Message ID | 20230804152254.686317-1-ltykernel@gmail.com |
---|---|
Headers |
Return-Path: <linux-kernel-owner@vger.kernel.org> Delivered-To: ouuuleilei@gmail.com Received: by 2002:a05:612c:44a:b0:3f2:4152:657d with SMTP id ez10csp371388vqb; Fri, 4 Aug 2023 09:16:36 -0700 (PDT) X-Google-Smtp-Source: AGHT+IHCNkNREL1ZF5iBMef1abAZ6EaPI4Zg/CVpFMN5DLyX7eGqLRByQRqmrhnocOvaSGmYuHMA X-Received: by 2002:aa7:ccc2:0:b0:51e:166d:8e95 with SMTP id y2-20020aa7ccc2000000b0051e166d8e95mr1777398edt.4.1691165795933; Fri, 04 Aug 2023 09:16:35 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1691165795; cv=none; d=google.com; s=arc-20160816; b=focXfHqn3B8oCIEOgh9uNzj7mp7drA+jxv/k/mDdcQq78kJwaz9M5c9Yx0E8QIYEwJ bWpQKLA5hoDM8KtnfzJ9vHZikTK+0u6aU97Crej/QIpspxCJkYUtVBB2opm7ByRwfbW2 LcuSd9zvWaIT6LGFHKKUCYoUISYX99Z6ru0kGqi9w5QLq3nZ0/RpYBwIDZVJS6zu0RvB YUJ286GEx3LD3VvInGyrRXVga9zA8P6qjTn6pVYRiKb9a6h+9hSoMWw0CNLlmtyNX32a 17yUrCiIEtf5AB1oLHgHklWqRWpEf0GNGxCyGzPUKco8+qTeDRZlHubzr8IJZ0S/JoT/ 4TuQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :message-id:date:subject:cc:to:from:dkim-signature; bh=ZKT51FiIG/jADTR6ZwhJgUzQz0lXZlfjB4qfN7TtFMA=; fh=0q4Ral/ZvWHifErBr5uVVFNUVQsTG1/TVmQRaCWii40=; b=Q1rE4+L4HIu+Oe3PDZEU83hZzDZNwGzBtSFxHIBKoAigHSFEtvCM+ZdMXqKP7gf9rk gEUFayrdSx5nB47rXdtxmrlezmsscTh4V36hx4B+0Ig22v4+GAxo/HFoZ3IfX6m7bRVV tf9rfBtoT+bVmzWgFn8A2BftYjZ3rCECMD/BkBNd6Azb7DtWxqguACMxtdRioJ8ux8Pg GrfRQJclbNtq/SifRdSGJxcJHUNA10dmDyyQc2qvwUl9FMxGCMoobeXP3/ucFPiLLgie R0cdObx71b+U8rOVMLPHRodKEVFBNbZthdgm3npW5RaslRCxAG9TKTR+Kgg2cx/bvGGb P1eA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@gmail.com header.s=20221208 header.b=LgVupe8B; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id k3-20020a056402048300b0051e7235b2e8si1665211edv.542.2023.08.04.09.16.11; Fri, 04 Aug 2023 09:16:35 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@gmail.com header.s=20221208 header.b=LgVupe8B; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231987AbjHDPXB (ORCPT <rfc822;sukrut.bellary@gmail.com> + 99 others); Fri, 4 Aug 2023 11:23:01 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:56928 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231998AbjHDPXA (ORCPT <rfc822;linux-kernel@vger.kernel.org>); Fri, 4 Aug 2023 11:23:00 -0400 Received: from mail-pl1-x631.google.com (mail-pl1-x631.google.com [IPv6:2607:f8b0:4864:20::631]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 1965149EB; Fri, 4 Aug 2023 08:22:57 -0700 (PDT) Received: by mail-pl1-x631.google.com with SMTP id d9443c01a7336-1bb8a89b975so15263815ad.1; Fri, 04 Aug 2023 08:22:57 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20221208; t=1691162576; x=1691767376; h=content-transfer-encoding:mime-version:message-id:date:subject:cc :to:from:from:to:cc:subject:date:message-id:reply-to; bh=ZKT51FiIG/jADTR6ZwhJgUzQz0lXZlfjB4qfN7TtFMA=; b=LgVupe8BUCkSq2TYgdUfTD8KvZ+1km7i2BgmfH3fot3UqjKMQlElJ/rORqbZLm8AlJ ZQAW5g1LwA8SehbjIqMt07GJEPEuUc02i0Oel54nDzgzp7lnzp9jahMsUsQtDIIpMLvJ La2yIQO68g8I4T3oYK/zjj8SwCfAZCwxMOZkyvJv9zBkhUMMoZKF6Kv30eoHgwzsJlic fa39LJYKJNLKxcmc+0ljEUv8kOqPqSHZ1inB8PcLg0iKnCx7PuQ+0QG4w+WXmrMRJjIm mKvgBdon8MsEyUV8VI/y4SCvdT9QCBVSZYcxNoJWUjzdbQTiWbHA6McivnQkCfkOA4Ai gzDw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1691162576; x=1691767376; h=content-transfer-encoding:mime-version:message-id:date:subject:cc :to:from:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=ZKT51FiIG/jADTR6ZwhJgUzQz0lXZlfjB4qfN7TtFMA=; b=Cf0boX5gyUJUlDh6too2NVrPh0BuN/mxD6Z5RZBPfmF+jer0Kyg4kBNFZHJDkK7t3j SVzXBEClLuPgK6Car9Z+eu8BS2hW4jaZ5JbozV9UPoDkOjlYmzKe+ApUluRgjnalqjuA MTFvl8jHJd/p9hNAH5UlsGNcVWrYapZCEEluVC5bcVu9SwxplmYGRg+MmrmSrlexS15K sp6tTniuGcWgaVAUd5sCqqR8F/HRTyDLnkS2ZJ58H1CQIoZ0r8/aUEgbZd4Gqb0vy1cK FuxbeqAL1uwhF0HAGYLwcOLebbYiq6QmPF7uF21DOSaj/cu5lpvt7JCQ2pRDhU7Fphod kjRQ== X-Gm-Message-State: AOJu0YymnpFFGJMGhYL2QDoweKXYgq6A5pRxtx4o/7XP4fZOW9Ig962h 7kQaJ6hc6+nTItSfyruFlCY= X-Received: by 2002:a17:902:c1c9:b0:1bc:32f2:812a with SMTP id c9-20020a170902c1c900b001bc32f2812amr1833697plc.27.1691162576353; Fri, 04 Aug 2023 08:22:56 -0700 (PDT) Received: from ubuntu-Virtual-Machine.corp.microsoft.com ([2001:4898:80e8:f:a0bf:7946:90be:721b]) by smtp.gmail.com with ESMTPSA id s21-20020a170902989500b001aaf2e8b1eesm1891325plp.248.2023.08.04.08.22.55 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 04 Aug 2023 08:22:55 -0700 (PDT) From: Tianyu Lan <ltykernel@gmail.com> To: kys@microsoft.com, haiyangz@microsoft.com, wei.liu@kernel.org, decui@microsoft.com, tglx@linutronix.de, mingo@redhat.com, bp@alien8.de, dave.hansen@linux.intel.com, x86@kernel.org, hpa@zytor.com, daniel.lezcano@linaro.org, arnd@arndb.de, michael.h.kelley@microsoft.com Cc: Tianyu Lan <tiala@microsoft.com>, linux-arch@vger.kernel.org, linux-hyperv@vger.kernel.org, linux-kernel@vger.kernel.org, vkuznets@redhat.com Subject: [PATCH V4 0/9] x86/hyperv: Add AMD sev-snp enlightened guest support on hyperv Date: Fri, 4 Aug 2023 11:22:44 -0400 Message-Id: <20230804152254.686317-1-ltykernel@gmail.com> X-Mailer: git-send-email 2.25.1 MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,FREEMAIL_FROM, RCVD_IN_DNSWL_BLOCKED,SPF_HELO_NONE,SPF_PASS,URIBL_BLOCKED autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: <linux-kernel.vger.kernel.org> X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1773315865595264669 X-GMAIL-MSGID: 1773315865595264669 |
Series |
x86/hyperv: Add AMD sev-snp enlightened guest support on hyperv
|
|
Message
Tianyu Lan
Aug. 4, 2023, 3:22 p.m. UTC
From: Tianyu Lan <tiala@microsoft.com>
Hyper-V provides two modes for running SEV-SNP VMs:
1) In vTOM mode with a paravisor (see Section 15.36.8 of [1])
2) In "fully enlightened" mode with normal "C" bit control
over page encryption, and no paravisor
For #1, the paravisor runs in VMPL 0, while Linux runs in VMPL 2
(see Section 15.36.7 of [1]). The paravisor is typically provided
by Hyper-V and handles most of the SNP-related functionality. As
such, most of the SNP functionality in the Linux guest is bypassed.
The guest operates in vTOM mode, where encryption is enabled by default.
The guest must still request page transitions between private and shared,
but there is relatively less SNP machinery required in the guest. Support
for this mode of operation first went upstream in the 5.15 kernel.
For #2, this patch set provides the initial support. The existing
SEV-SNP machinery in the kernel is fully used, but Hyper-V specific
updates are required to properly share Hyper-V communication pages
between the guest and host and to start APs at boot time.
In either mode, Hyper-V requires that the guest implement the SEV-SNP
Restricted Interrupt Injection feature (see Section 15.36.16 of [1],
and Section 5 of [2]). Without this feature, the guest is subject to
attack by a compromised hypervisor that can inject any exception at
any time, such as injecting an interrupt while the guest has interrupts
disabled. In vTOM mode, Restricted Interrupt Injection is implemented
by the paravisor, so no Linux guest changes are required. But in fully
enlightened mode, the Linux guest must provide the implementation.
This patch set is derived from an earlier patch set that includes both
the Hyper-V specific changes and Restricted Interrupt Injection support.[3]
But it is now limited to only the Hyper-V specific changes. The Restricted
Interrupt Injection support will come later in a separate patch set.
[1] https://www.amd.com/system/files/TechDocs/24593.pdf
[2] https://www.amd.com/system/files/TechDocs/56421-guest-hypervisor-communication-block-standardization.pdf
[3] https://lore.kernel.org/lkml/20230515165917.1306922-1-ltykernel@gmail.com/
Change since v3:
* Fix fossil comment
Change since v2:
* Update Change log.
* Rework Hyper-V hypercall implementation.
Change since v1:
* vTOM case uses paravisor_present flag and
HV_ISOLATION_TYPE_SNP type.
* Rework some patches' change log
* Fix some comments in the patches
Tianyu Lan (9):
x86/hyperv: Add sev-snp enlightened guest static key
x86/hyperv: Set Virtual Trust Level in VMBus init message
x86/hyperv: Mark Hyper-V vp assist page unencrypted in SEV-SNP
enlightened guest
drivers: hv: Mark percpu hvcall input arg page unencrypted in SEV-SNP
enlightened guest
x86/hyperv: Use vmmcall to implement Hyper-V hypercall in sev-snp
enlightened guest
clocksource: hyper-v: Mark hyperv tsc page unencrypted in sev-snp
enlightened guest
x86/hyperv: Add smp support for SEV-SNP guest
x86/hyperv: Add hyperv-specific handling for VMMCALL under SEV-ES
x86/hyperv: Initialize cpu and memory for SEV-SNP enlightened guest
arch/x86/hyperv/hv_init.c | 52 +++++++-
arch/x86/hyperv/ivm.c | 199 +++++++++++++++++++++++++++++
arch/x86/include/asm/hyperv-tlfs.h | 7 +
arch/x86/include/asm/mshyperv.h | 56 ++++++--
arch/x86/kernel/cpu/mshyperv.c | 42 +++++-
drivers/clocksource/hyperv_timer.c | 2 +-
drivers/hv/connection.c | 1 +
drivers/hv/hv.c | 57 ++++++++-
drivers/hv/hv_common.c | 19 +++
include/asm-generic/hyperv-tlfs.h | 1 +
include/asm-generic/mshyperv.h | 13 +-
include/linux/hyperv.h | 4 +-
12 files changed, 426 insertions(+), 27 deletions(-)
Comments
On Fri, Aug 04, 2023 at 11:22:44AM -0400, Tianyu Lan wrote: > From: Tianyu Lan <tiala@microsoft.com> [...] > Tianyu Lan (9): > x86/hyperv: Add sev-snp enlightened guest static key > x86/hyperv: Set Virtual Trust Level in VMBus init message > x86/hyperv: Mark Hyper-V vp assist page unencrypted in SEV-SNP > enlightened guest > drivers: hv: Mark percpu hvcall input arg page unencrypted in SEV-SNP > enlightened guest > x86/hyperv: Use vmmcall to implement Hyper-V hypercall in sev-snp > enlightened guest > clocksource: hyper-v: Mark hyperv tsc page unencrypted in sev-snp > enlightened guest > x86/hyperv: Add smp support for SEV-SNP guest > x86/hyperv: Add hyperv-specific handling for VMMCALL under SEV-ES I applied all but the last patch to hyperv-next. Thanks. > x86/hyperv: Initialize cpu and memory for SEV-SNP enlightened guest
> From: Wei Liu <wei.liu@kernel.org> > Sent: Friday, August 4, 2023 4:35 PM > To: Tianyu Lan <ltykernel@gmail.com> > [...] > On Fri, Aug 04, 2023 at 11:22:44AM -0400, Tianyu Lan wrote: > > From: Tianyu Lan <tiala@microsoft.com> > [...] > > Tianyu Lan (9): [...] > > x86/hyperv: Use vmmcall to implement Hyper-V hypercall in sev-snp ... Unluckily this commit causes a crash on Intel CPUs (see the below call-trace). I made a fix here: https://github.com/dcui/linux/commit/c4db45f6256248435b2a303b264ecbb41320c41d I guess Wei can squash the fix into Tianyu's commit in the hyperv-next branch? [ 0.861465] invalid opcode: 0000 [#1] PREEMPT SMP [ 0.865489] CPU: 0 PID: 0 Comm: swapper/0 Not tainted 6.5.0-rc4-decui-hcl+ #1 [ 0.869194] Hardware name: Microsoft Corporation Virtual Machine/Virtual Machine, BIOS Hyper-V UEFI Release v4.1 04/20/2023 [ 0.875049] RIP: 0010:hv_query_ext_cap+0x7a/0x130 [ 0.879626] Code: 83 72 57 48 c7 c6 00 00 00 80 48 2b 35 0f f2 9d 00 48 01 f0 48 8b 35 5d 3e 3d 01 48 85 f6 74 2a b9 01 80 00 00 31 d2 49 89 c0 <0f> 01 d9 c6 05 d4 f2 20 02 01 66 85 c0 74 aa 48 89 c6 48 c7 c7 20 [ 0.897457] RSP: 0000:ffffffff82803e50 EFLAGS: 00010246 [ 0.900194] RAX: 00000000074f72e0 RBX: 0000000000000000 RCX: 0000000000008001 [ 0.903955] RDX: 0000000000000000 RSI: ffffc90000017000 RDI: 0000000000000000 [ 0.908445] RBP: ffffffff82803e60 R08: 00000000074f72e0 R09: 0000000000000001 [ 0.916354] R10: 0720072007200720 R11: 0720072007200720 R12: 0000000000000000 [ 0.924285] R13: 0000000000000000 R14: 0000000000000000 R15: ffffffff8280edb8 [ 0.929481] FS: 0000000000000000(0000) GS:ffff8880f6800000(0000) knlGS:0000000000000000 [ 0.933589] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 0.936526] CR2: ffff888507fff000 CR3: 0000000006036001 CR4: 00000000000200f0 [ 0.942279] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 0.950573] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 0.958417] Call Trace: [ 0.959827] <TASK> [ 0.961044] ? show_regs+0x64/0x70 [ 0.962872] ? __die_body+0x20/0x70 [ 0.964741] ? die+0x3e/0x60 [ 0.966273] ? do_trap+0xd7/0x100 [ 0.967922] ? do_error_trap+0x71/0x90 [ 0.970027] ? hv_query_ext_cap+0x7a/0x130 [ 0.974573] ? exc_invalid_op+0x53/0x70 [ 0.978961] ? hv_query_ext_cap+0x7a/0x130 [ 0.983977] ? asm_exc_invalid_op+0x1b/0x20 [ 0.988932] ? hv_query_ext_cap+0x7a/0x130 [ 0.991413] hyperv_init+0x2fe/0x5f0 [ 0.993373] apic_intr_mode_init+0x3e/0x100 [ 0.995655] x86_late_time_init+0x1b/0x30 [ 0.997832] start_kernel+0x617/0xa70 [ 0.999546] x86_64_start_reservations+0x18/0x30 [ 1.003761] x86_64_start_kernel+0xc0/0x110 [ 1.008815] secondary_startup_64_no_verify+0x17e/0x18b [ Ubuntu [ *Advanced options for Ubuntu [ 1.021465] ---[ end trace 0000000000000000 ]--- [ 1.024093] RIP: 0010:hv_query_ext_cap+0x7a/0x130 [ 1.026769] Code: 83 72 57 48 c7 c6 00 00 00 80 48 2b 35 0f f2 9d 00 48 01 f0 48 8b 35 5d 3e 3d 01 48 85 f6 74 2a b9 01 80 00 00 31 d2 49 89 c0 <0f> 01 d9 c6 05 d4 f2 20 02 01 66 85 c0 74 aa 48 89 c6 48 c7 c7 20 [ 1.042358] RSP: 0000:ffffffff82803e50 EFLAGS: 00010246 [ 1.049317] RAX: 00000000074f72e0 RBX: 0000000000000000 RCX: 0000000000008001 [ 1.054740] RDX: 0000000000000000 RSI: ffffc90000017000 RDI: 0000000000000000 [ 1.059058] RBP: ffffffff82803e60 R08: 00000000074f72e0 R09: 0000000000000001 [ 1.062406] R10: 0720072007200720 R11: 0720072007200720 R12: 0000000000000000 [ 1.070915] R13: 0000000000000000 R14: 0000000000000000 R15: ffffffff8280edb8 [ 1.080300] FS: 0000000000000000(0000) GS:ffff8880f6800000(0000) knlGS:0000000000000000 [ 1.086956] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 1.090242] CR2: ffff888507fff000 CR3: 0000000006036001 CR4: 00000000000200f0 [ 1.093949] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 1.101352] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
> From: Dexuan Cui > Sent: Saturday, August 5, 2023 4:37 PM > [...] > > From: Wei Liu <wei.liu@kernel.org> > > Sent: Friday, August 4, 2023 4:35 PM > > To: Tianyu Lan <ltykernel@gmail.com> > > [...] > > On Fri, Aug 04, 2023 at 11:22:44AM -0400, Tianyu Lan wrote: > > > From: Tianyu Lan <tiala@microsoft.com> > > [...] > > > Tianyu Lan (9): > [...] > > > x86/hyperv: Use vmmcall to implement Hyper-V hypercall in sev-snp ... > > Unluckily this commit causes a crash on Intel CPUs (see the below call-trace). > > I made a fix here: > https://github.com/dcui/linux/commit/c4db45f6256248435b2a303b264ecbb > 41320c41d > I guess Wei can squash the fix into Tianyu's commit in the hyperv-next > branch? I also made a patch to fix the ARM64 build: https://github.com/dcui/linux/commit/a559709c612de2a212e288ef1a8b0abfabb168e5
On Fri, Aug 04, 2023 at 11:34:36PM +0000, Wei Liu wrote: > On Fri, Aug 04, 2023 at 11:22:44AM -0400, Tianyu Lan wrote: > > From: Tianyu Lan <tiala@microsoft.com> > [...] > > Tianyu Lan (9): > > x86/hyperv: Add sev-snp enlightened guest static key > > x86/hyperv: Set Virtual Trust Level in VMBus init message > > x86/hyperv: Mark Hyper-V vp assist page unencrypted in SEV-SNP > > enlightened guest > > drivers: hv: Mark percpu hvcall input arg page unencrypted in SEV-SNP > > enlightened guest > > x86/hyperv: Use vmmcall to implement Hyper-V hypercall in sev-snp > > enlightened guest > > clocksource: hyper-v: Mark hyperv tsc page unencrypted in sev-snp > > enlightened guest > > x86/hyperv: Add smp support for SEV-SNP guest > > x86/hyperv: Add hyperv-specific handling for VMMCALL under SEV-ES > > I applied all but the last patch to hyperv-next. Thanks. This is causing build issues in linux-next. I've reverted this series from hyperv-next. > > > x86/hyperv: Initialize cpu and memory for SEV-SNP enlightened guest >