len) -{ - struct snp_guest_crypto *crypto = snp_dev->crypto; - struct snp_guest_msg_hdr *hdr = &msg->hdr; - - /* Build IV with response buffer sequence number */ - memset(crypto->iv, 0, crypto->iv_len); - memcpy(crypto->iv, &hdr->msg_seqno, sizeof(hdr->msg_seqno)); - - return enc_dec_message(crypto, msg, msg->payload, plaintext, len, false); + return ctx; } static int verify_and_dec_payload(struct snp_guest_dev *snp_dev, void *payload, u32 sz) { - struct snp_guest_crypto *crypto = snp_dev->crypto; struct snp_guest_msg *resp_msg = &snp_dev->secret_response; struct snp_guest_msg *req_msg = &snp_dev->secret_request; struct snp_guest_msg_hdr *req_msg_hdr = &req_msg->hdr; struct snp_guest_msg_hdr *resp_msg_hdr = &resp_msg->hdr; + struct aesgcm_ctx *ctx = snp_dev->ctx; + u8 iv[GCM_AES_IV_SIZE] = {}; pr_debug("response [seqno %lld type %d version %d sz %d]\n", resp_msg_hdr->msg_seqno, resp_msg_hdr->msg_type, resp_msg_hdr->msg_version, @@ -316,11 +206,16 @@ static int verify_and_dec_payload(struct snp_guest_dev *snp_dev, void *payload, * If the message size is greater than our buffer length then return * an error. */ - if (unlikely((resp_msg_hdr->msg_sz + crypto->a_len) > sz)) + if (unlikely((resp_msg_hdr->msg_sz + ctx->authsize) > sz)) return -EBADMSG; /* Decrypt the payload */ - return dec_payload(snp_dev, resp_msg, payload, resp_msg_hdr->msg_sz + crypto->a_len); + memcpy(iv, &resp_msg_hdr->msg_seqno, min(sizeof(iv), sizeof(resp_msg_hdr->msg_seqno))); + if (!aesgcm_decrypt(ctx, payload, resp_msg->payload, resp_msg_hdr->msg_sz, + &resp_msg_hdr->algo, AAD_LEN, iv, resp_msg_hdr->authtag)) + return -EBADMSG; + + return 0; } static int enc_payload(struct snp_guest_dev *snp_dev, u64 seqno, int version, u8 type, @@ -328,6 +223,8 @@ static int enc_payload(struct snp_guest_dev *snp_dev, u64 seqno, int version, u8 { struct snp_guest_msg *msg = &snp_dev->secret_request; struct snp_guest_msg_hdr *hdr = &msg->hdr; + struct aesgcm_ctx *ctx = snp_dev->ctx; + u8 iv[GCM_AES_IV_SIZE] = {}; memset(msg, 0, sizeof(*msg)); @@ -347,7 +244,14 @@ static int enc_payload(struct snp_guest_dev *snp_dev, u64 seqno, int version, u8 pr_debug("request [seqno %lld type %d version %d sz %d]\n", hdr->msg_seqno, hdr->msg_type, hdr->msg_version, hdr->msg_sz); - return __enc_payload(snp_dev, msg, payload, sz); + if (WARN_ON((sz + ctx->authsize) > sizeof(msg->payload))) + return -EBADMSG; + + memcpy(iv, &hdr->msg_seqno, min(sizeof(iv), sizeof(hdr->msg_seqno))); + aesgcm_encrypt(ctx, msg->payload, payload, sz, &hdr->algo, AAD_LEN, + iv, hdr->authtag); + + return 0; } static int __handle_guest_request(struct snp_guest_dev *snp_dev, u64 exit_code, @@ -495,7 +399,6 @@ struct snp_req_resp { static int get_report(struct snp_guest_dev *snp_dev, struct snp_guest_request_ioctl *arg) { - struct snp_guest_crypto *crypto = snp_dev->crypto; struct snp_report_req *report_req = &snp_dev->req.report; struct snp_report_resp *report_resp; int rc, resp_len; @@ -513,7 +416,7 @@ static int get_report(struct snp_guest_dev *snp_dev, struct snp_guest_request_io * response payload. Make sure that it has enough space to cover the * authtag. */ - resp_len = sizeof(report_resp->data) + crypto->a_len; + resp_len = sizeof(report_resp->data) + snp_dev->ctx->authsize; report_resp = kzalloc(resp_len, GFP_KERNEL_ACCOUNT); if (!report_resp) return -ENOMEM; @@ -534,7 +437,6 @@ static int get_report(struct snp_guest_dev *snp_dev, struct snp_guest_request_io static int get_derived_key(struct snp_guest_dev *snp_dev, struct snp_guest_request_ioctl *arg) { struct snp_derived_key_req *derived_key_req = &snp_dev->req.derived_key; - struct snp_guest_crypto *crypto = snp_dev->crypto; struct snp_derived_key_resp derived_key_resp = {0}; int rc, resp_len; /* Response data is 64 bytes and max authsize for GCM is 16 bytes. */ @@ -550,7 +452,7 @@ static int get_derived_key(struct snp_guest_dev *snp_dev, struct snp_guest_reque * response payload. Make sure that it has enough space to cover the * authtag. */ - resp_len = sizeof(derived_key_resp.data) + crypto->a_len; + resp_len = sizeof(derived_key_resp.data) + snp_dev->ctx->authsize; if (sizeof(buf) < resp_len) return -ENOMEM; @@ -579,7 +481,6 @@ static int get_ext_report(struct snp_guest_dev *snp_dev, struct snp_guest_reques { struct snp_ext_report_req *report_req = &snp_dev->req.ext_report; - struct snp_guest_crypto *crypto = snp_dev->crypto; struct snp_report_resp *report_resp; int ret, npages = 0, resp_len; sockptr_t certs_address; @@ -622,7 +523,7 @@ static int get_ext_report(struct snp_guest_dev *snp_dev, struct snp_guest_reques * response payload. Make sure that it has enough space to cover the * authtag. */ - resp_len = sizeof(report_resp->data) + crypto->a_len; + resp_len = sizeof(report_resp->data) + snp_dev->ctx->authsize; report_resp = kzalloc(resp_len, GFP_KERNEL_ACCOUNT); if (!report_resp) return -ENOMEM; @@ -1147,8 +1048,8 @@ static int __init sev_guest_probe(struct platform_device *pdev) goto e_free_response; ret = -EIO; - snp_dev->crypto = init_crypto(snp_dev, snp_dev->vmpck, VMPCK_KEY_LEN); - if (!snp_dev->crypto) + snp_dev->ctx = snp_init_crypto(snp_dev->vmpck, VMPCK_KEY_LEN); + if (!snp_dev->ctx) goto e_free_cert_data; misc = &snp_dev->misc; @@ -1174,11 +1075,13 @@ static int __init sev_guest_probe(struct platform_device *pdev) ret = misc_register(misc); if (ret) - goto e_free_cert_data; + goto e_free_ctx; dev_info(dev, "Initialized SEV guest driver (using VMPCK%d communication key)\n", vmpck_id); return 0; +e_free_ctx: + kfree(snp_dev->ctx); e_free_cert_data: free_shared_pages(snp_dev->certs_data, SEV_FW_BLOB_MAX_SIZE); e_free_response: @@ -1197,7 +1100,7 @@ static void __exit sev_guest_remove(struct platform_device *pdev) free_shared_pages(snp_dev->certs_data, SEV_FW_BLOB_MAX_SIZE); free_shared_pages(snp_dev->response, sizeof(struct snp_guest_msg)); free_shared_pages(snp_dev->request, sizeof(struct snp_guest_msg)); - deinit_crypto(snp_dev->crypto); + kfree(snp_dev->ctx); misc_deregister(&snp_dev->misc); } diff --git a/drivers/virt/coco/sev-guest/Kconfig b/drivers/virt/coco/sev-guest/Kconfig index 1cffc72c41cb..0b772bd921d8 100644 --- a/drivers/virt/coco/sev-guest/Kconfig +++ b/drivers/virt/coco/sev-guest/Kconfig @@ -2,9 +2,7 @@ config SEV_GUEST tristate "AMD SEV Guest driver" default m depends on AMD_MEM_ENCRYPT - select CRYPTO - select CRYPTO_AEAD2 - select CRYPTO_GCM + select CRYPTO_LIB_AESGCM select TSM_REPORTS help SEV-SNP firmware provides the guest a mechanism to communicate with From patchwork Wed Oct 9 09:28:33 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Nikunj A. Dadhania" X-Patchwork-Id: 13827991 Received: from NAM02-BN1-obe.outbound.protection.outlook.com (mail-bn1nam02on2078.outbound.protection.outlook.com [40.107.212.78]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 77DC018CBF9; Wed, 9 Oct 2024 09:29:21 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=fail smtp.client-ip=40.107.212.78 ARC-Seal: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1728466165; cv=fail; b=NMq+iVcqe/cmSR5UPjLzDQqLn+ejshFJf3KXhyLTJTykKmiGwelfjk7ccs4EP6411OcbP8Oo10OE/OaBT8n1HyHyX5Y669vElmjO66S4Vg7ITvtDlYEBa94jZlGT1Mm21foUbrSg7aOfqeh2OUhvYTubHntuDmB824T2uhqG80Y= ARC-Message-Signature: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1728466165; c=relaxed/simple; bh=nvFwflWtEXBHBOepuefTE8W/XPlcOm1GopzdhrcCyJM=; h=From:To:CC:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=fUy5vquBEGFRceLMmTNin3Ptvno1rpFhHpw8kbPQP6BbO451zlvBYKVUcI359G/yUM9Fi3mpEwojmd6cNW29al4Z4ZR3hGjJ04n1q5cEiygYkfQNMvjB5ANqBWKCLp6sNWzJiNHCjFnP5mJA2AjNg04wJt2zQqHafy982u5FsUU= ARC-Authentication-Results: i=2; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com; spf=fail smtp.mailfrom=amd.com; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b=b+j7bGhS; arc=fail smtp.client-ip=40.107.212.78 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com Authentication-Results: smtp.subspace.kernel.org; spf=fail smtp.mailfrom=amd.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b="b+j7bGhS" ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=i7ByOmbRqOue2ur8MsNt3chlSQrSpFx+PSZWhB5Hhh3tUxtmJ7TamF+oE3RCtO2QB4GbkWR3+iBU7ssfe2F3KAJKuNhKPtGhJs4piXIicqKrlw3IZ57DLMOjcoHiQYaiPYo1qeMb23RuXV9oaR2P8mlipzKozNGMk5OGBR3XL0MP6ppM4E/BEwQHVg5Vjd/82ZevY6yNt/v9OgmoMgBO+r9DyRBeXErk3yFmu5CWCvF2m9/1SFG3cvlVGdiKrnmnX2LKmEgZuIB6RCbZCHJE30D59X+B3govLNL8TYyBo0JGeRk0T43heY9dLIx7nvKoRaIh+UjFoiG3+U0m5rvKpQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=3fYhzEuhBn6YEMIao7FDsD/MSmaCaFCHu501dahjc30=; b=rqFnu1njMChIVhVG9pMZ00wAv9AecVOW5jijzHvoNtyDYRa/t4ePK/FLSLLfgZ4yX3MLsXG2G3fcSUXK//Qa1YUnB6lHtg0WYfh/mqrH03O2V9xM0/EVbVHZepyuyOBnojX3V8tmFpQf4IEtfuE/y7fAmVuzEtISoenSQCXkSZLln4Zu0HA6P/sNouuANQGzgGJmlYiyQKio/Ylx0WNH3yDX16SIyBY1TWl0lwwnO+zhKKblgVyqzpDR/HFS7qkxVWdJgSDUHahyeyBXZ0yvDtqvVCZY7LFk8m/ZVTS5yHIlijA0sxTMI/66tX/WbecN4taKpsB1duLc1RsR0f6g8w== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none (0) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=3fYhzEuhBn6YEMIao7FDsD/MSmaCaFCHu501dahjc30=; b=b+j7bGhStFMc+y5WlVK5aofaA7u0YXLxPd5P5gp0hn1sGlHToZJOk4n0SBf7wIMuizKyb0EfwJmH8CZzMeLYiirHh69F6VXYLrpxVnm+rngkHpWXewm/MxKPNH7WpO52HtU7yFSnfTLWf0Kl4WrKuiwm32urcHuXDeEWouuD1MA= Received: from MN0P220CA0024.NAMP220.PROD.OUTLOOK.COM (2603:10b6:208:52e::18) by CH3PR12MB7571.namprd12.prod.outlook.com (2603:10b6:610:147::9) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.8048.16; Wed, 9 Oct 2024 09:29:18 +0000 Received: from BL02EPF00021F68.namprd02.prod.outlook.com (2603:10b6:208:52e:cafe::36) by MN0P220CA0024.outlook.office365.com (2603:10b6:208:52e::18) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.8048.17 via Frontend Transport; Wed, 9 Oct 2024 09:29:17 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by BL02EPF00021F68.mail.protection.outlook.com (10.167.249.4) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.8048.13 via Frontend Transport; Wed, 9 Oct 2024 09:29:17 +0000 Received: from gomati.amd.com (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.39; Wed, 9 Oct 2024 04:29:14 -0500 From: Nikunj A Dadhania To: , , , , CC: , , , , , , Subject: [PATCH v12 02/19] x86/sev: Handle failures from snp_init() Date: Wed, 9 Oct 2024 14:58:33 +0530 Message-ID: <20241009092850.197575-3-nikunj@amd.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20241009092850.197575-1-nikunj@amd.com> References: <20241009092850.197575-1-nikunj@amd.com> Precedence: bulk X-Mailing-List: kvm@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: BL02EPF00021F68:EE_|CH3PR12MB7571:EE_ X-MS-Office365-Filtering-Correlation-Id: be4ccdf3-07dc-4634-0c31-08dce844d93d X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0;ARA:13230040|1800799024|36860700013|7416014|376014|82310400026; X-Microsoft-Antispam-Message-Info: syjP6TuaOIFw8iireHXj4KrmF06yxx7mO1crb6KOzLjbOMLGEbziILjGcwqn47uH/rHIAdd4ZJ3dMF1Q8zQtMlpyscfYu1y26QK9c3700Fc0eOxzYXLdZZ0PtSRVGC/Cp9LOllrAFjSTiMSFoN75Mu6ZmEPNQ72VPvUzj/7Vfa43dRodlL9qMpwwwcTbRVoBj9AQYCgIxa8G7B04iKkOAif7929nLXvNvPl1ic8B2k6Oo8q2/GOcL8l0l/rVsWpSuf/XwyjPVYOkH6zMmSQkE+wRrCXQM9XGp6cd84H1hqyyfFu0pclcw8Mq0cR0u7tpdPyiyph+nkMQCPm74IPXBuTS5kBZt4RY6+NlQevnk+Gx9KI4w3s7iUFI2t7VaORVU5YFHXRisfMHqwNLFIcOoDuOe4ZA8e/MA4K6wH0aUg+Bk2q0Zn9pfLGtiz+AB1p1Jknly4aXrhau0uwguLjPkfeA+g8d+bKz9AZlxYb0uCGovBBCDmUgUoDPpxPW4GExkNuwGxTpmowMhefyv3mEE3h2ZrI995syzhzhTm3oAhRCKcxNIGf5BI2aGfKMVq9yETqn4Z35em704/zj1NCAJ6W3HhIgpFeMkkDnjIBwXTxtJcIH+o+3dDqlc7VPT1jJaol7OBInMxMhe2LUEAu/QCkpgmJS+h9V0cVMQmWc6sVIk4wFvBr+Y+/Xzut3igOsCb9p2FSxH63rPEIa0WEBbriHjUvoKjNraE7oQxHnzZpSrqL/jUxxKzz/Qf/3HYG7Vc59o0AjMA5B/+fKXJxyzdSptz7bS4BS2bfnRZRu+wUOzHU4dQ32kaLGcxl0G6ahcAL0bcGko7kN0oGAVgoijPFn/d6fVSZ+ij/SPTJlL8Q+rG1Occxs9kib/eg4XToNi4JRIn2mkYPbP683G2fSyIwusxk7mW2jGTnwjmFBYMNIkLn0BUsSxHX+u6nohjNHpCUMf4yFPSLNDqr0EayLchFN5MHovbmybDDv7QtIRkS1XM7I/LAHjg8N8UgFAZLuAU/Czvs4+YHUa3iUnHzBDOaVWeNghBtCePa6366qHCccna+rqFxZA7bt1temAprlNFaLrQEmSMPpw1dM5w8PF/YlOldXEVi2XhPl6qtHZlyf4n1FvKhL6u1uRijP3kU8gUvU3wISMXOCnVduDN9k+v+cl1rcNdqcKbbtbhemNw2yELGhW4whqCTiWIF1COumdTF2pF0OilFs5oVOo0iqOe6tVtWQDwRa9J2RQ9T6qPHrd3+9ctqxxMPFy6X33wysMLQWJiskMlvtfT8xMd29y3XN01kP1nfP2Xrugd/BWq/uho5gHCF9jfxLVTAZuM6SnExRMNqfdh6Q85ZxJmr857Ti4lHNLBjP8mAS9yyjehuqcxhj12nzIZDJNHW9+Jbg X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230040)(1800799024)(36860700013)(7416014)(376014)(82310400026);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 09 Oct 2024 09:29:17.9063 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: be4ccdf3-07dc-4634-0c31-08dce844d93d X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: BL02EPF00021F68.namprd02.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: CH3PR12MB7571 Address the ignored failures from snp_init() in sme_enable(). Add error handling for scenarios where snp_init() fails to retrieve the SEV-SNP CC blob or encounters issues while parsing the CC blob. Ensure that SNP guests will error out early, preventing delayed error reporting or undefined behavior. Signed-off-by: Nikunj A Dadhania Reviewed-by: Tom Lendacky --- arch/x86/mm/mem_encrypt_identity.c | 11 +++++++---- 1 file changed, 7 insertions(+), 4 deletions(-) diff --git a/arch/x86/mm/mem_encrypt_identity.c b/arch/x86/mm/mem_encrypt_identity.c index ac33b2263a43..e6c7686f443a 100644 --- a/arch/x86/mm/mem_encrypt_identity.c +++ b/arch/x86/mm/mem_encrypt_identity.c @@ -495,10 +495,10 @@ void __head sme_enable(struct boot_params *bp) unsigned int eax, ebx, ecx, edx; unsigned long feature_mask; unsigned long me_mask; - bool snp; + bool snp_en; u64 msr; - snp = snp_init(bp); + snp_en = snp_init(bp); /* Check for the SME/SEV support leaf */ eax = 0x80000000; @@ -531,8 +531,11 @@ void __head sme_enable(struct boot_params *bp) RIP_REL_REF(sev_status) = msr = __rdmsr(MSR_AMD64_SEV); feature_mask = (msr & MSR_AMD64_SEV_ENABLED) ? AMD_SEV_BIT : AMD_SME_BIT; - /* The SEV-SNP CC blob should never be present unless SEV-SNP is enabled. */ - if (snp && !(msr & MSR_AMD64_SEV_SNP_ENABLED)) + /* + * Any discrepancies between the presence of a CC blob and SNP + * enablement abort the guest. + */ + if (snp_en ^ !!(msr & MSR_AMD64_SEV_SNP_ENABLED)) snp_abort(); /* Check if memory encryption is enabled */ From patchwork Wed Oct 9 09:28:34 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Nikunj A. Dadhania" X-Patchwork-Id: 13827992 Received: from NAM10-BN7-obe.outbound.protection.outlook.com (mail-bn7nam10on2072.outbound.protection.outlook.com [40.107.92.72]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id C3C3D18A92C; Wed, 9 Oct 2024 09:29:24 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=fail smtp.client-ip=40.107.92.72 ARC-Seal: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1728466166; cv=fail; b=qlq/Q3jCSJ2RQsN8y8xCihf7oFMAq8g8AxqwCVW9i10wYs+9+uBnmwvso3dHjV5prpUWcruEcGNR/YZ9UAvrNhvn0/oZngMyQCvES5GG5Pi2vxD7z0Q6/JZmizMl22qoSKoiQOWxEFnHzl/+qUhpZ1QT+jXXKH49nT0QeHMuNcc= ARC-Message-Signature: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1728466166; c=relaxed/simple; bh=DSfxiI2nikeGJTAxShGmB6N/UCJ/9SYh3h7DOlVuTfA=; h=From:To:CC:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=ZB6cTaGPpWHxBAtJ5eJ1FxOjlAVkr5g7VLS64f8EE66ssDiK6SUZ6YvZupnm17oIMNb00a2xrXUesKRaZJrgGZL4R4aerCBr3DppiYH+EHFpByItaQVigN/NkDckKaA+DvEzisBCJeN36wddv4+Jb/p0lJGu/Dnvhz6/Fy1dwsc= ARC-Authentication-Results: i=2; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com; spf=fail smtp.mailfrom=amd.com; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b=EjBCO4lh; arc=fail smtp.client-ip=40.107.92.72 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com Authentication-Results: smtp.subspace.kernel.org; spf=fail smtp.mailfrom=amd.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b="EjBCO4lh" ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=lm+6k6EWfdMp4fVyE77o4DLkQYv20SH8KS7CMWAluz5J49CJtgAgdnbySZLuF5AWAUOr55TX0XelyVYDDBvNW9XxJXtyLXNmBQwNK/TKBP+CxAatW6lJWreE1d6rX/6U2zjhf/SJcFC8uXdeflIvgz1Q/fBVLUdJPwGgwQPwj1/jWOJXe6rYBztBW0DisX1QiLrgponv4Ak/H1Tp6lKPH/rAQOoasxOzUt0GwRRrIcJSF2Rqq6QOKP/fIYcU9CF45LIh5XWYTD8JrhQUvayvBZima63UCzLP7Gr5DdLxSHKT3L8OhXcsb7MuZB6GUp2Z6V+c/xGs5X2ALcdxKR/nBA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=d9SshTo6Lgdv1RfGyLJZNgzQSlTVoH5shPVaS/HcIHM=; b=xVIwiICOg9bDXuBkqOPzAvGedf+FUQWKY5GWZrLr3RNXBBnX+ZG8QdsXN9izvUAT0/0AZYpcW8X6utnLRvg2Zb+diJt0APwZUuB5nQ+GNyy6eSMdXsTGIlf9rp/2SsnUr/cm8Qaj/PuUdooyftkqO3KHE5jcWkq26Q9JBt45P+i/azNeatXzzYHyqbOe0xnG/uj7sjzQbr+SNJ3LWX6NNNJxowI3fZvtLqgYS2eqQaCGSNKx7N6tOSxuhJkdkcUn6sv6EQeh9NSaaYonXMuL9gZdLwPPFIzNMCJ8jIy3oXLwbVraEGVVt+4nn9Vcz8TY+WGV1jV56kOjJZWrgxpy4w== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none (0) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=d9SshTo6Lgdv1RfGyLJZNgzQSlTVoH5shPVaS/HcIHM=; b=EjBCO4lhY7ZVDcNoNZrWeh2VuCbwb3DMHCqGhft6toipi9j6r4nVULeh+X637RWhkNiMuvpdJoi26tizMiy3vdXw9qqOnCKpommWvN4OYct1XApSJFrZlSx1iGQgHoS+acs9lSscmBlPi39f5z2xxDYPVyY7uBL3UAgSxeschyg= Received: from BLAPR05CA0040.namprd05.prod.outlook.com (2603:10b6:208:335::21) by SA3PR12MB9091.namprd12.prod.outlook.com (2603:10b6:806:395::10) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.8048.16; Wed, 9 Oct 2024 09:29:21 +0000 Received: from BL02EPF00021F6D.namprd02.prod.outlook.com (2603:10b6:208:335:cafe::57) by BLAPR05CA0040.outlook.office365.com (2603:10b6:208:335::21) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.8048.17 via Frontend Transport; Wed, 9 Oct 2024 09:29:21 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by BL02EPF00021F6D.mail.protection.outlook.com (10.167.249.9) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.8048.13 via Frontend Transport; Wed, 9 Oct 2024 09:29:21 +0000 Received: from gomati.amd.com (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.39; Wed, 9 Oct 2024 04:29:17 -0500 From: Nikunj A Dadhania To: , , , , CC: , , , , , , Subject: [PATCH v12 03/19] x86/sev: Cache the secrets page address Date: Wed, 9 Oct 2024 14:58:34 +0530 Message-ID: <20241009092850.197575-4-nikunj@amd.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20241009092850.197575-1-nikunj@amd.com> References: <20241009092850.197575-1-nikunj@amd.com> Precedence: bulk X-Mailing-List: kvm@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: BL02EPF00021F6D:EE_|SA3PR12MB9091:EE_ X-MS-Office365-Filtering-Correlation-Id: fed8f367-be6d-4a61-1301-08dce844db5b X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0;ARA:13230040|82310400026|7416014|376014|1800799024|36860700013; X-Microsoft-Antispam-Message-Info: 5m4AnHZd5Y22moe0cpvvTqnnUYWEUppsDbSJiAU6Y/ivNfshliCbnwtE9dhBUUA4OnDdaM20wyB6DLXCXwbBcvz5ksnHi9xG0zdlLJWyCWarQq6iAXK8WRb/TQH5vhceBt17ndTvpExbbQpab5Ln4OjeX7f2CaezB8KV6/Gk3ivl2FiOXYbCMJiKrKaeYvAQnQaS2+eUcmG9Tg4+y34DdysqYSuaop0gp3boCA9knj7T5y3Um3uu5EmCtKEGoT1PF5yu8p+OAhVsXWpBZxCp5BozeF6gIi6/GsGBIA/w9WY7uolvLb+V8SUifH4W6LRgeM3OTV0W5QWHioSvD9J0GGXjbbNkoyAfqpwFBykk6ERS7z/L0RPMN1Db0lEm5pP1+fBos6WsvXyU+r3zyLMC8GWMkFDLLvWN0SUQkcIC/iqOtomCpLHk9/w/YXtRpTOtyKeazvyj00zY0aSNPtpV/Hzq539S80b3oiyrk/fcMgf5AUehs4vubWCBN+ZN/GcxJIAfEjH9pGDSmZWrJgIMXI9Ec2XoznOTd5gChLC7wiDimnho5sKdPJ7OGXa0q+EvBVMwB6H4XK3/IkpVOA83Hu8pPS17iDj7YjMBqisLtBWhr3iPZ/8QyHXiSZVCsZe952vJ/OpUXFZU5ANy0BZuk3zPxZunpLmDUDke8YaFY1dNVwtiVJp6BqxjTuYWgeCKhNFqt4zrM2AHh8MovQmo5APVW/hsX5BvuWNdS+daiVjZSdCYCJ2ZcP5mypL6Ob1qfP5/vy3SX6NNeQgZNWvhQ52GSTX8/vHDEVlfpLmShUbs3bLfDyF3rfZnz99MTWE0GyN3KE/AP5lsO6aOsEOo5gAZyq7P8KiejXImppqj1YPoFZ6MGULMaCtp8bzugitVi8kgErg4UPlFa/OmkjVe/udSno57FJPumFDZZhGHPMcjGnApkrVSlvSVAk5j5ACrgGWZXEu3kLA3CTQ1Mr1LSv5Ar/D+cxh5dU0IVBQGsWpefMONCn16BbiUUVHysFXysM0UMRvfUhjs1Kk8wFdDlkFXcIbyTldhfAO4f5WfELpaC/7rqKvKUFTsSiOHUE11c1IihEVgtfJ4G6akudfiprKxZVCEKjmK2KcCrCR8PGB/m/W+8i7nbUGfQnKCVNGQbEnFJkS2bJALybjD4r/hMUAKEDvhVgqUewf2HzjkH9QLRHV1gp1azLTQTX6sYJTM6wXt4pfLAv+LDSJkDt31Byn2+oB0cuiLZmtUjXIG8tek7CpeiBjjabBzgS3tk6dclUBP6x3q+QXANVgjfU7jeaEquXSGA7Vm/fhOYdNBiGFHdXFD2YbGfr1jfRy7vDpLRhJmNzXK+A77m36HE33WDQelxf/M3Fb7RfNqtXHPacgQMfHFm3OEMpivPTuQ4Pj9 X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230040)(82310400026)(7416014)(376014)(1800799024)(36860700013);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 09 Oct 2024 09:29:21.4585 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: fed8f367-be6d-4a61-1301-08dce844db5b X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: BL02EPF00021F6D.namprd02.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: SA3PR12MB9091 Instead of calling get_secrets_page(), which parses the CC blob every time to get the secrets page physical address (secrets_pa), save the secrets page physical address during snp_init() from the CC blob. Since get_secrets_page() is no longer used, remove the function. Signed-off-by: Nikunj A Dadhania Reviewed-by: Tom Lendacky --- arch/x86/coco/sev/core.c | 51 +++++++++------------------------------- 1 file changed, 11 insertions(+), 40 deletions(-) diff --git a/arch/x86/coco/sev/core.c b/arch/x86/coco/sev/core.c index de1df0cb45da..1b0facfe658b 100644 --- a/arch/x86/coco/sev/core.c +++ b/arch/x86/coco/sev/core.c @@ -92,6 +92,9 @@ static struct ghcb *boot_ghcb __section(".data"); /* Bitmap of SEV features supported by the hypervisor */ static u64 sev_hv_features __ro_after_init; +/* Secrets page physical address from the CC blob */ +static u64 secrets_pa __ro_after_init; + /* #VC handler runtime per-CPU data */ struct sev_es_runtime_data { struct ghcb ghcb_page; @@ -722,45 +725,13 @@ void noinstr __sev_es_nmi_complete(void) __sev_put_ghcb(&state); } -static u64 __init get_secrets_page(void) -{ - u64 pa_data = boot_params.cc_blob_address; - struct cc_blob_sev_info info; - void *map; - - /* - * The CC blob contains the address of the secrets page, check if the - * blob is present. - */ - if (!pa_data) - return 0; - - map = early_memremap(pa_data, sizeof(info)); - if (!map) { - pr_err("Unable to locate SNP secrets page: failed to map the Confidential Computing blob.\n"); - return 0; - } - memcpy(&info, map, sizeof(info)); - early_memunmap(map, sizeof(info)); - - /* smoke-test the secrets page passed */ - if (!info.secrets_phys || info.secrets_len != PAGE_SIZE) - return 0; - - return info.secrets_phys; -} - static u64 __init get_snp_jump_table_addr(void) { struct snp_secrets_page *secrets; void __iomem *mem; - u64 pa, addr; - - pa = get_secrets_page(); - if (!pa) - return 0; + u64 addr; - mem = ioremap_encrypted(pa, PAGE_SIZE); + mem = ioremap_encrypted(secrets_pa, PAGE_SIZE); if (!mem) { pr_err("Unable to locate AP jump table address: failed to map the SNP secrets page.\n"); return 0; @@ -2300,6 +2271,11 @@ bool __head snp_init(struct boot_params *bp) if (!cc_info) return false; + if (cc_info->secrets_phys && cc_info->secrets_len == PAGE_SIZE) + secrets_pa = cc_info->secrets_phys; + else + return false; + setup_cpuid_table(cc_info); svsm_setup(cc_info); @@ -2513,16 +2489,11 @@ static struct platform_device sev_guest_device = { static int __init snp_init_platform_device(void) { struct sev_guest_platform_data data; - u64 gpa; if (!cc_platform_has(CC_ATTR_GUEST_SEV_SNP)) return -ENODEV; - gpa = get_secrets_page(); - if (!gpa) - return -ENODEV; - - data.secrets_gpa = gpa; + data.secrets_gpa = secrets_pa; if (platform_device_add_data(&sev_guest_device, &data, sizeof(data))) return -ENODEV; From patchwork Wed Oct 9 09:28:35 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Nikunj A. Dadhania" X-Patchwork-Id: 13827993 Received: from NAM10-BN7-obe.outbound.protection.outlook.com (mail-bn7nam10on2063.outbound.protection.outlook.com [40.107.92.63]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id E44D518E75F; Wed, 9 Oct 2024 09:29:28 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=fail smtp.client-ip=40.107.92.63 ARC-Seal: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1728466170; cv=fail; b=t+g/Kz0d60oNE/wfG0n5G1h10Z5bnW9e6IUzgVfl70AniCr+3SbzRLqwAqswBjGrj3KcmPoP8XaCdoce4EivGXmmEvZ5ro3k53od7bwJVWemW6MCElAcoOGqTGBO23xJniXiEzGEMk6ilUl2YX15rOu40EhK+ExsjzDMryeeqxs= ARC-Message-Signature: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1728466170; c=relaxed/simple; bh=6g/dWL2kPRS4YcNAGWc5ZX5rWQWDb+DYofTAKO1x0MU=; h=From:To:CC:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=vEHCbfkuztUEEwAS+lczuHM0l8S8RACqaTLj7e014iprscz7hNDBrHLeqfkS8hr/YylQq/MAu/DgIMHfd9euIfklG/rMVGt/ODKuQnzhWw6fQB3WFVoh/Z9kb8lZuRzyxVH4hF8rtmHuODXP0L/5AcHPH3WDI+6GDgkFr45G7eg= ARC-Authentication-Results: i=2; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com; spf=fail smtp.mailfrom=amd.com; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b=JYr3+w+P; arc=fail smtp.client-ip=40.107.92.63 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com Authentication-Results: smtp.subspace.kernel.org; spf=fail smtp.mailfrom=amd.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b="JYr3+w+P" ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=QjOxrhXRRp2hRof1+TH5KIXs9o6fQRZJxnv4zpuq6CQKnt2vycH3GctqVLHFvWGwGHLzx2t6V+IbOQWquifhwS+6vFb/IEL9e28HezX64jXsxcCbvT/iXeLf3DG9lkVzkFNCp0CiBi1tHXJZNIVqCTzH4oCjsm2bvhwMG61WJtHqoAvLJnHAWiZKnzG8pyvhq8/9qkX/7yQ5yBKKtaE1tCXX5aNA2/gghfhGWrqz4H/JoRFP9NXJr5PrtGZVw5UB8itKt/5HIoA4vmJ4jxGQqHdlLsvpEix32mo7DR0N4H2q+J4YBT9Y47evTdWM3UDy7QX6dFPcQmmEdwKhEHS1rg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=cRu+bF09kp2DIEK4pQB0SZAwGukPN/Lvg7ZHWM2cycw=; b=zI5UKu2Jusjam07IgOjn5GqgX3wvBgXRP6/ZCNXTJIFVdtQw87kYbMtsDJsXiA0XV3nzJHxYSO+8NRgfwALInl91DoT6G5Kt66ti76ai4Y1N4ef5+bMRZ6XHvfNREoYxFF6Cj4p7/tGCEQzIqgD/3wWgNEM/tIOFKBqHWb9My/ugHsfhXY2Yt3mJboZ7cFVJwCGq+0GEiV1rphOzZBWdxF9ACsRChrWGRvhi7Lkb9xiGZMN3B8etyyykmqbFcTrRVn7/rZqlAI82xxdKZBW37zJrNeKyis4Sv2acrg2XK1p/4Tgv4fsU0r3uiYXtGKHJ67GmHJ7c/Y+xbZ11b8aWkQ== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none (0) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=cRu+bF09kp2DIEK4pQB0SZAwGukPN/Lvg7ZHWM2cycw=; b=JYr3+w+PELzP4e2qau0ABUd8dDS338nomAEeR5C5XJ4n/WZsIl/57grrVekrEasvfQsabCS3YqP5fpkTlaKfp0BkWVCvCIVYsgLu1izwLPT2fMQcPtbo+q+Xg56gxlGvUYYcNlCzFW6CVp36Kt9C/37/8kUMHdMIrP59aA2V6hI= Received: from BN9PR03CA0109.namprd03.prod.outlook.com (2603:10b6:408:fd::24) by SN7PR12MB6887.namprd12.prod.outlook.com (2603:10b6:806:261::12) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.8048.16; Wed, 9 Oct 2024 09:29:25 +0000 Received: from BL02EPF00021F6E.namprd02.prod.outlook.com (2603:10b6:408:fd:cafe::71) by BN9PR03CA0109.outlook.office365.com (2603:10b6:408:fd::24) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.8048.18 via Frontend Transport; Wed, 9 Oct 2024 09:29:25 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by BL02EPF00021F6E.mail.protection.outlook.com (10.167.249.10) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.8048.13 via Frontend Transport; Wed, 9 Oct 2024 09:29:25 +0000 Received: from gomati.amd.com (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.39; Wed, 9 Oct 2024 04:29:21 -0500 From: Nikunj A Dadhania To: , , , , CC: , , , , , , Subject: [PATCH v12 04/19] virt: sev-guest: Consolidate SNP guest messaging parameters to a struct Date: Wed, 9 Oct 2024 14:58:35 +0530 Message-ID: <20241009092850.197575-5-nikunj@amd.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20241009092850.197575-1-nikunj@amd.com> References: <20241009092850.197575-1-nikunj@amd.com> Precedence: bulk X-Mailing-List: kvm@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: BL02EPF00021F6E:EE_|SN7PR12MB6887:EE_ X-MS-Office365-Filtering-Correlation-Id: ab4d0735-e3d3-46fd-2ccd-08dce844dd96 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0;ARA:13230040|376014|7416014|36860700013|82310400026|1800799024; X-Microsoft-Antispam-Message-Info: GuxN8Ozxx/ksH4qQbuc/A95J6BEux6wiZ1FYBO6F4s+HS2pTAnzEbfhU9LRX3s4qif4usjVk5vnHPnf4Jabn5btQxnG/g1deZthpSe4GgqyBFJriiNq51nXdYwcutE1JXa9dlecwjF5MfB7ZRjfK/Q5HkhIeSny3+RJWpO+7WyQqn6FrrFqHY2ZcvbXg5/IG3diMEjWeSZXs9fLZwUaj4IszMHRITKFPAdNlyMw0+qV12TGjSWaHOpNJ9P2VmVecYL/A5clmu7pL46eUqg0dBKll661idDsE6Jf+RcL56q2qVHkzCSLEztcy3rq1s+bhmSYUYB1MytgJ1yjd3ZDJBsmD3KBjp2LW3/JdDam9qwe/UocqO00lW7hITK8Gy1gQr9QeCK6OIKA6e5HXS32RuUhg2CTB2q4OQaNmqI+hLBu4HUrd9whhco1FgVR3boGPtUS5l+oZT1fkchKpbbUCW4Nk8Q7KU9JpCZeILe5BJoF8kg5htrvuWMzwkzkQpRaU2z/a/gxcXXddyKC/nQO6DCWZcoRoh19NSr0lp2Y23mWbxY0INh5P34bGuyi0Ift9OgA7v06gvXO4lFKIIq0JnijU5YXBsFssdT8jMRE6VkRdMPJy3xC/vYv/ISpKjDomP0btr18lTaXqpJ8u851Y6Oc+j27Q8V49fDp+FpnbgUKa5FCVfI+jlBAG4yIK4vkgpO3Dx+qd5LGGh7CwFYmUo9cW1LUPAfLJZr/riMsMawmz3P/XjHoiBQe/YXR+XsIhV6O3wcgp8/DH4OU8zXjPkLKPYK1r6v0R9Bh1Zg31og9y/U/DRMsD7iaNgcWXE7mHRJLW4CO6af1O43kTFIFoQNVtGlCxnYZ2U2VILJ2CijYkIrqQt7TnrhOnyEE2nMYQ2XhDEC3Ztfj/H+orMk1O21ENFbv2yioV95+t7zPzYd+JpA+vhiYL1HqYBAMo1XJCphkabFS1iJe58sqtni3+jPKiShy1zXPdowfKpYB5+4hlmvWo2vbpZz7hQZB5QbW3ZAlV+vtgSYV0P4kyTmxS6GZCNWjq3H8xnJRziYvzMioo6r9S67qiPf06R7qQS9JkLejtfCHoxmOrrM9D2aFvXz0wA9mT8GG5ZE4NuhaKoes/OEKvgBh2L3pSWtF0kMJZKH9gm6gDigsYuyLWqO5Gje8P2jywa7yR5kGAlgGqekZXzGOfOaAG1yaCMU5cIwobEsrET4+nQ6/RgcaKKeMMWcxKvFZ3VFBDKaBi0or+/22mG1JAX9tDIR1u2FWyk1LWdE5xwO1kTmIHEJ3M4zGIQAJ4Z7FOr25A4ErSA/iuhXu3STmNtyyTR014IQKfPi/WXZ2qZhAGupTd+oJ2CAGLcs9X3Nhemgkir4CdZJZ6M8qiRgjJ5ImzsAfXGprp9u9A X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230040)(376014)(7416014)(36860700013)(82310400026)(1800799024);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 09 Oct 2024 09:29:25.2169 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: ab4d0735-e3d3-46fd-2ccd-08dce844dd96 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: BL02EPF00021F6E.namprd02.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: SN7PR12MB6887 Add a snp_guest_req structure to eliminate the need to pass a long list of parameters. This structure will be used to call the SNP Guest message request API, simplifying the function arguments. Update the snp_issue_guest_request() prototype to include the new guest request structure. Signed-off-by: Nikunj A Dadhania Reviewed-by: Tom Lendacky --- arch/x86/include/asm/sev.h | 19 +++++- arch/x86/coco/sev/core.c | 9 +-- drivers/virt/coco/sev-guest/sev-guest.c | 84 ++++++++++++++++--------- 3 files changed, 76 insertions(+), 36 deletions(-) diff --git a/arch/x86/include/asm/sev.h b/arch/x86/include/asm/sev.h index e7977f76d77e..27fa1c9c3465 100644 --- a/arch/x86/include/asm/sev.h +++ b/arch/x86/include/asm/sev.h @@ -174,6 +174,19 @@ struct sev_guest_platform_data { u64 secrets_gpa; }; +struct snp_guest_req { + void *req_buf; + size_t req_sz; + + void *resp_buf; + size_t resp_sz; + + u64 exit_code; + unsigned int vmpck_id; + u8 msg_version; + u8 msg_type; +}; + /* * The secrets page contains 96-bytes of reserved field that can be used by * the guest OS. The guest OS uses the area to save the message sequence @@ -395,7 +408,8 @@ void snp_set_wakeup_secondary_cpu(void); bool snp_init(struct boot_params *bp); void __noreturn snp_abort(void); void snp_dmi_setup(void); -int snp_issue_guest_request(u64 exit_code, struct snp_req_data *input, struct snp_guest_request_ioctl *rio); +int snp_issue_guest_request(struct snp_guest_req *req, struct snp_req_data *input, + struct snp_guest_request_ioctl *rio); int snp_issue_svsm_attest_req(u64 call_id, struct svsm_call *call, struct svsm_attest_call *input); void snp_accept_memory(phys_addr_t start, phys_addr_t end); u64 snp_get_unsupported_features(u64 status); @@ -425,7 +439,8 @@ static inline void snp_set_wakeup_secondary_cpu(void) { } static inline bool snp_init(struct boot_params *bp) { return false; } static inline void snp_abort(void) { } static inline void snp_dmi_setup(void) { } -static inline int snp_issue_guest_request(u64 exit_code, struct snp_req_data *input, struct snp_guest_request_ioctl *rio) +static inline int snp_issue_guest_request(struct snp_guest_req *req, struct snp_req_data *input, + struct snp_guest_request_ioctl *rio) { return -ENOTTY; } diff --git a/arch/x86/coco/sev/core.c b/arch/x86/coco/sev/core.c index 1b0facfe658b..f40a2df38a84 100644 --- a/arch/x86/coco/sev/core.c +++ b/arch/x86/coco/sev/core.c @@ -2417,7 +2417,8 @@ int snp_issue_svsm_attest_req(u64 call_id, struct svsm_call *call, } EXPORT_SYMBOL_GPL(snp_issue_svsm_attest_req); -int snp_issue_guest_request(u64 exit_code, struct snp_req_data *input, struct snp_guest_request_ioctl *rio) +int snp_issue_guest_request(struct snp_guest_req *req, struct snp_req_data *input, + struct snp_guest_request_ioctl *rio) { struct ghcb_state state; struct es_em_ctxt ctxt; @@ -2441,12 +2442,12 @@ int snp_issue_guest_request(u64 exit_code, struct snp_req_data *input, struct sn vc_ghcb_invalidate(ghcb); - if (exit_code == SVM_VMGEXIT_EXT_GUEST_REQUEST) { + if (req->exit_code == SVM_VMGEXIT_EXT_GUEST_REQUEST) { ghcb_set_rax(ghcb, input->data_gpa); ghcb_set_rbx(ghcb, input->data_npages); } - ret = sev_es_ghcb_hv_call(ghcb, &ctxt, exit_code, input->req_gpa, input->resp_gpa); + ret = sev_es_ghcb_hv_call(ghcb, &ctxt, req->exit_code, input->req_gpa, input->resp_gpa); if (ret) goto e_put; @@ -2461,7 +2462,7 @@ int snp_issue_guest_request(u64 exit_code, struct snp_req_data *input, struct sn case SNP_GUEST_VMM_ERR(SNP_GUEST_VMM_ERR_INVALID_LEN): /* Number of expected pages are returned in RBX */ - if (exit_code == SVM_VMGEXIT_EXT_GUEST_REQUEST) { + if (req->exit_code == SVM_VMGEXIT_EXT_GUEST_REQUEST) { input->data_npages = ghcb_get_rbx(ghcb); ret = -ENOSPC; break; diff --git a/drivers/virt/coco/sev-guest/sev-guest.c b/drivers/virt/coco/sev-guest/sev-guest.c index a33daff516ed..2a1b542168b1 100644 --- a/drivers/virt/coco/sev-guest/sev-guest.c +++ b/drivers/virt/coco/sev-guest/sev-guest.c @@ -177,7 +177,7 @@ static struct aesgcm_ctx *snp_init_crypto(u8 *key, size_t keylen) return ctx; } -static int verify_and_dec_payload(struct snp_guest_dev *snp_dev, void *payload, u32 sz) +static int verify_and_dec_payload(struct snp_guest_dev *snp_dev, struct snp_guest_req *req) { struct snp_guest_msg *resp_msg = &snp_dev->secret_response; struct snp_guest_msg *req_msg = &snp_dev->secret_request; @@ -206,20 +206,19 @@ static int verify_and_dec_payload(struct snp_guest_dev *snp_dev, void *payload, * If the message size is greater than our buffer length then return * an error. */ - if (unlikely((resp_msg_hdr->msg_sz + ctx->authsize) > sz)) + if (unlikely((resp_msg_hdr->msg_sz + ctx->authsize) > req->resp_sz)) return -EBADMSG; /* Decrypt the payload */ memcpy(iv, &resp_msg_hdr->msg_seqno, min(sizeof(iv), sizeof(resp_msg_hdr->msg_seqno))); - if (!aesgcm_decrypt(ctx, payload, resp_msg->payload, resp_msg_hdr->msg_sz, + if (!aesgcm_decrypt(ctx, req->resp_buf, resp_msg->payload, resp_msg_hdr->msg_sz, &resp_msg_hdr->algo, AAD_LEN, iv, resp_msg_hdr->authtag)) return -EBADMSG; return 0; } -static int enc_payload(struct snp_guest_dev *snp_dev, u64 seqno, int version, u8 type, - void *payload, size_t sz) +static int enc_payload(struct snp_guest_dev *snp_dev, u64 seqno, struct snp_guest_req *req) { struct snp_guest_msg *msg = &snp_dev->secret_request; struct snp_guest_msg_hdr *hdr = &msg->hdr; @@ -231,11 +230,11 @@ static int enc_payload(struct snp_guest_dev *snp_dev, u64 seqno, int version, u8 hdr->algo = SNP_AEAD_AES_256_GCM; hdr->hdr_version = MSG_HDR_VER; hdr->hdr_sz = sizeof(*hdr); - hdr->msg_type = type; - hdr->msg_version = version; + hdr->msg_type = req->msg_type; + hdr->msg_version = req->msg_version; hdr->msg_seqno = seqno; - hdr->msg_vmpck = vmpck_id; - hdr->msg_sz = sz; + hdr->msg_vmpck = req->vmpck_id; + hdr->msg_sz = req->req_sz; /* Verify the sequence number is non-zero */ if (!hdr->msg_seqno) @@ -244,17 +243,17 @@ static int enc_payload(struct snp_guest_dev *snp_dev, u64 seqno, int version, u8 pr_debug("request [seqno %lld type %d version %d sz %d]\n", hdr->msg_seqno, hdr->msg_type, hdr->msg_version, hdr->msg_sz); - if (WARN_ON((sz + ctx->authsize) > sizeof(msg->payload))) + if (WARN_ON((req->req_sz + ctx->authsize) > sizeof(msg->payload))) return -EBADMSG; memcpy(iv, &hdr->msg_seqno, min(sizeof(iv), sizeof(hdr->msg_seqno))); - aesgcm_encrypt(ctx, msg->payload, payload, sz, &hdr->algo, AAD_LEN, - iv, hdr->authtag); + aesgcm_encrypt(ctx, msg->payload, req->req_buf, req->req_sz, &hdr->algo, + AAD_LEN, iv, hdr->authtag); return 0; } -static int __handle_guest_request(struct snp_guest_dev *snp_dev, u64 exit_code, +static int __handle_guest_request(struct snp_guest_dev *snp_dev, struct snp_guest_req *req, struct snp_guest_request_ioctl *rio) { unsigned long req_start = jiffies; @@ -269,7 +268,7 @@ static int __handle_guest_request(struct snp_guest_dev *snp_dev, u64 exit_code, * sequence number must be incremented or the VMPCK must be deleted to * prevent reuse of the IV. */ - rc = snp_issue_guest_request(exit_code, &snp_dev->input, rio); + rc = snp_issue_guest_request(req, &snp_dev->input, rio); switch (rc) { case -ENOSPC: /* @@ -280,7 +279,7 @@ static int __handle_guest_request(struct snp_guest_dev *snp_dev, u64 exit_code, * IV reuse. */ override_npages = snp_dev->input.data_npages; - exit_code = SVM_VMGEXIT_GUEST_REQUEST; + req->exit_code = SVM_VMGEXIT_GUEST_REQUEST; /* * Override the error to inform callers the given extended @@ -340,10 +339,8 @@ static int __handle_guest_request(struct snp_guest_dev *snp_dev, u64 exit_code, return rc; } -static int handle_guest_request(struct snp_guest_dev *snp_dev, u64 exit_code, - struct snp_guest_request_ioctl *rio, u8 type, - void *req_buf, size_t req_sz, void *resp_buf, - u32 resp_sz) +static int snp_send_guest_request(struct snp_guest_dev *snp_dev, struct snp_guest_req *req, + struct snp_guest_request_ioctl *rio) { u64 seqno; int rc; @@ -357,7 +354,7 @@ static int handle_guest_request(struct snp_guest_dev *snp_dev, u64 exit_code, memset(snp_dev->response, 0, sizeof(struct snp_guest_msg)); /* Encrypt the userspace provided payload in snp_dev->secret_request. */ - rc = enc_payload(snp_dev, seqno, rio->msg_version, type, req_buf, req_sz); + rc = enc_payload(snp_dev, seqno, req); if (rc) return rc; @@ -368,7 +365,7 @@ static int handle_guest_request(struct snp_guest_dev *snp_dev, u64 exit_code, memcpy(snp_dev->request, &snp_dev->secret_request, sizeof(snp_dev->secret_request)); - rc = __handle_guest_request(snp_dev, exit_code, rio); + rc = __handle_guest_request(snp_dev, req, rio); if (rc) { if (rc == -EIO && rio->exitinfo2 == SNP_GUEST_VMM_ERR(SNP_GUEST_VMM_ERR_INVALID_LEN)) @@ -382,7 +379,7 @@ static int handle_guest_request(struct snp_guest_dev *snp_dev, u64 exit_code, return rc; } - rc = verify_and_dec_payload(snp_dev, resp_buf, resp_sz); + rc = verify_and_dec_payload(snp_dev, req); if (rc) { dev_alert(snp_dev->dev, "Detected unexpected decode failure from ASP. rc: %d\n", rc); snp_disable_vmpck(snp_dev); @@ -401,6 +398,7 @@ static int get_report(struct snp_guest_dev *snp_dev, struct snp_guest_request_io { struct snp_report_req *report_req = &snp_dev->req.report; struct snp_report_resp *report_resp; + struct snp_guest_req req = {}; int rc, resp_len; lockdep_assert_held(&snp_cmd_mutex); @@ -421,8 +419,16 @@ static int get_report(struct snp_guest_dev *snp_dev, struct snp_guest_request_io if (!report_resp) return -ENOMEM; - rc = handle_guest_request(snp_dev, SVM_VMGEXIT_GUEST_REQUEST, arg, SNP_MSG_REPORT_REQ, - report_req, sizeof(*report_req), report_resp->data, resp_len); + req.msg_version = arg->msg_version; + req.msg_type = SNP_MSG_REPORT_REQ; + req.vmpck_id = vmpck_id; + req.req_buf = report_req; + req.req_sz = sizeof(*report_req); + req.resp_buf = report_resp->data; + req.resp_sz = resp_len; + req.exit_code = SVM_VMGEXIT_GUEST_REQUEST; + + rc = snp_send_guest_request(snp_dev, &req, arg); if (rc) goto e_free; @@ -438,6 +444,7 @@ static int get_derived_key(struct snp_guest_dev *snp_dev, struct snp_guest_reque { struct snp_derived_key_req *derived_key_req = &snp_dev->req.derived_key; struct snp_derived_key_resp derived_key_resp = {0}; + struct snp_guest_req req = {}; int rc, resp_len; /* Response data is 64 bytes and max authsize for GCM is 16 bytes. */ u8 buf[64 + 16]; @@ -460,8 +467,16 @@ static int get_derived_key(struct snp_guest_dev *snp_dev, struct snp_guest_reque sizeof(*derived_key_req))) return -EFAULT; - rc = handle_guest_request(snp_dev, SVM_VMGEXIT_GUEST_REQUEST, arg, SNP_MSG_KEY_REQ, - derived_key_req, sizeof(*derived_key_req), buf, resp_len); + req.msg_version = arg->msg_version; + req.msg_type = SNP_MSG_KEY_REQ; + req.vmpck_id = vmpck_id; + req.req_buf = derived_key_req; + req.req_sz = sizeof(*derived_key_req); + req.resp_buf = buf; + req.resp_sz = resp_len; + req.exit_code = SVM_VMGEXIT_GUEST_REQUEST; + + rc = snp_send_guest_request(snp_dev, &req, arg); if (rc) return rc; @@ -482,6 +497,7 @@ static int get_ext_report(struct snp_guest_dev *snp_dev, struct snp_guest_reques { struct snp_ext_report_req *report_req = &snp_dev->req.ext_report; struct snp_report_resp *report_resp; + struct snp_guest_req req = {}; int ret, npages = 0, resp_len; sockptr_t certs_address; @@ -529,9 +545,17 @@ static int get_ext_report(struct snp_guest_dev *snp_dev, struct snp_guest_reques return -ENOMEM; snp_dev->input.data_npages = npages; - ret = handle_guest_request(snp_dev, SVM_VMGEXIT_EXT_GUEST_REQUEST, arg, SNP_MSG_REPORT_REQ, - &report_req->data, sizeof(report_req->data), - report_resp->data, resp_len); + + req.msg_version = arg->msg_version; + req.msg_type = SNP_MSG_REPORT_REQ; + req.vmpck_id = vmpck_id; + req.req_buf = &report_req->data; + req.req_sz = sizeof(report_req->data); + req.resp_buf = report_resp->data; + req.resp_sz = resp_len; + req.exit_code = SVM_VMGEXIT_EXT_GUEST_REQUEST; + + ret = snp_send_guest_request(snp_dev, &req, arg); /* If certs length is invalid then copy the returned length */ if (arg->vmm_error == SNP_GUEST_VMM_ERR_INVALID_LEN) { @@ -1057,7 +1081,7 @@ static int __init sev_guest_probe(struct platform_device *pdev) misc->name = DEVICE_NAME; misc->fops = &snp_guest_fops; - /* initial the input address for guest request */ + /* Initialize the input addresses for guest request */ snp_dev->input.req_gpa = __pa(snp_dev->request); snp_dev->input.resp_gpa = __pa(snp_dev->response); snp_dev->input.data_gpa = __pa(snp_dev->certs_data); From patchwork Wed Oct 9 09:28:36 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Nikunj A. Dadhania" X-Patchwork-Id: 13827994 Received: from NAM12-BN8-obe.outbound.protection.outlook.com (mail-bn8nam12on2070.outbound.protection.outlook.com [40.107.237.70]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 9DDE718F2FB; Wed, 9 Oct 2024 09:29:33 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=fail smtp.client-ip=40.107.237.70 ARC-Seal: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1728466175; cv=fail; b=jSfDwMQL2yu2fBQgrRzV6BjEWgypoIusG205RzsEFPU4O1CUD6aiv8S1rZSminJMJMRZaJb6FAd5uYcFez1/s+880j7kk/wu3uCc16A24fK26+baqklOgo/I7SCLFxulKNXzmHvzkWdSxFREZyora087uHuGxzm8QuUc9/xUTjc= ARC-Message-Signature: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1728466175; c=relaxed/simple; bh=o/6AhPVwyqeUl94NBZjr66E1BmydBq2j39gihku7/hg=; h=From:To:CC:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=fS6TEYhKZmVnyv2ium6AArW2Xfaa5dyHW1KkMs2YQFdvP2rYfT28+7a8/+U3+qX0zFMEAPwPhcMt3oEQKUAHmo5DbgQvh2R+zqU8Kn77RpZwFj9thj3J3W+I+cMQAyOZYXpQS9aHBKcYQyQa+zyuL8aVGWGEdgz++IRo+NCGanY= ARC-Authentication-Results: i=2; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com; spf=fail smtp.mailfrom=amd.com; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b=kMNx58L5; arc=fail smtp.client-ip=40.107.237.70 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com Authentication-Results: smtp.subspace.kernel.org; spf=fail smtp.mailfrom=amd.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b="kMNx58L5" ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=lrVY3KzsysmYEZOwvvF7xlcKmLMngB9XvXX1u7Ie5NZlmzqylo8fXvaSE2EfTByqsmunnG0UqqE2s9l9WvJ+BFQW0XIzfxialy4S5cK8Bjv9c64YxpBU1a1BWNXcCl65hyl9Fk/A+jTtsaewPnWQ3+J0znCyGYPjCdtqbZw+KBBV5DtTvNMoKS5gSRt8mabytoYkJdVPF+pbek0pEs3fpXt2ROP1k39Ufhdz3teAenx12dE+LoMqvggxMdD1LKeMsK6RfRt6pcIsdmDOBUkC2VkSYfMjP6tX81xALc5Vu82jwd9WrNUHIRSi/A6iL1x2pfXVxWAxnZjHS4TZujRU4g== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=7UjdmSX5W1Hyk0hbh5ld9DBv55Wdk8K0oJsrX1zxfuE=; b=OhZ8MkmhsI88d665TbV6PsnMFEYW5cLDQID/otXV02gieFpTrkZk1DuLecr0TYb26cr9kfM7ZeedY+mh9Qw1phjlpdeJl9b5EM2+qc4AXMvYHY/pu4P3r4vt/ztmgNjK33X8NX6j7Ch6AD0CSKbUK9+ga03nz1YNNqh64Ya4NfpdDyHrA4CLkEDQDG5upXE2FAxkBsxCNwOkUpcckjZUcgWFsomjI+DvQFbVMHbCUHR+Pl4nW2XpmA4LsR+i2NLWYfuXY+18GvLIk45oz6R1j1cQJHXyqOvUOVxeY62xZEinAJ8gIMtS2XYyoFsF54VpX7DpoMOqLdUgEDfY4u7arA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none (0) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=7UjdmSX5W1Hyk0hbh5ld9DBv55Wdk8K0oJsrX1zxfuE=; b=kMNx58L5Wkc9gN7Rb9B1GXzlYwUtWLKO5gUot8a9eFVpQibzCXDupxA0bygDBelpBkSCWltQZnfKNWZRdpN1vPfHO/kBdsNdwx8mBdAIM8clFXTsNUsrrE1KO6xpdnN9QLcVdMEi/LMBGF3Z/tqa06X0G6NetrNkcu468kg5vxs= Received: from BN0PR04CA0101.namprd04.prod.outlook.com (2603:10b6:408:ec::16) by CY8PR12MB7658.namprd12.prod.outlook.com (2603:10b6:930:9e::20) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.8026.23; Wed, 9 Oct 2024 09:29:29 +0000 Received: from BL02EPF00021F6C.namprd02.prod.outlook.com (2603:10b6:408:ec:cafe::c6) by BN0PR04CA0101.outlook.office365.com (2603:10b6:408:ec::16) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.8048.17 via Frontend Transport; Wed, 9 Oct 2024 09:29:29 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by BL02EPF00021F6C.mail.protection.outlook.com (10.167.249.8) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.8048.13 via Frontend Transport; Wed, 9 Oct 2024 09:29:29 +0000 Received: from gomati.amd.com (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.39; Wed, 9 Oct 2024 04:29:25 -0500 From: Nikunj A Dadhania To: , , , , CC: , , , , , , Subject: [PATCH v12 05/19] virt: sev-guest: Reduce the scope of SNP command mutex Date: Wed, 9 Oct 2024 14:58:36 +0530 Message-ID: <20241009092850.197575-6-nikunj@amd.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20241009092850.197575-1-nikunj@amd.com> References: <20241009092850.197575-1-nikunj@amd.com> Precedence: bulk X-Mailing-List: kvm@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: BL02EPF00021F6C:EE_|CY8PR12MB7658:EE_ X-MS-Office365-Filtering-Correlation-Id: 54ab2b70-f68b-4500-e8ad-08dce844e003 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0;ARA:13230040|7416014|376014|82310400026|36860700013|1800799024; X-Microsoft-Antispam-Message-Info: 1i4aUxa4HTFKLD3jRB1TJ03H4icX5dDGCEPC7psqepbw6B0hgr4xF3RvagQIHI5Em77j9raz9JeByeF/vM4cWhMUxYvqtkEwG88ys/t6gqwZRzNl1CtTH5K+LqpwpY+KI/voj3A9hzL084EdhR+XiXOe4JK7MJznam5+wvrsLUxJONIUcZ0YYrltPTm1bswwo0/bQ8HCcWOYE/5QkXnjJovl/U7Jn2cX0AkHSw35Cr9s5nbd0iu3z2pwGWkLFyqmbZYw3Op7Bxr7WL3HJySgkKlVw2Ne7Vu30YUGee/GSbOpI2OfKncYEHIH5ckS+GY/T5dUdJzmbbyCWHto025BIZXirLvV1GZeUJId5qgka9mBFYiGHIYjeHEFOj71BYXEkKTFwf7jtuJQGxovc3fe7HzZmnl5zvXSPjp5eRWrCGrz3vR5/0MIx4aOArIF0lw7tPwbuLzskkCS9fkub4BHbstB2OlVzNfHLhN7sciMhO586GxfagchCFI71bvBO99k2/drOgIzJaC4IRnPT8kj0qhxKNNhPjL81Zm6YVlvRYGti8upH0HbTHDGsS+1crQQHP457Rz+tw/S8qrPHvPHM929tgAkeCE8AHaynaU7EzZ+u2mKespl37zbrcfZ7QOgtVpRtD5BOnq5GVKHZECMbXKoQD/c4icqmMjTv6TWvrxOPZGSrtCXGfY/CpI7tOdpsp6f7b21P0cPy0xTjtAYy0DvGivyKzjxNe9G5djme91proaeGX16LsWP9OX74jtGxBnlqTqJJ2Ijw/yTCeZc8M6QFeqoUUsyEinv6Bazv1BQW2VxrJroKzbumwn/XMKupDpa73UD24udCm4mQObuDRQyfVzpTrf4O103qCXMreoRMCBWvQaG2hfIDOAGbeMdktqFjflLxEAJXZA6hbGtp1sW0KwvDYxX2mERrsyomz11T7j+ndpIAQG5VAiJGYcG7syEKTTd3+VCHXeZViXXo74IoqoYAMF8OAfkU7MwoAUfcm02LXuzlekgfhWtG/g8fo3cFBYPk1jphnjKz+LTlK7rTDAch2TTXbmvDdccDbdzN2egRD1qbGwrhHx9ibllDN0ohtALDWlZUG+UaVWvdq11RlydMchB5T2hp5BimvDkaLEpLoGMMl56h5PvzHWMCecZCqvGMPWxFIMfIZaFZwPXSUVPo8hZcHGot0eNxN/c8TV3u3r5Zn7LIENbBKNvpjOx9ldRWdB7KOFURwiyWhxfAIMRfEEK62D4LkPkL+DgxEdKlvydV53YQRyB88cvtv3d57ClWQF8FwVu5pR+1ShUZbdbw5C/PRDrx/TRfiP+Hmetq9j4Y1eLjf3DSrVOnUVgXVM5uQPas4KKLGOSJRIkbOyz4YR5+hCCWA9pUfkfvfeQo3U/DGOOcpgKE6Dr X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230040)(7416014)(376014)(82310400026)(36860700013)(1800799024);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 09 Oct 2024 09:29:29.2603 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 54ab2b70-f68b-4500-e8ad-08dce844e003 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: BL02EPF00021F6C.namprd02.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: CY8PR12MB7658 The SNP command mutex is used to serialize access to the shared buffer, command handling, and message sequence number. All shared buffer, command handling, and message sequence updates are done within snp_send_guest_request(), so moving the mutex to this function is appropriate and maintains the critical section. Since the mutex is now taken at a later point in time, remove the lockdep checks that occur before taking the mutex. Signed-off-by: Nikunj A Dadhania Reviewed-by: Tom Lendacky --- drivers/virt/coco/sev-guest/sev-guest.c | 35 ++++++------------------- 1 file changed, 8 insertions(+), 27 deletions(-) diff --git a/drivers/virt/coco/sev-guest/sev-guest.c b/drivers/virt/coco/sev-guest/sev-guest.c index 2a1b542168b1..1bddef822446 100644 --- a/drivers/virt/coco/sev-guest/sev-guest.c +++ b/drivers/virt/coco/sev-guest/sev-guest.c @@ -345,6 +345,14 @@ static int snp_send_guest_request(struct snp_guest_dev *snp_dev, struct snp_gues u64 seqno; int rc; + guard(mutex)(&snp_cmd_mutex); + + /* Check if the VMPCK is not empty */ + if (is_vmpck_empty(snp_dev)) { + dev_err_ratelimited(snp_dev->dev, "VMPCK is disabled\n"); + return -ENOTTY; + } + /* Get message sequence and verify that its a non-zero */ seqno = snp_get_msg_seqno(snp_dev); if (!seqno) @@ -401,8 +409,6 @@ static int get_report(struct snp_guest_dev *snp_dev, struct snp_guest_request_io struct snp_guest_req req = {}; int rc, resp_len; - lockdep_assert_held(&snp_cmd_mutex); - if (!arg->req_data || !arg->resp_data) return -EINVAL; @@ -449,8 +455,6 @@ static int get_derived_key(struct snp_guest_dev *snp_dev, struct snp_guest_reque /* Response data is 64 bytes and max authsize for GCM is 16 bytes. */ u8 buf[64 + 16]; - lockdep_assert_held(&snp_cmd_mutex); - if (!arg->req_data || !arg->resp_data) return -EINVAL; @@ -501,8 +505,6 @@ static int get_ext_report(struct snp_guest_dev *snp_dev, struct snp_guest_reques int ret, npages = 0, resp_len; sockptr_t certs_address; - lockdep_assert_held(&snp_cmd_mutex); - if (sockptr_is_null(io->req_data) || sockptr_is_null(io->resp_data)) return -EINVAL; @@ -598,15 +600,6 @@ static long snp_guest_ioctl(struct file *file, unsigned int ioctl, unsigned long if (!input.msg_version) return -EINVAL; - mutex_lock(&snp_cmd_mutex); - - /* Check if the VMPCK is not empty */ - if (is_vmpck_empty(snp_dev)) { - dev_err_ratelimited(snp_dev->dev, "VMPCK is disabled\n"); - mutex_unlock(&snp_cmd_mutex); - return -ENOTTY; - } - switch (ioctl) { case SNP_GET_REPORT: ret = get_report(snp_dev, &input); @@ -628,8 +621,6 @@ static long snp_guest_ioctl(struct file *file, unsigned int ioctl, unsigned long break; } - mutex_unlock(&snp_cmd_mutex); - if (input.exitinfo2 && copy_to_user(argp, &input, sizeof(input))) return -EFAULT; @@ -744,8 +735,6 @@ static int sev_svsm_report_new(struct tsm_report *report, void *data) man_len = SZ_4K; certs_len = SEV_FW_BLOB_MAX_SIZE; - guard(mutex)(&snp_cmd_mutex); - if (guid_is_null(&desc->service_guid)) { call_id = SVSM_ATTEST_CALL(SVSM_ATTEST_SERVICES); } else { @@ -880,14 +869,6 @@ static int sev_report_new(struct tsm_report *report, void *data) if (!buf) return -ENOMEM; - guard(mutex)(&snp_cmd_mutex); - - /* Check if the VMPCK is not empty */ - if (is_vmpck_empty(snp_dev)) { - dev_err_ratelimited(snp_dev->dev, "VMPCK is disabled\n"); - return -ENOTTY; - } - cert_table = buf + report_size; struct snp_ext_report_req ext_req = { .data = { .vmpl = desc->privlevel }, From patchwork Wed Oct 9 09:28:37 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Nikunj A. Dadhania" X-Patchwork-Id: 13827995 Received: from NAM12-BN8-obe.outbound.protection.outlook.com (mail-bn8nam12on2082.outbound.protection.outlook.com [40.107.237.82]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 2838818C329; Wed, 9 Oct 2024 09:29:38 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=fail smtp.client-ip=40.107.237.82 ARC-Seal: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1728466182; cv=fail; b=Li2gzLPmLcAfoTPCAjRY2xnR1+mVipkuylQHMU1Nkrydg3X/RxwsaPIsQrd3R0+wuCjJfyLCmVPhb2UP0l+FlYKRoij9x4IVJ6EDMakUeYVOQzi5ndAPyesBvKsDb3Nm0Ohzg4yFsSj3ZA2IqhWC1UwDMeq7czKQOlAhf4mwXAA= ARC-Message-Signature: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1728466182; c=relaxed/simple; bh=fyHXB1/sTIBkZ/2FDJDmaL5lB/PTEvBtsb/I3WU17p8=; h=From:To:CC:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=JFMWyxqpIgTqByNDHTDTDl1Xee5e8EQ4oqfr1Z2YFgIP/EWz3dr2BZAhNkPlGlyctCNRgLPAhxsBnnInAWsF2zSxjyNo6o+YXeg2O+xzUK/HfqCyDug+dXwnpZlm+6imIACYiQMcbnslfXgxIeQhYxeudROXAA+XVqSHyLn47a0= ARC-Authentication-Results: i=2; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com; spf=fail smtp.mailfrom=amd.com; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b=z5OyITtc; arc=fail smtp.client-ip=40.107.237.82 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com Authentication-Results: smtp.subspace.kernel.org; spf=fail smtp.mailfrom=amd.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b="z5OyITtc" ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=roaWnC2ot0IzbPG+lFuGeyowDu2pML920TH3n60umAlZd6LXRCEIPfH5SoXC5TT3yyyHKy/vu/pkhWfbxSXtgVg/dVLb78vpohWD9p+jH8jF7LIzaS1dWjBSrGEbRKfoc3KOOqtEKVXG47rX5d/0fGZU2klj7dUrOxeVRQjw3lvsJfcLMM/MLLw3F/W9jRf1xwUdLXnaXYl7IVLIywF4RIARfSosJvAyrka+tYhK1pjy28GSA/XT83maN9Geyg9n45/3fp7Lzs6fXpqjHEsdFJjJ+qqzTMhFRkUmQTxEF++G8qa1ERxHTkvA7a2ZPsgBtgayKx4iN3Rv0YTh6wdXyg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=YvC3dNVSwNLYoRXr+aAdTX/E+5hbYCeZjJbE7g9A4kc=; b=lnZ8eXXhTF0YpGDwLUdLEds5Y4VwegxQBylr3Tb3m8gyYo7kzJl2+1yWMpUedzN4MQXCl4WKNsLV3WQTCP88Ol88XGDAuyx74xJvOPo9X2G5Ykp7q+C6Lf8HppwDneZLw5JZWctuY91wPFYfgMh+1xtVDCqFwnwO4opiMoUz0RrJTSYpavVBQVJLo0GD+n9tnJBFtJipeWYaUUBKNdduLHwSHm1BoOJ9cs4lencoMJvncJNWSYJS10e/h8IRA6BBe9iwfBAaxj+50jrVAXdlB5e4aKBLEMSZHPiVHqV/FRr8pjwUYeoxFAS0U71TdSrCQ7L5TmXr9PvgKU0mBqd/xA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none (0) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=YvC3dNVSwNLYoRXr+aAdTX/E+5hbYCeZjJbE7g9A4kc=; b=z5OyITtc/ESyNM6EkbKa4vYNpar0IoPR874F+XVoz+ieoSqVzh+cSz+m2dnJbYHGxrPMUj0E/uKJxoMOxa9KPASKcr0HIJqU8eiHsCF20R8aTOl4ta+qEi1b+toGVn2eOTJ3nH2x5QDsKPZ6qMYi1eehgOLm7vFhm8sSBWCyAsw= Received: from BN0PR04CA0093.namprd04.prod.outlook.com (2603:10b6:408:ec::8) by LV3PR12MB9403.namprd12.prod.outlook.com (2603:10b6:408:217::15) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.8026.24; Wed, 9 Oct 2024 09:29:32 +0000 Received: from BL02EPF00021F6C.namprd02.prod.outlook.com (2603:10b6:408:ec:cafe::fb) by BN0PR04CA0093.outlook.office365.com (2603:10b6:408:ec::8) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.8048.17 via Frontend Transport; Wed, 9 Oct 2024 09:29:32 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by BL02EPF00021F6C.mail.protection.outlook.com (10.167.249.8) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.8048.13 via Frontend Transport; Wed, 9 Oct 2024 09:29:32 +0000 Received: from gomati.amd.com (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.39; Wed, 9 Oct 2024 04:29:28 -0500 From: Nikunj A Dadhania To: , , , , CC: , , , , , , Subject: [PATCH v12 06/19] virt: sev-guest: Carve out SNP message context structure Date: Wed, 9 Oct 2024 14:58:37 +0530 Message-ID: <20241009092850.197575-7-nikunj@amd.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20241009092850.197575-1-nikunj@amd.com> References: <20241009092850.197575-1-nikunj@amd.com> Precedence: bulk X-Mailing-List: kvm@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: BL02EPF00021F6C:EE_|LV3PR12MB9403:EE_ X-MS-Office365-Filtering-Correlation-Id: cc4fe99c-8ee7-4224-6e91-08dce844e210 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0;ARA:13230040|1800799024|82310400026|7416014|376014|36860700013; X-Microsoft-Antispam-Message-Info: x1OM6LtzpAS0xHpNzJUscUA4temRYpSvGgxveA3sloqtH/hBqfPJvujouhwu7TutIREe3pxL6mshjpDmgL7Ej5d1rzFveItEog7PjGviNicBCzDShFqwEvZq1qz1vHNMuqtNq9nQd/VOrG0bbUTD5NvLc6icL82Q1cf69Z2rfq53sBVonqkihXf8gjCmdx/wLqbD3FLOGR24tEruNSg9Hhko2Er6eJ32iTN+ssgmWbPBQwOGjlQVTiIAf0DXg9DlmpAshG5bjBVTZ59UBpyErtcCA7iZX0omuE0qoom8gyeWIxrmeRDws7bL9SCIHup/TipX+WlvxU1fwR6WaqvhcBpXcFVRQCOEDEFv4ssYyl8CHno5V3gbDhfg4sgo0YJjKawrErPDP7LfyLy3KJru7KkCCL/YtskvKfuKMaCXtY5DgMKUT6DE8NJ8HOvlYfSXUKlw/CcSw+GKXa7ababaAaKn61Bh+Mm+Cq9jghs9Uohos3BSQ2+BGhsnBv9/eY7F5blwqQPz8XxxvvgiTc9G4LfA4VDL9Z68O4o8kvNVyqz3CmwQIfPVorCxcjzdSNUnkLH/6hegRDztlah9N04M/GBzGul95rxzC0w0ePqrScxiL23OiCnHHGPQIbyR3D4UNsGHvPLUJ4Lm0e6OXBp+eLZlc5+llYqEXc67D1KS2BYUQ0k005uFNya4NuzuOwr/+wxfJpLBmk/3bfnznVtFPprZMUpT/pIe/D11NhNj8udG7nl8JVmpcf/iMitqgXzi0cAKHHjSkUJ6EZ8drBfhAPOsw+nFBSr9hd7qtPEoPl14ruHmuSl8sqVfj2E/YN1GktzW3srpKqAU1u6D6KtExZu+0V3qj/NNRn6exB+gKKxaOiJNebrbLkzJKd9Yize4t5wWoMAUVjKckebuDdeB70p6SRDCk5QWyFiuHn25dcWtTBJUjl2ykM31fRbgaA42pt2WJuMcMkm3KVbRboX1N6/8p+IXZqUoriXNMrAoQ4I7DIjsVxrRrt9KSISsgy0CBqFFgD2PABIMe9t5Nxl41yHMNSamIDYkFFfj2hCuzA39bvJKtudD6MnOrdmZ0MFadHp1m43CIW4knAnIjAgXAeRUNo782YbYcMHOxhq1hvxujDtrsX4nw460ybA7vOVlASMidZEnoR//8rNgITSBX0gh1ggoICQJ+WovQ2TMqIXcRsSonJNkIsjR52ScGjMbTq4ABIx1ru5TpllVdeKLm4o4DGaw5Kv5J7K7TmOxymRYwx41/VEBJkzTOdR5OJ0uwLSrJr41A4muZ9OpOdQ82HV6KwZwyTzZCcDw6EQp01foUVr3MR562lHV2k9QK6l4LN1ryh18+cUc+VC+NJEgVx/xK2RkD/bLpv9wVrXOFcvD+JfkkX/dz9ivE4RRSQHo X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230040)(1800799024)(82310400026)(7416014)(376014)(36860700013);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 09 Oct 2024 09:29:32.7290 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: cc4fe99c-8ee7-4224-6e91-08dce844e210 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: BL02EPF00021F6C.namprd02.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: LV3PR12MB9403 Currently, the sev-guest driver is the only user of SNP guest messaging. The snp_guest_dev structure holds all the allocated buffers, secrets page and VMPCK details. In preparation for adding messaging allocation and initialization APIs, decouple snp_guest_dev from messaging-related information by carving out the guest message context structure(snp_msg_desc). Incorporate this newly added context into snp_send_guest_request() and all related functions, replacing the use of the snp_guest_dev. No functional change. Signed-off-by: Nikunj A Dadhania Reviewed-by: Tom Lendacky --- arch/x86/include/asm/sev.h | 21 +++ drivers/virt/coco/sev-guest/sev-guest.c | 178 ++++++++++++------------ 2 files changed, 108 insertions(+), 91 deletions(-) diff --git a/arch/x86/include/asm/sev.h b/arch/x86/include/asm/sev.h index 27fa1c9c3465..2e49c4a9e7fe 100644 --- a/arch/x86/include/asm/sev.h +++ b/arch/x86/include/asm/sev.h @@ -234,6 +234,27 @@ struct snp_secrets_page { u8 rsvd4[3744]; } __packed; +struct snp_msg_desc { + /* request and response are in unencrypted memory */ + struct snp_guest_msg *request, *response; + + /* + * Avoid information leakage by double-buffering shared messages + * in fields that are in regular encrypted memory. + */ + struct snp_guest_msg secret_request, secret_response; + + struct snp_secrets_page *secrets; + struct snp_req_data input; + + void *certs_data; + + struct aesgcm_ctx *ctx; + + u32 *os_area_msg_seqno; + u8 *vmpck; +}; + /* * The SVSM Calling Area (CA) related structures. */ diff --git a/drivers/virt/coco/sev-guest/sev-guest.c b/drivers/virt/coco/sev-guest/sev-guest.c index 1bddef822446..fca5c45ed5cd 100644 --- a/drivers/virt/coco/sev-guest/sev-guest.c +++ b/drivers/virt/coco/sev-guest/sev-guest.c @@ -40,26 +40,13 @@ struct snp_guest_dev { struct device *dev; struct miscdevice misc; - void *certs_data; - struct aesgcm_ctx *ctx; - /* request and response are in unencrypted memory */ - struct snp_guest_msg *request, *response; - - /* - * Avoid information leakage by double-buffering shared messages - * in fields that are in regular encrypted memory. - */ - struct snp_guest_msg secret_request, secret_response; + struct snp_msg_desc *msg_desc; - struct snp_secrets_page *secrets; - struct snp_req_data input; union { struct snp_report_req report; struct snp_derived_key_req derived_key; struct snp_ext_report_req ext_report; } req; - u32 *os_area_msg_seqno; - u8 *vmpck; }; /* @@ -76,12 +63,12 @@ MODULE_PARM_DESC(vmpck_id, "The VMPCK ID to use when communicating with the PSP. /* Mutex to serialize the shared buffer access and command handling. */ static DEFINE_MUTEX(snp_cmd_mutex); -static bool is_vmpck_empty(struct snp_guest_dev *snp_dev) +static bool is_vmpck_empty(struct snp_msg_desc *mdesc) { char zero_key[VMPCK_KEY_LEN] = {0}; - if (snp_dev->vmpck) - return !memcmp(snp_dev->vmpck, zero_key, VMPCK_KEY_LEN); + if (mdesc->vmpck) + return !memcmp(mdesc->vmpck, zero_key, VMPCK_KEY_LEN); return true; } @@ -103,30 +90,30 @@ static bool is_vmpck_empty(struct snp_guest_dev *snp_dev) * vulnerable. If the sequence number were incremented for a fresh IV the ASP * will reject the request. */ -static void snp_disable_vmpck(struct snp_guest_dev *snp_dev) +static void snp_disable_vmpck(struct snp_msg_desc *mdesc) { - dev_alert(snp_dev->dev, "Disabling VMPCK%d communication key to prevent IV reuse.\n", + pr_alert("Disabling VMPCK%d communication key to prevent IV reuse.\n", vmpck_id); - memzero_explicit(snp_dev->vmpck, VMPCK_KEY_LEN); - snp_dev->vmpck = NULL; + memzero_explicit(mdesc->vmpck, VMPCK_KEY_LEN); + mdesc->vmpck = NULL; } -static inline u64 __snp_get_msg_seqno(struct snp_guest_dev *snp_dev) +static inline u64 __snp_get_msg_seqno(struct snp_msg_desc *mdesc) { u64 count; lockdep_assert_held(&snp_cmd_mutex); /* Read the current message sequence counter from secrets pages */ - count = *snp_dev->os_area_msg_seqno; + count = *mdesc->os_area_msg_seqno; return count + 1; } /* Return a non-zero on success */ -static u64 snp_get_msg_seqno(struct snp_guest_dev *snp_dev) +static u64 snp_get_msg_seqno(struct snp_msg_desc *mdesc) { - u64 count = __snp_get_msg_seqno(snp_dev); + u64 count = __snp_get_msg_seqno(mdesc); /* * The message sequence counter for the SNP guest request is a 64-bit @@ -137,20 +124,20 @@ static u64 snp_get_msg_seqno(struct snp_guest_dev *snp_dev) * invalid number and will fail the message request. */ if (count >= UINT_MAX) { - dev_err(snp_dev->dev, "request message sequence counter overflow\n"); + pr_err("request message sequence counter overflow\n"); return 0; } return count; } -static void snp_inc_msg_seqno(struct snp_guest_dev *snp_dev) +static void snp_inc_msg_seqno(struct snp_msg_desc *mdesc) { /* * The counter is also incremented by the PSP, so increment it by 2 * and save in secrets page. */ - *snp_dev->os_area_msg_seqno += 2; + *mdesc->os_area_msg_seqno += 2; } static inline struct snp_guest_dev *to_snp_dev(struct file *file) @@ -177,13 +164,13 @@ static struct aesgcm_ctx *snp_init_crypto(u8 *key, size_t keylen) return ctx; } -static int verify_and_dec_payload(struct snp_guest_dev *snp_dev, struct snp_guest_req *req) +static int verify_and_dec_payload(struct snp_msg_desc *mdesc, struct snp_guest_req *req) { - struct snp_guest_msg *resp_msg = &snp_dev->secret_response; - struct snp_guest_msg *req_msg = &snp_dev->secret_request; + struct snp_guest_msg *resp_msg = &mdesc->secret_response; + struct snp_guest_msg *req_msg = &mdesc->secret_request; struct snp_guest_msg_hdr *req_msg_hdr = &req_msg->hdr; struct snp_guest_msg_hdr *resp_msg_hdr = &resp_msg->hdr; - struct aesgcm_ctx *ctx = snp_dev->ctx; + struct aesgcm_ctx *ctx = mdesc->ctx; u8 iv[GCM_AES_IV_SIZE] = {}; pr_debug("response [seqno %lld type %d version %d sz %d]\n", @@ -191,7 +178,7 @@ static int verify_and_dec_payload(struct snp_guest_dev *snp_dev, struct snp_gues resp_msg_hdr->msg_sz); /* Copy response from shared memory to encrypted memory. */ - memcpy(resp_msg, snp_dev->response, sizeof(*resp_msg)); + memcpy(resp_msg, mdesc->response, sizeof(*resp_msg)); /* Verify that the sequence counter is incremented by 1 */ if (unlikely(resp_msg_hdr->msg_seqno != (req_msg_hdr->msg_seqno + 1))) @@ -218,11 +205,11 @@ static int verify_and_dec_payload(struct snp_guest_dev *snp_dev, struct snp_gues return 0; } -static int enc_payload(struct snp_guest_dev *snp_dev, u64 seqno, struct snp_guest_req *req) +static int enc_payload(struct snp_msg_desc *mdesc, u64 seqno, struct snp_guest_req *req) { - struct snp_guest_msg *msg = &snp_dev->secret_request; + struct snp_guest_msg *msg = &mdesc->secret_request; struct snp_guest_msg_hdr *hdr = &msg->hdr; - struct aesgcm_ctx *ctx = snp_dev->ctx; + struct aesgcm_ctx *ctx = mdesc->ctx; u8 iv[GCM_AES_IV_SIZE] = {}; memset(msg, 0, sizeof(*msg)); @@ -253,7 +240,7 @@ static int enc_payload(struct snp_guest_dev *snp_dev, u64 seqno, struct snp_gues return 0; } -static int __handle_guest_request(struct snp_guest_dev *snp_dev, struct snp_guest_req *req, +static int __handle_guest_request(struct snp_msg_desc *mdesc, struct snp_guest_req *req, struct snp_guest_request_ioctl *rio) { unsigned long req_start = jiffies; @@ -268,7 +255,7 @@ static int __handle_guest_request(struct snp_guest_dev *snp_dev, struct snp_gues * sequence number must be incremented or the VMPCK must be deleted to * prevent reuse of the IV. */ - rc = snp_issue_guest_request(req, &snp_dev->input, rio); + rc = snp_issue_guest_request(req, &mdesc->input, rio); switch (rc) { case -ENOSPC: /* @@ -278,7 +265,7 @@ static int __handle_guest_request(struct snp_guest_dev *snp_dev, struct snp_gues * order to increment the sequence number and thus avoid * IV reuse. */ - override_npages = snp_dev->input.data_npages; + override_npages = mdesc->input.data_npages; req->exit_code = SVM_VMGEXIT_GUEST_REQUEST; /* @@ -318,7 +305,7 @@ static int __handle_guest_request(struct snp_guest_dev *snp_dev, struct snp_gues * structure and any failure will wipe the VMPCK, preventing further * use anyway. */ - snp_inc_msg_seqno(snp_dev); + snp_inc_msg_seqno(mdesc); if (override_err) { rio->exitinfo2 = override_err; @@ -334,12 +321,12 @@ static int __handle_guest_request(struct snp_guest_dev *snp_dev, struct snp_gues } if (override_npages) - snp_dev->input.data_npages = override_npages; + mdesc->input.data_npages = override_npages; return rc; } -static int snp_send_guest_request(struct snp_guest_dev *snp_dev, struct snp_guest_req *req, +static int snp_send_guest_request(struct snp_msg_desc *mdesc, struct snp_guest_req *req, struct snp_guest_request_ioctl *rio) { u64 seqno; @@ -348,21 +335,21 @@ static int snp_send_guest_request(struct snp_guest_dev *snp_dev, struct snp_gues guard(mutex)(&snp_cmd_mutex); /* Check if the VMPCK is not empty */ - if (is_vmpck_empty(snp_dev)) { - dev_err_ratelimited(snp_dev->dev, "VMPCK is disabled\n"); + if (is_vmpck_empty(mdesc)) { + pr_err_ratelimited("VMPCK is disabled\n"); return -ENOTTY; } /* Get message sequence and verify that its a non-zero */ - seqno = snp_get_msg_seqno(snp_dev); + seqno = snp_get_msg_seqno(mdesc); if (!seqno) return -EIO; /* Clear shared memory's response for the host to populate. */ - memset(snp_dev->response, 0, sizeof(struct snp_guest_msg)); + memset(mdesc->response, 0, sizeof(struct snp_guest_msg)); - /* Encrypt the userspace provided payload in snp_dev->secret_request. */ - rc = enc_payload(snp_dev, seqno, req); + /* Encrypt the userspace provided payload in mdesc->secret_request. */ + rc = enc_payload(mdesc, seqno, req); if (rc) return rc; @@ -370,27 +357,26 @@ static int snp_send_guest_request(struct snp_guest_dev *snp_dev, struct snp_gues * Write the fully encrypted request to the shared unencrypted * request page. */ - memcpy(snp_dev->request, &snp_dev->secret_request, - sizeof(snp_dev->secret_request)); + memcpy(mdesc->request, &mdesc->secret_request, + sizeof(mdesc->secret_request)); - rc = __handle_guest_request(snp_dev, req, rio); + rc = __handle_guest_request(mdesc, req, rio); if (rc) { if (rc == -EIO && rio->exitinfo2 == SNP_GUEST_VMM_ERR(SNP_GUEST_VMM_ERR_INVALID_LEN)) return rc; - dev_alert(snp_dev->dev, - "Detected error from ASP request. rc: %d, exitinfo2: 0x%llx\n", - rc, rio->exitinfo2); + pr_alert("Detected error from ASP request. rc: %d, exitinfo2: 0x%llx\n", + rc, rio->exitinfo2); - snp_disable_vmpck(snp_dev); + snp_disable_vmpck(mdesc); return rc; } - rc = verify_and_dec_payload(snp_dev, req); + rc = verify_and_dec_payload(mdesc, req); if (rc) { - dev_alert(snp_dev->dev, "Detected unexpected decode failure from ASP. rc: %d\n", rc); - snp_disable_vmpck(snp_dev); + pr_alert("Detected unexpected decode failure from ASP. rc: %d\n", rc); + snp_disable_vmpck(mdesc); return rc; } @@ -405,6 +391,7 @@ struct snp_req_resp { static int get_report(struct snp_guest_dev *snp_dev, struct snp_guest_request_ioctl *arg) { struct snp_report_req *report_req = &snp_dev->req.report; + struct snp_msg_desc *mdesc = snp_dev->msg_desc; struct snp_report_resp *report_resp; struct snp_guest_req req = {}; int rc, resp_len; @@ -420,7 +407,7 @@ static int get_report(struct snp_guest_dev *snp_dev, struct snp_guest_request_io * response payload. Make sure that it has enough space to cover the * authtag. */ - resp_len = sizeof(report_resp->data) + snp_dev->ctx->authsize; + resp_len = sizeof(report_resp->data) + mdesc->ctx->authsize; report_resp = kzalloc(resp_len, GFP_KERNEL_ACCOUNT); if (!report_resp) return -ENOMEM; @@ -434,7 +421,7 @@ static int get_report(struct snp_guest_dev *snp_dev, struct snp_guest_request_io req.resp_sz = resp_len; req.exit_code = SVM_VMGEXIT_GUEST_REQUEST; - rc = snp_send_guest_request(snp_dev, &req, arg); + rc = snp_send_guest_request(mdesc, &req, arg); if (rc) goto e_free; @@ -450,6 +437,7 @@ static int get_derived_key(struct snp_guest_dev *snp_dev, struct snp_guest_reque { struct snp_derived_key_req *derived_key_req = &snp_dev->req.derived_key; struct snp_derived_key_resp derived_key_resp = {0}; + struct snp_msg_desc *mdesc = snp_dev->msg_desc; struct snp_guest_req req = {}; int rc, resp_len; /* Response data is 64 bytes and max authsize for GCM is 16 bytes. */ @@ -463,7 +451,7 @@ static int get_derived_key(struct snp_guest_dev *snp_dev, struct snp_guest_reque * response payload. Make sure that it has enough space to cover the * authtag. */ - resp_len = sizeof(derived_key_resp.data) + snp_dev->ctx->authsize; + resp_len = sizeof(derived_key_resp.data) + mdesc->ctx->authsize; if (sizeof(buf) < resp_len) return -ENOMEM; @@ -480,7 +468,7 @@ static int get_derived_key(struct snp_guest_dev *snp_dev, struct snp_guest_reque req.resp_sz = resp_len; req.exit_code = SVM_VMGEXIT_GUEST_REQUEST; - rc = snp_send_guest_request(snp_dev, &req, arg); + rc = snp_send_guest_request(mdesc, &req, arg); if (rc) return rc; @@ -500,6 +488,7 @@ static int get_ext_report(struct snp_guest_dev *snp_dev, struct snp_guest_reques { struct snp_ext_report_req *report_req = &snp_dev->req.ext_report; + struct snp_msg_desc *mdesc = snp_dev->msg_desc; struct snp_report_resp *report_resp; struct snp_guest_req req = {}; int ret, npages = 0, resp_len; @@ -533,7 +522,7 @@ static int get_ext_report(struct snp_guest_dev *snp_dev, struct snp_guest_reques * the host. If host does not supply any certs in it, then copy * zeros to indicate that certificate data was not provided. */ - memset(snp_dev->certs_data, 0, report_req->certs_len); + memset(mdesc->certs_data, 0, report_req->certs_len); npages = report_req->certs_len >> PAGE_SHIFT; cmd: /* @@ -541,12 +530,12 @@ static int get_ext_report(struct snp_guest_dev *snp_dev, struct snp_guest_reques * response payload. Make sure that it has enough space to cover the * authtag. */ - resp_len = sizeof(report_resp->data) + snp_dev->ctx->authsize; + resp_len = sizeof(report_resp->data) + mdesc->ctx->authsize; report_resp = kzalloc(resp_len, GFP_KERNEL_ACCOUNT); if (!report_resp) return -ENOMEM; - snp_dev->input.data_npages = npages; + mdesc->input.data_npages = npages; req.msg_version = arg->msg_version; req.msg_type = SNP_MSG_REPORT_REQ; @@ -557,11 +546,11 @@ static int get_ext_report(struct snp_guest_dev *snp_dev, struct snp_guest_reques req.resp_sz = resp_len; req.exit_code = SVM_VMGEXIT_EXT_GUEST_REQUEST; - ret = snp_send_guest_request(snp_dev, &req, arg); + ret = snp_send_guest_request(mdesc, &req, arg); /* If certs length is invalid then copy the returned length */ if (arg->vmm_error == SNP_GUEST_VMM_ERR_INVALID_LEN) { - report_req->certs_len = snp_dev->input.data_npages << PAGE_SHIFT; + report_req->certs_len = mdesc->input.data_npages << PAGE_SHIFT; if (copy_to_sockptr(io->req_data, report_req, sizeof(*report_req))) ret = -EFAULT; @@ -570,7 +559,7 @@ static int get_ext_report(struct snp_guest_dev *snp_dev, struct snp_guest_reques if (ret) goto e_free; - if (npages && copy_to_sockptr(certs_address, snp_dev->certs_data, report_req->certs_len)) { + if (npages && copy_to_sockptr(certs_address, mdesc->certs_data, report_req->certs_len)) { ret = -EFAULT; goto e_free; } @@ -994,6 +983,7 @@ static int __init sev_guest_probe(struct platform_device *pdev) struct snp_secrets_page *secrets; struct device *dev = &pdev->dev; struct snp_guest_dev *snp_dev; + struct snp_msg_desc *mdesc; struct miscdevice *misc; void __iomem *mapping; int ret; @@ -1018,43 +1008,47 @@ static int __init sev_guest_probe(struct platform_device *pdev) if (!snp_dev) goto e_unmap; + mdesc = devm_kzalloc(&pdev->dev, sizeof(struct snp_msg_desc), GFP_KERNEL); + if (!mdesc) + goto e_unmap; + /* Adjust the default VMPCK key based on the executing VMPL level */ if (vmpck_id == -1) vmpck_id = snp_vmpl; ret = -EINVAL; - snp_dev->vmpck = get_vmpck(vmpck_id, secrets, &snp_dev->os_area_msg_seqno); - if (!snp_dev->vmpck) { + mdesc->vmpck = get_vmpck(vmpck_id, secrets, &mdesc->os_area_msg_seqno); + if (!mdesc->vmpck) { dev_err(dev, "Invalid VMPCK%d communication key\n", vmpck_id); goto e_unmap; } /* Verify that VMPCK is not zero. */ - if (is_vmpck_empty(snp_dev)) { + if (is_vmpck_empty(mdesc)) { dev_err(dev, "Empty VMPCK%d communication key\n", vmpck_id); goto e_unmap; } platform_set_drvdata(pdev, snp_dev); snp_dev->dev = dev; - snp_dev->secrets = secrets; + mdesc->secrets = secrets; /* Allocate the shared page used for the request and response message. */ - snp_dev->request = alloc_shared_pages(dev, sizeof(struct snp_guest_msg)); - if (!snp_dev->request) + mdesc->request = alloc_shared_pages(dev, sizeof(struct snp_guest_msg)); + if (!mdesc->request) goto e_unmap; - snp_dev->response = alloc_shared_pages(dev, sizeof(struct snp_guest_msg)); - if (!snp_dev->response) + mdesc->response = alloc_shared_pages(dev, sizeof(struct snp_guest_msg)); + if (!mdesc->response) goto e_free_request; - snp_dev->certs_data = alloc_shared_pages(dev, SEV_FW_BLOB_MAX_SIZE); - if (!snp_dev->certs_data) + mdesc->certs_data = alloc_shared_pages(dev, SEV_FW_BLOB_MAX_SIZE); + if (!mdesc->certs_data) goto e_free_response; ret = -EIO; - snp_dev->ctx = snp_init_crypto(snp_dev->vmpck, VMPCK_KEY_LEN); - if (!snp_dev->ctx) + mdesc->ctx = snp_init_crypto(mdesc->vmpck, VMPCK_KEY_LEN); + if (!mdesc->ctx) goto e_free_cert_data; misc = &snp_dev->misc; @@ -1063,9 +1057,9 @@ static int __init sev_guest_probe(struct platform_device *pdev) misc->fops = &snp_guest_fops; /* Initialize the input addresses for guest request */ - snp_dev->input.req_gpa = __pa(snp_dev->request); - snp_dev->input.resp_gpa = __pa(snp_dev->response); - snp_dev->input.data_gpa = __pa(snp_dev->certs_data); + mdesc->input.req_gpa = __pa(mdesc->request); + mdesc->input.resp_gpa = __pa(mdesc->response); + mdesc->input.data_gpa = __pa(mdesc->certs_data); /* Set the privlevel_floor attribute based on the vmpck_id */ sev_tsm_ops.privlevel_floor = vmpck_id; @@ -1082,17 +1076,18 @@ static int __init sev_guest_probe(struct platform_device *pdev) if (ret) goto e_free_ctx; + snp_dev->msg_desc = mdesc; dev_info(dev, "Initialized SEV guest driver (using VMPCK%d communication key)\n", vmpck_id); return 0; e_free_ctx: - kfree(snp_dev->ctx); + kfree(mdesc->ctx); e_free_cert_data: - free_shared_pages(snp_dev->certs_data, SEV_FW_BLOB_MAX_SIZE); + free_shared_pages(mdesc->certs_data, SEV_FW_BLOB_MAX_SIZE); e_free_response: - free_shared_pages(snp_dev->response, sizeof(struct snp_guest_msg)); + free_shared_pages(mdesc->response, sizeof(struct snp_guest_msg)); e_free_request: - free_shared_pages(snp_dev->request, sizeof(struct snp_guest_msg)); + free_shared_pages(mdesc->request, sizeof(struct snp_guest_msg)); e_unmap: iounmap(mapping); return ret; @@ -1101,11 +1096,12 @@ static int __init sev_guest_probe(struct platform_device *pdev) static void __exit sev_guest_remove(struct platform_device *pdev) { struct snp_guest_dev *snp_dev = platform_get_drvdata(pdev); + struct snp_msg_desc *mdesc = snp_dev->msg_desc; - free_shared_pages(snp_dev->certs_data, SEV_FW_BLOB_MAX_SIZE); - free_shared_pages(snp_dev->response, sizeof(struct snp_guest_msg)); - free_shared_pages(snp_dev->request, sizeof(struct snp_guest_msg)); - kfree(snp_dev->ctx); + free_shared_pages(mdesc->certs_data, SEV_FW_BLOB_MAX_SIZE); + free_shared_pages(mdesc->response, sizeof(struct snp_guest_msg)); + free_shared_pages(mdesc->request, sizeof(struct snp_guest_msg)); + kfree(mdesc->ctx); misc_deregister(&snp_dev->misc); } From patchwork Wed Oct 9 09:28:38 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Nikunj A. Dadhania" X-Patchwork-Id: 13827996 Received: from NAM12-MW2-obe.outbound.protection.outlook.com (mail-mw2nam12on2082.outbound.protection.outlook.com [40.107.244.82]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 54EF118C924; Wed, 9 Oct 2024 09:29:41 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=fail smtp.client-ip=40.107.244.82 ARC-Seal: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1728466183; cv=fail; b=HnG8QHyVUSgIHy6XRJTt9d8aUEoaC67elZk8/mF4d1HuCZOPF8OuTJ1YhODnFnI03uIPWSuwjTcVkQZ33MOGsqXtyrALoIQdbqWy0slzGziC6ln+dAeo/8Zm9iRmjAL2t+wvZczM+ESP6AcVclTNsOoqwJ8oCH0hgmp5+IYgjcE= ARC-Message-Signature: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1728466183; c=relaxed/simple; bh=9FtYHJDdjQ2b/4jkYDFLyiII/hORpMxkuuswJ+Ls5us=; h=From:To:CC:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=U1d22FHGTi4XNqXP2XmYtgG3iY9juyboaSTKBF6liTysC+yxUiMlT53q+uK1KXin8B7JsRYED/OQleFrkpGsRjO3rYUACWyCJGWYXoD4CV8AkVnQ7Y3+zBLPd6EeF9y7WxrSo6rBh4Q5Y9Nrgal9HvxIXiFt4CxxIFAiCMk32ZM= ARC-Authentication-Results: i=2; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com; spf=fail smtp.mailfrom=amd.com; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b=MX6J9orf; arc=fail smtp.client-ip=40.107.244.82 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com Authentication-Results: smtp.subspace.kernel.org; spf=fail smtp.mailfrom=amd.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b="MX6J9orf" ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=Zw+jO06SnomSTvpD5c64pa+hCBIXtHOsH2K5Po8CGxBREtrn5F/osP6u2NrT2ZEBo+JAGfKiIrdjncQA+cAwdoRIyVR6i2O6Dr0RMA2QD2MreI1lmjDEp8SQ5kqbzney/ejjxJSkoXh2uy68mxZfr5IggJEuNwd2dVlNbtYeOc5eUng5ktAs9q4s+vUGwTyLsU6W9SilskExFCAXsrrA1iNEquM3zZ+qFjE+xGmvhP3TMXOC4g52W+UbTPTDDBtWnhS+xZ98nYA7HLDHZO/ZumJ80yqM2c3nmBWLtozZ98f2tETAZCkTbhRU9qfti53/zMjd5imLCx429lgeBZ7MFw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=wDe9R4PTkRjpBr9+zKgRN0Xh5Jd7nmYhHrry+4ArABQ=; b=O5o9PlMDBvVu67ZHJhVFwYEgNYNhqXFtL1EHE/48VbBUmIW81OdQ/XKho1dtmUUGq1nblrOQJUqoPUUxzYDohde/LLMQJ0Ht0sKx5t63bkTv2HefWBqtmG1urjhFDPrJlcGJjm1XdNEOBTkCp3/amYyxeMRvaRIPpJhIQEspAWzQ7B1ZaTjg1bx2x6+1jxmCyX3CevZ7O4gvaQT/JKWojNkmId/bCmKauXql3L3tJcz08ImDaE9QHjFsMs4uVrNHRvwD1o0fBTJ7Mgv+FXSGd4w2qUoV57ibytfTteJe0M0Sm3EaBBs3CGEswLtXAuL06TSEiZAZ6FUtuLAOHFaATQ== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none (0) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=wDe9R4PTkRjpBr9+zKgRN0Xh5Jd7nmYhHrry+4ArABQ=; b=MX6J9orf39q4pCpoVhSgyKBWEDZo1/Zb+H25nX/+BEoUEJAbU2BPZQlWQRKy0FWAPDU1mZUTAsGhOFAeQWigNZIoiYMws+PdKRXHJL+KZJSrKHiCdVxS/Z9VYf5iOAx/El+EsY0Wck+3fvps+TWq/nvnLuXwvHV9uGZYmo0FeEA= Received: from MN0P220CA0017.NAMP220.PROD.OUTLOOK.COM (2603:10b6:208:52e::10) by SA3PR12MB9129.namprd12.prod.outlook.com (2603:10b6:806:397::16) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.8048.16; Wed, 9 Oct 2024 09:29:36 +0000 Received: from BL02EPF00021F68.namprd02.prod.outlook.com (2603:10b6:208:52e:cafe::d5) by MN0P220CA0017.outlook.office365.com (2603:10b6:208:52e::10) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.8048.18 via Frontend Transport; Wed, 9 Oct 2024 09:29:36 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by BL02EPF00021F68.mail.protection.outlook.com (10.167.249.4) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.8048.13 via Frontend Transport; Wed, 9 Oct 2024 09:29:36 +0000 Received: from gomati.amd.com (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.39; Wed, 9 Oct 2024 04:29:32 -0500 From: Nikunj A Dadhania To: , , , , CC: , , , , , , Subject: [PATCH v12 07/19] x86/sev: Carve out and export SNP guest messaging init routines Date: Wed, 9 Oct 2024 14:58:38 +0530 Message-ID: <20241009092850.197575-8-nikunj@amd.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20241009092850.197575-1-nikunj@amd.com> References: <20241009092850.197575-1-nikunj@amd.com> Precedence: bulk X-Mailing-List: kvm@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: BL02EPF00021F68:EE_|SA3PR12MB9129:EE_ X-MS-Office365-Filtering-Correlation-Id: d6571bf0-b95a-4036-b16d-08dce844e467 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0;ARA:13230040|82310400026|1800799024|7416014|36860700013|376014; X-Microsoft-Antispam-Message-Info: HGU4SEz8cECANmKXRd83mnHZ1cD8xBhI9+7DVOGuHrd7AkSaEbKAcjtfTqQdNN1iBHMF5g/E5uU0nFfd//cKwomP8BfS3MN2Ew/t9rYWZptvecjJAWztY8CjOgn+1QSOleyu5umjLGwqiPy32HAQgOjFnd63LPUiezwaz4ZB7jZsAxi2onv4GaZU4LS1fRzA/hy8fp0Rnh3yhPhEJJFK78uED8dQA4utvUKqbB5Brmr7OrzjJ6iR2OYQd1q9/02FkdrsrfKbCRsnxqZ3N2zSZvtTMOCMgO4sIPYhUQyY3sZGXxd1BZIJ7yKu9cSVR1JwIoNcd012xwLp8v7mfKTutV/ZZX1OXTXMNyD1kTcnEv74qcl3yf/rK7Oe9jlzj6CGfbzNEVb8LvjzIo50tnpuhHhzgWKDHfVeokXey51YI3kfwHJZtB7gg9V6w8zYm41UapAnctYr83sLT7tMWzbK2VIU+0Qhe3boIyAHfa81kpkUmqpBHQ0rquZFRROtGgQwu52Kz85yHIiwFyM9RJHXFs9evgvR82EZtpXv0j3jQA70zIVKv3CnKACYv006cKKKmloFd4k7GI6PZApYdKwdQ37n08GJ02JPCsmNNAkbe410jO8HHOeuxWgZPzTGUXdTWV/UcbnVW5s1BoIXrViW2/a+gtERMFN4w0XaJDxPenixXoGMKkOoDlq7EI51KWrQAQZ8ZAQP1zK06Ob64c8ak9dKAxvsbgG731t0gCCIxT07+9PulBUB1bPvJh0va41AHY7HjFx1an6FoqWzat7XiySFYUyopjHjwdnomCCyNDd0bw0E/O5wtp+1awZSL733LvguGYHAMsHr3Z29X1wUVqbPs6f8ai2PJfUindELjF6H7rIN6LYR9cZX58CcQ8QuNMX5whIlwdSbyIp92WpSHFkhlee+cwat+cTyDZ0BR4TLgUO9qJ0rFIavszb+/LMgKqTz6fJHKPgRDibZs46QkK6WQUmt6QvIEUXf/deBrWTkPBbxm0WVu0fwN5ZUyq+TPYJlnhEAC8FSsco3pizIukH6b/hYBW4aMmYm0gp4nJniG0tFy1ob8ySEZjzoVzLq3oiJv37BHWTQgIYj4liTS7p5wadISiOUUcSBDHFbwLtWl3Ni5TDz+89rQjpZeqyFLjmOAYyK5ZOKvB5KqK6PdQA1U+KTpet05U70+ZKBPRHPPGQKo48/mzhm52jG/slKKI+968W9SIP7mk4/6rP0t9oBETq8vIpO4nKIiB1XAS0+NdzhtXRX6Wob5gMLl5drWNf0mdGdfZG+R6IGC/GIJloAskSMH7QJLjfp7h1MD/eqk2oDLmCTMuEZWgpVwcCe8Ou8cpB21Ad9RS7UJG7Y/Mq7Zmy5rgIh13cSCQMOQef/CSnVCX21Yp8JwFfo08/3 X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230040)(82310400026)(1800799024)(7416014)(36860700013)(376014);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 09 Oct 2024 09:29:36.6407 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: d6571bf0-b95a-4036-b16d-08dce844e467 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: BL02EPF00021F68.namprd02.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: SA3PR12MB9129 Currently, the SEV guest driver is the only user of SNP guest messaging. All routines for initializing SNP guest messaging are implemented within the SEV guest driver. To add Secure TSC guest support, these initialization routines need to be available during early boot. Carve out common SNP guest messaging buffer allocations and message initialization routines to core/sev.c and export them. These newly added APIs set up the SNP message context (snp_msg_desc), which contains all the necessary details for sending SNP guest messages. At present, the SEV guest platform data structure is used to pass the secrets page physical address to SEV guest driver. Since the secrets page address is locally available to the initialization routine, use the cached address. Remove the unused SEV guest platform data structure. Signed-off-by: Nikunj A Dadhania Reviewed-by: Tom Lendacky --- arch/x86/include/asm/sev.h | 71 ++++++++- arch/x86/coco/sev/core.c | 132 +++++++++++++++- drivers/virt/coco/sev-guest/sev-guest.c | 195 +++--------------------- 3 files changed, 214 insertions(+), 184 deletions(-) diff --git a/arch/x86/include/asm/sev.h b/arch/x86/include/asm/sev.h index 2e49c4a9e7fe..3812692ba3fe 100644 --- a/arch/x86/include/asm/sev.h +++ b/arch/x86/include/asm/sev.h @@ -14,6 +14,7 @@ #include #include #include +#include #define GHCB_PROTOCOL_MIN 1ULL #define GHCB_PROTOCOL_MAX 2ULL @@ -170,10 +171,6 @@ struct snp_guest_msg { u8 payload[PAGE_SIZE - sizeof(struct snp_guest_msg_hdr)]; } __packed; -struct sev_guest_platform_data { - u64 secrets_gpa; -}; - struct snp_guest_req { void *req_buf; size_t req_sz; @@ -253,6 +250,7 @@ struct snp_msg_desc { u32 *os_area_msg_seqno; u8 *vmpck; + int vmpck_id; }; /* @@ -438,6 +436,63 @@ u64 sev_get_status(void); void sev_show_status(void); void snp_update_svsm_ca(void); +static inline void free_shared_pages(void *buf, size_t sz) +{ + unsigned int npages = PAGE_ALIGN(sz) >> PAGE_SHIFT; + int ret; + + if (!buf) + return; + + ret = set_memory_encrypted((unsigned long)buf, npages); + if (ret) { + WARN_ONCE(ret, "failed to restore encryption mask (leak it)\n"); + return; + } + + __free_pages(virt_to_page(buf), get_order(sz)); +} + +static inline void *alloc_shared_pages(size_t sz) +{ + unsigned int npages = PAGE_ALIGN(sz) >> PAGE_SHIFT; + struct page *page; + int ret; + + page = alloc_pages(GFP_KERNEL_ACCOUNT, get_order(sz)); + if (!page) + return NULL; + + ret = set_memory_decrypted((unsigned long)page_address(page), npages); + if (ret) { + pr_err("failed to mark page shared, ret=%d\n", ret); + __free_pages(page, get_order(sz)); + return NULL; + } + + return page_address(page); +} + +static inline bool is_vmpck_empty(struct snp_msg_desc *mdesc) +{ + char zero_key[VMPCK_KEY_LEN] = {0}; + + if (mdesc->vmpck) + return !memcmp(mdesc->vmpck, zero_key, VMPCK_KEY_LEN); + + return true; +} + +int snp_msg_init(struct snp_msg_desc *mdesc, int vmpck_id); +struct snp_msg_desc *snp_msg_alloc(void); + +static inline void snp_msg_cleanup(struct snp_msg_desc *mdesc) +{ + mdesc->vmpck = NULL; + mdesc->os_area_msg_seqno = NULL; + kfree(mdesc->ctx); +} + #else /* !CONFIG_AMD_MEM_ENCRYPT */ #define snp_vmpl 0 @@ -474,6 +529,14 @@ static inline u64 snp_get_unsupported_features(u64 status) { return 0; } static inline u64 sev_get_status(void) { return 0; } static inline void sev_show_status(void) { } static inline void snp_update_svsm_ca(void) { } +static inline void free_shared_pages(void *buf, size_t sz) { } +static inline void *alloc_shared_pages(size_t sz) { return NULL; } +static inline bool is_vmpck_empty(struct snp_msg_desc *mdesc) { return false; } + +static inline int snp_msg_init(struct snp_msg_desc *mdesc, int vmpck_id) { return -1; } +static inline struct snp_msg_desc *snp_msg_alloc(void) { return NULL; } + +static inline void snp_msg_cleanup(struct snp_msg_desc *mdesc) { } #endif /* CONFIG_AMD_MEM_ENCRYPT */ diff --git a/arch/x86/coco/sev/core.c b/arch/x86/coco/sev/core.c index f40a2df38a84..78be066a0452 100644 --- a/arch/x86/coco/sev/core.c +++ b/arch/x86/coco/sev/core.c @@ -25,6 +25,7 @@ #include #include #include +#include #include #include @@ -95,6 +96,8 @@ static u64 sev_hv_features __ro_after_init; /* Secrets page physical address from the CC blob */ static u64 secrets_pa __ro_after_init; +static struct snp_msg_desc *snp_mdesc; + /* #VC handler runtime per-CPU data */ struct sev_es_runtime_data { struct ghcb ghcb_page; @@ -2489,15 +2492,9 @@ static struct platform_device sev_guest_device = { static int __init snp_init_platform_device(void) { - struct sev_guest_platform_data data; - if (!cc_platform_has(CC_ATTR_GUEST_SEV_SNP)) return -ENODEV; - data.secrets_gpa = secrets_pa; - if (platform_device_add_data(&sev_guest_device, &data, sizeof(data))) - return -ENODEV; - if (platform_device_register(&sev_guest_device)) return -ENODEV; @@ -2576,3 +2573,126 @@ static int __init sev_sysfs_init(void) } arch_initcall(sev_sysfs_init); #endif // CONFIG_SYSFS + +static u8 *get_vmpck(int id, struct snp_secrets_page *secrets, u32 **seqno) +{ + u8 *key = NULL; + + switch (id) { + case 0: + *seqno = &secrets->os_area.msg_seqno_0; + key = secrets->vmpck0; + break; + case 1: + *seqno = &secrets->os_area.msg_seqno_1; + key = secrets->vmpck1; + break; + case 2: + *seqno = &secrets->os_area.msg_seqno_2; + key = secrets->vmpck2; + break; + case 3: + *seqno = &secrets->os_area.msg_seqno_3; + key = secrets->vmpck3; + break; + default: + break; + } + + return key; +} + +static struct aesgcm_ctx *snp_init_crypto(u8 *key, size_t keylen) +{ + struct aesgcm_ctx *ctx; + + ctx = kzalloc(sizeof(*ctx), GFP_KERNEL_ACCOUNT); + if (!ctx) + return NULL; + + if (aesgcm_expandkey(ctx, key, keylen, AUTHTAG_LEN)) { + pr_err("Crypto context initialization failed\n"); + kfree(ctx); + return NULL; + } + + return ctx; +} + +int snp_msg_init(struct snp_msg_desc *mdesc, int vmpck_id) +{ + /* Adjust the default VMPCK key based on the executing VMPL level */ + if (vmpck_id == -1) + vmpck_id = snp_vmpl; + + mdesc->vmpck = get_vmpck(vmpck_id, mdesc->secrets, &mdesc->os_area_msg_seqno); + if (!mdesc->vmpck) { + pr_err("Invalid VMPCK%d communication key\n", vmpck_id); + return -EINVAL; + } + + /* Verify that VMPCK is not zero. */ + if (is_vmpck_empty(mdesc)) { + pr_err("Empty VMPCK%d communication key\n", vmpck_id); + return -EINVAL; + } + + mdesc->vmpck_id = vmpck_id; + + mdesc->ctx = snp_init_crypto(mdesc->vmpck, VMPCK_KEY_LEN); + if (!mdesc->ctx) + return -ENOMEM; + + return 0; +} +EXPORT_SYMBOL_GPL(snp_msg_init); + +struct snp_msg_desc *snp_msg_alloc(void) +{ + struct snp_msg_desc *mdesc; + + BUILD_BUG_ON(sizeof(struct snp_guest_msg) > PAGE_SIZE); + + if (snp_mdesc) + return snp_mdesc; + + mdesc = kzalloc(sizeof(struct snp_msg_desc), GFP_KERNEL); + if (!mdesc) + return ERR_PTR(-ENOMEM); + + mdesc->secrets = ioremap_encrypted(secrets_pa, PAGE_SIZE); + if (!mdesc->secrets) + return ERR_PTR(-ENODEV); + + /* Allocate the shared page used for the request and response message. */ + mdesc->request = alloc_shared_pages(sizeof(struct snp_guest_msg)); + if (!mdesc->request) + goto e_unmap; + + mdesc->response = alloc_shared_pages(sizeof(struct snp_guest_msg)); + if (!mdesc->response) + goto e_free_request; + + mdesc->certs_data = alloc_shared_pages(SEV_FW_BLOB_MAX_SIZE); + if (!mdesc->certs_data) + goto e_free_response; + + /* initial the input address for guest request */ + mdesc->input.req_gpa = __pa(mdesc->request); + mdesc->input.resp_gpa = __pa(mdesc->response); + mdesc->input.data_gpa = __pa(mdesc->certs_data); + + snp_mdesc = mdesc; + + return mdesc; + +e_free_response: + free_shared_pages(mdesc->response, sizeof(struct snp_guest_msg)); +e_free_request: + free_shared_pages(mdesc->request, sizeof(struct snp_guest_msg)); +e_unmap: + iounmap(mdesc->secrets); + + return ERR_PTR(-ENOMEM); +} +EXPORT_SYMBOL_GPL(snp_msg_alloc); diff --git a/drivers/virt/coco/sev-guest/sev-guest.c b/drivers/virt/coco/sev-guest/sev-guest.c index fca5c45ed5cd..862fc74452ac 100644 --- a/drivers/virt/coco/sev-guest/sev-guest.c +++ b/drivers/virt/coco/sev-guest/sev-guest.c @@ -63,16 +63,6 @@ MODULE_PARM_DESC(vmpck_id, "The VMPCK ID to use when communicating with the PSP. /* Mutex to serialize the shared buffer access and command handling. */ static DEFINE_MUTEX(snp_cmd_mutex); -static bool is_vmpck_empty(struct snp_msg_desc *mdesc) -{ - char zero_key[VMPCK_KEY_LEN] = {0}; - - if (mdesc->vmpck) - return !memcmp(mdesc->vmpck, zero_key, VMPCK_KEY_LEN); - - return true; -} - /* * If an error is received from the host or AMD Secure Processor (ASP) there * are two options. Either retry the exact same encrypted request or discontinue @@ -93,7 +83,7 @@ static bool is_vmpck_empty(struct snp_msg_desc *mdesc) static void snp_disable_vmpck(struct snp_msg_desc *mdesc) { pr_alert("Disabling VMPCK%d communication key to prevent IV reuse.\n", - vmpck_id); + mdesc->vmpck_id); memzero_explicit(mdesc->vmpck, VMPCK_KEY_LEN); mdesc->vmpck = NULL; } @@ -147,23 +137,6 @@ static inline struct snp_guest_dev *to_snp_dev(struct file *file) return container_of(dev, struct snp_guest_dev, misc); } -static struct aesgcm_ctx *snp_init_crypto(u8 *key, size_t keylen) -{ - struct aesgcm_ctx *ctx; - - ctx = kzalloc(sizeof(*ctx), GFP_KERNEL_ACCOUNT); - if (!ctx) - return NULL; - - if (aesgcm_expandkey(ctx, key, keylen, AUTHTAG_LEN)) { - pr_err("Crypto context initialization failed\n"); - kfree(ctx); - return NULL; - } - - return ctx; -} - static int verify_and_dec_payload(struct snp_msg_desc *mdesc, struct snp_guest_req *req) { struct snp_guest_msg *resp_msg = &mdesc->secret_response; @@ -414,7 +387,7 @@ static int get_report(struct snp_guest_dev *snp_dev, struct snp_guest_request_io req.msg_version = arg->msg_version; req.msg_type = SNP_MSG_REPORT_REQ; - req.vmpck_id = vmpck_id; + req.vmpck_id = mdesc->vmpck_id; req.req_buf = report_req; req.req_sz = sizeof(*report_req); req.resp_buf = report_resp->data; @@ -461,7 +434,7 @@ static int get_derived_key(struct snp_guest_dev *snp_dev, struct snp_guest_reque req.msg_version = arg->msg_version; req.msg_type = SNP_MSG_KEY_REQ; - req.vmpck_id = vmpck_id; + req.vmpck_id = mdesc->vmpck_id; req.req_buf = derived_key_req; req.req_sz = sizeof(*derived_key_req); req.resp_buf = buf; @@ -539,7 +512,7 @@ static int get_ext_report(struct snp_guest_dev *snp_dev, struct snp_guest_reques req.msg_version = arg->msg_version; req.msg_type = SNP_MSG_REPORT_REQ; - req.vmpck_id = vmpck_id; + req.vmpck_id = mdesc->vmpck_id; req.req_buf = &report_req->data; req.req_sz = sizeof(report_req->data); req.resp_buf = report_resp->data; @@ -616,76 +589,11 @@ static long snp_guest_ioctl(struct file *file, unsigned int ioctl, unsigned long return ret; } -static void free_shared_pages(void *buf, size_t sz) -{ - unsigned int npages = PAGE_ALIGN(sz) >> PAGE_SHIFT; - int ret; - - if (!buf) - return; - - ret = set_memory_encrypted((unsigned long)buf, npages); - if (ret) { - WARN_ONCE(ret, "failed to restore encryption mask (leak it)\n"); - return; - } - - __free_pages(virt_to_page(buf), get_order(sz)); -} - -static void *alloc_shared_pages(struct device *dev, size_t sz) -{ - unsigned int npages = PAGE_ALIGN(sz) >> PAGE_SHIFT; - struct page *page; - int ret; - - page = alloc_pages(GFP_KERNEL_ACCOUNT, get_order(sz)); - if (!page) - return NULL; - - ret = set_memory_decrypted((unsigned long)page_address(page), npages); - if (ret) { - dev_err(dev, "failed to mark page shared, ret=%d\n", ret); - __free_pages(page, get_order(sz)); - return NULL; - } - - return page_address(page); -} - static const struct file_operations snp_guest_fops = { .owner = THIS_MODULE, .unlocked_ioctl = snp_guest_ioctl, }; -static u8 *get_vmpck(int id, struct snp_secrets_page *secrets, u32 **seqno) -{ - u8 *key = NULL; - - switch (id) { - case 0: - *seqno = &secrets->os_area.msg_seqno_0; - key = secrets->vmpck0; - break; - case 1: - *seqno = &secrets->os_area.msg_seqno_1; - key = secrets->vmpck1; - break; - case 2: - *seqno = &secrets->os_area.msg_seqno_2; - key = secrets->vmpck2; - break; - case 3: - *seqno = &secrets->os_area.msg_seqno_3; - key = secrets->vmpck3; - break; - default: - break; - } - - return key; -} - struct snp_msg_report_resp_hdr { u32 status; u32 report_size; @@ -979,13 +887,10 @@ static void unregister_sev_tsm(void *data) static int __init sev_guest_probe(struct platform_device *pdev) { - struct sev_guest_platform_data *data; - struct snp_secrets_page *secrets; struct device *dev = &pdev->dev; struct snp_guest_dev *snp_dev; struct snp_msg_desc *mdesc; struct miscdevice *misc; - void __iomem *mapping; int ret; BUILD_BUG_ON(sizeof(struct snp_guest_msg) > PAGE_SIZE); @@ -993,115 +898,57 @@ static int __init sev_guest_probe(struct platform_device *pdev) if (!cc_platform_has(CC_ATTR_GUEST_SEV_SNP)) return -ENODEV; - if (!dev->platform_data) - return -ENODEV; - - data = (struct sev_guest_platform_data *)dev->platform_data; - mapping = ioremap_encrypted(data->secrets_gpa, PAGE_SIZE); - if (!mapping) - return -ENODEV; - - secrets = (__force void *)mapping; - - ret = -ENOMEM; snp_dev = devm_kzalloc(&pdev->dev, sizeof(struct snp_guest_dev), GFP_KERNEL); if (!snp_dev) - goto e_unmap; - - mdesc = devm_kzalloc(&pdev->dev, sizeof(struct snp_msg_desc), GFP_KERNEL); - if (!mdesc) - goto e_unmap; - - /* Adjust the default VMPCK key based on the executing VMPL level */ - if (vmpck_id == -1) - vmpck_id = snp_vmpl; + return -ENOMEM; - ret = -EINVAL; - mdesc->vmpck = get_vmpck(vmpck_id, secrets, &mdesc->os_area_msg_seqno); - if (!mdesc->vmpck) { - dev_err(dev, "Invalid VMPCK%d communication key\n", vmpck_id); - goto e_unmap; - } + mdesc = snp_msg_alloc(); + if (IS_ERR_OR_NULL(mdesc)) + return -ENOMEM; - /* Verify that VMPCK is not zero. */ - if (is_vmpck_empty(mdesc)) { - dev_err(dev, "Empty VMPCK%d communication key\n", vmpck_id); - goto e_unmap; - } + ret = snp_msg_init(mdesc, vmpck_id); + if (ret) + return -EIO; platform_set_drvdata(pdev, snp_dev); snp_dev->dev = dev; - mdesc->secrets = secrets; - - /* Allocate the shared page used for the request and response message. */ - mdesc->request = alloc_shared_pages(dev, sizeof(struct snp_guest_msg)); - if (!mdesc->request) - goto e_unmap; - - mdesc->response = alloc_shared_pages(dev, sizeof(struct snp_guest_msg)); - if (!mdesc->response) - goto e_free_request; - - mdesc->certs_data = alloc_shared_pages(dev, SEV_FW_BLOB_MAX_SIZE); - if (!mdesc->certs_data) - goto e_free_response; - - ret = -EIO; - mdesc->ctx = snp_init_crypto(mdesc->vmpck, VMPCK_KEY_LEN); - if (!mdesc->ctx) - goto e_free_cert_data; misc = &snp_dev->misc; misc->minor = MISC_DYNAMIC_MINOR; misc->name = DEVICE_NAME; misc->fops = &snp_guest_fops; - /* Initialize the input addresses for guest request */ - mdesc->input.req_gpa = __pa(mdesc->request); - mdesc->input.resp_gpa = __pa(mdesc->response); - mdesc->input.data_gpa = __pa(mdesc->certs_data); - /* Set the privlevel_floor attribute based on the vmpck_id */ - sev_tsm_ops.privlevel_floor = vmpck_id; + sev_tsm_ops.privlevel_floor = mdesc->vmpck_id; ret = tsm_register(&sev_tsm_ops, snp_dev); if (ret) - goto e_free_cert_data; + goto e_msg_init; ret = devm_add_action_or_reset(&pdev->dev, unregister_sev_tsm, NULL); if (ret) - goto e_free_cert_data; + goto e_msg_init; ret = misc_register(misc); if (ret) - goto e_free_ctx; + goto e_msg_init; snp_dev->msg_desc = mdesc; - dev_info(dev, "Initialized SEV guest driver (using VMPCK%d communication key)\n", vmpck_id); + dev_info(dev, "Initialized SEV guest driver (using VMPCK%d communication key)\n", + mdesc->vmpck_id); return 0; -e_free_ctx: - kfree(mdesc->ctx); -e_free_cert_data: - free_shared_pages(mdesc->certs_data, SEV_FW_BLOB_MAX_SIZE); -e_free_response: - free_shared_pages(mdesc->response, sizeof(struct snp_guest_msg)); -e_free_request: - free_shared_pages(mdesc->request, sizeof(struct snp_guest_msg)); -e_unmap: - iounmap(mapping); +e_msg_init: + snp_msg_cleanup(mdesc); + return ret; } static void __exit sev_guest_remove(struct platform_device *pdev) { struct snp_guest_dev *snp_dev = platform_get_drvdata(pdev); - struct snp_msg_desc *mdesc = snp_dev->msg_desc; - free_shared_pages(mdesc->certs_data, SEV_FW_BLOB_MAX_SIZE); - free_shared_pages(mdesc->response, sizeof(struct snp_guest_msg)); - free_shared_pages(mdesc->request, sizeof(struct snp_guest_msg)); - kfree(mdesc->ctx); + snp_msg_cleanup(snp_dev->msg_desc); misc_deregister(&snp_dev->misc); } From patchwork Wed Oct 9 09:28:39 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Nikunj A. Dadhania" X-Patchwork-Id: 13827997 Received: from NAM12-BN8-obe.outbound.protection.outlook.com (mail-bn8nam12on2060.outbound.protection.outlook.com [40.107.237.60]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 7C00919046E; Wed, 9 Oct 2024 09:29:44 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=fail smtp.client-ip=40.107.237.60 ARC-Seal: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1728466187; cv=fail; b=fqZGoJ3UO/2/rVvcc2mGY+gwavdTHh/TFvcNRotRUGGu1vHu86acc9Ouf6hZFxPJ4OhneVWEgmqVufM4Tq8XSItTJ8VprGcS+N4dZiinweea4dNp48H3ogtzqmtL8+d1YEzXivoSeGYRQ3SLXiHDdhIvpcHnq10hPr8zv3J9ph4= ARC-Message-Signature: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1728466187; c=relaxed/simple; bh=DzPIzHsIf/4c6Qh5mDhqztP5ywzNTgyjiqIf6hm5I2E=; h=From:To:CC:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=dQZHtqdJpRg8qXScJHN6e2AV5A6MXRqSH31ic+Kf0rsagzVwYJun8SOmr1dRkcGsIAV9Y6Dm/zA9TRB4M8TrjZdwqTVLXKFpNgifbdgvncW658hOvPPWT1g+HkGdJ/67Hp9KnDBNrjJUAfyZqabVPJfqSl0zpi5T0b0+N/B40O0= ARC-Authentication-Results: i=2; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com; spf=fail smtp.mailfrom=amd.com; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b=rQs9REv2; arc=fail smtp.client-ip=40.107.237.60 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com Authentication-Results: smtp.subspace.kernel.org; spf=fail smtp.mailfrom=amd.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b="rQs9REv2" ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=XIlkFSFV1gxSjVnbUUEfi9d1WAafSY5LncqiW5s3q7z7id72QA03MuOvvvl744sFLLvWnAQQIpSMvJdkX8nqnjaxGwKTyuyIeMpM9SNWGzbjNhITf9PyBfj9MnQ2fgX9v2DoBxOv0/NMl3wkcUVTUmgU0mY4L3m1r67Wz/gzpgyzYY+Ww4a99kWNZ/a7ggGlitS2cu06WT8a33FpFfAWNt9UiBdPuZhj0DbI9DQaPYUx7mwHR0onG3ZWBfCJP1B8tG+7FzPUsHpIdt9ZbyAxO1KHT4zSzI3W2atodR0qMGEUHG6QrllQl/sBY1s7LmtBuPjRJSMoOJk/iHuyKuhDtA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=PlFfNbbqRk1GGnomAP22zqZNm+82mSdcDnbKgx4x10M=; b=YckhavMIg9Qn7l49TPx+X20kNWtzWqXou6KuH2Dpy0Rk8CYf565ymYXsGBSe9GWHMM8cFKCdzijR0NR7+6kqPKkKrq6ZE5t+KRaIZf0CS+JPhnunfGcJY8tThy+b5K8vbeV6poiszPOnUYjvFfCgKKdMtTklfKaSW0bSeFFGMewmHi5Jx/tvzutczpKgdzyicL2uIc3ayRDoEkDNuSYqI/jj1H35LU6zdSApgW+ym7kReTSmU4SA3vdqBynThwk6fDNomgS1KTqeKWPod6/M15Y/fNFlM78jKPT4bZzGJgrNs9FmdU9x/y11LBOx1qsh2udj8hUXqWpd+05o3zEWIw== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none (0) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=PlFfNbbqRk1GGnomAP22zqZNm+82mSdcDnbKgx4x10M=; b=rQs9REv2wLWGO7bp0fS5YQvVKEUqlThRqMeP3m6bJLz9TfM2Znoail5DYtm1k8jITDsI2eMUhjQegsy0mRF5B3bpVUR5IKX5vSm7G1y/v7kUWKGTxXVfK/fq4jZ5VUqnHVIOOLZi6bwRoCrF68N3foTL/fzQc3pzU/Glj5hT/7k= Received: from MN0P220CA0021.NAMP220.PROD.OUTLOOK.COM (2603:10b6:208:52e::11) by MN0PR12MB5881.namprd12.prod.outlook.com (2603:10b6:208:379::12) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.8026.23; Wed, 9 Oct 2024 09:29:40 +0000 Received: from BL02EPF00021F68.namprd02.prod.outlook.com (2603:10b6:208:52e:cafe::85) by MN0P220CA0021.outlook.office365.com (2603:10b6:208:52e::11) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.8048.17 via Frontend Transport; Wed, 9 Oct 2024 09:29:40 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by BL02EPF00021F68.mail.protection.outlook.com (10.167.249.4) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.8048.13 via Frontend Transport; Wed, 9 Oct 2024 09:29:40 +0000 Received: from gomati.amd.com (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.39; Wed, 9 Oct 2024 04:29:36 -0500 From: Nikunj A Dadhania To: , , , , CC: , , , , , , Subject: [PATCH v12 08/19] x86/sev: Relocate SNP guest messaging routines to common code Date: Wed, 9 Oct 2024 14:58:39 +0530 Message-ID: <20241009092850.197575-9-nikunj@amd.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20241009092850.197575-1-nikunj@amd.com> References: <20241009092850.197575-1-nikunj@amd.com> Precedence: bulk X-Mailing-List: kvm@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: BL02EPF00021F68:EE_|MN0PR12MB5881:EE_ X-MS-Office365-Filtering-Correlation-Id: c93f2842-6377-436b-83ae-08dce844e6a1 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0;ARA:13230040|1800799024|82310400026|376014|36860700013|7416014; X-Microsoft-Antispam-Message-Info: IjNaGwzOyqaziYnPIy6Pp1hs2cs8ZgGp+bpV4Py0fWuTbxQQ9Rfp4jEoIVfBNMPjgCZV87pgmlyJMz87D5kmgX37F4NEBgswXIX+uYpadBYgjfj82avWKL5Jtyn0rqqW2KnUqkArNhsWfeqwaC/QzhkPUdTq9TYVaJhCY/34YphSVYv+dztim1SsKPK7kQYAsFRB+p8IjjQvfSO/XgVYcLiW+NjGX+ipIo6QRKJoJ8js0GKkefoLQ/H4KxMzJrrc7x4LGQj7C/nygQ64NRyHKDjffiqDtSzqYu5enmjnj3VfigfUAviaVg3MrmqyQuGd89pJVZZWFRTaZB0xBCRokglyr07DIBZYogVwUySF0IhgH1+WEqbSMkKZHuOu9b/TIJn+BWMfyi0veBtFUmOwIrX6794KZc0ts/Sweit54NqOdhD5FOXPEFEuAYtlN8AqMF3oWK76U2x4qwNZr4NdmfsHMXnsn1AnfjfzV2z14yqpy1xv8Dsvt/CDJXmGmMT6/UghSBEf/ijQjgooAZRRZD8x/iXDcE9iVxfn6h4u/8TrP2KKxFA9iQwr2GcjytfqDEiEtB3vpFHvcQDJIRTxRtWMrOdDDmUWLQ8PXp5pLC6C1/IlUW3zfMMGAx2dPwSFdCztXEgkXE/xPqQV3b0ihqaIuB0qjIPS2ZLBRvviXvjkmzn5QSz+S8ACoQH+Nk3vERTCXc1Zsd5gI50gr0Zx0xRrCnfOiawfOHxlALURbUgFQuO7yUH81XyXKDDAXwpRYL0tXFgta5NTaLFaugEK28v4oRZZDLqUYbDBZo/kxEdzDCZRfWvvUGWuTqeaADm1EbM7IFIeyA2DAglhvRQFo/YLwPHUmz957plRgXDJGF9x7ESUcBIGAGrHOnj0fKUNIYvFVguMV1Kz3V3rwIPHZ4EU9EL0pCuwtZ44txHCJOZnWGQfQNmUDQ4Sr1FJpivD2RCm7+03GD/6cQrJD+j3S/hksmdpTWctrXjJBloG4ngJ7ViXoNUzy5I7tRmJvheXci6nO15oopfuXhtFsvkapddesG8JuLfMF15eJtdOLVL5KbIooj8ASFQDV614A0o7FNvgFI5fTB9B6ivqxRJ3IpeN9IDoHTmySfGc9qya2t85NLPtlSWzFnj/nPBy4yXzfpdVDiaxdFiVKHVkkjYETRlLsLwwlHIh5W9zDo3Nlon5ARLGo7YZQ82APhZEtSkjq5ZZ8ylmCTbkWHpdVBiw+r5iUaqMRwT5332R9vUNXNGj810rL7mCx+1k1tJ6upC3axBUHNV0UzXL99CcChNzd97UZr0KF20L3qXOfu1QwtUE6Tm+rEjRyy8KP8k5omaR4ysRNHZ85Y81BJlodkGXuSziTzkvuECcz0s5EccUF83E2I6cL1Na7LaZ9zZS14hO X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230040)(1800799024)(82310400026)(376014)(36860700013)(7416014);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 09 Oct 2024 09:29:40.3907 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: c93f2842-6377-436b-83ae-08dce844e6a1 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: BL02EPF00021F68.namprd02.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: MN0PR12MB5881 At present, the SEV guest driver exclusively handles SNP guest messaging. All routines for sending guest messages are embedded within the guest driver. To support Secure TSC, SEV-SNP guests must communicate with the AMD Security Processor during early boot. However, these guest messaging functions are not accessible during early boot since they are currently part of the guest driver. Hence, relocate the core SNP guest messaging functions to SEV common code and provide an API for sending SNP guest messages. No functional change, but just an export symbol added for sev_send_geust_message() and dropped the export symbol on snp_issue_guest_request() and made it static. Signed-off-by: Nikunj A Dadhania Reviewed-by: Tom Lendacky --- arch/x86/include/asm/sev.h | 15 +- arch/x86/coco/sev/core.c | 295 +++++++++++++++++++++++- drivers/virt/coco/sev-guest/sev-guest.c | 292 ----------------------- arch/x86/Kconfig | 1 + drivers/virt/coco/sev-guest/Kconfig | 1 - 5 files changed, 301 insertions(+), 303 deletions(-) diff --git a/arch/x86/include/asm/sev.h b/arch/x86/include/asm/sev.h index 3812692ba3fe..d6ad5f6b1ff3 100644 --- a/arch/x86/include/asm/sev.h +++ b/arch/x86/include/asm/sev.h @@ -125,6 +125,9 @@ struct snp_req_data { #define AAD_LEN 48 #define MSG_HDR_VER 1 +#define SNP_REQ_MAX_RETRY_DURATION (60*HZ) +#define SNP_REQ_RETRY_DELAY (2*HZ) + /* See SNP spec SNP_GUEST_REQUEST section for the structure */ enum msg_type { SNP_MSG_TYPE_INVALID = 0, @@ -427,8 +430,6 @@ void snp_set_wakeup_secondary_cpu(void); bool snp_init(struct boot_params *bp); void __noreturn snp_abort(void); void snp_dmi_setup(void); -int snp_issue_guest_request(struct snp_guest_req *req, struct snp_req_data *input, - struct snp_guest_request_ioctl *rio); int snp_issue_svsm_attest_req(u64 call_id, struct svsm_call *call, struct svsm_attest_call *input); void snp_accept_memory(phys_addr_t start, phys_addr_t end); u64 snp_get_unsupported_features(u64 status); @@ -493,6 +494,9 @@ static inline void snp_msg_cleanup(struct snp_msg_desc *mdesc) kfree(mdesc->ctx); } +int snp_send_guest_request(struct snp_msg_desc *mdesc, struct snp_guest_req *req, + struct snp_guest_request_ioctl *rio); + #else /* !CONFIG_AMD_MEM_ENCRYPT */ #define snp_vmpl 0 @@ -515,11 +519,6 @@ static inline void snp_set_wakeup_secondary_cpu(void) { } static inline bool snp_init(struct boot_params *bp) { return false; } static inline void snp_abort(void) { } static inline void snp_dmi_setup(void) { } -static inline int snp_issue_guest_request(struct snp_guest_req *req, struct snp_req_data *input, - struct snp_guest_request_ioctl *rio) -{ - return -ENOTTY; -} static inline int snp_issue_svsm_attest_req(u64 call_id, struct svsm_call *call, struct svsm_attest_call *input) { return -ENOTTY; @@ -537,6 +536,8 @@ static inline int snp_msg_init(struct snp_msg_desc *mdesc, int vmpck_id) { retur static inline struct snp_msg_desc *snp_msg_alloc(void) { return NULL; } static inline void snp_msg_cleanup(struct snp_msg_desc *mdesc) { } +static inline int snp_send_guest_request(struct snp_msg_desc *mdesc, struct snp_guest_req *req, + struct snp_guest_request_ioctl *rio) { return -ENODEV; } #endif /* CONFIG_AMD_MEM_ENCRYPT */ diff --git a/arch/x86/coco/sev/core.c b/arch/x86/coco/sev/core.c index 78be066a0452..e5e78b04f56c 100644 --- a/arch/x86/coco/sev/core.c +++ b/arch/x86/coco/sev/core.c @@ -2420,8 +2420,8 @@ int snp_issue_svsm_attest_req(u64 call_id, struct svsm_call *call, } EXPORT_SYMBOL_GPL(snp_issue_svsm_attest_req); -int snp_issue_guest_request(struct snp_guest_req *req, struct snp_req_data *input, - struct snp_guest_request_ioctl *rio) +static int snp_issue_guest_request(struct snp_guest_req *req, struct snp_req_data *input, + struct snp_guest_request_ioctl *rio) { struct ghcb_state state; struct es_em_ctxt ctxt; @@ -2483,7 +2483,6 @@ int snp_issue_guest_request(struct snp_guest_req *req, struct snp_req_data *inpu return ret; } -EXPORT_SYMBOL_GPL(snp_issue_guest_request); static struct platform_device sev_guest_device = { .name = "sev-guest", @@ -2696,3 +2695,293 @@ struct snp_msg_desc *snp_msg_alloc(void) return ERR_PTR(-ENOMEM); } EXPORT_SYMBOL_GPL(snp_msg_alloc); + +/* Mutex to serialize the shared buffer access and command handling. */ +static DEFINE_MUTEX(snp_cmd_mutex); + +/* + * If an error is received from the host or AMD Secure Processor (ASP) there + * are two options. Either retry the exact same encrypted request or discontinue + * using the VMPCK. + * + * This is because in the current encryption scheme GHCB v2 uses AES-GCM to + * encrypt the requests. The IV for this scheme is the sequence number. GCM + * cannot tolerate IV reuse. + * + * The ASP FW v1.51 only increments the sequence numbers on a successful + * guest<->ASP back and forth and only accepts messages at its exact sequence + * number. + * + * So if the sequence number were to be reused the encryption scheme is + * vulnerable. If the sequence number were incremented for a fresh IV the ASP + * will reject the request. + */ +static void snp_disable_vmpck(struct snp_msg_desc *mdesc) +{ + pr_alert("Disabling VMPCK%d communication key to prevent IV reuse.\n", + mdesc->vmpck_id); + memzero_explicit(mdesc->vmpck, VMPCK_KEY_LEN); + mdesc->vmpck = NULL; +} + +static inline u64 __snp_get_msg_seqno(struct snp_msg_desc *mdesc) +{ + u64 count; + + lockdep_assert_held(&snp_cmd_mutex); + + /* Read the current message sequence counter from secrets pages */ + count = *mdesc->os_area_msg_seqno; + + return count + 1; +} + +/* Return a non-zero on success */ +static u64 snp_get_msg_seqno(struct snp_msg_desc *mdesc) +{ + u64 count = __snp_get_msg_seqno(mdesc); + + /* + * The message sequence counter for the SNP guest request is a 64-bit + * value but the version 2 of GHCB specification defines a 32-bit storage + * for it. If the counter exceeds the 32-bit value then return zero. + * The caller should check the return value, but if the caller happens to + * not check the value and use it, then the firmware treats zero as an + * invalid number and will fail the message request. + */ + if (count >= UINT_MAX) { + pr_err("request message sequence counter overflow\n"); + return 0; + } + + return count; +} + +static void snp_inc_msg_seqno(struct snp_msg_desc *mdesc) +{ + /* + * The counter is also incremented by the PSP, so increment it by 2 + * and save in secrets page. + */ + *mdesc->os_area_msg_seqno += 2; +} + +static int verify_and_dec_payload(struct snp_msg_desc *mdesc, struct snp_guest_req *req) +{ + struct snp_guest_msg *resp_msg = &mdesc->secret_response; + struct snp_guest_msg *req_msg = &mdesc->secret_request; + struct snp_guest_msg_hdr *req_msg_hdr = &req_msg->hdr; + struct snp_guest_msg_hdr *resp_msg_hdr = &resp_msg->hdr; + struct aesgcm_ctx *ctx = mdesc->ctx; + u8 iv[GCM_AES_IV_SIZE] = {}; + + pr_debug("response [seqno %lld type %d version %d sz %d]\n", + resp_msg_hdr->msg_seqno, resp_msg_hdr->msg_type, resp_msg_hdr->msg_version, + resp_msg_hdr->msg_sz); + + /* Copy response from shared memory to encrypted memory. */ + memcpy(resp_msg, mdesc->response, sizeof(*resp_msg)); + + /* Verify that the sequence counter is incremented by 1 */ + if (unlikely(resp_msg_hdr->msg_seqno != (req_msg_hdr->msg_seqno + 1))) + return -EBADMSG; + + /* Verify response message type and version number. */ + if (resp_msg_hdr->msg_type != (req_msg_hdr->msg_type + 1) || + resp_msg_hdr->msg_version != req_msg_hdr->msg_version) + return -EBADMSG; + + /* + * If the message size is greater than our buffer length then return + * an error. + */ + if (unlikely((resp_msg_hdr->msg_sz + ctx->authsize) > req->resp_sz)) + return -EBADMSG; + + /* Decrypt the payload */ + memcpy(iv, &resp_msg_hdr->msg_seqno, min(sizeof(iv), sizeof(resp_msg_hdr->msg_seqno))); + if (!aesgcm_decrypt(ctx, req->resp_buf, resp_msg->payload, resp_msg_hdr->msg_sz, + &resp_msg_hdr->algo, AAD_LEN, iv, resp_msg_hdr->authtag)) + return -EBADMSG; + + return 0; +} + +static int enc_payload(struct snp_msg_desc *mdesc, u64 seqno, struct snp_guest_req *req) +{ + struct snp_guest_msg *msg = &mdesc->secret_request; + struct snp_guest_msg_hdr *hdr = &msg->hdr; + struct aesgcm_ctx *ctx = mdesc->ctx; + u8 iv[GCM_AES_IV_SIZE] = {}; + + memset(msg, 0, sizeof(*msg)); + + hdr->algo = SNP_AEAD_AES_256_GCM; + hdr->hdr_version = MSG_HDR_VER; + hdr->hdr_sz = sizeof(*hdr); + hdr->msg_type = req->msg_type; + hdr->msg_version = req->msg_version; + hdr->msg_seqno = seqno; + hdr->msg_vmpck = req->vmpck_id; + hdr->msg_sz = req->req_sz; + + /* Verify the sequence number is non-zero */ + if (!hdr->msg_seqno) + return -ENOSR; + + pr_debug("request [seqno %lld type %d version %d sz %d]\n", + hdr->msg_seqno, hdr->msg_type, hdr->msg_version, hdr->msg_sz); + + if (WARN_ON((req->req_sz + ctx->authsize) > sizeof(msg->payload))) + return -EBADMSG; + + memcpy(iv, &hdr->msg_seqno, min(sizeof(iv), sizeof(hdr->msg_seqno))); + aesgcm_encrypt(ctx, msg->payload, req->req_buf, req->req_sz, &hdr->algo, + AAD_LEN, iv, hdr->authtag); + + return 0; +} + +static int __handle_guest_request(struct snp_msg_desc *mdesc, struct snp_guest_req *req, + struct snp_guest_request_ioctl *rio) +{ + unsigned long req_start = jiffies; + unsigned int override_npages = 0; + u64 override_err = 0; + int rc; + +retry_request: + /* + * Call firmware to process the request. In this function the encrypted + * message enters shared memory with the host. So after this call the + * sequence number must be incremented or the VMPCK must be deleted to + * prevent reuse of the IV. + */ + rc = snp_issue_guest_request(req, &mdesc->input, rio); + switch (rc) { + case -ENOSPC: + /* + * If the extended guest request fails due to having too + * small of a certificate data buffer, retry the same + * guest request without the extended data request in + * order to increment the sequence number and thus avoid + * IV reuse. + */ + override_npages = mdesc->input.data_npages; + req->exit_code = SVM_VMGEXIT_GUEST_REQUEST; + + /* + * Override the error to inform callers the given extended + * request buffer size was too small and give the caller the + * required buffer size. + */ + override_err = SNP_GUEST_VMM_ERR(SNP_GUEST_VMM_ERR_INVALID_LEN); + + /* + * If this call to the firmware succeeds, the sequence number can + * be incremented allowing for continued use of the VMPCK. If + * there is an error reflected in the return value, this value + * is checked further down and the result will be the deletion + * of the VMPCK and the error code being propagated back to the + * user as an ioctl() return code. + */ + goto retry_request; + + /* + * The host may return SNP_GUEST_VMM_ERR_BUSY if the request has been + * throttled. Retry in the driver to avoid returning and reusing the + * message sequence number on a different message. + */ + case -EAGAIN: + if (jiffies - req_start > SNP_REQ_MAX_RETRY_DURATION) { + rc = -ETIMEDOUT; + break; + } + schedule_timeout_killable(SNP_REQ_RETRY_DELAY); + goto retry_request; + } + + /* + * Increment the message sequence number. There is no harm in doing + * this now because decryption uses the value stored in the response + * structure and any failure will wipe the VMPCK, preventing further + * use anyway. + */ + snp_inc_msg_seqno(mdesc); + + if (override_err) { + rio->exitinfo2 = override_err; + + /* + * If an extended guest request was issued and the supplied certificate + * buffer was not large enough, a standard guest request was issued to + * prevent IV reuse. If the standard request was successful, return -EIO + * back to the caller as would have originally been returned. + */ + if (!rc && override_err == SNP_GUEST_VMM_ERR(SNP_GUEST_VMM_ERR_INVALID_LEN)) + rc = -EIO; + } + + if (override_npages) + mdesc->input.data_npages = override_npages; + + return rc; +} + +int snp_send_guest_request(struct snp_msg_desc *mdesc, struct snp_guest_req *req, + struct snp_guest_request_ioctl *rio) +{ + u64 seqno; + int rc; + + guard(mutex)(&snp_cmd_mutex); + + /* Check if the VMPCK is not empty */ + if (is_vmpck_empty(mdesc)) { + pr_err_ratelimited("VMPCK is disabled\n"); + return -ENOTTY; + } + + /* Get message sequence and verify that its a non-zero */ + seqno = snp_get_msg_seqno(mdesc); + if (!seqno) + return -EIO; + + /* Clear shared memory's response for the host to populate. */ + memset(mdesc->response, 0, sizeof(struct snp_guest_msg)); + + /* Encrypt the userspace provided payload in mdesc->secret_request. */ + rc = enc_payload(mdesc, seqno, req); + if (rc) + return rc; + + /* + * Write the fully encrypted request to the shared unencrypted + * request page. + */ + memcpy(mdesc->request, &mdesc->secret_request, + sizeof(mdesc->secret_request)); + + rc = __handle_guest_request(mdesc, req, rio); + if (rc) { + if (rc == -EIO && + rio->exitinfo2 == SNP_GUEST_VMM_ERR(SNP_GUEST_VMM_ERR_INVALID_LEN)) + return rc; + + pr_alert("Detected error from ASP request. rc: %d, exitinfo2: 0x%llx\n", + rc, rio->exitinfo2); + + snp_disable_vmpck(mdesc); + return rc; + } + + rc = verify_and_dec_payload(mdesc, req); + if (rc) { + pr_alert("Detected unexpected decode failure from ASP. rc: %d\n", rc); + snp_disable_vmpck(mdesc); + return rc; + } + + return 0; +} +EXPORT_SYMBOL_GPL(snp_send_guest_request); diff --git a/drivers/virt/coco/sev-guest/sev-guest.c b/drivers/virt/coco/sev-guest/sev-guest.c index 862fc74452ac..d64efc489686 100644 --- a/drivers/virt/coco/sev-guest/sev-guest.c +++ b/drivers/virt/coco/sev-guest/sev-guest.c @@ -31,9 +31,6 @@ #define DEVICE_NAME "sev-guest" -#define SNP_REQ_MAX_RETRY_DURATION (60*HZ) -#define SNP_REQ_RETRY_DELAY (2*HZ) - #define SVSM_MAX_RETRIES 3 struct snp_guest_dev { @@ -60,76 +57,6 @@ static int vmpck_id = -1; module_param(vmpck_id, int, 0444); MODULE_PARM_DESC(vmpck_id, "The VMPCK ID to use when communicating with the PSP."); -/* Mutex to serialize the shared buffer access and command handling. */ -static DEFINE_MUTEX(snp_cmd_mutex); - -/* - * If an error is received from the host or AMD Secure Processor (ASP) there - * are two options. Either retry the exact same encrypted request or discontinue - * using the VMPCK. - * - * This is because in the current encryption scheme GHCB v2 uses AES-GCM to - * encrypt the requests. The IV for this scheme is the sequence number. GCM - * cannot tolerate IV reuse. - * - * The ASP FW v1.51 only increments the sequence numbers on a successful - * guest<->ASP back and forth and only accepts messages at its exact sequence - * number. - * - * So if the sequence number were to be reused the encryption scheme is - * vulnerable. If the sequence number were incremented for a fresh IV the ASP - * will reject the request. - */ -static void snp_disable_vmpck(struct snp_msg_desc *mdesc) -{ - pr_alert("Disabling VMPCK%d communication key to prevent IV reuse.\n", - mdesc->vmpck_id); - memzero_explicit(mdesc->vmpck, VMPCK_KEY_LEN); - mdesc->vmpck = NULL; -} - -static inline u64 __snp_get_msg_seqno(struct snp_msg_desc *mdesc) -{ - u64 count; - - lockdep_assert_held(&snp_cmd_mutex); - - /* Read the current message sequence counter from secrets pages */ - count = *mdesc->os_area_msg_seqno; - - return count + 1; -} - -/* Return a non-zero on success */ -static u64 snp_get_msg_seqno(struct snp_msg_desc *mdesc) -{ - u64 count = __snp_get_msg_seqno(mdesc); - - /* - * The message sequence counter for the SNP guest request is a 64-bit - * value but the version 2 of GHCB specification defines a 32-bit storage - * for it. If the counter exceeds the 32-bit value then return zero. - * The caller should check the return value, but if the caller happens to - * not check the value and use it, then the firmware treats zero as an - * invalid number and will fail the message request. - */ - if (count >= UINT_MAX) { - pr_err("request message sequence counter overflow\n"); - return 0; - } - - return count; -} - -static void snp_inc_msg_seqno(struct snp_msg_desc *mdesc) -{ - /* - * The counter is also incremented by the PSP, so increment it by 2 - * and save in secrets page. - */ - *mdesc->os_area_msg_seqno += 2; -} - static inline struct snp_guest_dev *to_snp_dev(struct file *file) { struct miscdevice *dev = file->private_data; @@ -137,225 +64,6 @@ static inline struct snp_guest_dev *to_snp_dev(struct file *file) return container_of(dev, struct snp_guest_dev, misc); } -static int verify_and_dec_payload(struct snp_msg_desc *mdesc, struct snp_guest_req *req) -{ - struct snp_guest_msg *resp_msg = &mdesc->secret_response; - struct snp_guest_msg *req_msg = &mdesc->secret_request; - struct snp_guest_msg_hdr *req_msg_hdr = &req_msg->hdr; - struct snp_guest_msg_hdr *resp_msg_hdr = &resp_msg->hdr; - struct aesgcm_ctx *ctx = mdesc->ctx; - u8 iv[GCM_AES_IV_SIZE] = {}; - - pr_debug("response [seqno %lld type %d version %d sz %d]\n", - resp_msg_hdr->msg_seqno, resp_msg_hdr->msg_type, resp_msg_hdr->msg_version, - resp_msg_hdr->msg_sz); - - /* Copy response from shared memory to encrypted memory. */ - memcpy(resp_msg, mdesc->response, sizeof(*resp_msg)); - - /* Verify that the sequence counter is incremented by 1 */ - if (unlikely(resp_msg_hdr->msg_seqno != (req_msg_hdr->msg_seqno + 1))) - return -EBADMSG; - - /* Verify response message type and version number. */ - if (resp_msg_hdr->msg_type != (req_msg_hdr->msg_type + 1) || - resp_msg_hdr->msg_version != req_msg_hdr->msg_version) - return -EBADMSG; - - /* - * If the message size is greater than our buffer length then return - * an error. - */ - if (unlikely((resp_msg_hdr->msg_sz + ctx->authsize) > req->resp_sz)) - return -EBADMSG; - - /* Decrypt the payload */ - memcpy(iv, &resp_msg_hdr->msg_seqno, min(sizeof(iv), sizeof(resp_msg_hdr->msg_seqno))); - if (!aesgcm_decrypt(ctx, req->resp_buf, resp_msg->payload, resp_msg_hdr->msg_sz, - &resp_msg_hdr->algo, AAD_LEN, iv, resp_msg_hdr->authtag)) - return -EBADMSG; - - return 0; -} - -static int enc_payload(struct snp_msg_desc *mdesc, u64 seqno, struct snp_guest_req *req) -{ - struct snp_guest_msg *msg = &mdesc->secret_request; - struct snp_guest_msg_hdr *hdr = &msg->hdr; - struct aesgcm_ctx *ctx = mdesc->ctx; - u8 iv[GCM_AES_IV_SIZE] = {}; - - memset(msg, 0, sizeof(*msg)); - - hdr->algo = SNP_AEAD_AES_256_GCM; - hdr->hdr_version = MSG_HDR_VER; - hdr->hdr_sz = sizeof(*hdr); - hdr->msg_type = req->msg_type; - hdr->msg_version = req->msg_version; - hdr->msg_seqno = seqno; - hdr->msg_vmpck = req->vmpck_id; - hdr->msg_sz = req->req_sz; - - /* Verify the sequence number is non-zero */ - if (!hdr->msg_seqno) - return -ENOSR; - - pr_debug("request [seqno %lld type %d version %d sz %d]\n", - hdr->msg_seqno, hdr->msg_type, hdr->msg_version, hdr->msg_sz); - - if (WARN_ON((req->req_sz + ctx->authsize) > sizeof(msg->payload))) - return -EBADMSG; - - memcpy(iv, &hdr->msg_seqno, min(sizeof(iv), sizeof(hdr->msg_seqno))); - aesgcm_encrypt(ctx, msg->payload, req->req_buf, req->req_sz, &hdr->algo, - AAD_LEN, iv, hdr->authtag); - - return 0; -} - -static int __handle_guest_request(struct snp_msg_desc *mdesc, struct snp_guest_req *req, - struct snp_guest_request_ioctl *rio) -{ - unsigned long req_start = jiffies; - unsigned int override_npages = 0; - u64 override_err = 0; - int rc; - -retry_request: - /* - * Call firmware to process the request. In this function the encrypted - * message enters shared memory with the host. So after this call the - * sequence number must be incremented or the VMPCK must be deleted to - * prevent reuse of the IV. - */ - rc = snp_issue_guest_request(req, &mdesc->input, rio); - switch (rc) { - case -ENOSPC: - /* - * If the extended guest request fails due to having too - * small of a certificate data buffer, retry the same - * guest request without the extended data request in - * order to increment the sequence number and thus avoid - * IV reuse. - */ - override_npages = mdesc->input.data_npages; - req->exit_code = SVM_VMGEXIT_GUEST_REQUEST; - - /* - * Override the error to inform callers the given extended - * request buffer size was too small and give the caller the - * required buffer size. - */ - override_err = SNP_GUEST_VMM_ERR(SNP_GUEST_VMM_ERR_INVALID_LEN); - - /* - * If this call to the firmware succeeds, the sequence number can - * be incremented allowing for continued use of the VMPCK. If - * there is an error reflected in the return value, this value - * is checked further down and the result will be the deletion - * of the VMPCK and the error code being propagated back to the - * user as an ioctl() return code. - */ - goto retry_request; - - /* - * The host may return SNP_GUEST_VMM_ERR_BUSY if the request has been - * throttled. Retry in the driver to avoid returning and reusing the - * message sequence number on a different message. - */ - case -EAGAIN: - if (jiffies - req_start > SNP_REQ_MAX_RETRY_DURATION) { - rc = -ETIMEDOUT; - break; - } - schedule_timeout_killable(SNP_REQ_RETRY_DELAY); - goto retry_request; - } - - /* - * Increment the message sequence number. There is no harm in doing - * this now because decryption uses the value stored in the response - * structure and any failure will wipe the VMPCK, preventing further - * use anyway. - */ - snp_inc_msg_seqno(mdesc); - - if (override_err) { - rio->exitinfo2 = override_err; - - /* - * If an extended guest request was issued and the supplied certificate - * buffer was not large enough, a standard guest request was issued to - * prevent IV reuse. If the standard request was successful, return -EIO - * back to the caller as would have originally been returned. - */ - if (!rc && override_err == SNP_GUEST_VMM_ERR(SNP_GUEST_VMM_ERR_INVALID_LEN)) - rc = -EIO; - } - - if (override_npages) - mdesc->input.data_npages = override_npages; - - return rc; -} - -static int snp_send_guest_request(struct snp_msg_desc *mdesc, struct snp_guest_req *req, - struct snp_guest_request_ioctl *rio) -{ - u64 seqno; - int rc; - - guard(mutex)(&snp_cmd_mutex); - - /* Check if the VMPCK is not empty */ - if (is_vmpck_empty(mdesc)) { - pr_err_ratelimited("VMPCK is disabled\n"); - return -ENOTTY; - } - - /* Get message sequence and verify that its a non-zero */ - seqno = snp_get_msg_seqno(mdesc); - if (!seqno) - return -EIO; - - /* Clear shared memory's response for the host to populate. */ - memset(mdesc->response, 0, sizeof(struct snp_guest_msg)); - - /* Encrypt the userspace provided payload in mdesc->secret_request. */ - rc = enc_payload(mdesc, seqno, req); - if (rc) - return rc; - - /* - * Write the fully encrypted request to the shared unencrypted - * request page. - */ - memcpy(mdesc->request, &mdesc->secret_request, - sizeof(mdesc->secret_request)); - - rc = __handle_guest_request(mdesc, req, rio); - if (rc) { - if (rc == -EIO && - rio->exitinfo2 == SNP_GUEST_VMM_ERR(SNP_GUEST_VMM_ERR_INVALID_LEN)) - return rc; - - pr_alert("Detected error from ASP request. rc: %d, exitinfo2: 0x%llx\n", - rc, rio->exitinfo2); - - snp_disable_vmpck(mdesc); - return rc; - } - - rc = verify_and_dec_payload(mdesc, req); - if (rc) { - pr_alert("Detected unexpected decode failure from ASP. rc: %d\n", rc); - snp_disable_vmpck(mdesc); - return rc; - } - - return 0; -} - struct snp_req_resp { sockptr_t req_data; sockptr_t resp_data; diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig index 2852fcd82cbd..6426b6d469a4 100644 --- a/arch/x86/Kconfig +++ b/arch/x86/Kconfig @@ -1556,6 +1556,7 @@ config AMD_MEM_ENCRYPT select ARCH_HAS_CC_PLATFORM select X86_MEM_ENCRYPT select UNACCEPTED_MEMORY + select CRYPTO_LIB_AESGCM help Say yes to enable support for the encryption of system memory. This requires an AMD processor that supports Secure Memory diff --git a/drivers/virt/coco/sev-guest/Kconfig b/drivers/virt/coco/sev-guest/Kconfig index 0b772bd921d8..a6405ab6c2c3 100644 --- a/drivers/virt/coco/sev-guest/Kconfig +++ b/drivers/virt/coco/sev-guest/Kconfig @@ -2,7 +2,6 @@ config SEV_GUEST tristate "AMD SEV Guest driver" default m depends on AMD_MEM_ENCRYPT - select CRYPTO_LIB_AESGCM select TSM_REPORTS help SEV-SNP firmware provides the guest a mechanism to communicate with From patchwork Wed Oct 9 09:28:40 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Nikunj A. Dadhania" X-Patchwork-Id: 13827998 Received: from NAM11-BN8-obe.outbound.protection.outlook.com (mail-bn8nam11on2042.outbound.protection.outlook.com [40.107.236.42]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 5EABE1917FA; Wed, 9 Oct 2024 09:29:50 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=fail smtp.client-ip=40.107.236.42 ARC-Seal: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1728466193; cv=fail; b=Qdje14GWU1lPq0PHUMK3wS5b1ZWd+D/JHLI/LsnQA/KJ8MF4rb5wWNfg7cf4cjF/3ylVi6YLjKOsQfIZE1Q4QUc5f2gJ/iUjM0TVDaY6BaQ5k7kOLI0JKvnwZFbKaIVIqYcn91BW4g+QyZIug9OsHfp27b23Rk6J4LQ2yn+M+rM= ARC-Message-Signature: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1728466193; c=relaxed/simple; bh=hD83E1aehsp11VqCvM0vzqfuin9p9sY2/4eGUpOGtrQ=; h=From:To:CC:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=U5Lf4ZEhg6hnnNWEo2043pIHUJQsBTyiZEi1ZU1GfdwdN+hx4M0CvdWYKRBCh65DBXnAcueY0iPPRb0Gru5zpLQyJijNT8X2R3GPmy3BFMJPAlpcyvJcqp4CzqZD+c7BwBBt/c2Iw3Tt0dSiTAcfxlhUj0bXjVy0kg6S0WGegKE= ARC-Authentication-Results: i=2; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com; spf=fail smtp.mailfrom=amd.com; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b=q5GYggx6; arc=fail smtp.client-ip=40.107.236.42 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com Authentication-Results: smtp.subspace.kernel.org; spf=fail smtp.mailfrom=amd.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b="q5GYggx6" ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=s2FhXFimGllt0B/UlTW8EStNgs5leTN7Ilm/WhmFAQtyLZRS2G8LNYIU4RNU1qpOsaky7qnUw3zrbk0MnQoQ7dSeU86cDxICJO3NwWXwBQLlIzaWj2G/d1Uw++IC/ilgVrkgu2t/vEYhhPkZq0V44se/utbtJKIpZkY2i8akPhn5+lL4OTOgLJigoD/e+8M3LlpTNKzZQtHAKce9OwinxX2JXySPS3RYWJo3aCVCFdFqsJ/6Oeu6WNlU2EtE3J9zJX5O+b2zDKUwYcn6CueKT28ruTaMJn4Rzxc0OKdxakVGX4yLXS3jZk1ZnHKuOucqvJC8Dh3rVjxgrfsQS5JF3g== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=5A3zp5wIJcnN7HLBQZG98u/tCcRpuyAUHM79cVOraSY=; b=k1XU04nAVgaLApwBBTod7pQs+bNWZY9K7btrMjyQyaZ39dbRD2brz5/jAcbXI6MgFxGsRAN6ajGVlNa3P0bUM3yvzp+gVC0EMUr3r5vtF3hOq5HQPPFz5QQxn6866QAn09z2aISc+ZpDoRfJlDwfDKVqd6a4AC9Q5LJLa1QpxaLLRZeFrpiUXGncuMyDNu/NuKlziGpn7HeGwqOADBuzUq9bNPjAuPCkmMlobL7gnBb0Qa7D0jAbvL1XKLAPixrf5InIWOTxuLcm3lFpfpDIUVJfI84dkD44CmyGxJODVZs7jcAjGT4a9OYS5vsOveBJYKFwaiMldB4+7waAibUOCw== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none (0) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=5A3zp5wIJcnN7HLBQZG98u/tCcRpuyAUHM79cVOraSY=; b=q5GYggx6cSMSS5blMmksDlB3yrkRiSMwFDsrvWG7f9l/Ef7lyhPK43omJnHwoygbN7jPkOFCvqtSsn6rFApCmUoTl0oveOJknsMsB2E1ii9ZoDN05J3sEArE1NUIV4WC2ZB3+7/2soQYKT7vV2WgfEXvjUIvpBwRNK6LqfGWUv4= Received: from MN2PR17CA0020.namprd17.prod.outlook.com (2603:10b6:208:15e::33) by DM4PR12MB7648.namprd12.prod.outlook.com (2603:10b6:8:104::15) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.8026.23; Wed, 9 Oct 2024 09:29:44 +0000 Received: from BL02EPF00021F69.namprd02.prod.outlook.com (2603:10b6:208:15e:cafe::af) by MN2PR17CA0020.outlook.office365.com (2603:10b6:208:15e::33) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.8048.17 via Frontend Transport; Wed, 9 Oct 2024 09:29:44 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by BL02EPF00021F69.mail.protection.outlook.com (10.167.249.5) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.8048.13 via Frontend Transport; Wed, 9 Oct 2024 09:29:44 +0000 Received: from gomati.amd.com (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.39; Wed, 9 Oct 2024 04:29:40 -0500 From: Nikunj A Dadhania To: , , , , CC: , , , , , , Subject: [PATCH v12 09/19] x86/cc: Add CC_ATTR_GUEST_SNP_SECURE_TSC Date: Wed, 9 Oct 2024 14:58:40 +0530 Message-ID: <20241009092850.197575-10-nikunj@amd.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20241009092850.197575-1-nikunj@amd.com> References: <20241009092850.197575-1-nikunj@amd.com> Precedence: bulk X-Mailing-List: kvm@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: BL02EPF00021F69:EE_|DM4PR12MB7648:EE_ X-MS-Office365-Filtering-Correlation-Id: 99bc1bfb-b5fa-4a1b-7a33-08dce844e8ea X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0;ARA:13230040|82310400026|376014|1800799024|7416014|36860700013; X-Microsoft-Antispam-Message-Info: 0KJ9Pk3Hs2MA6XH88xjw4F7MpM1SKNYIt3+B+93wbPxyVZ6CruxUIjkSummMbW2ogHhmEH8F42PfOiRgNxO571GhqYd+T+Q656pUFiDCGUX/D2GTQGTD8im4Pm/u5wE/z+FI12Tqg1XVYZTM0H7DN8mnK88nJuKuvxrVv/qypLMzHcXkVnEqSXSXThq9ajnqENmscFl/GVrnNJHOHI2nt71zez1uVowldmz3ZVecNEXTZFTKDTGsvOlFGy1RLbjHDtM3P/i8K7VOQ9fESupDuD/zhSnOCp/RASmNWrEmpYMT1TGPeSqa9EHNMoOGo0iukGL7U17VmbIrDRggwqpnO52DWsvCICHITE0oAt/fwWABPGbzt3KE3ahwKnbfdaKDGAhUzbRkae7JrS1ios/srgCo+P9vHy2evXYFNE32uMazcLVc8lE+T+Ur2xH4Eja+Po4qlfrXfXb+d1ATwqmYD6StxOcCAPeAEDnrdKF5D7dnR9VRFUOd6SafSKYzWLBc88EM5lRSkrkz55qeflTxfomVlae4EPXGTrM5K1ObUqnkSG9pQ57h1A50MbO43AbpxPBl0dp0+RWpUA98jK9wBAakwZzq9riKNVko4Dbmc8+QDw6shVOJHy/cWBm14A+hqrl3JUGguLcTHpj+WEvmReJFDlDqalQD0HKeBF+eHhbChMmyDDzNVw4dErduttp/7ofMdOAv1VbJBUtAqq/5VV++VfkowEZBSQknQYeK+oMTprhmwVVVoI2BlVYntsmJrqgmp2WTLK3tRcuGoeiFpYYDqFnv60G5hTrNg05elRDvOqZpUEh8wu6R0j/YMzJTXZ/CrjlsUeP2Ls4gnTJgxoc6sGQH5C+r4IFIiLpA/Y0A6tZzBukGt31T/+eAKnVGR6mWWFlRqToeeo58trZvszupvsymWN8eyCrLMFF+83l1a/SUiH4+cTg6Z4ico/LtZxanMF0iMP72ToMsL5Og4oFHwX6k7Tjh87hSXCFMaTrdr7qK0FcA+L8S2+Nz6zdIzfVB+L8iWY3efiPA55UJxqRhaLzW1k1oHo2RhA0BkyZzv2TFxjpdOiwjimWiXN6hQnNzNF8MtYJC+n1iGkKrM1S7iILYMqgNQNzEV/AijRGHD8kLJaoOkG1h91w906+686qupNbPfNP83zGl4VkCvHkWaq3f64hmZ0Aaa3bu742DblmBqd6zGJ9C6YmAF7tUSEcSYf8HBU27c2/tY7wmvHrG9R5XcLnCPoAQM0BO0WySAm1lC5cMbV7hEMNCFwAltDida/rvOu+Sg+TX5BmUJg2hu1B0c/I3rcACPmPwU7fN0oi4R4i/TS6PFW5ONk8KI9OSGINdUSVk4bbk+/a7iif7uUZFpyn14v+LNVNFZ2/6UDvk611v5jNskh1Syzca X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230040)(82310400026)(376014)(1800799024)(7416014)(36860700013);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 09 Oct 2024 09:29:44.2087 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 99bc1bfb-b5fa-4a1b-7a33-08dce844e8ea X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: BL02EPF00021F69.namprd02.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM4PR12MB7648 Add confidential compute platform attribute CC_ATTR_GUEST_SNP_SECURE_TSC that can be used by the guest to query whether the Secure TSC feature is active. Signed-off-by: Nikunj A Dadhania Reviewed-by: Tom Lendacky --- include/linux/cc_platform.h | 8 ++++++++ arch/x86/coco/core.c | 3 +++ 2 files changed, 11 insertions(+) diff --git a/include/linux/cc_platform.h b/include/linux/cc_platform.h index caa4b4430634..cb7103dc124f 100644 --- a/include/linux/cc_platform.h +++ b/include/linux/cc_platform.h @@ -88,6 +88,14 @@ enum cc_attr { * enabled to run SEV-SNP guests. */ CC_ATTR_HOST_SEV_SNP, + + /** + * @CC_ATTR_GUEST_SNP_SECURE_TSC: SNP Secure TSC is active. + * + * The platform/OS is running as a guest/virtual machine and actively + * using AMD SEV-SNP Secure TSC feature. + */ + CC_ATTR_GUEST_SNP_SECURE_TSC, }; #ifdef CONFIG_ARCH_HAS_CC_PLATFORM diff --git a/arch/x86/coco/core.c b/arch/x86/coco/core.c index 0f81f70aca82..5b9a358a3254 100644 --- a/arch/x86/coco/core.c +++ b/arch/x86/coco/core.c @@ -100,6 +100,9 @@ static bool noinstr amd_cc_platform_has(enum cc_attr attr) case CC_ATTR_HOST_SEV_SNP: return cc_flags.host_sev_snp; + case CC_ATTR_GUEST_SNP_SECURE_TSC: + return sev_status & MSR_AMD64_SNP_SECURE_TSC; + default: return false; } From patchwork Wed Oct 9 09:28:41 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Nikunj A. Dadhania" X-Patchwork-Id: 13827999 Received: from NAM10-MW2-obe.outbound.protection.outlook.com (mail-mw2nam10on2056.outbound.protection.outlook.com [40.107.94.56]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id BC3B9191F87; Wed, 9 Oct 2024 09:29:54 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=fail smtp.client-ip=40.107.94.56 ARC-Seal: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1728466196; cv=fail; b=D4Zn/QTZYrki0azV+KZNj3faTKOP6gCuF0h/rpQX4Cuh+gUib6OLVVumM5sY1WF29KjwPHIXYvHB0qEquD+P4uMsD9a7VEwfZFmAwzQ+z1aydvbJlOlvu16qQnVxjb52qw7QqiN+SqXQq+6/oUlU1hlusnwUCIyAscGaXeDMzRc= ARC-Message-Signature: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1728466196; c=relaxed/simple; bh=xFXj0qbsFs4gSUNA3KsQrrFvr89H7n9VD0jjRGKk8dg=; h=From:To:CC:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=Yk1A8MUIl0eTtWEKi/V8KcFIElsxmMFBCwLnbEfQEK5CMHsAKVX5WoYXcO0WWUjdFVdc0ZhymrIlwTOuncaODwKVTGz15csbZaMO7+ZsZR9FRMgJN8wTuz4zgE6xqWBjusoXRzwtjUcZw8coVe1BlvbmekYIZrqNYsPafO0+s70= ARC-Authentication-Results: i=2; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com; spf=fail smtp.mailfrom=amd.com; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b=lMOTW0Ag; arc=fail smtp.client-ip=40.107.94.56 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com Authentication-Results: smtp.subspace.kernel.org; spf=fail smtp.mailfrom=amd.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b="lMOTW0Ag" ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=zPTi0dHVT+SAeVH0dz5i88nkdODXdDYJdrZSx6qxa6Jn/SHg2Ia89aTDKYz+mXkVpI8GLslAJu/G9owAhRdD4yk2hgnwIKQN62Gi+BwVlj7GKITbNKoqk8ZkunJCx5E/oSLUDEG4meY5QxWu48Sx7UYeYq3dhkqYzQGH9sH51qu0oHcWPVcraxsofwlUmlSd6Cxh06nXTJLSiRNKaogyT2lwc/PUMjPM6mGarN5lW5hLUxFyzloWMBwRDI5RNHoLc8KWS+tZDZUEweP86kkw/IBn9z+kHDm/WeP0+2Ta254sBhAbGgRIV/V/B7n0FlmuZhCCReWewiG9PIKNBXjH7w== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=dJ9zoDZrmnAyNFQc599pS6W4PzcyiD0qMJGqLzwN3gY=; b=uMgUxZSegvTDBbGnR5c5KCKHPdhc3G3obIAbZX/wN4q7n6Ls+2/E8KSByPg5UZ07sDqAL3OhjPuCFPfzn+JfbeUVDaPXDkAvzD25lxofkOCGJiu5I1ANoqNL/WKi0FL/xNQQcgyuVFBNPlefMU70tsb1+CwrkPgf/cvcqgD9LTjr7vWygG/9PsLn7n07AYDC2HcIl3yFg10j06yhmTbWZ3lWhUBnN7tMADKRMq7gTdxkIXOf/F4WYbQEJymVD76F7mtnWaZ6vSrKaArSIcZDgmOINtJR2RBw+j6xFoFC+2ev7KZ8VRFGByMzdzob109bGFsqu9IC7Biq91kHKgzsag== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none (0) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=dJ9zoDZrmnAyNFQc599pS6W4PzcyiD0qMJGqLzwN3gY=; b=lMOTW0AgZ5tWc/xrahTNwHI/0GbuWgxLVWU0gYe7egCReaElR5zUV6taQSU1wWrffEWeygSrAMj12up+NgCB2APkmZwN7U3hb8lzbjfFLtdocfrRWS0jTPM4Z3eInQYqmLQUPB2MaB4YJZ/TBsTEKm5fYPM/UwlBLsW41ZsVJ1Y= Received: from MN0P220CA0026.NAMP220.PROD.OUTLOOK.COM (2603:10b6:208:52e::19) by SJ2PR12MB7894.namprd12.prod.outlook.com (2603:10b6:a03:4c6::13) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.8026.23; Wed, 9 Oct 2024 09:29:48 +0000 Received: from BL02EPF00021F68.namprd02.prod.outlook.com (2603:10b6:208:52e:cafe::d9) by MN0P220CA0026.outlook.office365.com (2603:10b6:208:52e::19) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.8048.18 via Frontend Transport; Wed, 9 Oct 2024 09:29:48 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by BL02EPF00021F68.mail.protection.outlook.com (10.167.249.4) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.8048.13 via Frontend Transport; Wed, 9 Oct 2024 09:29:47 +0000 Received: from gomati.amd.com (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.39; Wed, 9 Oct 2024 04:29:44 -0500 From: Nikunj A Dadhania To: , , , , CC: , , , , , , Subject: [PATCH v12 10/19] x86/sev: Add Secure TSC support for SNP guests Date: Wed, 9 Oct 2024 14:58:41 +0530 Message-ID: <20241009092850.197575-11-nikunj@amd.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20241009092850.197575-1-nikunj@amd.com> References: <20241009092850.197575-1-nikunj@amd.com> Precedence: bulk X-Mailing-List: kvm@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: BL02EPF00021F68:EE_|SJ2PR12MB7894:EE_ X-MS-Office365-Filtering-Correlation-Id: f08557ea-8b0f-4e1e-1498-08dce844eb21 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0;ARA:13230040|36860700013|1800799024|82310400026|376014|7416014; X-Microsoft-Antispam-Message-Info: eJXGOqAkcUmpuQt6bZaTTcacSn2Ey8afEnJTZxelxk2yEFYD1TZP5YSupKENCAYLXYfxwhNcZ0KZYGpJ8kAF70QJGUvXK3IquvK2u4AwXyqWOi5On2zlNKPgNFk3ZgMYAz3WHWIhHa55WC4imnye6mg0zPSDYT04VfJ5eXVUxBljz20lgp+m8J+puHW8BCfA1szfMyZS3wrzuK2gUvaGhwN1S8TQQRhRbfB4q6IxE1qdlTuLA33zSQ9Cd2ppqOuYebTAAL9syDTdv46BoRWpuvzh7TJHCqE5fisTpNI7SleFYMsgCMU+QQNB2RLE+IY7R57DW1kAMqGXnfCZn32T7BKJsOYGNpvIfVvMrJNRnL4D6wuwq4rr/CkwWw43qLLVy/Y7Jow9X/MHpymyUpJ254YCZDy2snYvw/eMlaiAKBY+L5RiKrtsIO7t+c2OZTuL3tolbjBWNL7jhKbnKYRmX+HI056ZxNjMcbsl1XVLLGk0zkcmRT1aAL2BE2pIyck7rDLlZlTCsYlE1SYQsHJUz8Kkv6CAogoH6Pu2YY7T/JH98zz9mPnFD+xxyM1W8VQdZ3PFGIWczwapPmNgjlw1fdkSLJHAyBq6mo/q6iB9WNN7k4y4BnIzcqNRtB6RFpN3GmGv3Ck5vOpqlo41+rtLcGB6xx8RPDEef1oGkXwm3wC9UfEPoyNbIObzxMI1ezGT8cWX71RK+Zysuh9RPDexC6seaoNFb/vdCvw4Tex0RRqAWN9YC4Scmm0jR4NCuVdu5TdpocAdr4GAg8I16GnFngcI1Lg376jWfJ2oI/njGONXbJK21be+2MSz8+mAAv2tL/4dxiWYhFoIW1gYEp5SxyUQDQHZy+3piQ0/oJ0rPeMsp9Umzftw/9ir++2HKMtxl/iCnNR02GIi7GQklRINU9kNTtQH9KpBqkNkBDS3sBXQUoKm0tdKg2hA9pIrjByZoKmmwFK5Q7imqqXG7Z+KjOU2Wsa9GTuEh91b/swzyrq0/mr1KDUNO0Y6/W5YUxQ4tgVfdA05G3ikRfFSfT4jTxLkZxkRbBX8VzQe7ZhqdlkPUDLfzl8WkK/YIU26x4lgiDe+T6DG/1ltjQvatS40hJX2PeOr3Tljz9TRWf5Xz/aUUalcA8XCmIvAKZnNg0Skh5d/uMJhgoHNDOmOZIlYGpH1v4raGO83DNDy1Oa/sMKZ5W2HUZGosyJkW8lZr4bL0HEtF/Xp2pIVxq6FpMHXejp/l9G16xBzr4Nb9zpf0JOpYv2Jsy+km1Xj6rYRdSaDwwMSh1vRytfHNp4UDSBBhupscB9RUaoay9awtM4uOJryr3VfULjLglnKPyMUaXwSrs0UK6lllVrP7ta6NGlgUM9pt+rcu3WUXwH4txV66kE= X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230040)(36860700013)(1800799024)(82310400026)(376014)(7416014);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 09 Oct 2024 09:29:47.9064 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: f08557ea-8b0f-4e1e-1498-08dce844eb21 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: BL02EPF00021F68.namprd02.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: SJ2PR12MB7894 Add support for Secure TSC in SNP-enabled guests. Secure TSC allows guests to securely use RDTSC/RDTSCP instructions, ensuring that the parameters used cannot be altered by the hypervisor once the guest is launched. Secure TSC-enabled guests need to query TSC information from the AMD Security Processor. This communication channel is encrypted between the AMD Security Processor and the guest, with the hypervisor acting merely as a conduit to deliver the guest messages to the AMD Security Processor. Each message is protected with AEAD (AES-256 GCM). Use a minimal AES GCM library to encrypt and decrypt SNP guest messages for communication with the PSP. Use mem_encrypt_init() to fetch SNP TSC information from the AMD Security Processor and initialize snp_tsc_scale and snp_tsc_offset. During secondary CPU initialization, set the VMSA fields GUEST_TSC_SCALE (offset 2F0h) and GUEST_TSC_OFFSET (offset 2F8h) with snp_tsc_scale and snp_tsc_offset, respectively. Since handle_guest_request() is common routine used by both the SEV guest driver and Secure TSC code, move it to the SEV header file. Signed-off-by: Nikunj A Dadhania Tested-by: Peter Gonda Reviewed-by: Tom Lendacky --- arch/x86/include/asm/sev-common.h | 1 + arch/x86/include/asm/sev.h | 46 ++++++++++++++++ arch/x86/include/asm/svm.h | 6 +- arch/x86/coco/sev/core.c | 91 +++++++++++++++++++++++++++++++ arch/x86/mm/mem_encrypt.c | 4 ++ 5 files changed, 146 insertions(+), 2 deletions(-) diff --git a/arch/x86/include/asm/sev-common.h b/arch/x86/include/asm/sev-common.h index 98726c2b04f8..655eb0ac5032 100644 --- a/arch/x86/include/asm/sev-common.h +++ b/arch/x86/include/asm/sev-common.h @@ -206,6 +206,7 @@ struct snp_psc_desc { #define GHCB_TERM_NO_SVSM 7 /* SVSM is not advertised in the secrets page */ #define GHCB_TERM_SVSM_VMPL0 8 /* SVSM is present but has set VMPL to 0 */ #define GHCB_TERM_SVSM_CAA 9 /* SVSM is present but CAA is not page aligned */ +#define GHCB_TERM_SECURE_TSC 10 /* Secure TSC initialization failed */ #define GHCB_RESP_CODE(v) ((v) & GHCB_MSR_INFO_MASK) diff --git a/arch/x86/include/asm/sev.h b/arch/x86/include/asm/sev.h index d6ad5f6b1ff3..9169b18eeb78 100644 --- a/arch/x86/include/asm/sev.h +++ b/arch/x86/include/asm/sev.h @@ -146,6 +146,9 @@ enum msg_type { SNP_MSG_VMRK_REQ, SNP_MSG_VMRK_RSP, + SNP_MSG_TSC_INFO_REQ = 17, + SNP_MSG_TSC_INFO_RSP, + SNP_MSG_TYPE_MAX }; @@ -174,6 +177,22 @@ struct snp_guest_msg { u8 payload[PAGE_SIZE - sizeof(struct snp_guest_msg_hdr)]; } __packed; +#define SNP_TSC_INFO_REQ_SZ 128 +#define SNP_TSC_INFO_RESP_SZ 128 + +struct snp_tsc_info_req { + u8 rsvd[SNP_TSC_INFO_REQ_SZ]; +} __packed; + +struct snp_tsc_info_resp { + u32 status; + u32 rsvd1; + u64 tsc_scale; + u64 tsc_offset; + u32 tsc_factor; + u8 rsvd2[100]; +} __packed; + struct snp_guest_req { void *req_buf; size_t req_sz; @@ -497,6 +516,27 @@ static inline void snp_msg_cleanup(struct snp_msg_desc *mdesc) int snp_send_guest_request(struct snp_msg_desc *mdesc, struct snp_guest_req *req, struct snp_guest_request_ioctl *rio); +static inline int handle_guest_request(struct snp_msg_desc *mdesc, u64 exit_code, + struct snp_guest_request_ioctl *rio, u8 type, + void *req_buf, size_t req_sz, void *resp_buf, + u32 resp_sz) +{ + struct snp_guest_req req = { + .msg_version = rio->msg_version, + .msg_type = type, + .vmpck_id = mdesc->vmpck_id, + .req_buf = req_buf, + .req_sz = req_sz, + .resp_buf = resp_buf, + .resp_sz = resp_sz, + .exit_code = exit_code, + }; + + return snp_send_guest_request(mdesc, &req, rio); +} + +void __init snp_secure_tsc_prepare(void); + #else /* !CONFIG_AMD_MEM_ENCRYPT */ #define snp_vmpl 0 @@ -538,6 +578,12 @@ static inline struct snp_msg_desc *snp_msg_alloc(void) { return NULL; } static inline void snp_msg_cleanup(struct snp_msg_desc *mdesc) { } static inline int snp_send_guest_request(struct snp_msg_desc *mdesc, struct snp_guest_req *req, struct snp_guest_request_ioctl *rio) { return -ENODEV; } +static inline int handle_guest_request(struct snp_msg_desc *mdesc, u64 exit_code, + struct snp_guest_request_ioctl *rio, u8 type, + void *req_buf, size_t req_sz, void *resp_buf, + u32 resp_sz) { return -ENODEV; } + +static inline void __init snp_secure_tsc_prepare(void) { } #endif /* CONFIG_AMD_MEM_ENCRYPT */ diff --git a/arch/x86/include/asm/svm.h b/arch/x86/include/asm/svm.h index 2b59b9951c90..92e18798f197 100644 --- a/arch/x86/include/asm/svm.h +++ b/arch/x86/include/asm/svm.h @@ -417,7 +417,9 @@ struct sev_es_save_area { u8 reserved_0x298[80]; u32 pkru; u32 tsc_aux; - u8 reserved_0x2f0[24]; + u64 tsc_scale; + u64 tsc_offset; + u8 reserved_0x300[8]; u64 rcx; u64 rdx; u64 rbx; @@ -564,7 +566,7 @@ static inline void __unused_size_checks(void) BUILD_BUG_RESERVED_OFFSET(sev_es_save_area, 0x1c0); BUILD_BUG_RESERVED_OFFSET(sev_es_save_area, 0x248); BUILD_BUG_RESERVED_OFFSET(sev_es_save_area, 0x298); - BUILD_BUG_RESERVED_OFFSET(sev_es_save_area, 0x2f0); + BUILD_BUG_RESERVED_OFFSET(sev_es_save_area, 0x300); BUILD_BUG_RESERVED_OFFSET(sev_es_save_area, 0x320); BUILD_BUG_RESERVED_OFFSET(sev_es_save_area, 0x380); BUILD_BUG_RESERVED_OFFSET(sev_es_save_area, 0x3f0); diff --git a/arch/x86/coco/sev/core.c b/arch/x86/coco/sev/core.c index e5e78b04f56c..d7e92fa1f6ff 100644 --- a/arch/x86/coco/sev/core.c +++ b/arch/x86/coco/sev/core.c @@ -98,6 +98,10 @@ static u64 secrets_pa __ro_after_init; static struct snp_msg_desc *snp_mdesc; +/* Secure TSC values read using TSC_INFO SNP Guest request */ +static u64 snp_tsc_scale __ro_after_init; +static u64 snp_tsc_offset __ro_after_init; + /* #VC handler runtime per-CPU data */ struct sev_es_runtime_data { struct ghcb ghcb_page; @@ -1175,6 +1179,12 @@ static int wakeup_cpu_via_vmgexit(u32 apic_id, unsigned long start_ip) vmsa->vmpl = snp_vmpl; vmsa->sev_features = sev_status >> 2; + /* Set Secure TSC parameters */ + if (cc_platform_has(CC_ATTR_GUEST_SNP_SECURE_TSC)) { + vmsa->tsc_scale = snp_tsc_scale; + vmsa->tsc_offset = snp_tsc_offset; + } + /* Switch the page over to a VMSA page now that it is initialized */ ret = snp_set_vmsa(vmsa, caa, apic_id, true); if (ret) { @@ -2985,3 +2995,84 @@ int snp_send_guest_request(struct snp_msg_desc *mdesc, struct snp_guest_req *req return 0; } EXPORT_SYMBOL_GPL(snp_send_guest_request); + +static int __init snp_get_tsc_info(void) +{ + static u8 buf[SNP_TSC_INFO_RESP_SZ + AUTHTAG_LEN]; + struct snp_guest_request_ioctl rio; + struct snp_tsc_info_resp tsc_resp; + struct snp_tsc_info_req *tsc_req; + struct snp_msg_desc *mdesc; + struct snp_guest_req req; + int rc; + + /* + * The intermediate response buffer is used while decrypting the + * response payload. Make sure that it has enough space to cover the + * authtag. + */ + BUILD_BUG_ON(sizeof(buf) < (sizeof(tsc_resp) + AUTHTAG_LEN)); + + mdesc = snp_msg_alloc(); + if (IS_ERR_OR_NULL(mdesc)) + return -ENOMEM; + + rc = snp_msg_init(mdesc, snp_vmpl); + if (rc) + return rc; + + tsc_req = kzalloc(sizeof(struct snp_tsc_info_req), GFP_KERNEL); + if (!tsc_req) + return -ENOMEM; + + memset(&req, 0, sizeof(req)); + memset(&rio, 0, sizeof(rio)); + memset(buf, 0, sizeof(buf)); + + req.msg_version = MSG_HDR_VER; + req.msg_type = SNP_MSG_TSC_INFO_REQ; + req.vmpck_id = snp_vmpl; + req.req_buf = tsc_req; + req.req_sz = sizeof(*tsc_req); + req.resp_buf = buf; + req.resp_sz = sizeof(tsc_resp) + AUTHTAG_LEN; + req.exit_code = SVM_VMGEXIT_GUEST_REQUEST; + + rc = snp_send_guest_request(mdesc, &req, &rio); + if (rc) + goto err_req; + + memcpy(&tsc_resp, buf, sizeof(tsc_resp)); + pr_debug("%s: response status %x scale %llx offset %llx factor %x\n", + __func__, tsc_resp.status, tsc_resp.tsc_scale, tsc_resp.tsc_offset, + tsc_resp.tsc_factor); + + if (tsc_resp.status == 0) { + snp_tsc_scale = tsc_resp.tsc_scale; + snp_tsc_offset = tsc_resp.tsc_offset; + } else { + pr_err("Failed to get TSC info, response status %x\n", tsc_resp.status); + rc = -EIO; + } + +err_req: + /* The response buffer contains the sensitive data, explicitly clear it. */ + memzero_explicit(buf, sizeof(buf)); + memzero_explicit(&tsc_resp, sizeof(tsc_resp)); + memzero_explicit(&req, sizeof(req)); + + return rc; +} + +void __init snp_secure_tsc_prepare(void) +{ + if (!cc_platform_has(CC_ATTR_GUEST_SNP_SECURE_TSC)) + return; + + if (snp_get_tsc_info()) { + pr_alert("Unable to retrieve Secure TSC info from ASP\n"); + sev_es_terminate(SEV_TERM_SET_LINUX, GHCB_TERM_SECURE_TSC); + } + + pr_debug("SecureTSC enabled"); +} diff --git a/arch/x86/mm/mem_encrypt.c b/arch/x86/mm/mem_encrypt.c index 0a120d85d7bb..996ca27f0b72 100644 --- a/arch/x86/mm/mem_encrypt.c +++ b/arch/x86/mm/mem_encrypt.c @@ -94,6 +94,10 @@ void __init mem_encrypt_init(void) /* Call into SWIOTLB to update the SWIOTLB DMA buffers */ swiotlb_update_mem_attributes(); + /* Initialize SNP Secure TSC */ + if (cc_platform_has(CC_ATTR_GUEST_SEV_SNP)) + snp_secure_tsc_prepare(); + print_mem_encrypt_feature_info(); } From patchwork Wed Oct 9 09:28:42 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Nikunj A. Dadhania" X-Patchwork-Id: 13828000 Received: from NAM10-BN7-obe.outbound.protection.outlook.com (mail-bn7nam10on2083.outbound.protection.outlook.com [40.107.92.83]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 00DB2191F98; Wed, 9 Oct 2024 09:29:55 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=fail smtp.client-ip=40.107.92.83 ARC-Seal: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1728466197; cv=fail; b=b33kp66toxd3gIIeSbGYwwiNrU7tL3TmjkHvnPSYm6RZXUTWPU0NQWqY3bj5jadSdnIn3y5q+CxR6vDbh194LqCVQpMZL5XO3Ma8Ru1s9aECYpbcoWXmyvAxr3wwJL+CFwKpFcrIF11FEbWHRnYSWnu14m2IZCx0lsA0HVhLzVM= ARC-Message-Signature: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1728466197; c=relaxed/simple; bh=cWaXLEhZMcg+PMgTxZCTtsTDebS7z8QHQHKPYBqOoUs=; h=From:To:CC:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=E1tLxFXmMfjJgG3SZX94IjqCFda6lkmdPecyFDacyldE9fedvIdLektjba0CY1XVsLPA/wh9H4XzARONK1NVUwmo249lMQQRPWwFVK+oWlogWudi2PI6LgMXmH7+rjhOLAidE+J1+DTxYewyGNItl9WmE4wCB/pj2pzflFN3qOo= ARC-Authentication-Results: i=2; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com; spf=fail smtp.mailfrom=amd.com; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b=CFiYMg+h; arc=fail smtp.client-ip=40.107.92.83 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com Authentication-Results: smtp.subspace.kernel.org; spf=fail smtp.mailfrom=amd.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b="CFiYMg+h" ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=PskKdzn5XP3P9SGKBV1slxzo1TWcgctWanXvOJ3ItgHqsIrgVl0cPShOTMFEwMpfXzjq1IWSVUJxbk3qjjG6LgiAZBphaq9W0z6SI5UhS2lG7b99lTV/KR4deyZNJxuY0tNS8OwC/fbSW3YWQtyu8mknshzyVd4cbwUZmHAaru6D1fqK4w0Nm25IzlTBE56Uqufk7am3fyvG/gC5+T+76yw1r9XOEOXvli+6RyHokdkoLRquJZzZjashbX49j6yqUHCxnJttVvOzRFB9jSSC3o/sMBwjPgFsD+Lpwjo65juqMYCBvZLvR68lFTG8n4KOtEdIbhCD9pUPvjo6LvpxLg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=VeTCAzNGbCnsJxKh41jWXb6cwu0VGsWZ/DJ79YvQksw=; b=NcxrfceFFKOZXsauK+UEf28SMdctW7g1mGvfEbI5pWQ7tecC++GthYwp+pCpu0/OFXTJl9J/g0D3lb9yP22nZj7bBiJseVJTP55n1U1HFRGqufZ5pBWvZU6ZTQQ04OQVCzVQ4jtiXMauaNQHqU2mjL0n8iT4QSFaLPOPvIYkIrUkTZTTD8EmyClW/mYGcdBK5cBAoJOkpYDH6PCzoMTPP2g8M7k/mOIfaRiG4Tr7bfFyYGiygjklSRhj3sh+Br+1umNEZB6uPu4sxE9LoenrlKWCQz865Vjr0e2gpGr1p0nLPx/KTdx13jcx6CtLEy4azi5HDKuxjs/Y5I5U3tjgyw== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none (0) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=VeTCAzNGbCnsJxKh41jWXb6cwu0VGsWZ/DJ79YvQksw=; b=CFiYMg+h/ePfJDQkUgbeLQ7l7CdDGR5FAotVZaQHIM4y9fL2E+XrY/tTs/Nb5+ufhanMkxycQkSjG85iLWA9Mau/xKyRY/FKyoWPhhg4PNnYPPfzjHsCtQNFgG6vJmytGbBpbdzJfvU05LVZOSd5cEBKz/3Ei9PABTREXkLdloE= Received: from BN8PR15CA0015.namprd15.prod.outlook.com (2603:10b6:408:c0::28) by SA3PR12MB9130.namprd12.prod.outlook.com (2603:10b6:806:37f::11) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.8048.16; Wed, 9 Oct 2024 09:29:51 +0000 Received: from BL02EPF00021F6A.namprd02.prod.outlook.com (2603:10b6:408:c0:cafe::3) by BN8PR15CA0015.outlook.office365.com (2603:10b6:408:c0::28) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.8048.17 via Frontend Transport; Wed, 9 Oct 2024 09:29:51 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by BL02EPF00021F6A.mail.protection.outlook.com (10.167.249.6) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.8048.13 via Frontend Transport; Wed, 9 Oct 2024 09:29:51 +0000 Received: from gomati.amd.com (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.39; Wed, 9 Oct 2024 04:29:47 -0500 From: Nikunj A Dadhania To: , , , , CC: , , , , , , Subject: [PATCH v12 11/19] x86/sev: Change TSC MSR behavior for Secure TSC enabled guests Date: Wed, 9 Oct 2024 14:58:42 +0530 Message-ID: <20241009092850.197575-12-nikunj@amd.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20241009092850.197575-1-nikunj@amd.com> References: <20241009092850.197575-1-nikunj@amd.com> Precedence: bulk X-Mailing-List: kvm@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: BL02EPF00021F6A:EE_|SA3PR12MB9130:EE_ X-MS-Office365-Filtering-Correlation-Id: f4392129-2812-469c-07a5-08dce844ed49 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0;ARA:13230040|7416014|376014|82310400026|36860700013|1800799024; X-Microsoft-Antispam-Message-Info: xF2sWa+4kqqX54rbAmzF+moguYPFTnakF2kvC2HZNxItBy5SbYzpGCUTi75eKw2+xmbG+7+VdaQysAz7DJ7qcvoMC6T0L6CLcyEQbnqefNwF1ou5kLzx6xrvB19pW0qmTze/+CKDC/CFf7bdRi1gS2O8jeldkDbb4GWDkbrbhl2CVf6stg20SJT8YxLtUQuZ5LjfLwfkZA/fHHvMxyaqOitNfBLu4E+yrvEthREpN+ZDJcDESnIbCHg+6WiL4KBDVEG7UZVW+EBKgYwecgzMhdCErOqygRZPrrqyUkJpO5adTIUK6N3tm47wvIk/QKM1oX14oPxRJ0DuSkrq+ZEG+JBgPfuNKjjp1cLTsEIJu3kyP+oGXvWWoX58Rt0PoNc8vHXa7xEGwVNPBMNMU7TacuPaPVnXZqcMc9jJIkScIpexwROiJSkAFSlRvnnZxSI6KnNErgRnVdWJJvmEbCnbOMVBF6Lc05wKsLuLMeRVdWk2xx0boOGdg9hO8Mz3dIdtEKjCLSlR+JHvvBT+hLobEKCfeWN7DkGEuCTeoN7eToAXjPAhD4lCl7y76KLPXL8t/v9+vej5ixf/tuovRY/h6AyT3ikIuH7BIw1zL2BedMyXuRK4wNjQcbF+c2oiy75KjBXTL8mjqnCvVktdIGKy9txJpZOwyu5d3EHodFCZo36zpNB0ig5s9xKz1vWFr2ubVvHw1qq9g36uFe+HXA5hBJxB6pXwADFzdAUEpIyCUJZnh7Sj5xPb3jqpHT1OwHylfK2Dm2H0JkIHfA2p2zEDQwcuTghcHKj7E8bQyYoRTw/AEg1EfjW6LjraSnusNRbfGOei0Um5Zr4QdOJW9y6DD0P3k1ccygsA50zq9bjn9imR1xLOvI8CGoNZRgrKmlqVB/CnimJC0EAuHv62Pc19FHcOBh9eOsPkkc4d+RZ/H5OqR+qYY0K7A0vB3zn2kZpWRQDSpahck7K2r5Sv/k1cEcSR26j0topXSY48xuN6F4Dow0GXsnLMfA0rZbfyMeAtnYYJcOgnPcuYDND9Inf/NtqgsfWO5gugys3a/u/OscP9VOzqLUWq3AhrkcvVpsxQocrgSd3SemJz8FCpR6rKnToRPdGj0cQg6A0yYC5VLwxpstt8BnXjr6cAF7f0nOzN0+cieGgn458CkrelESBCRB/dAfAYkPTFilY7Fpu6FMp2mmGqJPrHwHWpzHHS2kIbRcs/nuXU30Q7MJzQaeA5dIHIIOua0Hrfv7EIod630Cv35Ey+3MEMMIeBDDL6Jipd9O8HMWcgL2C+3ueknztZeAWpQREKwYfymmAB8JfxsURwjhlajUI7xgYa9Rclhx+dXQkcPscVaHV1ObeUJwkZLanSkbr1NFRMhIKumLNfEGw= X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230040)(7416014)(376014)(82310400026)(36860700013)(1800799024);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 09 Oct 2024 09:29:51.5236 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: f4392129-2812-469c-07a5-08dce844ed49 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: BL02EPF00021F6A.namprd02.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: SA3PR12MB9130 Secure TSC enabled guests should not write to MSR_IA32_TSC(10H) register as the subsequent TSC value reads are undefined. MSR_IA32_TSC read/write accesses should not exit to the hypervisor for such guests. Accesses to MSR_IA32_TSC needs special handling in the #VC handler for the guests with Secure TSC enabled. Writes to MSR_IA32_TSC should be ignored, and reads of MSR_IA32_TSC should return the result of the RDTSC instruction. Signed-off-by: Nikunj A Dadhania Reviewed-by: Tom Lendacky Tested-by: Peter Gonda --- arch/x86/coco/sev/core.c | 24 ++++++++++++++++++++++++ 1 file changed, 24 insertions(+) diff --git a/arch/x86/coco/sev/core.c b/arch/x86/coco/sev/core.c index d7e92fa1f6ff..5f555f905fad 100644 --- a/arch/x86/coco/sev/core.c +++ b/arch/x86/coco/sev/core.c @@ -1335,6 +1335,30 @@ static enum es_result vc_handle_msr(struct ghcb *ghcb, struct es_em_ctxt *ctxt) return ES_OK; } + /* + * TSC related accesses should not exit to the hypervisor when a + * guest is executing with SecureTSC enabled, so special handling + * is required for accesses of MSR_IA32_TSC: + * + * Writes: Writing to MSR_IA32_TSC can cause subsequent reads + * of the TSC to return undefined values, so ignore all + * writes. + * Reads: Reads of MSR_IA32_TSC should return the current TSC + * value, use the value returned by RDTSC. + */ + if (regs->cx == MSR_IA32_TSC && cc_platform_has(CC_ATTR_GUEST_SNP_SECURE_TSC)) { + u64 tsc; + + if (exit_info_1) + return ES_OK; + + tsc = rdtsc(); + regs->ax = UINT_MAX & tsc; + regs->dx = UINT_MAX & (tsc >> 32); + + return ES_OK; + } + ghcb_set_rcx(ghcb, regs->cx); if (exit_info_1) { ghcb_set_rax(ghcb, regs->ax); From patchwork Wed Oct 9 09:28:43 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Nikunj A. Dadhania" X-Patchwork-Id: 13828006 Received: from NAM12-MW2-obe.outbound.protection.outlook.com (mail-mw2nam12on2040.outbound.protection.outlook.com [40.107.244.40]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id EE3F919342E; Wed, 9 Oct 2024 09:30:16 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=fail smtp.client-ip=40.107.244.40 ARC-Seal: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1728466220; cv=fail; b=YX3OL5xWSBcBqGaUun82XrXtgwvIyiX/YD2zAiKR5d4S0eLM4c1sgTcelpxbx04BmmlXSMgkSnN7AOAb8YMXt5dByofCbwA3FNyihArqit0mZQecSdTyMUbEl/1MvZsYCjqkrxlMROXC6vxfRYa7pYuTQAa3ARP35AptPiQfzDU= ARC-Message-Signature: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1728466220; c=relaxed/simple; bh=X6++Jp2Ou8fBJega9miIi8e/Suj3ITziWWo7kosPDjc=; h=From:To:CC:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=jZ57RpVqAvYCCMq3KZfliqG9GhMTLnGZ3Ubt0+UfWSbJcY9IYDKSxfeKsEZc5TCSWVgYWuvmvL0xLc/ssZ6CZp8w7DhRS4eJI9aUr+by6hmnvw/pwD+iGImyaZfmaYww/ze5jCrOtJQSITJ5fyjRHQ9t2cKp13BKlt1Ed0jGyMI= ARC-Authentication-Results: i=2; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com; spf=fail smtp.mailfrom=amd.com; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b=JBlmJZun; arc=fail smtp.client-ip=40.107.244.40 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com Authentication-Results: smtp.subspace.kernel.org; spf=fail smtp.mailfrom=amd.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b="JBlmJZun" ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=IZXn7pL95w2k9vGh2RY2+HRl2wYXpCtTPPp/IC7jjERQLO4112Bpguw1K/jgCr/wcQyzOZgE77GPL1CDQ+J1V937luT5J6uM1z3pzy35V7AU9fVMHOex3S1rI//iMej3Ri7W6NR+SDS/nLl9I3vW/TxlQ+DIvJPVFgfv1xZJ/eWhIcGksfZ3oj1cD5yovnvs5wU9Ee5YI3SAA6mLwHqXOiIPK8BaQ0/qkg6OCmAROQnnamxRlq+UZF3yn3GPB3RiKcKkhb4PPl9vOoq3ksT+zkMPHJsC5y4Q2eJFq02smlhXO16CH+9qyaqOXrTLDv2Npm6GxrPgxeYcV3EnfR44Yw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=CZCh+Ouz3YgEU+vCusYEaultbYtc/AIAaxrWJf+YIuI=; b=fPzdTMD8UGLcXw9XsOYVG6QVe3y7G6icH5IHFt4bFuRAQ8p/yC0VUS6rWYtq/hwsN9MnPFIHtXtMiUOlgiZloMOgWywavZwIreOxPVOM0cIwMY7bYiRM+rBEVRhcdtVloSn48P5wHIh2oQHCp+hsLKOBfDIohbxQNELvtAc0BApIF9QoYFYjZHHmyO9r8cQJVY7IsYK0XlRfyfcHj1l3feeJb9rIecsmAFUqJQD9KycQE9/2rsqct44ZN1xlIodT7iT9S+ypptrz/o17GD13m7rFqOgs5rvZcxVvUwKYqM7d5OOTz73Z+ilvXCMNW7ghZliV13X1KudZl6oAAMQ/Tw== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none (0) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=CZCh+Ouz3YgEU+vCusYEaultbYtc/AIAaxrWJf+YIuI=; b=JBlmJZuneyEOzLOJ3iYqo0IGCN7zmrka9A3JdQhvOWF0wSvFv6f8BZLOmYGp3OwKewXVgt3sOKEBWFQFdFbtroas33fwsp23mp7V9e/zWg28noVyQpqGiP1YgfSCpAf3vhYdkosjZlWkF0ZmqaiEP5Zz/EXxfBX63TekiVw88Pg= Received: from BLAPR05CA0026.namprd05.prod.outlook.com (2603:10b6:208:335::8) by DS0PR12MB6438.namprd12.prod.outlook.com (2603:10b6:8:ca::16) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.8048.16; Wed, 9 Oct 2024 09:29:55 +0000 Received: from BL02EPF00021F6D.namprd02.prod.outlook.com (2603:10b6:208:335:cafe::5f) by BLAPR05CA0026.outlook.office365.com (2603:10b6:208:335::8) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.8069.6 via Frontend Transport; Wed, 9 Oct 2024 09:29:55 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by BL02EPF00021F6D.mail.protection.outlook.com (10.167.249.9) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.8048.13 via Frontend Transport; Wed, 9 Oct 2024 09:29:54 +0000 Received: from gomati.amd.com (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.39; Wed, 9 Oct 2024 04:29:51 -0500 From: Nikunj A Dadhania To: , , , , CC: , , , , , , Subject: [PATCH v12 12/19] x86/sev: Prevent RDTSC/RDTSCP interception for Secure TSC enabled guests Date: Wed, 9 Oct 2024 14:58:43 +0530 Message-ID: <20241009092850.197575-13-nikunj@amd.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20241009092850.197575-1-nikunj@amd.com> References: <20241009092850.197575-1-nikunj@amd.com> Precedence: bulk X-Mailing-List: kvm@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: BL02EPF00021F6D:EE_|DS0PR12MB6438:EE_ X-MS-Office365-Filtering-Correlation-Id: 44c21ee7-cb91-4745-bf0e-08dce844ef52 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0;ARA:13230040|36860700013|82310400026|376014|1800799024|7416014; X-Microsoft-Antispam-Message-Info: InzpGp8F2m4gGIX36ZhfRV02VEuByCmULdaTtXOjEznYCl9llEOwNHf3gedcKa+lYuBNmAJpdUYz9+011J5skcZsOBPykErpqlSMtFSYRlejt62aArFoXxaObrZCrSVgiLRkITAKnRXROMBe0I4CyBD3cPUYY88KUJjvN33+KioNIIyfrUW8yYizxBegHupqHIRMnzW2cefzHtoJzlu6etZqmzReCxFcWgFu664wy31j7suMCDssL4otlxQZTIf72PMor1ygADw26sqRgO2ih7BgN3JrRdLq8FQp5a2pXQAOEEHP7LJIeDRT5cwR0vMyUnWE06jvRW2VHLqwyWKGTL+VJJXXf9m7HYToiSrlHm+YV4f7vVhL9263ldKbU8MQ7hL/esijYsBLFB0oMkar6fG44OTb7EijCZoUi7E4hTGoTf1RtWfJpFJnvAFTwX9fsppOEz28Vcv4AOkoS4bE4o1MO3nHMwMFTki5Dv6johxSJNjxEU0DOfSJO+Gy7UHuuSaqE3/EboR0wI6l+6jPM+cho6jngX23TCecb70CAHgzep9MKpKkB+XE69Zbae5WELKwOgR9BgaQhdd24QzBehFWU3Ac1I9GhvCTJyRGDaz5NdLb0kBfoAGGF1IJno/OvVBTSygbmaz6gfHHJ4ILu14LEFHRW9zxNmxRRDJLe7Sw00ZVKCYA39SKe7HyfqrLrN/f6/uuYZUbcpiqKXzNWO4hV0or7l5GlZ45jgmEfXbWLJkG5PpqhodOBwg5u7TG8vdJTM7uQO1VJmkGDMg88phoxo90gp0IlBDcjwCPsxPHeUUfPB8TCD3fXN7ZghO+3vnjOEVwUOHeesEapHaUV0fd5DeaawC2+H2++jHU3i7dEkc+X/UvMowXwMMkm4ty2fJgcuytEbPm8LXQOQ8m80XMH5nrIG4/pKl6finOLnEqq0z4olVyabBYC3Hbx9jGU0dddr6rDqDlNc2JTvfzeUJM4N94+P1wewSi3+VmwcVYEBLHTqxjxIcxT6CVlbfbyAwSadCmcgBdM7F8SV8YElJ5giOLxhNnfDhvnKrLuimFiaDAlLjZ2gCeq+pHz3ZcDp10iAm07tvIc3ZldH9MY5q34mV3+H2vtvdtxwxzD4RZsse/wAKe5oSI0EVEv86hcnEk3SJ4kkw9bsbWOEllGf01b4dlqMApysx9wpzPHq0KcdHDFMuhumW7/wLwDjDgTD5Ml4e++/cxGxuIg2GFYx7mVLHOvWu/C3a5ZRPRVgDEAXL1uVzEBcjVXLg9DbOKEvprBbjEeu8mWCTsMPmlbQmhUroWPdYO/ptzVo8xAakHdOgcWCqPYnoXI/5G1EabA8qWzDdODwN+7bRPo94cGB8XoYujE/Cvp5U6WAD1nDv5R74sdPEAPmoVJUJPy9P6 X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230040)(36860700013)(82310400026)(376014)(1800799024)(7416014);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 09 Oct 2024 09:29:54.9585 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 44c21ee7-cb91-4745-bf0e-08dce844ef52 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: BL02EPF00021F6D.namprd02.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: DS0PR12MB6438 The hypervisor should not be intercepting RDTSC/RDTSCP when Secure TSC is enabled. A #VC exception will be generated if the RDTSC/RDTSCP instructions are being intercepted. If this should occur and Secure TSC is enabled, terminate guest execution. Signed-off-by: Nikunj A Dadhania Tested-by: Peter Gonda Reviewed-by: Tom Lendacky --- arch/x86/coco/sev/shared.c | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/arch/x86/coco/sev/shared.c b/arch/x86/coco/sev/shared.c index 71de53194089..c2a9e2ada659 100644 --- a/arch/x86/coco/sev/shared.c +++ b/arch/x86/coco/sev/shared.c @@ -1140,6 +1140,16 @@ static enum es_result vc_handle_rdtsc(struct ghcb *ghcb, bool rdtscp = (exit_code == SVM_EXIT_RDTSCP); enum es_result ret; + /* + * RDTSC and RDTSCP should not be intercepted when Secure TSC is + * enabled. Terminate the SNP guest when the interception is enabled. + * This file is included from kernel/sev.c and boot/compressed/sev.c, + * use sev_status here as cc_platform_has() is not available when + * compiling boot/compressed/sev.c. + */ + if (sev_status & MSR_AMD64_SNP_SECURE_TSC) + return ES_VMM_ERROR; + ret = sev_es_ghcb_hv_call(ghcb, ctxt, exit_code, 0, 0); if (ret != ES_OK) return ret; From patchwork Wed Oct 9 09:28:44 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Nikunj A. Dadhania" X-Patchwork-Id: 13828002 Received: from NAM11-CO1-obe.outbound.protection.outlook.com (mail-co1nam11on2044.outbound.protection.outlook.com [40.107.220.44]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id C56A31925AC; Wed, 9 Oct 2024 09:30:01 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=fail smtp.client-ip=40.107.220.44 ARC-Seal: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1728466203; cv=fail; b=fX/HVa0Wdo5ik30CTgdHthid4pvX5p/lQ/0iX1UeJeH5/wscUV/oF6ri1MfjNPdmKj6BOPC39GrvTXssj2jqPPl15aE+ceiZlUnKC3wivUB1R2dacjfciOeFwr4GtG1QSXdXN4CSdHn9hcdhZrslMzq32nzirPPnkAIznSXTNSQ= ARC-Message-Signature: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1728466203; c=relaxed/simple; bh=wTiiW3zg+ZEXEs6HyoUwSSwd2a1sEJVoTxWCh49OUQg=; h=From:To:CC:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=WjaDAFZP4AIFljP/GpOQZ6yE+sYtHPU+jPLAIx6Rtpq3cwtX7D0Va0IL9JCivbJTroIN+iX2r2NxM5Nke3q3TahWRmnlA7cev2kIyRVzgJwl9HUqY5EZojMiCm41AKuCgy6jkhYRSHfVo9RAeBcFRl0bMnFf53N74uqwBE1qInw= ARC-Authentication-Results: i=2; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com; spf=fail smtp.mailfrom=amd.com; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b=RBDTwyM2; arc=fail smtp.client-ip=40.107.220.44 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com Authentication-Results: smtp.subspace.kernel.org; spf=fail smtp.mailfrom=amd.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b="RBDTwyM2" ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=DYPhSj5sNm0WFcrSSUT23pdYeDbSRdzpbPHDOdw1rGsrs+UTAzGyv1M5xFD1tOwuMbKzLq8Br3ingCqh3jabJyc5737ELC4Zjvicp3EjZO4ZygWAupYSeEjWK75HNW1Rl/XKpU+vdQQTtrW14CCpVYslN6lHRrJPVX68EQ9Sgio6voXII9k1XJ3GaoKWtacx0qyOpkEwawqaEUwhhE91u0KbCSYmnzGQ9qZjWJ+Z0jlJcZyyur1syVEf7p+pbwjnfIm8i+7QT3NbKI3mlsFSmFFs840ITj9wpQfMLdTFniI+dhmU6vUpR25zbCHBTb9Pa62YE9JnQHSeDHwNZKwRLw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=gJbrswFKIOzOu5VNK+d/iLVqlwq3bvmZy+UUG5Gjm70=; b=ptI+nwE+eR9ghcpoMxpYn3mTnE4FVsqfR7zI9UkmAJtVKWnGyov7J3BG/OO1YMKAkZ19uZ5G5ousipY8LtwAHNpBxW2d70dEkbYtibU3g/f2ToArkofFMj5xlLKjIXvBQTGzPCIde2xgJN69G4yo1PDgd07vzBZ/fz7yrerIDyQJCWvBp+/vLyqmxwMXcJFVBW563bj3bK5Xu4frZMFNn610l1F9neqZ7fLCTImD4xE3SK8/JpQChE7w7DoDuC8fMe9vs1MkwtoDEAQYpPLPata/fDx01cZofYdVZLT4lIdygkJRETHBa96SHXRd86rSNwfCw4QSeMPTEJedjO0H8A== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none (0) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=gJbrswFKIOzOu5VNK+d/iLVqlwq3bvmZy+UUG5Gjm70=; b=RBDTwyM2xrHB8+1k+DyQjyTmPvmXRFWKJOJduILd9XpHZuf3v81fRgkApCumiaVKYLoulVQY9A6o/j0p2GKTIkn8zCXEVjhY+kBZv+1eCQYwqH+yZhpniaHPXPzgQbY5IP8XkkYHe3Kq03v063SWp6KHLAjmO03O8wlQDc5eUjE= Received: from BN9PR03CA0296.namprd03.prod.outlook.com (2603:10b6:408:f5::31) by DM6PR12MB4355.namprd12.prod.outlook.com (2603:10b6:5:2a3::21) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.8048.16; Wed, 9 Oct 2024 09:29:59 +0000 Received: from BL02EPF00021F6F.namprd02.prod.outlook.com (2603:10b6:408:f5:cafe::86) by BN9PR03CA0296.outlook.office365.com (2603:10b6:408:f5::31) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.8048.17 via Frontend Transport; Wed, 9 Oct 2024 09:29:58 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by BL02EPF00021F6F.mail.protection.outlook.com (10.167.249.11) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.8048.13 via Frontend Transport; Wed, 9 Oct 2024 09:29:58 +0000 Received: from gomati.amd.com (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.39; Wed, 9 Oct 2024 04:29:55 -0500 From: Nikunj A Dadhania To: , , , , CC: , , , , , , Subject: [PATCH v12 13/19] x86/sev: Mark Secure TSC as reliable clocksource Date: Wed, 9 Oct 2024 14:58:44 +0530 Message-ID: <20241009092850.197575-14-nikunj@amd.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20241009092850.197575-1-nikunj@amd.com> References: <20241009092850.197575-1-nikunj@amd.com> Precedence: bulk X-Mailing-List: kvm@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: BL02EPF00021F6F:EE_|DM6PR12MB4355:EE_ X-MS-Office365-Filtering-Correlation-Id: 913b1f5d-f601-4d1d-4bd2-08dce844f19d X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0;ARA:13230040|1800799024|7416014|36860700013|376014|82310400026; X-Microsoft-Antispam-Message-Info: 4v1li6dCsqb+9EpkdHDKFmnBuydq3PPjjULafyRbv891W/w7iUucj0aDhTesYqALkYp70rlUEhIe/B5IpZDX35RT0m7wUenjnPTzgLgCeSCX7YTCDnHJ97mUKmKJdYbxRBCgFMVInWtM1bPYzwuDdgIFl6RljobyStlLDNmZ6AJkrG5iWgNrTEJr9T3URtxgQLUcNfDk9aUCsNmTABAJ/WW+pqLIhWcQqWzOqq9ky+4Rc/1/jcXON2JX7IaRPTILdplstQRPyElLJK8kcGmkRqan/f0GYBUS6TzN6+n1fxuP59SI1jKP8nY4naHXdC/4S0de/ITPVii+GkUv9cojB77IT+XXdP9/TJXO/rORnlmVMvsdSi9cpsnYOdDu1D9dsat3olQEWxFdNtFV5Laq6MX/PHEcC/aXJfzY/xVAwuyNXRY9YTGB+42VFn47Bg8ZXiuc7yPEo12dgqa0x5B7QoOEX9etMmEanxglTHj0COnwJ1wP/uZzEV4d6H0H8oSpjCpg8PDBs2OjlhWEhiSYNgolv/lsj/gaLPWtV5JeeYXP0Bt9TCv8J4aWeVShPcXHnDBUFMkBC0pP631Ap8ESuDOq00yOkXR/zscggEmfl+9buocIuM1xncsHqwM+QkuQLYNfO6W9s2yXRbchJJoUSfV2RBLYb/MbYdKghKL7RxZjpXnAj/mFv6Ww924OK1M6KoE+w3yhJm1bRExXMRSyUsq03QMO7WOikwPl9dLEdclSJ1vKdH8Dc0uzbFJf3S9t6lFLzdxOk5vQhqNp3f/b9XsVMBuWl9upCrVl5gOzDuLywBIuXrV83KeDEJUFFS/tHx0gfMu/MJI4YqyUdiGkXngNSrQpCGIUXpIK3YU0S1i4gzRGIIT7Jr2d6f7fvBN7bVSvh8If0c825D1PBBI24fnpK+ffvl4DBA4eyZkyFkNp+uthzhhqwt5dGpoWL7G1eMFJa6dUnXNVUwqz8VScIIZeVMXzoOykXqCuiEpTugK2YXYgHA820TyAYJXIhPnmDrjk/QUHyZsAtlMohvfVIMpIist6xAVtCAqVS2itsjhdWTrt6P20Qi5Yg7S6nWntNg80A3X5JesvYG94vbxeryCwQ4bTPMqBuv77TAsmlMnXaivaHwZY0GiJKrq+tBCkrRUXrqjJm3lFl+jEN+vm/fPMZrALtv7j84XtJnVmwKVJxwqoQBbzU+v5mBhM9i12dNhCwXNcDsKNZ5A7pgtjrwmGdtVvcCPeJ1T+V2+a2FnqB4UFeScIQnjUZmzANC8HwXq3SpLFDJUcWXw2rLW3OgsCsYw9PvJjHaVnwGV0Ode/ICzcJrJrXmvJl4VOuhSqpsITgdKIbO5LC6M0rjFl3EMN2vSaiqnqlPBSobkhxo3a6wPJ76N7RqmEMfHJGJw2 X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230040)(1800799024)(7416014)(36860700013)(376014)(82310400026);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 09 Oct 2024 09:29:58.8180 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 913b1f5d-f601-4d1d-4bd2-08dce844f19d X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: BL02EPF00021F6F.namprd02.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM6PR12MB4355 In SNP guest environment with Secure TSC enabled, unlike other clock sources (such as HPET, ACPI timer, APIC, etc.), the RDTSC instruction is handled without causing a VM exit, resulting in minimal overhead and jitters. Hence, mark Secure TSC as the only reliable clock source, bypassing unstable calibration. Signed-off-by: Nikunj A Dadhania Tested-by: Peter Gonda Reviewed-by: Tom Lendacky --- arch/x86/mm/mem_encrypt_amd.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/arch/x86/mm/mem_encrypt_amd.c b/arch/x86/mm/mem_encrypt_amd.c index 86a476a426c2..e9fb5f24703a 100644 --- a/arch/x86/mm/mem_encrypt_amd.c +++ b/arch/x86/mm/mem_encrypt_amd.c @@ -516,6 +516,10 @@ void __init sme_early_init(void) * kernel mapped. */ snp_update_svsm_ca(); + + /* Mark the TSC as reliable when Secure TSC is enabled */ + if (sev_status & MSR_AMD64_SNP_SECURE_TSC) + setup_force_cpu_cap(X86_FEATURE_TSC_RELIABLE); } void __init mem_encrypt_free_decrypted_mem(void) From patchwork Wed Oct 9 09:28:45 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Nikunj A. Dadhania" X-Patchwork-Id: 13828003 Received: from NAM02-DM3-obe.outbound.protection.outlook.com (mail-dm3nam02on2051.outbound.protection.outlook.com [40.107.95.51]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id AC4FE18DF73; Wed, 9 Oct 2024 09:30:07 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=fail smtp.client-ip=40.107.95.51 ARC-Seal: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1728466209; cv=fail; b=P3r1qwq93C0AmGL1OKxhuqdZrmFQCfkuHd868DtMH2Zd+NoWRWam2+sJOPVRCdp/otgYdFPT+JCjkMh/ASVlXcYLfOogJAldsZHr6G57knvZVRmCHlW93bOQU0azNFrpi/WO5mVEThwagDgaBMtRn6ZoSrYZeO+MOM7iDqKawXY= ARC-Message-Signature: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1728466209; c=relaxed/simple; bh=yFEZa87ePkT0GVks5aURlM8AiHyAN4jc7iqBmsLDGpQ=; h=From:To:CC:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=Qx0wk/arsn8EtV/u981Aw36XTnM5Ne+GBlzJA9zexwKyDloQMtyCXIoKchK6/WxcxWBYUxTRDHwl/ssmKIVFYxoqIsSFnbG+ECckpFxkzWMmK99pKOEgkDPp2TqX+Z0xBW7KVnAcqz7E0MjutUO8+9RnoZAxSP1EiaSUa4VCECk= ARC-Authentication-Results: i=2; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com; spf=fail smtp.mailfrom=amd.com; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b=kuYGEtAx; arc=fail smtp.client-ip=40.107.95.51 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com Authentication-Results: smtp.subspace.kernel.org; spf=fail smtp.mailfrom=amd.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b="kuYGEtAx" ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=h6j5GvphpjJSooV+HmARnLZysUZjSLnDVcFYF285unTfeUjfK+F7kuif/ghCx8RKEVv6PaH7ppy5db+XJZAyh5O/dcF9v1aL19me4xQhdU+JVOBxNZLz9wpN9t3sEdbMVpuBFgZCJ9VrTfPRXJcYIQtfjAUQBQEYJo6iV4I0zzIphRtIZ0gghNV/abCAOE6/TpcgAUscR8MvcomO89f0vHDV/vd37I4KQ7+XR18XTYXyiD/hGM7uh/ljR3wWYIjICk6mJzOBMcR5qH3gyE/sGRJ3zvKJOwD3haR+6qJfvWgCsU4TiFxUmCxcPAsb2loZ0geVlitbCXG5kOgKMYunuw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=vG3XlH6X8br1SqyWUNJJtNwI0wjzLZKOOQCiMEdkNZ8=; b=dWR+ENC+ldiju8eRTURVhgdtyVEHvpdY9h4zUItOUrjZPBiE+c17+vWUH/A9D3+EqB+Hj0dAxDu7K5xE0caVmWFY6OVeXVJM8w32ANLbUULQC7PGu+S5apknUazOVar6ZUpO+GOfIk2h2tTI+xtFbTaiP3sGVmV7zguyqyIH1l3+jkUL4VjKRpBu83S8Ymin3z/x2lvcpX7kbreQ3Q1Z1u6RhBuXKJ1CWAgOEx2mrRzekpHlD1UzZ9sdxMBes6s1Yd+e7ZhhbOQCxtCNeJM5FIy/20aL7enuqmPfuhftiQU8naX2r4gPgp21sJWFiYOt4CU12GHHOvPJZDu/0I+HLQ== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none (0) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=vG3XlH6X8br1SqyWUNJJtNwI0wjzLZKOOQCiMEdkNZ8=; b=kuYGEtAxKlim246Fc3RIyd8H2tvW9JgRjx2v6S6A11X+/PWrunYv/Co7ZrEHejac789OlJZCG6J92kzdSXz7BtYR4kSJEyRFUdats9h6BKlJgpFFC++VABjQPiCZQpQPjnmXQlGK55DdVh9GOBDDSy4Huel+XMZOTfLV6LnX7SU= Received: from BN0PR04CA0094.namprd04.prod.outlook.com (2603:10b6:408:ec::9) by PH7PR12MB5617.namprd12.prod.outlook.com (2603:10b6:510:133::6) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.8048.16; Wed, 9 Oct 2024 09:30:03 +0000 Received: from BL02EPF00021F6C.namprd02.prod.outlook.com (2603:10b6:408:ec:cafe::67) by BN0PR04CA0094.outlook.office365.com (2603:10b6:408:ec::9) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.8026.24 via Frontend Transport; Wed, 9 Oct 2024 09:30:03 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by BL02EPF00021F6C.mail.protection.outlook.com (10.167.249.8) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.8048.13 via Frontend Transport; Wed, 9 Oct 2024 09:30:02 +0000 Received: from gomati.amd.com (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.39; Wed, 9 Oct 2024 04:29:58 -0500 From: Nikunj A Dadhania To: , , , , CC: , , , , , , Subject: [PATCH v12 14/19] tsc: Use the GUEST_TSC_FREQ MSR for discovering TSC frequency Date: Wed, 9 Oct 2024 14:58:45 +0530 Message-ID: <20241009092850.197575-15-nikunj@amd.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20241009092850.197575-1-nikunj@amd.com> References: <20241009092850.197575-1-nikunj@amd.com> Precedence: bulk X-Mailing-List: kvm@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: BL02EPF00021F6C:EE_|PH7PR12MB5617:EE_ X-MS-Office365-Filtering-Correlation-Id: 4b13cfb7-f455-4cae-9e2e-08dce844f41a X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0;ARA:13230040|82310400026|1800799024|36860700013|376014|7416014; X-Microsoft-Antispam-Message-Info: ldQkFkknabsdKJaLCDmmKhZSRBbU2x6NqLOqxz138Fapt6v07+Xm34Iwe62hqY+YxJ3ZIuGgdlVlTWjHmnf97MI4MDUerbK7UA3skeS1xmrrxgcrgLVhuHChjkFYdT2JNwrPhc8wz1ACAHr1ErMGuiINmAZq5yEPMmM0qk6natHbCUTVJLA3hPjS6DBM/niWnBElEcnQ9pzyLN9+Gf9LIwKaqP2qp9pdDZ+kDflfJ2yeKF20pC2KnfShe/1ea9/8tGhk49S8RLt1vUyfkU874WkyF+5Lv/yJ3zR3ixfbDHtpRBQy8RoMZ/p+vEnRNutd6fS+rt4VkDCdIcz8cxFJQ09t/ZsyX6qfAbQRZzZIlKRXySBjzHKXWbq9ShYUrWIKjvLEhdm5/Xmcv61jCN6DhRJgr0PRY8/5pao7nH3k6jej0Pqsw/OlkpEERYyI6G+EakOymDw2XPpCQYCvp/9E+12NKwUZHcGlEu0BYbE3WaM7NxiU79vcsP1DbLdcdlDaa3qkRKL8guCWOTtl0Gj2L0EJE0xIW2tHr8u7SzDE1CCQPPMaka1arO9agQ0TaBfk9lvstfv9L3tY1t5ajfhmW0Af44u+zHe20f34wNTzg3YRBB/JmVdHxFNzntlu3HnEfeVtDgO0od47mTLrD5YtMd/6GFGfftZLh6NgDl+WUu0IX21m8F7631DNsDhL5No2PCH9ST3xxNwLcKTzYQo2bOGElqJn5fzyTZ/Pk82TAo3XqpHgyv8KMLTKZxyQkGT5cLGGhLuV+Bb0vLbw8jblMUnFcYBw7kfA6i15iaOHmXXuOVvtxXrG36F39/PpEthxwxyREbsT5z16Xd2WeQG2hOU2HFGCYOYnZnxiNSEKo3j11qa2rHsVl0yCaLRshZSX0RekFKICJ4Fmthh44J8hgIcGCB5/JEf3+wswFtAEcnlPpS/4TpVI91yiWim8ZWNiCbvnW/RztS3sEFCbeV5geccU0k6u686jBLx0KEaPyHHFUbpnw8DsgJKvDT7ixXL48+Vz32hEXt5zuVo6pybPZ3HBbdjSGk6HvxQZcs+esUobBTp7dIkfOVdSMGXwvU3ejWhR0nNL8JEahrHgaoLf+br2Rf2gwX9QnvEsU4ZZtNHqobSjY1dNKv6JOCU13QAAZfjR/ORlQa7+jvvGz/jhJ42CixM7WggrydlIHZkOEM/9fvyCT5PEsPBPLP0vR/ldx0zlfqgcGXMrOmR/VXjbSSVfBqkvlDepsnZqJArY+9K7xdGQ4wTW7c6IigGoa5fk5apVz3Hkk34pi3Wk7k48S8kXnLtOXAq6F5cUeW9+JJ45KzPxet0ALmNjaiL6D26rG5TbiBxiddQQ8pmBK1cEZgIwWtGSO0OCiGqnwQ8KHAYKkGCf1bLkeQrp11rl3LQa X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230040)(82310400026)(1800799024)(36860700013)(376014)(7416014);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 09 Oct 2024 09:30:02.9791 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 4b13cfb7-f455-4cae-9e2e-08dce844f41a X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: BL02EPF00021F6C.namprd02.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: PH7PR12MB5617 Calibrating the TSC frequency using the kvmclock is not correct for SecureTSC enabled guests. Use the platform provided TSC frequency via the GUEST_TSC_FREQ MSR (C001_0134h). Signed-off-by: Nikunj A Dadhania --- arch/x86/include/asm/msr-index.h | 1 + arch/x86/include/asm/sev.h | 2 ++ arch/x86/coco/sev/core.c | 16 ++++++++++++++++ arch/x86/kernel/tsc.c | 5 +++++ 4 files changed, 24 insertions(+) diff --git a/arch/x86/include/asm/msr-index.h b/arch/x86/include/asm/msr-index.h index 3ae84c3b8e6d..233be13cc21f 100644 --- a/arch/x86/include/asm/msr-index.h +++ b/arch/x86/include/asm/msr-index.h @@ -608,6 +608,7 @@ #define MSR_AMD_PERF_CTL 0xc0010062 #define MSR_AMD_PERF_STATUS 0xc0010063 #define MSR_AMD_PSTATE_DEF_BASE 0xc0010064 +#define MSR_AMD64_GUEST_TSC_FREQ 0xc0010134 #define MSR_AMD64_OSVW_ID_LENGTH 0xc0010140 #define MSR_AMD64_OSVW_STATUS 0xc0010141 #define MSR_AMD_PPIN_CTL 0xc00102f0 diff --git a/arch/x86/include/asm/sev.h b/arch/x86/include/asm/sev.h index 9169b18eeb78..34f7b9fc363b 100644 --- a/arch/x86/include/asm/sev.h +++ b/arch/x86/include/asm/sev.h @@ -536,6 +536,7 @@ static inline int handle_guest_request(struct snp_msg_desc *mdesc, u64 exit_code } void __init snp_secure_tsc_prepare(void); +void __init securetsc_init(void); #else /* !CONFIG_AMD_MEM_ENCRYPT */ @@ -584,6 +585,7 @@ static inline int handle_guest_request(struct snp_msg_desc *mdesc, u64 exit_code u32 resp_sz) { return -ENODEV; } static inline void __init snp_secure_tsc_prepare(void) { } +static inline void __init securetsc_init(void) { } #endif /* CONFIG_AMD_MEM_ENCRYPT */ diff --git a/arch/x86/coco/sev/core.c b/arch/x86/coco/sev/core.c index 5f555f905fad..ef0def203b3f 100644 --- a/arch/x86/coco/sev/core.c +++ b/arch/x86/coco/sev/core.c @@ -3100,3 +3100,19 @@ void __init snp_secure_tsc_prepare(void) pr_debug("SecureTSC enabled"); } + +static unsigned long securetsc_get_tsc_khz(void) +{ + unsigned long long tsc_freq_mhz; + + setup_force_cpu_cap(X86_FEATURE_TSC_KNOWN_FREQ); + rdmsrl(MSR_AMD64_GUEST_TSC_FREQ, tsc_freq_mhz); + + return (unsigned long)(tsc_freq_mhz * 1000); +} + +void __init securetsc_init(void) +{ + x86_platform.calibrate_cpu = securetsc_get_tsc_khz; + x86_platform.calibrate_tsc = securetsc_get_tsc_khz; +} diff --git a/arch/x86/kernel/tsc.c b/arch/x86/kernel/tsc.c index dfe6847fd99e..c83f1091bb4f 100644 --- a/arch/x86/kernel/tsc.c +++ b/arch/x86/kernel/tsc.c @@ -30,6 +30,7 @@ #include #include #include +#include unsigned int __read_mostly cpu_khz; /* TSC clocks / usec, not used here */ EXPORT_SYMBOL(cpu_khz); @@ -1514,6 +1515,10 @@ void __init tsc_early_init(void) /* Don't change UV TSC multi-chassis synchronization */ if (is_early_uv_system()) return; + + if (cc_platform_has(CC_ATTR_GUEST_SNP_SECURE_TSC)) + securetsc_init(); + if (!determine_cpu_tsc_frequencies(true)) return; tsc_enable_sched_clock(); From patchwork Wed Oct 9 09:28:46 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Nikunj A. Dadhania" X-Patchwork-Id: 13828004 Received: from NAM11-DM6-obe.outbound.protection.outlook.com (mail-dm6nam11on2052.outbound.protection.outlook.com [40.107.223.52]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 02644188A00; Wed, 9 Oct 2024 09:30:10 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=fail smtp.client-ip=40.107.223.52 ARC-Seal: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1728466212; cv=fail; b=Td5OfLQMp8hQwfWigktQPT62Y1BW65FMWSp1Ttvagr1+n+dIWOMYbNZtQuT4JCJQHbiyDRsR72bV0EVbBXG29ZNDBV4GBsXytkGaT9HTIhKaz/5/tSbv5LSaJRbuGKC8fD4pd+B5kfEuaG9GBKERfy2zfY8t+bKdDiZnrP6ckfw= ARC-Message-Signature: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1728466212; c=relaxed/simple; bh=cm+JJ8AVEPP7aMVpJngz0lZCljTqydBTuNDLoVxQGdE=; h=From:To:CC:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=L/F8z0vJ7CNlycehz55FjfJBmtaI6cvGFcM5rO1nay3CaFCxkKtqFk0LD/ub6dqnBEw/nVDxNrKlalGkCnofnKY4f4h2pREPUXEpEWmPLLhrDMqzGC62wGIrhdhic5G7eQf766RTEG4p12ZdOjfojjcSd65g50lAjOysJotCPpA= ARC-Authentication-Results: i=2; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com; spf=fail smtp.mailfrom=amd.com; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b=xMs2SzvC; arc=fail smtp.client-ip=40.107.223.52 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com Authentication-Results: smtp.subspace.kernel.org; spf=fail smtp.mailfrom=amd.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b="xMs2SzvC" ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=fDcACBycPapiE/rEhPpa3/Y+GTS1ou0w7kln4IVIeUSuuYZq2kiFd1Ti9UHgpRH1ObVddjbtyFVa+Shfl/iEDtkkMHvZhaFlwKQuc+IjubvhXePlrtavHgW1hkd9rFHCFjiX2ZE0V9gFhhB9leVLvBTskXX8G8u4aRUIknP0WTIDgmqSemHRcY3jcBUwHqXuGJLnnWqBC/FbszZ5ZMZqhNRDLUWLNswPLTThnMqQHkaxhepOwweLvWSEScggSVVKF7TxjSjoWaB0+Ny38PdY6rDRZIVJmhp3GGJ/fcLvthySzUTPTVk/Gdvn0voYWa7zMiFtDDkA7LMg7Fk2Eknx1A== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=Pq3EC4XhIJZAGlFQNoMnt4aW83Fg6qOxirkSaBau4rk=; b=QmkfmYl8KdAWvNomNtKiLbvPjFeNWPX50jkvP+veY7efGJgNefzojYY/EZlNFLSYPZtaxBYQapkHsIQyAN3wwiL8cMdREmwEyc6/GJfAKfKqPCgAQ0r6jFmU8iMe8qMYCQUKh50xwyakbpjhcdIjx7X8m/QAUo3xt8jCEWgDH1HSvgas9L0nhNM1YAuFRv0U7CxfLEhY/308RSwx6T0xn8sMLJrF5sB5RXhuLEsRpnORJCFCXMvRBL9GWzzr6zbDW0UXQdqS4Vf8IoLGocVq/aiOhOsaovsh93gjTTgZf+ItQ0IUZrGspTh7zBYJcFUIXkGXHXxvcNfA8bmXSPaUvg== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none (0) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=Pq3EC4XhIJZAGlFQNoMnt4aW83Fg6qOxirkSaBau4rk=; b=xMs2SzvCgVoQQ6xgWPChJe0osNM0kcTXPOCicU+7NO3brJou8+sFmgqvGPwX6XWwC/mQ1rpH+6sl/xJfA36umLzTBlX/RJKGofwV0OzTFMkad6v2eBy0p1vHq/4HTIb0WLJoHq+gqISoYiNW8jXeM5MLnzp2d7w6MVI0mrxr4/w= Received: from MN0P220CA0010.NAMP220.PROD.OUTLOOK.COM (2603:10b6:208:52e::20) by SN7PR12MB6815.namprd12.prod.outlook.com (2603:10b6:806:265::13) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.8026.16; Wed, 9 Oct 2024 09:30:08 +0000 Received: from BL02EPF00021F68.namprd02.prod.outlook.com (2603:10b6:208:52e:cafe::93) by MN0P220CA0010.outlook.office365.com (2603:10b6:208:52e::20) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.8048.17 via Frontend Transport; Wed, 9 Oct 2024 09:30:08 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by BL02EPF00021F68.mail.protection.outlook.com (10.167.249.4) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.8048.13 via Frontend Transport; Wed, 9 Oct 2024 09:30:08 +0000 Received: from gomati.amd.com (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.39; Wed, 9 Oct 2024 04:30:02 -0500 From: Nikunj A Dadhania To: , , , , CC: , , , , , , Subject: [PATCH v12 15/19] tsc: Upgrade TSC clocksource rating Date: Wed, 9 Oct 2024 14:58:46 +0530 Message-ID: <20241009092850.197575-16-nikunj@amd.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20241009092850.197575-1-nikunj@amd.com> References: <20241009092850.197575-1-nikunj@amd.com> Precedence: bulk X-Mailing-List: kvm@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: BL02EPF00021F68:EE_|SN7PR12MB6815:EE_ X-MS-Office365-Filtering-Correlation-Id: 947e641a-fbf0-4001-37a2-08dce844f74d X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0;ARA:13230040|36860700013|82310400026|1800799024|7416014|376014; X-Microsoft-Antispam-Message-Info: A//1BD10ZYG53Qruh0HtsoQl0ur1CU0oW7rhBXXOzVpxcDbhMPTQdi7S058STpr9MWpN82rW7kPNvv1Sa4B60Rr1tBHBd94dp6GMltXQe3WCGNZOsMk9+kMgnHuadxv4Tv2koL66CsBJW8o1InGOI0GUSwwlGgMA1KxN8N8X6WNMyhVMDBg74/LD01EONf+zOZDzBs9Kp8CNSF6k1/yRCB38fsGk8DvJUNMv7C7ZE5rG3JQYhIsQrYQh2C19FurBIvo1akwSICXZ6JLy0VpEqDzS25/qeV7KwGtkDERgCtIhNMvFJg98yvTIEvZSHxkxmVPjxkP0JlIbS23hiBYnbgIRJIYN3YHG7CYaCHm+K3FBFzaUSEuleMhhdD1nsQ+V6i5wW7Ehm9xX1C/ZO9ex3rPO0DD0SGqszquapJQlUT3iP9U8kzz1Crku+hsVf3tJtXIbRC8evZf38bKIJcJ61/jcBxF5aMIhUVRANFUocRgjpzIEXTBZ9jUec3gEYpWmj7QxyAuSQajQu0YMWP59MOmDeoeFCQuiTcnJ//JagK14th/y/gaA2aeVpOXlJpjSOwGQRz/dphYV29svgEXqs5PGcDPXKLYCR7ChP365bKpaTFZkhU8ZRRnbUijSLRAIENoLnAupsU2oKvILnzSd4nmBLGzms+CcxYY0RQbLXsylNnWq+ITG7PD1CeitFmj0NIanZslI5i/NnnmrUD/eIDCwglNe1vSkXKCaN7octbCprxWonlkmJfYbrdqSnWYpdkOhb5kxp0+MICSegiY6xu1c1A8yqK4Vh1+MIrFECNKsvDJGAhJuzCx0ITOEfVN8k/kUVlQPgujdK1t7cKXrfda+Yf/2psjQL9rMG/LMZhfV+lznPX1OBHUTPYCGgX409ssggVTWyO2pLZhJbFhEm1oEO/LVSkMprHv7ltBZE8jtyvwoAhx5xMcBu3HHZNAVlfdEzgc3FyvcHFV4SyJ1cGkOM3nBL1MPSjd/MCfSxWpmI0Y9KEJcmIQq1mYEhfeawAyHFx96T5MejOvWh+IaFZTuRxOtnCojd7VHVNgWnFSlossAt0MGGfYaXxqLBPz9geqHUnRRsMc/4skHG+3ZCrqKJfjxf/ha9FyJEcMz2QR0najBIaKo9g8r1GTvb7nj6Dyhp3D2m3EH1rmsSkJxPlNdpJagg5L6Ly7oZjf4BvrXuiUnqOL9Y5X2uxqL1A97BNiUsuNxK7mSd0CY4KX7Ue9+6LBvfLxLC6i8q0jGqzp4UZ3YKsm29AdRNwQ5PKiRQv4+isHHUXBIQt+t/HAwNF6uUauSzMyLucLCH2s4/Vmjz6u5utejq7+otvMXiCfx3u5j2jr9jTbk/uxr8+plK/VA4qkLJnQlDQMkKkc9mKH1reZJuwR8TA2za/71dQRa X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230040)(36860700013)(82310400026)(1800799024)(7416014)(376014);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 09 Oct 2024 09:30:08.3439 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 947e641a-fbf0-4001-37a2-08dce844f74d X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: BL02EPF00021F68.namprd02.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: SN7PR12MB6815 In virtualized environments running on modern CPUs, the underlying platforms guarantees to have a stable, always running TSC, i.e. that the TSC is a superior timesource as compared to other clock sources (such as kvmclock, HPET, ACPI timer, APIC, etc.). Upgrade the rating of the early and regular clock source to prefer TSC over other clock sources when TSC is invariant, non-stop and stable. Suggested-by: Thomas Gleixner Signed-off-by: Nikunj A Dadhania --- arch/x86/kernel/tsc.c | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) diff --git a/arch/x86/kernel/tsc.c b/arch/x86/kernel/tsc.c index c83f1091bb4f..8150f2104474 100644 --- a/arch/x86/kernel/tsc.c +++ b/arch/x86/kernel/tsc.c @@ -1264,6 +1264,21 @@ static void __init check_system_tsc_reliable(void) tsc_disable_clocksource_watchdog(); } +static void __init upgrade_clock_rating(struct clocksource *tsc_early, + struct clocksource *tsc) +{ + /* + * Upgrade the clock rating for TSC early and regular clocksource when + * the underlying platform provides non-stop, invaraint and stable TSC. + */ + if (boot_cpu_has(X86_FEATURE_CONSTANT_TSC) && + boot_cpu_has(X86_FEATURE_NONSTOP_TSC) && + !tsc_unstable) { + tsc_early->rating = 499; + tsc->rating = 500; + } +} + /* * Make an educated guess if the TSC is trustworthy and synchronized * over all CPUs. @@ -1565,6 +1580,8 @@ void __init tsc_init(void) if (tsc_clocksource_reliable || no_tsc_watchdog) tsc_disable_clocksource_watchdog(); + upgrade_clock_rating(&clocksource_tsc_early, &clocksource_tsc); + clocksource_register_khz(&clocksource_tsc_early, tsc_khz); detect_art(); } From patchwork Wed Oct 9 09:28:47 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Nikunj A. Dadhania" X-Patchwork-Id: 13828005 Received: from NAM12-DM6-obe.outbound.protection.outlook.com (mail-dm6nam12on2054.outbound.protection.outlook.com [40.107.243.54]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 82300192D97; Wed, 9 Oct 2024 09:30:15 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=fail smtp.client-ip=40.107.243.54 ARC-Seal: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1728466217; cv=fail; b=WZ8K1syyqbMS9fQMzP2QaEKxJxYADogiu1XSm5YxXgAeB84KRsnHHaz/WphE19jI9akPcH1A4HYW9IXbbFIeHxUcrBVR0Nnb7ELD1BwdA2ei+s6IBrFAtOI//XrJUhqRpsfyz7rHOj3ieHApTV/xo9igb7Nvwl8AeuR+xG8YRMY= ARC-Message-Signature: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1728466217; c=relaxed/simple; bh=Ay6VfP83eIo7iEaEyZIBOZKOm5hmC6I+HBlHA3WWths=; h=From:To:CC:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=OK9nJGIv78ma9rybybfc55xnKDjDJt9gY2e0CmCeMFAGdRUSLw2K4Up+wpCeFMkx0/oc+2O55g2fp2jm5vjpBjCFCXRPBDzLxSebBQ5moa1m6LOe/pkQJ6QAk4RDUa+UX+GFMhyePrarkt/rafNRo7SF5BtyWgo5avM3W4I1tkY= ARC-Authentication-Results: i=2; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com; spf=fail smtp.mailfrom=amd.com; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b=OVkHUS35; arc=fail smtp.client-ip=40.107.243.54 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com Authentication-Results: smtp.subspace.kernel.org; spf=fail smtp.mailfrom=amd.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b="OVkHUS35" ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=pgRacWySNWyYxu7RuRAD5kjayFSim3XLGKLd2scCvH92ooz88RrrTAfGaXrFkG958HtWHcJpm0FqN16LjScW4SyD7S6MSTctQFho6eSGZ1rK5mh+F/YjZ0BJymbXRDUcMw7afej7g56OBtLJ3Y7QA9Qt5PZxDFU9bMnBk8LU663iMplb9UOXLvslwLM5GNef3RmJj2Rh/ZM4pMCdpRsBQ1HJN8R1wxCJJuWJl5vBvSr3oFEiJyd3y0BD9yomH1aJtxRLtkiJjdHwHWv47Ycn4OzE4Q0KXwraztGf6r6VQFd4YVhdp46l6r+5+ZOFMmPuv9XUkAZvayEdNY1TEZ9d/g== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=npqZ0UxLwNdAK/61C0ThIVdI3pLl974pEbXbWWz6pfs=; b=GqIYCoD0Bh18i6jCNSjAfkASvj0TFl3gXRIT0gG7s+VqNuzoCypkOQ16EAbSjSE4eBR4lQTHV5QW981WYcnA2OoUy3MLVZuC9gjhjQ9QpuaxXfhO1laU17rtAzBOhKbzFsr6OrWa5Estox6pfNh4L6g94nw8Lnrv8pR3nxiDkHbqe9dz5BHjHKNC82SqXf0EALd6xSsgqsKFg9JbCRJVKBFLdcciXqmMlRtC0Zrhg2f5+GQ2VpIfzrI/rkvgapuk4pBtSqL4/KcS/8vD4p57iGh+jjCjq+OqP/pojkV83ZqqthXORPhEYN96zEM5vU5C9JEiAUe89e80SAq9tL4pXQ== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none (0) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=npqZ0UxLwNdAK/61C0ThIVdI3pLl974pEbXbWWz6pfs=; b=OVkHUS35+Nt/KiASlCLJY/s+FswvKc57U8tE/vwwxC+m9EATFtiES4XEDef8SDnOhg82mEMi57Gkr7te7jEbskxw7UtzCdx2J27T1sBRT40vim/yzVdtjdu6TZayV74aLj7s9fsNOWzOiGbz2l3dXKza6KdJyIUaq8iRbE+wrvw= Received: from MN2PR17CA0035.namprd17.prod.outlook.com (2603:10b6:208:15e::48) by SJ2PR12MB7962.namprd12.prod.outlook.com (2603:10b6:a03:4c2::14) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.8026.22; Wed, 9 Oct 2024 09:30:11 +0000 Received: from BL02EPF00021F69.namprd02.prod.outlook.com (2603:10b6:208:15e:cafe::e5) by MN2PR17CA0035.outlook.office365.com (2603:10b6:208:15e::48) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.8048.17 via Frontend Transport; Wed, 9 Oct 2024 09:30:11 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by BL02EPF00021F69.mail.protection.outlook.com (10.167.249.5) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.8048.13 via Frontend Transport; Wed, 9 Oct 2024 09:30:11 +0000 Received: from gomati.amd.com (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.39; Wed, 9 Oct 2024 04:30:07 -0500 From: Nikunj A Dadhania To: , , , , CC: , , , , , , Subject: [PATCH v12 16/19] x86/kvmclock: Use clock source callback to update kvm sched clock Date: Wed, 9 Oct 2024 14:58:47 +0530 Message-ID: <20241009092850.197575-17-nikunj@amd.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20241009092850.197575-1-nikunj@amd.com> References: <20241009092850.197575-1-nikunj@amd.com> Precedence: bulk X-Mailing-List: kvm@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: BL02EPF00021F69:EE_|SJ2PR12MB7962:EE_ X-MS-Office365-Filtering-Correlation-Id: 5f67c8f8-7abf-463c-5a5a-08dce844f921 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0;ARA:13230040|7416014|1800799024|376014|36860700013|82310400026; X-Microsoft-Antispam-Message-Info: X/oB4xEYFEEzNYz9k5pG3KNdLSadD5+r4QlYybuo/wYMAzN/rjFGjFVVYd1bDeKGL5At41ANrVLl1CET2pNlhTRLs31IMiUIfs0F+yqcUvehAIzZgTwKAxBG4Bmgq8k8P01HYYrbv4XU5sEm+YGkJCYpduK16NQQWn+liilF8ph0z3J3or9Ccz3j7KifLSLD1IzkpE5jQhfOiQMQcY6GO/beesAaNpqcz1J5I8fHiNtg96+/N5TpY6gQbhnO+iApFftAOih14CuG+yFu+vukdCjeuqmCSCE+OALqEW7kzmmv+tUWWYclLk2tMcmR4DYopcb2rNKzpeThZp5zUkmTBUX+fOH3MmlnenkfPm/VZuiw2Gy5/ZCUHA7wLXvO+xo5mZV4ZrUe3LjJaPstpdLc9zK9U+7R2Z4oKxGAvqu0dJTNOOKfmbbVBmYIXB8qMK3y0SqUlt1CqgPyIICtmmmSJKYopFdbFqgczxXMggDi7o4p2M+WCqvjTjcTqbjBPRl9k8O4ORGBOSfcxudMDw7rWtNChAdsFhzBV4RxFNhtgKGfqpR4LlNezS4e5Q4/ScAnb7Rkcc1fdGp4M88cFQs4dEKtyidbyhvAhFpyahIceOvuaFC1bmiUJYa1IGzypXI02fnBvNXzi6rdQL3p46yYdoaNMlTKP6b26ReF62HaYMvkYCZnV0mPSD0DhkOnfKnEkkOZsIasbNhQw60pMZbWIG4SasrKxPqY17R5BhReEWM+155RzHvJdjYkBHrdg0slGPN1TAQabLp0YSlZuJ0XGGCKx7vVR1o6KXt1XDT4eYl1LxdPUXV7TR/pnReREJjkI7Ucq+mRba8WyxH0Ta7eR1GKd/1N+FvnyUJC9BzqMLjEnO5JL6MoTOq5eaamEQMT0a1atSNTE8tZ/K23gbQXHjhTgIVH0TAH2Yw5QHMqNMDbTjvASQXV/XhuBCub16YzIGZvdxcpTUuj/Rf3tXW8g+galEgn8uAjg8TUYtHE6VyAAqtYsWFO+hF4ZptDYfz+RC0WDlPmRk4Ovtorp+9DHBdpBpy8BPuNKgnLTLyQoTuQXf4LxFl9sj5RQ+4cmlIqao3J6w8+pgjGt3+ngofA626s4P14RUcWHQyrqQ18QgfQC3dX5V3xuFEOQE7aJNWl/TQAVtEWE2nU9h+Z3eJwlIycmip4YCLVcYonNWRuPpRAaKZSvg1yZbJEBhI1C4DJuX05OmB6z/KrucJZFJhdhtRd0INtz/cJWy34HivB4eZFSZiLtu8sYWr0WrR1hbjwzKqnxJfErL6xT1SRKsKPAtToRuCG57+Yq++3QYLz0avokSzzQ7ZQ7A6zYtF6hKBtUOs1TyvCFStucTIP1IZ02zQneCmQETOCw9VWNjoStuWH9S95uDSwciTCqpp9yTXC X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230040)(7416014)(1800799024)(376014)(36860700013)(82310400026);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 09 Oct 2024 09:30:11.4275 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 5f67c8f8-7abf-463c-5a5a-08dce844f921 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: BL02EPF00021F69.namprd02.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: SJ2PR12MB7962 Although the kernel switches over to stable TSC clocksource instead of kvmclock, the scheduler still keeps on using kvmclock as the sched clock. This is due to kvm_sched_clock_init() updating the pv_sched_clock() unconditionally. Use the clock source enable/disable callbacks to initialize kvm_sched_clock_init() and update the pv_sched_clock(). As the clock selection happens in the stop machine context, schedule delayed work to update the static_call() Signed-off-by: Nikunj A Dadhania Signed-off-by: Nikunj A Dadhania --- arch/x86/kernel/kvmclock.c | 34 +++++++++++++++++++++++++++++----- 1 file changed, 29 insertions(+), 5 deletions(-) diff --git a/arch/x86/kernel/kvmclock.c b/arch/x86/kernel/kvmclock.c index 5b2c15214a6b..5cd3717e103b 100644 --- a/arch/x86/kernel/kvmclock.c +++ b/arch/x86/kernel/kvmclock.c @@ -21,6 +21,7 @@ #include #include #include +#include static int kvmclock __initdata = 1; static int kvmclock_vsyscall __initdata = 1; @@ -148,12 +149,39 @@ bool kvm_check_and_clear_guest_paused(void) return ret; } +static u64 (*old_pv_sched_clock)(void); + +static void enable_kvm_sc_work(struct work_struct *work) +{ + u8 flags; + + old_pv_sched_clock = static_call_query(pv_sched_clock); + flags = pvclock_read_flags(&hv_clock_boot[0].pvti); + kvm_sched_clock_init(flags & PVCLOCK_TSC_STABLE_BIT); +} + +static DECLARE_DELAYED_WORK(enable_kvm_sc, enable_kvm_sc_work); + +static void disable_kvm_sc_work(struct work_struct *work) +{ + if (old_pv_sched_clock) + paravirt_set_sched_clock(old_pv_sched_clock); +} +static DECLARE_DELAYED_WORK(disable_kvm_sc, disable_kvm_sc_work); + static int kvm_cs_enable(struct clocksource *cs) { vclocks_set_used(VDSO_CLOCKMODE_PVCLOCK); + schedule_delayed_work(&enable_kvm_sc, 0); + return 0; } +static void kvm_cs_disable(struct clocksource *cs) +{ + schedule_delayed_work(&disable_kvm_sc, 0); +} + static struct clocksource kvm_clock = { .name = "kvm-clock", .read = kvm_clock_get_cycles, @@ -162,6 +190,7 @@ static struct clocksource kvm_clock = { .flags = CLOCK_SOURCE_IS_CONTINUOUS, .id = CSID_X86_KVM_CLK, .enable = kvm_cs_enable, + .disable = kvm_cs_disable, }; static void kvm_register_clock(char *txt) @@ -287,8 +316,6 @@ static int kvmclock_setup_percpu(unsigned int cpu) void __init kvmclock_init(void) { - u8 flags; - if (!kvm_para_available() || !kvmclock) return; @@ -317,9 +344,6 @@ void __init kvmclock_init(void) if (kvm_para_has_feature(KVM_FEATURE_CLOCKSOURCE_STABLE_BIT)) pvclock_set_flags(PVCLOCK_TSC_STABLE_BIT); - flags = pvclock_read_flags(&hv_clock_boot[0].pvti); - kvm_sched_clock_init(flags & PVCLOCK_TSC_STABLE_BIT); - x86_platform.calibrate_tsc = kvm_get_tsc_khz; x86_platform.calibrate_cpu = kvm_get_tsc_khz; x86_platform.get_wallclock = kvm_get_wallclock; From patchwork Wed Oct 9 09:28:48 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Nikunj A. Dadhania" X-Patchwork-Id: 13828007 Received: from NAM11-BN8-obe.outbound.protection.outlook.com (mail-bn8nam11on2055.outbound.protection.outlook.com [40.107.236.55]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 871CB194138; Wed, 9 Oct 2024 09:30:20 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=fail smtp.client-ip=40.107.236.55 ARC-Seal: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1728466222; cv=fail; b=GZ5S43QmkVhKwWjZAKHBNfs+ev9wWktWmkGTFJeYqMZ2RRMYhv7eMd6IbuDhfFfoLVWG/w8FvzQxiVrDjElVUt3ugAfaOzEURFmfpYJKA++kKD7rhXTlJHAO2mBl9k0Szdu0s5No+YvmsQolAgwVXchO7hZi5QkbQzq811YZ6fY= ARC-Message-Signature: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1728466222; c=relaxed/simple; bh=ZGihhFRGncL7DFI7XpsY/vkD4mTqvXHLagNHFWxg6sE=; h=From:To:CC:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=uEosOj/DitrwRriJ52uuXW5PQihsLhrFuoQ1Q62q2yx5XnwoGWIUXr/K9bMEogkYernjKzdeNCShYxO/K+Q6+Mf/miaCpwrcumcNjnriO9I25WWc8oGP0Tz9QVtrZiNMzxTaQFNgLyzmXynfgZ3GRMOJWqqKt9ei3QdY3KxmFP0= ARC-Authentication-Results: i=2; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com; spf=fail smtp.mailfrom=amd.com; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b=mnecRulG; arc=fail smtp.client-ip=40.107.236.55 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com Authentication-Results: smtp.subspace.kernel.org; spf=fail smtp.mailfrom=amd.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b="mnecRulG" ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=gY3Om0cxr1C9Gywwp7S35311PnSFXc7jiyYozefjBfwB8kgzR9yQOUnfZv4Sn7RR/CU+FbSFHSZUhkmdS19581z1h4R/7wQJw5BGRxeArKlrjIiUodtoroSkMM7QBP7qd9Rg4E5blLasyHw/rqdqcCuDPcm2K2cENF6HfqsxiH5nC7YQlOHj3M4FXeDp9hcMxVoAGvqlyDWE1NuE3M/EZWt54ZUoKDXVlSPTaau5dS+LL0XmMS62b09Jy2k0YqzSl1MMWpJA2Lf4rUvg1aOyA1z2vfpHTWgxbTmN5ec1AX8ZhCP9zZ2BcnXAqN5J/EfZkc+fmLVIZoB1UZ+HchIGqw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=TYyWpeF2mRpMbYOXrm8LibhPrX88FgF0N9J+31V1M/M=; b=o2v0pAypAdI9U7DItnCvn3sIYa1JDpU30Kk0Imcl8rmDFvUbinDHvaRNf61NeBmjzIXHN6/z0Ow9zNUd63Oc4JykUC7Q86IRYX3UI1L7q5fkMC7B541IJRIUWZNu9YZ8Kx7GcwJHoJmtVfd9A0vybzKpChYKE3dQuQyYo93An8fZVj6k72DZDFH9cC4WSsncHU1QEzzZN7TEiBzEsi2ampTWfz10b90QfBthJxIQW0voRe8loHPAdsAQSKrs3kmGFV12qEzskB1ANUqA7GzqXspEWyppuaSJgl4kvKurBU/Yu7w5NJgvhNB7W/BQ6SahFOSrWNLioYxv7NokXbqyYg== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none (0) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=TYyWpeF2mRpMbYOXrm8LibhPrX88FgF0N9J+31V1M/M=; b=mnecRulGDOi9yju+wuYiX011ooh+MNV87j6XYw0eTm8jbEuzwIB+AD0e1n4n2VJovIQ9DYUTraxbSTDehKkQU+pw/JqZ1BVOvptg4+cqjIh+xkBWjJi88HTSt6RCW+qbgTTJEfPQcIoR73x91/Umr8QyN/h7CmoUIFn4Jae0PPU= Received: from BN9PR03CA0106.namprd03.prod.outlook.com (2603:10b6:408:fd::21) by PH7PR12MB7307.namprd12.prod.outlook.com (2603:10b6:510:20b::9) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.8048.16; Wed, 9 Oct 2024 09:30:16 +0000 Received: from BL02EPF00021F6E.namprd02.prod.outlook.com (2603:10b6:408:fd:cafe::75) by BN9PR03CA0106.outlook.office365.com (2603:10b6:408:fd::21) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.8048.17 via Frontend Transport; Wed, 9 Oct 2024 09:30:16 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by BL02EPF00021F6E.mail.protection.outlook.com (10.167.249.10) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.8048.13 via Frontend Transport; Wed, 9 Oct 2024 09:30:16 +0000 Received: from gomati.amd.com (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.39; Wed, 9 Oct 2024 04:30:11 -0500 From: Nikunj A Dadhania To: , , , , CC: , , , , , , Subject: [PATCH v12 17/19] x86/kvmclock: Abort SecureTSC enabled guest when kvmclock is selected Date: Wed, 9 Oct 2024 14:58:48 +0530 Message-ID: <20241009092850.197575-18-nikunj@amd.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20241009092850.197575-1-nikunj@amd.com> References: <20241009092850.197575-1-nikunj@amd.com> Precedence: bulk X-Mailing-List: kvm@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: BL02EPF00021F6E:EE_|PH7PR12MB7307:EE_ X-MS-Office365-Filtering-Correlation-Id: 6d8e2200-6401-48fd-84ca-08dce844fc0a X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0;ARA:13230040|82310400026|376014|1800799024|7416014|36860700013; X-Microsoft-Antispam-Message-Info: 8LdRaG3hFmonnzKr2Kboumqdj9XxhPDKea/l8TVEq+yUJwywMkX6VoQp9QH9F441yVN4t93DsNK3WHb5oW2DQaZlmAEeJe/6h0Xh8majPCstCkfgf/cIme43uCbVnJvG0hnFy1+np6d6HpDENRCNm9i4AVZAvw/JC/DtCuM+RzG3gKagj3mTmn+yS5ccs3O/1xDhauBEYuk5z6CtZrg4M/dL4C5Q4TwCa1B2HxibtYsd3lEmebX/TOuhylldNNht+dcp/Bd/85sGx9mQw/QmvZ2DrVAXaJwt66QAPSFZ5te9ANcaS51HLfn4MJsiEu+8y9I2ivloLxQhqQCqQ0bBYg3qXVV3PXegcJMLTPWZNdIuJfou/LkOFs7778D3t5uj75QWk/v930X0CR0nnCCOt2eG36k7nVsGnPpQ06TEhffBzRK47aKtjih6lEeKPtAV5/Z45WY8OcR6Un9pyKo4WZBJwHYY/rt/mXQ3OUJhsC9LunboRMKQMRAoK7fo4lwnlL5FIQ4QAKozCqgNZPZlA9Nk1ZjEpAj05N60za+IN2HnH57Fp8zcVMmk9Rzd/0gGi7b4iw/2fbT96CPbZEZ3OMYqRRMVu3MUzmPC1Q1dy6+N2OfSuEfUxoFmEc6t451/tPUf9Xb2UUww3iPmJ+94mVo8qt6yUe/02VhwDUfUjSLCtLsXsVvOAds7dqUvNHwFa4iBFeSfpFxe9iUK4af6PWgFUkzB32SkplI8Tm2JgvhtAJtGIvfQGKLz4CQ0dR+JQqFk064dQLVGd4ywSFli/XZdmoWO+bLU38nY/SrowlKPV9taDI0D5BuW1RBDnrmA2oz4u1+lfir2Gy2V4mrJCkTCWJZnM3wR/imgXcQpoI+Bu23P4n8lagiWWtbQQKEkExbbRrEhiGjIw5Azp8PTUfc/+74wGSMl4MnPMWmLHEW4ThCjbQZj5r5SCSV66Tar5LXQ9qd+w8G2Sdjy+X7A9o8iuSqimKUAB2FQ3JGqEMEvIEG0q1jedodncCFxhVvc8I3iEC+xWt3Ss8Z/IcegalbRD5KYEpCofLiSYhVlttoQy9MhtS/2beeW19U+6KMUaKxBoYlQjvLYN1aOCk/SaXGfiCStNlmx5cgXHq2/aYFRkl2ziBBvCogFUiKb3wn1of3F7JGePpHvLVvzLs8Gzz31/Hcdgu0gZ0qv52V06HkjNLgO6fB9fAn51hBTHuf5yaqqFRP7wMY3QZi9++rbNF39cldkIC+tDaFiE2gSpzIKPsWuAoUcDNvX0H0CzM/2Tciwpc9v68/LoHPGUwpD5dc3nIqtBQ8KIncvFwidK83schdbvEYOsk2+gShzPYkqAYT3siKS32nADYZdy2f/3psO4WtWQdy2aorF5B7S+n6Y814BkEYAfMLlZs+YABt4 X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230040)(82310400026)(376014)(1800799024)(7416014)(36860700013);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 09 Oct 2024 09:30:16.2954 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 6d8e2200-6401-48fd-84ca-08dce844fc0a X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: BL02EPF00021F6E.namprd02.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: PH7PR12MB7307 SecureTSC enabled guests should use TSC as the only clock source, abort the guest when clock source switches to hypervisor controlled kvmclock. Signed-off-by: Nikunj A Dadhania --- arch/x86/kernel/kvmclock.c | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/arch/x86/kernel/kvmclock.c b/arch/x86/kernel/kvmclock.c index 5cd3717e103b..552c28cda874 100644 --- a/arch/x86/kernel/kvmclock.c +++ b/arch/x86/kernel/kvmclock.c @@ -22,6 +22,7 @@ #include #include #include +#include static int kvmclock __initdata = 1; static int kvmclock_vsyscall __initdata = 1; @@ -155,6 +156,13 @@ static void enable_kvm_sc_work(struct work_struct *work) { u8 flags; + /* + * For guest with SecureTSC enabled, TSC should be the only clock source. + * Abort the guest when kvmclock is selected as the clock source. + */ + if (cc_platform_has(CC_ATTR_GUEST_SNP_SECURE_TSC)) + snp_abort(); + old_pv_sched_clock = static_call_query(pv_sched_clock); flags = pvclock_read_flags(&hv_clock_boot[0].pvti); kvm_sched_clock_init(flags & PVCLOCK_TSC_STABLE_BIT); From patchwork Wed Oct 9 09:28:49 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Nikunj A. Dadhania" X-Patchwork-Id: 13828008 Received: from NAM12-BN8-obe.outbound.protection.outlook.com (mail-bn8nam12on2086.outbound.protection.outlook.com [40.107.237.86]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 2475D194C96; Wed, 9 Oct 2024 09:30:21 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=fail smtp.client-ip=40.107.237.86 ARC-Seal: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1728466223; cv=fail; b=W4GxFBjb+ciZI/VJexK9Ro7qb0dVMelLsbJiQnt0Ymvj8b9qk+jsP5aoKkAd2SSk84cC8PDQYg8iEo8hAq7/bHTYiMKL6E3AWP3fggpDeFTA9S7wmtE85GpsngjvEn+UnO9gntwhzoAfTLsUQ4YqYpeo/ntiyDotOoqi3WciT7g= ARC-Message-Signature: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1728466223; c=relaxed/simple; bh=OB/6ASxdYsnfcl4J0jmZ0yh5aIWCHB0Fx5bvb3/XE7g=; h=From:To:CC:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=DLR0RMw2j4nv28tQj0iH62vWBGgXg4210d7UAv91NbOxKA/qFHytVWGUEbfvBFyPgqfb+hynOGmh54QYWPxRjK81SBoBjVHlUY3wEHbGd7dg/QWAlTveEJtV9rqooR2/upyzye5llumX4v00qr8ySTfN7xC/inhPNK3D74fuX3I= ARC-Authentication-Results: i=2; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com; spf=fail smtp.mailfrom=amd.com; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b=TUkNedn5; arc=fail smtp.client-ip=40.107.237.86 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com Authentication-Results: smtp.subspace.kernel.org; spf=fail smtp.mailfrom=amd.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b="TUkNedn5" ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=QfJX4rAm21oFgdIoCW6pz3G5/8SlRIcCfIZ5bgfytpyHnHIWv//giQUgcAjy1BhDXM+iv3vb5hoJW9e1xsi/+7ZfCM2NFNTtma2ZSYugaxtgcyC8AvbVVHIRib+b2muIfBIrUlbtUa1m2+FtKnKrzTj6LgpQVHX3TEgX+y8H8Dih0g3SZvuIMOtNmlT+j6gzH5Ll15q8tKaVOh0p8DOlz1NpH6hdXgCeulWpjEadmHh8Qe5ygyFwEIkcRHQyF/vMaCYJH7FibAorz90OHqbMqbrPcJqk5V9Qv9da8GtOiIvKtYwMsowfO0Wx2tK0uPdz+n3AZI1sGe1CtgW2zx6zLw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=sYYQW7AgR12vwgxAo6ihnztYZVBXhW9FEUsl9seDdjA=; b=I/wI8ZV8DLyYB5vmqZPddXGSK/hHTesmlAEn7TRNhMffqOrLADPSd6S/WsiKpSrF++CJaTdRn571X6KiUv0Ilfsfv0PQROyMwYqdQME3/gNr0IBTYimlCshl6Hcp7BBcSiLtDFbZJQE2g5SAW5L9rbQoYp8yRvJKSP/lFEebF2H7ZOddFUZA/z2+pv5qzvNddQtfLNGSVngLw9twUzkVgVJ06S9kp/MXkCe2y0EnhedFJfXeHRq6Yai5wTI0nGfxmP6gTuomwNDXGxJ14u//xg8n28TD00bCWZDfO1rI7kTlkQeseuLRPnEORkR3lQn8XQnBDAvg9YsbBFG/4MM1fg== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none (0) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=sYYQW7AgR12vwgxAo6ihnztYZVBXhW9FEUsl9seDdjA=; b=TUkNedn5GvUX2Vyv4Su3O1aMtDsTac2Ds1waX3iQpINTaGjvtJWEtGrle1rkK74F0679xdwHTaL3xYbwzuD2ALZDoVNrpFbd2nWGmIGgoEpksQmn3xX4WgEC+y4YMD1mfRHEwWtzJzdPokZ6sxuLWwZIGl9jq0LIhjhtnXDwkts= Received: from BN9PR03CA0103.namprd03.prod.outlook.com (2603:10b6:408:fd::18) by IA0PR12MB7532.namprd12.prod.outlook.com (2603:10b6:208:43e::8) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.8048.16; Wed, 9 Oct 2024 09:30:18 +0000 Received: from BL02EPF00021F6E.namprd02.prod.outlook.com (2603:10b6:408:fd:cafe::98) by BN9PR03CA0103.outlook.office365.com (2603:10b6:408:fd::18) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.8048.17 via Frontend Transport; Wed, 9 Oct 2024 09:30:18 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by BL02EPF00021F6E.mail.protection.outlook.com (10.167.249.10) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.8048.13 via Frontend Transport; Wed, 9 Oct 2024 09:30:18 +0000 Received: from gomati.amd.com (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.39; Wed, 9 Oct 2024 04:30:15 -0500 From: Nikunj A Dadhania To: , , , , CC: , , , , , , Subject: [PATCH v12 18/19] x86/cpu/amd: Do not print FW_BUG for Secure TSC Date: Wed, 9 Oct 2024 14:58:49 +0530 Message-ID: <20241009092850.197575-19-nikunj@amd.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20241009092850.197575-1-nikunj@amd.com> References: <20241009092850.197575-1-nikunj@amd.com> Precedence: bulk X-Mailing-List: kvm@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: BL02EPF00021F6E:EE_|IA0PR12MB7532:EE_ X-MS-Office365-Filtering-Correlation-Id: 399a9f78-22dc-41ee-eaf2-08dce844fd74 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0;ARA:13230040|376014|7416014|36860700013|82310400026|1800799024; X-Microsoft-Antispam-Message-Info: Z8pBcmUO7jEdJln4sBdqGhocmEFBHbLiMdOiZhfZObzxTLc246Cfi628U3DwVy4mLkvpswSquHf7TKYCaFsUaGBQKSQQM62CxIhHIxQC41cM6x27biDMCvl1v6UbxOeyl16LANhH8b4rQ0pL2NsVx8JGV45bzGosno7tsTGEls6rSSQFb1S1E/0LT76+SDvJQH3TuDIuUqTtIrMN0J57cc5NRNwO3su/M1l7TEoYo1VGqW9D9639M3Afj31Nwq1t5d7BydPSwrh8Jsu+wU2sqXW5LEZjRaONPkEuzi4kE0q9yhDL/Mxz48jXdcSIMaoWXT3+PHfPzAp3N8YhkVD9b0ezq6xl6RYtdcaN8eT85mgJUSvXvmm24zDo1OYyH2BKGS4WCF7iM48IYdYU4ZLn750VIlbSJj510sb1TN12M3dD4lLeSWRFx8q1ZPyLOZiK1P2c6/sFH04pdlMTlxGts6hYQC0V+ujHCSTPdm3p3ekZzkxuweXmZWImEvv/2sfyNWClcyJIVNouqhQL5dadvdMknMmHhNa93UFnzrKNBpgc1G9vcv/tmoetByhOB8NPfqduEJnEaiiR8k7XqkVior+Tz7xgUgE2xltjibNaW1samKWkdkygVetsFSXG8e/nKATyvRwVDF8N2SXlOKy8kH0t3bUXqs10AEq0IUo7x3Bvmngqf2w5GxhXTbDoQj++fAZFjfnZBDmkyXCPT08/eY2gUc+iW2N6szzX7DgJ/Ub+N0OLnoWCUlaiKhva5db7mKU43x5N9sjSxBiLK5AkAWKA4pkqhNEh8Tqc5f7C2cCvSh2HwBF5t7SbwZ01YYW9h6OPdZ+MaHKzlafHezQruHYRtEWxCOwIunBOHoJ3z+Buc+pVCxSm881+xBojgYhCrcFzSgi9Jq/UgwOZ99tnxPU08P64dSu3jXd2X40433hP9zOfRDMni7KdNyUj6Pe+XpyZ+VgA3xcO5/7IBhhcuYFEQEqJy5VZLb/+0CjZAAQfBhFHAGw66fK72VoWyChCYKgMRR3V3ImgGAbwW7wcsn5EqFNDlUhHX62WSYp1EWYhe28IO4ibWfIUyjlbWVsaJxWQA3DXxCkVRreNaBR/epoN5bsSKP1fg2fwh6VrS2SrbegZ3ucIu0R0GqLon+8n2oUv3IZkLyhZrAzE38d/mEy0QE2vGBqXzmVaPTJNfQeQFzAwhGaeUkDDCkIeLpEtbOhbOzCO6wOozRchdJAEYzaSgnaQezKCaT/w0a5orXhb1DJSHRCcFuoiI6fWPn4sqM8ZhF/UMHj3/bcKhY9KSbyoEGinyKdgJtBi9TVv1l90cmo01VJ1yDsXRM1M14WdUUjJ6fOb3uNI0AKt/zzf7DcdCy1cFUm4ZTKnHbpaWZQY4uSMAyJLkuHQZGON3vq/ X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230040)(376014)(7416014)(36860700013)(82310400026)(1800799024);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 09 Oct 2024 09:30:18.6704 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 399a9f78-22dc-41ee-eaf2-08dce844fd74 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: BL02EPF00021F6E.namprd02.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: IA0PR12MB7532 When Secure TSC is enabled and TscInvariant (bit 8) in CPUID_8000_0007_edx is set, the kernel complains with the below firmware bug: [Firmware Bug]: TSC doesn't count with P0 frequency! Secure TSC does not need to run at P0 frequency; the TSC frequency is set by the VMM as part of the SNP_LAUNCH_START command. Skip this check when Secure TSC is enabled Signed-off-by: Nikunj A Dadhania Tested-by: Peter Gonda Reviewed-by: Tom Lendacky --- arch/x86/kernel/cpu/amd.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/arch/x86/kernel/cpu/amd.c b/arch/x86/kernel/cpu/amd.c index 015971adadfc..4769c10cba04 100644 --- a/arch/x86/kernel/cpu/amd.c +++ b/arch/x86/kernel/cpu/amd.c @@ -370,7 +370,8 @@ static void bsp_determine_snp(struct cpuinfo_x86 *c) static void bsp_init_amd(struct cpuinfo_x86 *c) { - if (cpu_has(c, X86_FEATURE_CONSTANT_TSC)) { + if (cpu_has(c, X86_FEATURE_CONSTANT_TSC) && + !cc_platform_has(CC_ATTR_GUEST_SNP_SECURE_TSC)) { if (c->x86 > 0x10 || (c->x86 == 0x10 && c->x86_model >= 0x2)) { From patchwork Wed Oct 9 09:28:50 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Nikunj A. Dadhania" X-Patchwork-Id: 13828009 Received: from NAM10-MW2-obe.outbound.protection.outlook.com (mail-mw2nam10on2042.outbound.protection.outlook.com [40.107.94.42]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 7E0D318E743; Wed, 9 Oct 2024 09:30:26 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=fail smtp.client-ip=40.107.94.42 ARC-Seal: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1728466229; cv=fail; b=hEGm00NRkdGQuheHWwns5AF0RinNPtcfKyldmeu7l3SJqp+XgMJRGsqFzXtQL3k3arCncJqclIzC41r99ExtBD+UMlt86+LPMueHrUEldT0HWRFeHdcA4wplPLKHNJ1ZyIuJDWROhSw7fK0XULimnKFMWIVXh9QBmR99321Vqq0= ARC-Message-Signature: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1728466229; c=relaxed/simple; bh=J7ITyZv4fTZN+ZfiudI2wlQZ6XlSSdAR/6O3kPxxatE=; h=From:To:CC:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=mskjKH3rFETNHiYHP3wpZpEIAxlCK0pIbeIYh/2L9XyXIf3yOhJaxss7+sYsPqrYtfQxBFq6HhFBCWgdjMfctUtD/VJyRilRxLXCRKbCKdbWv0V9lNIbIRVQeWdEx1cYT+nJlmnJW+F3gekuXD8o2yZGpGiMrgGkR0NEJ2tQ2p8= ARC-Authentication-Results: i=2; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com; spf=fail smtp.mailfrom=amd.com; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b=AS6gkZgl; arc=fail smtp.client-ip=40.107.94.42 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com Authentication-Results: smtp.subspace.kernel.org; spf=fail smtp.mailfrom=amd.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b="AS6gkZgl" ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=XiqwCmKdS3UbjE/Wug3JXjwhW8jik2Iusj80vOR9RZQFsYAKs0POK0PgS0N2/29vps2KhcvnSlC5P5ydk3wbyD4wgZVgblDzfoCjtCHiCXT/+TtSt3aZnQ2ZWZaUxM1JA74zQrXmu4B70esy3oWEMhtMhc2xQLkkaCLnVHBwpX1HWH/soYTgdIpVymsg1MCcpgLDA0HUXVqQx1MDOSZGI1HLvrc/Z2CxIug9Nu+KtAGHti4jiVh2/R//CO1djAmldS7cy5jN13vVI59tNlZekTpqiU4WhlIBoZEJVtH/U5q3+gzYmCUxBkI7K9BjsO5Fr+nK3/IZ5rd6msMeyqsdsQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=atjBLt16IpratFsJbg/6ZonMoxx3kjKCKv65wzEaGEI=; b=Wck5xgjS8ZdltGYLTFrYNXWUl1bk+AHuFJRXa/BqqS9m9eYwi3LZrNtk47MwFIrOeDuZxIbUshVH7NBks5/bf7J8eQxTG2Uh3KeDJ983hXIliJiCmx6KFPqNNIQDdFoJHa528UwLpsiRxsJ0KdztgrQEW3dxT+WwclojCgRHr4j5b1ZgIOEhsXPAVRV24mJLgE6koF+KVi2WKFzlr+IzKZRrMlEoidqdp1Sfe9snVKvdpmtTN86Wce7uUGuCO/TJZ/la6B4FkH1M2p957ae2vhHMSuex1VHfr25tsgnkQ1TbcuXbIvbQwhsZDFEjOjUi/60a+vh9tXGSYjSMUZtrvA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none (0) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=atjBLt16IpratFsJbg/6ZonMoxx3kjKCKv65wzEaGEI=; b=AS6gkZgl6DVKJ81mF8UHYcdgSfFXy8twlCz+9nStTXD4h6YePr2g0EldwEOgP8vVaGP19izrdsoREvzwUupgJyh2ic3Cbqyccxz5+y6FWcYGOj8dfFvlrSJV26T9X+konxGK0aR0YTWbJSCexUXBNw1c4CDo6VgJgyoeOcA6vHI= Received: from MN2PR17CA0031.namprd17.prod.outlook.com (2603:10b6:208:15e::44) by LV2PR12MB5917.namprd12.prod.outlook.com (2603:10b6:408:175::13) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.8048.16; Wed, 9 Oct 2024 09:30:23 +0000 Received: from BL02EPF00021F69.namprd02.prod.outlook.com (2603:10b6:208:15e:cafe::96) by MN2PR17CA0031.outlook.office365.com (2603:10b6:208:15e::44) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.8026.23 via Frontend Transport; Wed, 9 Oct 2024 09:30:23 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by BL02EPF00021F69.mail.protection.outlook.com (10.167.249.5) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.8048.13 via Frontend Transport; Wed, 9 Oct 2024 09:30:22 +0000 Received: from gomati.amd.com (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.39; Wed, 9 Oct 2024 04:30:18 -0500 From: Nikunj A Dadhania To: , , , , CC: , , , , , , Subject: [PATCH v12 19/19] x86/sev: Allow Secure TSC feature for SNP guests Date: Wed, 9 Oct 2024 14:58:50 +0530 Message-ID: <20241009092850.197575-20-nikunj@amd.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20241009092850.197575-1-nikunj@amd.com> References: <20241009092850.197575-1-nikunj@amd.com> Precedence: bulk X-Mailing-List: kvm@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: BL02EPF00021F69:EE_|LV2PR12MB5917:EE_ X-MS-Office365-Filtering-Correlation-Id: f83bf93c-d859-4d6c-806f-08dce844fffe X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0;ARA:13230040|1800799024|7416014|376014|36860700013|82310400026; X-Microsoft-Antispam-Message-Info: r7Krx6hwJxKKzhu1l4262SfPQX1an3a+PLqA1tvCjVw/31nYN3A4fIcSGvuFKBcJAcJj2w0+hgnGyNOD+QfkP/aTxdg3DtHnQ/YqqRMIdn+R9OD/kd6gWxN6wpP4OPRZa/bqX2uXYwakAqPfoGPuXcXh+CVbAasrfb5r2LtBcEujDTtu6hBQPs72NueCYgWO1T5QVDf9BzqtZfKweFuCSnLvgHCyPZMPXEC4Ov2eoRzc2F1fv+zjTBE/pSw+dDRXraO+G8HLIcnHL9FGKWzED2fCA7aAi9d2SZpjNq0VGRhRP5TFO3k5E3cZUJGIAAB24Z7l8aHSiRmDxCM1xRskrQnwHIBQK25LW2YKsJJAefQ/CwlrLD1BYI4O6rjTJZ9OlO/ZwdfnFhAcnf48rgcoJ13KATOdekkGYQM5sfHf4ZOKw4nawQOS79Qb33W2oNLiQFqj72kAojIJFHgx9NST0Xovk5TDg/dOYwTrzuIAqpfZqe2H62+de4MFoRaIx3uUGVf1ADrGGwRCxLL439KBAaSKP/9XPrrPuf2GJNIZL9OvYy5+bT95VvnXx3oOpD0ZHKgFAdnXT3xi5d2+Q9CJkXoypNNOmBXcJhwLLJ9Ot/C/coesoxIA6ooNlEw2y6X2PS+UhOMKdhWoaB7PsvRHuIoAC3qUM85L4G/cdKdnEMXLt1XseEzkNSqqe6dO/BTjuSLuEH1UJvhxmZlma4FBEd8i4kXbmKWbU6ue4zT1xAR8galkb+LUUK5UhL/nFO4SRIccRvtYpb9RlYsZgHJSxBhFSP5dNI+XI3OUTzJsAc3umlrVA5MHfrr6N/es51uIiZI12poAMBl6b9T3EyrI/eQl26vE7kThEo7r4qmTSgN81BBYrli1tb1pmnm5njfY6ytXAfbYCMRWY5HcMgUBVj6E/OKFsASWeHpiU4XC/8PZlvraAMuDjVLaVkWlMQAfn6dRgG1hZZSOpZjB8RENmK3RTvMpQozx/zQaxg1PSmZdhTaaBOqLIoCqSMy7vDEzdI7Ptni4GHSWaxpcFq5T13Jlx8CS2bauAwE2RDVnJ8Cnc/N8YDprBZ0EKkOtM6/98R4q08kpOlDEk5ZRIo2ETB1lpm7VtUID5brxjvPt83FQVimcZsHQ12laruLKcuOjfnFDGfD1IbC03AjZmWRcigt/CpmjXVJZQZdDDm17yKLWobKW3EsdAWfxNk/FUYCIwA0qpdPg6mkGzuLoqatvrt0cMERYO9HnSX60GEJEDCFIZ4wHl+rUjEQRGQUBa1CE8KKZwjTc3FymVf3V7h2CFFL03IiJtQpOj/i//mXM1Qz20JkmJMDQvSumle5NanC4yo71C1aKsXioCBQ/sF7Ivc1MhA0P6cJAnyIfLyWe5GjY8xG0fs7njf8MeAoqn4gA X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230040)(1800799024)(7416014)(376014)(36860700013)(82310400026);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 09 Oct 2024 09:30:22.9275 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: f83bf93c-d859-4d6c-806f-08dce844fffe X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: BL02EPF00021F69.namprd02.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: LV2PR12MB5917 Now that all the required plumbing is done for enabling SNP Secure TSC feature, add Secure TSC to SNP features present list. Signed-off-by: Nikunj A Dadhania Tested-by: Peter Gonda Reviewed-by: Tom Lendacky --- arch/x86/boot/compressed/sev.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/arch/x86/boot/compressed/sev.c b/arch/x86/boot/compressed/sev.c index cd44e120fe53..bb55934c1cee 100644 --- a/arch/x86/boot/compressed/sev.c +++ b/arch/x86/boot/compressed/sev.c @@ -401,7 +401,8 @@ void do_boot_stage2_vc(struct pt_regs *regs, unsigned long exit_code) * by the guest kernel. As and when a new feature is implemented in the * guest kernel, a corresponding bit should be added to the mask. */ -#define SNP_FEATURES_PRESENT MSR_AMD64_SNP_DEBUG_SWAP +#define SNP_FEATURES_PRESENT (MSR_AMD64_SNP_DEBUG_SWAP | \ + MSR_AMD64_SNP_SECURE_TSC) u64 snp_get_unsupported_features(u64 status) {