From patchwork Tue Feb 21 11:34:20 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Borislav Petkov X-Patchwork-Id: 59874 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:adf:eb09:0:0:0:0:0 with SMTP id s9csp1812020wrn; Tue, 21 Feb 2023 03:35:30 -0800 (PST) X-Google-Smtp-Source: AK7set9Bb8sKPXBCQNiTzBR79U6ypetIThQ5Hbf/IRn/3w3T0n+4A8Sie5j/2QICUlmL3mn1nNlY X-Received: by 2002:a05:6a20:3d8a:b0:c7:6cb7:cfbd with SMTP id s10-20020a056a203d8a00b000c76cb7cfbdmr4068066pzi.12.1676979330290; Tue, 21 Feb 2023 03:35:30 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1676979330; cv=none; d=google.com; s=arc-20160816; b=YsCp8dUT94tcaSTxOizAfZrAfPuqkUmPKZWShAFU2UjPK16g7shme8gD+fUYMe/mk5 rA1AzDjIACQNTkvWElFu+s6RbXelUomKJgxV5e3/iyUI3Dio+EQSWavOnDPYaw3bv6Cm 0enuInOf+fOjgk4SrxgGsOfaDboOO2MPVtw3MHJUwKNxiqgvd2RRIW1ESheHEpwoK+lV uiMGQUNANoGK3NKV6kgkg89hy1YWNi8rY8AIZzXx+bBnlyXcIROueAo/3zsIILiGILBl FgY5j5aRNjRO4tO3VGnRfdBkCTbvdfsbu94dJT7lOkzq07X2XoxTH81iUhEoAlZZ42e0 7Phg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=ksRalnveoGheILhfPrdSCwL5dhzTJiCmiR2fo+V5RHY=; b=DEeXh18TrwG5YK9CVSZYxyMfC6SfovAlflTHDEe1XyY40ygrv1oC/eO5bxv9qj24eA pl41bzeFf2xIC2RNcMJ1QApUZ4q4f4F7Rt+k8IoQYNq31hwF649H57eLNmlsKYWO1Foi +SuLLBwv3Vvu7Cr8LRIuJenDDOvtH6UlwjoTjhD4D6aDR7im+9F6pjTjIKyQ3yI5pifu Dhw6sGcNySBtBa2Isp2pReA/iwKHkrx5+Bcjtjh3VrJLG4l2TEa6hTJOBZmsTn0Pje/+ xwP+g75BeKsax5zJOh7Ly3Pf+rLF9srdtzclhEk3k3kZUm2LJ3fgXmKy060rOPNKv99j ndEQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@alien8.de header.s=dkim header.b=E1ZqyQ7C; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=alien8.de Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id b4-20020a63d804000000b004fb1ed5239csi16758943pgh.364.2023.02.21.03.35.17; Tue, 21 Feb 2023 03:35:30 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@alien8.de header.s=dkim header.b=E1ZqyQ7C; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=alien8.de Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S234079AbjBULes (ORCPT + 99 others); Tue, 21 Feb 2023 06:34:48 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:58010 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S233706AbjBULek (ORCPT ); Tue, 21 Feb 2023 06:34:40 -0500 Received: from mail.skyhub.de (mail.skyhub.de [IPv6:2a01:4f8:190:11c2::b:1457]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id D994B234DB for ; Tue, 21 Feb 2023 03:34:38 -0800 (PST) Received: from zn.tnic (p5de8e9fe.dip0.t-ipconnect.de [93.232.233.254]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.skyhub.de (SuperMail on ZX Spectrum 128k) with ESMTPSA id 33AC71EC064E; Tue, 21 Feb 2023 12:34:37 +0100 (CET) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=alien8.de; s=dkim; t=1676979277; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=ksRalnveoGheILhfPrdSCwL5dhzTJiCmiR2fo+V5RHY=; b=E1ZqyQ7CvzM2ZM9uGSEnSE2bhwBpOF0WxTjYdYzoBZwvQswxl15MXwB8jTAPLKGM7YCLuH kfkXc+VhCOVOy6vK5YMAy7lXUi6YsF3PTIY3mD5wxp1RYM9044VpbLXBGH2hZuxLdM5ciy xWoA405WdEpn6QB/PdUd8bzyJOaOjoY= From: Borislav Petkov To: LKML Cc: Dionna Glaze , Joerg Roedel , Michael Roth , Nikunj A Dadhania , Peter Gonda , Tom Lendacky , linux-coco@lists.linux.dev, x86@kernel.org Subject: [PATCH -v2 03/11] virt/coco/sev-guest: Simplify extended guest request handling Date: Tue, 21 Feb 2023 12:34:20 +0100 Message-Id: <20230221113428.19324-4-bp@alien8.de> X-Mailer: git-send-email 2.35.1 In-Reply-To: <20230221113428.19324-1-bp@alien8.de> References: <20230221113428.19324-1-bp@alien8.de> MIME-Version: 1.0 X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,SPF_HELO_NONE,SPF_PASS autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1758440278194615301?= X-GMAIL-MSGID: =?utf-8?q?1758440278194615301?= From: "Borislav Petkov (AMD)" Return a specific error code - -ENOSPC - to signal the too small cert data buffer instead of checking exit code and exitinfo2. While at it, hoist the *fw_err assignment in snp_issue_guest_request() so that a proper error value is returned to the callers. Signed-off-by: Borislav Petkov (AMD) --- arch/x86/kernel/sev.c | 11 +++--- drivers/virt/coco/sev-guest/sev-guest.c | 46 ++++++++++++++----------- 2 files changed, 31 insertions(+), 26 deletions(-) diff --git a/arch/x86/kernel/sev.c b/arch/x86/kernel/sev.c index c644c34372e8..6a3e1425ba17 100644 --- a/arch/x86/kernel/sev.c +++ b/arch/x86/kernel/sev.c @@ -2209,15 +2209,16 @@ int snp_issue_guest_request(u64 exit_code, struct snp_req_data *input, unsigned if (ret) goto e_put; + *fw_err = ghcb->save.sw_exit_info_2; if (ghcb->save.sw_exit_info_2) { /* Number of expected pages are returned in RBX */ if (exit_code == SVM_VMGEXIT_EXT_GUEST_REQUEST && - ghcb->save.sw_exit_info_2 == SNP_GUEST_REQ_INVALID_LEN) + ghcb->save.sw_exit_info_2 == SNP_GUEST_REQ_INVALID_LEN) { input->data_npages = ghcb_get_rbx(ghcb); - - *fw_err = ghcb->save.sw_exit_info_2; - - ret = -EIO; + ret = -ENOSPC; + } else { + ret = -EIO; + } } e_put: diff --git a/drivers/virt/coco/sev-guest/sev-guest.c b/drivers/virt/coco/sev-guest/sev-guest.c index edaf6031c6d9..5b4cddf44a3a 100644 --- a/drivers/virt/coco/sev-guest/sev-guest.c +++ b/drivers/virt/coco/sev-guest/sev-guest.c @@ -322,7 +322,8 @@ static int handle_guest_request(struct snp_guest_dev *snp_dev, u64 exit_code, in u8 type, void *req_buf, size_t req_sz, void *resp_buf, u32 resp_sz, __u64 *fw_err) { - unsigned long err; + unsigned long err, override_err = 0; + unsigned int override_npages = 0; u64 seqno; int rc; @@ -338,6 +339,7 @@ static int handle_guest_request(struct snp_guest_dev *snp_dev, u64 exit_code, in if (rc) return rc; +retry_request: /* * Call firmware to process the request. In this function the encrypted * message enters shared memory with the host. So after this call the @@ -346,17 +348,24 @@ static int handle_guest_request(struct snp_guest_dev *snp_dev, u64 exit_code, in */ rc = snp_issue_guest_request(exit_code, &snp_dev->input, &err); - /* - * If the extended guest request fails due to having too small of a - * certificate data buffer, retry the same guest request without the - * extended data request in order to increment the sequence number - * and thus avoid IV reuse. - */ - if (exit_code == SVM_VMGEXIT_EXT_GUEST_REQUEST && - err == SNP_GUEST_REQ_INVALID_LEN) { - const unsigned int certs_npages = snp_dev->input.data_npages; + switch (rc) { + case -ENOSPC: + /* + * If the extended guest request fails due to having too + * small of a certificate data buffer, retry the same + * guest request without the extended data request in + * order to increment the sequence number and thus avoid + * IV reuse. + */ + override_npages = snp_dev->input.data_npages; + exit_code = SVM_VMGEXIT_GUEST_REQUEST; - exit_code = SVM_VMGEXIT_GUEST_REQUEST; + /* + * Override the error to inform callers the given extended + * request buffer size was too small and give the caller the + * required buffer size. + */ + override_err = SNP_GUEST_REQ_INVALID_LEN; /* * If this call to the firmware succeeds, the sequence number can @@ -366,19 +375,14 @@ static int handle_guest_request(struct snp_guest_dev *snp_dev, u64 exit_code, in * of the VMPCK and the error code being propagated back to the * user as an ioctl() return code. */ - rc = snp_issue_guest_request(exit_code, &snp_dev->input, &err); - - /* - * Override the error to inform callers the given extended - * request buffer size was too small and give the caller the - * required buffer size. - */ - err = SNP_GUEST_REQ_INVALID_LEN; - snp_dev->input.data_npages = certs_npages; + goto retry_request; } if (fw_err) - *fw_err = err; + *fw_err = override_err ?: err; + + if (override_npages) + snp_dev->input.data_npages = override_npages; if (rc) { dev_alert(snp_dev->dev,