From patchwork Fri Jan 31 01:10:44 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Kalra, Ashish" X-Patchwork-Id: 13955053 Received: from NAM04-DM6-obe.outbound.protection.outlook.com (mail-dm6nam04on2078.outbound.protection.outlook.com [40.107.102.78]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 16307EED8; Fri, 31 Jan 2025 01:10:58 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=fail smtp.client-ip=40.107.102.78 ARC-Seal: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1738285860; cv=fail; b=LVxEvrd0OT2zXoMaaYFgS7vWpkvRoZizqjipKlXgaWjiGzi8f2ugmb5ytx30iI8FiOU22upPYHITTU/o06KhSyQOq5Xwetil8eakwL2w+V33TcekliaAzcHBcmhTtp5HXrUpLsN3pD7x/3uo1ntSD0FaZkoYAbFgGW8mCdBNujA= ARC-Message-Signature: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1738285860; c=relaxed/simple; bh=IN3j3lG5fHn7z+BQB1kUUA9bCgxBei41bmpthlePhB8=; h=From:To:CC:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=pxNOBOU0X739RnT9dGdgMkBN2mP74VYS+dpetRnuXCYwzlPyeV13G/rLnHihZOR8HZRrCJDOqjTUuXTXU2jdL0hcyHbThIMak6JCAL9+DU1eKGUlkF2FdgxDwmRM35S/VF8MbgUd8EDzVwTngg8FVB6rCTsKTYM3LzbTu75ptTo= ARC-Authentication-Results: i=2; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com; spf=fail smtp.mailfrom=amd.com; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b=vIVfk7oS; arc=fail smtp.client-ip=40.107.102.78 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com Authentication-Results: smtp.subspace.kernel.org; spf=fail smtp.mailfrom=amd.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b="vIVfk7oS" ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=VYfT+rvMgdsXg3swH+HbPNQfEjlxfjX4Re7PrLT0mFJsqDVNfwTETY9TOlV23b17P+GIeN6FyFEbi/O8gKrLh1jvji30H/Co78S/E2F0e68faylHymolT7CaIGyUwo6lKERtCegYw+sM30A7DDY4EGdTlpNh3IcrKmbnNHGt8qIcpBLUuaob+atl+9QUYCEeirEcwEk7LOA4HPj+VAtHlLuUNAbPtZ8VhMnWcv131IlsSVKYW+PD4iPCvot1+g9BxV4UPmDw1tQtKqEWG3NpaASKXMK6VZ+LAWJr2d7CWkYMrsYSnz1qXgvRC5FIX2UqQ+n7lm7B1VhaZJPzf5cHPw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=vWwO4jA2v5JVx6PjIOvO2ESrWhKsgmFmobTwuNzzSV8=; b=mA2m9PYw2jjqG+j60lRVb6gl+2o/JmusIkn3xXC4kYyrqcMi9weL9L4aLnL31auwlescivUFYDrD8Jw8i9OM3ziWgR/VuiC/xa1K3mNCPBugPIacHmxFqXZRrgMZu2BUXu4mHMYLAgXxDmK2lfF/VLYy2QsMi5FBs9DTMV15EaYP3J16XJ+iZhCtipbFq6C8x8M2TTe0eM8n67XgDhnOhHZR3v4SOs2PrTzvtn9J80vJPOZnlZKZjoyTYbwnaC07bkOV6r5zuULuMxma/rFH0gWZP6CVmItGb3IDVPZzwni+Ulk0r3/drwA1Ai/byz09ch6qn2Dgzn3PUe3RqTm+FA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=google.com smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none (0) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=vWwO4jA2v5JVx6PjIOvO2ESrWhKsgmFmobTwuNzzSV8=; b=vIVfk7oSKcBY5LmemOsV6bDcKLc70hQoi2/tpanEwQq+q1/xtKFuUWIrNT4XXd9vHcC/RWnzLWLo2iixVQa8wvFFN7cxbA/CZvvfwsmzXD3zezPfNyT9r/ShhD4rtkDNHgnxBvZ5OiBdTB7QpbBf30qZr+UQUjBA99cbn+ws/m4= Received: from SJ0PR05CA0101.namprd05.prod.outlook.com (2603:10b6:a03:334::16) by PH7PR12MB6420.namprd12.prod.outlook.com (2603:10b6:510:1fc::18) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.8398.20; Fri, 31 Jan 2025 01:10:54 +0000 Received: from SJ5PEPF000001CD.namprd05.prod.outlook.com (2603:10b6:a03:334:cafe::e8) by SJ0PR05CA0101.outlook.office365.com (2603:10b6:a03:334::16) with Microsoft SMTP Server (version=TLS1_3, cipher=TLS_AES_256_GCM_SHA384) id 15.20.8377.13 via Frontend Transport; Fri, 31 Jan 2025 01:10:54 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by SJ5PEPF000001CD.mail.protection.outlook.com (10.167.242.42) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.8398.14 via Frontend Transport; Fri, 31 Jan 2025 01:10:54 +0000 Received: from ethanolx7e2ehost.amd.com (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.39; Thu, 30 Jan 2025 19:10:53 -0600 From: Ashish Kalra To: , , , , , , , , , , , , , , , CC: , , , , , , , , , , Subject: [PATCH v2 1/4] crypto: ccp: Add external API interface for PSP module initialization Date: Fri, 31 Jan 2025 01:10:44 +0000 Message-ID: <5f412ea77cb1940a185176b171d6eb6f9c2ac6ed.1738274758.git.ashish.kalra@amd.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: References: Precedence: bulk X-Mailing-List: kvm@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-ClientProxiedBy: SATLEXMB04.amd.com (10.181.40.145) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: SJ5PEPF000001CD:EE_|PH7PR12MB6420:EE_ X-MS-Office365-Filtering-Correlation-Id: 9c92f20f-a7e1-4152-4534-08dd41941c93 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0;ARA:13230040|376014|7416014|36860700013|82310400026|1800799024|7053199007|921020; X-Microsoft-Antispam-Message-Info: MuOhxkIYYPYfydrur3OiOgF5DaHCOSdQJ4hEDQ6CqII/p0bU4YC6EMTvJn2E4zVGyU2y76hJZVRahlOaJInX0QP4s29ai1FQjC2RwjAeh6r+XbtUAG8XPPx9U3r7sIteHG1kEL3Jb2xoicNQJAObYNGooYRMhttwoU+x3861tyzprKNlgX6mMwnWiGVHsj6ctmQG7OA+9cNOAN/ELlD7e2LnkAiEAFrb1f1vWo+0Hw+DBJvUkp+2Nrsx/SH1hYxfETDujEeHxCBDUF34IJe1OYJLonlCB0+Pn32LR7lJZA/oWURfATZn53F5dt5HlOcBZsVyKZ7iFpsqP1mSdsyVp1bkkkkdupAG/e/mJxzn2iyFieAwiekRBWOsv6D8QgiEjRMJ3uE1ZWqfzTYyXDhC8ND0xeY6XgQBBHhbIIF3nClgzhEIVbg7uI0M5anxd4M+1irbhhujSEKpFgXzVMMnNJrBfVOc1YKrPJvJtiERW/W1COPFXRDi9hcQfWXi4Ubu1gBEO7Ke1PJD6TC0uPUfBDnCsWJK6NDNNFEPgeT/XiIpQv+b6uzD620tkXga0TTfMFMuGcFeW6f7SAY+inHW7XkSufgu7bUMMbppl/Wu8n3QBNcZx6KL2joYSyKJk7euIWO4rq4n1FopcvxAqAhZbGfOn+FxsK3XgVQrRsJs8Ljx0zIgfOS0dcaigWBhQEKaWmm41f0Ay0xa35LDpnI7HYpCGaK5VJExjmUF1bl7nKvWmZAgB3wg1aaDQj7sPk/FtQse6W62EmFuHaauTkIn4UJHYyFBmbvmAJZVQplcUBiGuVLBHJQ3O5OuNVGDbEx2tSV66zLzNh+5kZfY0ua6IqRiHnnC+lZy6Scv9ar1mVOXnsTxehBgNIzGelo39surdRw2hp52yrWp9b7vsxXWVkn0zKBPJduL/2AUYwvC17P3x5jFFj22STmashUMtX66e80/GYUm41TNItYiOZOc6rOPWrtCPrn3wgnhUrKRCmT1bvHX7edzBGmjGZUQlVUWmz0oQi+bucSBOrrPV6inlysyt6n+RaRRRYUCchXVqg3sJh0xH/Nw7FZFWNDwrfnr5e5gRz+i8PwM8sMLT0Txt9m+v6BjuFRqZeF4eRqUe406PG/EGIeR71eJXamtfCXScj/j0RxDJMIbpGDKjNYL+/QAxvxmbVchYBNBm8tm1DAZtoD8JI5lfEm2E9WrJKhd/u0VDZf9A87CMBRLdsTWiyIzZZp2YS7akMOuNPPgS9eaSgECUpzsRnWAeZI48kWUF8DJtv+y/2hrPoNhNC0vrBsrRutSk0E5vE4ZTOO2B0B5/3YccQZeErKCDckK5fcb8+BzUKYSlVWooYMstUtQO8y48hPnyUAgNKuJ0vcqm6qZd2PdxfJpcnmpcCcpDXATX7YzYJLhHicTwRcGqPUI23PvIO53QWfdzAA8SDWNNH3632GjZxPcdTDsglpeBMbwsrCwmDUZMZJUNoR9Mxd1/QwOTjjwpzslut3Kx2Sq+W8= X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230040)(376014)(7416014)(36860700013)(82310400026)(1800799024)(7053199007)(921020);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 31 Jan 2025 01:10:54.5294 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 9c92f20f-a7e1-4152-4534-08dd41941c93 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: SJ5PEPF000001CD.namprd05.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: PH7PR12MB6420 From: Sean Christopherson KVM is dependent on the PSP SEV driver and PSP SEV driver needs to be loaded before KVM module. In case of module loading any dependent modules are automatically loaded but in case of built-in modules there is no inherent mechanism available to specify dependencies between modules and ensure that any dependent modules are loaded implicitly. Add a new external API interface for PSP module initialization which allows PSP SEV driver to be loaded explicitly if KVM is built-in. Signed-off-by: Sean Christopherson Co-developed-by: Ashish Kalra Signed-off-by: Ashish Kalra --- drivers/crypto/ccp/sp-dev.c | 14 ++++++++++++++ include/linux/psp-sev.h | 9 +++++++++ 2 files changed, 23 insertions(+) diff --git a/drivers/crypto/ccp/sp-dev.c b/drivers/crypto/ccp/sp-dev.c index 7eb3e4668286..3467f6db4f50 100644 --- a/drivers/crypto/ccp/sp-dev.c +++ b/drivers/crypto/ccp/sp-dev.c @@ -19,6 +19,7 @@ #include #include +#include "sev-dev.h" #include "ccp-dev.h" #include "sp-dev.h" @@ -253,8 +254,12 @@ struct sp_device *sp_get_psp_master_device(void) static int __init sp_mod_init(void) { #ifdef CONFIG_X86 + static bool initialized; int ret; + if (initialized) + return 0; + ret = sp_pci_init(); if (ret) return ret; @@ -263,6 +268,8 @@ static int __init sp_mod_init(void) psp_pci_init(); #endif + initialized = true; + return 0; #endif @@ -279,6 +286,13 @@ static int __init sp_mod_init(void) return -ENODEV; } +#if IS_BUILTIN(CONFIG_KVM_AMD) && IS_ENABLED(CONFIG_KVM_AMD_SEV) +int __init sev_module_init(void) +{ + return sp_mod_init(); +} +#endif + static void __exit sp_mod_exit(void) { #ifdef CONFIG_X86 diff --git a/include/linux/psp-sev.h b/include/linux/psp-sev.h index 903ddfea8585..f3cad182d4ef 100644 --- a/include/linux/psp-sev.h +++ b/include/linux/psp-sev.h @@ -814,6 +814,15 @@ struct sev_data_snp_commit { #ifdef CONFIG_CRYPTO_DEV_SP_PSP +/** + * sev_module_init - perform PSP SEV module initialization + * + * Returns: + * 0 if the PSP module is successfully initialized + * negative value if the PSP module initialization fails + */ +int sev_module_init(void); + /** * sev_platform_init - perform SEV INIT command * From patchwork Fri Jan 31 01:11:01 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Kalra, Ashish" X-Patchwork-Id: 13955054 Received: from NAM12-MW2-obe.outbound.protection.outlook.com (mail-mw2nam12on2086.outbound.protection.outlook.com [40.107.244.86]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 64058446DD; Fri, 31 Jan 2025 01:11:18 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=fail smtp.client-ip=40.107.244.86 ARC-Seal: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1738285879; cv=fail; b=AkhCUi0ROHUlp2XErnZj1PfNqUNgINHzWAloxhkmwkg7Y62yB/gV5dMr7Fx7P1rmmvoWuEc6SbRqSeQkXIS0a68K896Fn7tec1cnseAPtWZq0RbGORxAhDaO2IC+yvknY5/NdLF1Um1L7NDpMLmlF5B4nuoa2iMR/3MGz/acbig= ARC-Message-Signature: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1738285879; c=relaxed/simple; bh=7WPyINjt4vVECCZnSSPFcwG48U0l2woE59xvg7GyExg=; h=From:To:CC:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=MeDnbLzKS7GreSwzbwzMH/OElnH5EsJKqgh4snV2guOrREZFHEH2W/ASVtCikSbiwk9cDus/bhe+HNQXAmnSEGNpJiHV/Wz/wnbkUB9qHas0ThFe35CjuBybY8kZMYxzH5KbRtvbNREplvNdecN1TIp4Oziyj8KDN99Xkko5hB8= ARC-Authentication-Results: i=2; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com; spf=fail smtp.mailfrom=amd.com; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b=PwpRzFs7; arc=fail smtp.client-ip=40.107.244.86 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com Authentication-Results: smtp.subspace.kernel.org; spf=fail smtp.mailfrom=amd.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b="PwpRzFs7" ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=FvWUXoku/V8x/GStLh7Vja7aE0LaV5yE3czlV+YVuE/tCiJRTAzrcWBwAbkO0s+JwsN7C2wsHtye6N5WdKrLCDpfGHy+qj65tpTGWYVzODzBMfemxxY14mJoSspyqf6qc8f8AHMyo4eczk3Z0/aKRq2JW56PZFti65Oc/dGKHbmk5fCL7jQJ0Y/43P8jc717nV5gtiBbRvDZRnjRlkKPwdHMy0HSpN5g7YAZH1RUf11scOkvL4ZRhiCEzLZwc99WvsGj7NuJQ6m7xBJa9yEPvg0ihAdBmGmDqR+Gw2Z8n22FsHAnS93BLvq9N+py+eccMei1nZ969K8ZB1HbOihxKQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=hww26veQwhWBHwE2boXJ5gZejKVoBbnRh9idtz6eCJE=; b=OkzP164NdFhhyC+prB/74aeX1nlH9EvsHTSJthAILd5tJqwt3IcuSwxBRm0npk5eduQMRkIUC/vyJuC1IZqyQKIWDq8Y1NFV3BMqE+M+uljdFFM0hFMdOvh660dPlElyeD6NoI+DUnbO/yTkcdup59b/lHkAnHFzG1BaoGnmT7yd6K7DItraP/sI6MtXV08CfcIF8cbJd5h2Zs22Mq0E4L0sQ9SJYqpOscaoWU2h+dXmu1PvO+L8UYhwB1D4gJROqi2p/g10Hgs12+KZnqu95QoZ6JT+RnSLE6b0tRwqtTSyA63pdk4+1bRfDuGUPS7QJknchQUOvmqrUvgrr4HpPA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=google.com smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none (0) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=hww26veQwhWBHwE2boXJ5gZejKVoBbnRh9idtz6eCJE=; b=PwpRzFs7a5WGJLeNAVhZVjBXMgTatOe8OT7lUHM/U6Vs7HPIQ/eIG9Oyhx2JOoiEAdfhiZtG8xHkcfNV1hfp3MoaXVLBpMPGgjNpvS2UeH1R9N1bHBuE5UPMsmePTK8XmJUCVGtlzVeZZ5v5HToYdEcepL9HoTQpKa4SmSH8wjw= Received: from BYAPR01CA0007.prod.exchangelabs.com (2603:10b6:a02:80::20) by DS7PR12MB6191.namprd12.prod.outlook.com (2603:10b6:8:98::21) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.8377.23; Fri, 31 Jan 2025 01:11:12 +0000 Received: from SJ5PEPF000001CC.namprd05.prod.outlook.com (2603:10b6:a02:80:cafe::fb) by BYAPR01CA0007.outlook.office365.com (2603:10b6:a02:80::20) with Microsoft SMTP Server (version=TLS1_3, cipher=TLS_AES_256_GCM_SHA384) id 15.20.8398.20 via Frontend Transport; Fri, 31 Jan 2025 01:11:12 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by SJ5PEPF000001CC.mail.protection.outlook.com (10.167.242.41) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.8398.14 via Frontend Transport; Fri, 31 Jan 2025 01:11:12 +0000 Received: from ethanolx7e2ehost.amd.com (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.39; Thu, 30 Jan 2025 19:11:10 -0600 From: Ashish Kalra To: , , , , , , , , , , , , , , , CC: , , , , , , , , , , Subject: [PATCH v2 2/4] KVM: SVM: Ensure PSP module is initialized if KVM module is built-in Date: Fri, 31 Jan 2025 01:11:01 +0000 Message-ID: <05ab5f574c8cd9f47c5794bec59bf089b793c833.1738274758.git.ashish.kalra@amd.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: References: Precedence: bulk X-Mailing-List: kvm@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-ClientProxiedBy: SATLEXMB04.amd.com (10.181.40.145) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: SJ5PEPF000001CC:EE_|DS7PR12MB6191:EE_ X-MS-Office365-Filtering-Correlation-Id: b089863a-ecdd-4bee-1cbb-08dd41942700 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0;ARA:13230040|7416014|82310400026|376014|1800799024|36860700013|7053199007|921020; X-Microsoft-Antispam-Message-Info: 2RYDUCg3SamGHXdY80ImXTMgeJKp9Q5RqkoSCVUTIYP/OO03Jcr1vRp7E1hiJPAyKmXWMPb2xfVsdqskwDLJm4x27vzEOe9MDSrNyw80mlloNaGkO2HARg+z39NuDL7s9H3WqiwK5FAlgcg5vpnVe7cGnjjIQC/fnYYEDzEWS5NNL1NDsGhtp+P36S950dDFJEUNyV7rHOHWuPOjU+Ebk4/hDyJa6hXL/xqYV9Sr+Qn7IR6qQ0MbRDJG1kdWehhiJ2hYRj6n7ANFemwDuQ6Um7Ecb+pqsqQix0GP/gAcloL+k80Y2N6U8eBJWtsLSxX24YldXIbfLiEyqNH42b/B/ngJ8W/dxpPfcPxdmkC/jm6L4DEdTpAevqeqspcCanjuCd/aLwrwT0SLlQF/LHCEitV6hR464ZxB3dhFdtOTiJdTqmKTWw3iPj5U8/wKDWIF5U12o7Sn169DyAtJbsaOXagipf8HsbbAZsdd7Q5D6SH2QyaJgdswMu+Q3XeJoRYR5Jj6OgJEbyW5WYvj1enpxo0W8YLhEMPQSHwLFOcf8O4oZ18juFomrUcyTJsHcdVWTCC9bL7P+nSP0sossjX98rdXBJaTPjlWNha669tptk+JHoxW0oc4TbTH/p9HmGNT2JJsiif8A+rUn+pOKKdjk/O6hITy1rIB6Xbb2A6zSeUyEFogecrNIy6MLYko1jxqDc5YMefce8VNMt5oRK1PPp/q8U5KbseWUDkTcFzx6odx/Nu9hqWWD2IrS6DY2FKS8LtQKtizgfmExzBLxH/3YKzdcpCCcTtg22HpVrVyvXTmkk5b4XlLj0E38/uIHTPwBwBsXc0X+qA+c6j6vKPm3b9s+yfMrOcjxoybC3MMsrg6i0TabTFGvfJeDtFLCUKTKad+kdCj5sJ8otpDTLpKS6XLhxFCV9AlAydhlfKBUuwgX4UkaQbscdgqaav1/MMkUxfOUHLpftUyzK03eva5vHV9djNa+/7prsUcmaFJ1vCmCmlltfvNgM5a883BFFYnvruzy+Et1EV2qlIowC6wooW5ax7joNy30sO7PYyl1xoitAkGDvvAvLablZ/vbEWTZMN4ELFWNGGvTDBKva1Maz2zx8bYqASFa6RBSFe/i9KuOMOUP1C7prHDvsITPaZKjSD67XIAcpVEIJzPrnNbgKiBiSoxytzLcRsUSVKIGFMWQAfH2hrsKiHfuoPFJ5IQ/XMoRwyNBXzYqrF/IgcOy3zpnCi8FynCBnOR0v6n+WE8xM0ZtJ+lQUczXqyBqlubGTyXLcZh/eSIVJA7mBV4hq6TTT6pifuKis40+R6+IRbmXhaODc4vjBMqXUzKUlGoTLHz7F/EesZUU4+JTN3SkrvdRRBg3i3pYJep/iqAaEU6OnXyuwYyaEN3PLUZJpFCbWb4qijcpmAwHQs6pGUYQAOxhfpNbFmDCAi+M2SIhXfM2KQVT8jmRxaZvpA0Z7Vj4JI1ZMwpvmnT3uagbZF7AtbIhBk4MBc/9djZlZpAtoQb56AwZvX3zD5Vhf5UKASP X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230040)(7416014)(82310400026)(376014)(1800799024)(36860700013)(7053199007)(921020);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 31 Jan 2025 01:11:12.0199 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: b089863a-ecdd-4bee-1cbb-08dd41942700 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: SJ5PEPF000001CC.namprd05.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: DS7PR12MB6191 From: Sean Christopherson The kernel's initcall infrastructure lacks the ability to express dependencies between initcalls, whereas the modules infrastructure automatically handles dependencies via symbol loading. Ensure the PSP SEV driver is initialized before proceeding in sev_hardware_setup() if KVM is built-in as the dependency isn't handled by the initcall infrastructure. Signed-off-by: Sean Christopherson Signed-off-by: Ashish Kalra --- arch/x86/kvm/svm/sev.c | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c index a2a794c32050..0dbb25442ec1 100644 --- a/arch/x86/kvm/svm/sev.c +++ b/arch/x86/kvm/svm/sev.c @@ -2972,6 +2972,16 @@ void __init sev_hardware_setup(void) WARN_ON_ONCE(!boot_cpu_has(X86_FEATURE_FLUSHBYASID))) goto out; + /* + * The kernel's initcall infrastructure lacks the ability to express + * dependencies between initcalls, whereas the modules infrastructure + * automatically handles dependencies via symbol loading. Ensure the + * PSP SEV driver is initialized before proceeding if KVM is built-in, + * as the dependency isn't handled by the initcall infrastructure. + */ + if (IS_BUILTIN(CONFIG_KVM_AMD) && sev_module_init()) + goto out; + /* Retrieve SEV CPUID information */ cpuid(0x8000001f, &eax, &ebx, &ecx, &edx); From patchwork Fri Jan 31 01:11:16 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Kalra, Ashish" X-Patchwork-Id: 13955055 Received: from NAM10-DM6-obe.outbound.protection.outlook.com (mail-dm6nam10on2046.outbound.protection.outlook.com [40.107.93.46]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 51B7211CA0; Fri, 31 Jan 2025 01:11:32 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=fail smtp.client-ip=40.107.93.46 ARC-Seal: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1738285895; cv=fail; b=FvmrE6vXPOdI+HaVuTUvv1LEgxvrFVmmft3iugazANFOlY3Bme0+YimuGHPzyrW938odr2xmMXk4f/x45Ib025tzJQDL59FeDgoUVCrtA5NkeAU+P7tmqZ7a1EIuXWlf/dI2ELzMr1iaRj6+P4UPZ8QPMpGZAgUdYmEPHgyYfaI= ARC-Message-Signature: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1738285895; c=relaxed/simple; bh=18VFga2A8U+f99oeKM021zUOftlyBdM23l5rIu2JuuE=; h=From:To:CC:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=mHN/bFCY1k+6csr/fjcaIJNEI9wiLKv+IGRwbKR8RWxSKBDJzkDtb5inV4cCp5r2RU0p+p20mn6FSgPZh267VheeOekLvqEkEy+M/PJROZmHzkOk8fU5/9+OzRtuR2Kv8qGX9xk4LA8Bxtt8aiBwx7HAWy6GST4t0ujvL7F/UuU= ARC-Authentication-Results: i=2; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com; spf=fail smtp.mailfrom=amd.com; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b=JrsxfvXM; arc=fail smtp.client-ip=40.107.93.46 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com Authentication-Results: smtp.subspace.kernel.org; spf=fail smtp.mailfrom=amd.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b="JrsxfvXM" ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=YXuwg2gv+oRvmMEWmjmUUh73ujl5Yk4U7qWZXbDv9SewdRhCiAla+u/mYHEb+CEal4tqBo94BqjMlay1TY40hQ4zutRoiNkpo0sY7rSCPSggOM7m/swh1XbwGXbQ6T6JClJgXnOkvBbj09ZouJ/f1uJjDiLEgT7+7jeXmzcwp12rOlPkRB77Nozt96UC29LAHEojFEnVYK8CRNzxXmoADXdwwjVVCmc5AHb8LsLlkM8JZ1ExJVyqmMr2mRTjLrxwU+HnqL087btg2uFp+cEdhsH+CRV45LjIBipBJufdcvy9CN7+J183TXn07ER5XwwnqjPdYG6nKuTVDQroioNGqg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=HtivGPbnb883clbG9t0WfS7v7VES/bz2yFmdZ6WXJAk=; b=l7eAKJfKkNANekKkvOhNXJTGjjiMnob5Qp/gcSzkKRny6XbP+bC/BddBvWIhei5t5p7x3DFcUZ413jyMAh8vAA3JqO0yKoBRVkvQtZs97Mc8bia7UnhdZMzdNA2Hf6PPue5VDnJ56Q1w1NKpUP97PKzIcNlqI2oSnleCYwmGSfvbGCI7c7qkqJG20mlJdsxnSC+Dbd4NiaV6waK/rgHrjctz9AfqkG3k2fVlRI5kQTVao01TcdBgW/w+0UO7x79uaTC5IgnhmDegJh/ghIp4b9NOzzYakGLKU3JQy+St1fnVyDGgWgryZeF+E1slS46fMhXudwbvbFWDKraxYHTtQg== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=google.com smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none (0) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=HtivGPbnb883clbG9t0WfS7v7VES/bz2yFmdZ6WXJAk=; b=JrsxfvXMvwYw5O70cqVusCBfB8HyJfbTarG+HUUwp8qvZAPeeT5ny/2Y49hhHUskkQDPuvGunx25tennHvdFNq2DcJecjafCwHztT26vdCqTCcv18TIGxpmmdSBEoKRkPB936NKjGzmQID7BCWizSIQcLjRro6pnpq9wGkajaYk= Received: from BY3PR10CA0028.namprd10.prod.outlook.com (2603:10b6:a03:255::33) by SJ2PR12MB7866.namprd12.prod.outlook.com (2603:10b6:a03:4cc::13) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.8398.17; Fri, 31 Jan 2025 01:11:28 +0000 Received: from SJ5PEPF000001CA.namprd05.prod.outlook.com (2603:10b6:a03:255:cafe::c4) by BY3PR10CA0028.outlook.office365.com (2603:10b6:a03:255::33) with Microsoft SMTP Server (version=TLS1_3, cipher=TLS_AES_256_GCM_SHA384) id 15.20.8398.18 via Frontend Transport; Fri, 31 Jan 2025 01:11:28 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by SJ5PEPF000001CA.mail.protection.outlook.com (10.167.242.39) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.8398.14 via Frontend Transport; Fri, 31 Jan 2025 01:11:28 +0000 Received: from ethanolx7e2ehost.amd.com (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.39; Thu, 30 Jan 2025 19:11:26 -0600 From: Ashish Kalra To: , , , , , , , , , , , , , , , CC: , , , , , , , , , , Subject: [PATCH v2 3/4] x86/sev: Fix broken SNP support with KVM module built-in Date: Fri, 31 Jan 2025 01:11:16 +0000 Message-ID: <8f73fc5a68f6713ba7ae1cbdbb7418145c4bd190.1738274758.git.ashish.kalra@amd.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: References: Precedence: bulk X-Mailing-List: kvm@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-ClientProxiedBy: SATLEXMB04.amd.com (10.181.40.145) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: SJ5PEPF000001CA:EE_|SJ2PR12MB7866:EE_ X-MS-Office365-Filtering-Correlation-Id: ff4b437b-9deb-4ef9-25d3-08dd419430b9 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0;ARA:13230040|1800799024|376014|7416014|82310400026|36860700013|921020|13003099007; X-Microsoft-Antispam-Message-Info: yZFS5pQUMbDVIPMM6bIvE/7HXY77xV3oTeSIlzCl5dIGCBvGJcM26TXKUnCgDBAAgXJYi9hcfYmvxtCAfnjBI8l9SnRSyuZTdyPWwc+rSTJcekoQIlHxezmqmUHDtEbrRPxJNt+GkOF1subjBb05LyBgOFa/ckFPva2Id2B+4a3HI8q4QaIANK1HWqevx/IAQTnzGYnxXCHRhyUHYigummCxTOfy4vCi9mhTJxc14jBufgL7tK/4KBRj8+uKfRi0d1PR9JJQnCwsV09Cb8i1YtRoZTkAftTdobqfrl5hKDJcmxnBCQ+qpEFLSUus5HPOjFnDkT21lvTa2Hwg81a9wnarQvR38s0eR18jnEVBdyJnJm0ldOh/fkXZ6lRGtQR0qqP7jzhyW7j8+iH6Fqx5gNHjdGgxFrkeJxIu/hajxVg7vLgKn2dDmWbc9L8l+IqcUHlat8BRdxVLjFewIBAG1AKsRI3IYPiP/b87qeB+JarkT3DQQ94607vhoiARmbVguZpuNlSSgw0Elj8zVSZhmNE07N8B5+v25BbyV6D56+e5TjbzcZOMq6mv3INLVGtk06u7SMLqpEktu4wQ+ODr+CaVqEaFJ8kcQ+nPfmSfNJh+pgVpe78avie8ylbIUB02lKomfGjQY9qEIFOROdGqmVCBtxupOkhX5OQgbRGR4PFRSr32S8cq9uofl3/HN72/27mw3WhNTMEMo7gkHRqOai4beJNnbrDm+EUk3yu7aHLdkQWxDwPWexQo+60kweLnCjd4UUbUvokdPS22LoWpy3g5chSCSFxAZZTkxoveECR4La3vMEmMZmA6dj4bmYeEPUSrtmy0pdwSN9m0VaE52Rue6v6yMks2DGycmGDeT4BXRgB8n8g2+vWQNfJUnECJrGkrd7v0UboOogbPveJ3hdVX8CumjWo9isvS9nPXE/yBdvzrNpMP21emkk1ECuxuuiUSwckOxMtTkGHDpcaulchmwLhNagBWbxMRFqyxox697VPWb08ktPHiY93+6uDmGMc2KKfML+rHhluINMg3BVR7JmACAJDYl/Vm1gK71H8qJH1UU+fK9Snu59DAEeBIA/H+tsqFSEUghnRsE3DZ0lJAv14BqYg0phPUSkYQa8R5CQMeAIlSrHn2bkT766Eq4hQfYQ8oL8R59hMDznqMH4ZTCzTIrmaPrqnEFaZAFWo4EzvLdOvvRoP+1kd6ZCKCS9IKcd8o/zut0EJgDxv1RxY/JvvrjsMHmutXFZY5ujtqBDzyKhDKoHRcBqX7VrS+2P1Ubt9zquJNnIW63qM+q9LEcs43FRtkut2yToTPj735v41uJ1Wm46Qey1uzrCcWXT7iZqtuAUXJNL8FocEdxBlYiHetGsi9JDt+Aah9er7SJOq2PIAnqJcrzUgb703rBsvZR3FEObl7GKFvQpsOKx+o0Geec1HrahC8oYqYUUa6FvX89G+px+iTOvuso4cm9FIM6u3h8i46bXmutVBWcF43/YsdLgiYZ6ZA+XE9PeeALq9svxYvO9Yve7URgEi+ X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230040)(1800799024)(376014)(7416014)(82310400026)(36860700013)(921020)(13003099007);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 31 Jan 2025 01:11:28.3321 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: ff4b437b-9deb-4ef9-25d3-08dd419430b9 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: SJ5PEPF000001CA.namprd05.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: SJ2PR12MB7866 From: Ashish Kalra This patch fixes issues with enabling SNP host support and effectively SNP support which is broken with respect to the KVM module being built-in. SNP host support is enabled in snp_rmptable_init() which is invoked as a device_initcall(). Here device_initcall() is used as snp_rmptable_init() expects AMD IOMMU SNP support to be enabled prior to it and the AMD IOMMU driver enables SNP support after PCI bus enumeration. Now, if kvm_amd module is built-in, it gets initialized before SNP host support is enabled in snp_rmptable_init() : [ 10.131811] kvm_amd: TSC scaling supported [ 10.136384] kvm_amd: Nested Virtualization enabled [ 10.141734] kvm_amd: Nested Paging enabled [ 10.146304] kvm_amd: LBR virtualization supported [ 10.151557] kvm_amd: SEV enabled (ASIDs 100 - 509) [ 10.156905] kvm_amd: SEV-ES enabled (ASIDs 1 - 99) [ 10.162256] kvm_amd: SEV-SNP enabled (ASIDs 1 - 99) [ 10.171508] kvm_amd: Virtual VMLOAD VMSAVE supported [ 10.177052] kvm_amd: Virtual GIF supported ... ... [ 10.201648] kvm_amd: in svm_enable_virtualization_cpu And then svm_x86_ops->enable_virtualization_cpu() (svm_enable_virtualization_cpu) programs MSR_VM_HSAVE_PA as following: wrmsrl(MSR_VM_HSAVE_PA, sd->save_area_pa); So VM_HSAVE_PA is non-zero before SNP support is enabled on all CPUs. snp_rmptable_init() gets invoked after svm_enable_virtualization_cpu() as following : ... [ 11.256138] kvm_amd: in svm_enable_virtualization_cpu ... [ 11.264918] SEV-SNP: in snp_rmptable_init This triggers a #GP exception in snp_rmptable_init() when snp_enable() is invoked to set SNP_EN in SYSCFG MSR: [ 11.294289] unchecked MSR access error: WRMSR to 0xc0010010 (tried to write 0x0000000003fc0000) at rIP: 0xffffffffaf5d5c28 (native_write_msr+0x8/0x30) ... [ 11.294404] Call Trace: [ 11.294482] [ 11.294513] ? show_stack_regs+0x26/0x30 [ 11.294522] ? ex_handler_msr+0x10f/0x180 [ 11.294529] ? search_extable+0x2b/0x40 [ 11.294538] ? fixup_exception+0x2dd/0x340 [ 11.294542] ? exc_general_protection+0x14f/0x440 [ 11.294550] ? asm_exc_general_protection+0x2b/0x30 [ 11.294557] ? __pfx_snp_enable+0x10/0x10 [ 11.294567] ? native_write_msr+0x8/0x30 [ 11.294570] ? __snp_enable+0x5d/0x70 [ 11.294575] snp_enable+0x19/0x20 [ 11.294578] __flush_smp_call_function_queue+0x9c/0x3a0 [ 11.294586] generic_smp_call_function_single_interrupt+0x17/0x20 [ 11.294589] __sysvec_call_function+0x20/0x90 [ 11.294596] sysvec_call_function+0x80/0xb0 [ 11.294601] [ 11.294603] [ 11.294605] asm_sysvec_call_function+0x1f/0x30 ... [ 11.294631] arch_cpu_idle+0xd/0x20 [ 11.294633] default_idle_call+0x34/0xd0 [ 11.294636] do_idle+0x1f1/0x230 [ 11.294643] ? complete+0x71/0x80 [ 11.294649] cpu_startup_entry+0x30/0x40 [ 11.294652] start_secondary+0x12d/0x160 [ 11.294655] common_startup_64+0x13e/0x141 [ 11.294662] This #GP exception is getting triggered due to the following errata for AMD family 19h Models 10h-1Fh Processors: Processor may generate spurious #GP(0) Exception on WRMSR instruction: Description: The Processor will generate a spurious #GP(0) Exception on a WRMSR instruction if the following conditions are all met: - the target of the WRMSR is a SYSCFG register. - the write changes the value of SYSCFG.SNPEn from 0 to 1. - One of the threads that share the physical core has a non-zero value in the VM_HSAVE_PA MSR. The document being referred to above: https://www.amd.com/content/dam/amd/en/documents/processor-tech-docs/revision-guides/57095-PUB_1_01.pdf To summarize, with kvm_amd module being built-in, KVM/SVM initialization happens before host SNP is enabled and this SVM initialization sets VM_HSAVE_PA to non-zero, which then triggers a #GP when SYSCFG.SNPEn is being set and this will subsequently cause SNP_INIT(_EX) to fail with INVALID_CONFIG error as SYSCFG[SnpEn] is not set on all CPUs. This patch fixes the current SNP host enabling code and effectively SNP which is broken with respect to the KVM module being built-in. Essentially SNP host enabling code should be invoked before KVM initialization, which is currently not the case when KVM is built-in. Now, snp_rmptable_init() will be called early from iommu_snp_enable() directly and not invoked via device_initcall() which enables SNP host support before KVM initialization with kvm_amd module built-in. Fixes: c3b86e61b756 ("x86/cpufeatures: Enable/unmask SEV-SNP CPU feature") Co-developed-by: Sean Christopherson Signed-off-by: Sean Christopherson Signed-off-by: Ashish Kalra --- arch/x86/include/asm/sev.h | 2 ++ arch/x86/virt/svm/sev.c | 23 +++++++---------------- 2 files changed, 9 insertions(+), 16 deletions(-) diff --git a/arch/x86/include/asm/sev.h b/arch/x86/include/asm/sev.h index 5d9685f92e5c..1581246491b5 100644 --- a/arch/x86/include/asm/sev.h +++ b/arch/x86/include/asm/sev.h @@ -531,6 +531,7 @@ static inline void __init snp_secure_tsc_init(void) { } #ifdef CONFIG_KVM_AMD_SEV bool snp_probe_rmptable_info(void); +int snp_rmptable_init(void); int snp_lookup_rmpentry(u64 pfn, bool *assigned, int *level); void snp_dump_hva_rmpentry(unsigned long address); int psmash(u64 pfn); @@ -541,6 +542,7 @@ void kdump_sev_callback(void); void snp_fixup_e820_tables(void); #else static inline bool snp_probe_rmptable_info(void) { return false; } +static inline int snp_rmptable_init(void) { return -ENOSYS; } static inline int snp_lookup_rmpentry(u64 pfn, bool *assigned, int *level) { return -ENODEV; } static inline void snp_dump_hva_rmpentry(unsigned long address) {} static inline int psmash(u64 pfn) { return -ENODEV; } diff --git a/arch/x86/virt/svm/sev.c b/arch/x86/virt/svm/sev.c index 1dcc027ec77e..42e74a5a7d78 100644 --- a/arch/x86/virt/svm/sev.c +++ b/arch/x86/virt/svm/sev.c @@ -505,19 +505,19 @@ static bool __init setup_rmptable(void) * described in the SNP_INIT_EX firmware command description in the SNP * firmware ABI spec. */ -static int __init snp_rmptable_init(void) +int __init snp_rmptable_init(void) { unsigned int i; u64 val; - if (!cc_platform_has(CC_ATTR_HOST_SEV_SNP)) - return 0; + if (WARN_ON_ONCE(!cc_platform_has(CC_ATTR_HOST_SEV_SNP))) + return -ENOSYS; - if (!amd_iommu_snp_en) - goto nosnp; + if (WARN_ON_ONCE(!amd_iommu_snp_en)) + return -ENOSYS; if (!setup_rmptable()) - goto nosnp; + return -ENOSYS; /* * Check if SEV-SNP is already enabled, this can happen in case of @@ -530,7 +530,7 @@ static int __init snp_rmptable_init(void) /* Zero out the RMP bookkeeping area */ if (!clear_rmptable_bookkeeping()) { free_rmp_segment_table(); - goto nosnp; + return -ENOSYS; } /* Zero out the RMP entries */ @@ -562,17 +562,8 @@ static int __init snp_rmptable_init(void) crash_kexec_post_notifiers = true; return 0; - -nosnp: - cc_platform_clear(CC_ATTR_HOST_SEV_SNP); - return -ENOSYS; } -/* - * This must be called after the IOMMU has been initialized. - */ -device_initcall(snp_rmptable_init); - static void set_rmp_segment_info(unsigned int segment_shift) { rmp_segment_shift = segment_shift; From patchwork Fri Jan 31 01:11:41 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Kalra, Ashish" X-Patchwork-Id: 13955056 Received: from NAM12-DM6-obe.outbound.protection.outlook.com (mail-dm6nam12on2071.outbound.protection.outlook.com [40.107.243.71]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 8460F1DFE1; Fri, 31 Jan 2025 01:11:55 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=fail smtp.client-ip=40.107.243.71 ARC-Seal: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1738285917; cv=fail; b=Mc3sZ7nyHZAmY128mnc9A1wuDdRRxK9frCB2407iVDjumMB9RJnAbc7lE5Eu1Xy5zPbpxiavFHo+Ku/XD6/0xp0PDFolNAqP/Zmnr101Msvd5KKy0+81YDz60g7mGqUm6b/0duLXqJMZFTjXRKDq9ExAKkueOg3IyXV9pZ/F0T4= ARC-Message-Signature: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1738285917; c=relaxed/simple; bh=H/nBg4Zc1nh3nPUAIQXGEA7kS5QyrvbPY8pOE0UvBLI=; h=From:To:CC:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=fFeLMi9IXarkdKuLpns3MbUYthLPSJnmprnXtR/L8B8g5Sq1lccCnFR3K0dmqhr3hS+2EYsrxx/B44WZmkIcFn3cCVIEAKvxd368hhKCATLKn73VusAHiE9bwE4QK4u0uW8UQkZaXHCihdmQZ7XUwP4pOrLpUQNExSzGeXTcgWw= ARC-Authentication-Results: i=2; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com; spf=fail smtp.mailfrom=amd.com; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b=0dF19iJY; arc=fail smtp.client-ip=40.107.243.71 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com Authentication-Results: smtp.subspace.kernel.org; spf=fail smtp.mailfrom=amd.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b="0dF19iJY" ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=n8wC1FVg4kteBeO8ciaUbF7EeV28aND8tFhFxesXs+egEPtbPuOZ6Y7JvBse81b+dbjuh5cb77iCZNsKgzUFdbcLXpZeAPBdMGz36QDjx37JOMpcb3DMYfDf/ASyVEzMxTvxBus60nSHhoYCmE7SPv+r1QcxYb8RdpYkAu8SPT+1HNlWp+3SfvUVbq8QcaY+333ATf4qy7EDBi/B/TEDvBVDZCWzINYqkxFrbc2CwIu88hc5vg5vsXJJ1OQSrjxn5ma/+/AlYszWDoRd6L7RH4Onb8XMxPimIx6w73fjPYOxP+eRzEyUCHd557ROSf/fXDMCTvPcz9xfqP022KCygg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=imxMxzQd+WdWw2I5byQVY4Qx0TKjDCCfijUXYFK5VnA=; b=O2oCarTBgyxveR6qrISYNnpMDoWqNjbO5Qx/oUY3YQqDHIQ3E1UIzOijMP0/hXKrfVsiwIbeC9B1RD98l84U2Vd6jRBd+DznLTbM/GosbB9ElwapM91Zmd0DZ+869Acj/V5oQl5vMiDfr+2nqnU6U7cZTs0078AqZM7BgSQe6Wkve+3HNmjH/7p5bdQUaHOSa6JCUCAlGt8QaLA0+8jF5SQGoD4VO2LyFOJZp/+D8bexMtsvCwgm+9z6bdTJWAIk0LngnmnTpr4etmsu+7R1MYOySmXPLxR+/11QXc6kMC6ca0CvhbfAHrbD8wFhSOEc9BYBiZfA5Q0x6ry/5gVaAw== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=google.com smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none (0) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=imxMxzQd+WdWw2I5byQVY4Qx0TKjDCCfijUXYFK5VnA=; b=0dF19iJY+upZ2EuRBIlJIq5psJVUNnZLVVlynNvZ7YHGTNBfx+nq8GmjIB1HlYZLqSOZ5oQCXPR1lbDhlgulZWGPxQQRDARsglxWyNLfP0mvHkJ47p7niaZW64H+19jl05tjz++jRlZQwhTJ7kdxs7EAruaksx6IwF5d1ln8Caw= Received: from BY3PR05CA0002.namprd05.prod.outlook.com (2603:10b6:a03:254::7) by CYYPR12MB8964.namprd12.prod.outlook.com (2603:10b6:930:bc::10) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.8398.20; Fri, 31 Jan 2025 01:11:52 +0000 Received: from SJ5PEPF000001C9.namprd05.prod.outlook.com (2603:10b6:a03:254:cafe::43) by BY3PR05CA0002.outlook.office365.com (2603:10b6:a03:254::7) with Microsoft SMTP Server (version=TLS1_3, cipher=TLS_AES_256_GCM_SHA384) id 15.20.8398.16 via Frontend Transport; Fri, 31 Jan 2025 01:11:51 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by SJ5PEPF000001C9.mail.protection.outlook.com (10.167.242.37) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.8398.14 via Frontend Transport; Fri, 31 Jan 2025 01:11:51 +0000 Received: from ethanolx7e2ehost.amd.com (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.39; Thu, 30 Jan 2025 19:11:50 -0600 From: Ashish Kalra To: , , , , , , , , , , , , , , , CC: , , , , , , , , , , Subject: [PATCH v2 4/4] iommu/amd: Enable Host SNP support after enabling IOMMU SNP support Date: Fri, 31 Jan 2025 01:11:41 +0000 Message-ID: X-Mailer: git-send-email 2.34.1 In-Reply-To: References: Precedence: bulk X-Mailing-List: kvm@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-ClientProxiedBy: SATLEXMB04.amd.com (10.181.40.145) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: SJ5PEPF000001C9:EE_|CYYPR12MB8964:EE_ X-MS-Office365-Filtering-Correlation-Id: c358e58c-580f-49cb-9ac7-08dd41943e8a X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0;ARA:13230040|36860700013|7416014|376014|1800799024|82310400026|7053199007|921020; X-Microsoft-Antispam-Message-Info: 0MgtX+qq6sr/OB/suRpT1eytIDHv7rUtu/NU9c9rSTIjk/wIsX4+/FlF0uJAZf54F7NyQA19tDpgtPca7oNC7fBKvVsbIvRZHvC6tGTtKjLgZGXp2AnzQft1ICBw1UFu5sa7/aWBOweVX7XKODMuOL+WhYrSs3tg+vVmRJj/22o9MOOtNJdOKbs4RbcNaPrH+7nlaj2H3pxCy1JwzqWxZvFG3lZPkDbnl2qaWBzg25E96HFCftlGI7srBygTfpLQ8Xp6Z2AZAFQpGkF7uE3uNOlX2LA6aCug9h29uyPhlUBkknagCUA0U9+1Q4PfsFN+rg5rxbSyBJiGNWOUlP8cvzzzl+vdXJRsFlsP+Pu7kPawg3a5VSyCjxaZjVZxWR/qyBTELw8ozpt1lMi+8YphUk0VE6vup+jyMi6ER0SpGzmdqU8YJblBNQCRRjdHXXaZVs/IoVJhCbdGpchYlH0O2olS99K4l7Z0gPDaDnLUOSPgd6fQEcKv7HrkzVSvkhpSon3C2f3tawDWHB0Q9yTtyGscCNcnaIrdwLuLtzSlHwaTDs+AuUPNDTc8Vlf7lyQ1/Rv9FxY0uxDDEYN1JvRGcSBNQ9nCyLIrdvOSw9DawJjJ2K8b1Qti6qy8QucKIUHxJXGbI6uv3fYt4+3SyTykrg5AcGJ8hWBEnxs+R2/+XjmtSgyhEAgv1TM4sNC8VIFqMNTM3288/aMdmdqMUVdudyDrjNklhp3KT99bMp6Z4pUWGsNvdlKDSrLyKpcdxD9+zMCCCZma/P1NMEqBmT1jlOcx8zNOlfxnL316nTFdkw+Ij0LszQ8tIFgE3AZZAR4KIcBZ/If2O15EEO+nhYtCm+xjk1VSO5sdBEz823/jKMPcpmN+7cNbTRSNMd5ECHeUeff9Cm4q3SoAVL1Ov0DMynwqIl6Fc94QzBUT+xiDtEolbEtSM7FfZSDEwxuEtagFjKsqdiWEBPF3lVxzS63ztEkozY8CIkmI97zNMkq3GA4ywZ31z/HgKf6nR4xj2JsXlYtk65b8EdX6CHIhibFURRIq5SNWjaa/lD+Dl2GwVVDthDCkWThsxJOW1MQmKtacxNv6SnFoBkbgcbioBFu4MUaMrLj1okgu2c5PS98FoFL+enob0u145ddjymYzzUJLGSxFBfW0Om2nQewVYjL3tKSpH+kM8BHUoi3yTHuW6hZNbDOPHTDCOsqeQK3kC0QSDIdfIH2b5YrWepDYb9EuszdsbzDE1y9ujbNIJgIfIYHigTH0kmiOMYZ8cIFtGjXXpor1rYMICP1n20J//qZ/p7Qd7BG0q8ZGQ9umeMHKL0wrmZ61WTnyGiqJ3Ptyr67oRRUUsESponRT47JeziD6rFdeuWreXyFG2ZE0KF0gogNgoMV6q37jlHbcVZjkPcuqRt+DhA8SQw3yGvRL0EUnKPDcP2k80caK6pv3uowZ831jLJobgRTZbwWOLK9b1353+3JKBmDSpkMFJSNj8JJt9bLiUT2FE9G548+hhzGVmAY2kgFZuUKWkvnnpChgXd/q X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230040)(36860700013)(7416014)(376014)(1800799024)(82310400026)(7053199007)(921020);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 31 Jan 2025 01:11:51.5152 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: c358e58c-580f-49cb-9ac7-08dd41943e8a X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: SJ5PEPF000001C9.namprd05.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: CYYPR12MB8964 From: Sean Christopherson This patch fixes the current SNP host enabling code and effectively SNP which is broken with respect to the KVM module being built-in. SNP check on IOMMU is done during IOMMU PCI init (IOMMU_PCI_INIT stage). And for that reason snp_rmptable_init() is currently invoked via device_initcall() and cannot be invoked via subsys_initcall() as core IOMMU subsystem gets initialized via subsys_initcall(). Essentially SNP host enabling code should be invoked before KVM initialization, which is currently not the case when KVM is built-in as SNP host support is enabled via device_initcall() which is required as SNP check on IOMMU is done during IOMMU PCI init. Hence, call snp_rmptable_init() early and directly from iommu_snp_enable() (after checking and enabling IOMMU SNP support) which enables SNP host support before KVM initialization with kvm_amd module built-in. Add additional handling for `iommu=off` or `amd_iommu=off` options. If IOMMU initialization fails and iommu_snp_enable() is never reached, CC_ATTR_HOST_SEV_SNP will be left set but that will cause PSP driver's SNP_INIT to fail as IOMMU SNP sanity checks in SNP firmware will fail as below: [ 9.723114] ccp 0000:23:00.1: sev enabled [ 9.727602] ccp 0000:23:00.1: psp enabled [ 9.732527] ccp 0000:a2:00.1: enabling device (0000 -> 0002) [ 9.739098] ccp 0000:a2:00.1: no command queues available [ 9.745167] ccp 0000:a2:00.1: psp enabled [ 9.805337] ccp 0000:23:00.1: SEV-SNP: failed to INIT rc -5, error 0x3 [ 9.866426] ccp 0000:23:00.1: SEV API:1.53 build:5 ... and that will cause CC_ATTR_HOST_SEV_SNP flag to be cleared. Fixes: 04d65a9dbb33 ("iommu/amd: Don't rely on external callers to enable IOMMU SNP support") Co-developed-by: Vasant Hegde Signed-off-by: Vasant Hegde Signed-off-by: Sean Christopherson Signed-off-by: Ashish Kalra --- drivers/iommu/amd/init.c | 18 ++++++++++++++---- 1 file changed, 14 insertions(+), 4 deletions(-) diff --git a/drivers/iommu/amd/init.c b/drivers/iommu/amd/init.c index c5cd92edada0..ee887aa4442f 100644 --- a/drivers/iommu/amd/init.c +++ b/drivers/iommu/amd/init.c @@ -3194,7 +3194,7 @@ static bool __init detect_ivrs(void) return true; } -static void iommu_snp_enable(void) +static __init void iommu_snp_enable(void) { #ifdef CONFIG_KVM_AMD_SEV if (!cc_platform_has(CC_ATTR_HOST_SEV_SNP)) @@ -3219,6 +3219,11 @@ static void iommu_snp_enable(void) goto disable_snp; } + if (snp_rmptable_init()) { + pr_warn("SNP: RMP initialization failed, SNP cannot be supported.\n"); + goto disable_snp; + } + pr_info("IOMMU SNP support enabled.\n"); return; @@ -3426,18 +3431,23 @@ void __init amd_iommu_detect(void) int ret; if (no_iommu || (iommu_detected && !gart_iommu_aperture)) - return; + goto disable_snp; if (!amd_iommu_sme_check()) - return; + goto disable_snp; ret = iommu_go_to_state(IOMMU_IVRS_DETECTED); if (ret) - return; + goto disable_snp; amd_iommu_detected = true; iommu_detected = 1; x86_init.iommu.iommu_init = amd_iommu_init; + return; + +disable_snp: + if (cc_platform_has(CC_ATTR_HOST_SEV_SNP)) + cc_platform_clear(CC_ATTR_HOST_SEV_SNP); } /****************************************************************************