From patchwork Thu Jan 23 22:00:52 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Pratik R. Sampat" X-Patchwork-Id: 13948668 Received: from NAM11-DM6-obe.outbound.protection.outlook.com (mail-dm6nam11on2074.outbound.protection.outlook.com [40.107.223.74]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id DCB1F1CDFCC; Thu, 23 Jan 2025 22:01:24 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=fail smtp.client-ip=40.107.223.74 ARC-Seal: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1737669686; cv=fail; b=kXlxFp7cQ4jB5Iw6qwOwRco8whbL9vhey0dcBzNeIAn2Iw/4K0rJKqXyKShin9YPxcfbiY6IP6i5vM6I2meEs4fVT6va6VyiHiAAwk1SzzuV9ve3KZdNjuTTUGNVZLJE3oT7J4WUmyt2OHDJRrda9//S4GJqhiKOe4CgyF3nAbc= ARC-Message-Signature: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1737669686; c=relaxed/simple; bh=9zjrEOAZk1clPCYjD6TWPciC5jP098cMGX4VYB1uzW8=; h=From:To:CC:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=dID51uSiEd081DEMEATQhy2+hBP1TRknCPXI5I8XBKhwCRdn/99bdqp4H053Ki5TGAxzMrzAXSrYL84mBC1eLhd6Cyllx+PXNKYf6iCOVsiLRyyNx6rermLmGxgikxcC4+o5kByzENC4QKY9pjVH47SYcUub+OlGlQVp9iHT8QU= ARC-Authentication-Results: i=2; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com; spf=fail smtp.mailfrom=amd.com; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b=1hva/mXF; arc=fail smtp.client-ip=40.107.223.74 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com Authentication-Results: smtp.subspace.kernel.org; spf=fail smtp.mailfrom=amd.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b="1hva/mXF" ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=bxo5kKNA1xp3JDZYyaMFYNH9qCEac0pPUNCmEZCakp9vHc/UqoQw1NzGBJatSgaHpWKj4IW9zPqxorLoHoTbYsigZIjzvrdbUxAi/Saqhsx0vgUlqQdnfvi8yTQ0DPvXQbEhGnqv4VfiHMwAyApHOjW0rM4WkRlbF9XVNLmiRUPsdHRKy9IfdpYpw+QYRmkOsQPg3fvGIkljROFSCLbqcZ+PsISyEfdbGF5drxa+c24T+TGgUpu9jk7Xg8pTEUfPI4v/QdlxMjvdSBs9MaM7u2y51KVjegngmrZ1N96KK10us71cWd82dQ9mCQR9GGG+B/7N2sJ8QvCpBinJkLBWLw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=lDlxF0qn06tRCbMep8ljnAs6NptWphOsIXaqRPiHJp4=; b=jPJ3cgTTbTzQyoWxw6w23v/+L0McmakAlzcbR1BlOzXMmwjANnq1R8ggODSIdXaZfXVDSdVDw8RtdQ4bx3CQunCwOfXCfj8lCPBVUfWiuJIPPzDHox0k0f7dAdVeJNBCqJ5qBEOBKZ6CVvhjIbFYaEUv/f1kVWHiD/k7k729ZDvkZ9vNGb1N96f9uzWpkHcyRMq8ZYeZuA9pTvtsK1Ukb6nrF+B72ETMRWg52LPZy5l21IWZ+BlJITWI+bfItZB5tfXPSBi5DW3YqiC7+zhiLHQ/Op0sBKas9TeYYg02QauTwoAPhHK2TDG5pkMTT0inohuJOXlgqr0yFFUwrvbgJQ== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none (0) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=lDlxF0qn06tRCbMep8ljnAs6NptWphOsIXaqRPiHJp4=; b=1hva/mXFcwFL5xQfhOdo9SX154ictlMGZgKGCWBBtCinKcwiArLMMWcd7JmqjlydFexUXyPLSSmt8VoP3magcxcnAgTe5ZOsNRX7zxrVnvxfNeCSVfDQ3hch6qR39K07ofvVacxwPgV3VaULODUG6Sr96+rLXt7b86Z1tacpXZg= Received: from SJ0PR05CA0130.namprd05.prod.outlook.com (2603:10b6:a03:33d::15) by SJ0PR12MB7473.namprd12.prod.outlook.com (2603:10b6:a03:48d::8) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.8377.18; Thu, 23 Jan 2025 22:01:19 +0000 Received: from CO1PEPF000042A8.namprd03.prod.outlook.com (2603:10b6:a03:33d:cafe::8a) by SJ0PR05CA0130.outlook.office365.com (2603:10b6:a03:33d::15) with Microsoft SMTP Server (version=TLS1_3, cipher=TLS_AES_256_GCM_SHA384) id 15.20.8377.13 via Frontend Transport; Thu, 23 Jan 2025 22:01:19 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by CO1PEPF000042A8.mail.protection.outlook.com (10.167.243.37) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.8377.8 via Frontend Transport; Thu, 23 Jan 2025 22:01:19 +0000 Received: from sampat-dell.amd.com (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.39; Thu, 23 Jan 2025 16:01:17 -0600 From: "Pratik R. Sampat" To: , , , , CC: , , , , , , , , , , , , , Subject: [PATCH v5 1/9] KVM: SEV: Disable SEV-SNP on FW validation failure Date: Thu, 23 Jan 2025 16:00:52 -0600 Message-ID: <20250123220100.339867-2-prsampat@amd.com> X-Mailer: git-send-email 2.48.1 In-Reply-To: <20250123220100.339867-1-prsampat@amd.com> References: <20250123220100.339867-1-prsampat@amd.com> Precedence: bulk X-Mailing-List: linux-kselftest@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-ClientProxiedBy: SATLEXMB04.amd.com (10.181.40.145) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: CO1PEPF000042A8:EE_|SJ0PR12MB7473:EE_ X-MS-Office365-Filtering-Correlation-Id: 7a80ffc9-4af2-4555-4a59-08dd3bf9778f X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0;ARA:13230040|82310400026|36860700013|1800799024|7416014|376014; X-Microsoft-Antispam-Message-Info: hSFBS4Oe8jvri5s2vUQp0shx3XI8F9oCj7S5vxBmBquBdtG9nf1tbUbSyCwm0Mf24HuvtAkJh66mU1n4X7ZrergHA6oA25d0IqJLbpeF7BAejTn7TZmykDSCzfoF/QhuO2+7atpmqNJ4OrLCVsSn3UljcxKR4gEuf142lL5TyYjSEjnepLnqOf353Ou7jWCJV1ljJlh/t4Lgw10Y0y6zxWUgVwgJ3KiOaYOLng57v6ohQMoyokHKsZI0qejBTPxE11cOwr05CTHDziX129XJc4jqTBurjKy7wkybOCazAWsGxOVW3CMzI5TFc3qbhSKnBvezvRGluNiZ+TseGVn4eZLqUGToFuuDzZVfzfsDcVRHP6OMEufy6t2yNqTEWHAq1h3QmLpP/8OH2uHLvvjln0KxIlAjXzRZmMAz+7TykL8wF51085q3D/8GptH4b14vCqY7hxwqH9LR82H7iKkP2CjCCBISLj8AgdyeRoQZrPLCAsCx4RPdZWAzNdb/V1ZYL1EymFkDKfzxKXulPH5Ygt77hEUiisKpUyRtNto01kbCkTFgwBV9Vmpsue3IxiXilFOr6CQJLAydOJiEKYlw1h+OrDcmuXAQyW/BI8/AakbknLFiZEBnOpJ9Sfd7dG0K4mm5dV/nXurHK+DaYg02OwPioMa/dzwutaC5O6Q29OE6qmfkyG4cqMSujkGY+U8JKJHkqlFn5IO9NVcyulM/jmjwIqDXM5fPgvErXfWvNXPViy2Pse9sScJfLRWaDJNrAA8O/s2vNWQG46wGV85h9CERHSkg1OnkEwQzAjcnZLbd9sH5vrz7XUU6zhFfAlsd3OzlHI2Gv/iaUJ+ZSLMINduCr+7kwtd9dHKyOmvFAopJYJh/Sm64wvzcucz0hrefNTQ5Sk42XX8l5PIo5yIeCvtRB4LqXOo61Us2pDYL6maFCIluGjhpyzC9S0m1vp3chbk0kW+KgdoR0AYu/QMhcSE2ByDo4Op4651FqkZFqWRJI/d60JrN9p5oRVFIvhIDh5eVMI/abofPIWVFW+0Vnz7uVmcdQUhlg4W17X3uIS1JSkdMIbOOHrVWd2gG+Gnuu6J1PMKxH5b+/NDSckhdgocnm3G2Odwsnc6AtcbfNelCaKqNuI5Xt61tAdNGCAZI0LubVAkQemZfZcQd1LgfDR2EfiDsPExzk15oKAiA7Hkg3Zcz2YzG7efRoGhF6QkIfbGc6cjrNvkeJo50cvRgYSe3Ii53Kw+Wl11QkFvSyJPWdjflwkZMFnSwKvRUwsBLuEDOQtGd0sEanOHkjxQ5tKzqKRe1EvhSVVgLrWPtQ095i5J43MXarV0HOxFvHU2kTUiUXxwh4Ruiux8/jXH8+mhHaNttUjNrqSziaXEtE213xaNwwkGtroGpelKzS8loV0RgxmbQrZMmxChIbp+uR0Y0RKgA+Z4GIUd2JaZYoBUuB9NTQv57sBiAkfaBaGBg6i9+gYgD2QKiloAOEPEwNdfvt+iu46d1JsWBuaeJELg= X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230040)(82310400026)(36860700013)(1800799024)(7416014)(376014);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 23 Jan 2025 22:01:19.3690 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 7a80ffc9-4af2-4555-4a59-08dd3bf9778f X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: CO1PEPF000042A8.namprd03.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: SJ0PR12MB7473 On incompatible firmware versions, SEV-SNP support is pulled and the setup is not performed. However, the platform and subsequently the KVM capability may continue to advertise support for it. Disable support for SEV-SNP if the FW version validation fails. Fixes: 1dfe571c12cf ("KVM: SEV: Add initial SEV-SNP support") Suggested-by: Sean Christopherson Signed-off-by: Pratik R. Sampat --- arch/x86/kvm/svm/sev.c | 4 +++- drivers/crypto/ccp/sev-dev.c | 6 ++++++ include/linux/psp-sev.h | 3 +++ 3 files changed, 12 insertions(+), 1 deletion(-) diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c index 0f04f365885c..b709c2f0945c 100644 --- a/arch/x86/kvm/svm/sev.c +++ b/arch/x86/kvm/svm/sev.c @@ -3040,7 +3040,9 @@ void __init sev_hardware_setup(void) sev_es_asid_count = min_sev_asid - 1; WARN_ON_ONCE(misc_cg_set_capacity(MISC_CG_RES_SEV_ES, sev_es_asid_count)); sev_es_supported = true; - sev_snp_supported = sev_snp_enabled && cc_platform_has(CC_ATTR_HOST_SEV_SNP); + sev_snp_supported = (sev_snp_enabled && + cc_platform_has(CC_ATTR_HOST_SEV_SNP) && + snp_fw_valid()); out: if (boot_cpu_has(X86_FEATURE_SEV)) diff --git a/drivers/crypto/ccp/sev-dev.c b/drivers/crypto/ccp/sev-dev.c index af018afd9cd7..b45cd60c19b0 100644 --- a/drivers/crypto/ccp/sev-dev.c +++ b/drivers/crypto/ccp/sev-dev.c @@ -122,6 +122,12 @@ static inline bool sev_version_greater_or_equal(u8 maj, u8 min) return false; } +bool snp_fw_valid(void) +{ + return sev_version_greater_or_equal(SNP_MIN_API_MAJOR, SNP_MIN_API_MINOR); +} +EXPORT_SYMBOL_GPL(snp_fw_valid); + static void sev_irq_handler(int irq, void *data, unsigned int status) { struct sev_device *sev = data; diff --git a/include/linux/psp-sev.h b/include/linux/psp-sev.h index 903ddfea8585..e841a8fbbb15 100644 --- a/include/linux/psp-sev.h +++ b/include/linux/psp-sev.h @@ -945,6 +945,7 @@ int sev_do_cmd(int cmd, void *data, int *psp_ret); void *psp_copy_user_blob(u64 uaddr, u32 len); void *snp_alloc_firmware_page(gfp_t mask); void snp_free_firmware_page(void *addr); +bool snp_fw_valid(void); #else /* !CONFIG_CRYPTO_DEV_SP_PSP */ @@ -979,6 +980,8 @@ static inline void *snp_alloc_firmware_page(gfp_t mask) static inline void snp_free_firmware_page(void *addr) { } +static inline bool snp_fw_valid(void) { return false; } + #endif /* CONFIG_CRYPTO_DEV_SP_PSP */ #endif /* __PSP_SEV_H__ */ From patchwork Thu Jan 23 22:00:53 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Pratik R. Sampat" X-Patchwork-Id: 13948669 Received: from NAM12-DM6-obe.outbound.protection.outlook.com (mail-dm6nam12on2083.outbound.protection.outlook.com [40.107.243.83]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id A88C21C5F34; Thu, 23 Jan 2025 22:01:35 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=fail smtp.client-ip=40.107.243.83 ARC-Seal: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1737669697; cv=fail; b=BvCzfi5GPrHGtA+YHlL7rUnzQsAHMO++o5f6GKnC7jwOEZN5s/miAKEWjBhDgxii15ngxyJspzMFk7+MiuBpf+RVodxgJTPJ3WH1qSg6TKEbcdAOqBEnfoc6PkJ9GlOM1f61JcCx783GRT8AoVAxpZnyGn4gbMJdbMfjZ9QJoXg= ARC-Message-Signature: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1737669697; c=relaxed/simple; bh=cUypLWhR+AqVFpfac8jIFXQ1A19F6VYFkYeDOaeYROA=; h=From:To:CC:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=DooNjmIwkxDR73GeT1kmYxYMlRUsVKAhVhrPAEceS9KPiIDHERdqBwMYH9kIIOJf9oZvidRhK3lauN6WZxqeBbKCyneegLOl3TVlXBWDBNUkihlnE/Ms6Y+7VR2s0wZwi5MXRnz7Op81D3MHo2x3dkhIk3pmUwDmZxiddHCxR0w= ARC-Authentication-Results: i=2; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com; spf=fail smtp.mailfrom=amd.com; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b=W/9iBi+M; arc=fail smtp.client-ip=40.107.243.83 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com Authentication-Results: smtp.subspace.kernel.org; spf=fail smtp.mailfrom=amd.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b="W/9iBi+M" ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=mx2iSJ/3/PBpDiMwkBT/IsXeINEKooEgsDnOq5m4YtxUqFhctBWFrmMjNU4no/OAV/kWZTyZn7JpzSQSe0AdoV4i/k0HzllD43iTvo8/51AKjoZWYbmoHk4eZWw88nHZZMXl2PYv/427CNgouorZLyneDTjHZzLkVT0nC1YChvK4Ay0bybj6QOIVB9FKxlnVBUPA2N08b35rFkZ4Z5E33a3j8uiOFS17Bgp2YVDtYSXhHHf2zHTUcyNO0dv3iC+6oXmZI3BVGF+HFB/cRq7giDufq84y6IwchYbqZl7suqV/wCqPXso/svq0Zsh31zzx+Bbd82lglqBJoUMaXG9ZmA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=j0s/+wPwAZiBTdlVt8wR7NSvWeYEG2LljblYoDWE/9k=; b=rVHTBkmr4qnYwxnOQsTKT0LPpMZo51L1phqN0P5iFgNkT+sTMKOcMBFO/BQ+WzcFr/h/NSZf2peFT6+gEmjxZQB+hejK3lHAJatZesmCKq/Lh1wouzM9rU37+xqRNJPsBxEMryTJUU7XXBOsGQeHRf4YM3luBytSZ9t8r5rdU6tKEIybWrKiEMx4y8ekH0ZSsKcCo/DjaCwnGMDWmk48zhYam9oX7hodEKCg6WEqOI8tmwlwNWBbKYvIm2SpMXLFXbHPunbMwUAs5AFe40WAiIovNgbXPVh/yH9wM0KFFxq25c6ZbnzAvXVPu8FrZJr0K40g3b6DmaDqwHiXRueHiA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none (0) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=j0s/+wPwAZiBTdlVt8wR7NSvWeYEG2LljblYoDWE/9k=; b=W/9iBi+M1rmc0ssy04F/q80xRftrSCOCtm1wsQpTQHxZ9a3r2K8dAhTOCJV3eD9+1XTERd7/3R1YrpLs3lWdnXGfTRD47DxsXoXxjFaDsJ/JXkh/uTKBQWUE6ezPRkD5N+9d0luluyCLfbdc3YUsbbJejgZzAMc9EAttf4He/Iw= Received: from SJ0PR05CA0148.namprd05.prod.outlook.com (2603:10b6:a03:33d::33) by CH0PR12MB8577.namprd12.prod.outlook.com (2603:10b6:610:18b::14) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.8377.16; Thu, 23 Jan 2025 22:01:32 +0000 Received: from CO1PEPF000042A8.namprd03.prod.outlook.com (2603:10b6:a03:33d::4) by SJ0PR05CA0148.outlook.office365.com (2603:10b6:a03:33d::33) with Microsoft SMTP Server (version=TLS1_3, cipher=TLS_AES_256_GCM_SHA384) id 15.20.8272.12 via Frontend Transport; Thu, 23 Jan 2025 22:01:31 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by CO1PEPF000042A8.mail.protection.outlook.com (10.167.243.37) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.8377.8 via Frontend Transport; Thu, 23 Jan 2025 22:01:30 +0000 Received: from sampat-dell.amd.com (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.39; Thu, 23 Jan 2025 16:01:29 -0600 From: "Pratik R. Sampat" To: , , , , CC: , , , , , , , , , , , , , Subject: [PATCH v5 2/9] KVM: SEV: Disable SEV on platform init failure Date: Thu, 23 Jan 2025 16:00:53 -0600 Message-ID: <20250123220100.339867-3-prsampat@amd.com> X-Mailer: git-send-email 2.48.1 In-Reply-To: <20250123220100.339867-1-prsampat@amd.com> References: <20250123220100.339867-1-prsampat@amd.com> Precedence: bulk X-Mailing-List: linux-kselftest@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-ClientProxiedBy: SATLEXMB04.amd.com (10.181.40.145) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: CO1PEPF000042A8:EE_|CH0PR12MB8577:EE_ X-MS-Office365-Filtering-Correlation-Id: f3acf061-3f0c-473b-d4a8-08dd3bf97e6e X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0;ARA:13230040|82310400026|1800799024|376014|7416014|36860700013; X-Microsoft-Antispam-Message-Info: VWI50gWcY9AE2NhAMnxFFhAu1Sy3oV5dxktyGwIbbE0XzmeBENYivgOPxFoe1M4InM55GSbW0wAIAxgn9Ur06bsPsY/goG9UvCG39L3f0yPE66M06JVd0G7cU2XqId0ZxspgS+Le+LevvjNcIKU7Qj1gjHMFIJWuD6fPM9hiPEF1OrYIguGMC219VqAQ7K/ZrWY/CPnrSPfdUENI1dmKkjoyy1rmu8OVtld2ubd0Gxj9qQa5OdKbOsJtjZCer2bxDfGE91tjx9x6Zq75ntrrPrvx7cLzKnF5wEiTR9PW/V7mMafOtAjIL/YJWNJfnih8gv15N8Z0T1LPKtUKeDBz/d3VX+mtQFrAasaKgiUc9a7MqwlYhKWJy3FB+i2DFztucEv+dTGuDnNZKDZB8Kar5wIdHcnCeNLrTkEs5bSz4KV2HvqNUm1vcFISzcIe2yPAqpSEYcCnCKu8ds5X/KrJSgvBOW5s7NVnvOJ67lShNCXXeNdCHJqNbU0HBPYg5jEG1UFCXonjjM6wEnjn1Q/LDJIrE77UsvFv+rGWPml3Fv+0G0qm7L/eb0jxypk+YnV9MVDTsdd8HB4puRSKPL7We9SQx4J7sz7dmGcxQ3SuODeNBQQLmWIrp19h3IMiUwcPVF8iHmx5KbE+9pfjEa5hF9ZynML1upcX61VXXmZAZaNdxXLCUE4obl/WwxfDj02d4X3BKd6E8AMRdIjXWeAP7X9vj9GSl2+Z4E2E4FRlQFOtPGA6AXWMHdFicOxyBDUbsxdvDWNg/8IYonMBQQ7EpyNKEtn4A5aZ36X4DvR45RzIrP4Phu1PWCwkO3b1Oa5fSzJSm1K/eKmtFdWejm9JLpq2eyO2yt70ZnAduhNTLLZ0oARdukYvv30aAm9btqAggI25XG0Pc7g+uFh3eTud4fGGh+Av0xa1Xhdo+WWaoIXQMgvWevVFJbrKv3cDe71u8+/R3Uq8N/g29dG+JoUoLgw8MMQwD1zXRT4YG49pXgA5IQ6GWqLP5Lyn9lRWv6/Id9XJpbilt017CmXDRvsmDM4+AqmSgoWdXxQ6xrp5mzCOgewpjzaL6aUjaaEhaZ1vdKqNL4LyhuaBnwTR5JjpIBnN21ERCQ0Is9c/dfIPaNma9mQ2GHjy/IiRkNj1TKZdaIjAvBplBpZMrZxYrjVcyWIoVUv+2WvrAw6+IC5q33kXngR4M5R1+0k3/lON3Y/Tj7mmHqNhWEIAZPkFjk8m3EDOBSuusW9/H0ZADnOxk3uaR3prnV9f53NkLuI2AcXWJAdyNYNgWR76S7trtkUwF/qVjhPr4zR8HjOr97ostMHMmwoqYGLFp9DJTcKu07Klnwg4zIQlq7iXqsZHtIB3WUfoIV7ELTaort7MvQ0EbGouW0QojknQtO5k3d0O0FhT0ZQseRncki+ZOq/BGmUH0IJhQwVamyvGA8zrW4rfBXLpfDzi935GVrN8uIJWi60rw3JFqgjS3BZ9rl2gnVT307BlJJ5W5vLM4HWlhVGuE9U= X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230040)(82310400026)(1800799024)(376014)(7416014)(36860700013);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 23 Jan 2025 22:01:30.9004 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: f3acf061-3f0c-473b-d4a8-08dd3bf97e6e X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: CO1PEPF000042A8.namprd03.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: CH0PR12MB8577 If the platform initialization sev_platform_init() fails, SEV cannot be set up and a secure VM cannot be spawned. Therefore, in this case, ensure that KVM does not set up, nor advertise support for SEV, SEV-ES, and SEV-SNP. Suggested-by: Nikunj A Dadhania Signed-off-by: Pratik R. Sampat --- v4..v5 * Export the failure of platform_init() to disable SEV+ support --- --- arch/x86/kvm/svm/sev.c | 2 +- drivers/crypto/ccp/sev-dev.c | 10 ++++++++++ include/linux/psp-sev.h | 3 +++ 3 files changed, 14 insertions(+), 1 deletion(-) diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c index b709c2f0945c..188f04247dcf 100644 --- a/arch/x86/kvm/svm/sev.c +++ b/arch/x86/kvm/svm/sev.c @@ -2957,7 +2957,7 @@ void __init sev_hardware_setup(void) bool sev_es_supported = false; bool sev_supported = false; - if (!sev_enabled || !npt_enabled || !nrips) + if (!is_sev_platform_init() || !sev_enabled || !npt_enabled || !nrips) goto out; /* diff --git a/drivers/crypto/ccp/sev-dev.c b/drivers/crypto/ccp/sev-dev.c index b45cd60c19b0..374ca2dd5730 100644 --- a/drivers/crypto/ccp/sev-dev.c +++ b/drivers/crypto/ccp/sev-dev.c @@ -81,6 +81,8 @@ MODULE_FIRMWARE("amd/amd_sev_fam19h_model1xh.sbin"); /* 4th gen EPYC */ static bool psp_dead; static int psp_timeout; +static bool platform_init; + /* Trusted Memory Region (TMR): * The TMR is a 1MB area that must be 1MB aligned. Use the page allocator * to allocate the memory, which will return aligned memory for the specified @@ -1358,6 +1360,12 @@ int sev_platform_init(struct sev_platform_init_args *args) } EXPORT_SYMBOL_GPL(sev_platform_init); +bool is_sev_platform_init(void) +{ + return platform_init; +} +EXPORT_SYMBOL_GPL(is_sev_platform_init); + static int __sev_platform_shutdown_locked(int *error) { struct psp_device *psp = psp_master; @@ -2427,6 +2435,8 @@ void sev_pci_init(void) if (rc) dev_err(sev->dev, "SEV: failed to INIT error %#x, rc %d\n", args.error, rc); + else + platform_init = true; dev_info(sev->dev, "SEV%s API:%d.%d build:%d\n", sev->snp_initialized ? "-SNP" : "", sev->api_major, sev->api_minor, sev->build); diff --git a/include/linux/psp-sev.h b/include/linux/psp-sev.h index e841a8fbbb15..3a40b79fb37f 100644 --- a/include/linux/psp-sev.h +++ b/include/linux/psp-sev.h @@ -946,6 +946,7 @@ void *psp_copy_user_blob(u64 uaddr, u32 len); void *snp_alloc_firmware_page(gfp_t mask); void snp_free_firmware_page(void *addr); bool snp_fw_valid(void); +bool is_sev_platform_init(void); #else /* !CONFIG_CRYPTO_DEV_SP_PSP */ @@ -982,6 +983,8 @@ static inline void snp_free_firmware_page(void *addr) { } static inline bool snp_fw_valid(void) { return false; } +static inline bool is_sev_platform_init(void) { return false; } + #endif /* CONFIG_CRYPTO_DEV_SP_PSP */ #endif /* __PSP_SEV_H__ */ From patchwork Thu Jan 23 22:00:54 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Pratik R. Sampat" X-Patchwork-Id: 13948670 Received: from NAM02-SN1-obe.outbound.protection.outlook.com (mail-sn1nam02on2089.outbound.protection.outlook.com [40.107.96.89]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 2C8951CDFB9; Thu, 23 Jan 2025 22:01:46 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=fail smtp.client-ip=40.107.96.89 ARC-Seal: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1737669708; cv=fail; b=s5YrF6S2gI51jrUrQK2woI1xfgq1aQOq2ffrnvjrF6xPSakkmmYcjeMCbtM+Tk651YYbcak17TNym2NL9enZX1WYCOxxGBQCS63DZATvXoK1uQyojH0wJmQ+r9zja98qkUSyHXMC5z8Zhcu6R+6AaATUH/E4n/IFY8GHd0E6dQI= ARC-Message-Signature: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1737669708; c=relaxed/simple; bh=3LvNXHDGSKJYnI3Y15fb8Fx1X1WqrVf4TxbHOSbrPV8=; h=From:To:CC:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=TCshAGIzc1wV2GJk1cldqIImbxl9Ta1aO3+1g93NMVeD4dW+2c/ieVZMxhKAIFmME+mcjNKBjeBSKQMxegYZKs9UJ/Pm4bpXGCzIj47eDFk1VqzcuiAPOFf+StNLM2vniL3FJ9OQhyMA2cPC3unVZseXXcAoaSzBKrL1tma7sb0= ARC-Authentication-Results: i=2; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com; spf=fail smtp.mailfrom=amd.com; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b=ym7h/uDh; arc=fail smtp.client-ip=40.107.96.89 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com Authentication-Results: smtp.subspace.kernel.org; spf=fail smtp.mailfrom=amd.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b="ym7h/uDh" ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=CAsJk6Sm426dcMCr1bOBXHzlF/2YGde+1WnoFf9KUSOcPFOFP4KKhGbAqbrsQc6iwN0Ua626RnmhP41XLdVoKiwUCZ0yTfTe86OXZp8eHZ0njRK2QMoUCKA5diZOqa29HUVGZeUWRZENIz2wePhHQcF5ZR/P7ZUcporugul3FXqTnxqghXBNEqfTctZqAbJkH/NJ0dEwI3tfBKrGXoLz0ChwuhF46cME3XwOX43fxjoQTcIztd5fZ+hEaPooc8Moh0FZ7fGFLR7CIIqT6BdDi2DYL2xxX5OY50/rNqQllO+jBEwuhdXXuTo592lidKhu7FMDXlsHmT9f7hWphRfhYg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=qqFz9y8T+D9y9DwlJUeY2mHF1w0bWZrXG4FpTuLg/hw=; b=kFzFhbBGnoZrEMSe3i/nzw+k7BNCmThHkGI4NytGIRKeds8Z3JNkd5ll4RmT1M47PCtw+s/ZXtFdFMmn0ifRD1Dw5nrPvSSuavOinQhYiyfTuJMxuUnmi+74kSqLx/sbqhvw7kHnYVQlKjvZ+6RBlfLRRV9uEwJYreDgJaOCqiiuuY3bpUcPy/KL/K7Ld0EmUY3j7G89Ca/inrOQI5z973cvwQ1UP4V8EQWpgfsVLhEEJOPdT7++OIu/fqOeR2oEN8bs5QdwNvR2gI5s6hbBjYZFkJzz0RmHdl8QgMCTm253IDfbOVV06Z0ovtO5HP1GDkYgCirQrhZuahD2RofVpQ== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none (0) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=qqFz9y8T+D9y9DwlJUeY2mHF1w0bWZrXG4FpTuLg/hw=; b=ym7h/uDhO67YRJB1TOYAf1ZFYQBYEmAxPE1Tb69BVcwIUoXEshtmyFEJPpYygWEjqp696TveG7iNp8s0gX/2WiFH257y2cbHfn04TBU9xduTy0FbIOPQgnfHuIqagXrbuMEMNg1ninK8lOSbTjBbZym9N/JdwNs649RW+cmj/vQ= Received: from SJ0PR03CA0090.namprd03.prod.outlook.com (2603:10b6:a03:331::35) by BY1PR12MB8446.namprd12.prod.outlook.com (2603:10b6:a03:52d::16) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.8377.19; Thu, 23 Jan 2025 22:01:43 +0000 Received: from CO1PEPF000042A9.namprd03.prod.outlook.com (2603:10b6:a03:331:cafe::5f) by SJ0PR03CA0090.outlook.office365.com (2603:10b6:a03:331::35) with Microsoft SMTP Server (version=TLS1_3, cipher=TLS_AES_256_GCM_SHA384) id 15.20.8356.22 via Frontend Transport; Thu, 23 Jan 2025 22:01:42 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by CO1PEPF000042A9.mail.protection.outlook.com (10.167.243.38) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.8377.8 via Frontend Transport; Thu, 23 Jan 2025 22:01:42 +0000 Received: from sampat-dell.amd.com (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.39; Thu, 23 Jan 2025 16:01:40 -0600 From: "Pratik R. Sampat" To: , , , , CC: , , , , , , , , , , , , , Subject: [PATCH v5 3/9] KVM: selftests: SEV-SNP test for KVM_SEV_INIT2 Date: Thu, 23 Jan 2025 16:00:54 -0600 Message-ID: <20250123220100.339867-4-prsampat@amd.com> X-Mailer: git-send-email 2.48.1 In-Reply-To: <20250123220100.339867-1-prsampat@amd.com> References: <20250123220100.339867-1-prsampat@amd.com> Precedence: bulk X-Mailing-List: linux-kselftest@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-ClientProxiedBy: SATLEXMB04.amd.com (10.181.40.145) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: CO1PEPF000042A9:EE_|BY1PR12MB8446:EE_ X-MS-Office365-Filtering-Correlation-Id: ca8bf5da-0ea1-4bf8-3b87-08dd3bf98543 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0;ARA:13230040|7416014|376014|36860700013|1800799024|82310400026; X-Microsoft-Antispam-Message-Info: s9JlLh+TWZ3sEJEAnCszzw4HaFTQSLZZ75rYTlTasBnV81IP7TqmSVywVwa2sFilZIfTVzHHoxJ3TCKKZ7GUh48wanJoi2dMoQkbZoxrtXWXpMTUw/OaMcIObNNTkIKXCXkITmbwqL3/U0zT+llwgkZTjYtkXWWEv55xV+Kq/8ZlEqZLUqcts0Jcs+hiHnE9t1tlpmi5F1sMJzTYWUwQIEY1APSwQWi1CpU4WqnKie7mXHGFoNsu1JS0fDAa2XDE0bhputs2ZBitJoXXu+Xw+4XocgloBoHQ+Df5dBF9/kXUBJpoJthrGIyY561TrrB5iVpxfi5lVHYpw9o87bo0Hxbw98KSQbpzj5uYRJkbRf/R4Jrms55SH6LlTH76OTEUw2JZE3M3OG6ZJZGSibktXdMYiP67COLV6loxC9PbpEPf6jYZIh7d2Qis/Hyrbdo/w4T+4g6A85+wy/35tioJCbkqAm7TxD4kT3CucMz14v2TVdPvW9iV3Y3/I+DxaRxdoKsTumfAMecw1H28ow7/Mzy9kNi9fuDHoTNySOtUaSDTg/yTvj96Bz2UI+lqkv44JYswDcChiAJWesVb9b6QYBo9US7sPv711n5X04kaKjZvP32yS9yc+hOO2lQ7dtlpoVjPTcbYj17A+jGsQGRh2yavgYrGJmSTNa6D70GXHFtQnYFZsS1abMgf2gns9e6fN8ptzng7xhIRKns0hnY0ExkAqd8GA6ERnfxkEiaCG02jqYuW5lYxYwlde8G0FohN7HXwOgWIwbVQedUgcNb7qAPjQgHh0y8tcoBRMfqsbtUAVpRFB9qJsEdbUkXBmZk5O9OrLQaOC5kvXYfOT2p+vyLkq2/hExVVK4FfcsS4rFN5KnsSDWmPTdzkVMA21tdGsP5cVdXW9S20qKrcgNR7kzALmvmjmmRvI24rfMmHoVl7KzaEnvssJNcgNuiDtZe07JrC2aBKFY+Dmhpy7Kf9kSQIoDq6+EJ1oZzQ5WbMCv7fXJksVUsuitBBLVE3g3cu2gnmd9PxwDm3vGrF7RvFlAIwticukJOLvMk4w9RKMXfXTgevba9p/pvJRs4dcEfvt7H+KTLRZd/0GGl16bw2kLP1tc55og3GbMb8C72ck86aiIvE4SLN69+uhcAjJ+nP811dXwLW1EkI2rg1F+jZo9HfRzs5UND40mvvNnIi9KPbP6LJfmdmUuaw48VHJqJRr+2pM+xt5C4XMA2yHmQO5sTtFWvmFQyuw/SYBQtPbvxJxu4WWdY0RD4WnkNysHdP5gi4ewPSlGkb0YcmZcW8sVs7oTL27zyyeeuUhtZOJcdgC/kZHk52h4V+IpeAZ7X2Nmbclw5h7KnMKCNMq5/f8JFZr6ElyXrZ/buuzblLRELdjPXzSNu0Bkc+DrtigNcQ3us+m8wEceNouZfe7SVa8VaMMZkzGBtrFXCeK/oFOJRHO2F+FMKEY8O6L3kcXxvXioHbgWT1OgKgZBsAU8v8u8ok2bRro/z3H1qKMONu/Ps= X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230040)(7416014)(376014)(36860700013)(1800799024)(82310400026);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 23 Jan 2025 22:01:42.3587 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: ca8bf5da-0ea1-4bf8-3b87-08dd3bf98543 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: CO1PEPF000042A9.namprd03.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: BY1PR12MB8446 Add the X86_FEATURE_SNP CPU feature to the architectural definition for the SEV-SNP VM type to exercise the KVM_SEV_INIT2 call. Ensure that the SNP test is skipped in scenarios where CPUID supports it but KVM does not, preventing reporting of failure in such cases. Signed-off-by: Pratik R. Sampat --- tools/testing/selftests/kvm/include/x86/processor.h | 1 + tools/testing/selftests/kvm/x86/sev_init2_tests.c | 13 +++++++++++++ 2 files changed, 14 insertions(+) diff --git a/tools/testing/selftests/kvm/include/x86/processor.h b/tools/testing/selftests/kvm/include/x86/processor.h index d60da8966772..1e05e610bb06 100644 --- a/tools/testing/selftests/kvm/include/x86/processor.h +++ b/tools/testing/selftests/kvm/include/x86/processor.h @@ -199,6 +199,7 @@ struct kvm_x86_cpu_feature { #define X86_FEATURE_VGIF KVM_X86_CPU_FEATURE(0x8000000A, 0, EDX, 16) #define X86_FEATURE_SEV KVM_X86_CPU_FEATURE(0x8000001F, 0, EAX, 1) #define X86_FEATURE_SEV_ES KVM_X86_CPU_FEATURE(0x8000001F, 0, EAX, 3) +#define X86_FEATURE_SNP KVM_X86_CPU_FEATURE(0x8000001F, 0, EAX, 4) /* * KVM defined paravirt features. diff --git a/tools/testing/selftests/kvm/x86/sev_init2_tests.c b/tools/testing/selftests/kvm/x86/sev_init2_tests.c index 3fb967f40c6a..3f8fb2cc3431 100644 --- a/tools/testing/selftests/kvm/x86/sev_init2_tests.c +++ b/tools/testing/selftests/kvm/x86/sev_init2_tests.c @@ -28,6 +28,7 @@ int kvm_fd; u64 supported_vmsa_features; bool have_sev_es; +bool have_snp; static int __sev_ioctl(int vm_fd, int cmd_id, void *data) { @@ -83,6 +84,9 @@ void test_vm_types(void) if (have_sev_es) test_init2(KVM_X86_SEV_ES_VM, &(struct kvm_sev_init){}); + if (have_snp) + test_init2(KVM_X86_SNP_VM, &(struct kvm_sev_init){}); + test_init2_invalid(0, &(struct kvm_sev_init){}, "VM type is KVM_X86_DEFAULT_VM"); if (kvm_check_cap(KVM_CAP_VM_TYPES) & BIT(KVM_X86_SW_PROTECTED_VM)) @@ -138,15 +142,24 @@ int main(int argc, char *argv[]) "sev-es: KVM_CAP_VM_TYPES (%x) does not match cpuid (checking %x)", kvm_check_cap(KVM_CAP_VM_TYPES), 1 << KVM_X86_SEV_ES_VM); + have_snp = kvm_check_cap(KVM_CAP_VM_TYPES) & BIT(KVM_X86_SNP_VM); + TEST_ASSERT(!have_snp || kvm_cpu_has(X86_FEATURE_SNP), + "sev-snp: KVM_CAP_VM_TYPES (%x) indicates SNP support (bit %d), but CPUID does not", + kvm_check_cap(KVM_CAP_VM_TYPES), KVM_X86_SNP_VM); + test_vm_types(); test_flags(KVM_X86_SEV_VM); if (have_sev_es) test_flags(KVM_X86_SEV_ES_VM); + if (have_snp) + test_flags(KVM_X86_SNP_VM); test_features(KVM_X86_SEV_VM, 0); if (have_sev_es) test_features(KVM_X86_SEV_ES_VM, supported_vmsa_features); + if (have_snp) + test_features(KVM_X86_SNP_VM, supported_vmsa_features); return 0; } From patchwork Thu Jan 23 22:00:55 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Pratik R. Sampat" X-Patchwork-Id: 13948671 Received: from NAM12-BN8-obe.outbound.protection.outlook.com (mail-bn8nam12on2072.outbound.protection.outlook.com [40.107.237.72]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 04AE81CAA91; Thu, 23 Jan 2025 22:01:57 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=fail smtp.client-ip=40.107.237.72 ARC-Seal: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1737669719; cv=fail; b=FLwXVQnNBQiXgVECVH7O40tsxcrRfRipzLW8+ksN1onTv+FdprgWhSKWcILO81agNitqA/44j2cLI3SGavpgMt5cryU34w5r7d/uAAbti2G+KV9JLIEp1gQ9hkGgBtsAePeFjA0j+nol4aby+1lWA4w4hSIbWYb10syLUoC2Z9I= ARC-Message-Signature: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1737669719; c=relaxed/simple; bh=iJyRkZuGIdOsuOJh9PkDvFSKVOfbePPf+3pz8N6YMls=; h=From:To:CC:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=Kd9N420DhCHn6JwFP2ppRONyC58ZTM1aLTLDfl3+isr9ahoQ3NAiU/WISUoKVnSp+GoMh58m+hufDWmUbD/l1pLBZWMe2iIN/c+rJ8lQAzUKCAMmOjlfGJk0hqekwXo4O7YJeZhe3T4ezL9dPXwn4Q019e6xocft42HpDhqKrb0= ARC-Authentication-Results: i=2; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com; spf=fail smtp.mailfrom=amd.com; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b=OqQ91mu8; arc=fail smtp.client-ip=40.107.237.72 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com Authentication-Results: smtp.subspace.kernel.org; spf=fail smtp.mailfrom=amd.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b="OqQ91mu8" ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=v0qpGSUSjxOCk9MKNJmp6TE9HMdp6ZPh8XR1ddJ6MpltSCGv84+i5FfCe5YO8Nicck5mXqygbVcwQsyBaOwBUYVZ9Q605d1T4LUaWP0mwaNCYjAj28spiEjcG5mS4aIkyDGRy5C+412IJyUwGiyziqQ6gWooMNoDFA85tCfTRQnCPWGtEfaJ7ym1P3aWLwOZO/gC2xTCwhsa1vch74/nwcewrK0b++/Ryl7qvjvV9c0CKZGgM5Rbx7Gf0qzkvXau9R6GaIdh6sNiurjdQHeUDoraYfw01Mk2iT42XgcBp99BwaAlUC0zuYCADCA+GpIbmwi7qwMb/RXnLeVoE18AYw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=ie0kCcGEqRklTROQfzy8+NkelMifHCrXpjcSSus4nME=; b=svkpOfhoyd2PdKzVw5m6htRImkXS+gBgpyBKdEfDu53wEuvkViIOWpr0pdc2wkGnRuw77wVxQsc7A60U8C7YfWSCx8GKzaLIW5OPUm8DYMN/mMFDEK2ioCh5PkgPKln17MpZ6qkp/dYpVEMQ0pBzGXkEF1vpZ/mccs4ZquriQxmTKiFFIVu4tyvYPXN/yb5AOU2N49EWqUorhUlzgd6qWg/ET3CligSV57RVIHMB31z2a2gJ/nzAEkBEhm9hOQt5loxmYe9GE+i6mXIgCq2BX0kDUkdsMfAAqFoYDyTqil4cI/7Pvr92/6ThkeRXPcYBaepBg6ZZY8hE/2AeqCZlbQ== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none (0) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=ie0kCcGEqRklTROQfzy8+NkelMifHCrXpjcSSus4nME=; b=OqQ91mu8apzxkdXDLUEVmUAwg0fMW7a0Zem0zg3iu1fy8cj6tcF8oq9tva1cBhWCITP0d3UhK8WzEmdZQ0YnsCn8aeak1MgHybJ/9NaBYF8Wo7ZvpIciz9A44jXYJlX1CeP7XzEbZ9WB3i7TC4iCYb/qd6u58DhMcfbhaunU/58= Received: from BYAPR05CA0100.namprd05.prod.outlook.com (2603:10b6:a03:e0::41) by DM6PR12MB4185.namprd12.prod.outlook.com (2603:10b6:5:216::13) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.8356.22; Thu, 23 Jan 2025 22:01:54 +0000 Received: from CO1PEPF000042AD.namprd03.prod.outlook.com (2603:10b6:a03:e0:cafe::2b) by BYAPR05CA0100.outlook.office365.com (2603:10b6:a03:e0::41) with Microsoft SMTP Server (version=TLS1_3, cipher=TLS_AES_256_GCM_SHA384) id 15.20.8377.18 via Frontend Transport; Thu, 23 Jan 2025 22:01:54 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by CO1PEPF000042AD.mail.protection.outlook.com (10.167.243.42) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.8377.8 via Frontend Transport; Thu, 23 Jan 2025 22:01:53 +0000 Received: from sampat-dell.amd.com (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.39; Thu, 23 Jan 2025 16:01:52 -0600 From: "Pratik R. Sampat" To: , , , , CC: , , , , , , , , , , , , , Subject: [PATCH v5 4/9] KVM: selftests: Add VMGEXIT helper Date: Thu, 23 Jan 2025 16:00:55 -0600 Message-ID: <20250123220100.339867-5-prsampat@amd.com> X-Mailer: git-send-email 2.48.1 In-Reply-To: <20250123220100.339867-1-prsampat@amd.com> References: <20250123220100.339867-1-prsampat@amd.com> Precedence: bulk X-Mailing-List: linux-kselftest@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-ClientProxiedBy: SATLEXMB04.amd.com (10.181.40.145) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: CO1PEPF000042AD:EE_|DM6PR12MB4185:EE_ X-MS-Office365-Filtering-Correlation-Id: e9ea9010-1a49-49ce-03ae-08dd3bf98c17 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0;ARA:13230040|376014|7416014|1800799024|36860700013|82310400026; X-Microsoft-Antispam-Message-Info: EW1OpYmmQJqnqn3CYA9+KfMEEUX9/Fo5TgR0IlNFlQLJbBpgq9C8guMuhrdU/qrJvXQwNR5mPboDuVvel2tbs7eZtQn9ZCqdLcrFtMwu+EVARHV7rQsJCTw1dkIPvRWdH7+WmqgNrHm215RCOAV/zDh/FMxNnt0xO26JYu71Z8N2fU9YhnT5D5u1y4QZ7AT/arcNt8g27UA8L+RQnvrHC2ToSZ987M83nI4HJHWmh4BNv22g6flFDjCnyJISWAl6IyUCRH3PbI48rr2hDyr28Ym9cTiYr3dn2S/z+0a4AcJ9EnDuv+wKBiMGWDNUaXJ6BJuwx/gtVBqRzDIME/3YvMJ1ELt6exqJpRC7FOFkifvulN8qq7FtYPSbazh5j5iCZ5MT6IU2LFDO6JB65uIbX4olSCdZNAuGuuAMiGZZlhOX+0OvuZtyv5iJp8ZKkb1vGWuZjvAvL67lKdh5aNxQrsPJ6zRHY5y0wu4Sb+j2EgLPU8y8/7Z/CErlnTYdQSdPi+cYTjL6t/g0CPpXL/mZluqlXlDhhLt/rCIHH/CWTFXaG/U3QpHaePl1qmTqC9f3bwmXF38/cPUTIiNhaP3cJ9mqdluuaWqkhqk04KKnmltcuvcJrJ5nWKe4cI15KcL/wqWL5FS7DaCfu1kqX+cKniq2F3NOxP+4yMjPRuulFzj1HubTMVekal+2WQ9qtRXhr9PfXHvd+ZLeQNlKBEtwHEz+dnqtFWDEtarRHqlDtatRfLgWRP3jZg3eVPbhVEJOiEv3z8vls5v2M+YgImWqrXZNDTWoBpg+LWtoAs5WS8o6HmskHcNphnPN+hNB2GAJ7+NsPWJTPv5vpnmzJtK3ri7JQpptJpeTG8Zq32RFKNl7mRY7vY1E9xkIHeVC6QJKvLs+tqWbOOtEttar7thit373fZd8feBo5oDaT/5fXqjEzT7fRgCZW26XQVQWVywv+pYXJrm1cUbw0jHUbu9Sf3W+O6FStLl57foDJ2WHyP1464UcXoSUg2o/kDAXMDmZet45Yy0XEs6ABQq3Qddh9B1B0P+Yt2rXaaTRkHEP5Qe8wSTzmE2gyhcJUf1JmDVhNobhBw/XsYbPeCne8N0Ksno+6j6lbp6cG2IxGOJQyGOBnY5cyTETiYWkRNyCDwsDbuOjleyLWevvYvk+1TbOmiXe7BcwlC5H6WcDmDkH5zo4OWWlFKPubIPtLPAGXEHQFN3XbMeSDn6eZr4txA4LlSLP9YX2tT4l6DU8qy8uU5+ndq9SYma/Sicsm4DEc6kvrKlfJe5V9ddPtMiV9+ubItqCjfCYESERlyerUbIyV1r8L/vHe5QFQmserscAzMOwQTfY1BpkWFzLUNMMY+aSbDDXvZGHvJRvSDyYod4aMM8PNb82y9IEpxdFBfLFAbFEhiAcS1eaeAscbYc2Gd9c99e3UBX4ll9HP9DBvvv8ODVwFpGKFXVZPFfMW+XQuSvnmTmU6MN48udGGtm7naqL59ITzmQEf1gib6E0Sl5qLXQ= X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230040)(376014)(7416014)(1800799024)(36860700013)(82310400026);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 23 Jan 2025 22:01:53.8130 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: e9ea9010-1a49-49ce-03ae-08dd3bf98c17 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: CO1PEPF000042AD.namprd03.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM6PR12MB4185 Abstract rep vmmcall coded into the VMGEXIT helper for the sev library. No functional change intended. Signed-off-by: Pratik R. Sampat --- tools/testing/selftests/kvm/include/x86/sev.h | 2 ++ tools/testing/selftests/kvm/x86/sev_smoke_test.c | 2 +- 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/tools/testing/selftests/kvm/include/x86/sev.h b/tools/testing/selftests/kvm/include/x86/sev.h index 82c11c81a956..e7df5d0987f6 100644 --- a/tools/testing/selftests/kvm/include/x86/sev.h +++ b/tools/testing/selftests/kvm/include/x86/sev.h @@ -27,6 +27,8 @@ enum sev_guest_state { #define GHCB_MSR_TERM_REQ 0x100 +#define VMGEXIT() { __asm__ __volatile__("rep; vmmcall"); } + void sev_vm_launch(struct kvm_vm *vm, uint32_t policy); void sev_vm_launch_measure(struct kvm_vm *vm, uint8_t *measurement); void sev_vm_launch_finish(struct kvm_vm *vm); diff --git a/tools/testing/selftests/kvm/x86/sev_smoke_test.c b/tools/testing/selftests/kvm/x86/sev_smoke_test.c index a1a688e75266..38f647fe55d2 100644 --- a/tools/testing/selftests/kvm/x86/sev_smoke_test.c +++ b/tools/testing/selftests/kvm/x86/sev_smoke_test.c @@ -27,7 +27,7 @@ static void guest_sev_es_code(void) * force "termination" to signal "done" via the GHCB MSR protocol. */ wrmsr(MSR_AMD64_SEV_ES_GHCB, GHCB_MSR_TERM_REQ); - __asm__ __volatile__("rep; vmmcall"); + VMGEXIT(); } static void guest_sev_code(void) From patchwork Thu Jan 23 22:00:56 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Pratik R. Sampat" X-Patchwork-Id: 13948672 Received: from NAM12-BN8-obe.outbound.protection.outlook.com (mail-bn8nam12on2078.outbound.protection.outlook.com [40.107.237.78]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 20EF71CAA91; Thu, 23 Jan 2025 22:02:09 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=fail smtp.client-ip=40.107.237.78 ARC-Seal: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1737669731; cv=fail; b=pnqkIg912VM/d3rjjZ4mAb/tRB+EP71iHVAoLZbWpRCR1YVlA2fK8pJl8ZCAfL+pVeUchM46aUBrCuPaXIsAI5XekDjb7V6kXbGn3WuIdzgy5YJHBv7Ur1llvD6XJbUwnfzDW9mQPgiuR//qCn2ZrZFkclNPfcOFCWbQgAOQ3fk= ARC-Message-Signature: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1737669731; c=relaxed/simple; bh=KKR1mpQCDXA4TYk0dd5J/Rp1/USOtoo+VuoKP6fHtV8=; h=From:To:CC:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=Hx8L0IXi3OE1g4IC9HZYOgt9SF6zWCHHkA+Fs4DeH0OSzpdreHYvHf1zbUUxu6he6lBin8qcgLdCh43aeS0uxUyEBGLr/IZQWmDnfyKiYNHl1caE4qSmEW+a3FNpWiHCOT1SMcI4jAp6HNhJyNsnIX907mgQbctt8AD8wbjMEmI= ARC-Authentication-Results: i=2; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com; spf=fail smtp.mailfrom=amd.com; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b=2nHyenGJ; arc=fail smtp.client-ip=40.107.237.78 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com Authentication-Results: smtp.subspace.kernel.org; spf=fail smtp.mailfrom=amd.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b="2nHyenGJ" ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=gfTkmRfT0N3tYGgil7KhXGcoIS3rQJ/4bl3cZ6QIwI4Nww5Jo0WbB8R2aP+Qg3+731ph7aJKd9k3g1wlGxXo1haNUloac3vSaTLh66nIzjGGujKAAK0kazTfnVmH0mYBz0Egjiy2wVjVRJsA6hgghM24XhNtKr0HPEzs7jLEiCp7ghcbRveFVgTAUWMRHF0d4sHgij22BVhe6BAMNvdKUiHAvevwNH46WlmKOel4kve97tJfv7rljGQ1qAdFMEEDrx0Bs/HvlhAhQ67dpm2cfQzeLXsBAkiS8uUtvxtO/fmxrw6iKrfDUwwKJFRjgWA9DbaTnif9bPQFMo9jmcETYQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=JZjcclSsB4qTaRCWtRynJMuCA+yj5ZCReoe/Rfw0maM=; b=E3NezZ8E6b5s+e7Y1g7ZZQfUzUWQswDXcKkoRJQMMHbwKdmw7ReUQGCrFC9dqx9DPrAwnBrp1Q4GA44zFvVUEEo9Wm14f3pE8UQ1jb3RvbkG5AtT92Plgi3PWfif6eOVxao8HUSJBh3EbhVUx8j8WRBFPYYyMVkmcAPI425CHdz9u6WrLYoMY0+BXK1K+YlPQEg0jKXT8s47YzRiHovK5gh5aKlnAwBVcj70uwF/K47Dbyzt2UBeYHZTAoGkgJ51OyHl5BUVpi7eQcV5FoDoMubezjV9ETsp70Lw+MZrifI9ZbZyum7H942xV6F8TU34frnmZzTShSSYC0l/3FLiyQ== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none (0) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=JZjcclSsB4qTaRCWtRynJMuCA+yj5ZCReoe/Rfw0maM=; b=2nHyenGJOZye1IvdkjT3tMyeANNuhnXiHVVRcPEwUyedeHEBaUWYsN2+RGfzieP8DejCxyzooYZ0C/JJoSTVLRdyh9I6FyiPOMFzPc/4rdhYYCd793Lk46QCLAsoqscMnCDeJ1rc7MTy4aClU10KqeW+IBIbBAZ7j58QLhnXRFI= Received: from SJ0PR05CA0147.namprd05.prod.outlook.com (2603:10b6:a03:33d::32) by DS0PR12MB6607.namprd12.prod.outlook.com (2603:10b6:8:d1::13) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.8356.20; Thu, 23 Jan 2025 22:02:05 +0000 Received: from CO1PEPF000042A8.namprd03.prod.outlook.com (2603:10b6:a03:33d:cafe::5d) by SJ0PR05CA0147.outlook.office365.com (2603:10b6:a03:33d::32) with Microsoft SMTP Server (version=TLS1_3, cipher=TLS_AES_256_GCM_SHA384) id 15.20.8377.10 via Frontend Transport; Thu, 23 Jan 2025 22:02:05 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by CO1PEPF000042A8.mail.protection.outlook.com (10.167.243.37) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.8377.8 via Frontend Transport; Thu, 23 Jan 2025 22:02:05 +0000 Received: from sampat-dell.amd.com (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.39; Thu, 23 Jan 2025 16:02:03 -0600 From: "Pratik R. Sampat" To: , , , , CC: , , , , , , , , , , , , , Subject: [PATCH v5 5/9] KVM: selftests: Introduce SEV VM type check Date: Thu, 23 Jan 2025 16:00:56 -0600 Message-ID: <20250123220100.339867-6-prsampat@amd.com> X-Mailer: git-send-email 2.48.1 In-Reply-To: <20250123220100.339867-1-prsampat@amd.com> References: <20250123220100.339867-1-prsampat@amd.com> Precedence: bulk X-Mailing-List: linux-kselftest@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-ClientProxiedBy: SATLEXMB04.amd.com (10.181.40.145) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: CO1PEPF000042A8:EE_|DS0PR12MB6607:EE_ X-MS-Office365-Filtering-Correlation-Id: c1909a44-30c4-4a39-8974-08dd3bf992e2 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0;ARA:13230040|7416014|376014|36860700013|1800799024|82310400026; X-Microsoft-Antispam-Message-Info: 4/hPhQSP10eTG+QgiRHZDax/Zozx1q3C/HIjz4nnWD6gOF5WlBne7fEN9SHHXK96MbttFcgxIMjfWzix4MuVqhNZG6y1R+sXQEpA/VJNmknzm1MxG7Rt97fMmEnOMFsxXcjlbx1i26gb7tA+ykjNA/kcG3kMxBEMvrW0LNnogWSuZ2p34F8ZdkoGsXFJpxBSXTgiunBkivj2/J/9AVwK5/yKV+KCSbX4ZpJVXXSjwhCahNQ1VFXGW5cCAa2r3MR4HkCxF1Zlwbt49KQU294ULamNnxYtppe35fN6mx9YFsfpuxOYlWvGoBIX7YqJ9A/5TdzWsOme2Ayv6kmwbr7rkCBK9daFJjEnKvBB776R9fLdaECEwx7ANODOg9YYzsMaOb6WFnN+ZB+Lgbp9lalDnx9ZwMHz8h++B0iPnYr2PBsPRbb9A0mY5AOg+6IoVU6zxj5GVCcg4P6Ay3lG08DXQxGvrdxCYnOJ12bHXGyocKWiB5DoVgXS2bZh36KiIfesFfMZq2AsvO3hyplZ0eq2rHr4j/Zw9r+T5jx1+6wq+36phwqZRjXM9yunx0BhepnRARuAoUI973cfheXn6PBMDG8gL5ODS60UDgynfIyupjNQUrMJ5pL+DlfGXUTLrEu0CbcDukKGvyK566XDzNb7+1B6/SX+gySo/0rCCEWwwEZqRipkYkO6ojRiVR0BIWTt1d0RBE/E8bomialVBFg+ADBdS4XZvcwS+KY6xfQ9SfvyjthFsGxXOfX6/lt6dPm8U1VTamd5kNmWrEYM5mwKcnrUl+kSisW16lzk8RrT1swdMMJH8NkC3aSC0eQ6EesLtvlAWIQL7dojtqPuC+e+fiwHNbcnvJpVMpx/whE3GabEQdW1L9iX/F5Y0xKlCJh5DHk6zzSKAzNXU7axLEfqXQqNc0V20SusfPn/BFLMt8P2FWXR8MLbHDt5pfskOGeOtZzUoGmGhui7p/3WcoAuKXN6n7PhpudUCCDc/C10agWqyokFXILEiDa2NJlr2gRAYC0xWqX4ELdmwF1VcZuZ4+7PSVT2F1Uqk+20DXzlQE5EPnxYIEOKO/54ZvPH03R7L5DKaCSBwqBK/c9dbiJRclJXoLeuywkJrVSDMBaWXaRRdP+xLuOvToj0vffAqVZBMY1ycHvxEy5eRStqvUw55BB5N1IDSNab6NnqWWEGl0OBQxOgaOmZO755G8YrNyXk3FYUHT7fTXuJRdrHkeajxkB1U4si6IHbP+NqF8QjyqCmN/Asjz5KkMYzZjw7xIuP6ycLGfbJYQD03kOPR6IWIl3cH/Pn5up6ZofV+mfUDf5JEZHN/DdqLgenZlWlDvXi3vTso+vEKajnaLta5MGb+xnXDlYmemvG2J2BIHkLkqiMLFWRR8ggGVjsSQLwEksOr/qy3n8NnDr69E68yr3k32SUVLjGg7GQG/l1H/LvvcxC/RD3yH7oD1mjp5fgT+Om5qf3wdmaRUBD/N+faIaSJA== X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230040)(7416014)(376014)(36860700013)(1800799024)(82310400026);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 23 Jan 2025 22:02:05.2131 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: c1909a44-30c4-4a39-8974-08dd3bf992e2 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: CO1PEPF000042A8.namprd03.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: DS0PR12MB6607 In preparation for SNP, declutter the vm type check by introducing a SEV-SNP VM type check as well a transitive set of helper functions. The SNP VM type is the subset of SEV-ES. Similarly, the SEV-ES and SNP types are subset of the SEV VM type check. Signed-off-by: Pratik R. Sampat --- v4..v5 * Remove redundant snp check within is_sev_vm() --- --- tools/testing/selftests/kvm/include/x86/sev.h | 4 ++++ tools/testing/selftests/kvm/lib/x86/processor.c | 4 ++-- tools/testing/selftests/kvm/lib/x86/sev.c | 17 +++++++++++++++++ .../testing/selftests/kvm/x86/sev_smoke_test.c | 2 +- 4 files changed, 24 insertions(+), 3 deletions(-) diff --git a/tools/testing/selftests/kvm/include/x86/sev.h b/tools/testing/selftests/kvm/include/x86/sev.h index e7df5d0987f6..faed91435963 100644 --- a/tools/testing/selftests/kvm/include/x86/sev.h +++ b/tools/testing/selftests/kvm/include/x86/sev.h @@ -29,6 +29,10 @@ enum sev_guest_state { #define VMGEXIT() { __asm__ __volatile__("rep; vmmcall"); } +bool is_sev_vm(struct kvm_vm *vm); +bool is_sev_es_vm(struct kvm_vm *vm); +bool is_sev_snp_vm(struct kvm_vm *vm); + void sev_vm_launch(struct kvm_vm *vm, uint32_t policy); void sev_vm_launch_measure(struct kvm_vm *vm, uint8_t *measurement); void sev_vm_launch_finish(struct kvm_vm *vm); diff --git a/tools/testing/selftests/kvm/lib/x86/processor.c b/tools/testing/selftests/kvm/lib/x86/processor.c index bd5a802fa7a5..a92dc1dad085 100644 --- a/tools/testing/selftests/kvm/lib/x86/processor.c +++ b/tools/testing/selftests/kvm/lib/x86/processor.c @@ -639,7 +639,7 @@ void kvm_arch_vm_post_create(struct kvm_vm *vm) sync_global_to_guest(vm, host_cpu_is_amd); sync_global_to_guest(vm, is_forced_emulation_enabled); - if (vm->type == KVM_X86_SEV_VM || vm->type == KVM_X86_SEV_ES_VM) { + if (is_sev_vm(vm)) { struct kvm_sev_init init = { 0 }; vm_sev_ioctl(vm, KVM_SEV_INIT2, &init); @@ -1156,7 +1156,7 @@ void kvm_get_cpu_address_width(unsigned int *pa_bits, unsigned int *va_bits) void kvm_init_vm_address_properties(struct kvm_vm *vm) { - if (vm->type == KVM_X86_SEV_VM || vm->type == KVM_X86_SEV_ES_VM) { + if (is_sev_vm(vm)) { vm->arch.sev_fd = open_sev_dev_path_or_exit(); vm->arch.c_bit = BIT_ULL(this_cpu_property(X86_PROPERTY_SEV_C_BIT)); vm->gpa_tag_mask = vm->arch.c_bit; diff --git a/tools/testing/selftests/kvm/lib/x86/sev.c b/tools/testing/selftests/kvm/lib/x86/sev.c index e9535ee20b7f..280ec42e281b 100644 --- a/tools/testing/selftests/kvm/lib/x86/sev.c +++ b/tools/testing/selftests/kvm/lib/x86/sev.c @@ -4,6 +4,23 @@ #include "sev.h" +bool is_sev_snp_vm(struct kvm_vm *vm) +{ + return vm->type == KVM_X86_SNP_VM; +} + +/* A SNP VM is also a SEV-ES VM */ +bool is_sev_es_vm(struct kvm_vm *vm) +{ + return is_sev_snp_vm(vm) || vm->type == KVM_X86_SEV_ES_VM; +} + +/* A SEV-ES and SNP VM is also a SEV VM */ +bool is_sev_vm(struct kvm_vm *vm) +{ + return is_sev_es_vm(vm) || vm->type == KVM_X86_SEV_VM; +} + /* * sparsebit_next_clear() can return 0 if [x, 2**64-1] are all set, and the * -1 would then cause an underflow back to 2**64 - 1. This is expected and diff --git a/tools/testing/selftests/kvm/x86/sev_smoke_test.c b/tools/testing/selftests/kvm/x86/sev_smoke_test.c index 38f647fe55d2..b18c78314d5b 100644 --- a/tools/testing/selftests/kvm/x86/sev_smoke_test.c +++ b/tools/testing/selftests/kvm/x86/sev_smoke_test.c @@ -123,7 +123,7 @@ static void test_sev(void *guest_code, uint64_t policy) for (;;) { vcpu_run(vcpu); - if (policy & SEV_POLICY_ES) { + if (is_sev_es_vm(vm)) { TEST_ASSERT(vcpu->run->exit_reason == KVM_EXIT_SYSTEM_EVENT, "Wanted SYSTEM_EVENT, got %s", exit_reason_str(vcpu->run->exit_reason)); From patchwork Thu Jan 23 22:00:57 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Pratik R. Sampat" X-Patchwork-Id: 13948673 Received: from NAM10-BN7-obe.outbound.protection.outlook.com (mail-bn7nam10on2068.outbound.protection.outlook.com [40.107.92.68]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 356861CDFD3; Thu, 23 Jan 2025 22:02:24 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=fail smtp.client-ip=40.107.92.68 ARC-Seal: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1737669747; cv=fail; b=sjxVNyuA+YCSxfbfa2d7bXRfQ1EYq9LW5qup1p0i79GcbXmMLIaKQwy19IQdQxAfmS78D4mOeMm7YA8uO35fxz8r6+0U9VzNeGaqwyJBibAet/WAw4qA4ZTUyplfnFkcntBXE/451uA3f78lIr0cPm0OIRRb6YcE4Po1zyZ9VzE= ARC-Message-Signature: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1737669747; c=relaxed/simple; bh=Ba/a+u3CzQBX2MTfiGagB8Hfkj4AB0Y7xhBwNbvqIcI=; h=From:To:CC:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=BT1GqfN2TzQh3ahc0ZPIhFkrtIiBtcINcFhK+6X1U9EVzMSCkYnkeUbpx3mV+TGACBRAeYyIw52qy9IrhC+rqgyVyk0So/CzKwxUoVvVtr+pgF6igoQDqrksAOP6KSMfL/OCEtJIMDabvSj2IFBYw6RM/JM36Zb9kGJb+N1uApI= ARC-Authentication-Results: i=2; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com; spf=fail smtp.mailfrom=amd.com; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b=Cg4jySLW; arc=fail smtp.client-ip=40.107.92.68 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com Authentication-Results: smtp.subspace.kernel.org; spf=fail smtp.mailfrom=amd.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b="Cg4jySLW" ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=ILNg9sBc3Ew4jo1vC5MNV7JS4Dx4bKJjLBlooBflDt335AUgQCWbo0H/GopvYPsuFuJ3eaVHSBTOSlH5MvLour6XXHRJMfsNh7O7YXP01p/TAV13E4LtifyHjrPkPTk+eseQJBqZLzPTcAiyb7I017oKQ9UEwpyrR8Q+1/eQqFGhRElgfpb+DHLYCZOPYt7QCfC4aTkNx1JqFlMG9yC2cEMj2tSKq1Q/IEdmKp/UgBI4vrxNQZxdtQs5aOdmO0gI7oVYsGLakiGTqAocVSFeehZgaBUvpL/ZOeeVgfTKQFt+2ZNU6bL+aNjhAd0TL/EHSo36jBrNXAb5H1EJPZ+Rdw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=xtJuRok5jCqjdb6Jz7w9dLZ3t0DG1G1ioWe5IGE1f2A=; b=iLwujojVXwNIWHemhwQUqaypdgEyjQqABCLkCJOQcGLjzux4VsUQyLZuXqV8MaF4pbS5rO0bgVEFYj/T4Re2iX2iTh3vMZVM2EJ3WzYIGOXZ8+XYgUVJurNH5lItpdl635bA8J1n1CplrhgzRyklIXPiS+eNiDYOZjnvVRhG3vqIkUigWJIzYPzHAsvvbQpU8jb7IA1zZLw/5B5G7C+Bxpef810P3ErMNDWxfTp4JL+1UoK0cAV5geqg/AugUWdvdc5UX6MNvSQhiM1D1nccVLdZ0Z13pbqR8pDXlVA3CrHsDjnxXHGCT85X5birHGgxxgOGhssmDwDgOOX3qHdsVA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none (0) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=xtJuRok5jCqjdb6Jz7w9dLZ3t0DG1G1ioWe5IGE1f2A=; b=Cg4jySLWfgWU382YfKTiw5ESPgxahVh5rqNqtlFEopWniqAPd+QCiFWB7ZNEz1nETJFZZjJnlswmOZQImltVmbYMQ11TwtxSP+4aF5bzdL7SorphkRGB1uCsqpJ9WSQmRAAIifHlEEqutSROK9h/Ds1bfWfhNcmO5hPNg+V/rkQ= Received: from SJ0PR03CA0175.namprd03.prod.outlook.com (2603:10b6:a03:338::30) by DS0PR12MB6392.namprd12.prod.outlook.com (2603:10b6:8:cc::22) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.8377.17; Thu, 23 Jan 2025 22:02:17 +0000 Received: from CO1PEPF000042AB.namprd03.prod.outlook.com (2603:10b6:a03:338:cafe::49) by SJ0PR03CA0175.outlook.office365.com (2603:10b6:a03:338::30) with Microsoft SMTP Server (version=TLS1_3, cipher=TLS_AES_256_GCM_SHA384) id 15.20.8377.14 via Frontend Transport; Thu, 23 Jan 2025 22:02:17 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by CO1PEPF000042AB.mail.protection.outlook.com (10.167.243.40) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.8377.8 via Frontend Transport; Thu, 23 Jan 2025 22:02:16 +0000 Received: from sampat-dell.amd.com (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.39; Thu, 23 Jan 2025 16:02:15 -0600 From: "Pratik R. Sampat" To: , , , , CC: , , , , , , , , , , , , , Subject: [PATCH v5 6/9] KVM: selftests: Add library support for interacting with SNP Date: Thu, 23 Jan 2025 16:00:57 -0600 Message-ID: <20250123220100.339867-7-prsampat@amd.com> X-Mailer: git-send-email 2.48.1 In-Reply-To: <20250123220100.339867-1-prsampat@amd.com> References: <20250123220100.339867-1-prsampat@amd.com> Precedence: bulk X-Mailing-List: linux-kselftest@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-ClientProxiedBy: SATLEXMB04.amd.com (10.181.40.145) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: CO1PEPF000042AB:EE_|DS0PR12MB6392:EE_ X-MS-Office365-Filtering-Correlation-Id: ab6d7af5-c514-4b82-47bd-08dd3bf999c3 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0;ARA:13230040|36860700013|82310400026|376014|1800799024|7416014; X-Microsoft-Antispam-Message-Info: ITnRaDjc6v26SxCzavxZ/MBj4z18y8/WqPwLi09sGiuisS9CCYhYYILMwR+TNfetvbtsSQ9bpw+EuHE7bHXd6HtQbWPf8psGhPEp6swAk2PK7V8JF5f3EQcm+eq9Wk6gObrKMm9vBt9YuWZOsJNgsh1IwibKhgZZ8CCGx5jlxwufcyoHnVNnL8F/QyzpDvhEdK3XO2oPIQvKnop6UOWnc5oGaanTf69eonr/1ByAkHsobc0G6tDjmGj+C8dXsEgW0dNpWBS7Q5/niq3zklGt4cmd/EsmiPwRV5rf+ayJ2knsZbSewaj6isDAL8KGYhT99gI75q9GHearuChjXkchgA5I1Hw2Jk2g7OilbQRpmvIbnXIEzizZBIyah06VgHFWOScEqxD5H396N6R3UJIUWk/oW8CUKVcOfsr1Tjdg45Cf2KFkg75AJlKeHtLrshN5v0BlyD8eLFa//ryB1VgHSAcAq2Y20oKz0CviqaUnw+Fvxqx4A9uMY7GGEz7w3Q13ek0N7+WybnfJx3THA4mycZDHkKlSVjuMns5ZRVvQuTGlnKpp+9JzIKLgomcnhxJIyTS+R91GUFaRDEGwhUwrRuYsADpmv6wompcV6jaHkAw+p9lerRyelPowee3tsO4HRCw10HMOZzXu1AUhTjyRKfdScblDW2UyVtXVRYXWgD5LEbw+jORuLJplMUOK4p+SlZXAAPc1sDYmaNwbmL5MCz9aWx/Z3CgSzae5iohPwcJxg6E0InE7a7x3qZbFQxdiRovoznD4wGGd1VG6p5pg4R9IlF5HNQ84mIcKE8ahi0+rabQzwGnmbygb7jENMqVRJH4dSxgdqyA63dnYqgmAZBlAydEFC8W1cbIHpRJd5xjZ0AC8J3Yq4BvuS4nSqWSoEsLnlg7erZ7ssamyyxIMmJpB1i0t3EwybpFdoTdDrcd1HuTod0EW9rb8MLCFgOVB7+90knFKG9V1mT0iSE/e15FMp4u1j7L1OrqbyH9pjLQUL/0IUoq97PdZZ1vqzl/Lu2pdNPHHWWGU+W9u4admfMCWpPrvjOigQmIYGdKUVLFY3x3npFacfOPijXrlGCvqBV3q3phg5iTIF7S2qPWYlHrb/9x+Ks84GTcWU441OTZEdp2EU2gb2VSBZj1fbeL3RgDizG4jHNZre1aTr25Cxpm+pXxx0PU6oKnv0jljLOtAXNKJoftMv8awHRt+XpCEUKSJ58TfZaVynkxiPaTBYZZez6XN0PUpyS9gDxAweRxxS2ZSzqLNFRhT0PxkoNcaGUhcAvK10S/LaZnFgiIC9gyYTPt9zpfmAKx643ttIN/nqwzltU63/GgtGRzBixeD0Tc0E1UMntce93LwPSDyQw8ANiNIh1U/6wmMfUIIzsEr7eb/VP5JU39DXLmvJPvm+WiYNXaNmeigShA1qbw2JdgfeipKfNMXGAnB5cx93RZI1OmrzKFLQq7mebdIxANba7HHGe7FW5BptHvTsnRI58RArCUgRup2DmG3HyPd8VA= X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230040)(36860700013)(82310400026)(376014)(1800799024)(7416014);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 23 Jan 2025 22:02:16.7367 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: ab6d7af5-c514-4b82-47bd-08dd3bf999c3 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: CO1PEPF000042AB.namprd03.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: DS0PR12MB6392 Extend the SEV library to include support for SNP ioctl() wrappers, which aid in launching and interacting with a SEV-SNP guest. Signed-off-by: Pratik R. Sampat --- v4..v5 * encrypt_region() cleanup of code flow * minor changes to comments --- --- tools/testing/selftests/kvm/include/x86/sev.h | 49 ++++++++++- tools/testing/selftests/kvm/lib/x86/sev.c | 82 +++++++++++++++++-- 2 files changed, 125 insertions(+), 6 deletions(-) diff --git a/tools/testing/selftests/kvm/include/x86/sev.h b/tools/testing/selftests/kvm/include/x86/sev.h index faed91435963..fd5d5261e10e 100644 --- a/tools/testing/selftests/kvm/include/x86/sev.h +++ b/tools/testing/selftests/kvm/include/x86/sev.h @@ -22,9 +22,20 @@ enum sev_guest_state { SEV_GUEST_STATE_RUNNING, }; +/* Minimum firmware version required for the SEV-SNP support */ +#define SNP_MIN_API_MAJOR 1 +#define SNP_MIN_API_MINOR 51 + #define SEV_POLICY_NO_DBG (1UL << 0) #define SEV_POLICY_ES (1UL << 2) +#define SNP_POLICY_SMT (1ULL << 16) +#define SNP_POLICY_RSVD_MBO (1ULL << 17) +#define SNP_POLICY_DBG (1ULL << 19) + +#define SNP_FW_VER_MINOR(min) ((uint8_t)(min) << 0) +#define SNP_FW_VER_MAJOR(maj) ((uint8_t)(maj) << 8) + #define GHCB_MSR_TERM_REQ 0x100 #define VMGEXIT() { __asm__ __volatile__("rep; vmmcall"); } @@ -36,13 +47,35 @@ bool is_sev_snp_vm(struct kvm_vm *vm); void sev_vm_launch(struct kvm_vm *vm, uint32_t policy); void sev_vm_launch_measure(struct kvm_vm *vm, uint8_t *measurement); void sev_vm_launch_finish(struct kvm_vm *vm); +void snp_vm_launch_start(struct kvm_vm *vm, uint64_t policy); +void snp_vm_launch_update(struct kvm_vm *vm); +void snp_vm_launch_finish(struct kvm_vm *vm); struct kvm_vm *vm_sev_create_with_one_vcpu(uint32_t type, void *guest_code, struct kvm_vcpu **cpu); -void vm_sev_launch(struct kvm_vm *vm, uint32_t policy, uint8_t *measurement); +void vm_sev_launch(struct kvm_vm *vm, uint64_t policy, uint8_t *measurement); kvm_static_assert(SEV_RET_SUCCESS == 0); +/* + * A SEV-SNP VM requires the policy reserved bit to always be set. + * The SMT policy bit is also required to be set based on SMT being + * available and active on the system. + */ +static inline u64 snp_default_policy(void) +{ + bool smt_active = false; + FILE *f; + + f = fopen("/sys/devices/system/cpu/smt/active", "r"); + if (f) { + smt_active = fgetc(f) - '0'; + fclose(f); + } + + return SNP_POLICY_RSVD_MBO | (smt_active ? SNP_POLICY_SMT : 0); +} + /* * The KVM_MEMORY_ENCRYPT_OP uAPI is utter garbage and takes an "unsigned long" * instead of a proper struct. The size of the parameter is embedded in the @@ -76,6 +109,7 @@ kvm_static_assert(SEV_RET_SUCCESS == 0); void sev_vm_init(struct kvm_vm *vm); void sev_es_vm_init(struct kvm_vm *vm); +void snp_vm_init(struct kvm_vm *vm); static inline void sev_register_encrypted_memory(struct kvm_vm *vm, struct userspace_mem_region *region) @@ -99,4 +133,17 @@ static inline void sev_launch_update_data(struct kvm_vm *vm, vm_paddr_t gpa, vm_sev_ioctl(vm, KVM_SEV_LAUNCH_UPDATE_DATA, &update_data); } +static inline void snp_launch_update_data(struct kvm_vm *vm, vm_paddr_t gpa, + uint64_t hva, uint64_t size, uint8_t type) +{ + struct kvm_sev_snp_launch_update update_data = { + .uaddr = hva, + .gfn_start = gpa >> PAGE_SHIFT, + .len = size, + .type = type, + }; + + vm_sev_ioctl(vm, KVM_SEV_SNP_LAUNCH_UPDATE, &update_data); +} + #endif /* SELFTEST_KVM_SEV_H */ diff --git a/tools/testing/selftests/kvm/lib/x86/sev.c b/tools/testing/selftests/kvm/lib/x86/sev.c index 280ec42e281b..17d493e9907a 100644 --- a/tools/testing/selftests/kvm/lib/x86/sev.c +++ b/tools/testing/selftests/kvm/lib/x86/sev.c @@ -31,7 +31,8 @@ bool is_sev_vm(struct kvm_vm *vm) * and find the first range, but that's correct because the condition * expression would cause us to quit the loop. */ -static void encrypt_region(struct kvm_vm *vm, struct userspace_mem_region *region) +static void encrypt_region(struct kvm_vm *vm, struct userspace_mem_region *region, + uint8_t page_type) { const struct sparsebit *protected_phy_pages = region->protected_phy_pages; const vm_paddr_t gpa_base = region->region.guest_phys_addr; @@ -41,13 +42,35 @@ static void encrypt_region(struct kvm_vm *vm, struct userspace_mem_region *regio if (!sparsebit_any_set(protected_phy_pages)) return; - sev_register_encrypted_memory(vm, region); + if (!is_sev_snp_vm(vm)) + sev_register_encrypted_memory(vm, region); sparsebit_for_each_set_range(protected_phy_pages, i, j) { const uint64_t size = (j - i + 1) * vm->page_size; const uint64_t offset = (i - lowest_page_in_region) * vm->page_size; - sev_launch_update_data(vm, gpa_base + offset, size); + if (is_sev_snp_vm(vm)) { + snp_launch_update_data(vm, gpa_base + offset, + (uint64_t)addr_gpa2hva(vm, gpa_base + offset), + size, page_type); + } else { + sev_launch_update_data(vm, gpa_base + offset, size); + } + } +} + +static void privatize_region(struct kvm_vm *vm, struct userspace_mem_region *region) +{ + const struct sparsebit *protected_phy_pages = region->protected_phy_pages; + const vm_paddr_t gpa_base = region->region.guest_phys_addr; + const sparsebit_idx_t lowest_page_in_region = gpa_base >> vm->page_shift; + sparsebit_idx_t i, j; + + sparsebit_for_each_set_range(protected_phy_pages, i, j) { + const uint64_t size = (j - i + 1) * vm->page_size; + const uint64_t offset = (i - lowest_page_in_region) * vm->page_size; + + vm_mem_set_private(vm, gpa_base + offset, size); } } @@ -77,6 +100,14 @@ void sev_es_vm_init(struct kvm_vm *vm) } } +void snp_vm_init(struct kvm_vm *vm) +{ + struct kvm_sev_init init = { 0 }; + + assert(vm->type == KVM_X86_SNP_VM); + vm_sev_ioctl(vm, KVM_SEV_INIT2, &init); +} + void sev_vm_launch(struct kvm_vm *vm, uint32_t policy) { struct kvm_sev_launch_start launch_start = { @@ -93,7 +124,7 @@ void sev_vm_launch(struct kvm_vm *vm, uint32_t policy) TEST_ASSERT_EQ(status.state, SEV_GUEST_STATE_LAUNCH_UPDATE); hash_for_each(vm->regions.slot_hash, ctr, region, slot_node) - encrypt_region(vm, region); + encrypt_region(vm, region, 0); if (policy & SEV_POLICY_ES) vm_sev_ioctl(vm, KVM_SEV_LAUNCH_UPDATE_VMSA, NULL); @@ -129,6 +160,35 @@ void sev_vm_launch_finish(struct kvm_vm *vm) TEST_ASSERT_EQ(status.state, SEV_GUEST_STATE_RUNNING); } +void snp_vm_launch_start(struct kvm_vm *vm, uint64_t policy) +{ + struct kvm_sev_snp_launch_start launch_start = { + .policy = policy, + }; + + vm_sev_ioctl(vm, KVM_SEV_SNP_LAUNCH_START, &launch_start); +} + +void snp_vm_launch_update(struct kvm_vm *vm) +{ + struct userspace_mem_region *region; + int ctr; + + hash_for_each(vm->regions.slot_hash, ctr, region, slot_node) { + privatize_region(vm, region); + encrypt_region(vm, region, KVM_SEV_SNP_PAGE_TYPE_NORMAL); + } + + vm->arch.is_pt_protected = true; +} + +void snp_vm_launch_finish(struct kvm_vm *vm) +{ + struct kvm_sev_snp_launch_finish launch_finish = { 0 }; + + vm_sev_ioctl(vm, KVM_SEV_SNP_LAUNCH_FINISH, &launch_finish); +} + struct kvm_vm *vm_sev_create_with_one_vcpu(uint32_t type, void *guest_code, struct kvm_vcpu **cpu) { @@ -145,8 +205,20 @@ struct kvm_vm *vm_sev_create_with_one_vcpu(uint32_t type, void *guest_code, return vm; } -void vm_sev_launch(struct kvm_vm *vm, uint32_t policy, uint8_t *measurement) +void vm_sev_launch(struct kvm_vm *vm, uint64_t policy, uint8_t *measurement) { + if (is_sev_snp_vm(vm)) { + vm_enable_cap(vm, KVM_CAP_EXIT_HYPERCALL, (1 << KVM_HC_MAP_GPA_RANGE)); + + snp_vm_launch_start(vm, policy); + + snp_vm_launch_update(vm); + + snp_vm_launch_finish(vm); + + return; + } + sev_vm_launch(vm, policy); if (!measurement) From patchwork Thu Jan 23 22:00:58 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Pratik R. Sampat" X-Patchwork-Id: 13948674 Received: from NAM11-CO1-obe.outbound.protection.outlook.com (mail-co1nam11on2058.outbound.protection.outlook.com [40.107.220.58]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id C2CC21CDA3F; Thu, 23 Jan 2025 22:02:33 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=fail smtp.client-ip=40.107.220.58 ARC-Seal: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1737669755; cv=fail; b=pfruno/29i5O729BWLyCdAQYyY24AHh2DCYunK6BVb0fM2Xw4g4FUosG4S15/z1tVR7LGS3PMKPLyT8NGexR7gArwymn577ADlr/FL/SYGCvTOvv+eJFDy1eURlyS8axdZ5jPau7hJCFbJIoWeS81MtNKfq19omb1UYKIZn0ILg= ARC-Message-Signature: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1737669755; c=relaxed/simple; bh=8Zm+saQvm3iQHWzwa0AFasdrYzPnqdivK+SQZq6xe0E=; h=From:To:CC:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=MPCUMzuZtAo6Bcwtk4/HHGxRrF9F4XhTqYGwGW0TEoDYsuPpsbtn6lIFiIPEN4c3j1lyIjGwCLaV7ZiZPeg2EO6I6Th3EF2OyMRUcoxdv6Hdl41TZ2+pBYcEAotPYSb7umeQDAqO3lzJPRjXxNUgVUkESEw8dexAU9aKOK1NFfQ= ARC-Authentication-Results: i=2; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com; spf=fail smtp.mailfrom=amd.com; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b=iaIzYPLh; arc=fail smtp.client-ip=40.107.220.58 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com Authentication-Results: smtp.subspace.kernel.org; spf=fail smtp.mailfrom=amd.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b="iaIzYPLh" ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=UZ42MVJVy+WGj89pEkX3BZ8HPtXL0OaB+IjRI1rMNylBKUKoFCpQiW4RK7JIyJtwoepV326GPEC89AitBypO0F34a0W+Oj1wMUwvx2oqFFHoJtF0GEtxlg9Mik9fSfyYrWz6tM3ezi74Yf4z/mYbWD8GxLg3DFec1SdyQTjHU8Bz6Tp/xgTGhNIbap54t0KxT/lzxyk1hTAq6DEKx1idMLQ1MHqQ8B5iFEBmnkc/6XO/Pk6uFc3pF76msS76Pf400dT0bvuSqUgOrW09dvjJrzwJ0ToQ0nf472z/xXBH30H/3+H2mcYCf9HK5/D/CLse4e3XSKLc9426mJbXs7NFig== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=hECz9pFVz/suIaR60vbxBLgnenR1cmtTB1A+tesJQlg=; b=d3SRCBFurSbO8ZFa1lJvswpvE0+YUU1DkoRAowS8o4L59v+ACm52+SYZFN2J40DQs0lVpGsU+cph+dwAAPV3NhlNMJp4mTqtIEKvSx5iE0sbzDw7Qic6cfIfzVF7HfAvgk7V++N6o2gnzUWopY1nHzsSQnHw7q2B6aXEOkZdd4bih51U6Dw0wwd9vTBot3a6Jd6GSAmPGq9pTFcxaeBRFqsun/mcQ4Usyodkzo/4Xg1Lxi1OYa9vAKqnmu/grePhq3exzKkvfvfIBoIEUdY/gO0eRXzOsiKtUvyBrQhVwa8XGaPoFeqeJiTWhat55So0kFmUv3jHZCDQxE2AJc8+gA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none (0) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=hECz9pFVz/suIaR60vbxBLgnenR1cmtTB1A+tesJQlg=; b=iaIzYPLhnzjptFgPv2nARL1rMwO8xSvC2KF1ik8PfiQwDoYkjt2vadxrmIFe7Mk3KzTj+PUAAsCJNO0Nxcr5WWvoCr4pc9w6NIQt1Q25fhshnxPKrJT9/p3owE59OWAvIZp5GeJvw4xTtfhDbwktH+pKZzB2+yS+pND2i0Cu6yY= Received: from SJ0P220CA0003.NAMP220.PROD.OUTLOOK.COM (2603:10b6:a03:41b::34) by LV3PR12MB9186.namprd12.prod.outlook.com (2603:10b6:408:197::16) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.8377.19; Thu, 23 Jan 2025 22:02:29 +0000 Received: from CO1PEPF000042AD.namprd03.prod.outlook.com (2603:10b6:a03:41b:cafe::86) by SJ0P220CA0003.outlook.office365.com (2603:10b6:a03:41b::34) with Microsoft SMTP Server (version=TLS1_3, cipher=TLS_AES_256_GCM_SHA384) id 15.20.8377.14 via Frontend Transport; Thu, 23 Jan 2025 22:02:28 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by CO1PEPF000042AD.mail.protection.outlook.com (10.167.243.42) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.8377.8 via Frontend Transport; Thu, 23 Jan 2025 22:02:27 +0000 Received: from sampat-dell.amd.com (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.39; Thu, 23 Jan 2025 16:02:26 -0600 From: "Pratik R. Sampat" To: , , , , CC: , , , , , , , , , , , , , Subject: [PATCH v5 7/9] KVM: selftests: Force GUEST_MEMFD flag for SNP VM type Date: Thu, 23 Jan 2025 16:00:58 -0600 Message-ID: <20250123220100.339867-8-prsampat@amd.com> X-Mailer: git-send-email 2.48.1 In-Reply-To: <20250123220100.339867-1-prsampat@amd.com> References: <20250123220100.339867-1-prsampat@amd.com> Precedence: bulk X-Mailing-List: linux-kselftest@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-ClientProxiedBy: SATLEXMB04.amd.com (10.181.40.145) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: CO1PEPF000042AD:EE_|LV3PR12MB9186:EE_ X-MS-Office365-Filtering-Correlation-Id: 5f5722aa-6355-4064-082d-08dd3bf9a05b X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0;ARA:13230040|7416014|376014|36860700013|1800799024|82310400026; X-Microsoft-Antispam-Message-Info: MLgFTW2NG3RL10tuf9wUG3DDbdnhmf0g7YkArwZAw1FP/3/KrbdNTwsHbhlfjbOyCIm7eEf2wRsAU5GkHLsVOy92kAjQ7lvl+a8WVJgb/d8sfd3Qo3I3aQmPOIwkw323PvtVn/ovNFTXjdJYDwP7FZC9UMqCjhVvtshwCZca3TpT/olDcH3i6WQqF/GmyYDOHkMRM/400pRCjexzfc/G59GuvLoAWbK8tGCZkcrfgmHK7cycSXLa8OoRATLFvjAjkJdpyiar0hKmXosbwuV8u4xYAIi5Od7I2C2dOCwL4i0FmNEco5Zar5oxF5U/BuE3OAkO1f1bvRa4mwvVmI40TT2pKtvfTRgTclUGpe2Z3qzS3GkaQiPGf9zI8avwYu11oPTF+xzXt/dtRFC1SVdpp2iE9Yhts8D/DG1XwXSfNDJlvBRU+sNvslt187PLJasdEx9rP+veVMdVK2dCpnA5RVjIQnpEwCfh9eW+DFmJGTrvnmKf8rj20XI69+5ts61USQaDdHiFPIRkizv2UFMcvuri8D3Okh5in5MzG6gnj2Hg7gdtAEVPTEu3yV9zM62k41vsXQ3Rbi2prk2+xQFIqLMbbS+uZ1sjE0zna7C+kZnr/5ilN+OnSVC6z2d7uFyJuXKEROP8+n4SwW3xfeTtDEb7FPfWNnXaFk4jAbJdhm7tNbehE27AApp3D0FcmMWVjE0G178WdkFot+OZVMY2PJ3hZUGv5mED4U14kGkt9qYOHV3HCkpEGYPdcD3aQW3Pq/asp4nXCisNEGwkLJV6HsUe66PDhK7TN46foQfBCsL9FdpcQe9sY0XHRYH9rqepgqmfAA2ld/EqGyDTcm/vGNGtOfiafLeww9q/ay6F0jRGB4eFtJpYE61cPFthERRUH9f4IBIEilRdkqCEirg83huRAdcSPa4PH+lsLHPoMMbAh7oSS5aTm3Xsig/Mhpc7vEfavfyeRDlG6Y9F70S5TECvdFXmUbF7CdcYilYOgA5njGpOTuZp81SxPTJ4jwXUcUcWlF1rf2I/6ekAScvlHTeS4rZMRLrDdWYMltaLl1kVsx2X5K2l0V2zbOTiLuk7bYDujTnrfN4OLx3NrB3m6B5abYFNnZHQObA2BjGelpG3X/KSaBM1qRWgq/xSa0WT2C7JG2UKnRONATZfwXjmviJ2Dc1YnjI42oesTtSmbY2yj+fmSmxwtzdpSvhHMopLNMancb6ECbJUmY4XhkuWAH6ylVjAcBmlKI0A0PdeIN6CJZDmlAfrSWz9FQrBAGT/FwisBzmiJp24yyG64xBfOYB6h7dDID9HQy1SpgOw3WJAUF3EAgrQd1w85xRFWtgOGT0HmPluvPZzJk8eDLP+MtBTHu9wYs8XcHynHi6E3pxs6Jkx7xUJrryHrO+g0QIU/r0CzmWnP3i8KACL/LGWoO3VkUZrOThVEVq8VvrnYdeN+XU/xr1GJFsSjX/l+xbDi7OUMsb2BEk4b73RfJNkZA== X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230040)(7416014)(376014)(36860700013)(1800799024)(82310400026);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 23 Jan 2025 22:02:27.7975 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 5f5722aa-6355-4064-082d-08dd3bf9a05b X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: CO1PEPF000042AD.namprd03.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: LV3PR12MB9186 Force the SEV-SNP VM type to set the KVM_MEM_GUEST_MEMFD flag for the creation of private memslots. Signed-off-by: Pratik R. Sampat --- tools/testing/selftests/kvm/lib/kvm_util.c | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/tools/testing/selftests/kvm/lib/kvm_util.c b/tools/testing/selftests/kvm/lib/kvm_util.c index 33fefeb3ca44..089488e2eaf6 100644 --- a/tools/testing/selftests/kvm/lib/kvm_util.c +++ b/tools/testing/selftests/kvm/lib/kvm_util.c @@ -413,14 +413,17 @@ struct kvm_vm *__vm_create(struct vm_shape shape, uint32_t nr_runnable_vcpus, nr_extra_pages); struct userspace_mem_region *slot0; struct kvm_vm *vm; - int i; + int i, flags = 0; pr_debug("%s: mode='%s' type='%d', pages='%ld'\n", __func__, vm_guest_mode_string(shape.mode), shape.type, nr_pages); vm = ____vm_create(shape); - vm_userspace_mem_region_add(vm, VM_MEM_SRC_ANONYMOUS, 0, 0, nr_pages, 0); + if (shape.type == KVM_X86_SNP_VM) + flags |= KVM_MEM_GUEST_MEMFD; + + vm_userspace_mem_region_add(vm, VM_MEM_SRC_ANONYMOUS, 0, 0, nr_pages, flags); for (i = 0; i < NR_MEM_REGIONS; i++) vm->memslots[i] = 0; From patchwork Thu Jan 23 22:00:59 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Pratik R. Sampat" X-Patchwork-Id: 13948675 Received: from NAM12-DM6-obe.outbound.protection.outlook.com (mail-dm6nam12on2062.outbound.protection.outlook.com [40.107.243.62]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 9B0501CDA3F; Thu, 23 Jan 2025 22:02:43 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=fail smtp.client-ip=40.107.243.62 ARC-Seal: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1737669765; cv=fail; b=Djjnv1yKobCCtSxBVDvdgpwU7az7/vCdL0jV0WI6xbKJcFpzgx9+9n+loep87e7mfexw126UVlVc6ArrGfrdC7tOFMsSGJuDMPyW+cNlH5Bfx0ZBuSrt+NMmwTTf9uwJIGlrW1pkFfJW8ijuuyzbAWBaPOroovumYnaxoTYm2+k= ARC-Message-Signature: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1737669765; c=relaxed/simple; bh=MdohzQwl4m5/0EOWMrzox0t0l8LgxvQGRZkx85JR3WU=; h=From:To:CC:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=cvoTlg2MnII5sU5clQSorFAGYDzDxcbG8g7umPD75jTqhkn8oKUcXP/b44CQAO0PsF1QPTlUbvN4V5MLqHxKA14fFIAyGIHcDtirjVbcB+aOYrYiFBy9HfafK6CeYxsK9F4xfJg9gzZQLyB1Z+wmrb80G9xyPhXLlTPsSIEtk7U= ARC-Authentication-Results: i=2; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com; spf=fail smtp.mailfrom=amd.com; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b=ht2KMQc/; arc=fail smtp.client-ip=40.107.243.62 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com Authentication-Results: smtp.subspace.kernel.org; spf=fail smtp.mailfrom=amd.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b="ht2KMQc/" ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=DxcjXDttc4qP3h/HLFta4zvj4nwTC/9gpfjU7siYzQT9ejyRYTo4urH0UZidevtjlXIJgDzP40WU6grBN3FYM893vBWXLzfUwiVzc96hlFdvwhNs8OCDhcxjcg1tsGNFQo/8iPUwHwdmynSZEyGL5lfmNcqfm6ry0pQjFTN32wY1xUefMLSLZl2JxaiqQMKDk/iygsE0c4hzKDpkaLUPU6FTRXVIz2xdClG2NDk2oIXetN/jS3+Sp+CkvZHKzHSCyiND4JMc5yuzhMzTjFi3G094SjLmmBO3bf+1bmYiUHrAP0G8Sps6nBKkpA3N+HoCjs2tT1q1sDbSOF6dPGLKcQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=7E3LkbUAGEKYNAIktDqZTu/UV4pNwsMNzsMfnnwn0Oo=; b=TiZKLJBBOyY/PL+83H3QdwodsUE6OH3X0JE8zsYamIRnx5ZXPrzyW8Wg653pG0Kp6hSkRsvdx0YbAT1MkWOJBI/P+fyXHBoKRaPw/DTipvmZFtglK+f6D+uvs9k4eb5nP647V6lVPpvFae1ukZ0ky1Hpa6TUisfWCWk4epTdosk9G2DLiF/mJoCC9MNmexcq11iB1ggsRtL96vLRTMfw14poeHXQ3jaFO10Vz6FbGsjfc9dJpt1t18WSvb1jkF3CjbdBM3sj1sfeUJot7k8Xvo4Dmu8ZkXC3PncVb12E5yqKf/VMoj4pnUyjIG4Fh8MOG4bEqyrjO9DH5lJmm3wJ+g== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none (0) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=7E3LkbUAGEKYNAIktDqZTu/UV4pNwsMNzsMfnnwn0Oo=; b=ht2KMQc/12mn786VRqzX0Zyx1CSUiDXUIYl795PoRZ8LevqYev5tebwpp7g2H+AScRgYGUHsFyxOuuHn6t/I47pYbKIsNiE+ANlxahYLRVeO82sfkJMKw0mqrndO2lw/LahIifdR8vYB8peZ9ih8WTyRXPn20epJfGOd3J1gu6U= Received: from BYAPR08CA0018.namprd08.prod.outlook.com (2603:10b6:a03:100::31) by SJ2PR12MB8159.namprd12.prod.outlook.com (2603:10b6:a03:4f9::15) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.8293.15; Thu, 23 Jan 2025 22:02:39 +0000 Received: from CO1PEPF000042A7.namprd03.prod.outlook.com (2603:10b6:a03:100:cafe::4) by BYAPR08CA0018.outlook.office365.com (2603:10b6:a03:100::31) with Microsoft SMTP Server (version=TLS1_3, cipher=TLS_AES_256_GCM_SHA384) id 15.20.8356.20 via Frontend Transport; Thu, 23 Jan 2025 22:02:39 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by CO1PEPF000042A7.mail.protection.outlook.com (10.167.243.36) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.8377.8 via Frontend Transport; Thu, 23 Jan 2025 22:02:39 +0000 Received: from sampat-dell.amd.com (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.39; Thu, 23 Jan 2025 16:02:38 -0600 From: "Pratik R. Sampat" To: , , , , CC: , , , , , , , , , , , , , Subject: [PATCH v5 8/9] KVM: selftests: Abstractions for SEV to decouple policy from type Date: Thu, 23 Jan 2025 16:00:59 -0600 Message-ID: <20250123220100.339867-9-prsampat@amd.com> X-Mailer: git-send-email 2.48.1 In-Reply-To: <20250123220100.339867-1-prsampat@amd.com> References: <20250123220100.339867-1-prsampat@amd.com> Precedence: bulk X-Mailing-List: linux-kselftest@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-ClientProxiedBy: SATLEXMB04.amd.com (10.181.40.145) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: CO1PEPF000042A7:EE_|SJ2PR12MB8159:EE_ X-MS-Office365-Filtering-Correlation-Id: dc5a68b5-d557-4477-9fd1-08dd3bf9a730 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0;ARA:13230040|82310400026|376014|7416014|1800799024|36860700013; X-Microsoft-Antispam-Message-Info: kHcl3cBjpBV9z9qWc1EVvWLsDYPvwWXVsTvJ5WAiA10mI1r9omQ7FfX3Sk4oj+/+ef9adv/6zUkqrljjwWOVwGWYJfb0SCM7caKeVNSQgnC2P74BDokYS40PgzWInl9HEEv5pmFBIBuVHrbC7ODsTa+PGjkqhqrYdgs2S9XPVzvOJIRb4fgVw+kKjgUYxwsbpMI6hXT5RhzaUYT06i11VHmUCJqJ/7y2xDg5x560pESm559vhtWGNnWS1HRJAqaaqNIaB1gQjJKzATQ/A+Q+4aDBrweQ8tIWyzDSuIuet4+FrnY5kIlRFFk2nf8+uI/HVy+US8Aam/9xBaxeFUKdOG6vBcs+6iy1l7HuvfjRwFN2pkissK7TqucF5Bi50TNP/CgSgr3k10mvb002jp+D+8/OVxO1YPBtjXew6liDAbqr4vyM1q21CPtXt174xS6Zf3gKt2IF2ag41jxu5G27ugcuRAj3vEkbaCM0JpnByYe4Xgqaemn1242d6SuQ3zUW4SaJVqDBHjkw4rA8uIbwlkZMTQ5O+1JKjb5dw8ltIVts2o0arHZtLMEt81Kl6f/+HrgJe8Ox8r+qd3gDd68jeaZe9zktEHQW8hldr2wOkaIE88LdN6meNu+7n4MQ/CEHqLWupUa4c78PnWuPymMd2aK+M1B7N7MRSwTGcEu1vWH2vTZdRYWJ9q0h5piej0TDhOmR0bjunlYoN2y4rojOWQkCYyRBXkryW2o2GDzZND+/+zlKIbQ5l1jl3YMXEZpUnF8qHodMZa6m3ezRYMfELaNVKhjZjXlrSXMEGVY/PblcEngtHqlC9u3pOuDrqdQg3bUxSuagnUujt1eOWpgsxtvfp8XHVUa9FwOpN+9TIz0ujViPqZMoZvggOFN/3aim31/U970/+7+U9GKSi6BK+7i0HLIdxuRGYFFlPq062rg1Qv5E7sG5Xm9XelFxUqUjYmjpVXqf0t+4eCnIS3ewLnrNF63tVwnWnWz2tYJ/uFAEKtfRmYdn5dA6DttRy5aGZ75wiiTN7+JZ/qrs5yu7QWbNvgAvsJ/qvkzUpYwnS9P7m2UGU4xzWBwsuZmEN2g/UbaWKDmzJrbx9wCebpBnlTeG5mzkjQuNmTP3wDMH40NPEcl5BhrrdMEQozEz4DbnioAhBz8N7vInCOdCfyqvRA/J+vFyPfsptlYkIAwoezttD8E/S6GaEWHd5RW+EtGCM9H9SwrTbSE0cdjB7E1nzGOm+rFDDYlEkTu2VhXdm/5EQ3JdDRvm6guMw3SMUfPA6xbKvO/x9TLQ+cBYDotgajOWr8wYxdnEDrCRg3TcuKXvfZDaHFxdT9egz6d/ymU107go/6OCkucdTTtmth/D8XkjqriUp8HIx38lSiDG/JG1MmoyQHZAOgnLcgPfHjL1h7DExXfgqNmqSECgJlN3z3KybtT6MNqhLsXTP7rWNvHCxR2cBVCjnMWFYIQlwiw/XTL1E82QA545p7x+KV+2w91NsaVI6BpFLKXqxbHa9Q4= X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230040)(82310400026)(376014)(7416014)(1800799024)(36860700013);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 23 Jan 2025 22:02:39.2636 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: dc5a68b5-d557-4477-9fd1-08dd3bf9a730 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: CO1PEPF000042A7.namprd03.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: SJ2PR12MB8159 In preparation for SNP, cleanup the smoke test to decouple deriving type from policy. Introduce, wrappers for SEV and SEV-ES types to abstract the parametrized launch tests calls and reduce verbosity. No functional change intended. Signed-off-by: Pratik R. Sampat --- .../selftests/kvm/x86/sev_smoke_test.c | 50 ++++++++++++------- 1 file changed, 33 insertions(+), 17 deletions(-) diff --git a/tools/testing/selftests/kvm/x86/sev_smoke_test.c b/tools/testing/selftests/kvm/x86/sev_smoke_test.c index b18c78314d5b..3a36cd3ca151 100644 --- a/tools/testing/selftests/kvm/x86/sev_smoke_test.c +++ b/tools/testing/selftests/kvm/x86/sev_smoke_test.c @@ -61,7 +61,7 @@ static void compare_xsave(u8 *from_host, u8 *from_guest) abort(); } -static void test_sync_vmsa(uint32_t policy) +static void __test_sync_vmsa(uint32_t type, uint64_t policy) { struct kvm_vcpu *vcpu; struct kvm_vm *vm; @@ -71,7 +71,7 @@ static void test_sync_vmsa(uint32_t policy) double x87val = M_PI; struct kvm_xsave __attribute__((aligned(64))) xsave = { 0 }; - vm = vm_sev_create_with_one_vcpu(KVM_X86_SEV_ES_VM, guest_code_xsave, &vcpu); + vm = vm_sev_create_with_one_vcpu(type, guest_code_xsave, &vcpu); gva = vm_vaddr_alloc_shared(vm, PAGE_SIZE, KVM_UTIL_MIN_VADDR, MEM_REGION_TEST_DATA); hva = addr_gva2hva(vm, gva); @@ -88,7 +88,7 @@ static void test_sync_vmsa(uint32_t policy) : "ymm4", "st", "st(1)", "st(2)", "st(3)", "st(4)", "st(5)", "st(6)", "st(7)"); vcpu_xsave_set(vcpu, &xsave); - vm_sev_launch(vm, SEV_POLICY_ES | policy, NULL); + vm_sev_launch(vm, policy, NULL); /* This page is shared, so make it decrypted. */ memset(hva, 0, 4096); @@ -107,14 +107,12 @@ static void test_sync_vmsa(uint32_t policy) kvm_vm_free(vm); } -static void test_sev(void *guest_code, uint64_t policy) +static void __test_sev(void *guest_code, uint32_t type, uint64_t policy) { struct kvm_vcpu *vcpu; struct kvm_vm *vm; struct ucall uc; - uint32_t type = policy & SEV_POLICY_ES ? KVM_X86_SEV_ES_VM : KVM_X86_SEV_VM; - vm = vm_sev_create_with_one_vcpu(type, guest_code, &vcpu); /* TODO: Validate the measurement is as expected. */ @@ -149,6 +147,21 @@ static void test_sev(void *guest_code, uint64_t policy) kvm_vm_free(vm); } +static void test_sev(uint64_t policy) +{ + __test_sev(guest_sev_code, KVM_X86_SEV_VM, policy); +} + +static void test_sev_es(uint64_t policy) +{ + __test_sev(guest_sev_es_code, KVM_X86_SEV_ES_VM, policy); +} + +static void test_sync_vmsa_sev_es(uint64_t policy) +{ + __test_sync_vmsa(KVM_X86_SEV_ES_VM, policy); +} + static void guest_shutdown_code(void) { struct desc_ptr idt; @@ -160,16 +173,14 @@ static void guest_shutdown_code(void) __asm__ __volatile__("ud2"); } -static void test_sev_es_shutdown(void) +static void __test_sev_shutdown(uint32_t type, uint64_t policy) { struct kvm_vcpu *vcpu; struct kvm_vm *vm; - uint32_t type = KVM_X86_SEV_ES_VM; - vm = vm_sev_create_with_one_vcpu(type, guest_shutdown_code, &vcpu); - vm_sev_launch(vm, SEV_POLICY_ES, NULL); + vm_sev_launch(vm, policy, NULL); vcpu_run(vcpu); TEST_ASSERT(vcpu->run->exit_reason == KVM_EXIT_SHUTDOWN, @@ -179,25 +190,30 @@ static void test_sev_es_shutdown(void) kvm_vm_free(vm); } +static void test_sev_es_shutdown(uint64_t policy) +{ + __test_sev_shutdown(KVM_X86_SEV_ES_VM, SEV_POLICY_ES); +} + int main(int argc, char *argv[]) { const u64 xf_mask = XFEATURE_MASK_X87_AVX; TEST_REQUIRE(kvm_cpu_has(X86_FEATURE_SEV)); - test_sev(guest_sev_code, SEV_POLICY_NO_DBG); - test_sev(guest_sev_code, 0); + test_sev(SEV_POLICY_NO_DBG); + test_sev(0); if (kvm_cpu_has(X86_FEATURE_SEV_ES)) { - test_sev(guest_sev_es_code, SEV_POLICY_ES | SEV_POLICY_NO_DBG); - test_sev(guest_sev_es_code, SEV_POLICY_ES); + test_sev_es(SEV_POLICY_ES | SEV_POLICY_NO_DBG); + test_sev_es(SEV_POLICY_ES); - test_sev_es_shutdown(); + test_sev_es_shutdown(SEV_POLICY_ES); if (kvm_has_cap(KVM_CAP_XCRS) && (xgetbv(0) & kvm_cpu_supported_xcr0() & xf_mask) == xf_mask) { - test_sync_vmsa(0); - test_sync_vmsa(SEV_POLICY_NO_DBG); + test_sync_vmsa_sev_es(SEV_POLICY_ES); + test_sync_vmsa_sev_es(SEV_POLICY_NO_DBG | SEV_POLICY_ES); } } From patchwork Thu Jan 23 22:01:00 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Pratik R. Sampat" X-Patchwork-Id: 13948676 Received: from NAM10-DM6-obe.outbound.protection.outlook.com (mail-dm6nam10on2058.outbound.protection.outlook.com [40.107.93.58]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id C83581CEEAA; Thu, 23 Jan 2025 22:02:56 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=fail smtp.client-ip=40.107.93.58 ARC-Seal: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1737669778; cv=fail; b=W1sNR4V1ZaQRr3B7OLRMJb9goOffWkq9Ddm6Wm7tDuOz7RUdCosTdJEmhAqxIqaJD5eEbxKdfQ0DY6oZyS/bMVJbZknbtOSPcRfUhCdnlJvvmtT1B6IN9ywzdUyLYwxkm+4Ve5lBFj+Jxc/QHXLQ0k7awIJ1VHHU7MQTzpV8SEM= ARC-Message-Signature: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1737669778; c=relaxed/simple; bh=baNWJFyvFX53D9vG1aONZADKkeSjZ+6+MU51aeEs3YE=; h=From:To:CC:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=b8Bos0ZglelyneoLNywxOQLxOVIyJFVfsNjFwuTS/yQ7gmwR1fPPVYe4j05YL4xLBhBkmmmZ5/Cr+KMZYWM3q+9hkkALqZdYWhVmnn1NGRgaYlazPjuJvokjh0jMJP5SWAgsUHD5bw1rmTd3llqJWQFCNQYUyfOttVXllVUikEQ= ARC-Authentication-Results: i=2; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com; spf=fail smtp.mailfrom=amd.com; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b=tJMQPPW5; arc=fail smtp.client-ip=40.107.93.58 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com Authentication-Results: smtp.subspace.kernel.org; spf=fail smtp.mailfrom=amd.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b="tJMQPPW5" ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=rZX/eqWYa5uKqGQ9jqThD775ZwMVUFqipdosMpCfbpj+6NGeDUHpsr00dK2NYpsUplWai8MvKT0//MdKCQnMHIyRGZ6bycezfftFItrmbtxJQtJffCjDYP5ULcYULS5PWBSpn/DNhDjJ6I4DjlZKhflb4GsdPnVLblcjCb1hSZ31V9hLQu+oMZL/6yWw5qZmGxU76OF0SWPP/YtE2UE/qTk3o0zJq3FMapEqfHbyvYQN2V+N5yMgkEjd3PQwMZxUgNwES1bIZWYVIzxEIqFZjHxKb72eIiZwP5mzKzvgRM8KGWDTj+ZPvtRP+DpClikkOslgyEw2K9VRj3h6valSnQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=xvatRHAmmGxgKeSNj+Fz65HPMywfEd3Okhzo3KqvHqA=; b=sRjKFgjU6lQa7kd6KmycBANyFC6jjGGhZch5mwlVn+1MCD7MYqsC9bgMO0iVshtdsXGri1EMsRMV3OEhBtiddsrbnW6BEvBUt41Yee82BNgDt+lZZUZRq62WaZkIRii1Oe9A9twQzTLm6dHu2Lhy9gdgu0hgSvRlzkkQy8bhrVbsGWhW7id0fbeX/vow2u90mvwt5JNIZaFsghR7Sb08t04CPstn0NXqBUxJqSkLNvqPZCclAZuqhhek72gNtMyIQS50kMGttU0tk+ZDX+VjNRCIpzQDF1kBFuxGZP9hWn+CO8RNtw8hExCCOcimDx7dfCNnG8Qngv/ZQyENH3/nKw== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=vger.kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none (0) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=xvatRHAmmGxgKeSNj+Fz65HPMywfEd3Okhzo3KqvHqA=; b=tJMQPPW5S64Az5wJPH1/GLJ0DLWUX1iQf8RLIUBhh2HdV9WszjrQP7mL8vNUTthTzADwZwo/+6z07G7DqPUYuv4jH3wmdiO07eNitKaiknrBPKpMGmz6b3Cp89xkGfosYslXrdDrQAA/OXdtaXdd0IpoUme2cC5qmrZeM5TFN9U= Received: from MW4PR04CA0181.namprd04.prod.outlook.com (2603:10b6:303:86::6) by PH8PR12MB7026.namprd12.prod.outlook.com (2603:10b6:510:1bd::19) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.8377.18; Thu, 23 Jan 2025 22:02:51 +0000 Received: from CO1PEPF000042AA.namprd03.prod.outlook.com (2603:10b6:303:86:cafe::99) by MW4PR04CA0181.outlook.office365.com (2603:10b6:303:86::6) with Microsoft SMTP Server (version=TLS1_3, cipher=TLS_AES_256_GCM_SHA384) id 15.20.8356.21 via Frontend Transport; Thu, 23 Jan 2025 22:02:51 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by CO1PEPF000042AA.mail.protection.outlook.com (10.167.243.39) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.8377.8 via Frontend Transport; Thu, 23 Jan 2025 22:02:51 +0000 Received: from sampat-dell.amd.com (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.39; Thu, 23 Jan 2025 16:02:49 -0600 From: "Pratik R. Sampat" To: , , , , CC: , , , , , , , , , , , , , Subject: [PATCH v5 9/9] KVM: selftests: Add a basic SEV-SNP smoke test Date: Thu, 23 Jan 2025 16:01:00 -0600 Message-ID: <20250123220100.339867-10-prsampat@amd.com> X-Mailer: git-send-email 2.48.1 In-Reply-To: <20250123220100.339867-1-prsampat@amd.com> References: <20250123220100.339867-1-prsampat@amd.com> Precedence: bulk X-Mailing-List: linux-kselftest@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-ClientProxiedBy: SATLEXMB04.amd.com (10.181.40.145) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: CO1PEPF000042AA:EE_|PH8PR12MB7026:EE_ X-MS-Office365-Filtering-Correlation-Id: f1071918-f6df-44f2-e83b-08dd3bf9ae3e X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0;ARA:13230040|36860700013|82310400026|1800799024|376014|7416014; X-Microsoft-Antispam-Message-Info: p7ii+zJXzjPT3keNxKoE2XYvUlngNQAonIiRLD9QeJddBL8IPiM0bKgyn7VOmpT5beL11k/m46aS5pzzrMGULrUba1mPYClA20HTc7AsEOhhFDlsWfD/2aCX5fWtf3r0UUGW1ePbFHU0+BH994UZ2jTDy3mcHq4M5IYex2sN7RE3DCBEvcwOpQebTJ8+iV895wlhv7BzB77vBVKIaEQFqg1iiFYGt4GEaLB7iS9hWCHpx87p/GELoKwRH2UbcKTHJTsLQ7TwJCb3xJyCbIXSC07NBTfqFDLK/cN0ZInJSpMRP05nkOvAUIEbCG4YUiAD8AlATtejvvoZFYKurydvCOdhHHcGbkzWRufO9pLBhG5Zv34O4ZZrBWLaH/vOT5HNQ+1q1PjUvmbAyk6XQLZQ0TULR1NX5mbzQ48a1LR6BKugrJvPVnqpZu7drmYeUJ0GhfVevSb5OjOzwouo7VMt/QtqehSbqnc3GIhdvr2ocJgmJlvYauMz9ragoUGs0WIWNhqHe0EsI3OeKpaiIkFQw2zZYKk3uweJVAAu9xsg2Fvw3oJaJw2V1aRORTY4OuJEExo5v4gIv0T6XaB9yx2OP/CYQwLbfNt7ICndotbdUjCJu6lvpI2k60lcMR0gOmJ/yPSS8/niTungLQqlaGHN/A0nHYIY4A7JcqAYqWBOt4Y7KcUN5lemC8l1WPZK8flnWxvQkWjt8QZWkjswqYSp+ny7B1tsUTi/LWsSGZU+yGgK+razRhEbxJ6dL12kT5+FQFf9IGUCgjVN6tTA0ApiX0wCz4662q0nrp/x79wA5TPWRN6xdQkUz+XyveUR7ERlkdTe+l79zX3SX2VCcT6TQgQgkwu6goGyn/woxu9dBOWUgQJJFj3tqzqqQ/wCWPKWj/UTHjO07/MieheJbo4GVCpRpiaaU8BMNS5RKhRTzLcwNrKdqKzbXqaHi2Q+Qsptj8pz0/b4dz2rTFqFld3oRq3nYRMXTYluBEGkX7sAm19ENsf7ukMUHg1KIwEKlzR8rkxKYZ+4g5zGY0CfxbbrSo1e9gyw7ypDqgsq1tRwKDfZiGCtL6RfM6uDPVUtiBmZZk6nMnWuHOKWfxk25wu6uwKnfh5RGndRMY/tJItGiRZSde5xx38HQWlTVNBsdudzQUlVV1jnVUnVgfM0NYk13bA3KWuk7Z3XgtN4+gSJG0mKe2yRxltEx65I5fGhnd6ZoS9djDRbZjBG9MaU8AeZn9EK0XFPMQOF3FYob6OOi2lY51wvrq7uY91MCRGJIikwWEar0FJnVLC0PycILF4gr/EjGFGsVSBTtmOnLyky5ifHdy171ZnykoJzE5PPdWxpffKkuJZ6hC4+JH8HGSercRJG8OdY9P1AIKY40SrKXDKTUON1r9+CK3YmBHB9Z5roDdg5a7LRayIY8dRLJLjg0l4nDBOZXVhdzT+0cyY9hKpiKtGXTj63c6IlqiLwcm9evnV/nUjDwjDpQq/RZr8nTx8YRkBQRrK7av26uyi6Fdg= X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230040)(36860700013)(82310400026)(1800799024)(376014)(7416014);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 23 Jan 2025 22:02:51.1169 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: f1071918-f6df-44f2-e83b-08dd3bf9ae3e X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: CO1PEPF000042AA.namprd03.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: PH8PR12MB7026 Extend sev_smoke_test to also run a minimal SEV-SNP smoke test that initializes and sets up private memory regions required to run a simple SEV-SNP guest. Similar to its SEV-ES smoke test counterpart, this also does not support GHCB and ucall yet and uses the GHCB MSR protocol to trigger an exit of the type KVM_EXIT_SYSTEM_EVENT. Signed-off-by: Pratik R. Sampat --- .../selftests/kvm/x86/sev_smoke_test.c | 42 +++++++++++++++++++ 1 file changed, 42 insertions(+) diff --git a/tools/testing/selftests/kvm/x86/sev_smoke_test.c b/tools/testing/selftests/kvm/x86/sev_smoke_test.c index 3a36cd3ca151..4fcd0f6290ae 100644 --- a/tools/testing/selftests/kvm/x86/sev_smoke_test.c +++ b/tools/testing/selftests/kvm/x86/sev_smoke_test.c @@ -16,6 +16,18 @@ #define XFEATURE_MASK_X87_AVX (XFEATURE_MASK_FP | XFEATURE_MASK_SSE | XFEATURE_MASK_YMM) +static void guest_snp_code(void) +{ + uint64_t sev_msr = rdmsr(MSR_AMD64_SEV); + + GUEST_ASSERT(sev_msr & MSR_AMD64_SEV_ENABLED); + GUEST_ASSERT(sev_msr & MSR_AMD64_SEV_ES_ENABLED); + GUEST_ASSERT(sev_msr & MSR_AMD64_SEV_SNP_ENABLED); + + wrmsr(MSR_AMD64_SEV_ES_GHCB, GHCB_MSR_TERM_REQ); + VMGEXIT(); +} + static void guest_sev_es_code(void) { /* TODO: Check CPUID after GHCB-based hypercall support is added. */ @@ -157,11 +169,21 @@ static void test_sev_es(uint64_t policy) __test_sev(guest_sev_es_code, KVM_X86_SEV_ES_VM, policy); } +static void test_snp(uint64_t policy) +{ + __test_sev(guest_snp_code, KVM_X86_SNP_VM, policy); +} + static void test_sync_vmsa_sev_es(uint64_t policy) { __test_sync_vmsa(KVM_X86_SEV_ES_VM, policy); } +static void test_sync_vmsa_snp(uint64_t policy) +{ + __test_sync_vmsa(KVM_X86_SNP_VM, policy); +} + static void guest_shutdown_code(void) { struct desc_ptr idt; @@ -195,6 +217,11 @@ static void test_sev_es_shutdown(uint64_t policy) __test_sev_shutdown(KVM_X86_SEV_ES_VM, SEV_POLICY_ES); } +static void test_snp_shutdown(uint64_t policy) +{ + __test_sev_shutdown(KVM_X86_SNP_VM, policy); +} + int main(int argc, char *argv[]) { const u64 xf_mask = XFEATURE_MASK_X87_AVX; @@ -217,5 +244,20 @@ int main(int argc, char *argv[]) } } + if (kvm_cpu_has(X86_FEATURE_SNP)) { + uint64_t snp_policy = snp_default_policy(); + + test_snp(snp_policy); + /* Test minimum firmware level */ + test_snp(snp_policy | SNP_FW_VER_MAJOR(SNP_MIN_API_MAJOR) | + SNP_FW_VER_MINOR(SNP_MIN_API_MINOR)); + + test_snp_shutdown(snp_policy); + + if (kvm_has_cap(KVM_CAP_XCRS) && + (xgetbv(0) & kvm_cpu_supported_xcr0() & xf_mask) == xf_mask) + test_sync_vmsa_snp(snp_policy); + } + return 0; }