Message ID | 20240228024147.41573-4-seanjc@google.com |
---|---|
State | New |
Headers |
Return-Path: <linux-kernel+bounces-84429-ouuuleilei=gmail.com@vger.kernel.org> Delivered-To: ouuuleilei@gmail.com Received: by 2002:a05:7300:a81b:b0:108:e6aa:91d0 with SMTP id bq27csp3098543dyb; Tue, 27 Feb 2024 18:43:05 -0800 (PST) X-Forwarded-Encrypted: i=3; AJvYcCWCS62YnfywWCoc1kHClJM1kubQUCpM6VlKEOmgIvND9eBKqofK/YBE2+AC6rxYbcfK5JcIvZLsM2WI3dUUsUfsh2Jeww== X-Google-Smtp-Source: AGHT+IH6iCVUIQLH/xqhWE1ygFDs0MZTVABgVJbsxpqTlKZE1bLtzQbLYK2QixkZbcyLTYS/O4pu X-Received: by 2002:a05:622a:1652:b0:42e:7da7:5024 with SMTP id y18-20020a05622a165200b0042e7da75024mr11542860qtj.50.1709088185077; Tue, 27 Feb 2024 18:43:05 -0800 (PST) ARC-Seal: i=2; a=rsa-sha256; t=1709088185; cv=pass; d=google.com; s=arc-20160816; b=S0FKDv75QtKNkpW47UMQJs0QG2yEKbINTcBrq/hIgyokQFyYZsiW3/thQR8AQXivYq v3WP5xebkmrojBmqIMA+ss52sZlhdoQRrjmPiZa1ie6gCFOGqYyjQjZg2xbvy+Y8+Uvb 68kP1up5PXTGR0AHxiJFs5WkzvA+uP/SsbFjGotowD+6GUjSKsP//1962JaU7kPvgVqj 6/JcHpwp4OCRb0qQYwvR1pRhmrZRX65uzULLu2KS0O7UMWiHZp/g6xu0V+5XgMYl2ONa LMaFLa71ODYbpehVJj6X/9/zuCUz1jJFqIDnMaidDK7tETzWc7kCo88NHt9EqjISCMps SDzg== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:cc:to:from:subject:message-id:references :mime-version:list-unsubscribe:list-subscribe:list-id:precedence :in-reply-to:date:reply-to:dkim-signature; bh=5/L3RUGH7+uAkBQWkVD/RBnetvTxq10PRbhVuv1Z2Es=; fh=28C6szmwZzNVCgVaKfxKmWO621/zMUm79GOagBZD0m4=; b=xd3rDVuQgHpJffdhh3iv+/atr+q7bmqI6xVd++pUv4KTikmVz2YHznyHC9rGWCa5Cf xJIDZm7rpjriihPNmSDPDwSqFho9kbGQcS1H5zrODZtCI6Js+PrqTH/mVg5N0Q284hT3 /6WOEWEdRIv0uHFg8B9p4rz4Qr8C6JK0qTiPddRCzSSHcpLU+E6L3E0NGqEnJ2m+8fVS CyxfwhzFjVCsGf2R9c+8MMgPVwXUNCPeBwaoxtO8evH4PyO9A9L+rA0ASQgVfetMbbjf hMj+la3JCnBUy6/g7G1op15CU37PrP9gokwesGUwPInVMnv6LuVlFTWzKndt4WXMSiJg EGSQ==; dara=google.com ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@google.com header.s=20230601 header.b=VzOej303; arc=pass (i=1 spf=pass spfdomain=flex--seanjc.bounces.google.com dkim=pass dkdomain=google.com dmarc=pass fromdomain=google.com); spf=pass (google.com: domain of linux-kernel+bounces-84429-ouuuleilei=gmail.com@vger.kernel.org designates 147.75.199.223 as permitted sender) smtp.mailfrom="linux-kernel+bounces-84429-ouuuleilei=gmail.com@vger.kernel.org"; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: from ny.mirrors.kernel.org (ny.mirrors.kernel.org. [147.75.199.223]) by mx.google.com with ESMTPS id f18-20020ac84992000000b0042e74b6ff6dsi8180645qtq.80.2024.02.27.18.43.04 for <ouuuleilei@gmail.com> (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 27 Feb 2024 18:43:05 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel+bounces-84429-ouuuleilei=gmail.com@vger.kernel.org designates 147.75.199.223 as permitted sender) client-ip=147.75.199.223; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20230601 header.b=VzOej303; arc=pass (i=1 spf=pass spfdomain=flex--seanjc.bounces.google.com dkim=pass dkdomain=google.com dmarc=pass fromdomain=google.com); spf=pass (google.com: domain of linux-kernel+bounces-84429-ouuuleilei=gmail.com@vger.kernel.org designates 147.75.199.223 as permitted sender) smtp.mailfrom="linux-kernel+bounces-84429-ouuuleilei=gmail.com@vger.kernel.org"; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ny.mirrors.kernel.org (Postfix) with ESMTPS id CC7871C25E77 for <ouuuleilei@gmail.com>; Wed, 28 Feb 2024 02:43:04 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id 02AE1219F6; Wed, 28 Feb 2024 02:42:02 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="VzOej303" Received: from mail-yb1-f202.google.com (mail-yb1-f202.google.com [209.85.219.202]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 580B12032C for <linux-kernel@vger.kernel.org>; Wed, 28 Feb 2024 02:41:57 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.219.202 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1709088118; cv=none; b=sDGxqBLPjach3qPJzfejTM4uU9SnNKFuYLGv1sfbXl+lljAULS+MHbc8m7fYPyqAa0IeXiZeUTMFb8j80NPQfL+V31enkfQ9LRnUBf8aZVFurP++MkLKZo7ab3jEgy2DxSyw5srX2iNwS+nD1udhnuj4SeIp9gh9+3e2my+rxSU= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1709088118; c=relaxed/simple; bh=1Uryw7EIyGaADMbLf4vJNKsPqM+n7z9iSFQFR6i45EA=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=P39aJS30NGrThQgaUhR8Q1FiabkCoSnRSPKvhRuEMRs3nw5es0IKWbuhFdq+d8XR1r6AX1cFzmG8AxfgqsaJqtNt/xzw9LjAff2SijS4en+5WWv75OQ5vXo5VaFL7pKf1hLIV7BkU9TyXeho+9QxvkQ13DPBCTG2Qt04h5d36js= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=VzOej303; arc=none smtp.client-ip=209.85.219.202 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com Received: by mail-yb1-f202.google.com with SMTP id 3f1490d57ef6-dced704f17cso8087216276.1 for <linux-kernel@vger.kernel.org>; Tue, 27 Feb 2024 18:41:57 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1709088116; x=1709692916; darn=vger.kernel.org; h=content-transfer-encoding:cc:to:from:subject:message-id:references :mime-version:in-reply-to:date:reply-to:from:to:cc:subject:date :message-id:reply-to; bh=5/L3RUGH7+uAkBQWkVD/RBnetvTxq10PRbhVuv1Z2Es=; b=VzOej3036cWOSrvGRqAPgWv+JRFfg3UqbQbz7+hR+4Xemu0wsHujaiVIcyXVY5LpQ2 wG3YWgkutM/LxE5TSOTdY9TH2uI8+2q1sjiH413EJVakMlLz7CKbb1nT8Aw5xxdzvtXH HF5SckaMUWXFu4RteSnflqvKLchokpKsoAzVqKsqbrh52AX0ZuE6A3jwjbFgQ5Fh78wp xaUO5yO4JBPBUG3+RT+tuZpv49+Zv4U5UU18fyx2HFXJGDRfUQaUcjGX5baSFYAT6Ufv xNo9SrKH2LJgLH/5MQPJaB0t2Z7bdnvJz/OzolCk7oDEfwOuviut0uKLmf2jyXodz9+o IJuw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1709088116; x=1709692916; h=content-transfer-encoding:cc:to:from:subject:message-id:references :mime-version:in-reply-to:date:reply-to:x-gm-message-state:from:to :cc:subject:date:message-id:reply-to; bh=5/L3RUGH7+uAkBQWkVD/RBnetvTxq10PRbhVuv1Z2Es=; b=VYz95Lyx+0U8xSp/YnO6UT6uHLzI9wjAeDSIfdXccz440X+2N5dEXaC5D9DBdXRoBL wFBdM2V3pE+dnvOezlg2XyS/+UY55L/w7umtjR1fYhtePLubZbOvM7aPIa16m4CFNoNV ZKng3BsZeAd++XeA7Ch8diBNoZw4dZR8ZKWsUxhiKK0ozJbW0X0JdMS5d8teRlLV5G8b lmtjwnTTq0xQ+XHBeFQx5lJ0hcc6364dRrI+CKeOZazLPeXoqoOew5rv+7pCY90pLyZJ VPxDh1xr4xNACe3DtxVRV6vuNPwXnHKqUPRZk6qs0qhR7EzoQLfTUKUF/3AgeNXOaTBs 5S4Q== X-Forwarded-Encrypted: i=1; AJvYcCX7+kYNMfn+sGyL2bFIBlQMklUz/ie5fKfuRHmlzd9wCRItvtDI5wT9M4HV44h4gt0YQ2rSt/AFy3cy6Qmap2rjswKaKNNrhJK16+Cf X-Gm-Message-State: AOJu0YziJeKnur+zVkIzD60jJwpBOdxLbXwnEJXEI/gdaBP+o63parhD hSj1kd4WbbEE0hW4403IKDRhGnQrXBWqvkGswzl6YOZV9PQSpUJCHw61fv1voB00XOvzJHYY5Mq RHw== X-Received: from zagreus.c.googlers.com ([fda3:e722:ac3:cc00:7f:e700:c0a8:5c37]) (user=seanjc job=sendgmr) by 2002:a05:6902:1001:b0:dcd:b593:6503 with SMTP id w1-20020a056902100100b00dcdb5936503mr102444ybt.2.1709088116351; Tue, 27 Feb 2024 18:41:56 -0800 (PST) Reply-To: Sean Christopherson <seanjc@google.com> Date: Tue, 27 Feb 2024 18:41:34 -0800 In-Reply-To: <20240228024147.41573-1-seanjc@google.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: <linux-kernel.vger.kernel.org> List-Subscribe: <mailto:linux-kernel+subscribe@vger.kernel.org> List-Unsubscribe: <mailto:linux-kernel+unsubscribe@vger.kernel.org> Mime-Version: 1.0 References: <20240228024147.41573-1-seanjc@google.com> X-Mailer: git-send-email 2.44.0.278.ge034bb2e1d-goog Message-ID: <20240228024147.41573-4-seanjc@google.com> Subject: [PATCH 03/16] KVM: x86: Define more SEV+ page fault error bits/flags for #NPF From: Sean Christopherson <seanjc@google.com> To: Sean Christopherson <seanjc@google.com>, Paolo Bonzini <pbonzini@redhat.com> Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org, Yan Zhao <yan.y.zhao@intel.com>, Isaku Yamahata <isaku.yamahata@intel.com>, Michael Roth <michael.roth@amd.com>, Yu Zhang <yu.c.zhang@linux.intel.com>, Chao Peng <chao.p.peng@linux.intel.com>, Fuad Tabba <tabba@google.com>, David Matlack <dmatlack@google.com> Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1792108852678434717 X-GMAIL-MSGID: 1792108852678434717 |
Series |
KVM: x86/mmu: Page fault and MMIO cleanups
|
|
Commit Message
Sean Christopherson
Feb. 28, 2024, 2:41 a.m. UTC
Define more #NPF error code flags that are relevant to SEV+ (mostly SNP)
guests, as specified by the APM:
* Bit 34 (ENC): Set to 1 if the guest’s effective C-bit was 1, 0 otherwise.
* Bit 35 (SIZEM): Set to 1 if the fault was caused by a size mismatch between
PVALIDATE or RMPADJUST and the RMP, 0 otherwise.
* Bit 36 (VMPL): Set to 1 if the fault was caused by a VMPL permission
check failure, 0 otherwise.
* Bit 37 (SSS): Set to VMPL permission mask SSS (bit 4) value if VmplSSS is
enabled.
Note, the APM is *extremely* misleading, and strongly implies that the
above flags can _only_ be set for #NPF exits from SNP guests. That is a
lie, as bit 34 (C-bit=1, i.e. was encrypted) can be set when running _any_
flavor of SEV guest on SNP capable hardware.
Signed-off-by: Sean Christopherson <seanjc@google.com>
---
arch/x86/include/asm/kvm_host.h | 4 ++++
1 file changed, 4 insertions(+)
Comments
On 2/27/24 18:41, Sean Christopherson wrote: > Define more #NPF error code flags that are relevant to SEV+ (mostly SNP) > guests, as specified by the APM: > > * Bit 34 (ENC): Set to 1 if the guest’s effective C-bit was 1, 0 otherwise. > * Bit 35 (SIZEM): Set to 1 if the fault was caused by a size mismatch between > PVALIDATE or RMPADJUST and the RMP, 0 otherwise. > * Bit 36 (VMPL): Set to 1 if the fault was caused by a VMPL permission > check failure, 0 otherwise. > * Bit 37 (SSS): Set to VMPL permission mask SSS (bit 4) value if VmplSSS is > enabled. The above bits 34-37 do not match with the bits 31,34-36 in the patch. Dongli Zhang > > Note, the APM is *extremely* misleading, and strongly implies that the > above flags can _only_ be set for #NPF exits from SNP guests. That is a > lie, as bit 34 (C-bit=1, i.e. was encrypted) can be set when running _any_ > flavor of SEV guest on SNP capable hardware. > > Signed-off-by: Sean Christopherson <seanjc@google.com> > --- > arch/x86/include/asm/kvm_host.h | 4 ++++ > 1 file changed, 4 insertions(+) > > diff --git a/arch/x86/include/asm/kvm_host.h b/arch/x86/include/asm/kvm_host.h > index 88cc523bafa8..1e69743ef0fb 100644 > --- a/arch/x86/include/asm/kvm_host.h > +++ b/arch/x86/include/asm/kvm_host.h > @@ -261,8 +261,12 @@ enum x86_intercept_stage; > #define PFERR_FETCH_MASK BIT(4) > #define PFERR_PK_MASK BIT(5) > #define PFERR_SGX_MASK BIT(15) > +#define PFERR_GUEST_RMP_MASK BIT_ULL(31) > #define PFERR_GUEST_FINAL_MASK BIT_ULL(32) > #define PFERR_GUEST_PAGE_MASK BIT_ULL(33) > +#define PFERR_GUEST_ENC_MASK BIT_ULL(34) > +#define PFERR_GUEST_SIZEM_MASK BIT_ULL(35) > +#define PFERR_GUEST_VMPL_MASK BIT_ULL(36) > #define PFERR_IMPLICIT_ACCESS BIT_ULL(48) > > #define PFERR_NESTED_GUEST_PAGE (PFERR_GUEST_PAGE_MASK | \
On Tue, Feb 27, 2024, Dongli Zhang wrote: > > > On 2/27/24 18:41, Sean Christopherson wrote: > > Define more #NPF error code flags that are relevant to SEV+ (mostly SNP) > > guests, as specified by the APM: > > > > * Bit 34 (ENC): Set to 1 if the guest’s effective C-bit was 1, 0 otherwise. > > * Bit 35 (SIZEM): Set to 1 if the fault was caused by a size mismatch between > > PVALIDATE or RMPADJUST and the RMP, 0 otherwise. > > * Bit 36 (VMPL): Set to 1 if the fault was caused by a VMPL permission > > check failure, 0 otherwise. > > * Bit 37 (SSS): Set to VMPL permission mask SSS (bit 4) value if VmplSSS is > > enabled. > > The above bits 34-37 do not match with the bits 31,34-36 in the patch. Doh, good catch. I copy+pasted this from the APM, but the RMP bit is defined slightly earlier in the APM, and I missed SSS. I'll fixup the changelog to talk about RMO, and I think I'll add SSS in v2; at the very least, having the #define will make it clear which bits are used. Thanks!
diff --git a/arch/x86/include/asm/kvm_host.h b/arch/x86/include/asm/kvm_host.h index 88cc523bafa8..1e69743ef0fb 100644 --- a/arch/x86/include/asm/kvm_host.h +++ b/arch/x86/include/asm/kvm_host.h @@ -261,8 +261,12 @@ enum x86_intercept_stage; #define PFERR_FETCH_MASK BIT(4) #define PFERR_PK_MASK BIT(5) #define PFERR_SGX_MASK BIT(15) +#define PFERR_GUEST_RMP_MASK BIT_ULL(31) #define PFERR_GUEST_FINAL_MASK BIT_ULL(32) #define PFERR_GUEST_PAGE_MASK BIT_ULL(33) +#define PFERR_GUEST_ENC_MASK BIT_ULL(34) +#define PFERR_GUEST_SIZEM_MASK BIT_ULL(35) +#define PFERR_GUEST_VMPL_MASK BIT_ULL(36) #define PFERR_IMPLICIT_ACCESS BIT_ULL(48) #define PFERR_NESTED_GUEST_PAGE (PFERR_GUEST_PAGE_MASK | \